From 6a868a671472d454b407a165fc31c5f7dfe783c6 Mon Sep 17 00:00:00 2001 From: Otavio Salvador Date: Thu, 23 Jul 2015 16:02:25 -0300 Subject: Move meta-fsl-ppc content to layer root This commit is just a rename of all contents of meta-fsl-ppc subdirectory to this layer's root, merging the contents of common files, subsequent changes are based on top of that. Signed-off-by: Otavio Salvador --- classes/qoriq_build_64bit_kernel.bbclass | 18 + conf/layer.conf | 3 + conf/machine/b4420qds-64b.conf | 15 + conf/machine/b4420qds.conf | 15 + conf/machine/b4860qds-64b.conf | 17 + conf/machine/b4860qds.conf | 17 + conf/machine/bsc9131rdb.conf | 15 + conf/machine/bsc9132qds.conf | 23 + conf/machine/c293pcie.conf | 16 + conf/machine/include/e500mc.inc | 6 + conf/machine/include/e500v2.inc | 4 + conf/machine/include/e5500-64b.inc | 12 + conf/machine/include/e5500.inc | 6 + conf/machine/include/e6500-64b.inc | 12 + conf/machine/include/e6500.inc | 13 + conf/machine/include/qoriq-base.inc | 26 + conf/machine/p1010rdb.conf | 22 + conf/machine/p1020rdb.conf | 16 + conf/machine/p1021rdb.conf | 17 + conf/machine/p1022ds.conf | 26 + conf/machine/p1023rdb.conf | 15 + conf/machine/p1025twr.conf | 17 + conf/machine/p2020rdb.conf | 16 + conf/machine/p2041rdb.conf | 19 + conf/machine/p3041ds.conf | 19 + conf/machine/p4080ds.conf | 17 + conf/machine/p5020ds-64b.conf | 19 + conf/machine/p5020ds.conf | 19 + conf/machine/p5040ds-64b.conf | 19 + conf/machine/p5040ds.conf | 19 + conf/machine/t1023rdb-64b.conf | 15 + conf/machine/t1023rdb.conf | 15 + conf/machine/t1024rdb-64b.conf | 16 + conf/machine/t1024rdb.conf | 16 + conf/machine/t1040d4rdb-64b.conf | 18 + conf/machine/t1040d4rdb.conf | 18 + conf/machine/t1042d4rdb-64b.conf | 18 + conf/machine/t1042d4rdb.conf | 18 + conf/machine/t2080qds-64b.conf | 19 + conf/machine/t2080qds.conf | 19 + conf/machine/t2080rdb-64b.conf | 19 + conf/machine/t2080rdb.conf | 19 + conf/machine/t4160qds-64b.conf | 15 + conf/machine/t4160qds.conf | 15 + conf/machine/t4240qds-64b.conf | 17 + conf/machine/t4240qds.conf | 17 + conf/machine/t4240rdb-64b.conf | 17 + conf/machine/t4240rdb.conf | 17 + custom-licenses/Cortina | 51 + custom-licenses/Freescale-EULA | 214 + custom-licenses/TestFloat | 24 + .../luajit/luajit/ppc-fixplt.patch | 105 + .../recipes-devtools/luajit/luajit_%.bbappend | 4 + .../libvirt/libvirt/qoriq-ppc/qemu.conf | 465 ++ .../recipes-extended/libvirt/libvirt_%.bbappend | 9 + meta-fsl-ppc/README | 49 - .../classes/qoriq_build_64bit_kernel.bbclass | 18 - meta-fsl-ppc/conf/layer.conf | 18 - meta-fsl-ppc/conf/machine/b4420qds-64b.conf | 15 - meta-fsl-ppc/conf/machine/b4420qds.conf | 15 - meta-fsl-ppc/conf/machine/b4860qds-64b.conf | 17 - meta-fsl-ppc/conf/machine/b4860qds.conf | 17 - meta-fsl-ppc/conf/machine/bsc9131rdb.conf | 15 - meta-fsl-ppc/conf/machine/bsc9132qds.conf | 23 - meta-fsl-ppc/conf/machine/c293pcie.conf | 16 - meta-fsl-ppc/conf/machine/include/e500mc.inc | 6 - meta-fsl-ppc/conf/machine/include/e500v2.inc | 4 - meta-fsl-ppc/conf/machine/include/e5500-64b.inc | 12 - meta-fsl-ppc/conf/machine/include/e5500.inc | 6 - meta-fsl-ppc/conf/machine/include/e6500-64b.inc | 12 - meta-fsl-ppc/conf/machine/include/e6500.inc | 13 - meta-fsl-ppc/conf/machine/include/qoriq-base.inc | 26 - meta-fsl-ppc/conf/machine/p1010rdb.conf | 22 - meta-fsl-ppc/conf/machine/p1020rdb.conf | 16 - meta-fsl-ppc/conf/machine/p1021rdb.conf | 17 - meta-fsl-ppc/conf/machine/p1022ds.conf | 26 - meta-fsl-ppc/conf/machine/p1023rdb.conf | 15 - meta-fsl-ppc/conf/machine/p1025twr.conf | 17 - meta-fsl-ppc/conf/machine/p2020rdb.conf | 16 - meta-fsl-ppc/conf/machine/p2041rdb.conf | 19 - meta-fsl-ppc/conf/machine/p3041ds.conf | 19 - meta-fsl-ppc/conf/machine/p4080ds.conf | 17 - meta-fsl-ppc/conf/machine/p5020ds-64b.conf | 19 - meta-fsl-ppc/conf/machine/p5020ds.conf | 19 - meta-fsl-ppc/conf/machine/p5040ds-64b.conf | 19 - meta-fsl-ppc/conf/machine/p5040ds.conf | 19 - meta-fsl-ppc/conf/machine/t1023rdb-64b.conf | 15 - meta-fsl-ppc/conf/machine/t1023rdb.conf | 15 - meta-fsl-ppc/conf/machine/t1024rdb-64b.conf | 16 - meta-fsl-ppc/conf/machine/t1024rdb.conf | 16 - meta-fsl-ppc/conf/machine/t1040d4rdb-64b.conf | 18 - meta-fsl-ppc/conf/machine/t1040d4rdb.conf | 18 - meta-fsl-ppc/conf/machine/t1042d4rdb-64b.conf | 18 - meta-fsl-ppc/conf/machine/t1042d4rdb.conf | 18 - meta-fsl-ppc/conf/machine/t2080qds-64b.conf | 19 - meta-fsl-ppc/conf/machine/t2080qds.conf | 19 - meta-fsl-ppc/conf/machine/t2080rdb-64b.conf | 19 - meta-fsl-ppc/conf/machine/t2080rdb.conf | 19 - meta-fsl-ppc/conf/machine/t4160qds-64b.conf | 15 - meta-fsl-ppc/conf/machine/t4160qds.conf | 15 - meta-fsl-ppc/conf/machine/t4240qds-64b.conf | 17 - meta-fsl-ppc/conf/machine/t4240qds.conf | 17 - meta-fsl-ppc/conf/machine/t4240rdb-64b.conf | 17 - meta-fsl-ppc/conf/machine/t4240rdb.conf | 17 - meta-fsl-ppc/custom-licenses/Cortina | 51 - meta-fsl-ppc/custom-licenses/Freescale-EULA | 214 - meta-fsl-ppc/custom-licenses/TestFloat | 24 - .../luajit/luajit/ppc-fixplt.patch | 105 - .../recipes-devtools/luajit/luajit_%.bbappend | 4 - meta-fsl-ppc/recipes-bsp/apptrk/apptrk_git.bb | 20 - .../boot-format/boot-format/flags.patch | 21 - .../recipes-bsp/boot-format/boot-format_git.bb | 20 - meta-fsl-ppc/recipes-bsp/ipc/ipc-ust_git.bb | 50 - meta-fsl-ppc/recipes-bsp/ipc/ipc.inc | 7 - .../recipes-bsp/pkc-firmware/pkc-firmware_git.bb | 41 - meta-fsl-ppc/recipes-bsp/qe-ucode/qe-ucode_git.bb | 35 - ...ake-BOARDS-DESTDIR-overidable-in-Makefile.patch | 57 - meta-fsl-ppc/recipes-bsp/rcw/rcw_git.bb | 36 - ...5xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch | 77 - .../u-boot/files/Fix-the-depend-race-issue.patch | 38 - .../recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb | 189 - .../ipsec-demo/ipsec-demo/test_setkey/README | 77 - .../test_setkey/auto_left.conf-3des-sha1-tunnel | 32 - .../test_setkey/auto_right.conf-3des-sha1-tunnel | 31 - .../ipsec-demo/ipsec-demo/test_setkey/flush-setkey | 4 - .../ipsec-demo/test_setkey/ipsec.conf.left | 29 - .../ipsec-demo/test_setkey/ipsec.conf.right | 28 - .../ipsec-demo/test_setkey/ipsec.secrets.left | 3 - .../ipsec-demo/test_setkey/ipsec.secrets.right | 8 - .../ipsec-demo/test_setkey/ipsec_ikev1.conf.left | 39 - .../ipsec-demo/test_setkey/ipsec_ikev1.conf.right | 34 - .../test_setkey/left.conf-3des-md5-transport | 23 - .../test_setkey/left.conf-3des-md5-tunnel | 42 - .../test_setkey/left.conf-3des-sha1-transport | 22 - .../test_setkey/left.conf-3des-sha1-tunnel | 42 - .../test_setkey/left.conf-3des-sha256-transport | 23 - .../test_setkey/left.conf-3des-sha256-tunnel | 42 - .../test_setkey/left.conf-aes-md5-transport | 23 - .../test_setkey/left.conf-aes-md5-tunnel | 42 - .../test_setkey/left.conf-aes-sha1-transport | 22 - .../test_setkey/left.conf-aes-sha1-tunnel | 42 - .../test_setkey/left.conf-aes-sha256-transport | 23 - .../test_setkey/left.conf-aes-sha256-tunnel | 42 - .../test_setkey/left.conf-null-null-transport | 23 - .../test_setkey/left.conf-null-null-tunnel | 42 - .../ipsec-demo/ipsec-demo/test_setkey/left.ipv4 | 2 - .../ipsec-demo/ipsec-demo/test_setkey/moonCert.pem | 25 - .../ipsec-demo/ipsec-demo/test_setkey/moonKey.pem | 27 - .../ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh | 19 - .../ipsec-demo/test_setkey/pingsizest.sh | 19 - .../ipsec-demo/ipsec-demo/test_setkey/psk.txt | 2 - .../ipsec-demo/ipsec-demo/test_setkey/racoon.conf | 22 - .../test_setkey/right.conf-3des-md5-transport | 23 - .../test_setkey/right.conf-3des-md5-tunnel | 42 - .../test_setkey/right.conf-3des-sha1-transport | 22 - .../test_setkey/right.conf-3des-sha1-tunnel | 41 - .../test_setkey/right.conf-3des-sha256-transport | 23 - .../test_setkey/right.conf-3des-sha256-tunnel | 42 - .../test_setkey/right.conf-aes-md5-transport | 23 - .../test_setkey/right.conf-aes-md5-tunnel | 42 - .../test_setkey/right.conf-aes-sha1-transport | 22 - .../test_setkey/right.conf-aes-sha1-tunnel | 41 - .../test_setkey/right.conf-aes-sha256-transport | 23 - .../test_setkey/right.conf-aes-sha256-tunnel | 42 - .../test_setkey/right.conf-null-null-transport | 23 - .../test_setkey/right.conf-null-null-tunnel | 42 - .../ipsec-demo/ipsec-demo/test_setkey/right.ipv4 | 2 - .../ipsec-demo/ipsec-demo/test_setkey/setup | 47 - .../ipsec-demo/ipsec-demo/test_setkey/setup_left | 13 - .../ipsec-demo/ipsec-demo/test_setkey/setup_right | 13 - .../ipsec-demo/test_setkey/strongswan.conf | 19 - .../ipsec-demo/test_setkey/strongswanCert.pem | 22 - .../ipsec-demo/test_setkey/strongswan_left | 10 - .../ipsec-demo/test_setkey/strongswan_right | 10 - .../ipsec-demo/ipsec-demo/test_setkey/sunCert.pem | 25 - .../ipsec-demo/ipsec-demo/test_setkey/sunKey.pem | 27 - .../ipsec-demo/ipsec-demo_0.1.bb | 25 - ...double-initialization-of-cryptodev-engine.patch | 83 - ...ev-add-support-for-TLS-algorithms-offload.patch | 317 -- ...0003-cryptodev-fix-algorithm-registration.patch | 64 - ...ake-it-more-robust-and-recognize-KERNEL_B.patch | 74 - ...5-ECC-Support-header-for-Cryptodev-Engine.patch | 318 -- .../0006-Fixed-private-key-support-for-DH.patch | 33 - .../0007-Fixed-private-key-support-for-DH.patch | 35 - ...itial-support-for-PKC-in-cryptodev-engine.patch | 1564 ------- ...009-Added-hwrng-dev-file-as-source-of-RNG.patch | 28 - ...s-interface-added-for-PKC-cryptodev-inter.patch | 2039 --------- ...gen-operation-and-support-gendsa-command-.patch | 153 - .../openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch | 64 - .../0013-Removed-local-copy-of-curve_t-type.patch | 164 - ...us-parameter-is-not-populated-by-dhparams.patch | 43 - .../0015-SW-Backoff-mechanism-for-dsa-keygen.patch | 53 - .../0016-Fixed-DH-keygen-pair-generator.patch | 100 - ...dd-support-for-aes-gcm-algorithm-offloadi.patch | 309 -- ...ev-extend-TLS-offload-with-3des_cbc_hmac_.patch | 193 - ...ev-add-support-for-TLSv1.1-record-offload.patch | 355 -- ...ev-add-support-for-TLSv1.2-record-offload.patch | 359 -- .../0021-cryptodev-drop-redundant-function.patch | 75 - ...yptodev-do-not-zero-the-buffer-before-use.patch | 48 - .../0023-cryptodev-clean-up-code-layout.patch | 72 - ...odev-do-not-cache-file-descriptor-in-open.patch | 100 - ...cryptodev-put_dev_crypto-should-be-an-int.patch | 35 - ...todev-simplify-cryptodev-pkc-support-code.patch | 250 -- .../recipes-connectivity/openssl/openssl.inc | 173 - .../openssl/openssl/configure-targets.patch | 34 - .../openssl/openssl/debian/c_rehash-compat.patch | 45 - .../openssl/openssl/debian/ca.patch | 22 - .../openssl/openssl/debian/debian-targets.patch | 66 - .../openssl/openssl/debian/make-targets.patch | 15 - .../openssl/openssl/debian/man-dir.patch | 15 - .../openssl/openssl/debian/man-section.patch | 34 - .../openssl/openssl/debian/no-rpath.patch | 15 - .../openssl/openssl/debian/no-symbolic.patch | 15 - .../openssl/openssl/debian/pic.patch | 177 - .../openssl/openssl/debian/version-script.patch | 4670 -------------------- .../openssl/engines-install-in-libdir-ssl.patch | 56 - .../recipes-connectivity/openssl/openssl/find.pl | 54 - .../openssl/openssl/fix-cipher-des-ede3-cfb1.patch | 22 - .../openssl/openssl/initial-aarch64-bits.patch | 119 - .../openssl/openssl/oe-ldflags.patch | 24 - ...-pointer-dereference-in-EVP_DigestInit_ex.patch | 21 - ...NULL-pointer-dereference-in-dh_pub_encode.patch | 39 - .../openssl/openssl-fix-des.pod-error.patch | 19 - .../openssl/openssl/openssl-fix-link.patch | 35 - .../openssl/openssl/openssl_fix_for_x32.patch | 90 - .../openssl/openssl/shared-libs.patch | 41 - .../recipes-connectivity/openssl/openssl_1.0.1i.bb | 53 - .../openssl/openssl_1.0.1i.bbappend | 40 - .../init-ifupdown/qoriq-ppc/interfaces | 6 - .../init-ifupdown/init-ifupdown_%.bbappend | 2 - meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq.bb | 24 - .../71-fsl-dpaa-persistent-networking.rules | 20 - .../72-fsl-dpaa-persistent-networking.rules | 24 - .../udev-rules-qoriq/qoriq-ppc/automount.rules | 23 - .../udev/skip-rules-for-mmc-rpmb-partition.patch | 41 - meta-fsl-ppc/recipes-core/udev/udev_182.bbappend | 6 - meta-fsl-ppc/recipes-devtools/qemu/qemu_fslgit.bb | 55 - .../recipes-dpaa/dpa-offload/dpa-offload_git.bb | 49 - .../recipes-dpaa/eth-config/eth-config_git.bb | 17 - meta-fsl-ppc/recipes-dpaa/flib/flib_git.bb | 15 - meta-fsl-ppc/recipes-dpaa/fm-ucode/fm-ucode_git.bb | 38 - meta-fsl-ppc/recipes-dpaa/fmc/fmc_git.bb | 52 - meta-fsl-ppc/recipes-dpaa/fmlib/fmlib_git.bb | 45 - .../recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb | 65 - meta-fsl-ppc/recipes-dpaa/usdpaa/usdpaa_git.bb | 27 - meta-fsl-ppc/recipes-extended/cst/cst_git.bb | 26 - .../merge-files/merge-files/merge/README | 7 - .../merge-files/merge-files_1.0.bb | 25 - .../recipes-extended/procps/procps_%.bbappend | 9 - .../skmm-ep/add-two-missing-header-files.patch | 660 --- .../recipes-extended/skmm-ep/skmm-ep_git.bb | 31 - .../testfloat/files/SoftFloat-powerpc-1.patch | 1427 ------ .../files/TestFloat-powerpc-E500v2-SPE-1.patch | 1644 ------- .../files/Yocto-replace-COMPILE_PREFIX-gcc.patch | 67 - .../recipes-extended/testfloat/testfloat_2a.bb | 45 - .../recipes-extended/web-sysmon/web-sysmon_git.bb | 23 - .../xorg-driver/xf86-video-fbdev_0.4.2.bb | 11 - .../xorg-driver/xorg-driver-common.inc | 40 - .../xorg-driver/xorg-driver-video.inc | 4 - .../xserver-xf86-config/p1022ds/xorg.conf | 27 - .../xorg-xserver/xserver-xf86-config_%.bbappend | 2 - meta-fsl-ppc/recipes-kernel/asf/asf_git.bb | 33 - meta-fsl-ppc/recipes-kernel/auto-resp/ar_git.bb | 29 - meta-fsl-ppc/recipes-kernel/ceetm/ceetm_git.bb | 30 - .../cryptodev/cryptodev-linux_1.7.bb | 12 - .../cryptodev/cryptodev-module_1.7.bb | 10 - .../cryptodev/cryptodev-tests_1.7.bb | 17 - .../recipes-kernel/cryptodev/cryptodev_1.7.inc | 47 - ...-for-composite-TLS10-SHA1-AES-algorithm-o.patch | 52 - .../files/0001-don-t-advertise-RSA-keygen.patch | 33 - .../0001-fix-compilation-against-linux-3.19.patch | 36 - ...ests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch | 29 - ...dd-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch | 207 - ...ile-fix-arg-passing-to-CC-in-implicit-rul.patch | 28 - ...talling-header-file-provided-by-another-p.patch | 29 - ...003-PKC-support-added-in-cryptodev-module.patch | 898 ---- ...pile-and-install-rules-for-cryptodev-test.patch | 65 - .../files/0004-Compat-versions-of-PKC-IOCTLs.patch | 200 - ...ynchronous-interface-changes-in-cryptodev.patch | 213 - ...and-DLC_KEYGEN-supported-in-cryptodev-mod.patch | 212 - ...stall-fixed-in-PKC-asynchronous-interface.patch | 238 - .../0008-Add-RSA-Key-generation-offloading.patch | 170 - ...lation-error-of-openssl-with-fsl-cryptode.patch | 160 - ...-for-composite-TLS10-SHA1-3DES-algorithm-.patch | 54 - ...11-add-support-for-TLSv1.1-record-offload.patch | 76 - ...12-add-support-for-TLSv1.2-record-offload.patch | 72 - .../files/0013-clean-up-code-layout.patch | 186 - ...ve-redundant-data-copy-for-pkc-operations.patch | 494 --- .../files/0015-fix-pkc-request-deallocation.patch | 40 - ...0016-add-basic-detection-of-asym-features.patch | 37 - .../cryptodev/files/0017-remove-dead-code.patch | 67 - .../cryptodev/files/0018-fix-compat-warnings.patch | 64 - .../files/0019-fix-size_t-print-format.patch | 61 - ...x-uninitialized-variable-compiler-warning.patch | 38 - .../recipes-kernel/ipc/ipc-modules-multi_git.bb | 11 - .../recipes-kernel/ipc/ipc-modules-single_git.bb | 11 - meta-fsl-ppc/recipes-kernel/ipc/ipc-modules.inc | 26 - .../files/modify-defconfig-t1040-nr-cpus.patch | 33 - .../linux/files/net-sctp-CVE-2014-0101.patch | 145 - meta-fsl-ppc/recipes-kernel/linux/linux-qoriq.inc | 46 - .../recipes-kernel/linux/linux-qoriq_3.12.bb | 7 - .../recipes-kernel/lttng/lttng-modules_%.bbappend | 2 - .../recipes-kernel/pkc-host/pkc-host_git.bb | 35 - .../recipes-kernel/qoriq-debug/qoriq-debug_git.bb | 15 - .../recipes-kernel/skmm-host/skmm-host_git.bb | 15 - .../recipes-kernel/uio-seville/uio-seville_0.1.bb | 14 - .../recipes-virtualization/hv-cfg/hv-cfg_git.bb | 52 - .../hypervisor/files/81-fsl-embedded-hv.rules | 2 - .../hypervisor/hypervisor_git.bb | 94 - .../mux-server/mux-server_1.02.bb | 27 - .../libvirt/libvirt/qoriq-ppc/qemu.conf | 465 -- .../recipes-extended/libvirt/libvirt_%.bbappend | 9 - recipes-bsp/apptrk/apptrk_git.bb | 1 + recipes-bsp/boot-format/boot-format/flags.patch | 21 + recipes-bsp/boot-format/boot-format_git.bb | 20 + recipes-bsp/ipc/ipc-ust_git.bb | 50 + recipes-bsp/ipc/ipc.inc | 7 + recipes-bsp/pkc-firmware/pkc-firmware_git.bb | 41 + recipes-bsp/qe-ucode/qe-ucode_git.bb | 2 +- recipes-bsp/rcw/rcw_git.bb | 2 +- ...5xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch | 77 + .../u-boot/files/Fix-the-depend-race-issue.patch | 38 + recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb | 189 + .../ipsec-demo/ipsec-demo/test_setkey/README | 77 + .../test_setkey/auto_left.conf-3des-sha1-tunnel | 32 + .../test_setkey/auto_right.conf-3des-sha1-tunnel | 31 + .../ipsec-demo/ipsec-demo/test_setkey/flush-setkey | 4 + .../ipsec-demo/test_setkey/ipsec.conf.left | 29 + .../ipsec-demo/test_setkey/ipsec.conf.right | 28 + .../ipsec-demo/test_setkey/ipsec.secrets.left | 3 + .../ipsec-demo/test_setkey/ipsec.secrets.right | 8 + .../ipsec-demo/test_setkey/ipsec_ikev1.conf.left | 39 + .../ipsec-demo/test_setkey/ipsec_ikev1.conf.right | 34 + .../test_setkey/left.conf-3des-md5-transport | 23 + .../test_setkey/left.conf-3des-md5-tunnel | 42 + .../test_setkey/left.conf-3des-sha1-transport | 22 + .../test_setkey/left.conf-3des-sha1-tunnel | 42 + .../test_setkey/left.conf-3des-sha256-transport | 23 + .../test_setkey/left.conf-3des-sha256-tunnel | 42 + .../test_setkey/left.conf-aes-md5-transport | 23 + .../test_setkey/left.conf-aes-md5-tunnel | 42 + .../test_setkey/left.conf-aes-sha1-transport | 22 + .../test_setkey/left.conf-aes-sha1-tunnel | 42 + .../test_setkey/left.conf-aes-sha256-transport | 23 + .../test_setkey/left.conf-aes-sha256-tunnel | 42 + .../test_setkey/left.conf-null-null-transport | 23 + .../test_setkey/left.conf-null-null-tunnel | 42 + .../ipsec-demo/ipsec-demo/test_setkey/left.ipv4 | 2 + .../ipsec-demo/ipsec-demo/test_setkey/moonCert.pem | 25 + .../ipsec-demo/ipsec-demo/test_setkey/moonKey.pem | 27 + .../ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh | 19 + .../ipsec-demo/test_setkey/pingsizest.sh | 19 + .../ipsec-demo/ipsec-demo/test_setkey/psk.txt | 2 + .../ipsec-demo/ipsec-demo/test_setkey/racoon.conf | 22 + .../test_setkey/right.conf-3des-md5-transport | 23 + .../test_setkey/right.conf-3des-md5-tunnel | 42 + .../test_setkey/right.conf-3des-sha1-transport | 22 + .../test_setkey/right.conf-3des-sha1-tunnel | 41 + .../test_setkey/right.conf-3des-sha256-transport | 23 + .../test_setkey/right.conf-3des-sha256-tunnel | 42 + .../test_setkey/right.conf-aes-md5-transport | 23 + .../test_setkey/right.conf-aes-md5-tunnel | 42 + .../test_setkey/right.conf-aes-sha1-transport | 22 + .../test_setkey/right.conf-aes-sha1-tunnel | 41 + .../test_setkey/right.conf-aes-sha256-transport | 23 + .../test_setkey/right.conf-aes-sha256-tunnel | 42 + .../test_setkey/right.conf-null-null-transport | 23 + .../test_setkey/right.conf-null-null-tunnel | 42 + .../ipsec-demo/ipsec-demo/test_setkey/right.ipv4 | 2 + .../ipsec-demo/ipsec-demo/test_setkey/setup | 47 + .../ipsec-demo/ipsec-demo/test_setkey/setup_left | 13 + .../ipsec-demo/ipsec-demo/test_setkey/setup_right | 13 + .../ipsec-demo/test_setkey/strongswan.conf | 19 + .../ipsec-demo/test_setkey/strongswanCert.pem | 22 + .../ipsec-demo/test_setkey/strongswan_left | 10 + .../ipsec-demo/test_setkey/strongswan_right | 10 + .../ipsec-demo/ipsec-demo/test_setkey/sunCert.pem | 25 + .../ipsec-demo/ipsec-demo/test_setkey/sunKey.pem | 27 + recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb | 25 + ...double-initialization-of-cryptodev-engine.patch | 83 + ...ev-add-support-for-TLS-algorithms-offload.patch | 317 ++ ...0003-cryptodev-fix-algorithm-registration.patch | 64 + ...ake-it-more-robust-and-recognize-KERNEL_B.patch | 74 + ...5-ECC-Support-header-for-Cryptodev-Engine.patch | 318 ++ .../0006-Fixed-private-key-support-for-DH.patch | 33 + .../0007-Fixed-private-key-support-for-DH.patch | 35 + ...itial-support-for-PKC-in-cryptodev-engine.patch | 1564 +++++++ ...009-Added-hwrng-dev-file-as-source-of-RNG.patch | 28 + ...s-interface-added-for-PKC-cryptodev-inter.patch | 2039 +++++++++ ...gen-operation-and-support-gendsa-command-.patch | 153 + .../openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch | 64 + .../0013-Removed-local-copy-of-curve_t-type.patch | 164 + ...us-parameter-is-not-populated-by-dhparams.patch | 43 + .../0015-SW-Backoff-mechanism-for-dsa-keygen.patch | 53 + .../0016-Fixed-DH-keygen-pair-generator.patch | 100 + ...dd-support-for-aes-gcm-algorithm-offloadi.patch | 309 ++ ...ev-extend-TLS-offload-with-3des_cbc_hmac_.patch | 193 + ...ev-add-support-for-TLSv1.1-record-offload.patch | 355 ++ ...ev-add-support-for-TLSv1.2-record-offload.patch | 359 ++ .../0021-cryptodev-drop-redundant-function.patch | 75 + ...yptodev-do-not-zero-the-buffer-before-use.patch | 48 + .../0023-cryptodev-clean-up-code-layout.patch | 72 + ...odev-do-not-cache-file-descriptor-in-open.patch | 100 + ...cryptodev-put_dev_crypto-should-be-an-int.patch | 35 + ...todev-simplify-cryptodev-pkc-support-code.patch | 250 ++ recipes-connectivity/openssl/openssl.inc | 173 + .../openssl/openssl/configure-targets.patch | 34 + .../openssl/openssl/debian/c_rehash-compat.patch | 45 + .../openssl/openssl/debian/ca.patch | 22 + .../openssl/openssl/debian/debian-targets.patch | 66 + .../openssl/openssl/debian/make-targets.patch | 15 + .../openssl/openssl/debian/man-dir.patch | 15 + .../openssl/openssl/debian/man-section.patch | 34 + .../openssl/openssl/debian/no-rpath.patch | 15 + .../openssl/openssl/debian/no-symbolic.patch | 15 + .../openssl/openssl/debian/pic.patch | 177 + .../openssl/openssl/debian/version-script.patch | 4670 ++++++++++++++++++++ .../openssl/engines-install-in-libdir-ssl.patch | 56 + recipes-connectivity/openssl/openssl/find.pl | 54 + .../openssl/openssl/fix-cipher-des-ede3-cfb1.patch | 22 + .../openssl/openssl/initial-aarch64-bits.patch | 119 + .../openssl/openssl/oe-ldflags.patch | 24 + ...-pointer-dereference-in-EVP_DigestInit_ex.patch | 21 + ...NULL-pointer-dereference-in-dh_pub_encode.patch | 39 + .../openssl/openssl-fix-des.pod-error.patch | 19 + .../openssl/openssl/openssl-fix-link.patch | 35 + .../openssl/openssl/openssl_fix_for_x32.patch | 90 + .../openssl/openssl/shared-libs.patch | 41 + recipes-connectivity/openssl/openssl_1.0.1i.bb | 53 + .../openssl/openssl_1.0.1i.bbappend | 40 + .../init-ifupdown/qoriq-ppc/interfaces | 6 + .../init-ifupdown/init-ifupdown_%.bbappend | 2 + recipes-core/udev/udev-rules-qoriq.bb | 24 + .../71-fsl-dpaa-persistent-networking.rules | 20 + .../72-fsl-dpaa-persistent-networking.rules | 24 + .../udev-rules-qoriq/qoriq-ppc/automount.rules | 23 + .../udev/skip-rules-for-mmc-rpmb-partition.patch | 41 + recipes-core/udev/udev_182.bbappend | 6 + recipes-devtools/qemu/qemu_fslgit.bb | 55 + recipes-dpaa/dpa-offload/dpa-offload_git.bb | 49 + recipes-dpaa/eth-config/eth-config_git.bb | 17 + recipes-dpaa/flib/flib_git.bb | 15 + recipes-dpaa/fm-ucode/fm-ucode_git.bb | 38 + recipes-dpaa/fmc/fmc_git.bb | 52 + recipes-dpaa/fmlib/fmlib_git.bb | 45 + recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb | 65 + recipes-dpaa/usdpaa/usdpaa_git.bb | 27 + recipes-extended/cst/cst_git.bb | 26 + .../merge-files/merge-files/merge/README | 7 + recipes-extended/merge-files/merge-files_1.0.bb | 25 + recipes-extended/procps/procps_%.bbappend | 9 + .../skmm-ep/add-two-missing-header-files.patch | 660 +++ recipes-extended/skmm-ep/skmm-ep_git.bb | 31 + .../testfloat/files/SoftFloat-powerpc-1.patch | 1427 ++++++ .../files/TestFloat-powerpc-E500v2-SPE-1.patch | 1644 +++++++ .../files/Yocto-replace-COMPILE_PREFIX-gcc.patch | 67 + recipes-extended/testfloat/testfloat_2a.bb | 45 + recipes-extended/web-sysmon/web-sysmon_git.bb | 23 + .../xorg-driver/xf86-video-fbdev_0.4.2.bb | 11 + .../xorg-driver/xorg-driver-common.inc | 40 + recipes-graphics/xorg-driver/xorg-driver-video.inc | 4 + .../xserver-xf86-config/p1022ds/xorg.conf | 27 + recipes-kernel/asf/asf_git.bb | 33 + recipes-kernel/auto-resp/ar_git.bb | 29 + recipes-kernel/ceetm/ceetm_git.bb | 30 + recipes-kernel/cryptodev/cryptodev-linux_1.7.bb | 12 + recipes-kernel/cryptodev/cryptodev-module_1.7.bb | 10 + recipes-kernel/cryptodev/cryptodev-tests_1.7.bb | 17 + recipes-kernel/cryptodev/cryptodev_1.7.inc | 47 + ...-for-composite-TLS10-SHA1-AES-algorithm-o.patch | 52 + .../files/0001-don-t-advertise-RSA-keygen.patch | 33 + .../0001-fix-compilation-against-linux-3.19.patch | 36 + ...ests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch | 29 + ...dd-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch | 207 + ...ile-fix-arg-passing-to-CC-in-implicit-rul.patch | 28 + ...talling-header-file-provided-by-another-p.patch | 29 + ...003-PKC-support-added-in-cryptodev-module.patch | 898 ++++ ...pile-and-install-rules-for-cryptodev-test.patch | 65 + .../files/0004-Compat-versions-of-PKC-IOCTLs.patch | 200 + ...ynchronous-interface-changes-in-cryptodev.patch | 213 + ...and-DLC_KEYGEN-supported-in-cryptodev-mod.patch | 212 + ...stall-fixed-in-PKC-asynchronous-interface.patch | 238 + .../0008-Add-RSA-Key-generation-offloading.patch | 170 + ...lation-error-of-openssl-with-fsl-cryptode.patch | 160 + ...-for-composite-TLS10-SHA1-3DES-algorithm-.patch | 54 + ...11-add-support-for-TLSv1.1-record-offload.patch | 76 + ...12-add-support-for-TLSv1.2-record-offload.patch | 72 + .../files/0013-clean-up-code-layout.patch | 186 + ...ve-redundant-data-copy-for-pkc-operations.patch | 494 +++ .../files/0015-fix-pkc-request-deallocation.patch | 40 + ...0016-add-basic-detection-of-asym-features.patch | 37 + .../cryptodev/files/0017-remove-dead-code.patch | 67 + .../cryptodev/files/0018-fix-compat-warnings.patch | 64 + .../files/0019-fix-size_t-print-format.patch | 61 + ...x-uninitialized-variable-compiler-warning.patch | 38 + recipes-kernel/ipc/ipc-modules-multi_git.bb | 11 + recipes-kernel/ipc/ipc-modules-single_git.bb | 11 + recipes-kernel/ipc/ipc-modules.inc | 26 + .../files/modify-defconfig-t1040-nr-cpus.patch | 33 + .../linux/files/net-sctp-CVE-2014-0101.patch | 145 + recipes-kernel/linux/linux-qoriq.inc | 46 + recipes-kernel/linux/linux-qoriq_3.12.bb | 7 + recipes-kernel/lttng/lttng-modules_%.bbappend | 2 + recipes-kernel/pkc-host/pkc-host_git.bb | 35 + recipes-kernel/qoriq-debug/qoriq-debug_git.bb | 15 + recipes-kernel/skmm-host/skmm-host_git.bb | 15 + recipes-kernel/uio-seville/uio-seville_0.1.bb | 14 + recipes-virtualization/hv-cfg/hv-cfg_git.bb | 52 + .../hypervisor/files/81-fsl-embedded-hv.rules | 2 + .../hypervisor/hypervisor_git.bb | 94 + .../mux-server/mux-server_1.02.bb | 27 + 511 files changed, 25471 insertions(+), 25684 deletions(-) create mode 100644 classes/qoriq_build_64bit_kernel.bbclass create mode 100644 conf/machine/b4420qds-64b.conf create mode 100644 conf/machine/b4420qds.conf create mode 100644 conf/machine/b4860qds-64b.conf create mode 100644 conf/machine/b4860qds.conf create mode 100644 conf/machine/bsc9131rdb.conf create mode 100644 conf/machine/bsc9132qds.conf create mode 100644 conf/machine/c293pcie.conf create mode 100644 conf/machine/include/e500mc.inc create mode 100644 conf/machine/include/e500v2.inc create mode 100644 conf/machine/include/e5500-64b.inc create mode 100644 conf/machine/include/e5500.inc create mode 100644 conf/machine/include/e6500-64b.inc create mode 100644 conf/machine/include/e6500.inc create mode 100644 conf/machine/include/qoriq-base.inc create mode 100644 conf/machine/p1010rdb.conf create mode 100644 conf/machine/p1020rdb.conf create mode 100644 conf/machine/p1021rdb.conf create mode 100644 conf/machine/p1022ds.conf create mode 100644 conf/machine/p1023rdb.conf create mode 100644 conf/machine/p1025twr.conf create mode 100644 conf/machine/p2020rdb.conf create mode 100644 conf/machine/p2041rdb.conf create mode 100644 conf/machine/p3041ds.conf create mode 100644 conf/machine/p4080ds.conf create mode 100644 conf/machine/p5020ds-64b.conf create mode 100644 conf/machine/p5020ds.conf create mode 100644 conf/machine/p5040ds-64b.conf create mode 100644 conf/machine/p5040ds.conf create mode 100644 conf/machine/t1023rdb-64b.conf create mode 100644 conf/machine/t1023rdb.conf create mode 100644 conf/machine/t1024rdb-64b.conf create mode 100644 conf/machine/t1024rdb.conf create mode 100644 conf/machine/t1040d4rdb-64b.conf create mode 100644 conf/machine/t1040d4rdb.conf create mode 100644 conf/machine/t1042d4rdb-64b.conf create mode 100644 conf/machine/t1042d4rdb.conf create mode 100644 conf/machine/t2080qds-64b.conf create mode 100644 conf/machine/t2080qds.conf create mode 100644 conf/machine/t2080rdb-64b.conf create mode 100644 conf/machine/t2080rdb.conf create mode 100644 conf/machine/t4160qds-64b.conf create mode 100644 conf/machine/t4160qds.conf create mode 100644 conf/machine/t4240qds-64b.conf create mode 100644 conf/machine/t4240qds.conf create mode 100644 conf/machine/t4240rdb-64b.conf create mode 100644 conf/machine/t4240rdb.conf create mode 100644 custom-licenses/Cortina create mode 100644 custom-licenses/Freescale-EULA create mode 100644 custom-licenses/TestFloat create mode 100644 dynamic-layers/openembedded-layer/recipes-devtools/luajit/luajit/ppc-fixplt.patch create mode 100644 dynamic-layers/openembedded-layer/recipes-devtools/luajit/luajit_%.bbappend create mode 100644 dynamic-layers/virtualization-layer/recipes-extended/libvirt/libvirt/qoriq-ppc/qemu.conf create mode 100644 dynamic-layers/virtualization-layer/recipes-extended/libvirt/libvirt_%.bbappend delete mode 100644 meta-fsl-ppc/README delete mode 100644 meta-fsl-ppc/classes/qoriq_build_64bit_kernel.bbclass delete mode 100644 meta-fsl-ppc/conf/layer.conf delete mode 100644 meta-fsl-ppc/conf/machine/b4420qds-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/b4420qds.conf delete mode 100644 meta-fsl-ppc/conf/machine/b4860qds-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/b4860qds.conf delete mode 100644 meta-fsl-ppc/conf/machine/bsc9131rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/bsc9132qds.conf delete mode 100644 meta-fsl-ppc/conf/machine/c293pcie.conf delete mode 100644 meta-fsl-ppc/conf/machine/include/e500mc.inc delete mode 100644 meta-fsl-ppc/conf/machine/include/e500v2.inc delete mode 100644 meta-fsl-ppc/conf/machine/include/e5500-64b.inc delete mode 100644 meta-fsl-ppc/conf/machine/include/e5500.inc delete mode 100644 meta-fsl-ppc/conf/machine/include/e6500-64b.inc delete mode 100644 meta-fsl-ppc/conf/machine/include/e6500.inc delete mode 100644 meta-fsl-ppc/conf/machine/include/qoriq-base.inc delete mode 100644 meta-fsl-ppc/conf/machine/p1010rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/p1020rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/p1021rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/p1022ds.conf delete mode 100644 meta-fsl-ppc/conf/machine/p1023rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/p1025twr.conf delete mode 100644 meta-fsl-ppc/conf/machine/p2020rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/p2041rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/p3041ds.conf delete mode 100644 meta-fsl-ppc/conf/machine/p4080ds.conf delete mode 100644 meta-fsl-ppc/conf/machine/p5020ds-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/p5020ds.conf delete mode 100644 meta-fsl-ppc/conf/machine/p5040ds-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/p5040ds.conf delete mode 100644 meta-fsl-ppc/conf/machine/t1023rdb-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/t1023rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/t1024rdb-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/t1024rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/t1040d4rdb-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/t1040d4rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/t1042d4rdb-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/t1042d4rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/t2080qds-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/t2080qds.conf delete mode 100644 meta-fsl-ppc/conf/machine/t2080rdb-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/t2080rdb.conf delete mode 100644 meta-fsl-ppc/conf/machine/t4160qds-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/t4160qds.conf delete mode 100644 meta-fsl-ppc/conf/machine/t4240qds-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/t4240qds.conf delete mode 100644 meta-fsl-ppc/conf/machine/t4240rdb-64b.conf delete mode 100644 meta-fsl-ppc/conf/machine/t4240rdb.conf delete mode 100644 meta-fsl-ppc/custom-licenses/Cortina delete mode 100644 meta-fsl-ppc/custom-licenses/Freescale-EULA delete mode 100644 meta-fsl-ppc/custom-licenses/TestFloat delete mode 100644 meta-fsl-ppc/openembedded-layer/recipes-devtools/luajit/luajit/ppc-fixplt.patch delete mode 100644 meta-fsl-ppc/openembedded-layer/recipes-devtools/luajit/luajit_%.bbappend delete mode 100644 meta-fsl-ppc/recipes-bsp/apptrk/apptrk_git.bb delete mode 100644 meta-fsl-ppc/recipes-bsp/boot-format/boot-format/flags.patch delete mode 100644 meta-fsl-ppc/recipes-bsp/boot-format/boot-format_git.bb delete mode 100644 meta-fsl-ppc/recipes-bsp/ipc/ipc-ust_git.bb delete mode 100644 meta-fsl-ppc/recipes-bsp/ipc/ipc.inc delete mode 100644 meta-fsl-ppc/recipes-bsp/pkc-firmware/pkc-firmware_git.bb delete mode 100644 meta-fsl-ppc/recipes-bsp/qe-ucode/qe-ucode_git.bb delete mode 100644 meta-fsl-ppc/recipes-bsp/rcw/rcw/rcw-make-BOARDS-DESTDIR-overidable-in-Makefile.patch delete mode 100644 meta-fsl-ppc/recipes-bsp/rcw/rcw_git.bb delete mode 100644 meta-fsl-ppc/recipes-bsp/u-boot/files/0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch delete mode 100644 meta-fsl-ppc/recipes-bsp/u-boot/files/Fix-the-depend-race-issue.patch delete mode 100644 meta-fsl-ppc/recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left delete mode 100755 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem delete mode 100644 meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl.inc delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/configure-targets.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/ca.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/debian-targets.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/make-targets.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/man-dir.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/man-section.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/no-rpath.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/pic.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/version-script.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/find.pl delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/oe-ldflags.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-fix-link.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/shared-libs.patch delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1i.bb delete mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1i.bbappend delete mode 100644 meta-fsl-ppc/recipes-core/init-ifupdown/init-ifupdown/qoriq-ppc/interfaces delete mode 100644 meta-fsl-ppc/recipes-core/init-ifupdown/init-ifupdown_%.bbappend delete mode 100644 meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq.bb delete mode 100644 meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/71-fsl-dpaa-persistent-networking.rules delete mode 100644 meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/72-fsl-dpaa-persistent-networking.rules delete mode 100644 meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/automount.rules delete mode 100644 meta-fsl-ppc/recipes-core/udev/udev/skip-rules-for-mmc-rpmb-partition.patch delete mode 100644 meta-fsl-ppc/recipes-core/udev/udev_182.bbappend delete mode 100644 meta-fsl-ppc/recipes-devtools/qemu/qemu_fslgit.bb delete mode 100644 meta-fsl-ppc/recipes-dpaa/dpa-offload/dpa-offload_git.bb delete mode 100644 meta-fsl-ppc/recipes-dpaa/eth-config/eth-config_git.bb delete mode 100644 meta-fsl-ppc/recipes-dpaa/flib/flib_git.bb delete mode 100644 meta-fsl-ppc/recipes-dpaa/fm-ucode/fm-ucode_git.bb delete mode 100644 meta-fsl-ppc/recipes-dpaa/fmc/fmc_git.bb delete mode 100644 meta-fsl-ppc/recipes-dpaa/fmlib/fmlib_git.bb delete mode 100644 meta-fsl-ppc/recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb delete mode 100644 meta-fsl-ppc/recipes-dpaa/usdpaa/usdpaa_git.bb delete mode 100644 meta-fsl-ppc/recipes-extended/cst/cst_git.bb delete mode 100644 meta-fsl-ppc/recipes-extended/merge-files/merge-files/merge/README delete mode 100644 meta-fsl-ppc/recipes-extended/merge-files/merge-files_1.0.bb delete mode 100644 meta-fsl-ppc/recipes-extended/procps/procps_%.bbappend delete mode 100644 meta-fsl-ppc/recipes-extended/skmm-ep/skmm-ep/add-two-missing-header-files.patch delete mode 100644 meta-fsl-ppc/recipes-extended/skmm-ep/skmm-ep_git.bb delete mode 100644 meta-fsl-ppc/recipes-extended/testfloat/files/SoftFloat-powerpc-1.patch delete mode 100644 meta-fsl-ppc/recipes-extended/testfloat/files/TestFloat-powerpc-E500v2-SPE-1.patch delete mode 100644 meta-fsl-ppc/recipes-extended/testfloat/files/Yocto-replace-COMPILE_PREFIX-gcc.patch delete mode 100644 meta-fsl-ppc/recipes-extended/testfloat/testfloat_2a.bb delete mode 100644 meta-fsl-ppc/recipes-extended/web-sysmon/web-sysmon_git.bb delete mode 100644 meta-fsl-ppc/recipes-graphics/xorg-driver/xf86-video-fbdev_0.4.2.bb delete mode 100644 meta-fsl-ppc/recipes-graphics/xorg-driver/xorg-driver-common.inc delete mode 100644 meta-fsl-ppc/recipes-graphics/xorg-driver/xorg-driver-video.inc delete mode 100644 meta-fsl-ppc/recipes-graphics/xorg-xserver/xserver-xf86-config/p1022ds/xorg.conf delete mode 100644 meta-fsl-ppc/recipes-graphics/xorg-xserver/xserver-xf86-config_%.bbappend delete mode 100644 meta-fsl-ppc/recipes-kernel/asf/asf_git.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/auto-resp/ar_git.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/ceetm/ceetm_git.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-linux_1.7.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-module_1.7.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-tests_1.7.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev_1.7.inc delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/ipc/ipc-modules-multi_git.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/ipc/ipc-modules-single_git.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/ipc/ipc-modules.inc delete mode 100644 meta-fsl-ppc/recipes-kernel/linux/files/modify-defconfig-t1040-nr-cpus.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/linux/files/net-sctp-CVE-2014-0101.patch delete mode 100644 meta-fsl-ppc/recipes-kernel/linux/linux-qoriq.inc delete mode 100644 meta-fsl-ppc/recipes-kernel/linux/linux-qoriq_3.12.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/lttng/lttng-modules_%.bbappend delete mode 100644 meta-fsl-ppc/recipes-kernel/pkc-host/pkc-host_git.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/qoriq-debug/qoriq-debug_git.bb delete mode 100644 meta-fsl-ppc/recipes-kernel/skmm-host/skmm-host_git.bb delete mode 100755 meta-fsl-ppc/recipes-kernel/uio-seville/uio-seville_0.1.bb delete mode 100644 meta-fsl-ppc/recipes-virtualization/hv-cfg/hv-cfg_git.bb delete mode 100644 meta-fsl-ppc/recipes-virtualization/hypervisor/files/81-fsl-embedded-hv.rules delete mode 100644 meta-fsl-ppc/recipes-virtualization/hypervisor/hypervisor_git.bb delete mode 100644 meta-fsl-ppc/recipes-virtualization/mux-server/mux-server_1.02.bb delete mode 100644 meta-fsl-ppc/virtualization-layer/recipes-extended/libvirt/libvirt/qoriq-ppc/qemu.conf delete mode 100644 meta-fsl-ppc/virtualization-layer/recipes-extended/libvirt/libvirt_%.bbappend create mode 100644 recipes-bsp/boot-format/boot-format/flags.patch create mode 100644 recipes-bsp/boot-format/boot-format_git.bb create mode 100644 recipes-bsp/ipc/ipc-ust_git.bb create mode 100644 recipes-bsp/ipc/ipc.inc create mode 100644 recipes-bsp/pkc-firmware/pkc-firmware_git.bb create mode 100644 recipes-bsp/u-boot/files/0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch create mode 100644 recipes-bsp/u-boot/files/Fix-the-depend-race-issue.patch create mode 100644 recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb create mode 100644 recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch create mode 100644 recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch create mode 100644 recipes-connectivity/openssl/openssl.inc create mode 100644 recipes-connectivity/openssl/openssl/configure-targets.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/ca.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/debian-targets.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/make-targets.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/man-dir.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/man-section.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/no-rpath.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/no-symbolic.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/pic.patch create mode 100644 recipes-connectivity/openssl/openssl/debian/version-script.patch create mode 100644 recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch create mode 100644 recipes-connectivity/openssl/openssl/find.pl create mode 100644 recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch create mode 100644 recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch create mode 100644 recipes-connectivity/openssl/openssl/oe-ldflags.patch create mode 100644 recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch create mode 100644 recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch create mode 100644 recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch create mode 100644 recipes-connectivity/openssl/openssl/openssl-fix-link.patch create mode 100644 recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch create mode 100644 recipes-connectivity/openssl/openssl/shared-libs.patch create mode 100644 recipes-connectivity/openssl/openssl_1.0.1i.bb create mode 100644 recipes-connectivity/openssl/openssl_1.0.1i.bbappend create mode 100644 recipes-core/init-ifupdown/init-ifupdown/qoriq-ppc/interfaces create mode 100644 recipes-core/init-ifupdown/init-ifupdown_%.bbappend create mode 100644 recipes-core/udev/udev-rules-qoriq.bb create mode 100644 recipes-core/udev/udev-rules-qoriq/qoriq-ppc/71-fsl-dpaa-persistent-networking.rules create mode 100644 recipes-core/udev/udev-rules-qoriq/qoriq-ppc/72-fsl-dpaa-persistent-networking.rules create mode 100644 recipes-core/udev/udev-rules-qoriq/qoriq-ppc/automount.rules create mode 100644 recipes-core/udev/udev/skip-rules-for-mmc-rpmb-partition.patch create mode 100644 recipes-core/udev/udev_182.bbappend create mode 100644 recipes-devtools/qemu/qemu_fslgit.bb create mode 100644 recipes-dpaa/dpa-offload/dpa-offload_git.bb create mode 100644 recipes-dpaa/eth-config/eth-config_git.bb create mode 100644 recipes-dpaa/flib/flib_git.bb create mode 100644 recipes-dpaa/fm-ucode/fm-ucode_git.bb create mode 100644 recipes-dpaa/fmc/fmc_git.bb create mode 100644 recipes-dpaa/fmlib/fmlib_git.bb create mode 100644 recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb create mode 100644 recipes-dpaa/usdpaa/usdpaa_git.bb create mode 100644 recipes-extended/cst/cst_git.bb create mode 100644 recipes-extended/merge-files/merge-files/merge/README create mode 100644 recipes-extended/merge-files/merge-files_1.0.bb create mode 100644 recipes-extended/procps/procps_%.bbappend create mode 100644 recipes-extended/skmm-ep/skmm-ep/add-two-missing-header-files.patch create mode 100644 recipes-extended/skmm-ep/skmm-ep_git.bb create mode 100644 recipes-extended/testfloat/files/SoftFloat-powerpc-1.patch create mode 100644 recipes-extended/testfloat/files/TestFloat-powerpc-E500v2-SPE-1.patch create mode 100644 recipes-extended/testfloat/files/Yocto-replace-COMPILE_PREFIX-gcc.patch create mode 100644 recipes-extended/testfloat/testfloat_2a.bb create mode 100644 recipes-extended/web-sysmon/web-sysmon_git.bb create mode 100644 recipes-graphics/xorg-driver/xf86-video-fbdev_0.4.2.bb create mode 100644 recipes-graphics/xorg-driver/xorg-driver-common.inc create mode 100644 recipes-graphics/xorg-driver/xorg-driver-video.inc create mode 100644 recipes-graphics/xorg-xserver/xserver-xf86-config/p1022ds/xorg.conf create mode 100644 recipes-kernel/asf/asf_git.bb create mode 100644 recipes-kernel/auto-resp/ar_git.bb create mode 100644 recipes-kernel/ceetm/ceetm_git.bb create mode 100644 recipes-kernel/cryptodev/cryptodev-linux_1.7.bb create mode 100644 recipes-kernel/cryptodev/cryptodev-module_1.7.bb create mode 100644 recipes-kernel/cryptodev/cryptodev-tests_1.7.bb create mode 100644 recipes-kernel/cryptodev/cryptodev_1.7.inc create mode 100644 recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch create mode 100644 recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch create mode 100644 recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch create mode 100644 recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch create mode 100644 recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch create mode 100644 recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch create mode 100644 recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch create mode 100644 recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch create mode 100644 recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch create mode 100644 recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch create mode 100644 recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch create mode 100644 recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch create mode 100644 recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch create mode 100644 recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch create mode 100644 recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch create mode 100644 recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch create mode 100644 recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch create mode 100644 recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch create mode 100644 recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch create mode 100644 recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch create mode 100644 recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch create mode 100644 recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch create mode 100644 recipes-kernel/cryptodev/files/0017-remove-dead-code.patch create mode 100644 recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch create mode 100644 recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch create mode 100644 recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch create mode 100644 recipes-kernel/ipc/ipc-modules-multi_git.bb create mode 100644 recipes-kernel/ipc/ipc-modules-single_git.bb create mode 100644 recipes-kernel/ipc/ipc-modules.inc create mode 100644 recipes-kernel/linux/files/modify-defconfig-t1040-nr-cpus.patch create mode 100644 recipes-kernel/linux/files/net-sctp-CVE-2014-0101.patch create mode 100644 recipes-kernel/linux/linux-qoriq.inc create mode 100644 recipes-kernel/linux/linux-qoriq_3.12.bb create mode 100644 recipes-kernel/lttng/lttng-modules_%.bbappend create mode 100644 recipes-kernel/pkc-host/pkc-host_git.bb create mode 100644 recipes-kernel/qoriq-debug/qoriq-debug_git.bb create mode 100644 recipes-kernel/skmm-host/skmm-host_git.bb create mode 100755 recipes-kernel/uio-seville/uio-seville_0.1.bb create mode 100644 recipes-virtualization/hv-cfg/hv-cfg_git.bb create mode 100644 recipes-virtualization/hypervisor/files/81-fsl-embedded-hv.rules create mode 100644 recipes-virtualization/hypervisor/hypervisor_git.bb create mode 100644 recipes-virtualization/mux-server/mux-server_1.02.bb diff --git a/classes/qoriq_build_64bit_kernel.bbclass b/classes/qoriq_build_64bit_kernel.bbclass new file mode 100644 index 00000000..f145746b --- /dev/null +++ b/classes/qoriq_build_64bit_kernel.bbclass @@ -0,0 +1,18 @@ +inherit distro_features_check +REQUIRED_DISTRO_FEATURES_e6500 += "multiarch" + +python () { + promote_kernel = d.getVar('BUILD_64BIT_KERNEL') + if promote_kernel == "1": + sys_multilib = 'powerpc64' + d.getVar('TARGET_VENDOR') + 'mllib64-' + d.getVar('HOST_OS') + tc_options = d.getVar('TOOLCHAIN_OPTIONS') + '/../lib64-' + d.getVar("MACHINE") + d.setVar('DEPENDS_append', ' lib64-gcc-cross-powerpc64 lib64-libgcc') + d.setVar('PATH_append', ':' + d.getVar('STAGING_BINDIR_NATIVE') + '/' + sys_multilib) + d.setVar('KERNEL_CC', d.getVar('CCACHE') + sys_multilib + '-' + 'gcc' + d.getVar('HOST_CC_KERNEL_ARCH') + tc_options) + d.setVar('KERNEL_LD', d.getVar('CCACHE') + sys_multilib + '-' + 'ld.bfd' + d.getVar('HOST_LD_KERNEL_ARCH') + tc_options) + d.setVar('KERNEL_AR', d.getVar('CCACHE') + sys_multilib + '-' + 'ar' + d.getVar('HOST_AR_KERNEL_ARCH')) + + error_qa = d.getVar('ERROR_QA', True) + if 'arch' in error_qa: + d.setVar('ERROR_QA', error_qa.replace(' arch', '')) +} diff --git a/conf/layer.conf b/conf/layer.conf index 0899deb3..1d467fdb 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -9,6 +9,9 @@ BBFILE_COLLECTIONS += "freescale-layer" BBFILE_PATTERN_freescale-layer := "^${LAYERDIR}/" BBFILE_PRIORITY_freescale-layer = "5" +# Add the Freescale-specific licenses into the metadata +LICENSE_PATH += "${LAYERDIR}/custom-licenses" + FSL_EULA_FILE = "${LAYERDIR}/EULA" FSL_MIRROR ?= "http://www.freescale.com/lgfiles/NMG/MAD/YOCTO/" diff --git a/conf/machine/b4420qds-64b.conf b/conf/machine/b4420qds-64b.conf new file mode 100644 index 00000000..3df5e955 --- /dev/null +++ b/conf/machine/b4420qds-64b.conf @@ -0,0 +1,15 @@ +#@TYPE: Machine +#@NAME: Freescale B4420QDS-64B +#@SOC: b4420 +#@DESCRIPTION: Machine configuration for running B4420QDS in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500-64b.inc + +SOC_FAMILY = "b4:b4420" +UBOOT_MACHINES ?= "B4420QDS" +KERNEL_DEVICETREE ?= "b4420qds.dtb b4420qds-usdpaa.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/b4420qds.conf b/conf/machine/b4420qds.conf new file mode 100644 index 00000000..c5433e86 --- /dev/null +++ b/conf/machine/b4420qds.conf @@ -0,0 +1,15 @@ +#@TYPE: Machine +#@NAME: Freescale B4420QDS +#@SOC: b4420 +#@DESCRIPTION: Machine configuration for running B4420QDS in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500.inc + +SOC_FAMILY = "b4:b4420" +UBOOT_MACHINES ?= "B4420QDS" +KERNEL_DEVICETREE ?= "b4420qds.dtb b4420qds-usdpaa.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/b4860qds-64b.conf b/conf/machine/b4860qds-64b.conf new file mode 100644 index 00000000..c40fb305 --- /dev/null +++ b/conf/machine/b4860qds-64b.conf @@ -0,0 +1,17 @@ +#@TYPE: Machine +#@NAME: Freescale B4860QDS-64B +#@SOC: b4860 +#@DESCRIPTION: Machine configuration for running B4860QDS in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500-64b.inc + +SOC_FAMILY = "b4:b4860" +UBOOT_MACHINES ?= "B4860QDS B4860QDS_SECURE_BOOT" +KERNEL_DEVICETREE ?= "b4860qds.dtb b4860qds-usdpaa.dtb \ + b4860qds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/b4860qds.conf b/conf/machine/b4860qds.conf new file mode 100644 index 00000000..10b4ad41 --- /dev/null +++ b/conf/machine/b4860qds.conf @@ -0,0 +1,17 @@ +#@TYPE: Machine +#@NAME: Freescale B4860QDS +#@SOC: b4860 +#@DESCRIPTION: Machine configuration for running B4860QDS in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500.inc + +SOC_FAMILY = "b4:b4860" +UBOOT_MACHINES ?= "B4860QDS B4860QDS_SECURE_BOOT" +KERNEL_DEVICETREE ?= "b4860qds.dtb b4860qds-usdpaa.dtb \ + b4860qds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/bsc9131rdb.conf b/conf/machine/bsc9131rdb.conf new file mode 100644 index 00000000..e65f7e4e --- /dev/null +++ b/conf/machine/bsc9131rdb.conf @@ -0,0 +1,15 @@ +#@TYPE: Machine +#@NAME: Freescale BSC9131RDB +#@SOC: bsc9131 +#@DESCRIPTION: Machine configuration for running BSC9131RDB +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "bsc9131" +UBOOT_MACHINES ?= "BSC9131RDB_SPIFLASH BSC9131RDB_NAND BSC9131RDB_NAND_SYSCLK100 BSC9131RDB_SPIFLASH_SYSCLK100" +KERNEL_DEVICETREE ?= "bsc9131rdb.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/bsc913x_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/bsc9132qds.conf b/conf/machine/bsc9132qds.conf new file mode 100644 index 00000000..90ac2a3b --- /dev/null +++ b/conf/machine/bsc9132qds.conf @@ -0,0 +1,23 @@ +#@TYPE: Machine +#@NAME: Freescale BSC9132QDS +#@SOC: bsc9132 +#@DESCRIPTION: Machine configuration for running BSC9132QDS +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "bsc9132" +UBOOT_MACHINES ?= " BSC9132QDS_NAND_DDRCLK133 BSC9132QDS_NAND_DDRCLK100 \ + BSC9132QDS_NOR_DDRCLK100 BSC9132QDS_NOR_DDRCLK133 \ + BSC9132QDS_SDCARD_DDRCLK100 BSC9132QDS_SDCARD_DDRCLK133 \ + BSC9132QDS_SPIFLASH_DDRCLK100 BSC9132QDS_SPIFLASH_DDRCLK133 \ + BSC9132QDS_NAND_DDRCLK100_SECURE BSC9132QDS_NAND_DDRCLK133_SECURE \ + BSC9132QDS_NOR_DDRCLK100_SECURE BSC9132QDS_NOR_DDRCLK133_SECURE \ + BSC9132QDS_SDCARD_DDRCLK100_SECURE BSC9132QDS_SDCARD_DDRCLK133_SECURE \ + BSC9132QDS_SPIFLASH_DDRCLK100_SECURE BSC9132QDS_SPIFLASH_DDRCLK133_SECURE \ +" +KERNEL_DEVICETREE ?= "bsc9132qds.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/bsc913x_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/c293pcie.conf b/conf/machine/c293pcie.conf new file mode 100644 index 00000000..6a63844e --- /dev/null +++ b/conf/machine/c293pcie.conf @@ -0,0 +1,16 @@ +#@TYPE: Machine +#@NAME: Freescale C293PCIE +#@SOC: c293pcie +#@DESCRIPTION: Machine configuration for running C293PCIE in 36-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "c293pcie" +BOOTFORMAT_CONFIG = "config_ddr3_512m_c29xpcie_800M.dat" +UBOOT_MACHINES ?= "C29XPCIE C29XPCIE_SPIFLASH C29XPCIE_SECBOOT C29XPCIE_SPIFLASH_SECBOOT" +KERNEL_DEVICETREE ?= "c293pcie_36b.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/include/e500mc.inc b/conf/machine/include/e500mc.inc new file mode 100644 index 00000000..5871104d --- /dev/null +++ b/conf/machine/include/e500mc.inc @@ -0,0 +1,6 @@ +TARGET_FPU = "hard" + +require conf/machine/include/tune-ppce500mc.inc +require conf/machine/include/qoriq-base.inc + +MACHINEOVERRIDES .= ":e500mc" diff --git a/conf/machine/include/e500v2.inc b/conf/machine/include/e500v2.inc new file mode 100644 index 00000000..a9372549 --- /dev/null +++ b/conf/machine/include/e500v2.inc @@ -0,0 +1,4 @@ +require conf/machine/include/tune-ppce500v2.inc +require conf/machine/include/qoriq-base.inc + +MACHINEOVERRIDES .= ":e500v2" diff --git a/conf/machine/include/e5500-64b.inc b/conf/machine/include/e5500-64b.inc new file mode 100644 index 00000000..d238ca89 --- /dev/null +++ b/conf/machine/include/e5500-64b.inc @@ -0,0 +1,12 @@ +TARGET_FPU = "hard" +DEFAULTTUNE ?= "ppc64e5500" + +require conf/machine/include/tune-ppce5500.inc +require conf/machine/include/qoriq-base.inc + +MACHINEOVERRIDES .= ":e5500-64b" + +require conf/multilib.conf +MULTILIBS ?= "multilib:lib32" +DEFAULTTUNE_virtclass-multilib-lib32 ?= "ppce5500" + diff --git a/conf/machine/include/e5500.inc b/conf/machine/include/e5500.inc new file mode 100644 index 00000000..88f6d06e --- /dev/null +++ b/conf/machine/include/e5500.inc @@ -0,0 +1,6 @@ +TARGET_FPU = "hard" + +require conf/machine/include/tune-ppce5500.inc +require conf/machine/include/qoriq-base.inc + +MACHINEOVERRIDES .= ":e5500" diff --git a/conf/machine/include/e6500-64b.inc b/conf/machine/include/e6500-64b.inc new file mode 100644 index 00000000..522ee71f --- /dev/null +++ b/conf/machine/include/e6500-64b.inc @@ -0,0 +1,12 @@ +TARGET_FPU = "hard" +DEFAULTTUNE ?= "ppc64e6500" + +require conf/machine/include/tune-ppce6500.inc +require conf/machine/include/qoriq-base.inc + +MACHINEOVERRIDES .= ":e6500-64b" + +require conf/multilib.conf +MULTILIBS ?= "multilib:lib32" +DEFAULTTUNE_virtclass-multilib-lib32 ?= "ppce6500" + diff --git a/conf/machine/include/e6500.inc b/conf/machine/include/e6500.inc new file mode 100644 index 00000000..4121fbef --- /dev/null +++ b/conf/machine/include/e6500.inc @@ -0,0 +1,13 @@ +TARGET_FPU = "hard" + +require conf/machine/include/tune-ppce6500.inc +require conf/machine/include/qoriq-base.inc + +MACHINEOVERRIDES .= ":e6500" + +BUILD_64BIT_KERNEL = "1" + +require conf/multilib.conf +MULTILIBS ?= "multilib:lib64" +DEFAULTTUNE_virtclass-multilib-lib64 ?= "ppc64e6500" + diff --git a/conf/machine/include/qoriq-base.inc b/conf/machine/include/qoriq-base.inc new file mode 100644 index 00000000..25d22978 --- /dev/null +++ b/conf/machine/include/qoriq-base.inc @@ -0,0 +1,26 @@ +# Provides the QorIQ common settings +require conf/machine/include/soc-family.inc + +# providers +PREFERRED_PROVIDER_virtual/kernel ?= "linux-qoriq" +PREFERRED_PROVIDER_u-boot ?= "u-boot-qoriq" + +# versions +PREFERRED_VERSION_qemu = "2.2.0+fsl" +PREFERRED_VERSION_openssl = "1.0.1i" + +# settings +MACHINE_FEATURES = "keyboard pci ext2 ext3 serial" +MACHINE_EXTRA_RRECOMMENDS += "udev-rules-qoriq kernel-modules" +MACHINEOVERRIDES .= ":qoriq-ppc" + +IMAGE_CLASSES += "image_types_uboot" +EXTRA_IMAGEDEPENDS += "u-boot" + +KERNEL_IMAGETYPE ?= "uImage" + +SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1 115200;ttyEHV0" +SERIAL_CONSOLES_CHECK ?= "${SERIAL_CONSOLES}" + +USE_VT = "0" + diff --git a/conf/machine/p1010rdb.conf b/conf/machine/p1010rdb.conf new file mode 100644 index 00000000..e24c341e --- /dev/null +++ b/conf/machine/p1010rdb.conf @@ -0,0 +1,22 @@ +#@TYPE: Machine +#@Name: Freescale P1010RDB +#@SOC: p1010 +#@DESCRIPTION: Machine configuration for running P1010RDB +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "p1010" +BOOTFORMAT_CONFIG = "config_sram_p1010rdb.dat" +UBOOT_MACHINES ?= "P1010RDB-PB_NAND P1010RDB-PB_NOR \ + P1010RDB-PB_SPIFLASH P1010RDB-PB_36BIT_NOR P1010RDB-PB_36BIT_NAND \ + P1010RDB-PB_36BIT_SPIFLASH P1010RDB-PB_36BIT_NAND_SECBOOT \ + P1010RDB-PB_36BIT_NOR_SECBOOT P1010RDB-PB_36BIT_SPIFLASH_SECBOOT \ + P1010RDB-PB_NAND_SECBOOT P1010RDB-PB_NOR_SECBOOT \ + P1010RDB-PB_SPIFLASH_SECBOOT \ +" +KERNEL_DEVICETREE ?= "p1010rdb-pa.dtb p1010rdb-pb.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_defconfig" + +JFFS2_ERASEBLOCK = "0x20000" + diff --git a/conf/machine/p1020rdb.conf b/conf/machine/p1020rdb.conf new file mode 100644 index 00000000..e2b706ed --- /dev/null +++ b/conf/machine/p1020rdb.conf @@ -0,0 +1,16 @@ +#@TYPE: Machine +#@NAME: Freescale P1020RDB +#@SOC: p1020 +#@DESCRIPTION: Machine configuration for running P1020RDB +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "p1020" +BOOTFORMAT_CONFIG = "config_sram_p1022ds.dat" +UBOOT_MACHINES ?= " P1020RDB-PD P1020RDB-PD_NAND P1020RDB-PD_SDCARD P1020RDB-PD_SPIFLASH" +KERNEL_DEVICETREE ?= "p1020rdb-pd_32b.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x20000" + diff --git a/conf/machine/p1021rdb.conf b/conf/machine/p1021rdb.conf new file mode 100644 index 00000000..03a18215 --- /dev/null +++ b/conf/machine/p1021rdb.conf @@ -0,0 +1,17 @@ +#@TYPE: Machine +#@Name: Freescale P1021RDB +#@SOC: p1021 +#@DESCRIPTION: Machine configuration for running P1021RDB +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "p1021" +BOOTFORMAT_CONFIG = "config_sram_p1022ds.dat" +UBOOT_MACHINES ?= "P1021RDB-PC P1021RDB-PC_NAND P1021RDB-PC_SDCARD P1021RDB-PC_SPIFLASH P1021RDB-PC_36BIT P1021RDB-PC_36BIT_SPIFLASH P1021RDB-PC_36BIT_NAND P1021RDB-PC_36BIT_SDCARD" +KERNEL_DEVICETREE ?= "p1021rdb-pc_32b.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x20000" +QE_UCODE ?= "fsl_qe_ucode_1021_10_A.bin" + diff --git a/conf/machine/p1022ds.conf b/conf/machine/p1022ds.conf new file mode 100644 index 00000000..823131ad --- /dev/null +++ b/conf/machine/p1022ds.conf @@ -0,0 +1,26 @@ +#@TYPE: Machine +#@NAME: Freescale P1022DS +#@SOC: p1022 +#@DESCRIPTION: Machine configuration for running P1022DS +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "p1022" +BOOTFORMAT_CONFIG = "config_sram_p1022ds.dat" +UBOOT_MACHINES ?= "P1022DS P1022DS_NAND P1022DS_SPIFLASH P1022DS_SDCARD P1022DS_36BIT P1022DS_36BIT_SPIFLASH P1022DS_36BIT_NAND P1022DS_36BIT_SDCARD" +KERNEL_DEVICETREE ?= "p1022ds_32b.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" + +PREFERRED_PROVIDER_virtual/xserver ?= "xserver-xorg" + +XSERVER = " \ + xserver-xorg \ + xf86-input-evdev \ + xf86-input-mouse \ + xf86-input-keyboard \ + xf86-video-fbdev \ +" + +JFFS2_ERASEBLOCK = "0x20000" + diff --git a/conf/machine/p1023rdb.conf b/conf/machine/p1023rdb.conf new file mode 100644 index 00000000..02ec4a59 --- /dev/null +++ b/conf/machine/p1023rdb.conf @@ -0,0 +1,15 @@ +#@TYPE: Machine +#@NAME: Freescale P1023RDB +#@SOC: p1023 +#@DESCRIPTION: Machine configuration for running P1023RDB +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "p1023" +UBOOT_MACHINES ?= "P1023RDB" +KERNEL_DEVICETREE ?= "p1023rdb.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/p1023_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/p1025twr.conf b/conf/machine/p1025twr.conf new file mode 100644 index 00000000..0c6bb57a --- /dev/null +++ b/conf/machine/p1025twr.conf @@ -0,0 +1,17 @@ +#@TYPE: Machine +#@Name: Freescale P1025TWR +#@SOC: p1025 +#@DESCRIPTION: Machine configuration for running P1025TWR +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "p1025" +BOOTFORMAT_CONFIG = "config_ddr3_1gb_p1_p2_rdb_pc_667M.dat" +UBOOT_MACHINES ?= "TWR-P1025" +KERNEL_DEVICETREE ?= "p1025twr_32b.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x20000" +QE_UCODE ?= "fsl_qe_ucode_1021_10_A.bin" + diff --git a/conf/machine/p2020rdb.conf b/conf/machine/p2020rdb.conf new file mode 100644 index 00000000..9544c256 --- /dev/null +++ b/conf/machine/p2020rdb.conf @@ -0,0 +1,16 @@ +#@TYPE: Machine +#@Name: Freescale P2020RDB +#@SOC: p2020 +#@DESCRIPTION: Machine configuration for running P2020RDB +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500v2.inc + +SOC_FAMILY = "p2020" +BOOTFORMAT_CONFIG = "config_sram_p1022ds.dat" +UBOOT_MACHINES ?= " P2020RDB-PC P2020RDB-PC_NAND P2020RDB-PC_SDCARD P2020RDB-PC_SPIFLASH P2020RDB-PC_36BIT P2020RDB-PC_36BIT_SPIFLASH P2020RDB-PC_36BIT_NAND P2020RDB-PC_36BIT_SDCARD" +KERNEL_DEVICETREE ?= "p2020rdb-pc_32b.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x20000" + diff --git a/conf/machine/p2041rdb.conf b/conf/machine/p2041rdb.conf new file mode 100644 index 00000000..9ed63ff1 --- /dev/null +++ b/conf/machine/p2041rdb.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale P2041RDB +#@SOC: p2041 +#@DESCRIPTION: Machine configuration for running P2041RDB +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500mc.inc + +SOC_FAMILY = "p2041" +UBOOT_MACHINES ?= "P2041RDB P2041RDB_NAND P2041RDB_SECURE_BOOT \ + P2041RDB_SDCARD P2041RDB_SPIFLASH \ +" +KERNEL_DEVICETREE ?= "p2041rdb.dtb p2041rdb-usdpaa.dtb \ + p2041rdb-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/p3041ds.conf b/conf/machine/p3041ds.conf new file mode 100644 index 00000000..8fca5b40 --- /dev/null +++ b/conf/machine/p3041ds.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale P3041DS +#@SOC: p3041 +#@DESCRIPTION: Machine configuration for running P3041DS +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500mc.inc + +SOC_FAMILY = "p3041" +UBOOT_MACHINES ?= "P3041DS P3041DS_NAND P3041DS_SECURE_BOOT \ + P3041DS_SDCARD P3041DS_SPIFLASH \ +" +KERNEL_DEVICETREE ?= "p3041ds.dtb p3041ds-usdpaa.dtb \ + p3041ds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/p4080ds.conf b/conf/machine/p4080ds.conf new file mode 100644 index 00000000..b3fc87b2 --- /dev/null +++ b/conf/machine/p4080ds.conf @@ -0,0 +1,17 @@ +#@TYPE: Machine +#@NAME: Freescale P4080DS +#@SOC: p4080 +#@DESCRIPTION: Machine configuration for running P4080DS +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e500mc.inc + +SOC_FAMILY = "p4080" +UBOOT_MACHINES ?= "P4080DS P4080DS_SECURE_BOOT P4080DS_SDCARD P4080DS_SPIFLASH " +KERNEL_DEVICETREE ?= "p4080ds.dtb p4080ds-usdpaa.dtb \ + p4080ds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/p5020ds-64b.conf b/conf/machine/p5020ds-64b.conf new file mode 100644 index 00000000..3586da7b --- /dev/null +++ b/conf/machine/p5020ds-64b.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale P5020DS-64B +#@SOC: p5020 +#@DESCRIPTION: Machine configuration for running P5020DS in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500-64b.inc + +SOC_FAMILY = "p5020" +UBOOT_MACHINES ?= "P5020DS P5020DS_NAND P5020DS_SECURE_BOOT \ + P5020DS_SDCARD P5020DS_SPIFLASH \ +" +KERNEL_DEVICETREE ?= "p5020ds.dtb p5020ds-usdpaa.dtb \ + p5020ds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/p5020ds.conf b/conf/machine/p5020ds.conf new file mode 100644 index 00000000..57de0ca7 --- /dev/null +++ b/conf/machine/p5020ds.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale P5020DS +#@SOC: p5020 +#@DESCRIPTION: Machine configuration for running P5020DS in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500.inc + +SOC_FAMILY = "p5020" +UBOOT_MACHINES ?= "P5020DS P5020DS_NAND P5020DS_SECURE_BOOT \ + P5020DS_SDCARD P5020DS_SPIFLASH \ +" +KERNEL_DEVICETREE ?= "p5020ds.dtb p5020ds-usdpaa.dtb \ + p5020ds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/p5040ds-64b.conf b/conf/machine/p5040ds-64b.conf new file mode 100644 index 00000000..cf2400db --- /dev/null +++ b/conf/machine/p5040ds-64b.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale P5040DS-64B +#@SOC: p5040 +#@DESCRIPTION: Machine configuration for running P5040DS in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500-64b.inc + +SOC_FAMILY = "p5040" +UBOOT_MACHINES ?= "P5040DS P5040DS_NAND P5040DS_SECURE_BOOT \ + P5040DS_SDCARD P5040DS_SPIFLASH \ +" +KERNEL_DEVICETREE ?= "p5040ds.dtb p5040ds-usdpaa.dtb \ + p5040ds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/p5040ds.conf b/conf/machine/p5040ds.conf new file mode 100644 index 00000000..534b5da2 --- /dev/null +++ b/conf/machine/p5040ds.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale P5040DS +#@SOC: p5040 +#@DESCRIPTION: Machine configuration for running P5040DS in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500.inc + +SOC_FAMILY = "p5040" +UBOOT_MACHINES ?= "P5040DS P5040DS_NAND P5040DS_SECURE_BOOT \ + P5040DS_SDCARD P5040DS_SPIFLASH \ +" +KERNEL_DEVICETREE ?= "p5040ds.dtb p5040ds-usdpaa.dtb \ + p5040ds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t1023rdb-64b.conf b/conf/machine/t1023rdb-64b.conf new file mode 100644 index 00000000..4cbfac0d --- /dev/null +++ b/conf/machine/t1023rdb-64b.conf @@ -0,0 +1,15 @@ +#@TYPE: Machine +#@NAME: Freescale T1023RDB +#@SOC: t1023 +#@DESCRIPTION: Machine configuration for running T1023RDB in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500-64b.inc + +SOC_FAMILY = "t1:t1023" +UBOOT_MACHINES ?= "T1023RDB_NAND T1023RDB_SDCARD T1023RDB_SPIFLASH" +KERNEL_DEVICETREE ?= "t1023rdb.dtb t1023rdb-usdpaa.dtb t1023rdb-usdpaa-shared-interfaces.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3l_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t1023rdb.conf b/conf/machine/t1023rdb.conf new file mode 100644 index 00000000..c895868f --- /dev/null +++ b/conf/machine/t1023rdb.conf @@ -0,0 +1,15 @@ +#@TYPE: Machine +#@NAME: Freescale T1023RDB +#@SOC: t1023 +#@DESCRIPTION: Machine configuration for running T1023RDB in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500.inc + +SOC_FAMILY = "t1:t1023" +UBOOT_MACHINES ?= "T1023RDB_NAND T1023RDB_SDCARD T1023RDB_SPIFLASH" +KERNEL_DEVICETREE ?= "t1023rdb.dtb t1023rdb-usdpaa.dtb t1023rdb-usdpaa-shared-interfaces.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t1024rdb-64b.conf b/conf/machine/t1024rdb-64b.conf new file mode 100644 index 00000000..9186be2d --- /dev/null +++ b/conf/machine/t1024rdb-64b.conf @@ -0,0 +1,16 @@ +#@TYPE: Machine +#@NAME: Freescale T1024RDB +#@SOC: t1024 +#@DESCRIPTION: Machine configuration for running T1024RDB in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500-64b.inc + +SOC_FAMILY = "t1:t1024" +UBOOT_MACHINES ?= "T1024RDB T1024RDB_NAND T1024RDB_SDCARD T1024RDB_SPIFLASH T1024RDB_SECURE_BOOT" +KERNEL_DEVICETREE ?= "t1024rdb.dtb t1024rdb-usdpaa.dtb t1024rdb-usdpaa-capwap.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3l_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" +QE_UCODE ?= "iram_Type_A_T1024_r1.0.bin" + diff --git a/conf/machine/t1024rdb.conf b/conf/machine/t1024rdb.conf new file mode 100644 index 00000000..275b5d1b --- /dev/null +++ b/conf/machine/t1024rdb.conf @@ -0,0 +1,16 @@ +#@TYPE: Machine +#@NAME: Freescale T1024RDB +#@SOC: t1024 +#@DESCRIPTION: Machine configuration for running T1024RDB in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500.inc + +SOC_FAMILY = "t1:t1024" +UBOOT_MACHINES ?= "T1024RDB T1024RDB_NAND T1024RDB_SDCARD T1024RDB_SPIFLASH T1024RDB_SECURE_BOOT" +KERNEL_DEVICETREE ?= "t1024rdb.dtb t1024rdb-usdpaa.dtb t1024rdb-usdpaa-capwap.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" +QE_UCODE ?= "iram_Type_A_T1024_r1.0.bin" + diff --git a/conf/machine/t1040d4rdb-64b.conf b/conf/machine/t1040d4rdb-64b.conf new file mode 100644 index 00000000..2bfa6523 --- /dev/null +++ b/conf/machine/t1040d4rdb-64b.conf @@ -0,0 +1,18 @@ +#@TYPE: Machine +#@NAME: Freescale T1040D4RDB +#@SOC: t1040 +#@DESCRIPTION: Machine configuration for running T1040D4RDB in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500-64b.inc + +SOC_FAMILY = "t1:t1040" +UBOOT_MACHINES ?= "T1040D4RDB T1040D4RDB_NAND T1040D4RDB_SDCARD \ + T1040D4RDB_SPIFLASH T1040D4RDB_SECURE_BOOT \ +" +KERNEL_DEVICETREE ?= "t1040d4rdb.dtb t1040d4rdb-usdpaa-lag.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3l_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + +QE_UCODE = "iram_Type_A_T1040_r1.0.bin" diff --git a/conf/machine/t1040d4rdb.conf b/conf/machine/t1040d4rdb.conf new file mode 100644 index 00000000..0872cfe1 --- /dev/null +++ b/conf/machine/t1040d4rdb.conf @@ -0,0 +1,18 @@ +#@TYPE: Machine +#@NAME: Freescale T1040D4RDB +#@SOC: t1040 +#@DESCRIPTION: Machine configuration for running T1040D4RDB in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500.inc + +SOC_FAMILY = "t1:t1040" +UBOOT_MACHINES ?= "T1040D4RDB T1040D4RDB_NAND T1040D4RDB_SDCARD \ + T1040D4RDB_SPIFLASH T1040D4RDB_SECURE_BOOT \ +" +KERNEL_DEVICETREE ?= "t1040d4rdb.dtb t1040d4rdb-usdpaa-lag.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + +QE_UCODE = "iram_Type_A_T1040_r1.0.bin" diff --git a/conf/machine/t1042d4rdb-64b.conf b/conf/machine/t1042d4rdb-64b.conf new file mode 100644 index 00000000..d9898662 --- /dev/null +++ b/conf/machine/t1042d4rdb-64b.conf @@ -0,0 +1,18 @@ +#@TYPE: Machine +#@NAME: Freescale T1042D4RDB +#@SOC: t1042 +#@DESCRIPTION: Machine configuration for running T1042D4RDB in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500-64b.inc + +SOC_FAMILY = "t1:t1042" +UBOOT_MACHINES ?= "T1042D4RDB T1042D4RDB_NAND T1042D4RDB_SDCARD \ + T1042D4RDB_SPIFLASH T1042D4RDB_SECURE_BOOT \ +" +KERNEL_DEVICETREE ?= "t1042d4rdb.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3l_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + +QE_UCODE = "iram_Type_A_T1040_r1.0.bin" diff --git a/conf/machine/t1042d4rdb.conf b/conf/machine/t1042d4rdb.conf new file mode 100644 index 00000000..6142bea4 --- /dev/null +++ b/conf/machine/t1042d4rdb.conf @@ -0,0 +1,18 @@ +#@TYPE: Machine +#@NAME: Freescale T1042D4RDB +#@SOC: t1042 +#@DESCRIPTION: Machine configuration for running T1042D4RDB in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e5500.inc + +SOC_FAMILY = "t1:t1042" +UBOOT_MACHINES ?= "T1042D4RDB T1042D4RDB_NAND T1042D4RDB_SDCARD \ + T1042D4RDB_SPIFLASH T1042D4RDB_SECURE_BOOT \ +" +KERNEL_DEVICETREE ?= "t1042d4rdb.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + +QE_UCODE = "iram_Type_A_T1040_r1.0.bin" diff --git a/conf/machine/t2080qds-64b.conf b/conf/machine/t2080qds-64b.conf new file mode 100644 index 00000000..3c81fb98 --- /dev/null +++ b/conf/machine/t2080qds-64b.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale T2080QDS-64B +#@SOC: t2080 +#@DESCRIPTION: Machine configuration for running T2080QDS in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500-64b.inc + +SOC_FAMILY = "t2:t2080" +UBOOT_MACHINES ?= "T2080QDS T2080QDS_SDCARD T2080QDS_SPIFLASH \ + T2080QDS_NAND T2080QDS_SRIO_PCIE_BOOT T2080QDS_SECURE_BOOT \ +" +KERNEL_DEVICETREE ?= "t2080qds.dtb t2080qds-usdpaa.dtb \ + t2080qds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t2080qds.conf b/conf/machine/t2080qds.conf new file mode 100644 index 00000000..23b43ca3 --- /dev/null +++ b/conf/machine/t2080qds.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale T2080QDS +#@SOC: t2080 +#@DESCRIPTION: Machine configuration for running T2080QDS in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500.inc + +SOC_FAMILY = "t2:t2080" +UBOOT_MACHINES ?= "T2080QDS T2080QDS_SDCARD T2080QDS_SPIFLASH \ + T2080QDS_NAND T2080QDS_SRIO_PCIE_BOOT T2080QDS_SECURE_BOOT \ +" +KERNEL_DEVICETREE ?= "t2080qds.dtb t2080qds-usdpaa.dtb \ + t2080qds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t2080rdb-64b.conf b/conf/machine/t2080rdb-64b.conf new file mode 100644 index 00000000..e421567b --- /dev/null +++ b/conf/machine/t2080rdb-64b.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale T2080RDB +#@SOC: t2080 +#@DESCRIPTION: Machine configuration for running T2080RDB in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500-64b.inc + +SOC_FAMILY = "t2:t2080" +UBOOT_MACHINES ?= "T2080RDB T2080RDB_SDCARD T2080RDB_SPIFLASH \ + T2080RDB_NAND T2080RDB_SRIO_PCIE_BOOT T2080RDB_SECURE_BOOT \ +" +KERNEL_DEVICETREE ?= "t2080rdb.dtb t2080rdb-usdpaa.dtb \ + t2080rdb-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t2080rdb.conf b/conf/machine/t2080rdb.conf new file mode 100644 index 00000000..8ce27e95 --- /dev/null +++ b/conf/machine/t2080rdb.conf @@ -0,0 +1,19 @@ +#@TYPE: Machine +#@NAME: Freescale T2080RDB +#@SOC: t2080 +#@DESCRIPTION: Machine configuration for running T2080RDB in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500.inc + +SOC_FAMILY = "t2:t2080" +UBOOT_MACHINES ?= "T2080RDB T2080RDB_SDCARD T2080RDB_SPIFLASH \ + T2080RDB_NAND T2080RDB_SRIO_PCIE_BOOT T2080RDB_SECURE_BOOT \ +" +KERNEL_DEVICETREE ?= "t2080rdb.dtb t2080rdb-usdpaa.dtb \ + t2080rdb-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t4160qds-64b.conf b/conf/machine/t4160qds-64b.conf new file mode 100644 index 00000000..fb0d9663 --- /dev/null +++ b/conf/machine/t4160qds-64b.conf @@ -0,0 +1,15 @@ +#@TYPE: Machine +#@NAME: Freescale T4160QDS-64B +#@SOC: t4160 +#@DESCRIPTION: Machine configuration for running T4160QDS in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500-64b.inc + +SOC_FAMILY = "t4:t4160" +UBOOT_MACHINES ?= "T4160QDS T4160QDS_SECURE_BOOT" +KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t4160qds.conf b/conf/machine/t4160qds.conf new file mode 100644 index 00000000..d3dd58e3 --- /dev/null +++ b/conf/machine/t4160qds.conf @@ -0,0 +1,15 @@ +#@TYPE: Machine +#@NAME: Freescale T4160QDS +#@SOC: t4160 +#@DESCRIPTION: Machine configuration for running T4160QDS in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500.inc + +SOC_FAMILY = "t4:t4160" +UBOOT_MACHINES ?= "T4160QDS T4160QDS_SECURE_BOOT" +KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t4240qds-64b.conf b/conf/machine/t4240qds-64b.conf new file mode 100644 index 00000000..1caa24e7 --- /dev/null +++ b/conf/machine/t4240qds-64b.conf @@ -0,0 +1,17 @@ +#@TYPE: Machine +#@NAME: Freescale T4240QDS-64B +#@SOC: t4240 +#@DESCRIPTION: Machine configuration for running T4240QDS in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500-64b.inc + +SOC_FAMILY = "t4:t4240" +UBOOT_MACHINES ?= "T4240QDS T4240QDS_SECURE_BOOT" +KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb \ + t4240qds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t4240qds.conf b/conf/machine/t4240qds.conf new file mode 100644 index 00000000..c244bfb5 --- /dev/null +++ b/conf/machine/t4240qds.conf @@ -0,0 +1,17 @@ +#@TYPE: Machine +#@NAME: Freescale T4240QDS +#@SOC: t4240 +#@DESCRIPTION: Machine configuration for running T4240QDS in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500.inc + +SOC_FAMILY = "t4:t4240" +UBOOT_MACHINES ?= "T4240QDS T4240QDS_SECURE_BOOT" +KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb \ + t4240qds-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t4240rdb-64b.conf b/conf/machine/t4240rdb-64b.conf new file mode 100644 index 00000000..7d6543c0 --- /dev/null +++ b/conf/machine/t4240rdb-64b.conf @@ -0,0 +1,17 @@ +#@TYPE: Machine +#@NAME: Freescale T4240RDB +#@SOC: t4240 +#@DESCRIPTION: Machine configuration for running T4240RDB in 64-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500-64b.inc + +SOC_FAMILY = "t4:t4240" +UBOOT_MACHINES ?= "T4240RDB" +KERNEL_DEVICETREE ?= "t4240rdb.dtb t4240rdb-usdpaa.dtb \ + t4240rdb-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/conf/machine/t4240rdb.conf b/conf/machine/t4240rdb.conf new file mode 100644 index 00000000..a4b79951 --- /dev/null +++ b/conf/machine/t4240rdb.conf @@ -0,0 +1,17 @@ +#@TYPE: Machine +#@NAME: Freescale T4240RDB +#@SOC: t4240 +#@DESCRIPTION: Machine configuration for running T4240RDB in 32-bit mode +#@MAINTAINER: Chunrong Guo + +require conf/machine/include/e6500.inc + +SOC_FAMILY = "t4:t4240" +UBOOT_MACHINES ?= "T4240RDB" +KERNEL_DEVICETREE ?= "t4240rdb.dtb t4240rdb-usdpaa.dtb \ + t4240rdb-usdpaa-shared-interfaces.dtb \ +" +KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" + +JFFS2_ERASEBLOCK = "0x10000" + diff --git a/custom-licenses/Cortina b/custom-licenses/Cortina new file mode 100644 index 00000000..a68417c5 --- /dev/null +++ b/custom-licenses/Cortina @@ -0,0 +1,51 @@ +DEFINITIONS:“Device” is the product described in this document or document set. “Cortina” is Cortina Systems, Inc. +“Software” is the software used with the Device, including the Application Programmable Interface (“API”). “You” are a +customer, or potential customer, of Devices with whom Cortina has an NDA. +LICENSE:Subject to the restrictions below, Cortina grants to You a non-exclusive, non-assignable, non-transferable, +royalty-free copyright license to (1) copy and modify the source code of the API; (2) incorporate the API in object code +form or as a library into Your software which is solely used with Your products (that incorporate the Devices); and (3) +distribute to Your customer, inobject code form only, the API. +RESTRICTIONS:The Software must be used solely in conjunction with the Devices and solely for Your internal +evaluation, demonstration, software application development anddistribution for production purposes, either with an +Cortina platform that contains the Device or with Your own product that incorporates the Device. Notwithstanding +anything to the contrary, the API can be incorporated into Your software as described above and distributed to Your +customers in object code form only. You may not distribute the Software as a stand-alone product. You shall not cause +the incorporation, modification or distribution of the Software to become subject to any open source licenses. You will +make reasonable efforts to discontinue the distribution of any portions of the Software that You are licensed hereunder +to distribute upon Cortina’s release of an update, upgrade or new version of the Software. You agree that You are +solely responsible for supporting any code which You modify, incorporate or distribute. You may not reverse-assemble, +reverse-compile, or otherwise reverse-engineer any Software provided in binary or machine readable form. +Distribution of the Software is also subject to the following limitations: You (i) are solely responsible to Your customers +for any update or support obligation or other liability which may arise from the modification, incorporation, and +distribution of the Software, (ii) do notmake any statement that Your product is“certified,” or that its performance is +guaranteed, by Cortina, (iii) do not use Cortina's name or trademarks to market Your product without prior written +permission, (iv) shall prohibit disassembly and reverse engineering, and (v) shall indemnify, hold harmless, and defend +Cortina and its suppliers from and against any claims or lawsuits, including attorney's fees, that arise or result from +Your distribution of any product. +OWNERSHIP OF SOFTWARE AND COPYRIGHTS.The title to all copies of the Software remains with Cortina or its +suppliers. The Software is copyrighted and protected by the laws of the United States and other countries, and +international treaty provisions. You may not remove any copyright notices from the Software. Cortina may make +changes to the Software, or to items referenced therein, at any timewithout notice, but is not obligated to support or +update the Software. Except as otherwise expressly provided,Cortina grants no express or implied right under Cortina +patents, copyrights, trademarks, or other intellectual property rights. +DISCLAIMER OF WARRANTIES.THE SOFTWARE IS PROVIDED “AS IS” WITHOUT ANY EXPRESS OR IMPLIED +WARRANTY OF ANY KIND. CORTINA AND ITS SUPPLIERSHEREBY DISCLAIM ALL WARRANTIES, INCLUDING +ANY IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR +PURPOSE. +LIMITATION OF LIABILITY.IN NO EVENT SHALL CORTINA OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES +WHATSOEVER (INCLUDING, WITHOUT LIMITATION, LOST PROFITS, BUSINESS INTERRUPTION, OR LOST +INFORMATION) ARISING OUT OF THE USE OF OR INABILITY TO USE THE SOFTWARE, EVEN IF CORTINA HAS +BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. +TERMINATION OF THIS LICENSE.Cortina may terminate this license at any time if You violate its terms. Upon +termination, You will immediately destroy the Software or return all copies of the Software to Cortina. +APPLICABLE LAWS.Claims arising under this license shall be governed by the laws of the State of Delaware, +excluding its principles of conflict of laws. The provisions of the United Nations Convention on Contracts for the +International Sale of Goods shall not apply to this license.You shall not export, either directly or indirectly, any +Software or derived object code without first obtaining any required license or other approval from the applicable +governmental entity, including the U.S. Department of Commerce or any other agency or department of the United +States Government if required. This isthe entire agreement and understanding between You and Cortina relating to +this subject matter, and no amendments will be effective unless in a writing signed by both parties. +GOVERNMENT RESTRICTED RIGHTS.The Software is provided with “RESTRICTED RIGHTS.” Use, duplication, or +disclosure by the Government issubject to restrictions as set forth in FAR52.227-14 and DFAR252.227-7013 et seq. or +its successor. Use of the Software by the Government constitutes acknowledgment of Cortina's proprietary rights +therein. Contractor or Manufacturer is Cortina. diff --git a/custom-licenses/Freescale-EULA b/custom-licenses/Freescale-EULA new file mode 100644 index 00000000..2122a1fd --- /dev/null +++ b/custom-licenses/Freescale-EULA @@ -0,0 +1,214 @@ +IMPORTANT. Read the following Freescale Software License Agreement ("Agreement") +completely. By selecting the "I Accept" button at the end of this page, you +indicate that you accept the terms of the Freescale Proprietary Software License +Agreement and you also acknowledge that you have the authority, on behalf of your +company, to bind your company to such terms. You may then download or install the +file. + +FREESCALE PROPRIETARY SOFTWARE LICENSE AGREEMENT +This is a license agreement ("Agreement") between you (either as an individual +or as an authorized representative acting on behalf of your employer) and Freescale +Semiconductor, Inc. ("Freescale"). It concerns your rights to use the software +provided to you in binary or source code form and any accompanying written materials +(the "Software"). The Software may include any updates or error corrections or +documentation relating to the Software provided to you by Freescale under this +License. In consideration for Freescale allowing you to access the Software, you are +agreeing to be bound by the terms of this Agreement. If you do not agree to all of +the terms of this Agreement, do not download or install the Software. If you change +your mind later, stop using the Software and delete all copies of the Software in +your possession or control. Any copies of the Software that you have already +distributed, where permitted, and do not destroy will continue to be governed by +this Agreement. Your prior use will also continue to be governed by this Agreement. + +1. LICENSE GRANT. Freescale grants to you, free of charge, the non-exclusive, +non-transferable, non-sublicensable right (1) to use the Software, (2) to reproduce +the Software, (3) to prepare derivative works of the Software, (4) to distribute the +Software and derivative works thereof in object (machine-readable) form as part of +a programmable processing unit (e.g. a microprocessor, microcontroller, or digital +signal processor) supplied directly or indirectly from Freescale ("Freescale +System") and (5) to sublicense to others the right to use the distributed Software, +provided that any and all such sublicenses include the same terms and conditions of +this Agreement. Notwithstanding the limitation on damages in Section 8, Licensee +will indemnify, defend, and hold harmless Freescale against any and all claims, +costs, damages, liabilities, judgments and attorneys' fees resulting from or +arising out of any breach by the sublicensee, or resulting from or arising out of +any action by the sublicensee inconsistent with this Agreement. +You must notify Freescale, in writing, any time you create a derivative of the +Software. Freescale owns all derivatives created from the Software, and derivatives +are licensed to you under the same terms as the Software under this Agreement. Upon +request, you must provide Freescale the source code of any derivative of the Software. +If you violate any of the terms or restrictions of this Agreement, Freescale may +immediately terminate this Agreement, and require that you stop using and delete all +copies of the Software and any derivative in your possession or control. Any license +granted above only extends to Freescale's intellectual property rights that would +be necessarily infringed by the Software as provided to you by Freescale and as used +within the scope of the licenses granted. You must advise Freescale of any results +obtained including any problems or suggested improvements thereof. Freescale retains +the right to use such results and related information in any manner it deems +appropriate. + +2. OTHER RESTRICTIONS. Subject to the license grant above, the following restrictions + apply: + +a. Freescale reserves all rights not expressly granted herein. +b. You may not rent, lease, sublicense, lend or encumber the Software, unless + otherwise expressly agreed to within this Agreement +c. You may not distribute, manufacture, have manufactured, sublicense or otherwise + reproduce the Software for purposes other than intended in this Agreement. +d. You may not remove or alter any proprietary legends, notices, or trademarks + contained in the Licensed Software, +e. The terms and conditions of this Agreement will apply to any Software updates, + provided to you at Freescale's discretion, that replace and/or supplement the + original Software, unless such update contains a separate license. +f. You may not translate, reverse engineer, decompile, or disassemble the Software + provided to you solely in object code format (machine readable) except to the + extent applicable law specifically prohibits such restriction. You will prohibit + your sublicensees from translating, reverse engineering, decompiling, or + disassembling the Software except to the extent applicable law specifically + prohibits such restriction. + +3. OPEN SOURCE. You are about to download or install certain software that is +subject to various open source licenses such as the Apache License, the BSD license, +the Free Software Foundation General Public License and Lesser General Public +License, the Mozilla Public License and others. Your use of such open source +software is subject to the terms of each applicable license. You must agree to the +terms of each such applicable license, or you should not use the open source software. +Any open source license that is incompatible with the terms of this Agreement +supersedes the terms of this Agreement. + +4. COPYRIGHT. The Software is licensed to you, not sold. Freescale owns the +Software, and United States copyright laws and international treaty provisions +protect the Software. Therefore, you must treat the Software like any other +copyrighted material (e.g. a book or musical recording). You may not use or +copy the Software for any other purpose than what is described in this Agreement. +Except as expressly provided herein, Freescale does not grant to you any express or +implied rights under any Freescale or third party patents, copyrights, trademarks, +or trade secrets. Additionally, you must reproduce and apply any copyright or other +proprietary rights notices included on or embedded in the Software to any copies +made thereof, in whole or in part, if any. You may not remove any copyright +notices of Freescale incorporated in the Software. + +5. TERM AND TERMINATION. The term of this Agreement shall commence on the date +of installation or download and shall continue perpetually, unless earlier +terminated in accordance with this Agreement. Freescale has the right to terminate +this Agreement without notice and require that you stop using and delete all copies +of the Software in your possession or control if you violate any of the terms or +restrictions of this Agreement. Freescale may terminate this Agreement should any +of the Software become, or in Freescale's reasonable opinion is likely to become, +the subject of a claim of intellectual infringement or trade secret misappropriation. +Upon termination, you must cease use of and destroy, the Software and confirm +compliance in writing to Freescale. Upon termination, the license granted pursuant +to this Agreement immediately terminates and the provisions of Sections 4 through +18 will survive any termination of this Agreement. + +6. SUPPORT. Freescale is NOT obligated to provide any support, upgrades or new +releases of the Software. If you wish, you may contact Freescale and report problems +and provide suggestions regarding the Software. Freescale has no obligation +whatsoever to respond in any way to such a problem report or suggestion. Freescale +may make changes to the Software at any time, without any obligation to notify or +provide updated versions of the Software to you. + +7. NO WARRANTY. TO THE MAXIMUM EXTENT PERMITTED BY LAW, FREESCALE EXPRESSLY +DISCLAIMS ANY WARRANTY FOR THE SOFTWARE. THE SOFTWARE IS PROVIDED "AS IS", +WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT +LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR +PURPOSE, OR NON-INFRINGEMENT. YOU ASSUME THE ENTIRE RISK ARISING OUT OF THE USE +OR PERFORMANCE OF THE SOFTWARE, OR ANY SYSTEMS YOU DESIGN USING THE SOFTWARE (IF +ANY). NOTHING IN THIS AGREEMENT MAY BE CONSTRUED AS A WARRANTY OR REPRESENTATION +BY FREESCALE THAT THE SOFTWARE OR ANY DERIVATIVE WORK DEVELOPED WITH OR INCORPORATING +THE SOFTWARE WILL BE FREE FROM INFRINGEMENT OF THE INTELLECTUAL PROPERTY RIGHTS OF +THIRD PARTIES. + +8. INDEMNITY. You agree to fully defend and indemnify Freescale from any and all +claims, liabilities, and costs (including reasonable attorney's fees) related to +(1) your use (including your sublicensee's use, if permitted) of the Software or +(2) your violation of the terms and conditions of this Agreement. + +9. LIMITATION OF LIABILITY. IN NO EVENT WILL FREESCALE BE LIABLE, WHETHER IN +CONTRACT, TORT, OR OTHERWISE, FOR ANY INCIDENTAL, SPECIAL, INDIRECT, CONSEQUENTIAL +OR PUNITIVE DAMAGES, INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR ANY LOSS OF USE, +LOSS OF TIME, INCONVENIENCE, COMMERCIAL LOSS, OR LOST PROFITS, SAVINGS, OR REVENUES +TO THE FULL EXTENT SUCH MAY BE DISCLAIMED BY LAW EVEN IF INFORMED IN ADVANCE OF THE +POSSIBILITY OF SUCH DAMAGES. FREESCALE'S LIABILITY WILL IN ANY EVENT AND UNDER ANY +THEORY OF RECOVERY BE LIMITED TO THE TOTAL AMOUNT RECEIVED BY FREESCALE UNDER THIS +AGREEMENT. + +10. COMPLIANCE WITH LAWS; EXPORT RESTRICTIONS. You must not resell, re-export, or +provide, directly or indirectly, the licensed software or direct product thereof, +in any form without obtaining appropriate export or re-export licenses from the +United States Government and from the country from which the export or re-export +is to occur. An export occurs when products, technology, or software is transferred +from one country to another by any means, including physical shipments, FTP file +transfers, E-mails, faxes, remote server access, conversations, and the like. An +export also occurs when technology or software is transferred to a foreign national +in the United States, or foreign national of the country in which the business +activity is taking place. A foreign national is any person who is neither a citizen +nor permanent resident of the United States, or the country in which the business +activity is taking place. Furthermore, if an export/import license, permit or other +government required authority (collectively referred to as "government +authorization") is required to transfer technology, software, hardware or other +Freescale property to non- Freescale party(ies) and is not approved, then Freescale +is not obligated to transfer the Software under this Agreement until such +"government authorization" is granted.. + +11. GOVERNMENT RIGHTS. The Licensed Software is a "Commercial Item as defined in +48 C.F.R. $2.101, consisting of "Commercial Computer Software" and "Commercial +Computer Software Documentation," as such terms are used in 48 C.F.R. $ 12.212 or +48 C.F.R. $227.7202, as applicable and are only licensed to U.S. Government end +users with the rights as are set forth herein.. + +12. HIGH RISK ACTIVITIES. You acknowledge that the Software is not fault tolerant +and is not designed, manufactured or intended by Freescale for incorporation into +products intended for use or resale in on-line control equipment in hazardous, +dangerous to life or potentially life-threatening environments requiring fail-safe + performance, such as in the operation of nuclear facilities, aircraft navigation + or communication systems, air traffic control, direct life support machines or +weapons systems, in which the failure of products could lead directly to death, +personal injury or severe physical or environmental damage ("High Risk Activities"). + You specifically represent and warrant that you will not use the Software or any +derivative work of the Software for High Risk Activities. + +13. CHOICE OF LAW; VENUE; LIMITATIONS. You agree that the statutes and laws of the +United States and the State of Texas, USA, without regard to conflicts of laws +principles, will apply to all matters relating to this Agreement or the Software, +and you agree that any litigation will be subject to the exclusive jurisdiction of +the state or federal courts in Texas, USA. You agree that regardless of any +statute or law to the contrary, any claim or cause of action arising out of or +related to this Agreement or the Software must be filed within one (1) year after +such claim or cause of action arose or be forever barred. + +14. CONFIDENTIAL INFORMATION. You must treat the Software as confidential +information and you agree to retain the Software in confidence perpetually, with +respect to Software in source code form (human readable), or for a period of five +(5) years from the date of termination of this Agreement, with respect to all other +parts of the Software. During this period you may not disclose any part of the +Software to anyone other than employees who have a need to know of the Software and + who have executed written agreements obligating them to protect such Licensed +Software to at least the same degree of care as in this Agreement. You agree to use + the same degree of care, but no less than a reasonable degree of care, with the +Software as you do with your own confidential information. You may disclose Software + to the extent required by a court or under operation of law or order provided that + you notify Freescale of such requirement prior to disclosure, which you only +disclose information required, and that you allow Freescale the opportunity to +object to such court or other legal body requiring such disclosure. + +15. PRODUCT LABELING. You are not authorized to use any Freescale trademarks, +brand names, or logos. + +16. ENTIRE AGREEMENT. This Agreement constitutes the entire agreement between you +and Freescale regarding the subject matter of this Agreement, and supersedes all +prior communications, negotiations, understandings, agreements or representations, +either written or oral, if any. This Agreement may only be amended in written form, +executed by you and Freescale. + +17. SEVERABILITY. If any provision of this Agreement is held for any reason to be +invalid or unenforceable, then the remaining provisions of this Agreement will be +unimpaired and, unless a modification or replacement of the invalid or unenforceable +provision is further held to deprive you or Freescale of a material benefit, in +which case the Agreement will immediately terminate, the invalid or unenforceable +provision will be replaced with a provision that is valid and enforceable and that +comes closest to the intention underlying the invalid or unenforceable provision. + +18. NO WAIVER. The waiver by Freescale of any breach of any provision of this +Agreement will not operate or be construed as a waiver of any other or a subsequent +breach of the same or a different provision. diff --git a/custom-licenses/TestFloat b/custom-licenses/TestFloat new file mode 100644 index 00000000..1a1a23fe --- /dev/null +++ b/custom-licenses/TestFloat @@ -0,0 +1,24 @@ +Written by John R. Hauser. This work was made possible in part by the +International Computer Science Institute, located at Suite 600, 1947 Center +Street, Berkeley, California 94704. Funding was partially provided by the +National Science Foundation under grant MIP-9311980. The original version +of this code was written as part of a project to build a fixed-point vector +processor in collaboration with the University of California at Berkeley, +overseen by Profs. Nelson Morgan and John Wawrzynek. More information +is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ +arithmetic/SoftFloat.html'. + +THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has +been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES +RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS +AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, +COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE +EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE +INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR +OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. + +Derivative works are acceptable, even for commercial purposes, so long as +(1) the source code for the derivative work includes prominent notice that +the work is derivative, and (2) the source code includes prominent notice with +these four paragraphs for those parts of this code that are retained. + diff --git a/dynamic-layers/openembedded-layer/recipes-devtools/luajit/luajit/ppc-fixplt.patch b/dynamic-layers/openembedded-layer/recipes-devtools/luajit/luajit/ppc-fixplt.patch new file mode 100644 index 00000000..b9f17f4e --- /dev/null +++ b/dynamic-layers/openembedded-layer/recipes-devtools/luajit/luajit/ppc-fixplt.patch @@ -0,0 +1,105 @@ +Upstream-Status: Unknown + +Signed-off-by: Khem Raj + +libluajit is having symbols that can't be +resolved the reloc cannot accommodate an offset greater than 24 bits. + +Looking at libluajit with readelf -r, you see a bunch of entries that look like: + 000082f0 00003c0a R_PPC_REL24 00000000 sqrt + 0 + +These should not occur when the code is compiled and linked with -fPIC. + +It turns out that libluajit *is* compiled and linked with -fPIC, however... +There is one assembler file called lj_vm.s which is generated during the build. +This file is missing the `@plt' qualifier from external references. + +This file is generated by a program called buildvm. This in turn uses tables +in a file called buildvm_arch.h which is generated by dynasm.lua. + +Index: LuaJIT-2.0.1/src/host/buildvm.c +=================================================================== +--- LuaJIT-2.0.1.orig/src/host/buildvm.c 2013-02-19 12:15:00.000000000 -0800 ++++ LuaJIT-2.0.1/src/host/buildvm.c 2013-05-14 20:26:05.933444512 -0700 +@@ -107,12 +107,14 @@ + #endif + sprintf(name, "%s%s%s", symprefix, prefix, suffix); + p = strchr(name, '@'); ++#if 0 + if (p) { + if (!LJ_64 && (ctx->mode == BUILD_coffasm || ctx->mode == BUILD_peobj)) + name[0] = '@'; + else + *p = '\0'; + } ++#endif + p = (char *)malloc(strlen(name)+1); /* MSVC doesn't like strdup. */ + strcpy(p, name); + return p; +Index: LuaJIT-2.0.1/src/vm_ppcspe.dasc +=================================================================== +--- LuaJIT-2.0.1.orig/src/vm_ppcspe.dasc 2013-02-19 12:15:00.000000000 -0800 ++++ LuaJIT-2.0.1/src/vm_ppcspe.dasc 2013-05-14 20:26:05.937444512 -0700 +@@ -1390,7 +1390,7 @@ + | checknum CARG2 + | evmergehi CARG1, CARG2, CARG2 + | checkfail ->fff_fallback +- | bl extern func ++ | bl extern func@plt + | evmergelo CRET1, CRET1, CRET2 + | b ->fff_restv + |.endmacro +@@ -1405,7 +1405,7 @@ + | checknum CARG1 + | evmergehi CARG3, CARG4, CARG4 + | checkanyfail ->fff_fallback +- | bl extern func ++ | bl extern func@plt + | evmergelo CRET1, CRET1, CRET2 + | b ->fff_restv + |.endmacro +@@ -1437,7 +1437,7 @@ + | checknum CARG2 + | evmergehi CARG1, CARG2, CARG2 + | checkfail ->fff_fallback +- | bl extern log ++ | bl extern log@plt + | evmergelo CRET1, CRET1, CRET2 + | b ->fff_restv + | +@@ -1471,7 +1471,7 @@ + | checknum CARG1 + | checkanyfail ->fff_fallback + | efdctsi CARG3, CARG4 +- | bl extern ldexp ++ | bl extern ldexp@plt + | evmergelo CRET1, CRET1, CRET2 + | b ->fff_restv + | +@@ -1484,7 +1484,7 @@ + | checkfail ->fff_fallback + | la CARG3, DISPATCH_GL(tmptv)(DISPATCH) + | lwz PC, FRAME_PC(BASE) +- | bl extern frexp ++ | bl extern frexp@plt + | lwz TMP1, DISPATCH_GL(tmptv)(DISPATCH) + | evmergelo CRET1, CRET1, CRET2 + | efdcfsi CRET2, TMP1 +@@ -1503,7 +1503,7 @@ + | checkfail ->fff_fallback + | la CARG3, -8(BASE) + | lwz PC, FRAME_PC(BASE) +- | bl extern modf ++ | bl extern modf@plt + | evmergelo CRET1, CRET1, CRET2 + | la RA, -8(BASE) + | evstdd CRET1, 0(BASE) +@@ -2399,7 +2399,7 @@ + | checknum CARG1 + | evmergehi CARG3, CARG4, CARG4 + | checkanyfail ->vmeta_arith_vv +- | bl extern pow ++ | bl extern pow@plt + | evmergelo CRET2, CRET1, CRET2 + | evstddx CRET2, BASE, RA + | ins_next diff --git a/dynamic-layers/openembedded-layer/recipes-devtools/luajit/luajit_%.bbappend b/dynamic-layers/openembedded-layer/recipes-devtools/luajit/luajit_%.bbappend new file mode 100644 index 00000000..8c6138c5 --- /dev/null +++ b/dynamic-layers/openembedded-layer/recipes-devtools/luajit/luajit_%.bbappend @@ -0,0 +1,4 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:" + +SRC_URI_append_qoriq-ppc = " file://ppc-fixplt.patch " + diff --git a/dynamic-layers/virtualization-layer/recipes-extended/libvirt/libvirt/qoriq-ppc/qemu.conf b/dynamic-layers/virtualization-layer/recipes-extended/libvirt/libvirt/qoriq-ppc/qemu.conf new file mode 100644 index 00000000..cc22fa13 --- /dev/null +++ b/dynamic-layers/virtualization-layer/recipes-extended/libvirt/libvirt/qoriq-ppc/qemu.conf @@ -0,0 +1,465 @@ +# Master configuration file for the QEMU driver. +# All settings described here are optional - if omitted, sensible +# defaults are used. + +# VNC is configured to listen on 127.0.0.1 by default. +# To make it listen on all public interfaces, uncomment +# this next option. +# +# NB, strong recommendation to enable TLS + x509 certificate +# verification when allowing public access +# +#vnc_listen = "0.0.0.0" + +# Enable this option to have VNC served over an automatically created +# unix socket. This prevents unprivileged access from users on the +# host machine, though most VNC clients do not support it. +# +# This will only be enabled for VNC configurations that do not have +# a hardcoded 'listen' or 'socket' value. This setting takes preference +# over vnc_listen. +# +#vnc_auto_unix_socket = 1 + +# Enable use of TLS encryption on the VNC server. This requires +# a VNC client which supports the VeNCrypt protocol extension. +# Examples include vinagre, virt-viewer, virt-manager and vencrypt +# itself. UltraVNC, RealVNC, TightVNC do not support this +# +# It is necessary to setup CA and issue a server certificate +# before enabling this. +# +#vnc_tls = 1 + + +# Use of TLS requires that x509 certificates be issued. The +# default it to keep them in /etc/pki/libvirt-vnc. This directory +# must contain +# +# ca-cert.pem - the CA master certificate +# server-cert.pem - the server certificate signed with ca-cert.pem +# server-key.pem - the server private key +# +# This option allows the certificate directory to be changed +# +#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc" + + +# The default TLS configuration only uses certificates for the server +# allowing the client to verify the server's identity and establish +# an encrypted channel. +# +# It is possible to use x509 certificates for authentication too, by +# issuing a x509 certificate to every client who needs to connect. +# +# Enabling this option will reject any client who does not have a +# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem +# +#vnc_tls_x509_verify = 1 + + +# The default VNC password. Only 8 letters are significant for +# VNC passwords. This parameter is only used if the per-domain +# XML config does not already provide a password. To allow +# access without passwords, leave this commented out. An empty +# string will still enable passwords, but be rejected by QEMU, +# effectively preventing any use of VNC. Obviously change this +# example here before you set this. +# +#vnc_password = "XYZ12345" + + +# Enable use of SASL encryption on the VNC server. This requires +# a VNC client which supports the SASL protocol extension. +# Examples include vinagre, virt-viewer and virt-manager +# itself. UltraVNC, RealVNC, TightVNC do not support this +# +# It is necessary to configure /etc/sasl2/qemu.conf to choose +# the desired SASL plugin (eg, GSSPI for Kerberos) +# +#vnc_sasl = 1 + + +# The default SASL configuration file is located in /etc/sasl2/ +# When running libvirtd unprivileged, it may be desirable to +# override the configs in this location. Set this parameter to +# point to the directory, and create a qemu.conf in that location +# +#vnc_sasl_dir = "/some/directory/sasl2" + + +# QEMU implements an extension for providing audio over a VNC connection, +# though if your VNC client does not support it, your only chance for getting +# sound output is through regular audio backends. By default, libvirt will +# disable all QEMU sound backends if using VNC, since they can cause +# permissions issues. Enabling this option will make libvirtd honor the +# QEMU_AUDIO_DRV environment variable when using VNC. +# +#vnc_allow_host_audio = 0 + + + +# SPICE is configured to listen on 127.0.0.1 by default. +# To make it listen on all public interfaces, uncomment +# this next option. +# +# NB, strong recommendation to enable TLS + x509 certificate +# verification when allowing public access +# +#spice_listen = "0.0.0.0" + + +# Enable use of TLS encryption on the SPICE server. +# +# It is necessary to setup CA and issue a server certificate +# before enabling this. +# +#spice_tls = 1 + + +# Use of TLS requires that x509 certificates be issued. The +# default it to keep them in /etc/pki/libvirt-spice. This directory +# must contain +# +# ca-cert.pem - the CA master certificate +# server-cert.pem - the server certificate signed with ca-cert.pem +# server-key.pem - the server private key +# +# This option allows the certificate directory to be changed. +# +#spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice" + + +# The default SPICE password. This parameter is only used if the +# per-domain XML config does not already provide a password. To +# allow access without passwords, leave this commented out. An +# empty string will still enable passwords, but be rejected by +# QEMU, effectively preventing any use of SPICE. Obviously change +# this example here before you set this. +# +#spice_password = "XYZ12345" + + +# Enable use of SASL encryption on the SPICE server. This requires +# a SPICE client which supports the SASL protocol extension. +# +# It is necessary to configure /etc/sasl2/qemu.conf to choose +# the desired SASL plugin (eg, GSSPI for Kerberos) +# +#spice_sasl = 1 + +# The default SASL configuration file is located in /etc/sasl2/ +# When running libvirtd unprivileged, it may be desirable to +# override the configs in this location. Set this parameter to +# point to the directory, and create a qemu.conf in that location +# +#spice_sasl_dir = "/some/directory/sasl2" + + +# By default, if no graphical front end is configured, libvirt will disable +# QEMU audio output since directly talking to alsa/pulseaudio may not work +# with various security settings. If you know what you're doing, enable +# the setting below and libvirt will passthrough the QEMU_AUDIO_DRV +# environment variable when using nographics. +# +#nographics_allow_host_audio = 1 + + +# Override the port for creating both VNC and SPICE sessions (min). +# This defaults to 5900 and increases for consecutive sessions +# or when ports are occupied, until it hits the maximum. +# +# Minimum must be greater than or equal to 5900 as lower number would +# result into negative vnc display number. +# +# Maximum must be less than 65536, because higher numbers do not make +# sense as a port number. +# +#remote_display_port_min = 5900 +#remote_display_port_max = 65535 + +# VNC WebSocket port policies, same rules apply as with remote display +# ports. VNC WebSockets use similar display <-> port mappings, with +# the exception being that ports starts from 5700 instead of 5900. +# +#remote_websocket_port_min = 5700 +#remote_websocket_port_max = 65535 + +# The default security driver is SELinux. If SELinux is disabled +# on the host, then the security driver will automatically disable +# itself. If you wish to disable QEMU SELinux security driver while +# leaving SELinux enabled for the host in general, then set this +# to 'none' instead. It's also possible to use more than one security +# driver at the same time, for this use a list of names separated by +# comma and delimited by square brackets. For example: +# +# security_driver = [ "selinux", "apparmor" ] +# +# Notes: The DAC security driver is always enabled; as a result, the +# value of security_driver cannot contain "dac". The value "none" is +# a special value; security_driver can be set to that value in +# isolation, but it cannot appear in a list of drivers. +# +#security_driver = "selinux" + +# If set to non-zero, then the default security labeling +# will make guests confined. If set to zero, then guests +# will be unconfined by default. Defaults to 1. +#security_default_confined = 1 + +# If set to non-zero, then attempts to create unconfined +# guests will be blocked. Defaults to 0. +#security_require_confined = 1 + +# The user for QEMU processes run by the system instance. It can be +# specified as a user name or as a user id. The qemu driver will try to +# parse this value first as a name and then, if the name doesn't exist, +# as a user id. +# +# Since a sequence of digits is a valid user name, a leading plus sign +# can be used to ensure that a user id will not be interpreted as a user +# name. +# +# Some examples of valid values are: +# +# user = "qemu" # A user named "qemu" +# user = "+0" # Super user (uid=0) +# user = "100" # A user named "100" or a user with uid=100 +# +#user = "root" + +# The group for QEMU processes run by the system instance. It can be +# specified in a similar way to user. +#group = "root" + +# Whether libvirt should dynamically change file ownership +# to match the configured user/group above. Defaults to 1. +# Set to 0 to disable file ownership changes. +#dynamic_ownership = 1 + + +# What cgroup controllers to make use of with QEMU guests +# +# - 'cpu' - use for schedular tunables +# - 'devices' - use for device whitelisting +# - 'memory' - use for memory tunables +# - 'blkio' - use for block devices I/O tunables +# - 'cpuset' - use for CPUs and memory nodes +# - 'cpuacct' - use for CPUs statistics. +# +# NB, even if configured here, they won't be used unless +# the administrator has mounted cgroups, e.g.: +# +# mkdir /dev/cgroup +# mount -t cgroup -o devices,cpu,memory,blkio,cpuset none /dev/cgroup +# +# They can be mounted anywhere, and different controllers +# can be mounted in different locations. libvirt will detect +# where they are located. +# +#cgroup_controllers = [ "cpu", "devices", "memory", "blkio", "cpuset", "cpuacct" ] + +# This is the basic set of devices allowed / required by +# all virtual machines. +# +# As well as this, any configured block backed disks, +# all sound device, and all PTY devices are allowed. +# +# This will only need setting if newer QEMU suddenly +# wants some device we don't already know about. +# +cgroup_device_acl = [ + "/dev/null", "/dev/full", "/dev/zero", + "/dev/random", "/dev/urandom", + "/dev/ptmx", "/dev/kvm", "/dev/kqemu", + "/dev/rtc", "/dev/hpet", "/dev/vfio/vfio", "/dev/net/tun" +] + + +# The default format for Qemu/KVM guest save images is raw; that is, the +# memory from the domain is dumped out directly to a file. If you have +# guests with a large amount of memory, however, this can take up quite +# a bit of space. If you would like to compress the images while they +# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz" +# for save_image_format. Note that this means you slow down the process of +# saving a domain in order to save disk space; the list above is in descending +# order by performance and ascending order by compression ratio. +# +# save_image_format is used when you use 'virsh save' or 'virsh managedsave' +# at scheduled saving, and it is an error if the specified save_image_format +# is not valid, or the requested compression program can't be found. +# +# dump_image_format is used when you use 'virsh dump' at emergency +# crashdump, and if the specified dump_image_format is not valid, or +# the requested compression program can't be found, this falls +# back to "raw" compression. +# +# snapshot_image_format specifies the compression algorithm of the memory save +# image when an external snapshot of a domain is taken. This does not apply +# on disk image format. It is an error if the specified format isn't valid, +# or the requested compression program can't be found. +# +#save_image_format = "raw" +#dump_image_format = "raw" +#snapshot_image_format = "raw" + +# When a domain is configured to be auto-dumped when libvirtd receives a +# watchdog event from qemu guest, libvirtd will save dump files in directory +# specified by auto_dump_path. Default value is /var/lib/libvirt/qemu/dump +# +#auto_dump_path = "/var/lib/libvirt/qemu/dump" + +# When a domain is configured to be auto-dumped, enabling this flag +# has the same effect as using the VIR_DUMP_BYPASS_CACHE flag with the +# virDomainCoreDump API. That is, the system will avoid using the +# file system cache while writing the dump file, but may cause +# slower operation. +# +#auto_dump_bypass_cache = 0 + +# When a domain is configured to be auto-started, enabling this flag +# has the same effect as using the VIR_DOMAIN_START_BYPASS_CACHE flag +# with the virDomainCreateWithFlags API. That is, the system will +# avoid using the file system cache when restoring any managed state +# file, but may cause slower operation. +# +#auto_start_bypass_cache = 0 + +# If provided by the host and a hugetlbfs mount point is configured, +# a guest may request huge page backing. When this mount point is +# unspecified here, determination of a host mount point in /proc/mounts +# will be attempted. Specifying an explicit mount overrides detection +# of the same in /proc/mounts. Setting the mount point to "" will +# disable guest hugepage backing. +# +# NB, within this mount point, guests will create memory backing files +# in a location of $MOUNTPOINT/libvirt/qemu +# +#hugetlbfs_mount = "/dev/hugepages" + + +# Path to the setuid helper for creating tap devices. This executable +# is used to create interfaces when libvirtd is +# running unprivileged. libvirt invokes the helper directly, instead +# of using "-netdev bridge", for security reasons. +#bridge_helper = "/usr/libexec/qemu-bridge-helper" + + + +# If clear_emulator_capabilities is enabled, libvirt will drop all +# privileged capabilities of the QEmu/KVM emulator. This is enabled by +# default. +# +# Warning: Disabling this option means that a compromised guest can +# exploit the privileges and possibly do damage to the host. +# +#clear_emulator_capabilities = 1 + + +# If enabled, libvirt will have QEMU set its process name to +# "qemu:VM_NAME", where VM_NAME is the name of the VM. The QEMU +# process will appear as "qemu:VM_NAME" in process listings and +# other system monitoring tools. By default, QEMU does not set +# its process title, so the complete QEMU command (emulator and +# its arguments) appear in process listings. +# +#set_process_name = 1 + + +# If max_processes is set to a positive integer, libvirt will use +# it to set the maximum number of processes that can be run by qemu +# user. This can be used to override default value set by host OS. +# The same applies to max_files which sets the limit on the maximum +# number of opened files. +# +#max_processes = 0 +#max_files = 0 + + + +# mac_filter enables MAC addressed based filtering on bridge ports. +# This currently requires ebtables to be installed. +# +#mac_filter = 1 + + +# By default, PCI devices below non-ACS switch are not allowed to be assigned +# to guests. By setting relaxed_acs_check to 1 such devices will be allowed to +# be assigned to guests. +# +#relaxed_acs_check = 1 + + +# If allow_disk_format_probing is enabled, libvirt will probe disk +# images to attempt to identify their format, when not otherwise +# specified in the XML. This is disabled by default. +# +# WARNING: Enabling probing is a security hole in almost all +# deployments. It is strongly recommended that users update their +# guest XML elements to include +# elements instead of enabling this option. +# +#allow_disk_format_probing = 1 + + +# To enable 'Sanlock' project based locking of the file +# content (to prevent two VMs writing to the same +# disk), uncomment this +# +#lock_manager = "sanlock" + + + +# Set limit of maximum APIs queued on one domain. All other APIs +# over this threshold will fail on acquiring job lock. Specially, +# setting to zero turns this feature off. +# Note, that job lock is per domain. +# +#max_queued = 0 + +################################################################### +# Keepalive protocol: +# This allows qemu driver to detect broken connections to remote +# libvirtd during peer-to-peer migration. A keepalive message is +# sent to the deamon after keepalive_interval seconds of inactivity +# to check if the deamon is still responding; keepalive_count is a +# maximum number of keepalive messages that are allowed to be sent +# to the deamon without getting any response before the connection +# is considered broken. In other words, the connection is +# automatically closed approximately after +# keepalive_interval * (keepalive_count + 1) seconds since the last +# message received from the deamon. If keepalive_interval is set to +# -1, qemu driver will not send keepalive requests during +# peer-to-peer migration; however, the remote libvirtd can still +# send them and source libvirtd will send responses. When +# keepalive_count is set to 0, connections will be automatically +# closed after keepalive_interval seconds of inactivity without +# sending any keepalive messages. +# +#keepalive_interval = 5 +#keepalive_count = 5 + + + +# Use seccomp syscall whitelisting in QEMU. +# 1 = on, 0 = off, -1 = use QEMU default +# Defaults to -1. +# +#seccomp_sandbox = 1 + + + +# Override the listen address for all incoming migrations. Defaults to +# 0.0.0.0 or :: in case if both host and qemu are capable of IPv6. +#migration_address = "127.0.0.1" + + +# Override the port range used for incoming migrations. +# +# Minimum must be greater than 0, however when QEMU is not running as root, +# setting the minimum to be lower than 1024 will not work. +# +# Maximum must not be greater than 65535. +# +#migration_port_min = 49152 +#migration_port_max = 49215 diff --git a/dynamic-layers/virtualization-layer/recipes-extended/libvirt/libvirt_%.bbappend b/dynamic-layers/virtualization-layer/recipes-extended/libvirt/libvirt_%.bbappend new file mode 100644 index 00000000..c7e6d32e --- /dev/null +++ b/dynamic-layers/virtualization-layer/recipes-extended/libvirt/libvirt_%.bbappend @@ -0,0 +1,9 @@ +PACKAGECONFIG_qoriq-ppc = "qemu yajl lxc test remote macvtap libvirtd netcf udev python" + +FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:" +SRC_URI_append_qoriq-ppc = " file://qemu.conf" + +do_install_append_qoriq-ppc() { + install -m 0644 ${WORKDIR}/qemu.conf ${D}${sysconfdir}/libvirt/qemu.conf +} + diff --git a/meta-fsl-ppc/README b/meta-fsl-ppc/README deleted file mode 100644 index 10158ef9..00000000 --- a/meta-fsl-ppc/README +++ /dev/null @@ -1,49 +0,0 @@ -OpenEmbedded/Yocto BSP layer for Freescale's PPC platforms -========================================================== - -This layer provides support for Freescale's PPC platforms for use with -OpenEmbedded and/or Yocto. - -This layer depends on: - -URI: git://git.openembedded.org/openembedded-core -branch: master -revision: HEAD - -URI: git://git.openembedded.org/meta-openembedded -branch: master -revision: HEAD - -Contributing ------------- - -To contribute to this layer you should the patches for review to the -mailing list. - -Mailing list: - - https://lists.yoctoproject.org/listinfo/meta-freescale - -Source code: - - git://git.yoctoproject.org/meta-fsl-ppc - http://git.yoctoproject.org/git/meta-fsl-ppc - -When creating patches, please use something like: - - git format-patch -s --subject-prefix='meta-fsl-ppc dylan][PATCH' origin -optionally include a branch if the patch applies to multiple branches, -otherwise master is assumed - -When sending patches, please use something like: - - git send-email --to meta-freescale@yoctoproject.org - -git.yoctoproject.org vs. git.freescale.com: -------------------------------------------- - -git.yoctoproject.org hosts the official upstream work of Freescale's OE/YP repos, -for official SDK releases at times we need to do last minute fixes or include things -not supported upstream so we have a different repo on git.freescale.com for the -official release. git.freescale.com should be based off repos from git.yoctoproject.org - diff --git a/meta-fsl-ppc/classes/qoriq_build_64bit_kernel.bbclass b/meta-fsl-ppc/classes/qoriq_build_64bit_kernel.bbclass deleted file mode 100644 index f145746b..00000000 --- a/meta-fsl-ppc/classes/qoriq_build_64bit_kernel.bbclass +++ /dev/null @@ -1,18 +0,0 @@ -inherit distro_features_check -REQUIRED_DISTRO_FEATURES_e6500 += "multiarch" - -python () { - promote_kernel = d.getVar('BUILD_64BIT_KERNEL') - if promote_kernel == "1": - sys_multilib = 'powerpc64' + d.getVar('TARGET_VENDOR') + 'mllib64-' + d.getVar('HOST_OS') - tc_options = d.getVar('TOOLCHAIN_OPTIONS') + '/../lib64-' + d.getVar("MACHINE") - d.setVar('DEPENDS_append', ' lib64-gcc-cross-powerpc64 lib64-libgcc') - d.setVar('PATH_append', ':' + d.getVar('STAGING_BINDIR_NATIVE') + '/' + sys_multilib) - d.setVar('KERNEL_CC', d.getVar('CCACHE') + sys_multilib + '-' + 'gcc' + d.getVar('HOST_CC_KERNEL_ARCH') + tc_options) - d.setVar('KERNEL_LD', d.getVar('CCACHE') + sys_multilib + '-' + 'ld.bfd' + d.getVar('HOST_LD_KERNEL_ARCH') + tc_options) - d.setVar('KERNEL_AR', d.getVar('CCACHE') + sys_multilib + '-' + 'ar' + d.getVar('HOST_AR_KERNEL_ARCH')) - - error_qa = d.getVar('ERROR_QA', True) - if 'arch' in error_qa: - d.setVar('ERROR_QA', error_qa.replace(' arch', '')) -} diff --git a/meta-fsl-ppc/conf/layer.conf b/meta-fsl-ppc/conf/layer.conf deleted file mode 100644 index a4d4add9..00000000 --- a/meta-fsl-ppc/conf/layer.conf +++ /dev/null @@ -1,18 +0,0 @@ -# We have a packages directory, add to BBFILES -BBPATH .= ":${LAYERDIR}" - -BBFILES += "${LAYERDIR}/recipes-*/*/*.bb*" -BBFILES += "${LAYERDIR}/images/*.bb*" -BBFILES += "${LAYERDIR}/classes/*.bb*" - -BBFILE_COLLECTIONS += "fsl-ppc" -BBFILE_PATTERN_fsl-ppc = "^${LAYERDIR}/" -BBFILE_PRIORITY_fsl-ppc = "5" - -LICENSE_PATH += "${LAYERDIR}/custom-licenses" - -# Let us add layer-specific bbappends which are only applied when that -# layer is included in our configuration -BBFILES += "${@' '.join('${LAYERDIR}/%s/recipes*/*/*.bbappend' % layer \ - for layer in BBFILE_COLLECTIONS.split())}" - diff --git a/meta-fsl-ppc/conf/machine/b4420qds-64b.conf b/meta-fsl-ppc/conf/machine/b4420qds-64b.conf deleted file mode 100644 index 3df5e955..00000000 --- a/meta-fsl-ppc/conf/machine/b4420qds-64b.conf +++ /dev/null @@ -1,15 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale B4420QDS-64B -#@SOC: b4420 -#@DESCRIPTION: Machine configuration for running B4420QDS in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500-64b.inc - -SOC_FAMILY = "b4:b4420" -UBOOT_MACHINES ?= "B4420QDS" -KERNEL_DEVICETREE ?= "b4420qds.dtb b4420qds-usdpaa.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/b4420qds.conf b/meta-fsl-ppc/conf/machine/b4420qds.conf deleted file mode 100644 index c5433e86..00000000 --- a/meta-fsl-ppc/conf/machine/b4420qds.conf +++ /dev/null @@ -1,15 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale B4420QDS -#@SOC: b4420 -#@DESCRIPTION: Machine configuration for running B4420QDS in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500.inc - -SOC_FAMILY = "b4:b4420" -UBOOT_MACHINES ?= "B4420QDS" -KERNEL_DEVICETREE ?= "b4420qds.dtb b4420qds-usdpaa.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/b4860qds-64b.conf b/meta-fsl-ppc/conf/machine/b4860qds-64b.conf deleted file mode 100644 index c40fb305..00000000 --- a/meta-fsl-ppc/conf/machine/b4860qds-64b.conf +++ /dev/null @@ -1,17 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale B4860QDS-64B -#@SOC: b4860 -#@DESCRIPTION: Machine configuration for running B4860QDS in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500-64b.inc - -SOC_FAMILY = "b4:b4860" -UBOOT_MACHINES ?= "B4860QDS B4860QDS_SECURE_BOOT" -KERNEL_DEVICETREE ?= "b4860qds.dtb b4860qds-usdpaa.dtb \ - b4860qds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/b4860qds.conf b/meta-fsl-ppc/conf/machine/b4860qds.conf deleted file mode 100644 index 10b4ad41..00000000 --- a/meta-fsl-ppc/conf/machine/b4860qds.conf +++ /dev/null @@ -1,17 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale B4860QDS -#@SOC: b4860 -#@DESCRIPTION: Machine configuration for running B4860QDS in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500.inc - -SOC_FAMILY = "b4:b4860" -UBOOT_MACHINES ?= "B4860QDS B4860QDS_SECURE_BOOT" -KERNEL_DEVICETREE ?= "b4860qds.dtb b4860qds-usdpaa.dtb \ - b4860qds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/bsc9131rdb.conf b/meta-fsl-ppc/conf/machine/bsc9131rdb.conf deleted file mode 100644 index e65f7e4e..00000000 --- a/meta-fsl-ppc/conf/machine/bsc9131rdb.conf +++ /dev/null @@ -1,15 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale BSC9131RDB -#@SOC: bsc9131 -#@DESCRIPTION: Machine configuration for running BSC9131RDB -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "bsc9131" -UBOOT_MACHINES ?= "BSC9131RDB_SPIFLASH BSC9131RDB_NAND BSC9131RDB_NAND_SYSCLK100 BSC9131RDB_SPIFLASH_SYSCLK100" -KERNEL_DEVICETREE ?= "bsc9131rdb.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/bsc913x_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/bsc9132qds.conf b/meta-fsl-ppc/conf/machine/bsc9132qds.conf deleted file mode 100644 index 90ac2a3b..00000000 --- a/meta-fsl-ppc/conf/machine/bsc9132qds.conf +++ /dev/null @@ -1,23 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale BSC9132QDS -#@SOC: bsc9132 -#@DESCRIPTION: Machine configuration for running BSC9132QDS -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "bsc9132" -UBOOT_MACHINES ?= " BSC9132QDS_NAND_DDRCLK133 BSC9132QDS_NAND_DDRCLK100 \ - BSC9132QDS_NOR_DDRCLK100 BSC9132QDS_NOR_DDRCLK133 \ - BSC9132QDS_SDCARD_DDRCLK100 BSC9132QDS_SDCARD_DDRCLK133 \ - BSC9132QDS_SPIFLASH_DDRCLK100 BSC9132QDS_SPIFLASH_DDRCLK133 \ - BSC9132QDS_NAND_DDRCLK100_SECURE BSC9132QDS_NAND_DDRCLK133_SECURE \ - BSC9132QDS_NOR_DDRCLK100_SECURE BSC9132QDS_NOR_DDRCLK133_SECURE \ - BSC9132QDS_SDCARD_DDRCLK100_SECURE BSC9132QDS_SDCARD_DDRCLK133_SECURE \ - BSC9132QDS_SPIFLASH_DDRCLK100_SECURE BSC9132QDS_SPIFLASH_DDRCLK133_SECURE \ -" -KERNEL_DEVICETREE ?= "bsc9132qds.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/bsc913x_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/c293pcie.conf b/meta-fsl-ppc/conf/machine/c293pcie.conf deleted file mode 100644 index 6a63844e..00000000 --- a/meta-fsl-ppc/conf/machine/c293pcie.conf +++ /dev/null @@ -1,16 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale C293PCIE -#@SOC: c293pcie -#@DESCRIPTION: Machine configuration for running C293PCIE in 36-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "c293pcie" -BOOTFORMAT_CONFIG = "config_ddr3_512m_c29xpcie_800M.dat" -UBOOT_MACHINES ?= "C29XPCIE C29XPCIE_SPIFLASH C29XPCIE_SECBOOT C29XPCIE_SPIFLASH_SECBOOT" -KERNEL_DEVICETREE ?= "c293pcie_36b.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/include/e500mc.inc b/meta-fsl-ppc/conf/machine/include/e500mc.inc deleted file mode 100644 index 5871104d..00000000 --- a/meta-fsl-ppc/conf/machine/include/e500mc.inc +++ /dev/null @@ -1,6 +0,0 @@ -TARGET_FPU = "hard" - -require conf/machine/include/tune-ppce500mc.inc -require conf/machine/include/qoriq-base.inc - -MACHINEOVERRIDES .= ":e500mc" diff --git a/meta-fsl-ppc/conf/machine/include/e500v2.inc b/meta-fsl-ppc/conf/machine/include/e500v2.inc deleted file mode 100644 index a9372549..00000000 --- a/meta-fsl-ppc/conf/machine/include/e500v2.inc +++ /dev/null @@ -1,4 +0,0 @@ -require conf/machine/include/tune-ppce500v2.inc -require conf/machine/include/qoriq-base.inc - -MACHINEOVERRIDES .= ":e500v2" diff --git a/meta-fsl-ppc/conf/machine/include/e5500-64b.inc b/meta-fsl-ppc/conf/machine/include/e5500-64b.inc deleted file mode 100644 index d238ca89..00000000 --- a/meta-fsl-ppc/conf/machine/include/e5500-64b.inc +++ /dev/null @@ -1,12 +0,0 @@ -TARGET_FPU = "hard" -DEFAULTTUNE ?= "ppc64e5500" - -require conf/machine/include/tune-ppce5500.inc -require conf/machine/include/qoriq-base.inc - -MACHINEOVERRIDES .= ":e5500-64b" - -require conf/multilib.conf -MULTILIBS ?= "multilib:lib32" -DEFAULTTUNE_virtclass-multilib-lib32 ?= "ppce5500" - diff --git a/meta-fsl-ppc/conf/machine/include/e5500.inc b/meta-fsl-ppc/conf/machine/include/e5500.inc deleted file mode 100644 index 88f6d06e..00000000 --- a/meta-fsl-ppc/conf/machine/include/e5500.inc +++ /dev/null @@ -1,6 +0,0 @@ -TARGET_FPU = "hard" - -require conf/machine/include/tune-ppce5500.inc -require conf/machine/include/qoriq-base.inc - -MACHINEOVERRIDES .= ":e5500" diff --git a/meta-fsl-ppc/conf/machine/include/e6500-64b.inc b/meta-fsl-ppc/conf/machine/include/e6500-64b.inc deleted file mode 100644 index 522ee71f..00000000 --- a/meta-fsl-ppc/conf/machine/include/e6500-64b.inc +++ /dev/null @@ -1,12 +0,0 @@ -TARGET_FPU = "hard" -DEFAULTTUNE ?= "ppc64e6500" - -require conf/machine/include/tune-ppce6500.inc -require conf/machine/include/qoriq-base.inc - -MACHINEOVERRIDES .= ":e6500-64b" - -require conf/multilib.conf -MULTILIBS ?= "multilib:lib32" -DEFAULTTUNE_virtclass-multilib-lib32 ?= "ppce6500" - diff --git a/meta-fsl-ppc/conf/machine/include/e6500.inc b/meta-fsl-ppc/conf/machine/include/e6500.inc deleted file mode 100644 index 4121fbef..00000000 --- a/meta-fsl-ppc/conf/machine/include/e6500.inc +++ /dev/null @@ -1,13 +0,0 @@ -TARGET_FPU = "hard" - -require conf/machine/include/tune-ppce6500.inc -require conf/machine/include/qoriq-base.inc - -MACHINEOVERRIDES .= ":e6500" - -BUILD_64BIT_KERNEL = "1" - -require conf/multilib.conf -MULTILIBS ?= "multilib:lib64" -DEFAULTTUNE_virtclass-multilib-lib64 ?= "ppc64e6500" - diff --git a/meta-fsl-ppc/conf/machine/include/qoriq-base.inc b/meta-fsl-ppc/conf/machine/include/qoriq-base.inc deleted file mode 100644 index 25d22978..00000000 --- a/meta-fsl-ppc/conf/machine/include/qoriq-base.inc +++ /dev/null @@ -1,26 +0,0 @@ -# Provides the QorIQ common settings -require conf/machine/include/soc-family.inc - -# providers -PREFERRED_PROVIDER_virtual/kernel ?= "linux-qoriq" -PREFERRED_PROVIDER_u-boot ?= "u-boot-qoriq" - -# versions -PREFERRED_VERSION_qemu = "2.2.0+fsl" -PREFERRED_VERSION_openssl = "1.0.1i" - -# settings -MACHINE_FEATURES = "keyboard pci ext2 ext3 serial" -MACHINE_EXTRA_RRECOMMENDS += "udev-rules-qoriq kernel-modules" -MACHINEOVERRIDES .= ":qoriq-ppc" - -IMAGE_CLASSES += "image_types_uboot" -EXTRA_IMAGEDEPENDS += "u-boot" - -KERNEL_IMAGETYPE ?= "uImage" - -SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1 115200;ttyEHV0" -SERIAL_CONSOLES_CHECK ?= "${SERIAL_CONSOLES}" - -USE_VT = "0" - diff --git a/meta-fsl-ppc/conf/machine/p1010rdb.conf b/meta-fsl-ppc/conf/machine/p1010rdb.conf deleted file mode 100644 index e24c341e..00000000 --- a/meta-fsl-ppc/conf/machine/p1010rdb.conf +++ /dev/null @@ -1,22 +0,0 @@ -#@TYPE: Machine -#@Name: Freescale P1010RDB -#@SOC: p1010 -#@DESCRIPTION: Machine configuration for running P1010RDB -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "p1010" -BOOTFORMAT_CONFIG = "config_sram_p1010rdb.dat" -UBOOT_MACHINES ?= "P1010RDB-PB_NAND P1010RDB-PB_NOR \ - P1010RDB-PB_SPIFLASH P1010RDB-PB_36BIT_NOR P1010RDB-PB_36BIT_NAND \ - P1010RDB-PB_36BIT_SPIFLASH P1010RDB-PB_36BIT_NAND_SECBOOT \ - P1010RDB-PB_36BIT_NOR_SECBOOT P1010RDB-PB_36BIT_SPIFLASH_SECBOOT \ - P1010RDB-PB_NAND_SECBOOT P1010RDB-PB_NOR_SECBOOT \ - P1010RDB-PB_SPIFLASH_SECBOOT \ -" -KERNEL_DEVICETREE ?= "p1010rdb-pa.dtb p1010rdb-pb.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_defconfig" - -JFFS2_ERASEBLOCK = "0x20000" - diff --git a/meta-fsl-ppc/conf/machine/p1020rdb.conf b/meta-fsl-ppc/conf/machine/p1020rdb.conf deleted file mode 100644 index e2b706ed..00000000 --- a/meta-fsl-ppc/conf/machine/p1020rdb.conf +++ /dev/null @@ -1,16 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P1020RDB -#@SOC: p1020 -#@DESCRIPTION: Machine configuration for running P1020RDB -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "p1020" -BOOTFORMAT_CONFIG = "config_sram_p1022ds.dat" -UBOOT_MACHINES ?= " P1020RDB-PD P1020RDB-PD_NAND P1020RDB-PD_SDCARD P1020RDB-PD_SPIFLASH" -KERNEL_DEVICETREE ?= "p1020rdb-pd_32b.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x20000" - diff --git a/meta-fsl-ppc/conf/machine/p1021rdb.conf b/meta-fsl-ppc/conf/machine/p1021rdb.conf deleted file mode 100644 index 03a18215..00000000 --- a/meta-fsl-ppc/conf/machine/p1021rdb.conf +++ /dev/null @@ -1,17 +0,0 @@ -#@TYPE: Machine -#@Name: Freescale P1021RDB -#@SOC: p1021 -#@DESCRIPTION: Machine configuration for running P1021RDB -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "p1021" -BOOTFORMAT_CONFIG = "config_sram_p1022ds.dat" -UBOOT_MACHINES ?= "P1021RDB-PC P1021RDB-PC_NAND P1021RDB-PC_SDCARD P1021RDB-PC_SPIFLASH P1021RDB-PC_36BIT P1021RDB-PC_36BIT_SPIFLASH P1021RDB-PC_36BIT_NAND P1021RDB-PC_36BIT_SDCARD" -KERNEL_DEVICETREE ?= "p1021rdb-pc_32b.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x20000" -QE_UCODE ?= "fsl_qe_ucode_1021_10_A.bin" - diff --git a/meta-fsl-ppc/conf/machine/p1022ds.conf b/meta-fsl-ppc/conf/machine/p1022ds.conf deleted file mode 100644 index 823131ad..00000000 --- a/meta-fsl-ppc/conf/machine/p1022ds.conf +++ /dev/null @@ -1,26 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P1022DS -#@SOC: p1022 -#@DESCRIPTION: Machine configuration for running P1022DS -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "p1022" -BOOTFORMAT_CONFIG = "config_sram_p1022ds.dat" -UBOOT_MACHINES ?= "P1022DS P1022DS_NAND P1022DS_SPIFLASH P1022DS_SDCARD P1022DS_36BIT P1022DS_36BIT_SPIFLASH P1022DS_36BIT_NAND P1022DS_36BIT_SDCARD" -KERNEL_DEVICETREE ?= "p1022ds_32b.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" - -PREFERRED_PROVIDER_virtual/xserver ?= "xserver-xorg" - -XSERVER = " \ - xserver-xorg \ - xf86-input-evdev \ - xf86-input-mouse \ - xf86-input-keyboard \ - xf86-video-fbdev \ -" - -JFFS2_ERASEBLOCK = "0x20000" - diff --git a/meta-fsl-ppc/conf/machine/p1023rdb.conf b/meta-fsl-ppc/conf/machine/p1023rdb.conf deleted file mode 100644 index 02ec4a59..00000000 --- a/meta-fsl-ppc/conf/machine/p1023rdb.conf +++ /dev/null @@ -1,15 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P1023RDB -#@SOC: p1023 -#@DESCRIPTION: Machine configuration for running P1023RDB -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "p1023" -UBOOT_MACHINES ?= "P1023RDB" -KERNEL_DEVICETREE ?= "p1023rdb.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/p1023_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/p1025twr.conf b/meta-fsl-ppc/conf/machine/p1025twr.conf deleted file mode 100644 index 0c6bb57a..00000000 --- a/meta-fsl-ppc/conf/machine/p1025twr.conf +++ /dev/null @@ -1,17 +0,0 @@ -#@TYPE: Machine -#@Name: Freescale P1025TWR -#@SOC: p1025 -#@DESCRIPTION: Machine configuration for running P1025TWR -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "p1025" -BOOTFORMAT_CONFIG = "config_ddr3_1gb_p1_p2_rdb_pc_667M.dat" -UBOOT_MACHINES ?= "TWR-P1025" -KERNEL_DEVICETREE ?= "p1025twr_32b.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x20000" -QE_UCODE ?= "fsl_qe_ucode_1021_10_A.bin" - diff --git a/meta-fsl-ppc/conf/machine/p2020rdb.conf b/meta-fsl-ppc/conf/machine/p2020rdb.conf deleted file mode 100644 index 9544c256..00000000 --- a/meta-fsl-ppc/conf/machine/p2020rdb.conf +++ /dev/null @@ -1,16 +0,0 @@ -#@TYPE: Machine -#@Name: Freescale P2020RDB -#@SOC: p2020 -#@DESCRIPTION: Machine configuration for running P2020RDB -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500v2.inc - -SOC_FAMILY = "p2020" -BOOTFORMAT_CONFIG = "config_sram_p1022ds.dat" -UBOOT_MACHINES ?= " P2020RDB-PC P2020RDB-PC_NAND P2020RDB-PC_SDCARD P2020RDB-PC_SPIFLASH P2020RDB-PC_36BIT P2020RDB-PC_36BIT_SPIFLASH P2020RDB-PC_36BIT_NAND P2020RDB-PC_36BIT_SDCARD" -KERNEL_DEVICETREE ?= "p2020rdb-pc_32b.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/mpc85xx_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x20000" - diff --git a/meta-fsl-ppc/conf/machine/p2041rdb.conf b/meta-fsl-ppc/conf/machine/p2041rdb.conf deleted file mode 100644 index 9ed63ff1..00000000 --- a/meta-fsl-ppc/conf/machine/p2041rdb.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P2041RDB -#@SOC: p2041 -#@DESCRIPTION: Machine configuration for running P2041RDB -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500mc.inc - -SOC_FAMILY = "p2041" -UBOOT_MACHINES ?= "P2041RDB P2041RDB_NAND P2041RDB_SECURE_BOOT \ - P2041RDB_SDCARD P2041RDB_SPIFLASH \ -" -KERNEL_DEVICETREE ?= "p2041rdb.dtb p2041rdb-usdpaa.dtb \ - p2041rdb-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/p3041ds.conf b/meta-fsl-ppc/conf/machine/p3041ds.conf deleted file mode 100644 index 8fca5b40..00000000 --- a/meta-fsl-ppc/conf/machine/p3041ds.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P3041DS -#@SOC: p3041 -#@DESCRIPTION: Machine configuration for running P3041DS -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500mc.inc - -SOC_FAMILY = "p3041" -UBOOT_MACHINES ?= "P3041DS P3041DS_NAND P3041DS_SECURE_BOOT \ - P3041DS_SDCARD P3041DS_SPIFLASH \ -" -KERNEL_DEVICETREE ?= "p3041ds.dtb p3041ds-usdpaa.dtb \ - p3041ds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/p4080ds.conf b/meta-fsl-ppc/conf/machine/p4080ds.conf deleted file mode 100644 index b3fc87b2..00000000 --- a/meta-fsl-ppc/conf/machine/p4080ds.conf +++ /dev/null @@ -1,17 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P4080DS -#@SOC: p4080 -#@DESCRIPTION: Machine configuration for running P4080DS -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e500mc.inc - -SOC_FAMILY = "p4080" -UBOOT_MACHINES ?= "P4080DS P4080DS_SECURE_BOOT P4080DS_SDCARD P4080DS_SPIFLASH " -KERNEL_DEVICETREE ?= "p4080ds.dtb p4080ds-usdpaa.dtb \ - p4080ds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/p5020ds-64b.conf b/meta-fsl-ppc/conf/machine/p5020ds-64b.conf deleted file mode 100644 index 3586da7b..00000000 --- a/meta-fsl-ppc/conf/machine/p5020ds-64b.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P5020DS-64B -#@SOC: p5020 -#@DESCRIPTION: Machine configuration for running P5020DS in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500-64b.inc - -SOC_FAMILY = "p5020" -UBOOT_MACHINES ?= "P5020DS P5020DS_NAND P5020DS_SECURE_BOOT \ - P5020DS_SDCARD P5020DS_SPIFLASH \ -" -KERNEL_DEVICETREE ?= "p5020ds.dtb p5020ds-usdpaa.dtb \ - p5020ds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/p5020ds.conf b/meta-fsl-ppc/conf/machine/p5020ds.conf deleted file mode 100644 index 57de0ca7..00000000 --- a/meta-fsl-ppc/conf/machine/p5020ds.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P5020DS -#@SOC: p5020 -#@DESCRIPTION: Machine configuration for running P5020DS in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500.inc - -SOC_FAMILY = "p5020" -UBOOT_MACHINES ?= "P5020DS P5020DS_NAND P5020DS_SECURE_BOOT \ - P5020DS_SDCARD P5020DS_SPIFLASH \ -" -KERNEL_DEVICETREE ?= "p5020ds.dtb p5020ds-usdpaa.dtb \ - p5020ds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/p5040ds-64b.conf b/meta-fsl-ppc/conf/machine/p5040ds-64b.conf deleted file mode 100644 index cf2400db..00000000 --- a/meta-fsl-ppc/conf/machine/p5040ds-64b.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P5040DS-64B -#@SOC: p5040 -#@DESCRIPTION: Machine configuration for running P5040DS in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500-64b.inc - -SOC_FAMILY = "p5040" -UBOOT_MACHINES ?= "P5040DS P5040DS_NAND P5040DS_SECURE_BOOT \ - P5040DS_SDCARD P5040DS_SPIFLASH \ -" -KERNEL_DEVICETREE ?= "p5040ds.dtb p5040ds-usdpaa.dtb \ - p5040ds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/p5040ds.conf b/meta-fsl-ppc/conf/machine/p5040ds.conf deleted file mode 100644 index 534b5da2..00000000 --- a/meta-fsl-ppc/conf/machine/p5040ds.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale P5040DS -#@SOC: p5040 -#@DESCRIPTION: Machine configuration for running P5040DS in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500.inc - -SOC_FAMILY = "p5040" -UBOOT_MACHINES ?= "P5040DS P5040DS_NAND P5040DS_SECURE_BOOT \ - P5040DS_SDCARD P5040DS_SPIFLASH \ -" -KERNEL_DEVICETREE ?= "p5040ds.dtb p5040ds-usdpaa.dtb \ - p5040ds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t1023rdb-64b.conf b/meta-fsl-ppc/conf/machine/t1023rdb-64b.conf deleted file mode 100644 index 4cbfac0d..00000000 --- a/meta-fsl-ppc/conf/machine/t1023rdb-64b.conf +++ /dev/null @@ -1,15 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T1023RDB -#@SOC: t1023 -#@DESCRIPTION: Machine configuration for running T1023RDB in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500-64b.inc - -SOC_FAMILY = "t1:t1023" -UBOOT_MACHINES ?= "T1023RDB_NAND T1023RDB_SDCARD T1023RDB_SPIFLASH" -KERNEL_DEVICETREE ?= "t1023rdb.dtb t1023rdb-usdpaa.dtb t1023rdb-usdpaa-shared-interfaces.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3l_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t1023rdb.conf b/meta-fsl-ppc/conf/machine/t1023rdb.conf deleted file mode 100644 index c895868f..00000000 --- a/meta-fsl-ppc/conf/machine/t1023rdb.conf +++ /dev/null @@ -1,15 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T1023RDB -#@SOC: t1023 -#@DESCRIPTION: Machine configuration for running T1023RDB in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500.inc - -SOC_FAMILY = "t1:t1023" -UBOOT_MACHINES ?= "T1023RDB_NAND T1023RDB_SDCARD T1023RDB_SPIFLASH" -KERNEL_DEVICETREE ?= "t1023rdb.dtb t1023rdb-usdpaa.dtb t1023rdb-usdpaa-shared-interfaces.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t1024rdb-64b.conf b/meta-fsl-ppc/conf/machine/t1024rdb-64b.conf deleted file mode 100644 index 9186be2d..00000000 --- a/meta-fsl-ppc/conf/machine/t1024rdb-64b.conf +++ /dev/null @@ -1,16 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T1024RDB -#@SOC: t1024 -#@DESCRIPTION: Machine configuration for running T1024RDB in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500-64b.inc - -SOC_FAMILY = "t1:t1024" -UBOOT_MACHINES ?= "T1024RDB T1024RDB_NAND T1024RDB_SDCARD T1024RDB_SPIFLASH T1024RDB_SECURE_BOOT" -KERNEL_DEVICETREE ?= "t1024rdb.dtb t1024rdb-usdpaa.dtb t1024rdb-usdpaa-capwap.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3l_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" -QE_UCODE ?= "iram_Type_A_T1024_r1.0.bin" - diff --git a/meta-fsl-ppc/conf/machine/t1024rdb.conf b/meta-fsl-ppc/conf/machine/t1024rdb.conf deleted file mode 100644 index 275b5d1b..00000000 --- a/meta-fsl-ppc/conf/machine/t1024rdb.conf +++ /dev/null @@ -1,16 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T1024RDB -#@SOC: t1024 -#@DESCRIPTION: Machine configuration for running T1024RDB in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500.inc - -SOC_FAMILY = "t1:t1024" -UBOOT_MACHINES ?= "T1024RDB T1024RDB_NAND T1024RDB_SDCARD T1024RDB_SPIFLASH T1024RDB_SECURE_BOOT" -KERNEL_DEVICETREE ?= "t1024rdb.dtb t1024rdb-usdpaa.dtb t1024rdb-usdpaa-capwap.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" -QE_UCODE ?= "iram_Type_A_T1024_r1.0.bin" - diff --git a/meta-fsl-ppc/conf/machine/t1040d4rdb-64b.conf b/meta-fsl-ppc/conf/machine/t1040d4rdb-64b.conf deleted file mode 100644 index 2bfa6523..00000000 --- a/meta-fsl-ppc/conf/machine/t1040d4rdb-64b.conf +++ /dev/null @@ -1,18 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T1040D4RDB -#@SOC: t1040 -#@DESCRIPTION: Machine configuration for running T1040D4RDB in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500-64b.inc - -SOC_FAMILY = "t1:t1040" -UBOOT_MACHINES ?= "T1040D4RDB T1040D4RDB_NAND T1040D4RDB_SDCARD \ - T1040D4RDB_SPIFLASH T1040D4RDB_SECURE_BOOT \ -" -KERNEL_DEVICETREE ?= "t1040d4rdb.dtb t1040d4rdb-usdpaa-lag.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3l_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - -QE_UCODE = "iram_Type_A_T1040_r1.0.bin" diff --git a/meta-fsl-ppc/conf/machine/t1040d4rdb.conf b/meta-fsl-ppc/conf/machine/t1040d4rdb.conf deleted file mode 100644 index 0872cfe1..00000000 --- a/meta-fsl-ppc/conf/machine/t1040d4rdb.conf +++ /dev/null @@ -1,18 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T1040D4RDB -#@SOC: t1040 -#@DESCRIPTION: Machine configuration for running T1040D4RDB in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500.inc - -SOC_FAMILY = "t1:t1040" -UBOOT_MACHINES ?= "T1040D4RDB T1040D4RDB_NAND T1040D4RDB_SDCARD \ - T1040D4RDB_SPIFLASH T1040D4RDB_SECURE_BOOT \ -" -KERNEL_DEVICETREE ?= "t1040d4rdb.dtb t1040d4rdb-usdpaa-lag.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - -QE_UCODE = "iram_Type_A_T1040_r1.0.bin" diff --git a/meta-fsl-ppc/conf/machine/t1042d4rdb-64b.conf b/meta-fsl-ppc/conf/machine/t1042d4rdb-64b.conf deleted file mode 100644 index d9898662..00000000 --- a/meta-fsl-ppc/conf/machine/t1042d4rdb-64b.conf +++ /dev/null @@ -1,18 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T1042D4RDB -#@SOC: t1042 -#@DESCRIPTION: Machine configuration for running T1042D4RDB in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500-64b.inc - -SOC_FAMILY = "t1:t1042" -UBOOT_MACHINES ?= "T1042D4RDB T1042D4RDB_NAND T1042D4RDB_SDCARD \ - T1042D4RDB_SPIFLASH T1042D4RDB_SECURE_BOOT \ -" -KERNEL_DEVICETREE ?= "t1042d4rdb.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3l_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - -QE_UCODE = "iram_Type_A_T1040_r1.0.bin" diff --git a/meta-fsl-ppc/conf/machine/t1042d4rdb.conf b/meta-fsl-ppc/conf/machine/t1042d4rdb.conf deleted file mode 100644 index 6142bea4..00000000 --- a/meta-fsl-ppc/conf/machine/t1042d4rdb.conf +++ /dev/null @@ -1,18 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T1042D4RDB -#@SOC: t1042 -#@DESCRIPTION: Machine configuration for running T1042D4RDB in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e5500.inc - -SOC_FAMILY = "t1:t1042" -UBOOT_MACHINES ?= "T1042D4RDB T1042D4RDB_NAND T1042D4RDB_SDCARD \ - T1042D4RDB_SPIFLASH T1042D4RDB_SECURE_BOOT \ -" -KERNEL_DEVICETREE ?= "t1042d4rdb.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - -QE_UCODE = "iram_Type_A_T1040_r1.0.bin" diff --git a/meta-fsl-ppc/conf/machine/t2080qds-64b.conf b/meta-fsl-ppc/conf/machine/t2080qds-64b.conf deleted file mode 100644 index 3c81fb98..00000000 --- a/meta-fsl-ppc/conf/machine/t2080qds-64b.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T2080QDS-64B -#@SOC: t2080 -#@DESCRIPTION: Machine configuration for running T2080QDS in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500-64b.inc - -SOC_FAMILY = "t2:t2080" -UBOOT_MACHINES ?= "T2080QDS T2080QDS_SDCARD T2080QDS_SPIFLASH \ - T2080QDS_NAND T2080QDS_SRIO_PCIE_BOOT T2080QDS_SECURE_BOOT \ -" -KERNEL_DEVICETREE ?= "t2080qds.dtb t2080qds-usdpaa.dtb \ - t2080qds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t2080qds.conf b/meta-fsl-ppc/conf/machine/t2080qds.conf deleted file mode 100644 index 23b43ca3..00000000 --- a/meta-fsl-ppc/conf/machine/t2080qds.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T2080QDS -#@SOC: t2080 -#@DESCRIPTION: Machine configuration for running T2080QDS in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500.inc - -SOC_FAMILY = "t2:t2080" -UBOOT_MACHINES ?= "T2080QDS T2080QDS_SDCARD T2080QDS_SPIFLASH \ - T2080QDS_NAND T2080QDS_SRIO_PCIE_BOOT T2080QDS_SECURE_BOOT \ -" -KERNEL_DEVICETREE ?= "t2080qds.dtb t2080qds-usdpaa.dtb \ - t2080qds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t2080rdb-64b.conf b/meta-fsl-ppc/conf/machine/t2080rdb-64b.conf deleted file mode 100644 index e421567b..00000000 --- a/meta-fsl-ppc/conf/machine/t2080rdb-64b.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T2080RDB -#@SOC: t2080 -#@DESCRIPTION: Machine configuration for running T2080RDB in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500-64b.inc - -SOC_FAMILY = "t2:t2080" -UBOOT_MACHINES ?= "T2080RDB T2080RDB_SDCARD T2080RDB_SPIFLASH \ - T2080RDB_NAND T2080RDB_SRIO_PCIE_BOOT T2080RDB_SECURE_BOOT \ -" -KERNEL_DEVICETREE ?= "t2080rdb.dtb t2080rdb-usdpaa.dtb \ - t2080rdb-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t2080rdb.conf b/meta-fsl-ppc/conf/machine/t2080rdb.conf deleted file mode 100644 index 8ce27e95..00000000 --- a/meta-fsl-ppc/conf/machine/t2080rdb.conf +++ /dev/null @@ -1,19 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T2080RDB -#@SOC: t2080 -#@DESCRIPTION: Machine configuration for running T2080RDB in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500.inc - -SOC_FAMILY = "t2:t2080" -UBOOT_MACHINES ?= "T2080RDB T2080RDB_SDCARD T2080RDB_SPIFLASH \ - T2080RDB_NAND T2080RDB_SRIO_PCIE_BOOT T2080RDB_SECURE_BOOT \ -" -KERNEL_DEVICETREE ?= "t2080rdb.dtb t2080rdb-usdpaa.dtb \ - t2080rdb-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t4160qds-64b.conf b/meta-fsl-ppc/conf/machine/t4160qds-64b.conf deleted file mode 100644 index fb0d9663..00000000 --- a/meta-fsl-ppc/conf/machine/t4160qds-64b.conf +++ /dev/null @@ -1,15 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T4160QDS-64B -#@SOC: t4160 -#@DESCRIPTION: Machine configuration for running T4160QDS in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500-64b.inc - -SOC_FAMILY = "t4:t4160" -UBOOT_MACHINES ?= "T4160QDS T4160QDS_SECURE_BOOT" -KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t4160qds.conf b/meta-fsl-ppc/conf/machine/t4160qds.conf deleted file mode 100644 index d3dd58e3..00000000 --- a/meta-fsl-ppc/conf/machine/t4160qds.conf +++ /dev/null @@ -1,15 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T4160QDS -#@SOC: t4160 -#@DESCRIPTION: Machine configuration for running T4160QDS in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500.inc - -SOC_FAMILY = "t4:t4160" -UBOOT_MACHINES ?= "T4160QDS T4160QDS_SECURE_BOOT" -KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t4240qds-64b.conf b/meta-fsl-ppc/conf/machine/t4240qds-64b.conf deleted file mode 100644 index 1caa24e7..00000000 --- a/meta-fsl-ppc/conf/machine/t4240qds-64b.conf +++ /dev/null @@ -1,17 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T4240QDS-64B -#@SOC: t4240 -#@DESCRIPTION: Machine configuration for running T4240QDS in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500-64b.inc - -SOC_FAMILY = "t4:t4240" -UBOOT_MACHINES ?= "T4240QDS T4240QDS_SECURE_BOOT" -KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb \ - t4240qds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t4240qds.conf b/meta-fsl-ppc/conf/machine/t4240qds.conf deleted file mode 100644 index c244bfb5..00000000 --- a/meta-fsl-ppc/conf/machine/t4240qds.conf +++ /dev/null @@ -1,17 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T4240QDS -#@SOC: t4240 -#@DESCRIPTION: Machine configuration for running T4240QDS in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500.inc - -SOC_FAMILY = "t4:t4240" -UBOOT_MACHINES ?= "T4240QDS T4240QDS_SECURE_BOOT" -KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb \ - t4240qds-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t4240rdb-64b.conf b/meta-fsl-ppc/conf/machine/t4240rdb-64b.conf deleted file mode 100644 index 7d6543c0..00000000 --- a/meta-fsl-ppc/conf/machine/t4240rdb-64b.conf +++ /dev/null @@ -1,17 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T4240RDB -#@SOC: t4240 -#@DESCRIPTION: Machine configuration for running T4240RDB in 64-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500-64b.inc - -SOC_FAMILY = "t4:t4240" -UBOOT_MACHINES ?= "T4240RDB" -KERNEL_DEVICETREE ?= "t4240rdb.dtb t4240rdb-usdpaa.dtb \ - t4240rdb-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/conf/machine/t4240rdb.conf b/meta-fsl-ppc/conf/machine/t4240rdb.conf deleted file mode 100644 index a4b79951..00000000 --- a/meta-fsl-ppc/conf/machine/t4240rdb.conf +++ /dev/null @@ -1,17 +0,0 @@ -#@TYPE: Machine -#@NAME: Freescale T4240RDB -#@SOC: t4240 -#@DESCRIPTION: Machine configuration for running T4240RDB in 32-bit mode -#@MAINTAINER: Chunrong Guo - -require conf/machine/include/e6500.inc - -SOC_FAMILY = "t4:t4240" -UBOOT_MACHINES ?= "T4240RDB" -KERNEL_DEVICETREE ?= "t4240rdb.dtb t4240rdb-usdpaa.dtb \ - t4240rdb-usdpaa-shared-interfaces.dtb \ -" -KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/corenet64_fmanv3h_smp_defconfig" - -JFFS2_ERASEBLOCK = "0x10000" - diff --git a/meta-fsl-ppc/custom-licenses/Cortina b/meta-fsl-ppc/custom-licenses/Cortina deleted file mode 100644 index a68417c5..00000000 --- a/meta-fsl-ppc/custom-licenses/Cortina +++ /dev/null @@ -1,51 +0,0 @@ -DEFINITIONS:“Device” is the product described in this document or document set. “Cortina” is Cortina Systems, Inc. -“Software” is the software used with the Device, including the Application Programmable Interface (“API”). “You” are a -customer, or potential customer, of Devices with whom Cortina has an NDA. -LICENSE:Subject to the restrictions below, Cortina grants to You a non-exclusive, non-assignable, non-transferable, -royalty-free copyright license to (1) copy and modify the source code of the API; (2) incorporate the API in object code -form or as a library into Your software which is solely used with Your products (that incorporate the Devices); and (3) -distribute to Your customer, inobject code form only, the API. -RESTRICTIONS:The Software must be used solely in conjunction with the Devices and solely for Your internal -evaluation, demonstration, software application development anddistribution for production purposes, either with an -Cortina platform that contains the Device or with Your own product that incorporates the Device. Notwithstanding -anything to the contrary, the API can be incorporated into Your software as described above and distributed to Your -customers in object code form only. You may not distribute the Software as a stand-alone product. You shall not cause -the incorporation, modification or distribution of the Software to become subject to any open source licenses. You will -make reasonable efforts to discontinue the distribution of any portions of the Software that You are licensed hereunder -to distribute upon Cortina’s release of an update, upgrade or new version of the Software. You agree that You are -solely responsible for supporting any code which You modify, incorporate or distribute. You may not reverse-assemble, -reverse-compile, or otherwise reverse-engineer any Software provided in binary or machine readable form. -Distribution of the Software is also subject to the following limitations: You (i) are solely responsible to Your customers -for any update or support obligation or other liability which may arise from the modification, incorporation, and -distribution of the Software, (ii) do notmake any statement that Your product is“certified,” or that its performance is -guaranteed, by Cortina, (iii) do not use Cortina's name or trademarks to market Your product without prior written -permission, (iv) shall prohibit disassembly and reverse engineering, and (v) shall indemnify, hold harmless, and defend -Cortina and its suppliers from and against any claims or lawsuits, including attorney's fees, that arise or result from -Your distribution of any product. -OWNERSHIP OF SOFTWARE AND COPYRIGHTS.The title to all copies of the Software remains with Cortina or its -suppliers. The Software is copyrighted and protected by the laws of the United States and other countries, and -international treaty provisions. You may not remove any copyright notices from the Software. Cortina may make -changes to the Software, or to items referenced therein, at any timewithout notice, but is not obligated to support or -update the Software. Except as otherwise expressly provided,Cortina grants no express or implied right under Cortina -patents, copyrights, trademarks, or other intellectual property rights. -DISCLAIMER OF WARRANTIES.THE SOFTWARE IS PROVIDED “AS IS” WITHOUT ANY EXPRESS OR IMPLIED -WARRANTY OF ANY KIND. CORTINA AND ITS SUPPLIERSHEREBY DISCLAIM ALL WARRANTIES, INCLUDING -ANY IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR -PURPOSE. -LIMITATION OF LIABILITY.IN NO EVENT SHALL CORTINA OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES -WHATSOEVER (INCLUDING, WITHOUT LIMITATION, LOST PROFITS, BUSINESS INTERRUPTION, OR LOST -INFORMATION) ARISING OUT OF THE USE OF OR INABILITY TO USE THE SOFTWARE, EVEN IF CORTINA HAS -BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -TERMINATION OF THIS LICENSE.Cortina may terminate this license at any time if You violate its terms. Upon -termination, You will immediately destroy the Software or return all copies of the Software to Cortina. -APPLICABLE LAWS.Claims arising under this license shall be governed by the laws of the State of Delaware, -excluding its principles of conflict of laws. The provisions of the United Nations Convention on Contracts for the -International Sale of Goods shall not apply to this license.You shall not export, either directly or indirectly, any -Software or derived object code without first obtaining any required license or other approval from the applicable -governmental entity, including the U.S. Department of Commerce or any other agency or department of the United -States Government if required. This isthe entire agreement and understanding between You and Cortina relating to -this subject matter, and no amendments will be effective unless in a writing signed by both parties. -GOVERNMENT RESTRICTED RIGHTS.The Software is provided with “RESTRICTED RIGHTS.” Use, duplication, or -disclosure by the Government issubject to restrictions as set forth in FAR52.227-14 and DFAR252.227-7013 et seq. or -its successor. Use of the Software by the Government constitutes acknowledgment of Cortina's proprietary rights -therein. Contractor or Manufacturer is Cortina. diff --git a/meta-fsl-ppc/custom-licenses/Freescale-EULA b/meta-fsl-ppc/custom-licenses/Freescale-EULA deleted file mode 100644 index 2122a1fd..00000000 --- a/meta-fsl-ppc/custom-licenses/Freescale-EULA +++ /dev/null @@ -1,214 +0,0 @@ -IMPORTANT. Read the following Freescale Software License Agreement ("Agreement") -completely. By selecting the "I Accept" button at the end of this page, you -indicate that you accept the terms of the Freescale Proprietary Software License -Agreement and you also acknowledge that you have the authority, on behalf of your -company, to bind your company to such terms. You may then download or install the -file. - -FREESCALE PROPRIETARY SOFTWARE LICENSE AGREEMENT -This is a license agreement ("Agreement") between you (either as an individual -or as an authorized representative acting on behalf of your employer) and Freescale -Semiconductor, Inc. ("Freescale"). It concerns your rights to use the software -provided to you in binary or source code form and any accompanying written materials -(the "Software"). The Software may include any updates or error corrections or -documentation relating to the Software provided to you by Freescale under this -License. In consideration for Freescale allowing you to access the Software, you are -agreeing to be bound by the terms of this Agreement. If you do not agree to all of -the terms of this Agreement, do not download or install the Software. If you change -your mind later, stop using the Software and delete all copies of the Software in -your possession or control. Any copies of the Software that you have already -distributed, where permitted, and do not destroy will continue to be governed by -this Agreement. Your prior use will also continue to be governed by this Agreement. - -1. LICENSE GRANT. Freescale grants to you, free of charge, the non-exclusive, -non-transferable, non-sublicensable right (1) to use the Software, (2) to reproduce -the Software, (3) to prepare derivative works of the Software, (4) to distribute the -Software and derivative works thereof in object (machine-readable) form as part of -a programmable processing unit (e.g. a microprocessor, microcontroller, or digital -signal processor) supplied directly or indirectly from Freescale ("Freescale -System") and (5) to sublicense to others the right to use the distributed Software, -provided that any and all such sublicenses include the same terms and conditions of -this Agreement. Notwithstanding the limitation on damages in Section 8, Licensee -will indemnify, defend, and hold harmless Freescale against any and all claims, -costs, damages, liabilities, judgments and attorneys' fees resulting from or -arising out of any breach by the sublicensee, or resulting from or arising out of -any action by the sublicensee inconsistent with this Agreement. -You must notify Freescale, in writing, any time you create a derivative of the -Software. Freescale owns all derivatives created from the Software, and derivatives -are licensed to you under the same terms as the Software under this Agreement. Upon -request, you must provide Freescale the source code of any derivative of the Software. -If you violate any of the terms or restrictions of this Agreement, Freescale may -immediately terminate this Agreement, and require that you stop using and delete all -copies of the Software and any derivative in your possession or control. Any license -granted above only extends to Freescale's intellectual property rights that would -be necessarily infringed by the Software as provided to you by Freescale and as used -within the scope of the licenses granted. You must advise Freescale of any results -obtained including any problems or suggested improvements thereof. Freescale retains -the right to use such results and related information in any manner it deems -appropriate. - -2. OTHER RESTRICTIONS. Subject to the license grant above, the following restrictions - apply: - -a. Freescale reserves all rights not expressly granted herein. -b. You may not rent, lease, sublicense, lend or encumber the Software, unless - otherwise expressly agreed to within this Agreement -c. You may not distribute, manufacture, have manufactured, sublicense or otherwise - reproduce the Software for purposes other than intended in this Agreement. -d. You may not remove or alter any proprietary legends, notices, or trademarks - contained in the Licensed Software, -e. The terms and conditions of this Agreement will apply to any Software updates, - provided to you at Freescale's discretion, that replace and/or supplement the - original Software, unless such update contains a separate license. -f. You may not translate, reverse engineer, decompile, or disassemble the Software - provided to you solely in object code format (machine readable) except to the - extent applicable law specifically prohibits such restriction. You will prohibit - your sublicensees from translating, reverse engineering, decompiling, or - disassembling the Software except to the extent applicable law specifically - prohibits such restriction. - -3. OPEN SOURCE. You are about to download or install certain software that is -subject to various open source licenses such as the Apache License, the BSD license, -the Free Software Foundation General Public License and Lesser General Public -License, the Mozilla Public License and others. Your use of such open source -software is subject to the terms of each applicable license. You must agree to the -terms of each such applicable license, or you should not use the open source software. -Any open source license that is incompatible with the terms of this Agreement -supersedes the terms of this Agreement. - -4. COPYRIGHT. The Software is licensed to you, not sold. Freescale owns the -Software, and United States copyright laws and international treaty provisions -protect the Software. Therefore, you must treat the Software like any other -copyrighted material (e.g. a book or musical recording). You may not use or -copy the Software for any other purpose than what is described in this Agreement. -Except as expressly provided herein, Freescale does not grant to you any express or -implied rights under any Freescale or third party patents, copyrights, trademarks, -or trade secrets. Additionally, you must reproduce and apply any copyright or other -proprietary rights notices included on or embedded in the Software to any copies -made thereof, in whole or in part, if any. You may not remove any copyright -notices of Freescale incorporated in the Software. - -5. TERM AND TERMINATION. The term of this Agreement shall commence on the date -of installation or download and shall continue perpetually, unless earlier -terminated in accordance with this Agreement. Freescale has the right to terminate -this Agreement without notice and require that you stop using and delete all copies -of the Software in your possession or control if you violate any of the terms or -restrictions of this Agreement. Freescale may terminate this Agreement should any -of the Software become, or in Freescale's reasonable opinion is likely to become, -the subject of a claim of intellectual infringement or trade secret misappropriation. -Upon termination, you must cease use of and destroy, the Software and confirm -compliance in writing to Freescale. Upon termination, the license granted pursuant -to this Agreement immediately terminates and the provisions of Sections 4 through -18 will survive any termination of this Agreement. - -6. SUPPORT. Freescale is NOT obligated to provide any support, upgrades or new -releases of the Software. If you wish, you may contact Freescale and report problems -and provide suggestions regarding the Software. Freescale has no obligation -whatsoever to respond in any way to such a problem report or suggestion. Freescale -may make changes to the Software at any time, without any obligation to notify or -provide updated versions of the Software to you. - -7. NO WARRANTY. TO THE MAXIMUM EXTENT PERMITTED BY LAW, FREESCALE EXPRESSLY -DISCLAIMS ANY WARRANTY FOR THE SOFTWARE. THE SOFTWARE IS PROVIDED "AS IS", -WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT -LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR -PURPOSE, OR NON-INFRINGEMENT. YOU ASSUME THE ENTIRE RISK ARISING OUT OF THE USE -OR PERFORMANCE OF THE SOFTWARE, OR ANY SYSTEMS YOU DESIGN USING THE SOFTWARE (IF -ANY). NOTHING IN THIS AGREEMENT MAY BE CONSTRUED AS A WARRANTY OR REPRESENTATION -BY FREESCALE THAT THE SOFTWARE OR ANY DERIVATIVE WORK DEVELOPED WITH OR INCORPORATING -THE SOFTWARE WILL BE FREE FROM INFRINGEMENT OF THE INTELLECTUAL PROPERTY RIGHTS OF -THIRD PARTIES. - -8. INDEMNITY. You agree to fully defend and indemnify Freescale from any and all -claims, liabilities, and costs (including reasonable attorney's fees) related to -(1) your use (including your sublicensee's use, if permitted) of the Software or -(2) your violation of the terms and conditions of this Agreement. - -9. LIMITATION OF LIABILITY. IN NO EVENT WILL FREESCALE BE LIABLE, WHETHER IN -CONTRACT, TORT, OR OTHERWISE, FOR ANY INCIDENTAL, SPECIAL, INDIRECT, CONSEQUENTIAL -OR PUNITIVE DAMAGES, INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR ANY LOSS OF USE, -LOSS OF TIME, INCONVENIENCE, COMMERCIAL LOSS, OR LOST PROFITS, SAVINGS, OR REVENUES -TO THE FULL EXTENT SUCH MAY BE DISCLAIMED BY LAW EVEN IF INFORMED IN ADVANCE OF THE -POSSIBILITY OF SUCH DAMAGES. FREESCALE'S LIABILITY WILL IN ANY EVENT AND UNDER ANY -THEORY OF RECOVERY BE LIMITED TO THE TOTAL AMOUNT RECEIVED BY FREESCALE UNDER THIS -AGREEMENT. - -10. COMPLIANCE WITH LAWS; EXPORT RESTRICTIONS. You must not resell, re-export, or -provide, directly or indirectly, the licensed software or direct product thereof, -in any form without obtaining appropriate export or re-export licenses from the -United States Government and from the country from which the export or re-export -is to occur. An export occurs when products, technology, or software is transferred -from one country to another by any means, including physical shipments, FTP file -transfers, E-mails, faxes, remote server access, conversations, and the like. An -export also occurs when technology or software is transferred to a foreign national -in the United States, or foreign national of the country in which the business -activity is taking place. A foreign national is any person who is neither a citizen -nor permanent resident of the United States, or the country in which the business -activity is taking place. Furthermore, if an export/import license, permit or other -government required authority (collectively referred to as "government -authorization") is required to transfer technology, software, hardware or other -Freescale property to non- Freescale party(ies) and is not approved, then Freescale -is not obligated to transfer the Software under this Agreement until such -"government authorization" is granted.. - -11. GOVERNMENT RIGHTS. The Licensed Software is a "Commercial Item as defined in -48 C.F.R. $2.101, consisting of "Commercial Computer Software" and "Commercial -Computer Software Documentation," as such terms are used in 48 C.F.R. $ 12.212 or -48 C.F.R. $227.7202, as applicable and are only licensed to U.S. Government end -users with the rights as are set forth herein.. - -12. HIGH RISK ACTIVITIES. You acknowledge that the Software is not fault tolerant -and is not designed, manufactured or intended by Freescale for incorporation into -products intended for use or resale in on-line control equipment in hazardous, -dangerous to life or potentially life-threatening environments requiring fail-safe - performance, such as in the operation of nuclear facilities, aircraft navigation - or communication systems, air traffic control, direct life support machines or -weapons systems, in which the failure of products could lead directly to death, -personal injury or severe physical or environmental damage ("High Risk Activities"). - You specifically represent and warrant that you will not use the Software or any -derivative work of the Software for High Risk Activities. - -13. CHOICE OF LAW; VENUE; LIMITATIONS. You agree that the statutes and laws of the -United States and the State of Texas, USA, without regard to conflicts of laws -principles, will apply to all matters relating to this Agreement or the Software, -and you agree that any litigation will be subject to the exclusive jurisdiction of -the state or federal courts in Texas, USA. You agree that regardless of any -statute or law to the contrary, any claim or cause of action arising out of or -related to this Agreement or the Software must be filed within one (1) year after -such claim or cause of action arose or be forever barred. - -14. CONFIDENTIAL INFORMATION. You must treat the Software as confidential -information and you agree to retain the Software in confidence perpetually, with -respect to Software in source code form (human readable), or for a period of five -(5) years from the date of termination of this Agreement, with respect to all other -parts of the Software. During this period you may not disclose any part of the -Software to anyone other than employees who have a need to know of the Software and - who have executed written agreements obligating them to protect such Licensed -Software to at least the same degree of care as in this Agreement. You agree to use - the same degree of care, but no less than a reasonable degree of care, with the -Software as you do with your own confidential information. You may disclose Software - to the extent required by a court or under operation of law or order provided that - you notify Freescale of such requirement prior to disclosure, which you only -disclose information required, and that you allow Freescale the opportunity to -object to such court or other legal body requiring such disclosure. - -15. PRODUCT LABELING. You are not authorized to use any Freescale trademarks, -brand names, or logos. - -16. ENTIRE AGREEMENT. This Agreement constitutes the entire agreement between you -and Freescale regarding the subject matter of this Agreement, and supersedes all -prior communications, negotiations, understandings, agreements or representations, -either written or oral, if any. This Agreement may only be amended in written form, -executed by you and Freescale. - -17. SEVERABILITY. If any provision of this Agreement is held for any reason to be -invalid or unenforceable, then the remaining provisions of this Agreement will be -unimpaired and, unless a modification or replacement of the invalid or unenforceable -provision is further held to deprive you or Freescale of a material benefit, in -which case the Agreement will immediately terminate, the invalid or unenforceable -provision will be replaced with a provision that is valid and enforceable and that -comes closest to the intention underlying the invalid or unenforceable provision. - -18. NO WAIVER. The waiver by Freescale of any breach of any provision of this -Agreement will not operate or be construed as a waiver of any other or a subsequent -breach of the same or a different provision. diff --git a/meta-fsl-ppc/custom-licenses/TestFloat b/meta-fsl-ppc/custom-licenses/TestFloat deleted file mode 100644 index 1a1a23fe..00000000 --- a/meta-fsl-ppc/custom-licenses/TestFloat +++ /dev/null @@ -1,24 +0,0 @@ -Written by John R. Hauser. This work was made possible in part by the -International Computer Science Institute, located at Suite 600, 1947 Center -Street, Berkeley, California 94704. Funding was partially provided by the -National Science Foundation under grant MIP-9311980. The original version -of this code was written as part of a project to build a fixed-point vector -processor in collaboration with the University of California at Berkeley, -overseen by Profs. Nelson Morgan and John Wawrzynek. More information -is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ -arithmetic/SoftFloat.html'. - -THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR -OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. - -Derivative works are acceptable, even for commercial purposes, so long as -(1) the source code for the derivative work includes prominent notice that -the work is derivative, and (2) the source code includes prominent notice with -these four paragraphs for those parts of this code that are retained. - diff --git a/meta-fsl-ppc/openembedded-layer/recipes-devtools/luajit/luajit/ppc-fixplt.patch b/meta-fsl-ppc/openembedded-layer/recipes-devtools/luajit/luajit/ppc-fixplt.patch deleted file mode 100644 index b9f17f4e..00000000 --- a/meta-fsl-ppc/openembedded-layer/recipes-devtools/luajit/luajit/ppc-fixplt.patch +++ /dev/null @@ -1,105 +0,0 @@ -Upstream-Status: Unknown - -Signed-off-by: Khem Raj - -libluajit is having symbols that can't be -resolved the reloc cannot accommodate an offset greater than 24 bits. - -Looking at libluajit with readelf -r, you see a bunch of entries that look like: - 000082f0 00003c0a R_PPC_REL24 00000000 sqrt + 0 - -These should not occur when the code is compiled and linked with -fPIC. - -It turns out that libluajit *is* compiled and linked with -fPIC, however... -There is one assembler file called lj_vm.s which is generated during the build. -This file is missing the `@plt' qualifier from external references. - -This file is generated by a program called buildvm. This in turn uses tables -in a file called buildvm_arch.h which is generated by dynasm.lua. - -Index: LuaJIT-2.0.1/src/host/buildvm.c -=================================================================== ---- LuaJIT-2.0.1.orig/src/host/buildvm.c 2013-02-19 12:15:00.000000000 -0800 -+++ LuaJIT-2.0.1/src/host/buildvm.c 2013-05-14 20:26:05.933444512 -0700 -@@ -107,12 +107,14 @@ - #endif - sprintf(name, "%s%s%s", symprefix, prefix, suffix); - p = strchr(name, '@'); -+#if 0 - if (p) { - if (!LJ_64 && (ctx->mode == BUILD_coffasm || ctx->mode == BUILD_peobj)) - name[0] = '@'; - else - *p = '\0'; - } -+#endif - p = (char *)malloc(strlen(name)+1); /* MSVC doesn't like strdup. */ - strcpy(p, name); - return p; -Index: LuaJIT-2.0.1/src/vm_ppcspe.dasc -=================================================================== ---- LuaJIT-2.0.1.orig/src/vm_ppcspe.dasc 2013-02-19 12:15:00.000000000 -0800 -+++ LuaJIT-2.0.1/src/vm_ppcspe.dasc 2013-05-14 20:26:05.937444512 -0700 -@@ -1390,7 +1390,7 @@ - | checknum CARG2 - | evmergehi CARG1, CARG2, CARG2 - | checkfail ->fff_fallback -- | bl extern func -+ | bl extern func@plt - | evmergelo CRET1, CRET1, CRET2 - | b ->fff_restv - |.endmacro -@@ -1405,7 +1405,7 @@ - | checknum CARG1 - | evmergehi CARG3, CARG4, CARG4 - | checkanyfail ->fff_fallback -- | bl extern func -+ | bl extern func@plt - | evmergelo CRET1, CRET1, CRET2 - | b ->fff_restv - |.endmacro -@@ -1437,7 +1437,7 @@ - | checknum CARG2 - | evmergehi CARG1, CARG2, CARG2 - | checkfail ->fff_fallback -- | bl extern log -+ | bl extern log@plt - | evmergelo CRET1, CRET1, CRET2 - | b ->fff_restv - | -@@ -1471,7 +1471,7 @@ - | checknum CARG1 - | checkanyfail ->fff_fallback - | efdctsi CARG3, CARG4 -- | bl extern ldexp -+ | bl extern ldexp@plt - | evmergelo CRET1, CRET1, CRET2 - | b ->fff_restv - | -@@ -1484,7 +1484,7 @@ - | checkfail ->fff_fallback - | la CARG3, DISPATCH_GL(tmptv)(DISPATCH) - | lwz PC, FRAME_PC(BASE) -- | bl extern frexp -+ | bl extern frexp@plt - | lwz TMP1, DISPATCH_GL(tmptv)(DISPATCH) - | evmergelo CRET1, CRET1, CRET2 - | efdcfsi CRET2, TMP1 -@@ -1503,7 +1503,7 @@ - | checkfail ->fff_fallback - | la CARG3, -8(BASE) - | lwz PC, FRAME_PC(BASE) -- | bl extern modf -+ | bl extern modf@plt - | evmergelo CRET1, CRET1, CRET2 - | la RA, -8(BASE) - | evstdd CRET1, 0(BASE) -@@ -2399,7 +2399,7 @@ - | checknum CARG1 - | evmergehi CARG3, CARG4, CARG4 - | checkanyfail ->vmeta_arith_vv -- | bl extern pow -+ | bl extern pow@plt - | evmergelo CRET2, CRET1, CRET2 - | evstddx CRET2, BASE, RA - | ins_next diff --git a/meta-fsl-ppc/openembedded-layer/recipes-devtools/luajit/luajit_%.bbappend b/meta-fsl-ppc/openembedded-layer/recipes-devtools/luajit/luajit_%.bbappend deleted file mode 100644 index 8c6138c5..00000000 --- a/meta-fsl-ppc/openembedded-layer/recipes-devtools/luajit/luajit_%.bbappend +++ /dev/null @@ -1,4 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:" - -SRC_URI_append_qoriq-ppc = " file://ppc-fixplt.patch " - diff --git a/meta-fsl-ppc/recipes-bsp/apptrk/apptrk_git.bb b/meta-fsl-ppc/recipes-bsp/apptrk/apptrk_git.bb deleted file mode 100644 index 09d5de59..00000000 --- a/meta-fsl-ppc/recipes-bsp/apptrk/apptrk_git.bb +++ /dev/null @@ -1,20 +0,0 @@ -DESCRIPTION = "Userspace debug agent for PA CodeWarrior" -LICENSE = "Freescale-EULA" -LIC_FILES_CHKSUM = "file://COPYING;md5=95560debfde180684364319811cc1421" - -DEPENDS = "elfutils" - -SRC_URI = "git://git.freescale.com/ppc/sdk/apptrk.git;nobranch=1" -SRCREV = "cbed10997c5e2a4aaa004fb0e1efec858bf1bbe1" - -S = "${WORKDIR}/git" - -CFLAGS += " -I${STAGING_INCDIR} -ISource/Linux -ISource/Portable \ - -ISource/Linux_PA -ISource/PA -DPPC \ -" -CFLAGS_append_powerpc64 = " -DENABLE_64BIT_SUPPORT" - -do_install() { - install -d ${D}/usr/bin - oe_runmake install DESTDIR=${D} -} diff --git a/meta-fsl-ppc/recipes-bsp/boot-format/boot-format/flags.patch b/meta-fsl-ppc/recipes-bsp/boot-format/boot-format/flags.patch deleted file mode 100644 index cddb34cd..00000000 --- a/meta-fsl-ppc/recipes-bsp/boot-format/boot-format/flags.patch +++ /dev/null @@ -1,21 +0,0 @@ -Index: git/Makefile -=================================================================== ---- git.orig/Makefile -+++ git/Makefile -@@ -3,14 +3,14 @@ - INSTALL=install - PREFIX=/usr - --CFLAGS=-Wall -+override CFLAGS+=-Wall - - all: boot_format - - boot_format.o: boot_format.c boot_format.h - - boot_format: boot_format.o -- $(CC) $< -o $@ -+ $(CC) $(CFLAGS) $< -o $@ $(LDFLAGS) - - install: boot_format - $(INSTALL) -d $(DESTDIR)$(PREFIX)/bin diff --git a/meta-fsl-ppc/recipes-bsp/boot-format/boot-format_git.bb b/meta-fsl-ppc/recipes-bsp/boot-format/boot-format_git.bb deleted file mode 100644 index 2d9f9b1d..00000000 --- a/meta-fsl-ppc/recipes-bsp/boot-format/boot-format_git.bb +++ /dev/null @@ -1,20 +0,0 @@ -DESCRIPTION = "Boot format utility for booting from eSDHC/eSPI" -LICENSE = "GPLv2" -PR = "r6" -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" - -SRC_URI = "git://git.freescale.com/ppc/sdk/boot-format.git;nobranch=1 \ - file://flags.patch" -SRCREV = "4eb81a6797ef4e58bf7d9b2d58afb37a21c1f550" - -S = "${WORKDIR}/git" -EXTRA_OEMAKE = 'CC="${CC}" CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}"' - -do_install(){ - oe_runmake DESTDIR=${D} PREFIX=${prefix} install -} - -PACKAGES =+ "${PN}-config" -FILES_${PN}-config += "${datadir}/*" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-fsl-ppc/recipes-bsp/ipc/ipc-ust_git.bb b/meta-fsl-ppc/recipes-bsp/ipc/ipc-ust_git.bb deleted file mode 100644 index c6b3cfe6..00000000 --- a/meta-fsl-ppc/recipes-bsp/ipc/ipc-ust_git.bb +++ /dev/null @@ -1,50 +0,0 @@ -SUMMARY = "Linux IPC Userspace Tool" -DESCRIPTION = "DSP boot application and ipc test application" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=fa38cd73d71527dc6efb546474f64d10" - -require ipc.inc - -S = "${WORKDIR}/git" - -# workaround for issue of parallel build, required a actual fix in ipc source -PARALLEL_MAKE = "" - -EXTRA_OEMAKE = 'CROSS_COMPILE="${TARGET_PREFIX}" CC="${CC}" AR="${AR}"' - -do_compile () { - case ${MACHINE} in - bsc9132qds|bsc9131rdb) SOC=B913x;; - b4860qds|b4420qds|b4860qds-64b) SOC=B4860;; - esac - oe_runmake ${SOC}=1 -} - -do_install () { - install -d ${D}${bindir} - install -d ${D}${includedir} - install -d ${D}/ipc - install -m 755 ${S}/dsp_boot/dsp_bt ${D}/ipc - install -m 755 ${S}/ipc/ipc_test ${D}/ipc - install -m 755 ${S}/ipc/ipc_test67 ${D}/ipc - install -m 755 ${S}/ipc/l1d_app ${D}/ipc - install -m 755 ${S}/fsl_shm/app ${D}${bindir}/lg_shm_test - install -d ${D}${base_libdir} - install -m 755 ${S}/ipc/libipc.so ${D}${base_libdir} - install -m 755 ${S}/ipc/libmem.so ${D}${base_libdir} - install -m 755 ${S}/ipc/libdspboot.so ${D}${base_libdir} - install -d ${D}${includedir}/ipc - install -d ${D}${includedir}/ipc/ipc/include - install -d ${D}${includedir}/ipc/fsl_shm/lib - install ${S}/ipc/include/*.h ${D}${includedir}/ipc/ipc/include - install ${S}/dsp_boot/*.h ${D}${includedir}/ipc/ipc/include - install ${S}/kernel/fsl_ipc_types.h ${D}${includedir}/ipc/ipc/include - install ${S}/kernel/fsl_heterogeneous_common.h ${D}${includedir}/ipc/ipc/include - install ${S}/kernel/fsl_heterogeneous_l1_defense.h ${D}${includedir}/ipc/ipc/include - install ${S}/fsl_shm/include/*.h ${D}${includedir}/ipc/ipc/include - install ${S}/fsl_shm/lib/*.h ${D}${includedir}/ipc/fsl_shm/lib -} - -FILES_${PN} += "/ipc/*" -FILES_${PN}-dbg += "/ipc/.debug" - diff --git a/meta-fsl-ppc/recipes-bsp/ipc/ipc.inc b/meta-fsl-ppc/recipes-bsp/ipc/ipc.inc deleted file mode 100644 index 547771ae..00000000 --- a/meta-fsl-ppc/recipes-bsp/ipc/ipc.inc +++ /dev/null @@ -1,7 +0,0 @@ -DEPENDS = "virtual/kernel" - -SRC_URI = "git://git.freescale.com/ppc/sdk/ipc.git;nobranch=1" -SRCREV = "c9c92ac6a7a31c9d878096eb7d135c22a38f20ff" - -COMPATIBLE_MACHINE = "(bsc9132qds|bsc9131rdb|b4860qds|b4420qds)" - diff --git a/meta-fsl-ppc/recipes-bsp/pkc-firmware/pkc-firmware_git.bb b/meta-fsl-ppc/recipes-bsp/pkc-firmware/pkc-firmware_git.bb deleted file mode 100644 index 3cc5d446..00000000 --- a/meta-fsl-ppc/recipes-bsp/pkc-firmware/pkc-firmware_git.bb +++ /dev/null @@ -1,41 +0,0 @@ -DESCRIPTION = "U-boot firmware for c293pcie support " -HOMEPAGE = "http://u-boot.sf.net" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=1707d6db1d42237583f50183a5651ecb" - -INHIBIT_DEFAULT_DEPS = "1" -DEPENDS = "virtual/${TARGET_PREFIX}gcc libgcc" - -inherit deploy - -PACKAGE_ARCH = "${MACHINE_ARCH}" - -SRC_URI = "git://git.freescale.com/ppc/sdk/pkc-firmware.git;nobranch=1" -SRCREV = "b891873c1eea7a7d53f9472ea601712897cb17b7" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = 'CROSS_COMPILE=${TARGET_PREFIX} CC="${TARGET_PREFIX}gcc ${TOOLCHAIN_OPTIONS}"' - -do_compile () { - unset LDFLAGS - unset CFLAGS - unset CPPFLAGS - oe_runmake C293QDS_36BIT_SDCARD -} - -do_install(){ - install -d ${D}${sysconfdir}/crypto/ - install ${S}/u-boot.bin ${D}${sysconfdir}/crypto/pkc-firmware.bin -} - -do_deploy(){ - install -d ${DEPLOYDIR}/pkc-firmware - install ${S}/u-boot.bin ${DEPLOYDIR}/pkc-firmware/pkc-firmware.bin -} - -addtask deploy after do_install - -FILES_{PN} += "/etc/crypto/pkc-firmware.bin" -COMPATIBLE_MACHINE = "(c293pcie)" - diff --git a/meta-fsl-ppc/recipes-bsp/qe-ucode/qe-ucode_git.bb b/meta-fsl-ppc/recipes-bsp/qe-ucode/qe-ucode_git.bb deleted file mode 100644 index 028d9bcd..00000000 --- a/meta-fsl-ppc/recipes-bsp/qe-ucode/qe-ucode_git.bb +++ /dev/null @@ -1,35 +0,0 @@ -DESCRIPTION = "qe microcode binary" -SECTION = "qe-ucode" -LICENSE = "Freescale-EULA" -LIC_FILES_CHKSUM = "file://EULA;md5=60037ccba533a5995e8d1a838d85799c" - -python () { - if not d.getVar("QE_UCODE", True): - machine = d.getVar("MACHINE", True) - raise bb.parse.SkipPackage("QE_UCODE not set in \ - meta-fsl-ppc/conf/machine/%s.conf" % machine) -} - -inherit deploy - -SRC_URI = "git://git.freescale.com/ppc/sdk/qe-ucode.git;nobranch=1" -SRCREV= "49efc94b553de5c2a9bd28093592eff0068e161c" - -S = "${WORKDIR}/git" - -do_install () { - install -d ${D}/boot - install -m 644 ${QE_UCODE} ${D}/boot/ -} - -do_deploy () { - install -d ${DEPLOYDIR}/boot - install -m 644 ${QE_UCODE} ${DEPLOYDIR}/boot/ -} -addtask deploy before do_build after do_install - -PACKAGES += "${PN}-image" -FILES_${PN}-image += "/boot/*" -ALLOW_EMPTY_${PN} = "1" -COMPATIBLE_MACHINE = "(p1021rdb|p1025twr|t1)" - diff --git a/meta-fsl-ppc/recipes-bsp/rcw/rcw/rcw-make-BOARDS-DESTDIR-overidable-in-Makefile.patch b/meta-fsl-ppc/recipes-bsp/rcw/rcw/rcw-make-BOARDS-DESTDIR-overidable-in-Makefile.patch deleted file mode 100644 index 49d99fc5..00000000 --- a/meta-fsl-ppc/recipes-bsp/rcw/rcw/rcw-make-BOARDS-DESTDIR-overidable-in-Makefile.patch +++ /dev/null @@ -1,57 +0,0 @@ -From f2e796c903b2a3f81dbd38da3dc087cb7539d307 Mon Sep 17 00:00:00 2001 -From: Zhenhua Luo -Date: Wed, 3 Sep 2014 03:03:42 -0500 -Subject: [PATCH] Makefile: make BOARDS/DESTDIR overidable and add endian - switch - -1. For one specific board, no need to build the rcw for all supported - targets, make BOARDS and DESTDIR overridable to achieve this. -2. Add the endian swap for qspiboot rcw - -Upstream-Status: Pending - -Signed-off-by: Zhenhua Luo ---- - Makefile | 4 ++-- - Makefile.inc | 9 +++++++-- - 2 files changed, 9 insertions(+), 4 deletions(-) - -diff --git a/Makefile b/Makefile -index 6ec1697..0f94293 100644 ---- a/Makefile -+++ b/Makefile -@@ -1,5 +1,5 @@ --DESTDIR = . --BOARDS = b4420qds b4860qds \ -+DESTDIR ?= . -+BOARDS ?= b4420qds b4860qds \ - ls1021aqds ls1021atwr \ - p2041rdb p3041ds p4080ds p5020ds p5040ds \ - t1024qds t1023rdb t1024rdb t1040rdb t1042rdb t1042rdb_pi t1040qds \ -diff --git a/Makefile.inc b/Makefile.inc -index 4cadb2e..6e8b78f 100644 ---- a/Makefile.inc -+++ b/Makefile.inc -@@ -1,4 +1,4 @@ --DESTDIR = . -+DESTDIR ?= . - INSTALL = install - PYTHON ?= python2 - RCW = $(PYTHON) ../rcw.py -@@ -18,7 +18,12 @@ all: $(targets) - install: $(targets) - $(INSTALL) -d $(DESTDIR) - @for file in $^; do \ -- $(INSTALL) -m 644 -D $$file $(DESTDIR)/$$file; \ -+ case $$file in \ -+ *qspiboot*) file_swap="`echo $$file | sed -e 's/qspiboot/qspiboot_swap/'`"; \ -+ tclsh byte_swap.tcl $$file $$file_swap 8 ; \ -+ $(INSTALL) -m 644 -D $$file_swap $(DESTDIR)/$$file_swap ;; \ -+ *) $(INSTALL) -m 644 -D $$file $(DESTDIR)/$$file; \ -+ esac \ - done - $(INSTALL) -m 644 -D README $(DESTDIR) - --- -1.7.9.7 - diff --git a/meta-fsl-ppc/recipes-bsp/rcw/rcw_git.bb b/meta-fsl-ppc/recipes-bsp/rcw/rcw_git.bb deleted file mode 100644 index 57f305a6..00000000 --- a/meta-fsl-ppc/recipes-bsp/rcw/rcw_git.bb +++ /dev/null @@ -1,36 +0,0 @@ -SUMMARY = "Reset Configuration Word" -DESCRIPTION = "Reset Configuration Word - hardware boot-time parameters for the QorIQ targets" -LICENSE = "BSD" -PR = "r8" - -LIC_FILES_CHKSUM = "file://rcw.py;beginline=8;endline=28;md5=9ba0b28922dd187b06b6c8ebcfdd208e" - -inherit deploy - -SRCBRANCH = "master" -SRCREV = "426f7a6535d93dac76f5125035e0938a85e778d2" -SRC_URI = "git://git.freescale.com/ppc/sdk/rcw.git;branch=${SRCBRANCH} \ - file://rcw-make-BOARDS-DESTDIR-overidable-in-Makefile.patch \ -" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = "BOARDS=${@d.getVar('MACHINE', True).replace('-64b','')} DESTDIR=${D}/boot/rcw/" - -do_install () { - oe_runmake install -} - -do_deploy () { - install -d ${DEPLOYDIR}/rcw - cp -r ${D}/boot/rcw/* ${DEPLOYDIR}/rcw/ -} -addtask deploy after do_install - -PACKAGES += "${PN}-image" -FILES_${PN}-image += "/boot" - -ALLOW_EMPTY_${PN} = "1" - -PACKAGE_ARCH = "${MACHINE_ARCH}" -COMPATIBLE_MACHINE = "(qoriq-ppc)" diff --git a/meta-fsl-ppc/recipes-bsp/u-boot/files/0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch b/meta-fsl-ppc/recipes-bsp/u-boot/files/0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch deleted file mode 100644 index e6b8d2e5..00000000 --- a/meta-fsl-ppc/recipes-bsp/u-boot/files/0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch +++ /dev/null @@ -1,77 +0,0 @@ -From 9ba002f1b1afc7af84a352f4ecab32a30d7ba353 Mon Sep 17 00:00:00 2001 -From: Zhenhua Luo -Date: Mon, 9 Feb 2015 18:33:56 +0800 -Subject: [PATCH] u-boot/mpc85xx/u-boot*.lds: remove _GLOBAL_OFFSET_TABLE_ - definition - -In binutils-2.25, the _GLOBAL_OFFSET_TABLE_ symbols defined by PROVIDE in -u-boot.lds overrides the linker built-in symbols -(https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=b893397a4b1316610f49819344817715e4305de9), -so the linker is treating _GLOBAL_OFFSET_TABLE_ as a definition into the .reloc section. - -To align with the change of binutils-2.25, the _GLOBAL_OFFSET_TABLE_ symbol -should not be defined in sections, and the symbols in linker generated .got -section should be used(https://sourceware.org/ml/binutils/2008-09/msg00122.html). - -Fixed the following build errors with binutils-2.25: -| powerpc-poky-linux-gnuspe-ld.bfd: _GLOBAL_OFFSET_TABLE_ not defined in linker created .got - -Signed-off-by: Zhenhua Luo ---- - arch/powerpc/cpu/mpc85xx/u-boot-nand.lds | 1 - - arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds | 1 - - arch/powerpc/cpu/mpc85xx/u-boot-spl.lds | 1 - - arch/powerpc/cpu/mpc85xx/u-boot.lds | 1 - - 4 files changed, 4 deletions(-) - -diff --git a/arch/powerpc/cpu/mpc85xx/u-boot-nand.lds b/arch/powerpc/cpu/mpc85xx/u-boot-nand.lds -index f933b21..0399f93 100644 ---- a/arch/powerpc/cpu/mpc85xx/u-boot-nand.lds -+++ b/arch/powerpc/cpu/mpc85xx/u-boot-nand.lds -@@ -44,7 +44,6 @@ SECTIONS - _GOT2_TABLE_ = .; - KEEP(*(.got2)) - KEEP(*(.got)) -- PROVIDE(_GLOBAL_OFFSET_TABLE_ = . + 4); - _FIXUP_TABLE_ = .; - KEEP(*(.fixup)) - } -diff --git a/arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds b/arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds -index b83c553..f044564 100644 ---- a/arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds -+++ b/arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds -@@ -22,7 +22,6 @@ SECTIONS - _GOT2_TABLE_ = .; - KEEP(*(.got2)) - KEEP(*(.got)) -- PROVIDE(_GLOBAL_OFFSET_TABLE_ = . + 4); - _FIXUP_TABLE_ = .; - KEEP(*(.fixup)) - } -diff --git a/arch/powerpc/cpu/mpc85xx/u-boot-spl.lds b/arch/powerpc/cpu/mpc85xx/u-boot-spl.lds -index 5ae7b3e..889a4c2 100644 ---- a/arch/powerpc/cpu/mpc85xx/u-boot-spl.lds -+++ b/arch/powerpc/cpu/mpc85xx/u-boot-spl.lds -@@ -29,7 +29,6 @@ SECTIONS - _GOT2_TABLE_ = .; - KEEP(*(.got2)) - KEEP(*(.got)) -- PROVIDE(_GLOBAL_OFFSET_TABLE_ = . + 4); - _FIXUP_TABLE_ = .; - KEEP(*(.fixup)) - } -diff --git a/arch/powerpc/cpu/mpc85xx/u-boot.lds b/arch/powerpc/cpu/mpc85xx/u-boot.lds -index 2cf0b25..f15eaf3 100644 ---- a/arch/powerpc/cpu/mpc85xx/u-boot.lds -+++ b/arch/powerpc/cpu/mpc85xx/u-boot.lds -@@ -50,7 +50,6 @@ SECTIONS - _GOT2_TABLE_ = .; - KEEP(*(.got2)) - KEEP(*(.got)) -- PROVIDE(_GLOBAL_OFFSET_TABLE_ = . + 4); - _FIXUP_TABLE_ = .; - KEEP(*(.fixup)) - } --- -2.1.0 - diff --git a/meta-fsl-ppc/recipes-bsp/u-boot/files/Fix-the-depend-race-issue.patch b/meta-fsl-ppc/recipes-bsp/u-boot/files/Fix-the-depend-race-issue.patch deleted file mode 100644 index 1ddc6675..00000000 --- a/meta-fsl-ppc/recipes-bsp/u-boot/files/Fix-the-depend-race-issue.patch +++ /dev/null @@ -1,38 +0,0 @@ -Upstream-Status: Pending - -From 301832414369b749918e0d5db850eed19b81c0fc Mon Sep 17 00:00:00 2001 -From: Zhenhua Luo -Date: Tue, 24 Sep 2013 00:54:40 -0500 -Subject: [PATCH] Fix the depend race issue - -| make[3]: Entering directory `/srv/home/pokybuild/yocto-autobuilder-new/yocto-slave/nightly-fsl-ppc/build/build/tmp/work/p1022ds-poky-linux-gnuspe/u-boot/git-r30/git/arch/powerpc/cpu/mpc85xx' -| /srv/home/pokybuild/yocto-autobuilder-new/yocto-slave/nightly-fsl-ppc/build/build/tmp/work/p1022ds-poky-linux-gnuspe/u-boot/git-r30/git/P1022DS_NAND/spl/arch/powerpc/cpu/mpc85xx/.depend:125: *** missing separator. Stop. -| make[3]: Leaving directory `/srv/home/pokybuild/yocto-autobuilder-new/yocto-slave/nightly-fsl-ppc/build/build/tmp/work/p1022ds-poky-linux-gnuspe/u-boot/git-r30/git/arch/powerpc/cpu/mpc85xx' -| make[2]: *** [/srv/home/pokybuild/yocto-autobuilder-new/yocto-slave/nightly-fsl-ppc/build/build/tmp/work/p1022ds-poky-linux-gnuspe/u-boot/git-r30/git/P1022DS_NAND/spl/arch/powerpc/cpu/mpc85xx/start.o] Error 2 -| make[2]: *** Waiting for unfinished jobs.... - -Signed-off-by: Zhenhua Luo ---- - spl/Makefile | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/spl/Makefile b/spl/Makefile -index 6dbb105..3156d87 100644 ---- a/spl/Makefile -+++ b/spl/Makefile -@@ -185,7 +185,11 @@ $(eval $(call make_u_boot_list, $(obj)u-boot.lst, $(LIBS))) - $(obj)u-boot-spl.lds: $(LDSCRIPT) $(obj)u-boot.lst depend - $(CPP) $(CPPFLAGS) $(LDPPFLAGS) -I$(obj). -ansi -D__ASSEMBLY__ -P - < $< > $@ - --depend: $(obj).depend -+# Explicitly make _depend in subdirs containing multiple targets to prevent -+# parallel sub-makes creating .depend files simultaneously. -+depend dep: $(obj).depend -+ for dir in $(SUBDIRS) $(CPUDIR) $(LDSCRIPT_MAKEFILE_DIR) ; do \ -+ $(MAKE) -C $(SRCTREE)/$$dir _depend ; done - .PHONY: depend - - # defines $(obj).depend target --- -1.8.2.1 - diff --git a/meta-fsl-ppc/recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb b/meta-fsl-ppc/recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb deleted file mode 100644 index 17c470dc..00000000 --- a/meta-fsl-ppc/recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb +++ /dev/null @@ -1,189 +0,0 @@ -DESCRIPTION = "U-boot bootloader" -HOMEPAGE = "http://u-boot.sf.net" -SECTION = "bootloaders" -PROVIDES = "virtual/bootloader u-boot" -LICENSE = "GPLv2 & BSD-3-Clause & BSD-2-Clause & LGPL-2.0 & LGPL-2.1" -LIC_FILES_CHKSUM = " \ - file://Licenses/gpl-2.0.txt;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://Licenses/bsd-2-clause.txt;md5=6a31f076f5773aabd8ff86191ad6fdd5 \ - file://Licenses/bsd-3-clause.txt;md5=4a1190eac56a9db675d58ebe86eaf50c \ - file://Licenses/lgpl-2.0.txt;md5=5f30f0716dfdd0d91eb439ebec522ec2 \ - file://Licenses/lgpl-2.1.txt;md5=4fbd65380cdd255951079008b364516c \ -" - -PV = "2014.07+fslgit" -INHIBIT_DEFAULT_DEPS = "1" -DEPENDS = "boot-format-native libgcc ${@base_contains('TCMODE', 'external-fsl', '', 'virtual/${TARGET_PREFIX}gcc', d)}" - -inherit deploy - -SRC_URI = "git://git.freescale.com/ppc/sdk/u-boot.git;nobranch=1 \ - file://0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch" -SRCREV = "6ba8eedbcdc4b063f59a63e6288b938af739e8ad" - -python () { - if d.getVar("TCMODE", True) == "external-fsl": - return - - ml = d.getVar("MULTILIB_VARIANTS", True) - arch = d.getVar("OVERRIDES", True) - - if "e5500-64b:" in arch or "e6500-64b:" in arch: - if not "lib32" in ml: - raise bb.parse.SkipPackage("Building the u-boot for this arch requires multilib to be enabled") - sys_multilib = 'powerpc' + d.getVar('TARGET_VENDOR') + 'mllib32-' + d.getVar('HOST_OS') - d.setVar('DEPENDS_append', ' lib32-gcc-cross-powerpc lib32-libgcc') - d.setVar('PATH_append', ':' + d.getVar('STAGING_BINDIR_NATIVE') + '/' + sys_multilib) - d.setVar('TOOLCHAIN_OPTIONS_append', '/../lib32-' + d.getVar("MACHINE")) - d.setVar("WRAP_TARGET_PREFIX", sys_multilib + '-') -} - -WRAP_TARGET_PREFIX ?= "${TARGET_PREFIX}" - -PACKAGE_ARCH = "${MACHINE_ARCH}" - -UBOOT_LOCALVERSION = "${@d.getVar('SDK_VERSION', True).partition(' ')[0]}" - -USRC ?= "" -S = '${@base_conditional("USRC", "", "${WORKDIR}/git", "${USRC}", d)}' - -EXTRA_OEMAKE = 'CROSS_COMPILE=${WRAP_TARGET_PREFIX} CC="${WRAP_TARGET_PREFIX}gcc ${TOOLCHAIN_OPTIONS}"' - -do_compile () { - unset LDFLAGS - unset CFLAGS - unset CPPFLAGS - - if [ ! -e ${B}/.scmversion -a ! -e ${S}/.scmversion ] - then - head=`git rev-parse --verify --short HEAD 2> /dev/null` - printf "%s%s%s" ${UBOOT_LOCALVERSION} +g $head > ${B}/.scmversion - printf "%s%s%s" ${UBOOT_LOCALVERSION} +g $head > ${S}/.scmversion - fi - - if [ "x${UBOOT_MACHINES}" = "x" ]; then - UBOOT_MACHINES=${UBOOT_MACHINE} - fi - - python ./tools/genboardscfg.py - for board in ${UBOOT_MACHINES}; do - if ! grep -wq $board ${S}/boards.cfg;then - echo "WARNING: $board not supported in boards.cfg" - continue - fi - - oe_runmake O=${board} distclean - oe_runmake O=${board} ${board}_config - oe_runmake O=${board} all - - case "${board}" in - *SDCARD*) UBOOT_TARGET="u-boot-sd";; - *SPIFLASH*) UBOOT_TARGET="u-boot-spi";; - *NAND*) UBOOT_TARGET="u-boot-nand";; - *SRIO*) UBOOT_TARGET="u-boot-srio";; - *) UBOOT_TARGET="";; - esac - - # deal with sd/spi/nand/srio image - UBOOT_SOURCE=u-boot.bin - if [ "x${UBOOT_TARGET}" != "x" ] && echo $board |egrep -qi "SECBOOT|SECURE"; then - cp ${S}/${board}/${UBOOT_SOURCE} ${S}/${board}/${UBOOT_TARGET}.bin - elif [ "x${UBOOT_TARGET}" != "x" ]; then - # some boards' final binary was not named as u-boot.bin - if [ "${UBOOT_TARGET}" = "u-boot-nand" ];then - if echo $board |egrep -q "^(BSC|C29|P10|P2020RDB)";then - UBOOT_SOURCE=u-boot-with-spl.bin - elif echo $board |egrep -q "^(B4|T1|T2|T4)";then - UBOOT_SOURCE=u-boot-with-spl-pbl.bin - elif echo $board |egrep -q "^(P2041|P3|P4|P5)";then - UBOOT_SOURCE=u-boot.pbl - fi - elif [ "${UBOOT_TARGET}" = "u-boot-spi" ];then - if echo $board |egrep -q "^(P10|P2020RDB)";then - UBOOT_SOURCE=u-boot-with-spl.bin - elif echo $board |egrep -q "^(T1|T2)";then - UBOOT_SOURCE=u-boot-with-spl-pbl.bin - elif echo $board |egrep -q "^(B4|P2041|P3|P4|P5|T4)";then - UBOOT_SOURCE=u-boot.pbl - fi - elif [ "${UBOOT_TARGET}" = "u-boot-sd" ];then - if echo $board |egrep -q "^(P10|P2020RDB)";then - UBOOT_SOURCE=u-boot-with-spl.bin - elif echo $board |egrep -q "^(B4|T1|T2|T4)";then - UBOOT_SOURCE=u-boot-with-spl-pbl.bin - elif echo $board |egrep -q "^(P2041|P3|P4|P5)";then - UBOOT_SOURCE=u-boot.pbl - fi - fi - cp ${S}/${board}/${UBOOT_SOURCE} ${S}/${board}/${UBOOT_TARGET}.bin - - # use boot-format to regenerate spi image if BOOTFORMAT_CONFIG is not empty - if [ "${UBOOT_TARGET}" = "u-boot-spi" ] && [ -n "${BOOTFORMAT_CONFIG}" ];then - ${STAGING_BINDIR_NATIVE}/boot_format \ - ${STAGING_DATADIR_NATIVE}/boot_format/${BOOTFORMAT_CONFIG} \ - ${S}/${board}/${UBOOT_SOURCE} -spi ${S}/${board}/${UBOOT_TARGET}.bin - fi - fi - done -} - -do_install(){ - if [ "x${UBOOT_MACHINES}" = "x" ]; then - UBOOT_MACHINES=${UBOOT_MACHINE} - fi - - for board in ${UBOOT_MACHINES}; do - if ! grep -wq $board ${S}/boards.cfg;then - continue - fi - - case "${board}" in - *SDCARD*) UBOOT_TARGET="u-boot-sd";; - *SPIFLASH*) UBOOT_TARGET="u-boot-spi";; - *NAND*) UBOOT_TARGET="u-boot-nand";; - *SRIO*) UBOOT_TARGET="u-boot-srio";; - *) UBOOT_TARGET="u-boot";; - esac - - if [ -f ${S}/${board}/${UBOOT_TARGET}.bin ]; then - mkdir -p ${D}/boot/ - install ${S}/${board}/${UBOOT_TARGET}.bin ${D}/boot/${UBOOT_TARGET}-${board}-${PV}-${PR}.bin - ln -sf ${UBOOT_TARGET}-${board}-${PV}-${PR}.bin ${D}/boot/${UBOOT_TARGET}.bin - fi - done -} - -do_deploy(){ - if [ "x${UBOOT_MACHINES}" = "x" ]; then - UBOOT_MACHINES=${UBOOT_MACHINE} - fi - - for board in ${UBOOT_MACHINES}; do - if ! grep -wq $board ${S}/boards.cfg;then - continue - fi - - case "${board}" in - *SDCARD*) UBOOT_TARGET="u-boot-sd";; - *SPIFLASH*) UBOOT_TARGET="u-boot-spi";; - *NAND*) UBOOT_TARGET="u-boot-nand";; - *SRIO*) UBOOT_TARGET="u-boot-srio";; - *) UBOOT_TARGET="u-boot";; - esac - - if [ -f ${S}/${board}/${UBOOT_TARGET}.bin ]; then - mkdir -p ${DEPLOYDIR} - install ${S}/${board}/${UBOOT_TARGET}.bin ${DEPLOYDIR}/${UBOOT_TARGET}-${board}-${PV}-${PR}.bin - - cd ${DEPLOYDIR} - rm -f ${UBOOT_TARGET}-${board}.bin - ln -sf ${UBOOT_TARGET}-${board}-${PV}-${PR}.bin ${UBOOT_TARGET}-${board}.bin - fi - done -} -addtask deploy after do_install - -PACKAGES += "${PN}-images" -FILES_${PN}-images += "/boot" - -ALLOW_EMPTY_${PN} = "1" diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README deleted file mode 100644 index 9578982d..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README +++ /dev/null @@ -1,77 +0,0 @@ -test_setkey script usage - -The scripts in this directory may be used for testing -native Linux IPsec with the talitos driver as a loadable module. - -It's assumed that these scripts have been placed in the directory -named /test_setkey. - -The scripts setup_left and setup_right configure the ip addresses -for two boards named 'left' and 'right', which are two gateways for -an IPsec tunnel. Connect the eth1 interfaces of left and right boards together. -For smartbits testing, connect eth0 on each board to a smartbits port. -For other testing (ping, netperf, iperf), connect eth0 on each board to another system. - -The scripts named left.conf-* and right.conf-* are setkey scripts -which configure the IPsec SA and SPD entries. -The scripts ending in -tunnel use tunnel mode IPsec, and the scripts -ending in -transport used transport mode IPsec. -Transport mode is useful for quickly testing security functionality -using ping or netperf between two boards. -Tunnel mode can be used for testing throughput using smartbits or other -performance test equipment. - -There is a top level script called 'setup' which -is used for a one-step setup on the left and right boards. -'setup' uses two or three parameters. The first parameter is the side, left or right. -The second parameter is the setkey suffix for the left.conf- and right.conf- files. -If the third parameter is supplied, the setup will modprobe that name, so -typically you should provide talitos as the third parameter if you want to load the driver. -If you have built the talitos driver into the kernel, omit the third parameter to setup. -You may test software encryption if talitos is built as a module and you omit the third parameter. - -Below are example uses of the 'setup' script. - -1) One-step setup for smartbits - Use a tunnel mode setup on each side. - AES-HMAC-SHA1: - Left side: - /test_setkey/setup left aes-sha1-tunnel talitos - Right side: - /test_setkey/setup right aes-sha1-tunnel talitos - - 3DES-HMAC-SHA1: - Left side: - /test_setkey/setup left 3des-sha1-tunnel talitos - Right side: - /test_setkey/setup right 3des-sha1-tunnel talitos - -2) One-step setup for testing ping, netperf, or iperf between two boards. - Use a transport mode setup on each side. - AES-HMAC-SHA1: - Left side: - /test_setkey/setup left aes-sha1-transport talitos - Right side: - /test_setkey/setup right aes-sha1-transport talitos - - 3DES-HMAC-SHA1: - Left side: - /test_setkey/setup left 3des-sha1-transport talitos - Right side: - /test_setkey/setup right 3des-sha1-transport talitos - -3) Testing ipv4 - To test ipv4 (with no security) over the two gateways, use steps below. - Testing ipv4 is helpful to get your smartbits configuration verified - and also establish a baseline performance for throughput. - - On the left board: - cd /test_setkey - ./setup_left - ./left.ipv4 - - On the right board: - cd /test_setkey - ./setup_right - ./right.ipv4 - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel deleted file mode 100755 index 6bd6c5d8..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel deleted file mode 100755 index eebf307a..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey deleted file mode 100755 index 0be30562..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/sbin/setkey -f - -flush; -spdflush; diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left deleted file mode 100644 index d9d6c0c6..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left +++ /dev/null @@ -1,29 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - charondebug="chd 2, knl 2" - crlcheckinterval=180 - strictcrlpolicy=no - plutostart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev2 - type=tunnel - auth=esp - compress=no - mobike=no - -conn net-net - left=200.200.200.10 - leftsubnet=192.168.1.0/24 - leftcert=moonCert.pem - leftid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - leftfirewall=yes - right=200.200.200.20 - rightsubnet=192.168.2.0/24 - rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - auto=add diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right deleted file mode 100644 index c14dee2b..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right +++ /dev/null @@ -1,28 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - charondebug="chd 2, knl 2" - crlcheckinterval=180 - strictcrlpolicy=no - plutostart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev2 - auth=esp - compress=no - mobike=no - -conn net-net - left=200.200.200.20 - leftcert=sunCert.pem - leftid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - leftsubnet=192.168.2.0/24 - leftfirewall=yes - right=200.200.200.10 - rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - rightsubnet=192.168.1.0/24 - auto=add diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left deleted file mode 100644 index e86d6aa5..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left +++ /dev/null @@ -1,3 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file - -: RSA moonKey.pem diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right deleted file mode 100644 index 1095b74c..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right +++ /dev/null @@ -1,8 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file - -: RSA sunKey.pem - - - - - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left deleted file mode 100644 index 55025dbc..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left +++ /dev/null @@ -1,39 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - left=200.200.200.10 - leftcert=moonCert.pem - leftid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - leftfirewall=yes - -conn net-net - left=%defaultroute - leftsubnet=192.168.1.0/24 - leftcert=moonCert.pem - right=200.200.200.20 - rightsubnet=192.168.2.0/24 - rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - auto=add - -conn host-host - left=%defaultroute - leftcert=moonCert.pem - right=200.200.200.20 - rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - auto=add - -conn rw - leftsubnet=192.168.1.0/24 - right=%any - auto=add diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right deleted file mode 100644 index 479791ea..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right +++ /dev/null @@ -1,34 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - left=200.200.200.20 - leftcert=sunCert.pem - leftid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - leftfirewall=yes - -conn net-net - left=%defaultroute - leftsubnet=192.168.2.0/24 - leftcert=sunCert.pem - right=200.200.200.10 - rightsubnet=192.168.1.0/24 - rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - auto=add - -conn host-host - left=%defaultroute - leftcert=sunCert.pem - right=200.200.200.10 - rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - auto=add diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport deleted file mode 100755 index 5422771b..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel deleted file mode 100755 index 52bf9c3f..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport deleted file mode 100755 index e5ee0054..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel deleted file mode 100755 index eb2881db..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport deleted file mode 100755 index b5286320..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel deleted file mode 100755 index e7726f08..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport deleted file mode 100755 index 96f57837..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel deleted file mode 100755 index b2cf84bf..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport deleted file mode 100755 index f3ffaf5c..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel deleted file mode 100755 index 1ab7874f..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport deleted file mode 100755 index d2645d6f..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel deleted file mode 100755 index 8ed697d1..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport deleted file mode 100755 index 84275d07..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing null encryption -# and null authentication -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E null - -A null; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E null - -A null; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel deleted file mode 100755 index 478d14a8..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing null encryption -# and null authentication -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E null - -A null; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E null - -A null; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 deleted file mode 100755 index e219f2ad..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 +++ /dev/null @@ -1,2 +0,0 @@ -set -v -route add -net 192.168.2.0 netmask 255.255.255.0 gw 200.200.200.20 diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem deleted file mode 100644 index d5c970f4..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem +++ /dev/null @@ -1,25 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEIjCCAwqgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ -MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS -b290IENBMB4XDTA5MDgyNzEwMDMzMloXDTE0MDgyNjEwMDMzMlowRjELMAkGA1UE -BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHDAaBgNVBAMTE21vb24u -c3Ryb25nc3dhbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK -L2M91Lu6BYYhWxWgMS9z9TMSTwszm5rhO7ZIsCtMRo4PAeYw+++SGXt3CPXb/+p+ -SWKGlm11rPE71eQ3ehgh2C3hAurfmWO0iQQaCw+fdreeIVCqOQIOP6UqZ327h5yY -YpHk8VQv4vBJTpxclU1PqnWheqe1ZlLxsW773LRml/fQt/UgvJkCBTZZONLNMfK+ -7TDnYaVsAtncgvDN78nUNEe2qY92KK7SrBJ6SpUEg49m51F+XgsGcsgWVHS85on3 -Om/G48crLEVJjdu8CxewSRVgb+lPJWzHd8QsU0Vg/7vlqs3ZRMyNtNKrr4opSvVb -A6agGlTXhDCreDiXU8KHAgMBAAGjggEaMIIBFjAJBgNVHRMEAjAAMAsGA1UdDwQE -AwIDqDAdBgNVHQ4EFgQUapx00fiJeYn2WpTpifH6w2SdKS4wbQYDVR0jBGYwZIAU -XafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkwFwYDVQQK -ExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJvb3QgQ0GC -AQAwHgYDVR0RBBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzATBgNVHSUEDDAKBggr -BgEFBQcDATA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u -b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCctXg2xeMozaTV -jiBL1P8MY9uEH5JtU0EceQ1RbI5/2vGRdnECND9oADY5vamaaE2Mdq2Qh/vlXnML -o3ii5ELjsQlYdTYZOcMOdcUUXYvbbFX1cwpkBhyBl1H25KptHcgQ/HnceKp3kOuq -wYOYjgwePXulcpWXx0E2QtQCFQQZFPyEWeNJxH0oglg53QPXfHY9I2/Gukj5V0bz -p7ME0Gs8KdnYdmbbDqzQgPsta96/m+HoJlsrVF+4Gqihj6BWMBQ2ybjPWZdG3oH9 -25cE8v60Ry98D0Z/tygbAUFnh5oOvaf642paVgc3aoA77I8U+UZjECxISoiHultY -7QTufOwP ------END CERTIFICATE----- diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem deleted file mode 100644 index 4d99866f..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAyi9jPdS7ugWGIVsVoDEvc/UzEk8LM5ua4Tu2SLArTEaODwHm -MPvvkhl7dwj12//qfklihpZtdazxO9XkN3oYIdgt4QLq35ljtIkEGgsPn3a3niFQ -qjkCDj+lKmd9u4ecmGKR5PFUL+LwSU6cXJVNT6p1oXqntWZS8bFu+9y0Zpf30Lf1 -ILyZAgU2WTjSzTHyvu0w52GlbALZ3ILwze/J1DRHtqmPdiiu0qwSekqVBIOPZudR -fl4LBnLIFlR0vOaJ9zpvxuPHKyxFSY3bvAsXsEkVYG/pTyVsx3fELFNFYP+75arN -2UTMjbTSq6+KKUr1WwOmoBpU14Qwq3g4l1PChwIDAQABAoIBACBFB/Xqajv6fbn9 -K6pxrz02uXwGmacXAtVIDoPzejWmXS4QA4l17HrJDmelSnhelDKry8nnYHkTrTz7 -mn0wQ4HDWy86o/okJUG/TKRLd6bf79aRQqqohqd3iQkHk43GyzuXH+oGioVKF0fc -ACDWw4wfjL7FMNdHCZ4Bz9DrHO/ysHe9B6rvSYm3VZRhSxaneIkaLkkDadKpVx3f -XNFlMxY4qKPJYYSoJZ61iMqrO7+rnA93tmyDDs8PKU3BtnpfNrdePgleJHhk8Zqy -Ev2/NOCSUxbKE8NCtLpGTs+T0qjjnu4k3WPd3ZOBAan0uPDekHZeHB/aXGLhYcxx -J5SurqECgYEA+F1gppkER5Jtoaudt/CUpdQ1sR9wxf75VBqJ4FiYABGQz9xlG4oj -zL/o572s0iV3bwFpnQa+WuWrxGkP6ZuB/Z82npc0N/vLou/b4dxvg4n7K+eOOEf0 -8FMjsse2tqTIXKCqcmQnR0NPQ1jwuvEKsXP5w/JOlnRXAXnd4jxsJI0CgYEA0GaT -61ySttUW9jC3mxuY6jkQy8TEQqR3nOFvWwmCXIWOpN/MTTPus+Telxp/pdKhU+mo -PmX3Unyne5PvwleWDq3YzltX5ZDZGJ5UJlKuNnfGIzQ6OcHRbb7zBpQG6qSRPuug -bgo688hTnb1L59nK88zWVK45euf6pyuoI+SwIGMCgYEA7yvE8knyhBXvezuv0z1b -eGHmHp5/VDwY0DQKSEAoiBBiWrkLqLybgwXf/KJ8dZZc8En08aFX2GLJyYe/KiB1 -ys3ypEBJqgvRayP+o/9KZ+qNNRd0rqAksPXvL7ABNNt0kzapTSVDae3Yu6s/j1am -DIL5qAeERIDedG5uDPpQzdUCgYB7MtjpP63ABhLv8XbpbBQnCxtByw3W89F+Xcrt -v55gQdhE4cSuMzA/CuMH4vNpPS6AI9aBJNhj3CtKo/cOJachAGb1/wvkO5ALvLW0 -fhZdPstUTnDJain7vfF/hwzbs/PlhXgu9T9KlLfRvXFdG+Sd4g8mumRiozcLkoRw -y6XPTwKBgDJP+s9wXmdG90HST/aqC7FKrVXLpB63dY5swNUfQP6sa0pFnON0r0JC -h/YCsGFFIAebQ2uOkM3g3f9nkwTp7910ov+/5uThvRI2w2BBPy0mVuALPjyyF1Z2 -cb9zpyKiIuXoXRCf4sd8r1lR9bn0Fxx0Svpxf+fpMGSI5quHNBKY ------END RSA PRIVATE KEY----- diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh deleted file mode 100755 index faefb245..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# -# Usage: ./pingsizes.sh 1440 20 (or greater) -# - -PINGDEST=${PINGDEST:-200.200.200.10} -k=$1 -lim="$((k+$2))" -((k-=1)) -while [ "$k" != "$lim" ] ; do - echo -n "ping -s $((k+=1)) : " - ping -i 1000 -c 1 -s $k $PINGDEST | grep packets & - sleep 1 - PID=`ps -eaf | grep 'ping -i' | grep -v grep | sed 's/[ ][ ]*/ /g' | cut -d " " -f 2` - if [ -n "$PID" ] ; then - echo "****************** killing $PID" - kill $PID > /dev/null - fi -done diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh deleted file mode 100755 index d5ff0f7d..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# -# Usage: ./pingsizes.sh 1440 20 (or greater) -# - -PINGDEST=${PINGDEST:-200.200.200.10} -k=$1 -lim="$((k+$2))" -((k-=1)) -while [ "$k" != "$lim" ] ; do - echo ping -s $((k+=1)) - ping -i 1000 -c 1 -s $k $PINGDEST & - sleep 1 - PID=`ps -eaf | grep 'ping -i' | sed 's/[ ][ ]*/ /g' | cut -d " " -f 2` - if [ -n "$PID" ] ; then - echo "****************** killing $PID" - kill $PID - fi -done diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt deleted file mode 100644 index 46c1ff41..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt +++ /dev/null @@ -1,2 +0,0 @@ -200.200.200.20 secretkeyracoon -200.200.200.10 secretkeyracoon diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf deleted file mode 100644 index cf561f51..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf +++ /dev/null @@ -1,22 +0,0 @@ -path pre_shared_key "/test_setkey/psk.txt" ; - - remote anonymous - { - exchange_mode main ; - lifetime time 1 hour ; - proposal { - encryption_algorithm 3des; - hash_algorithm sha1; - authentication_method pre_shared_key ; - dh_group 2 ; - } - } - - sainfo anonymous - { - pfs_group 2; - lifetime time 1 hour ; - encryption_algorithm 3des ; - authentication_algorithm hmac_sha1 ; - compression_algorithm deflate ; - } diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport deleted file mode 100755 index 7f82fb46..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel deleted file mode 100755 index 5a752579..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport deleted file mode 100755 index 6ef885d4..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - -# Security policies -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel deleted file mode 100755 index 16c31578..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport deleted file mode 100755 index b9772092..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel deleted file mode 100755 index e7c5b4e6..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport deleted file mode 100755 index 5d55d001..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel deleted file mode 100755 index f49bd54a..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport deleted file mode 100755 index d9c65a45..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - -# Security policies -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel deleted file mode 100755 index 1f10136a..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport deleted file mode 100755 index 817a8bd4..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel deleted file mode 100755 index 9bca18fb..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport deleted file mode 100755 index 26dfe2e1..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing null encryption -# and null authentication -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E null - -A null; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E null - -A null; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel deleted file mode 100755 index bc4f38eb..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing null encryption -# and null authentication -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E null - -A null; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E null - -A null; - diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 deleted file mode 100755 index 67cd1b2c..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 +++ /dev/null @@ -1,2 +0,0 @@ -set -v -route add -net 192.168.1.0 netmask 255.255.255.0 gw 200.200.200.10 diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup deleted file mode 100755 index 9e6fa7fa..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup +++ /dev/null @@ -1,47 +0,0 @@ -# setup - quick setup for left or right side of ipsec test -# see README for example use. - -SCRIPT_HOME=/test_setkey/ -cd $SCRIPT_HOME - -export PATH=$SCRIPT_HOME:$PATH - -if [ "$1" != "left" -a "$1" != "right" ] ; then - echo "Usage: $0 side [config] [driver]" - echo " where side is either left or right." - echo " where config is either" - echo " aes-sha1-tunnel (default)" - echo " or 3des-sha1-tunnel" - echo " if driver is supplied, script does 'modprobe driver'" - exit 1 -fi - -SIDE=$1 -POLICY_CFG=$SIDE.conf -DEFAULT_POLICY=aes-sha1-tunnel - -if [ -n "$2" ] ; then - POLICY=$2 -else - POLICY=$DEFAULT_POLICY -fi - -SETKEY_FILE=$POLICY_CFG-$POLICY - -if [ ! -f $SETKEY_FILE ] ; then - echo "Missing setkey command file: $SETKEY_FILE" - exit 1 -fi - -# modprobe any driver name given as last parameter -if [ -n "$3" ] ; then - modprobe $3 -fi - -SETUP_CMD_FILE=./setup_$SIDE -. $SETUP_CMD_FILE - -$SETKEY_FILE - -setkey -D -setkey -D -P diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left deleted file mode 100755 index da769099..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left +++ /dev/null @@ -1,13 +0,0 @@ -# board on left setup -set -v -ifconfig eth0 down -ifconfig eth0 hw ether 00:04:9F:11:22:33 -ifconfig eth0 192.168.1.130 netmask 255.255.255.0 -ifconfig eth0 up -ifconfig eth1 down -ifconfig eth1 hw ether 00:E0:0C:00:7D:FD -ifconfig eth1 200.200.200.10 netmask 255.255.255.0 -ifconfig eth1 up -arp -s 192.168.1.21 00:00:00:00:00:01 -route add default dev eth1 -echo 1 > /proc/sys/net/ipv4/ip_forward diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right deleted file mode 100755 index f0e333ee..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right +++ /dev/null @@ -1,13 +0,0 @@ -# board on right setup -set -v -ifconfig eth0 down -ifconfig eth0 hw ether 00:E0:0C:00:01:FD -ifconfig eth0 192.168.2.130 netmask 255.255.255.0 -ifconfig eth0 up -ifconfig eth1 down -ifconfig eth1 hw ether 00:E0:0C:00:00:FD -ifconfig eth1 200.200.200.20 netmask 255.255.255.0 -ifconfig eth1 up -arp -s 192.168.2.21 00:00:00:00:00:02 -route add default dev eth1 -echo 1 > /proc/sys/net/ipv4/ip_forward diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf deleted file mode 100644 index 1701f4ab..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf +++ /dev/null @@ -1,19 +0,0 @@ -# strongswan.conf - strongSwan configuration file - -charon { - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-raw updown - multiple_authentication = no -} - -pluto { - - # plugins to load in pluto - #load = aes des sha1 md5 sha2 hmac gmp random pubkey - -} - -libstrongswan { - - # set to no, the DH exponent size is optimized - # dh_exponent_ansi_x9_42 = no -} diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem deleted file mode 100644 index 0865ad22..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ -MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS -b290IENBMB4XDTA0MDkxMDEwMDExOFoXDTE5MDkwNzEwMDExOFowRTELMAkGA1UE -BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9u -Z1N3YW4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/y -X2LqPVZuWLPIeknK86xhz6ljd3NNhC2z+P1uoCP3sBMuZiZQEjFzhnKcbXxCeo2f -FnvhOOjrrisSuVkzuu82oxXD3fIkzuS7m9V4E10EZzgmKWIf+WuNRfbgAuUINmLc -4YGAXBQLPyzpP4Ou48hhz/YQo58Bics6PHy5v34qCVROIXDvqhj91P8g+pS+F21/ -7P+CH2jRcVIEHZtG8M/PweTPQ95dPzpYd2Ov6SZ/U7EWmbMmT8VcUYn1aChxFmy5 -gweVBWlkH6MP+1DeE0/tL5c87xo5KCeGK8Tdqpe7sBRC4pPEEHDQciTUvkeuJ1Pr -K+1LwdqRxo7HgMRiDw8CAwEAAaOBsjCBrzASBgNVHRMBAf8ECDAGAQH/AgEBMAsG -A1UdDwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0j -BGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkw -FwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJv -b3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBACOSmqEBtBLR9aV3UyCI8gmzR5in -Lte9aUXXS+qis6F2h2Stf4sN+Nl6Gj7REC6SpfEH4wWdwiUL5J0CJhyoOjQuDl3n -1Dw3dE4/zqMZdyDKEYTU75TmvusNJBdGsLkrf7EATAjoi/nrTOYPPhSUZvPp/D+Y -vORJ9Ej51GXlK1nwEB5iA8+tDYniNQn6BD1MEgIejzK+fbiy7braZB1kqhoEr2Si -7luBSnU912sw494E88a2EWbmMvg2TVHPNzCpVkpNk7kifCiwmw9VldkqYy9y/lCa -Epyp7lTfKw7cbD04Vk8QJW782L6Csuxkl346b17wmOqn8AZips3tFsuAY3w= ------END CERTIFICATE----- diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left deleted file mode 100755 index e55c3e42..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left +++ /dev/null @@ -1,10 +0,0 @@ -#strongswan on left board -set -v -cp -rf ipsec.conf.left /etc/ipsec.conf -cp -rf ipsec.secrets.left /etc/ipsec.secrets -cp -rf strongswan.conf /etc/ -cp -rf strongswanCert.pem /etc/ipsec.d/cacerts/ -cp -rf moonCert.pem /etc/ipsec.d/certs/ -mkdir /etc/ipsec.d/private -cp -rf sunKey.pem /etc/ipsec.d/private/ -cp -rf moonKey.pem /etc/ipsec.d/private/ diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right deleted file mode 100755 index bcdbb731..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right +++ /dev/null @@ -1,10 +0,0 @@ -#strongswan on left board -set -v -cp -rf ipsec.conf.right /etc/ipsec.conf -cp -rf ipsec.secrets.right /etc/ipsec.secrets -cp -rf strongswan.conf /etc/ -cp -rf strongswanCert.pem /etc/ipsec.d/cacerts/ -cp -rf sunCert.pem /etc/ipsec.d/certs/ -mkdir /etc/ipsec.d/private -cp -rf sunKey.pem /etc/ipsec.d/private/ -cp -rf moonKey.pem /etc/ipsec.d/private/ diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem deleted file mode 100644 index d0937bab..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem +++ /dev/null @@ -1,25 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIBFjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ -MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS -b290IENBMB4XDTA5MDgyNzA5NTkwNFoXDTE0MDgyNjA5NTkwNFowRTELMAkGA1UE -BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN1bi5z -dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+V -VIpn6Q5jaU//EN6p6A5cSfUfhBK0mFa2laFFZh/Y0h66AXqqrQ3X917h7YNsSk68 -oowY9h9I3gOx7hNVBsJr2VjdYC+b0q5NTha09/A5mimv/prYj6o0yawxoPjoDs9Y -h7D7Kf+F8fkgk0stlHJZX66J7dNrFXbg1xBld+Ep5Or2FbEZ9QWUpRQTuhdpNt/4 -9YuxQ59DemY9IRbwsrKCHH0mGrJsDdqeb0ap+8QvSXHjCt1fr9MNKWaAFAQLKQI4 -e0da1ntPCEQLeE833+NNRBgGufk0KqGT3eAXqrxa9AEIUJnVcPexQdqUMjcUpXFb -8WNzRWB8Egh3BDK6FsECAwEAAaOCARkwggEVMAkGA1UdEwQCMAAwCwYDVR0PBAQD -AgOoMB0GA1UdDgQWBBRW1p4v2qihzRlcI1PnxbZwluML+zBtBgNVHSMEZjBkgBRd -p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT -EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB -ADAdBgNVHREEFjAUghJzdW4uc3Ryb25nc3dhbi5vcmcwEwYDVR0lBAwwCgYIKwYB -BQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9y -Zy9zdHJvbmdzd2FuLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAo37LYT9Awx0MK/nA -FZpPJqUr0Ey+O5Ukcsdx7nd00SlmpiQRY8KmuRXCBQnDEgdLstd3slQjT0pJEgWF -0pzxybnI6eOzYAhLfhart+X1hURiNGbXjggm2s4I5+K32bVIkNEqlsYnd/6F9oo5 -ZNO0/eTTruLZfkNe/zchBGKe/Z7MacVwlYWWCbMtBV4K1d5dGcRRgpQ9WivDlmat -Nh9wlscDSgSGk3HJkbxnq695VN7zUbDWAUvWWhV5bIDjlAR/xyT9ApqIxiyVVRul -fYrE7U05Hbt6GgAroAKLp6qJup9+TxQAKSjKIwJ0hf7OuYyQ8TZtVHS7AOhm+T/5 -G/jGGA== ------END CERTIFICATE----- diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem deleted file mode 100644 index d8fad9aa..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA35VUimfpDmNpT/8Q3qnoDlxJ9R+EErSYVraVoUVmH9jSHroB -eqqtDdf3XuHtg2xKTryijBj2H0jeA7HuE1UGwmvZWN1gL5vSrk1OFrT38DmaKa/+ -mtiPqjTJrDGg+OgOz1iHsPsp/4Xx+SCTSy2Ucllfront02sVduDXEGV34Snk6vYV -sRn1BZSlFBO6F2k23/j1i7FDn0N6Zj0hFvCysoIcfSYasmwN2p5vRqn7xC9JceMK -3V+v0w0pZoAUBAspAjh7R1rWe08IRAt4Tzff401EGAa5+TQqoZPd4BeqvFr0AQhQ -mdVw97FB2pQyNxSlcVvxY3NFYHwSCHcEMroWwQIDAQABAoIBADH51hjN2zk9HVgl -QmcTAWzcUie5cLMhrP+M9mtC8O3jcCwwFY6OwfnbMU8DHy0GMqHg5lB8b99UUVPw -HLAzjDw/ESkc6pgZs4EEhJTsxJLsvTnePgHssEgyXnXf7gRVEqJkPohfy+Zy0UCH -eIUQXiMlOQ7xg7iDMhwNa+UdWSt539DztSKilQn2xdPZjFnMT0/prvl4NA/8Zn54 -/SdWDq5yRdLWb6EK1V7yJ3687GXR1jzGtgy7TXuncUJVTYgX7RdP1Tn6gWD8YAQ/ -RfT0DdWYm4WHSgSb9/NW8lBZH2yy3hg+lNgofXEvTfBkO5QyW31LIr0tCV6zhJIc -Y9MxaKUCgYEA9sktaXfhPLe0ECjdeQEOq5EKuDrCviSKCOuAV4BDSOsdw6+5LWfY -Vb/oke8N70lL3RCblcj1pOKWUi2O/SpEJdDRduiw2gM9cXt3/bChSTHC4TsIxxN/ -Db9OGg72kZ4sRY5Au+zyAAQYBwXhFWux194Jk5qK0JblNG9J5QMqZDcCgYEA5+5h -BgHUMEO+pdME5lAiSc5PcNTejpA6j+OikCh4/HFXy3C/dLx+Cs1+egw64c8iVaIv -NEo7n7E9I0e3XqanPRXhMnBRrP+39OVsWPmZ18Li2Hi84KwJyi8Y11l3XJOqaYpF -wMVUuZpxR0dfG5k/5GwT/tEkmQBglOgG3m2zUMcCgYEA4m3Vd9ahV5dp5AXKpzKc -JjiPMFfhxJo7+FEz0ZUCp03qYljBu/Jy4MKS/grrqyiCLdQGHNlk4SNxLvdUId78 -5gGBnuuDEJU2dAAIKUE9yq2YlBUZSacOxStI2snt28/X6P3LUWHm7LLU5OS1D3Vf -mKPF/6MlSJuas5CEqVZNN+MCgYBH9Qh7IaQgmVQUBKVXg3Mv7OduvUyTdKIGtHxi -N3xZ7hxsDP4JjNWaKmlcGmFGX8pqQRheI83d3NJ4GK8GmbP3Wst0p65fezMqsudr -r30QmPFicgs/tYCQDw6o+aPzwAi2F+VOSqrfrtAIaldSq7hL+VA21dKB+cD9UgOX -jPd+TwKBgQCbKeg2QNS2qhPIG9eaqJDROuxmxb/07d7OBctgMgxVvKhqW9hW42Sy -gJ59fyz5QjFBaSfcOdf4gkKyEawVo45/q6ymIQU37R4vF4CW9Z3CfaIbwJp7LcHV -zH07so/HNsZua6GWCSCLJU5MeCRiZzk2RFiS9KIaLP4gZndv4lXOiQ== ------END RSA PRIVATE KEY----- diff --git a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb b/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb deleted file mode 100644 index 56070605..00000000 --- a/meta-fsl-ppc/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb +++ /dev/null @@ -1,25 +0,0 @@ -SUMMARY = "Scripts and configuration files for ipsec demo" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" - -RDEPENDS_${PN} = "ipsec-tools" - -inherit allarch - -SRC_URI = "file://test_setkey" - -do_configure() { - : -} - -do_compile() { - : -} - -do_install(){ - install -d ${D}${datadir} - cp -a ${WORKDIR}/test_setkey ${D}${datadir}/ -} - -FILES_${PN} = "${datadir}/*" - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch deleted file mode 100644 index e7b874f5..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 9297e3834518ff0558d6e7004a62adfd107e659a Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Tue, 10 Sep 2013 12:46:46 +0300 -Subject: [PATCH 01/26] remove double initialization of cryptodev engine - -cryptodev engine is initialized together with the other engines in -ENGINE_load_builtin_engines. The initialization done through -OpenSSL_add_all_algorithms is redundant. - -Change-Id: Ic9488500967595543ff846f147b36f383db7cb27 -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/17222 ---- - crypto/engine/eng_all.c | 11 ----------- - crypto/engine/engine.h | 4 ---- - crypto/evp/c_all.c | 5 ----- - util/libeay.num | 2 +- - 4 files changed, 1 insertion(+), 21 deletions(-) - -diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c -index 6093376..f16c043 100644 ---- a/crypto/engine/eng_all.c -+++ b/crypto/engine/eng_all.c -@@ -122,14 +122,3 @@ void ENGINE_load_builtin_engines(void) - #endif - ENGINE_register_all_complete(); - } -- --#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) --void ENGINE_setup_bsd_cryptodev(void) { -- static int bsd_cryptodev_default_loaded = 0; -- if (!bsd_cryptodev_default_loaded) { -- ENGINE_load_cryptodev(); -- ENGINE_register_all_complete(); -- } -- bsd_cryptodev_default_loaded=1; --} --#endif -diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h -index f8be497..237a6c9 100644 ---- a/crypto/engine/engine.h -+++ b/crypto/engine/engine.h -@@ -740,10 +740,6 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, - * values. */ - void *ENGINE_get_static_state(void); - --#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) --void ENGINE_setup_bsd_cryptodev(void); --#endif -- - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c -index 766c4ce..5d6c21b 100644 ---- a/crypto/evp/c_all.c -+++ b/crypto/evp/c_all.c -@@ -82,9 +82,4 @@ void OPENSSL_add_all_algorithms_noconf(void) - OPENSSL_cpuid_setup(); - OpenSSL_add_all_ciphers(); - OpenSSL_add_all_digests(); --#ifndef OPENSSL_NO_ENGINE --# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) -- ENGINE_setup_bsd_cryptodev(); --# endif --#endif - } -diff --git a/util/libeay.num b/util/libeay.num -index aa86b2b..ae50040 100755 ---- a/util/libeay.num -+++ b/util/libeay.num -@@ -2801,7 +2801,7 @@ BIO_indent 3242 EXIST::FUNCTION: - BUF_strlcpy 3243 EXIST::FUNCTION: - OpenSSLDie 3244 EXIST::FUNCTION: - OPENSSL_cleanse 3245 EXIST::FUNCTION: --ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE -+ENGINE_setup_bsd_cryptodev 3246 NOEXIST::FUNCTION: - ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH - EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES - FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch deleted file mode 100644 index ab2b7ea9..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch +++ /dev/null @@ -1,317 +0,0 @@ -From dfd6ba263dc25ea2a4bbc32448b24ca2b1fc40e8 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Thu, 29 Aug 2013 16:51:18 +0300 -Subject: [PATCH 02/26] eng_cryptodev: add support for TLS algorithms offload - -- aes-128-cbc-hmac-sha1 -- aes-256-cbc-hmac-sha1 - -Requires TLS patches on cryptodev and TLS algorithm support in Linux -kernel driver. - -Change-Id: I43048caa348414daddd6c1a5cdc55e769ac1945f -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/17223 ---- - crypto/engine/eng_cryptodev.c | 222 +++++++++++++++++++++++++++++++++++++++--- - 1 file changed, 211 insertions(+), 11 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 5a715ac..7588a28 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -72,6 +72,9 @@ ENGINE_load_cryptodev(void) - struct dev_crypto_state { - struct session_op d_sess; - int d_fd; -+ unsigned char *aad; -+ unsigned int aad_len; -+ unsigned int len; - - #ifdef USE_CRYPTODEV_DIGESTS - char dummy_mac_key[HASH_MAX_LEN]; -@@ -140,17 +143,20 @@ static struct { - int nid; - int ivmax; - int keylen; -+ int mackeylen; - } ciphers[] = { -- { CRYPTO_ARC4, NID_rc4, 0, 16, }, -- { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, -- { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, -- { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, -- { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, }, -- { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, }, -- { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, -- { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, -- { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, -- { 0, NID_undef, 0, 0, }, -+ { CRYPTO_ARC4, NID_rc4, 0, 16, 0}, -+ { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, 0}, -+ { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, 0}, -+ { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, 0}, -+ { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, 0}, -+ { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, 0}, -+ { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, -+ { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, -+ { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, -+ { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, -+ { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, -+ { 0, NID_undef, 0, 0, 0}, - }; - - #ifdef USE_CRYPTODEV_DIGESTS -@@ -250,13 +256,15 @@ get_cryptodev_ciphers(const int **cnids) - } - memset(&sess, 0, sizeof(sess)); - sess.key = (caddr_t)"123456789abcdefghijklmno"; -+ sess.mackey = (caddr_t)"123456789ABCDEFGHIJKLMNO"; - - for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { - if (ciphers[i].nid == NID_undef) - continue; - sess.cipher = ciphers[i].id; - sess.keylen = ciphers[i].keylen; -- sess.mac = 0; -+ sess.mackeylen = ciphers[i].mackeylen; -+ - if (ioctl(fd, CIOCGSESSION, &sess) != -1 && - ioctl(fd, CIOCFSESSION, &sess.ses) != -1) - nids[count++] = ciphers[i].nid; -@@ -414,6 +422,67 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - return (1); - } - -+ -+static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len) -+{ -+ struct crypt_auth_op cryp; -+ struct dev_crypto_state *state = ctx->cipher_data; -+ struct session_op *sess = &state->d_sess; -+ const void *iiv; -+ unsigned char save_iv[EVP_MAX_IV_LENGTH]; -+ -+ if (state->d_fd < 0) -+ return (0); -+ if (!len) -+ return (1); -+ if ((len % ctx->cipher->block_size) != 0) -+ return (0); -+ -+ memset(&cryp, 0, sizeof(cryp)); -+ -+ /* TODO: make a seamless integration with cryptodev flags */ -+ switch (ctx->cipher->nid) { -+ case NID_aes_128_cbc_hmac_sha1: -+ case NID_aes_256_cbc_hmac_sha1: -+ cryp.flags = COP_FLAG_AEAD_TLS_TYPE; -+ } -+ cryp.ses = sess->ses; -+ cryp.len = state->len; -+ cryp.src = (caddr_t) in; -+ cryp.dst = (caddr_t) out; -+ cryp.auth_src = state->aad; -+ cryp.auth_len = state->aad_len; -+ -+ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; -+ -+ if (ctx->cipher->iv_len) { -+ cryp.iv = (caddr_t) ctx->iv; -+ if (!ctx->encrypt) { -+ iiv = in + len - ctx->cipher->iv_len; -+ memcpy(save_iv, iiv, ctx->cipher->iv_len); -+ } -+ } else -+ cryp.iv = NULL; -+ -+ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { -+ /* XXX need better errror handling -+ * this can fail for a number of different reasons. -+ */ -+ return (0); -+ } -+ -+ if (ctx->cipher->iv_len) { -+ if (ctx->encrypt) -+ iiv = out + len - ctx->cipher->iv_len; -+ else -+ iiv = save_iv; -+ memcpy(ctx->iv, iiv, ctx->cipher->iv_len); -+ } -+ return (1); -+} -+ -+ - static int - cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -@@ -452,6 +521,45 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - return (1); - } - -+/* Save the encryption key provided by upper layers. -+ * -+ * This function is called by EVP_CipherInit_ex to initialize the algorithm's -+ * extra data. We can't do much here because the mac key is not available. -+ * The next call should/will be to cryptodev_cbc_hmac_sha1_ctrl with parameter -+ * EVP_CTRL_AEAD_SET_MAC_KEY, to set the hmac key. There we call CIOCGSESSION -+ * with both the crypto and hmac keys. -+ */ -+static int cryptodev_init_aead_key(EVP_CIPHER_CTX *ctx, -+ const unsigned char *key, const unsigned char *iv, int enc) -+{ -+ struct dev_crypto_state *state = ctx->cipher_data; -+ struct session_op *sess = &state->d_sess; -+ int cipher = -1, i; -+ -+ for (i = 0; ciphers[i].id; i++) -+ if (ctx->cipher->nid == ciphers[i].nid && -+ ctx->cipher->iv_len <= ciphers[i].ivmax && -+ ctx->key_len == ciphers[i].keylen) { -+ cipher = ciphers[i].id; -+ break; -+ } -+ -+ if (!ciphers[i].id) { -+ state->d_fd = -1; -+ return (0); -+ } -+ -+ memset(sess, 0, sizeof(struct session_op)); -+ -+ sess->key = (caddr_t)key; -+ sess->keylen = ctx->key_len; -+ sess->cipher = cipher; -+ -+ /* for whatever reason, (1) means success */ -+ return (1); -+} -+ -+ - /* - * free anything we allocated earlier when initting a - * session, and close the session. -@@ -488,6 +596,63 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx) - return (ret); - } - -+static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, -+ void *ptr) -+{ -+ switch (type) { -+ case EVP_CTRL_AEAD_SET_MAC_KEY: -+ { -+ /* TODO: what happens with hmac keys larger than 64 bytes? */ -+ struct dev_crypto_state *state = ctx->cipher_data; -+ struct session_op *sess = &state->d_sess; -+ -+ if ((state->d_fd = get_dev_crypto()) < 0) -+ return (0); -+ -+ /* the rest should have been set in cryptodev_init_aead_key */ -+ sess->mackey = ptr; -+ sess->mackeylen = arg; -+ -+ if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { -+ put_dev_crypto(state->d_fd); -+ state->d_fd = -1; -+ return (0); -+ } -+ return (1); -+ } -+ case EVP_CTRL_AEAD_TLS1_AAD: -+ { -+ /* ptr points to the associated data buffer of 13 bytes */ -+ struct dev_crypto_state *state = ctx->cipher_data; -+ unsigned char *p = ptr; -+ unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; -+ unsigned int maclen, padlen; -+ unsigned int bs = ctx->cipher->block_size; -+ -+ state->aad = ptr; -+ state->aad_len = arg; -+ state->len = cryptlen; -+ -+ /* TODO: this should be an extension of EVP_CIPHER struct */ -+ switch (ctx->cipher->nid) { -+ case NID_aes_128_cbc_hmac_sha1: -+ case NID_aes_256_cbc_hmac_sha1: -+ maclen = SHA_DIGEST_LENGTH; -+ } -+ -+ /* space required for encryption (not only TLS padding) */ -+ padlen = maclen; -+ if (ctx->encrypt) { -+ cryptlen += maclen; -+ padlen += bs - (cryptlen % bs); -+ } -+ return padlen; -+ } -+ default: -+ return -1; -+ } -+} -+ - /* - * libcrypto EVP stuff - this is how we get wired to EVP so the engine - * gets called when libcrypto requests a cipher NID. -@@ -600,6 +765,33 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { - NULL - }; - -+const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { -+ NID_aes_128_cbc_hmac_sha1, -+ 16, 16, 16, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ -+const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { -+ NID_aes_256_cbc_hmac_sha1, -+ 16, 32, 16, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; - /* - * Registered by the ENGINE when used to find out how to deal with - * a particular NID in the ENGINE. this says what we'll do at the -@@ -637,6 +829,12 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - case NID_aes_256_cbc: - *cipher = &cryptodev_aes_256_cbc; - break; -+ case NID_aes_128_cbc_hmac_sha1: -+ *cipher = &cryptodev_aes_128_cbc_hmac_sha1; -+ break; -+ case NID_aes_256_cbc_hmac_sha1: -+ *cipher = &cryptodev_aes_256_cbc_hmac_sha1; -+ break; - default: - *cipher = NULL; - break; -@@ -1384,6 +1582,8 @@ ENGINE_load_cryptodev(void) - } - put_dev_crypto(fd); - -+ EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); -+ EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); - if (!ENGINE_set_id(engine, "cryptodev") || - !ENGINE_set_name(engine, "BSD cryptodev engine") || - !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch deleted file mode 100644 index f0d97e9a..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 084fa469a8fef530d71a0870364df1c7997f6465 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Thu, 31 Jul 2014 14:06:19 +0300 -Subject: [PATCH 03/26] cryptodev: fix algorithm registration - -Cryptodev specific algorithms must register only if available in kernel. - -Change-Id: Iec5af8f4f3138357e4b96f2ec1627278134e4808 -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/15326 -Reviewed-by: Horia Ioan Geanta Neag -Reviewed-on: http://git.am.freescale.net:8181/17224 ---- - crypto/engine/eng_cryptodev.c | 20 +++++++++++++++++--- - 1 file changed, 17 insertions(+), 3 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 7588a28..e3eb98b 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -133,6 +133,8 @@ static int cryptodev_dh_compute_key(unsigned char *key, - static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, - void (*f)(void)); - void ENGINE_load_cryptodev(void); -+const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; -+const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; - - static const ENGINE_CMD_DEFN cryptodev_defns[] = { - { 0, NULL, NULL, 0 } -@@ -342,7 +344,21 @@ get_cryptodev_digests(const int **cnids) - static int - cryptodev_usable_ciphers(const int **nids) - { -- return (get_cryptodev_ciphers(nids)); -+ int i, count; -+ -+ count = get_cryptodev_ciphers(nids); -+ /* add ciphers specific to cryptodev if found in kernel */ -+ for(i = 0; i < count; i++) { -+ switch (*(*nids + i)) { -+ case NID_aes_128_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); -+ break; -+ case NID_aes_256_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); -+ break; -+ } -+ } -+ return count; - } - - static int -@@ -1582,8 +1598,6 @@ ENGINE_load_cryptodev(void) - } - put_dev_crypto(fd); - -- EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); -- EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); - if (!ENGINE_set_id(engine, "cryptodev") || - !ENGINE_set_name(engine, "BSD cryptodev engine") || - !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch deleted file mode 100644 index 2d722d8a..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 7d770f0324498d1fa78300cc5cecc8c1dcd3b788 Mon Sep 17 00:00:00 2001 -From: Andy Polyakov -Date: Sun, 21 Oct 2012 18:19:41 +0000 -Subject: [PATCH 04/26] linux-pcc: make it more robust and recognize - KERNEL_BITS variable. - -(cherry picked from commit 78c3e20579d3baa159c8b51b59d415b6e521614b) - -Change-Id: I769c466f052305681ab54a1b6545d94c7fbf5a9d -Signed-off-by: Cristian Stoica ---- - config | 19 +++++++++++++------ - crypto/ppccap.c | 7 +++++++ - 2 files changed, 20 insertions(+), 6 deletions(-) - -diff --git a/config b/config -index 41fa2a6..f37b9e6 100755 ---- a/config -+++ b/config -@@ -587,13 +587,20 @@ case "$GUESSOS" in - fi - ;; - ppc64-*-linux2) -- echo "WARNING! If you wish to build 64-bit library, then you have to" -- echo " invoke './Configure linux-ppc64' *manually*." -- if [ "$TEST" = "false" -a -t 1 ]; then -- echo " You have about 5 seconds to press Ctrl-C to abort." -- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1 -+ if [ -z "$KERNEL_BITS" ]; then -+ echo "WARNING! If you wish to build 64-bit library, then you have to" -+ echo " invoke './Configure linux-ppc64' *manually*." -+ if [ "$TEST" = "false" -a -t 1 ]; then -+ echo " You have about 5 seconds to press Ctrl-C to abort." -+ (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1 -+ fi -+ fi -+ if [ "$KERNEL_BITS" = "64" ]; then -+ OUT="linux-ppc64" -+ else -+ OUT="linux-ppc" -+ (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || options="$options -m32" - fi -- OUT="linux-ppc" - ;; - ppc-*-linux2) OUT="linux-ppc" ;; - ppc60x-*-vxworks*) OUT="vxworks-ppc60x" ;; -diff --git a/crypto/ppccap.c b/crypto/ppccap.c -index f71ba66..531f1b3 100644 ---- a/crypto/ppccap.c -+++ b/crypto/ppccap.c -@@ -4,6 +4,9 @@ - #include - #include - #include -+#ifdef __linux -+#include -+#endif - #include - #include - -@@ -102,6 +105,10 @@ void OPENSSL_cpuid_setup(void) - - if (sizeof(size_t)==4) - { -+#ifdef __linux -+ struct utsname uts; -+ if (uname(&uts)==0 && strcmp(uts.machine,"ppc64")==0) -+#endif - if (sigsetjmp(ill_jmp,1) == 0) - { - OPENSSL_ppc64_probe(); --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch deleted file mode 100644 index c9ff5aa8..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch +++ /dev/null @@ -1,318 +0,0 @@ -From 15abbcd740eafbf2a46b5da24be76acf4982743d Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Tue, 11 Mar 2014 05:56:54 +0545 -Subject: [PATCH 05/26] ECC Support header for Cryptodev Engine - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - crypto/engine/eng_cryptodev_ec.h | 296 +++++++++++++++++++++++++++++++++++++++ - 1 file changed, 296 insertions(+) - create mode 100644 crypto/engine/eng_cryptodev_ec.h - -diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h -new file mode 100644 -index 0000000..77aee71 ---- /dev/null -+++ b/crypto/engine/eng_cryptodev_ec.h -@@ -0,0 +1,296 @@ -+/* -+ * Copyright (C) 2012 Freescale Semiconductor, Inc. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN -+ * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF -+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+#ifndef __ENG_EC_H -+#define __ENG_EC_H -+ -+#define SPCF_CPARAM_INIT(X,...) \ -+static unsigned char X##_c[] = {__VA_ARGS__} \ -+ -+#define SPCF_FREE_BN(X) do { if(X) { BN_clear_free(X); X = NULL; } } while (0) -+ -+#define SPCF_COPY_CPARAMS(NIDBUF) \ -+ do { \ -+ memcpy (buf, NIDBUF, buf_len); \ -+ } while (0) -+ -+#define SPCF_CPARAM_CASE(X) \ -+ case NID_##X: \ -+ SPCF_COPY_CPARAMS(X##_c); \ -+ break -+ -+SPCF_CPARAM_INIT(sect113r1, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, 0xEC, 0x76, -+ 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); -+SPCF_CPARAM_INIT(sect113r2, 0x00, 0x54, 0xD9, 0xF0, 0x39, 0x57, 0x17, 0x4A, -+ 0x32, 0x32, 0x91, 0x67, 0xD7, 0xFE, 0x71); -+SPCF_CPARAM_INIT(sect131r1, 0x03, 0xDB, 0x89, 0xB4, 0x05, 0xE4, 0x91, 0x16, -+ 0x0E, 0x3B, 0x2F, 0x07, 0xB0, 0xCE, 0x20, 0xB3, 0x7E); -+SPCF_CPARAM_INIT(sect131r2, 0x07, 0xCB, 0xB9, 0x92, 0x0D, 0x71, 0xA4, 0x8E, -+ 0x09, 0x9C, 0x38, 0xD7, 0x1D, 0xA6, 0x49, 0x0E, 0xB1); -+SPCF_CPARAM_INIT(sect163k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x01); -+SPCF_CPARAM_INIT(sect163r1, 0x05, 0xED, 0x40, 0x3E, 0xD5, 0x8E, 0xB4, 0x5B, -+ 0x1C, 0xCE, 0xCA, 0x0F, 0x4F, 0x61, 0x65, 0x55, 0x49, 0x86, -+ 0x1B, 0xE0, 0x52); -+SPCF_CPARAM_INIT(sect163r2, 0x07, 0x2C, 0x4E, 0x1E, 0xF7, 0xCB, 0x2F, 0x3A, -+ 0x03, 0x5D, 0x33, 0x10, 0x42, 0x94, 0x15, 0x96, 0x09, 0x13, -+ 0x8B, 0xB4, 0x04); -+SPCF_CPARAM_INIT(sect193r1, 0x01, 0x67, 0xB3, 0x5E, 0xB4, 0x31, 0x3F, 0x26, -+ 0x3D, 0x0F, 0x7A, 0x3D, 0x50, 0x36, 0xF0, 0xA0, 0xA3, 0xC9, -+ 0x80, 0xD4, 0x0E, 0x5A, 0x05, 0x3E, 0xD2); -+SPCF_CPARAM_INIT(sect193r2, 0x00, 0x69, 0x89, 0xFE, 0x6B, 0xFE, 0x30, 0xED, -+ 0xDC, 0x32, 0x44, 0x26, 0x9F, 0x3A, 0xAD, 0x18, 0xD6, 0x6C, -+ 0xF3, 0xDB, 0x3E, 0x33, 0x02, 0xFA, 0xA8); -+SPCF_CPARAM_INIT(sect233k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x01); -+SPCF_CPARAM_INIT(sect233r1, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, 0xDF, 0xF1, -+ 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, 0xCE, 0x35, -+ 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, 0xC0, 0xF2, -+ 0x68, 0x6C); -+SPCF_CPARAM_INIT(sect239k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x01); -+SPCF_CPARAM_INIT(sect283k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); -+SPCF_CPARAM_INIT(sect283r1, 0x03, 0xD8, 0xC9, 0x3D, 0x3B, 0x0E, 0xA8, 0x1D, -+ 0x92, 0x94, 0x03, 0x4D, 0x7E, 0xE3, 0x13, 0x5D, 0x0A, 0xC5, -+ 0xFC, 0x8D, 0x9C, 0xB0, 0x27, 0x6F, 0x72, 0x11, 0xF8, 0x80, -+ 0xF0, 0xD8, 0x1C, 0xA4, 0xC6, 0xE8, 0x7B, 0x38); -+SPCF_CPARAM_INIT(sect409k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x01); -+SPCF_CPARAM_INIT(sect409r1, 0x01, 0x49, 0xB8, 0xB7, 0xBE, 0xBD, 0x9B, 0x63, -+ 0x65, 0x3E, 0xF1, 0xCD, 0x8C, 0x6A, 0x5D, 0xD1, 0x05, 0xA2, -+ 0xAA, 0xAC, 0x36, 0xFE, 0x2E, 0xAE, 0x43, 0xCF, 0x28, 0xCE, -+ 0x1C, 0xB7, 0xC8, 0x30, 0xC1, 0xEC, 0xDB, 0xFA, 0x41, 0x3A, -+ 0xB0, 0x7F, 0xE3, 0x5A, 0x57, 0x81, 0x1A, 0xE4, 0xF8, 0x8D, -+ 0x30, 0xAC, 0x63, 0xFB); -+SPCF_CPARAM_INIT(sect571k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x01); -+SPCF_CPARAM_INIT(sect571r1, 0x06, 0x39, 0x5D, 0xB2, 0x2A, 0xB5, 0x94, 0xB1, -+ 0x86, 0x8C, 0xED, 0x95, 0x25, 0x78, 0xB6, 0x53, 0x9F, 0xAB, -+ 0xA6, 0x94, 0x06, 0xD9, 0xB2, 0x98, 0x61, 0x23, 0xA1, 0x85, -+ 0xC8, 0x58, 0x32, 0xE2, 0x5F, 0xD5, 0xB6, 0x38, 0x33, 0xD5, -+ 0x14, 0x42, 0xAB, 0xF1, 0xA9, 0xC0, 0x5F, 0xF0, 0xEC, 0xBD, -+ 0x88, 0xD7, 0xF7, 0x79, 0x97, 0xF4, 0xDC, 0x91, 0x56, 0xAA, -+ 0xF1, 0xCE, 0x08, 0x16, 0x46, 0x86, 0xDD, 0xFF, 0x75, 0x11, -+ 0x6F, 0xBC, 0x9A, 0x7A); -+SPCF_CPARAM_INIT(X9_62_c2pnb163v1, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, 0x1F, -+ 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, 0x81, -+ 0xE7, 0xEA, 0x26, 0xEC); -+SPCF_CPARAM_INIT(X9_62_c2pnb163v2, 0x04, 0x35, 0xC0, 0x19, 0x66, 0x0E, 0x01, -+ 0x01, 0xBA, 0x87, 0x0C, 0xA3, 0x9F, 0xD9, 0xA7, 0x76, 0x86, -+ 0x50, 0x9D, 0x28, 0x13); -+SPCF_CPARAM_INIT(X9_62_c2pnb163v3, 0x06, 0x55, 0xC4, 0x54, 0xE4, 0x1E, 0x38, -+ 0x0C, 0x7A, 0x60, 0xB6, 0x67, 0x9A, 0x5B, 0x7A, 0x3F, 0x3A, -+ 0xF6, 0x8E, 0x22, 0xC5); -+SPCF_CPARAM_INIT(X9_62_c2pnb176v1, 0x00, 0x69, 0xF7, 0xDA, 0x36, 0x19, 0xA7, -+ 0x42, 0xA3, 0x82, 0xFF, 0x05, 0x08, 0x8F, 0xD3, 0x99, 0x42, -+ 0xCA, 0x0F, 0x1D, 0x90, 0xB6, 0x5B); -+SPCF_CPARAM_INIT(X9_62_c2tnb191v1, 0x4C, 0x45, 0x25, 0xAB, 0x0B, 0x68, 0x4A, -+ 0x64, 0x44, 0x62, 0x0A, 0x86, 0x45, 0xEF, 0x54, 0x6D, 0x54, -+ 0x69, 0x39, 0x68, 0xC2, 0xAE, 0x84, 0xAC); -+SPCF_CPARAM_INIT(X9_62_c2tnb191v2, 0x03, 0x7C, 0x8F, 0x57, 0xA2, 0x25, 0xC7, -+ 0xB3, 0xD4, 0xED, 0xD5, 0x88, 0x0F, 0x38, 0x0A, 0xCC, 0x55, -+ 0x74, 0xEC, 0xB3, 0x6C, 0x9F, 0x51, 0x21); -+SPCF_CPARAM_INIT(X9_62_c2tnb191v3, 0x37, 0x39, 0xFF, 0x98, 0xB4, 0xD1, 0x69, -+ 0x3E, 0xCF, 0x52, 0x7A, 0x98, 0x51, 0xED, 0xCF, 0x99, 0x9D, -+ 0x9E, 0x75, 0x05, 0x43, 0x33, 0x43, 0x24); -+SPCF_CPARAM_INIT(X9_62_c2pnb208w1, 0x00, 0xDB, 0x05, 0x3C, 0x41, 0x76, 0xCC, -+ 0x1D, 0xA1, 0x27, 0x85, 0x2C, 0xA6, 0xD9, 0x88, 0xBE, 0x1A, -+ 0xCC, 0xD1, 0x5B, 0x2A, 0xC1, 0xC1, 0x07, 0x42, 0x57, 0x34); -+SPCF_CPARAM_INIT(X9_62_c2tnb239v1, 0x24, 0x59, 0xFC, 0xF4, 0x51, 0x7B, 0xC5, -+ 0xA6, 0xB9, 0x9B, 0xE5, 0xC6, 0xC5, 0x62, 0x85, 0xC0, 0x21, -+ 0xFE, 0x32, 0xEE, 0x2B, 0x6F, 0x1C, 0x22, 0xEA, 0x5B, 0xE1, -+ 0xB8, 0x4B, 0x93); -+SPCF_CPARAM_INIT(X9_62_c2tnb239v2, 0x64, 0x98, 0x84, 0x19, 0x3B, 0x56, 0x2D, -+ 0x4A, 0x50, 0xB4, 0xFA, 0x56, 0x34, 0xE0, 0x34, 0x41, 0x3F, -+ 0x94, 0xC4, 0x59, 0xDA, 0x7C, 0xDB, 0x16, 0x64, 0x9D, 0xDD, -+ 0xF7, 0xE6, 0x0A); -+SPCF_CPARAM_INIT(X9_62_c2tnb239v3, 0x32, 0x63, 0x2E, 0x65, 0x2B, 0xEE, 0x91, -+ 0xC2, 0xE4, 0xA2, 0xF5, 0x42, 0xA3, 0x2D, 0x67, 0xA8, 0xB5, -+ 0xB4, 0x5F, 0x21, 0xA0, 0x81, 0x02, 0xFB, 0x1F, 0x2A, 0xFB, -+ 0xB6, 0xAC, 0xDA); -+SPCF_CPARAM_INIT(X9_62_c2pnb272w1, 0x00, 0xDA, 0x7B, 0x60, 0x28, 0xF4, 0xC8, -+ 0x09, 0xA0, 0xB9, 0x78, 0x81, 0xC3, 0xA5, 0x7E, 0x4D, 0x71, -+ 0x81, 0x34, 0xD1, 0x3F, 0xEC, 0xE0, 0x90, 0x85, 0x8A, 0xC3, -+ 0x1A, 0xE2, 0xDC, 0x2E, 0xDF, 0x8E, 0x3C, 0x8B); -+SPCF_CPARAM_INIT(X9_62_c2pnb304w1, 0x00, 0x3C, 0x67, 0xB4, 0x07, 0xC6, 0xF3, -+ 0x3F, 0x81, 0x0B, 0x17, 0xDC, 0x16, 0xE2, 0x14, 0x8A, 0x2C, -+ 0x9C, 0xE2, 0x9D, 0x56, 0x05, 0x23, 0x69, 0x6A, 0x55, 0x93, -+ 0x8A, 0x15, 0x40, 0x81, 0xE3, 0xE3, 0xAE, 0xFB, 0xCE, 0x45, -+ 0x70, 0xC9); -+SPCF_CPARAM_INIT(X9_62_c2tnb359v1, 0x22, 0x39, 0xAA, 0x58, 0x4A, 0xC5, 0x9A, -+ 0xF9, 0x61, 0xD0, 0xFA, 0x2D, 0x52, 0x85, 0xB6, 0xFD, 0xF7, -+ 0x34, 0x9B, 0xC6, 0x0E, 0x91, 0xE3, 0x20, 0xF4, 0x71, 0x64, -+ 0xCE, 0x11, 0xF5, 0x18, 0xEF, 0xB4, 0xC0, 0x8B, 0x9B, 0xDA, -+ 0x99, 0x9A, 0x8A, 0x37, 0xF8, 0x2A, 0x22, 0x61); -+SPCF_CPARAM_INIT(X9_62_c2pnb368w1, 0x00, 0xC0, 0x6C, 0xCF, 0x42, 0x89, 0x3A, -+ 0x8A, 0xAA, 0x00, 0x1E, 0x0B, 0xC0, 0xD2, 0xA2, 0x27, 0x66, -+ 0xEF, 0x3E, 0x41, 0x88, 0x7C, 0xC6, 0x77, 0x6F, 0x4A, 0x04, -+ 0x1E, 0xE4, 0x45, 0x14, 0xB2, 0x0A, 0xFC, 0x4E, 0x5C, 0x30, -+ 0x40, 0x60, 0x06, 0x5B, 0xC8, 0xD6, 0xCF, 0x04, 0xD3, 0x25); -+SPCF_CPARAM_INIT(X9_62_c2tnb431r1, 0x64, 0xF5, 0xBB, 0xE9, 0xBB, 0x31, 0x66, -+ 0xA3, 0xA0, 0x2F, 0x2F, 0x22, 0xBF, 0x05, 0xD9, 0xF7, 0xDA, -+ 0x43, 0xEE, 0x70, 0xC1, 0x79, 0x03, 0x15, 0x2B, 0x70, 0xA0, -+ 0xB4, 0x25, 0x9B, 0xD2, 0xFC, 0xB2, 0x20, 0x3B, 0x7F, 0xB8, -+ 0xD3, 0x39, 0x4E, 0x20, 0xEB, 0x0E, 0xA9, 0x84, 0xDD, 0xB1, -+ 0xE1, 0xF1, 0x4C, 0x67, 0xB1, 0x36, 0x2B); -+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); -+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x01); -+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls4, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, -+ 0xEC, 0x76, 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); -+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls5, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, -+ 0x1F, 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, -+ 0x81, 0xE7, 0xEA, 0x26, 0xEC); -+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x01); -+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls11, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, -+ 0xDF, 0xF1, 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, -+ 0xCE, 0x35, 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, -+ 0xC0, 0xF2, 0x68, 0x6C); -+/* Oakley curve #3 over 155 bit binary filed */ -+SPCF_CPARAM_INIT(ipsec3, 0x00, 0x31, 0x10, 0x00, 0x00, 0x02, 0x23, 0xA0, 0x00, -+ 0xC4, 0x47, 0x40, 0x00, 0x08, 0x8E, 0x80, 0x00, 0x11, 0x1D, -+ 0x1D); -+/* Oakley curve #4 over 185 bit binary filed */ -+SPCF_CPARAM_INIT(ipsec4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, -+ 0x01, 0x80, 0x00, 0xC0, 0x0C, 0x00, 0x00, 0x00, 0x63, 0x80, -+ 0x30, 0x00, 0x1C, 0x00, 0x09); -+ -+static inline int -+eng_ec_get_cparam(int nid, unsigned char *buf, unsigned int buf_len) -+{ -+ int ret = 0; -+ switch (nid) { -+ SPCF_CPARAM_CASE(sect113r1); -+ SPCF_CPARAM_CASE(sect113r2); -+ SPCF_CPARAM_CASE(sect131r1); -+ SPCF_CPARAM_CASE(sect131r2); -+ SPCF_CPARAM_CASE(sect163k1); -+ SPCF_CPARAM_CASE(sect163r1); -+ SPCF_CPARAM_CASE(sect163r2); -+ SPCF_CPARAM_CASE(sect193r1); -+ SPCF_CPARAM_CASE(sect193r2); -+ SPCF_CPARAM_CASE(sect233k1); -+ SPCF_CPARAM_CASE(sect233r1); -+ SPCF_CPARAM_CASE(sect239k1); -+ SPCF_CPARAM_CASE(sect283k1); -+ SPCF_CPARAM_CASE(sect283r1); -+ SPCF_CPARAM_CASE(sect409k1); -+ SPCF_CPARAM_CASE(sect409r1); -+ SPCF_CPARAM_CASE(sect571k1); -+ SPCF_CPARAM_CASE(sect571r1); -+ SPCF_CPARAM_CASE(X9_62_c2pnb163v1); -+ SPCF_CPARAM_CASE(X9_62_c2pnb163v2); -+ SPCF_CPARAM_CASE(X9_62_c2pnb163v3); -+ SPCF_CPARAM_CASE(X9_62_c2pnb176v1); -+ SPCF_CPARAM_CASE(X9_62_c2tnb191v1); -+ SPCF_CPARAM_CASE(X9_62_c2tnb191v2); -+ SPCF_CPARAM_CASE(X9_62_c2tnb191v3); -+ SPCF_CPARAM_CASE(X9_62_c2pnb208w1); -+ SPCF_CPARAM_CASE(X9_62_c2tnb239v1); -+ SPCF_CPARAM_CASE(X9_62_c2tnb239v2); -+ SPCF_CPARAM_CASE(X9_62_c2tnb239v3); -+ SPCF_CPARAM_CASE(X9_62_c2pnb272w1); -+ SPCF_CPARAM_CASE(X9_62_c2pnb304w1); -+ SPCF_CPARAM_CASE(X9_62_c2tnb359v1); -+ SPCF_CPARAM_CASE(X9_62_c2pnb368w1); -+ SPCF_CPARAM_CASE(X9_62_c2tnb431r1); -+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls1); -+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls3); -+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls4); -+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls5); -+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls10); -+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls11); -+ /* Oakley curve #3 over 155 bit binary filed */ -+ SPCF_CPARAM_CASE(ipsec3); -+ /* Oakley curve #4 over 185 bit binary filed */ -+ SPCF_CPARAM_CASE(ipsec4); -+ default: -+ ret = -EINVAL; -+ break; -+ } -+ return ret; -+} -+ -+/* Copies the curve points to a flat buffer with appropriate padding */ -+static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, -+ int xy_len, int crv_len) -+{ -+ unsigned char *xy = NULL; -+ int len1 = 0, len2 = 0; -+ -+ len1 = BN_num_bytes(x); -+ len2 = BN_num_bytes(y); -+ -+ if (!(xy = malloc(xy_len))) { -+ return NULL; -+ } -+ -+ memset(xy, 0, xy_len); -+ -+ if (len1 < crv_len) { -+ if (!BN_is_zero(x)) -+ BN_bn2bin(x, xy + (crv_len - len1)); -+ } else { -+ BN_bn2bin(x, xy); -+ } -+ -+ if (len2 < crv_len) { -+ if (!BN_is_zero(y)) -+ BN_bn2bin(y, xy+crv_len+(crv_len-len2)); -+ } else { -+ BN_bn2bin(y, xy+crv_len); -+ } -+ -+ return xy; -+} -+ -+enum curve_t { -+ DISCRETE_LOG, -+ ECC_PRIME, -+ ECC_BINARY, -+ MAX_ECC_TYPE -+}; -+#endif --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch deleted file mode 100644 index 01c268b6..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 39a9e609290a8a1163a721915bcde0c7cf8f92f7 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Tue, 11 Mar 2014 05:57:47 +0545 -Subject: [PATCH 06/26] Fixed private key support for DH - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - crypto/dh/dh_ameth.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c -index 02ec2d4..ed32004 100644 ---- a/crypto/dh/dh_ameth.c -+++ b/crypto/dh/dh_ameth.c -@@ -422,6 +422,13 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) - if (to->pkey.dh->g != NULL) - BN_free(to->pkey.dh->g); - to->pkey.dh->g=a; -+ if ((a=BN_dup(from->pkey.dh->q)) != NULL) { -+ if (to->pkey.dh->q != NULL) -+ BN_free(to->pkey.dh->q); -+ to->pkey.dh->q=a; -+ } -+ -+ to->pkey.dh->length = from->pkey.dh->length; - - return 1; - } --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch deleted file mode 100644 index 12fcd7df..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 8322e4157bf49d992b5b9e460f2c0785865dd1c1 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Thu, 20 Mar 2014 19:55:51 -0500 -Subject: [PATCH 07/26] Fixed private key support for DH - -Upstream-status: Pending - -Required Length of the DH result is not returned in dh method in openssl - -Tested-by: Yashpal Dutta ---- - crypto/dh/dh_ameth.c | 7 ------- - 1 file changed, 7 deletions(-) - -diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c -index ed32004..02ec2d4 100644 ---- a/crypto/dh/dh_ameth.c -+++ b/crypto/dh/dh_ameth.c -@@ -422,13 +422,6 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) - if (to->pkey.dh->g != NULL) - BN_free(to->pkey.dh->g); - to->pkey.dh->g=a; -- if ((a=BN_dup(from->pkey.dh->q)) != NULL) { -- if (to->pkey.dh->q != NULL) -- BN_free(to->pkey.dh->q); -- to->pkey.dh->q=a; -- } -- -- to->pkey.dh->length = from->pkey.dh->length; - - return 1; - } --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch deleted file mode 100644 index 8c8b1f22..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch +++ /dev/null @@ -1,1564 +0,0 @@ -From 107a10d45db0f2e58482f698add04ed9183f7268 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Tue, 11 Mar 2014 06:29:52 +0545 -Subject: [PATCH 08/26] Initial support for PKC in cryptodev engine - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - crypto/engine/eng_cryptodev.c | 1343 ++++++++++++++++++++++++++++++++++++----- - 1 file changed, 1183 insertions(+), 160 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index e3eb98b..7ee314b 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -54,11 +54,14 @@ ENGINE_load_cryptodev(void) - #else - - #include --#include - #include - #include - #include - #include -+#include -+#include -+#include -+#include - #include - #include - #include -@@ -68,6 +71,8 @@ ENGINE_load_cryptodev(void) - #include - #include - #include -+#include "eng_cryptodev_ec.h" -+#include - - struct dev_crypto_state { - struct session_op d_sess; -@@ -116,18 +121,10 @@ static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, - static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, - RSA *rsa, BN_CTX *ctx); - static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); --static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, -- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); --static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, -- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, -- BN_CTX *ctx, BN_MONT_CTX *mont); - static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, - int dlen, DSA *dsa); - static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); --static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, -- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, -- BN_MONT_CTX *m_ctx); - static int cryptodev_dh_compute_key(unsigned char *key, - const BIGNUM *pub_key, DH *dh); - static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, -@@ -136,6 +133,102 @@ void ENGINE_load_cryptodev(void); - const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; - const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; - -+inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) -+{ -+ int len; -+ unsigned char *p; -+ -+ len = BN_num_bytes(bn); -+ -+ if (!len) -+ return -1; -+ -+ p = malloc(len); -+ if (!p) -+ return -1; -+ -+ BN_bn2bin(bn,p); -+ -+ *bin = p; -+ *bin_len = len; -+ -+ return 0; -+} -+ -+inline int spcf_bn2bin_ex(BIGNUM *bn, unsigned char **bin, int *bin_len) -+{ -+ int len; -+ unsigned char *p; -+ -+ len = BN_num_bytes(bn); -+ -+ if (!len) -+ return -1; -+ -+ if (len < *bin_len) -+ p = malloc(*bin_len); -+ else -+ p = malloc(len); -+ -+ if (!p) -+ return -ENOMEM; -+ -+ if (len < *bin_len) { -+ /* place padding */ -+ memset(p, 0, (*bin_len - len)); -+ BN_bn2bin(bn,p+(*bin_len-len)); -+ } else { -+ BN_bn2bin(bn,p); -+ } -+ -+ *bin = p; -+ if (len >= *bin_len) -+ *bin_len = len; -+ -+ return 0; -+} -+ -+/** -+ * Convert an ECC F2m 'b' parameter into the 'c' parameter. -+ *Inputs: -+ * q, the curve's modulus -+ * b, the curve's b parameter -+ * (a bignum for b, a buffer for c) -+ * Output: -+ * c, written into bin, right-adjusted to fill q_len bytes. -+ */ -+static int -+eng_ec_compute_cparam(const BIGNUM* b, const BIGNUM* q, -+ unsigned char **bin, int *bin_len) -+{ -+ BIGNUM* c = BN_new(); -+ BIGNUM* exp = BN_new(); -+ BN_CTX *ctx = BN_CTX_new(); -+ int m = BN_num_bits(q) - 1; -+ int ok = 0; -+ -+ if (!c || !exp || !ctx || *bin) -+ goto err; -+ -+ /* -+ * We have to compute c, where b = c^4, i.e., the fourth root of b. -+ * The equation for c is c = b^(2^(m-2)) -+ * Compute exp = 2^(m-2) -+ * (1 << x) == 2^x -+ * and then compute c = b^exp -+ */ -+ BN_lshift(exp, BN_value_one(), m-2); -+ BN_GF2m_mod_exp(c, b, exp, q, ctx); -+ /* Store c */ -+ spcf_bn2bin_ex(c, bin, bin_len); -+ ok = 1; -+err: -+ if (ctx) BN_CTX_free(ctx); -+ if (c) BN_free(c); -+ if (exp) BN_free(exp); -+ return ok; -+} -+ - static const ENGINE_CMD_DEFN cryptodev_defns[] = { - { 0, NULL, NULL, 0 } - }; -@@ -1139,7 +1232,6 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, - static int - bn2crparam(const BIGNUM *a, struct crparam *crp) - { -- int i, j, k; - ssize_t bytes, bits; - u_char *b; - -@@ -1156,15 +1248,7 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) - - crp->crp_p = (caddr_t) b; - crp->crp_nbits = bits; -- -- for (i = 0, j = 0; i < a->top; i++) { -- for (k = 0; k < BN_BITS2 / 8; k++) { -- if ((j + k) >= bytes) -- return (0); -- b[j + k] = a->d[i] >> (k * 8); -- } -- j += BN_BITS2 / 8; -- } -+ BN_bn2bin(a, crp->crp_p); - return (0); - } - -@@ -1172,22 +1256,14 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) - static int - crparam2bn(struct crparam *crp, BIGNUM *a) - { -- u_int8_t *pd; -- int i, bytes; -+ int bytes; - - bytes = (crp->crp_nbits + 7) / 8; - - if (bytes == 0) - return (-1); - -- if ((pd = (u_int8_t *) malloc(bytes)) == NULL) -- return (-1); -- -- for (i = 0; i < bytes; i++) -- pd[i] = crp->crp_p[bytes - i - 1]; -- -- BN_bin2bn(pd, bytes, a); -- free(pd); -+ BN_bin2bn(crp->crp_p, bytes, a); - - return (0); - } -@@ -1235,6 +1311,32 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) - return (ret); - } - -+/* Close an opened instance of cryptodev engine */ -+void cryptodev_close_instance(void *handle) -+{ -+ int fd; -+ -+ if (handle) { -+ fd = *(int *)handle; -+ close(fd); -+ free(handle); -+ } -+} -+ -+/* Create an instance of cryptodev for asynchronous interface */ -+void *cryptodev_init_instance(void) -+{ -+ int *fd = malloc(sizeof(int)); -+ -+ if (fd) { -+ if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) { -+ free(fd); -+ return NULL; -+ } -+ } -+ return fd; -+} -+ - static int - cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) -@@ -1250,9 +1352,9 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - return (ret); - } - -- memset(&kop, 0, sizeof kop); - kop.crk_op = CRK_MOD_EXP; -- -+ kop.crk_oparams = 0; -+ kop.crk_status = 0; - /* inputs: a^p % m */ - if (bn2crparam(a, &kop.crk_param[0])) - goto err; -@@ -1293,28 +1395,38 @@ static int - cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) - { - struct crypt_kop kop; -- int ret = 1; -+ int ret = 1, f_len, p_len, q_len; -+ unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; - - if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { - /* XXX 0 means failure?? */ - return (0); - } - -- memset(&kop, 0, sizeof kop); -+ kop.crk_oparams = 0; -+ kop.crk_status = 0; - kop.crk_op = CRK_MOD_EXP_CRT; -+ f_len = BN_num_bytes(rsa->n); -+ spcf_bn2bin_ex(I, &f, &f_len); -+ spcf_bn2bin(rsa->p, &p, &p_len); -+ spcf_bn2bin(rsa->q, &q, &q_len); -+ spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); -+ spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); -+ spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); - /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ -- if (bn2crparam(rsa->p, &kop.crk_param[0])) -- goto err; -- if (bn2crparam(rsa->q, &kop.crk_param[1])) -- goto err; -- if (bn2crparam(I, &kop.crk_param[2])) -- goto err; -- if (bn2crparam(rsa->dmp1, &kop.crk_param[3])) -- goto err; -- if (bn2crparam(rsa->dmq1, &kop.crk_param[4])) -- goto err; -- if (bn2crparam(rsa->iqmp, &kop.crk_param[5])) -- goto err; -+ kop.crk_param[0].crp_p = p; -+ kop.crk_param[0].crp_nbits = p_len * 8; -+ kop.crk_param[1].crp_p = q; -+ kop.crk_param[1].crp_nbits = q_len * 8; -+ kop.crk_param[2].crp_p = f; -+ kop.crk_param[2].crp_nbits = f_len * 8; -+ kop.crk_param[3].crp_p = dp; -+ kop.crk_param[3].crp_nbits = p_len * 8; -+ /* dq must of length q, rest all of length p*/ -+ kop.crk_param[4].crp_p = dq; -+ kop.crk_param[4].crp_nbits = q_len * 8; -+ kop.crk_param[5].crp_p = c; -+ kop.crk_param[5].crp_nbits = p_len * 8; - kop.crk_iparams = 6; - - if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) { -@@ -1350,90 +1462,117 @@ static RSA_METHOD cryptodev_rsa = { - NULL /* rsa_verify */ - }; - --static int --cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, -- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) --{ -- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); --} -- --static int --cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, -- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, -- BN_CTX *ctx, BN_MONT_CTX *mont) -+static DSA_SIG * -+cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) - { -- BIGNUM t2; -- int ret = 0; -- -- BN_init(&t2); -- -- /* v = ( g^u1 * y^u2 mod p ) mod q */ -- /* let t1 = g ^ u1 mod p */ -- ret = 0; -+ struct crypt_kop kop; -+ BIGNUM *c = NULL, *d = NULL; -+ DSA_SIG *dsaret = NULL; -+ int q_len = 0, r_len = 0, g_len = 0; -+ int priv_key_len = 0, ret; -+ unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; - -- if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont)) -+ memset(&kop, 0, sizeof kop); -+ if ((c = BN_new()) == NULL) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; -+ } - -- /* let t2 = y ^ u2 mod p */ -- if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont)) -+ if ((d = BN_new()) == NULL) { -+ BN_free(c); -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; -- /* let u1 = t1 * t2 mod p */ -- if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx)) -+ } -+ -+ if (spcf_bn2bin(dsa->p, &q, &q_len)) { -+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - goto err; -+ } - -- BN_copy(t1,u1); -+ /* Get order of the field of private keys into plain buffer */ -+ if (spcf_bn2bin (dsa->q, &r, &r_len)) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } - -- ret = 1; --err: -- BN_free(&t2); -- return(ret); --} -+ /* sanity test */ -+ if (dlen > r_len) { -+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); -+ goto err; -+ } - --static DSA_SIG * --cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) --{ -- struct crypt_kop kop; -- BIGNUM *r = NULL, *s = NULL; -- DSA_SIG *dsaret = NULL; -+ g_len = q_len; -+ /** -+ * Get generator into a plain buffer. If length is less than -+ * q_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } - -- if ((r = BN_new()) == NULL) -+ priv_key_len = r_len; -+ /** -+ * Get private key into a plain buffer. If length is less than -+ * r_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; -- if ((s = BN_new()) == NULL) { -- BN_free(r); -+ } -+ -+ /* Allocate memory to store hash. */ -+ f = OPENSSL_malloc (r_len); -+ if (!f) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - -- memset(&kop, 0, sizeof kop); -+ /* Add padding, since SEC expects hash to of size r_len */ -+ if (dlen < r_len) -+ memset(f, 0, r_len - dlen); -+ -+ /* Skip leading bytes if dgst_len < r_len */ -+ memcpy(f + r_len - dlen, dgst, dlen); -+ - kop.crk_op = CRK_DSA_SIGN; - - /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -- kop.crk_param[0].crp_p = (caddr_t)dgst; -- kop.crk_param[0].crp_nbits = dlen * 8; -- if (bn2crparam(dsa->p, &kop.crk_param[1])) -- goto err; -- if (bn2crparam(dsa->q, &kop.crk_param[2])) -- goto err; -- if (bn2crparam(dsa->g, &kop.crk_param[3])) -- goto err; -- if (bn2crparam(dsa->priv_key, &kop.crk_param[4])) -- goto err; -+ kop.crk_param[0].crp_p = (void*)f; -+ kop.crk_param[0].crp_nbits = r_len * 8; -+ kop.crk_param[1].crp_p = (void*)q; -+ kop.crk_param[1].crp_nbits = q_len * 8; -+ kop.crk_param[2].crp_p = (void*)r; -+ kop.crk_param[2].crp_nbits = r_len * 8; -+ kop.crk_param[3].crp_p = (void*)g; -+ kop.crk_param[3].crp_nbits = g_len * 8; -+ kop.crk_param[4].crp_p = (void*)priv_key; -+ kop.crk_param[4].crp_nbits = priv_key_len * 8; - kop.crk_iparams = 5; - -- if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r, -- BN_num_bytes(dsa->q), s) == 0) { -- dsaret = DSA_SIG_new(); -- dsaret->r = r; -- dsaret->s = s; -- } else { -- const DSA_METHOD *meth = DSA_OpenSSL(); -- BN_free(r); -- BN_free(s); -- dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); -+ ret = cryptodev_asym(&kop, r_len, c, r_len, d); -+ -+ if (ret) { -+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DECODE_ERROR); -+ goto err; - } --err: -- kop.crk_param[0].crp_p = NULL; -+ -+ dsaret = DSA_SIG_new(); -+ dsaret->r = c; -+ dsaret->s = d; -+ - zapparams(&kop); - return (dsaret); -+err: -+ { -+ const DSA_METHOD *meth = DSA_OpenSSL(); -+ if (c) -+ BN_free(c); -+ if (d) -+ BN_free(d); -+ dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); -+ return (dsaret); -+ } - } - - static int -@@ -1441,42 +1580,179 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, - DSA_SIG *sig, DSA *dsa) - { - struct crypt_kop kop; -- int dsaret = 1; -+ int dsaret = 1, q_len = 0, r_len = 0, g_len = 0; -+ int w_len = 0 ,c_len = 0, d_len = 0, ret = -1; -+ unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; -+ unsigned char * c = NULL, * d = NULL, *f = NULL; - - memset(&kop, 0, sizeof kop); - kop.crk_op = CRK_DSA_VERIFY; - -- /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ -- kop.crk_param[0].crp_p = (caddr_t)dgst; -- kop.crk_param[0].crp_nbits = dlen * 8; -- if (bn2crparam(dsa->p, &kop.crk_param[1])) -+ if (spcf_bn2bin(dsa->p, &q, &q_len)) { -+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ return ret; -+ } -+ -+ /* Get Order of field of private keys */ -+ if (spcf_bn2bin(dsa->q, &r, &r_len)) { -+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; -- if (bn2crparam(dsa->q, &kop.crk_param[2])) -+ } -+ -+ g_len = q_len; -+ /** -+ * Get generator into a plain buffer. If length is less than -+ * q_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { -+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; -- if (bn2crparam(dsa->g, &kop.crk_param[3])) -+ } -+ w_len = q_len; -+ /** -+ * Get public key into a plain buffer. If length is less than -+ * q_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { -+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ /** -+ * Get the 1st part of signature into a flat buffer with -+ * appropriate padding -+ */ -+ c_len = r_len; -+ -+ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; -- if (bn2crparam(dsa->pub_key, &kop.crk_param[4])) -+ } -+ -+ /** -+ * Get the 2nd part of signature into a flat buffer with -+ * appropriate padding -+ */ -+ d_len = r_len; -+ -+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; -- if (bn2crparam(sig->r, &kop.crk_param[5])) -+ } -+ -+ -+ /* Sanity test */ -+ if (dlen > r_len) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; -- if (bn2crparam(sig->s, &kop.crk_param[6])) -+ } -+ -+ /* Allocate memory to store hash. */ -+ f = OPENSSL_malloc (r_len); -+ if (!f) { -+ DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; -+ } -+ -+ /* Add padding, since SEC expects hash to of size r_len */ -+ if (dlen < r_len) -+ memset(f, 0, r_len - dlen); -+ -+ /* Skip leading bytes if dgst_len < r_len */ -+ memcpy(f + r_len - dlen, dgst, dlen); -+ -+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ -+ kop.crk_param[0].crp_p = (void*)f; -+ kop.crk_param[0].crp_nbits = r_len * 8; -+ kop.crk_param[1].crp_p = q; -+ kop.crk_param[1].crp_nbits = q_len * 8; -+ kop.crk_param[2].crp_p = r; -+ kop.crk_param[2].crp_nbits = r_len * 8; -+ kop.crk_param[3].crp_p = g; -+ kop.crk_param[3].crp_nbits = g_len * 8; -+ kop.crk_param[4].crp_p = w; -+ kop.crk_param[4].crp_nbits = w_len * 8; -+ kop.crk_param[5].crp_p = c; -+ kop.crk_param[5].crp_nbits = c_len * 8; -+ kop.crk_param[6].crp_p = d; -+ kop.crk_param[6].crp_nbits = d_len * 8; - kop.crk_iparams = 7; - -- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { --/*OCF success value is 0, if not zero, change dsaret to fail*/ -- if(0 != kop.crk_status) dsaret = 0; -- } else { -- const DSA_METHOD *meth = DSA_OpenSSL(); -+ if ((cryptodev_asym(&kop, 0, NULL, 0, NULL))) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); -+ goto err; -+ } - -- dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); -+ /*OCF success value is 0, if not zero, change dsaret to fail*/ -+ if(0 != kop.crk_status) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); -+ goto err; - } --err: -- kop.crk_param[0].crp_p = NULL; -+ - zapparams(&kop); - return (dsaret); -+err: -+ { -+ const DSA_METHOD *meth = DSA_OpenSSL(); -+ -+ dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); -+ } -+ return dsaret; - } - -+/* Cryptodev DSA Key Gen routine */ -+static int cryptodev_dsa_keygen(DSA *dsa) -+{ -+ struct crypt_kop kop; -+ int ret = 1, g_len; -+ unsigned char *g = NULL; -+ -+ if (dsa->priv_key == NULL) { -+ if ((dsa->priv_key=BN_new()) == NULL) -+ goto sw_try; -+ } -+ -+ if (dsa->pub_key == NULL) { -+ if ((dsa->pub_key=BN_new()) == NULL) -+ goto sw_try; -+ } -+ -+ g_len = BN_num_bytes(dsa->p); -+ /** -+ * Get generator into a plain buffer. If length is less than -+ * p_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { -+ DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); -+ goto sw_try; -+ } -+ -+ memset(&kop, 0, sizeof kop); -+ -+ kop.crk_op = CRK_DSA_GENERATE_KEY; -+ if (bn2crparam(dsa->p, &kop.crk_param[0])) -+ goto sw_try; -+ if (bn2crparam(dsa->q, &kop.crk_param[1])) -+ goto sw_try; -+ kop.crk_param[2].crp_p = g; -+ kop.crk_param[2].crp_nbits = g_len * 8; -+ kop.crk_iparams = 3; -+ -+ /* pub_key is or prime length while priv key is of length of order */ -+ if (cryptodev_asym(&kop, BN_num_bytes(dsa->p), dsa->pub_key, -+ BN_num_bytes(dsa->q), dsa->priv_key)) -+ goto sw_try; -+ -+ return ret; -+sw_try: -+ { -+ const DSA_METHOD *meth = DSA_OpenSSL(); -+ ret = (meth->dsa_keygen)(dsa); -+ } -+ return ret; -+} -+ -+ -+ - static DSA_METHOD cryptodev_dsa = { - "cryptodev DSA method", - NULL, -@@ -1490,12 +1766,543 @@ static DSA_METHOD cryptodev_dsa = { - NULL /* app_data */ - }; - --static int --cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, -- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, -- BN_MONT_CTX *m_ctx) -+static ECDSA_METHOD cryptodev_ecdsa = { -+ "cryptodev ECDSA method", -+ NULL, -+ NULL, /* ecdsa_sign_setup */ -+ NULL, -+ NULL, -+ 0, /* flags */ -+ NULL /* app_data */ -+}; -+ -+typedef enum ec_curve_s -+{ -+ EC_PRIME, -+ EC_BINARY -+} ec_curve_t; -+ -+/* ENGINE handler for ECDSA Sign */ -+static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, -+ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) - { -- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); -+ BIGNUM *m = NULL, *p = NULL, *a = NULL; -+ BIGNUM *b = NULL, *x = NULL, *y = NULL; -+ BN_CTX *ctx = NULL; -+ ECDSA_SIG *ret = NULL; -+ ECDSA_DATA *ecdsa = NULL; -+ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; -+ unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; -+ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; -+ int g_len = 0, d_len = 0, ab_len = 0; -+ const BIGNUM *order = NULL, *priv_key=NULL; -+ const EC_GROUP *group = NULL; -+ struct crypt_kop kop; -+ ec_curve_t ec_crv = EC_PRIME; -+ -+ memset(&kop, 0, sizeof(kop)); -+ ecdsa = ecdsa_check(eckey); -+ if (!ecdsa) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); -+ return NULL; -+ } -+ -+ group = EC_KEY_get0_group(eckey); -+ priv_key = EC_KEY_get0_private_key(eckey); -+ -+ if (!group || !priv_key) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); -+ return NULL; -+ } -+ -+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || -+ (a = BN_new()) == NULL || (b = BN_new()) == NULL || -+ (p = BN_new()) == NULL || (x = BN_new()) == NULL || -+ (y = BN_new()) == NULL) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ order = &group->order; -+ if (!order || BN_is_zero(order)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); -+ goto err; -+ } -+ -+ i = BN_num_bits(order); -+ /* Need to truncate digest if it is too long: first truncate whole -+ bytes */ -+ if (8 * dgst_len > i) -+ dgst_len = (i + 7)/8; -+ -+ if (!BN_bin2bn(dgst, dgst_len, m)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* If still too long truncate remaining bits with a shift */ -+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* copy the truncated bits into plain buffer */ -+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { -+ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); -+ goto err; -+ } -+ -+ ret = ECDSA_SIG_new(); -+ if (!ret) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* check if this is prime or binary EC request */ -+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { -+ ec_crv = EC_PRIME; -+ /* get the generator point pair */ -+ if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), -+ x, y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { -+ ec_crv = EC_BINARY; -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the generator point pair */ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ EC_GROUP_get0_generator(group), x, y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ } else { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ if (spcf_bn2bin(order, &r, &r_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (spcf_bn2bin(p, &q, &q_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ priv_key_len = r_len; -+ -+ /** -+ * If BN_num_bytes of priv_key returns less then r_len then -+ * add padding bytes before the key -+ */ -+ if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Generation of ECC curve parameters */ -+ ab_len = 2*q_len; -+ ab = eng_copy_curve_points(a, b, ab_len, q_len); -+ if (!ab) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (ec_crv == EC_BINARY) { -+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) -+ { -+ unsigned char *c_temp = NULL; -+ int c_temp_len = q_len; -+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) -+ memcpy(ab+q_len, c_temp, q_len); -+ else -+ goto err; -+ } -+ kop.curve_type = ECC_BINARY; -+ } -+ -+ /* Calculation of Generator point */ -+ g_len = 2*q_len; -+ g_xy = eng_copy_curve_points(x, y, g_len, q_len); -+ if (!g_xy) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Memory allocation for first part of digital signature */ -+ c = malloc(r_len); -+ if (!c) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ d_len = r_len; -+ -+ /* Memory allocation for second part of digital signature */ -+ d = malloc(d_len); -+ if (!d) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* memory for message representative */ -+ f = malloc(r_len); -+ if (!f) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Add padding, since SEC expects hash to of size r_len */ -+ memset(f, 0, r_len - dgst_len); -+ -+ /* Skip leading bytes if dgst_len < r_len */ -+ memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); -+ -+ dgst_len += r_len - dgst_len; -+ kop.crk_op = CRK_DSA_SIGN; -+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -+ kop.crk_param[0].crp_p = f; -+ kop.crk_param[0].crp_nbits = dgst_len * 8; -+ kop.crk_param[1].crp_p = q; -+ kop.crk_param[1].crp_nbits = q_len * 8; -+ kop.crk_param[2].crp_p = r; -+ kop.crk_param[2].crp_nbits = r_len * 8; -+ kop.crk_param[3].crp_p = g_xy; -+ kop.crk_param[3].crp_nbits = g_len * 8; -+ kop.crk_param[4].crp_p = s; -+ kop.crk_param[4].crp_nbits = priv_key_len * 8; -+ kop.crk_param[5].crp_p = ab; -+ kop.crk_param[5].crp_nbits = ab_len * 8; -+ kop.crk_iparams = 6; -+ kop.crk_param[6].crp_p = c; -+ kop.crk_param[6].crp_nbits = d_len * 8; -+ kop.crk_param[7].crp_p = d; -+ kop.crk_param[7].crp_nbits = d_len * 8; -+ kop.crk_oparams = 2; -+ -+ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { -+ /* Check if ret->r and s needs to allocated */ -+ crparam2bn(&kop.crk_param[6], ret->r); -+ crparam2bn(&kop.crk_param[7], ret->s); -+ } else { -+ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); -+ ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); -+ } -+ kop.crk_param[0].crp_p = NULL; -+ zapparams(&kop); -+err: -+ if (!ret) { -+ ECDSA_SIG_free(ret); -+ ret = NULL; -+ } -+ return ret; -+} -+ -+static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, -+ ECDSA_SIG *sig, EC_KEY *eckey) -+{ -+ BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; -+ BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; -+ BN_CTX *ctx = NULL; -+ ECDSA_DATA *ecdsa = NULL; -+ unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; -+ unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; -+ int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; -+ int d_len = 0, ab_len = 0, ret = -1; -+ const EC_POINT *pub_key = NULL; -+ const BIGNUM *order = NULL; -+ const EC_GROUP *group=NULL; -+ ec_curve_t ec_crv = EC_PRIME; -+ struct crypt_kop kop; -+ -+ memset(&kop, 0, sizeof kop); -+ ecdsa = ecdsa_check(eckey); -+ if (!ecdsa) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); -+ return ret; -+ } -+ -+ group = EC_KEY_get0_group(eckey); -+ pub_key = EC_KEY_get0_public_key(eckey); -+ -+ if (!group || !pub_key) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); -+ return ret; -+ } -+ -+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || -+ (a = BN_new()) == NULL || (b = BN_new()) == NULL || -+ (p = BN_new()) == NULL || (x = BN_new()) == NULL || -+ (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || -+ (w_y = BN_new()) == NULL) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ order = &group->order; -+ if (!order || BN_is_zero(order)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); -+ goto err; -+ } -+ -+ i = BN_num_bits(order); -+ /* Need to truncate digest if it is too long: first truncate whole -+ * bytes */ -+ if (8 * dgst_len > i) -+ dgst_len = (i + 7)/8; -+ -+ if (!BN_bin2bn(dgst, dgst_len, m)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* If still too long truncate remaining bits with a shift */ -+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); -+ goto err; -+ } -+ /* copy the truncated bits into plain buffer */ -+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* check if this is prime or binary EC request */ -+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { -+ ec_crv = EC_PRIME; -+ -+ /* get the generator point pair */ -+ if (!EC_POINT_get_affine_coordinates_GFp (group, -+ EC_GROUP_get0_generator(group), x, y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the public key pair for prime curve */ -+ if (!EC_POINT_get_affine_coordinates_GFp (group, -+ pub_key, w_x, w_y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ -+ ec_crv = EC_BINARY; -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the generator point pair */ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ EC_GROUP_get0_generator(group),x, y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the public key pair for binary curve */ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ pub_key, w_x, w_y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ }else { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* Get the order of the subgroup of private keys */ -+ if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Get the irreducible polynomial that creates the field */ -+ if (spcf_bn2bin(p, &q, &q_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Get the public key into a flat buffer with appropriate padding */ -+ pub_key_len = 2 * q_len; -+ -+ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); -+ if (!w_xy) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Generation of ECC curve parameters */ -+ ab_len = 2*q_len; -+ -+ ab = eng_copy_curve_points (a, b, ab_len, q_len); -+ if (!ab) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (ec_crv == EC_BINARY) { -+ /* copy b' i.e c(b), instead of only b */ -+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) -+ { -+ unsigned char *c_temp = NULL; -+ int c_temp_len = q_len; -+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) -+ memcpy(ab+q_len, c_temp, q_len); -+ else -+ goto err; -+ } -+ kop.curve_type = ECC_BINARY; -+ } -+ -+ /* Calculation of Generator point */ -+ g_len = 2 * q_len; -+ -+ g_xy = eng_copy_curve_points (x, y, g_len, q_len); -+ if (!g_xy) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /** -+ * Get the 1st part of signature into a flat buffer with -+ * appropriate padding -+ */ -+ if (BN_num_bytes(sig->r) < r_len) -+ c_len = r_len; -+ -+ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /** -+ * Get the 2nd part of signature into a flat buffer with -+ * appropriate padding -+ */ -+ if (BN_num_bytes(sig->s) < r_len) -+ d_len = r_len; -+ -+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* memory for message representative */ -+ f = malloc(r_len); -+ if (!f) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Add padding, since SEC expects hash to of size r_len */ -+ memset(f, 0, r_len-dgst_len); -+ -+ /* Skip leading bytes if dgst_len < r_len */ -+ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); -+ dgst_len += r_len-dgst_len; -+ kop.crk_op = CRK_DSA_VERIFY; -+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -+ kop.crk_param[0].crp_p = f; -+ kop.crk_param[0].crp_nbits = dgst_len * 8; -+ kop.crk_param[1].crp_p = q; -+ kop.crk_param[1].crp_nbits = q_len * 8; -+ kop.crk_param[2].crp_p = r; -+ kop.crk_param[2].crp_nbits = r_len * 8; -+ kop.crk_param[3].crp_p = g_xy; -+ kop.crk_param[3].crp_nbits = g_len * 8; -+ kop.crk_param[4].crp_p = w_xy; -+ kop.crk_param[4].crp_nbits = pub_key_len * 8; -+ kop.crk_param[5].crp_p = ab; -+ kop.crk_param[5].crp_nbits = ab_len * 8; -+ kop.crk_param[6].crp_p = c; -+ kop.crk_param[6].crp_nbits = d_len * 8; -+ kop.crk_param[7].crp_p = d; -+ kop.crk_param[7].crp_nbits = d_len * 8; -+ kop.crk_iparams = 8; -+ -+ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { -+ /*OCF success value is 0, if not zero, change ret to fail*/ -+ if(0 == kop.crk_status) -+ ret = 1; -+ } else { -+ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); -+ -+ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); -+ } -+ kop.crk_param[0].crp_p = NULL; -+ zapparams(&kop); -+ -+err: -+ return ret; -+} -+ -+static int cryptodev_dh_keygen(DH *dh) -+{ -+ struct crypt_kop kop; -+ int ret = 1, g_len; -+ unsigned char *g = NULL; -+ -+ if (dh->priv_key == NULL) { -+ if ((dh->priv_key=BN_new()) == NULL) -+ goto sw_try; -+ } -+ -+ if (dh->pub_key == NULL) { -+ if ((dh->pub_key=BN_new()) == NULL) -+ goto sw_try; -+ } -+ -+ g_len = BN_num_bytes(dh->p); -+ /** -+ * Get generator into a plain buffer. If length is less than -+ * q_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { -+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); -+ goto sw_try; -+ } -+ -+ memset(&kop, 0, sizeof kop); -+ kop.crk_op = CRK_DH_GENERATE_KEY; -+ if (bn2crparam(dh->p, &kop.crk_param[0])) -+ goto sw_try; -+ if (bn2crparam(dh->q, &kop.crk_param[1])) -+ goto sw_try; -+ kop.crk_param[2].crp_p = g; -+ kop.crk_param[2].crp_nbits = g_len * 8; -+ kop.crk_iparams = 3; -+ -+ /* pub_key is or prime length while priv key is of length of order */ -+ if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, -+ BN_num_bytes(dh->q), dh->priv_key)) -+ goto sw_try; -+ -+ return ret; -+sw_try: -+ { -+ const DH_METHOD *meth = DH_OpenSSL(); -+ ret = (meth->generate_key)(dh); -+ } -+ return ret; - } - - static int -@@ -1503,43 +2310,234 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) - { - struct crypt_kop kop; - int dhret = 1; -- int fd, keylen; -+ int fd, p_len; -+ BIGNUM *temp = NULL; -+ unsigned char *padded_pub_key = NULL, *p = NULL; -+ -+ if ((fd = get_asym_dev_crypto()) < 0) -+ goto sw_try; -+ -+ memset(&kop, 0, sizeof kop); -+ kop.crk_op = CRK_DH_COMPUTE_KEY; -+ /* inputs: dh->priv_key pub_key dh->p key */ -+ spcf_bn2bin(dh->p, &p, &p_len); -+ spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); -+ if (bn2crparam(dh->priv_key, &kop.crk_param[0])) -+ goto sw_try; -+ -+ kop.crk_param[1].crp_p = padded_pub_key; -+ kop.crk_param[1].crp_nbits = p_len * 8; -+ kop.crk_param[2].crp_p = p; -+ kop.crk_param[2].crp_nbits = p_len * 8; -+ kop.crk_iparams = 3; -+ kop.crk_param[3].crp_p = (void*) key; -+ kop.crk_param[3].crp_nbits = p_len * 8; -+ kop.crk_oparams = 1; -+ dhret = p_len; -+ -+ if (ioctl(fd, CIOCKEY, &kop)) -+ goto sw_try; - -- if ((fd = get_asym_dev_crypto()) < 0) { -+ if ((temp = BN_new())) { -+ if (!BN_bin2bn(key, p_len, temp)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ goto sw_try; -+ } -+ if (dhret > BN_num_bytes(temp)) -+ dhret=BN_bn2bin(temp,key); -+ BN_free(temp); -+ } -+ -+ kop.crk_param[3].crp_p = NULL; -+ zapparams(&kop); -+ return (dhret); -+sw_try: -+ { - const DH_METHOD *meth = DH_OpenSSL(); - -- return ((meth->compute_key)(key, pub_key, dh)); -+ dhret = (meth->compute_key)(key, pub_key, dh); - } -+ return (dhret); -+} - -- keylen = BN_num_bits(dh->p); -+int cryptodev_ecdh_compute_key(void *out, size_t outlen, -+ const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, -+ void *out, size_t *outlen)) -+{ -+ ec_curve_t ec_crv = EC_PRIME; -+ unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; -+ BIGNUM * w_x = NULL, *w_y = NULL; -+ int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; -+ BIGNUM * p = NULL, *a = NULL, *b = NULL; -+ BN_CTX *ctx; -+ EC_POINT *tmp=NULL; -+ BIGNUM *x=NULL, *y=NULL; -+ const BIGNUM *priv_key; -+ const EC_GROUP* group = NULL; -+ int ret = -1; -+ size_t buflen, len; -+ struct crypt_kop kop; - - memset(&kop, 0, sizeof kop); -- kop.crk_op = CRK_DH_COMPUTE_KEY; - -- /* inputs: dh->priv_key pub_key dh->p key */ -- if (bn2crparam(dh->priv_key, &kop.crk_param[0])) -+ if ((ctx = BN_CTX_new()) == NULL) goto err; -+ BN_CTX_start(ctx); -+ x = BN_CTX_get(ctx); -+ y = BN_CTX_get(ctx); -+ p = BN_CTX_get(ctx); -+ a = BN_CTX_get(ctx); -+ b = BN_CTX_get(ctx); -+ w_x = BN_CTX_get(ctx); -+ w_y = BN_CTX_get(ctx); -+ -+ if (!x || !y || !p || !a || !b || !w_x || !w_y) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); - goto err; -- if (bn2crparam(pub_key, &kop.crk_param[1])) -+ } -+ -+ priv_key = EC_KEY_get0_private_key(ecdh); -+ if (priv_key == NULL) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); - goto err; -- if (bn2crparam(dh->p, &kop.crk_param[2])) -+ } -+ -+ group = EC_KEY_get0_group(ecdh); -+ if ((tmp=EC_POINT_new(group)) == NULL) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); - goto err; -- kop.crk_iparams = 3; -+ } - -- kop.crk_param[3].crp_p = (caddr_t) key; -- kop.crk_param[3].crp_nbits = keylen * 8; -- kop.crk_oparams = 1; -+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == -+ NID_X9_62_prime_field) { -+ ec_crv = EC_PRIME; - -- if (ioctl(fd, CIOCKEY, &kop) == -1) { -- const DH_METHOD *meth = DH_OpenSSL(); -+ if (!EC_POINT_get_affine_coordinates_GFp(group, -+ EC_GROUP_get0_generator(group), x, y, ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); -+ goto err; -+ } - -- dhret = (meth->compute_key)(key, pub_key, dh); -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* get the public key pair for prime curve */ -+ if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; -+ } -+ } else { -+ ec_crv = EC_BINARY; -+ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ EC_GROUP_get0_generator(group), x, y, ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); -+ goto err; -+ } -+ -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* get the public key pair for binary curve */ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ pub_key, w_x, w_y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ } -+ -+ /* irreducible polynomial that creates the field */ -+ if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Get the irreducible polynomial that creates the field */ -+ if (spcf_bn2bin(p, &q, &q_len)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; - } -+ -+ /* Get the public key into a flat buffer with appropriate padding */ -+ pub_key_len = 2 * q_len; -+ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); -+ if (!w_xy) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Generation of ECC curve parameters */ -+ ab_len = 2*q_len; -+ ab = eng_copy_curve_points (a, b, ab_len, q_len); -+ if (!ab) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ if (ec_crv == EC_BINARY) { -+ /* copy b' i.e c(b), instead of only b */ -+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) -+ { -+ unsigned char *c_temp = NULL; -+ int c_temp_len = q_len; -+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) -+ memcpy(ab+q_len, c_temp, q_len); -+ else -+ goto err; -+ } -+ kop.curve_type = ECC_BINARY; -+ } else -+ kop.curve_type = ECC_PRIME; -+ -+ priv_key_len = r_len; -+ -+ /* -+ * If BN_num_bytes of priv_key returns less then r_len then -+ * add padding bytes before the key -+ */ -+ if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ buflen = (EC_GROUP_get_degree(group) + 7)/8; -+ len = BN_num_bytes(x); -+ if (len > buflen || q_len < buflen) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR); -+ goto err; -+ } -+ -+ kop.crk_op = CRK_DH_COMPUTE_KEY; -+ kop.crk_param[0].crp_p = (void*) s; -+ kop.crk_param[0].crp_nbits = priv_key_len*8; -+ kop.crk_param[1].crp_p = (void*) w_xy; -+ kop.crk_param[1].crp_nbits = pub_key_len*8; -+ kop.crk_param[2].crp_p = (void*) q; -+ kop.crk_param[2].crp_nbits = q_len*8; -+ kop.crk_param[3].crp_p = (void*) ab; -+ kop.crk_param[3].crp_nbits = ab_len*8; -+ kop.crk_iparams = 4; -+ kop.crk_param[4].crp_p = (void*) out; -+ kop.crk_param[4].crp_nbits = q_len*8; -+ kop.crk_oparams = 1; -+ ret = q_len; -+ if (cryptodev_asym(&kop, 0, NULL, 0, NULL)) { -+ const ECDH_METHOD *meth = ECDH_OpenSSL(); -+ ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); -+ } else -+ ret = q_len; - err: -- kop.crk_param[3].crp_p = NULL; -+ kop.crk_param[4].crp_p = NULL; - zapparams(&kop); -- return (dhret); -+ return ret; - } - -+ - static DH_METHOD cryptodev_dh = { - "cryptodev DH method", - NULL, /* cryptodev_dh_generate_key */ -@@ -1551,6 +2549,14 @@ static DH_METHOD cryptodev_dh = { - NULL /* app_data */ - }; - -+static ECDH_METHOD cryptodev_ecdh = { -+ "cryptodev ECDH method", -+ NULL, /* cryptodev_ecdh_compute_key */ -+ NULL, -+ 0, /* flags */ -+ NULL /* app_data */ -+}; -+ - /* - * ctrl right now is just a wrapper that doesn't do much - * but I expect we'll want some options soon. -@@ -1634,25 +2640,42 @@ ENGINE_load_cryptodev(void) - memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); - if (cryptodev_asymfeat & CRF_DSA_SIGN) - cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; -- if (cryptodev_asymfeat & CRF_MOD_EXP) { -- cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; -- cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; -- } - if (cryptodev_asymfeat & CRF_DSA_VERIFY) - cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; -+ if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) -+ cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; - } - - if (ENGINE_set_DH(engine, &cryptodev_dh)){ - const DH_METHOD *dh_meth = DH_OpenSSL(); -+ memcpy(&cryptodev_dh, dh_meth, sizeof(DH_METHOD)); -+ if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { -+ cryptodev_dh.compute_key = -+ cryptodev_dh_compute_key; -+ } -+ if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { -+ cryptodev_dh.generate_key = -+ cryptodev_dh_keygen; -+ } -+ } - -- cryptodev_dh.generate_key = dh_meth->generate_key; -- cryptodev_dh.compute_key = dh_meth->compute_key; -- cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; -- if (cryptodev_asymfeat & CRF_MOD_EXP) { -- cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; -- if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) -- cryptodev_dh.compute_key = -- cryptodev_dh_compute_key; -+ if (ENGINE_set_ECDSA(engine, &cryptodev_ecdsa)) { -+ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); -+ memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); -+ if (cryptodev_asymfeat & CRF_DSA_SIGN) { -+ cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; -+ } -+ if (cryptodev_asymfeat & CRF_DSA_VERIFY) { -+ cryptodev_ecdsa.ecdsa_do_verify = -+ cryptodev_ecdsa_verify; -+ } -+ } -+ -+ if (ENGINE_set_ECDH(engine, &cryptodev_ecdh)) { -+ const ECDH_METHOD *ecdh_meth = ECDH_OpenSSL(); -+ memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); -+ if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { -+ cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; - } - } - --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch deleted file mode 100644 index 0fb01821..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 81c4c62a4f5f5542843381bfb34e39a6171d5cdd Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Tue, 11 Mar 2014 06:42:59 +0545 -Subject: [PATCH 09/26] Added hwrng dev file as source of RNG - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - e_os.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/e_os.h b/e_os.h -index 6a0aad1..57c0563 100644 ---- a/e_os.h -+++ b/e_os.h -@@ -79,7 +79,7 @@ extern "C" { - #ifndef DEVRANDOM - /* set this to a comma-separated list of 'random' device files to try out. - * My default, we will try to read at least one of these files */ --#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" -+#define DEVRANDOM "/dev/hwrng","/dev/urandom","/dev/random","/dev/srandom" - #endif - #ifndef DEVRANDOM_EGD - /* set this to a comma-seperated list of 'egd' sockets to try out. These --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch deleted file mode 100644 index 0f889c0f..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch +++ /dev/null @@ -1,2039 +0,0 @@ -From a933e6341fd8989bdd82f8a5446b6f04aa00eef9 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Tue, 11 Mar 2014 07:14:30 +0545 -Subject: [PATCH 10/26] Asynchronous interface added for PKC cryptodev - interface - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - crypto/crypto.h | 16 + - crypto/dh/dh.h | 4 +- - crypto/dsa/dsa.h | 5 + - crypto/ecdh/ech_locl.h | 3 + - crypto/ecdsa/ecs_locl.h | 5 + - crypto/engine/eng_cryptodev.c | 1578 +++++++++++++++++++++++++++++++++++++---- - crypto/engine/eng_int.h | 24 +- - crypto/engine/eng_lib.c | 46 ++ - crypto/engine/engine.h | 24 + - crypto/rsa/rsa.h | 23 + - 10 files changed, 1582 insertions(+), 146 deletions(-) - -diff --git a/crypto/crypto.h b/crypto/crypto.h -index f92fc51..ce12731 100644 ---- a/crypto/crypto.h -+++ b/crypto/crypto.h -@@ -605,6 +605,22 @@ void ERR_load_CRYPTO_strings(void); - #define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101 - #define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100 - -+/* Additions for Asynchronous PKC Infrastructure */ -+struct pkc_cookie_s { -+ void *cookie; /* To be filled by openssl library primitive method function caller */ -+ void *eng_cookie; /* To be filled by Engine */ -+ /* -+ * Callback handler to be provided by caller. Ensure to pass a -+ * handler which takes the crypto operation to completion. -+ * cookie: Container cookie from library -+ * status: Status of the crypto Job completion. -+ * 0: Job handled without any issue -+ * -EINVAL: Parameters Invalid -+ */ -+ void (*pkc_callback)(struct pkc_cookie_s *cookie, int status); -+ void *eng_handle; -+}; -+ - #ifdef __cplusplus - } - #endif -diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h -index ea59e61..20ffad2 100644 ---- a/crypto/dh/dh.h -+++ b/crypto/dh/dh.h -@@ -118,7 +118,9 @@ struct dh_method - int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ -- -+ int (*compute_key_async)(unsigned char *key,const BIGNUM *pub_key,DH *dh, -+ struct pkc_cookie_s *cookie); -+ int (*generate_key_async)(DH *dh, struct pkc_cookie_s *cookie); - int (*init)(DH *dh); - int (*finish)(DH *dh); - int flags; -diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h -index a6f6d0b..b04a029 100644 ---- a/crypto/dsa/dsa.h -+++ b/crypto/dsa/dsa.h -@@ -140,6 +140,10 @@ struct dsa_method - int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ -+ int (*dsa_do_sign_async)(const unsigned char *dgst, int dlen, DSA *dsa, -+ DSA_SIG *sig, struct pkc_cookie_s *cookie); -+ int (*dsa_do_verify_async)(const unsigned char *dgst, int dgst_len, -+ DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie); - int (*init)(DSA *dsa); - int (*finish)(DSA *dsa); - int flags; -@@ -151,6 +155,7 @@ struct dsa_method - BN_GENCB *cb); - /* If this is non-NULL, it is used to generate DSA keys */ - int (*dsa_keygen)(DSA *dsa); -+ int (*dsa_keygen_async)(DSA *dsa, struct pkc_cookie_s *cookie); - }; - - struct dsa_st -diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h -index f6cad6a..adce6b3 100644 ---- a/crypto/ecdh/ech_locl.h -+++ b/crypto/ecdh/ech_locl.h -@@ -67,6 +67,9 @@ struct ecdh_method - const char *name; - int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); -+ int (*compute_key_async)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, -+ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen), -+ struct pkc_cookie_s *cookie); - #if 0 - int (*init)(EC_KEY *eckey); - int (*finish)(EC_KEY *eckey); -diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h -index cb3be13..eb0ebe0 100644 ---- a/crypto/ecdsa/ecs_locl.h -+++ b/crypto/ecdsa/ecs_locl.h -@@ -74,6 +74,11 @@ struct ecdsa_method - BIGNUM **r); - int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey); -+ int (*ecdsa_do_sign_async)(const unsigned char *dgst, int dgst_len, -+ const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey, -+ ECDSA_SIG *sig, struct pkc_cookie_s *cookie); -+ int (*ecdsa_do_verify_async)(const unsigned char *dgst, int dgst_len, -+ const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie); - #if 0 - int (*init)(EC_KEY *eckey); - int (*finish)(EC_KEY *eckey); -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 7ee314b..9f2416e 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -1281,6 +1281,56 @@ zapparams(struct crypt_kop *kop) - } - } - -+/* Any PKC request has at max 2 output parameters and they are stored here to -+be used while copying in the check availability */ -+struct cryptodev_cookie_s { -+ BIGNUM *r; -+ struct crparam r_param; -+ BIGNUM *s; -+ struct crparam s_param; -+ struct crypt_kop *kop; -+}; -+ -+static int -+cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, -+ BIGNUM *s) -+{ -+ int fd; -+ struct pkc_cookie_s *cookie = kop->cookie; -+ struct cryptodev_cookie_s *eng_cookie; -+ -+ fd = *(int *)cookie->eng_handle; -+ -+ eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); -+ -+ if (eng_cookie) { -+ memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); -+ if (r) { -+ kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); -+ if (!kop->crk_param[kop->crk_iparams].crp_p) -+ return -ENOMEM; -+ kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; -+ kop->crk_oparams++; -+ eng_cookie->r = r; -+ eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; -+ } -+ if (s) { -+ kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); -+ if (!kop->crk_param[kop->crk_iparams+1].crp_p) -+ return -ENOMEM; -+ kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; -+ kop->crk_oparams++; -+ eng_cookie->s = s; -+ eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; -+ } -+ } else -+ return -ENOMEM; -+ -+ eng_cookie->kop = kop; -+ cookie->eng_cookie = eng_cookie; -+ return ioctl(fd, CIOCASYMASYNCRYPT, kop); -+} -+ - static int - cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) - { -@@ -1337,6 +1387,44 @@ void *cryptodev_init_instance(void) - return fd; - } - -+#include -+ -+/* Return 0 on success and 1 on failure */ -+int cryptodev_check_availability(void *eng_handle) -+{ -+ int fd = *(int *)eng_handle; -+ struct pkc_cookie_list_s cookie_list; -+ struct pkc_cookie_s *cookie; -+ int i; -+ -+ /* FETCH COOKIE returns number of cookies extracted */ -+ if (ioctl(fd, CIOCASYMFETCHCOOKIE, &cookie_list) <= 0) -+ return 1; -+ -+ for (i = 0; i < cookie_list.cookie_available; i++) { -+ cookie = cookie_list.cookie[i]; -+ if (cookie) { -+ struct cryptodev_cookie_s *eng_cookie = cookie->eng_cookie; -+ if (eng_cookie) { -+ struct crypt_kop *kop = eng_cookie->kop; -+ -+ if (eng_cookie->r) -+ crparam2bn(&eng_cookie->r_param, eng_cookie->r); -+ if (eng_cookie->s) -+ crparam2bn(&eng_cookie->s_param, eng_cookie->s); -+ if (kop->crk_op == CRK_DH_COMPUTE_KEY) -+ kop->crk_oparams = 0; -+ -+ zapparams(eng_cookie->kop); -+ free(eng_cookie->kop); -+ free (eng_cookie); -+ } -+ cookie->pkc_callback(cookie, cookie_list.status[i]); -+ } -+ } -+ return 0; -+} -+ - static int - cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) -@@ -1382,6 +1470,63 @@ err: - } - - static int -+cryptodev_bn_mod_exp_async(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, -+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont, struct pkc_cookie_s *cookie) -+{ -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ int ret = 1; -+ -+ /* Currently, we know we can do mod exp iff we can do any -+ * asymmetric operations at all. -+ */ -+ if (cryptodev_asymfeat == 0 || !kop) { -+ ret = BN_mod_exp(r, a, p, m, ctx); -+ return (ret); -+ } -+ -+ kop->crk_oparams = 0; -+ kop->crk_status = 0; -+ kop->crk_op = CRK_MOD_EXP; -+ kop->cookie = cookie; -+ /* inputs: a^p % m */ -+ if (bn2crparam(a, &kop->crk_param[0])) -+ goto err; -+ if (bn2crparam(p, &kop->crk_param[1])) -+ goto err; -+ if (bn2crparam(m, &kop->crk_param[2])) -+ goto err; -+ -+ kop->crk_iparams = 3; -+ if (cryptodev_asym_async(kop, BN_num_bytes(m), r, 0, NULL)) -+ goto err; -+ -+ return ret; -+err: -+ { -+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); -+ -+ if (kop) -+ free(kop); -+ ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); -+ if (ret) -+ /* Call the completion handler immediately */ -+ cookie->pkc_callback(cookie, 0); -+ } -+ return ret; -+} -+ -+static int -+cryptodev_rsa_nocrt_mod_exp_async(BIGNUM *r0, const BIGNUM *I, -+ RSA *rsa, BN_CTX *ctx, struct pkc_cookie_s *cookie) -+{ -+ int r; -+ ctx = BN_CTX_new(); -+ r = cryptodev_bn_mod_exp_async(r0, I, rsa->d, rsa->n, ctx, NULL, cookie); -+ BN_CTX_free(ctx); -+ return r; -+} -+ -+static int - cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) - { - int r; -@@ -1446,6 +1591,62 @@ err: - return (ret); - } - -+static int -+cryptodev_rsa_mod_exp_async(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx, -+ struct pkc_cookie_s *cookie) -+{ -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ int ret = 1, f_len, p_len, q_len; -+ unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; -+ -+ if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp || !kop) { -+ return (0); -+ } -+ -+ kop->crk_oparams = 0; -+ kop->crk_status = 0; -+ kop->crk_op = CRK_MOD_EXP_CRT; -+ f_len = BN_num_bytes(rsa->n); -+ spcf_bn2bin_ex(I, &f, &f_len); -+ spcf_bn2bin(rsa->p, &p, &p_len); -+ spcf_bn2bin(rsa->q, &q, &q_len); -+ spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); -+ spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); -+ spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); -+ /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ -+ kop->crk_param[0].crp_p = p; -+ kop->crk_param[0].crp_nbits = p_len * 8; -+ kop->crk_param[1].crp_p = q; -+ kop->crk_param[1].crp_nbits = q_len * 8; -+ kop->crk_param[2].crp_p = f; -+ kop->crk_param[2].crp_nbits = f_len * 8; -+ kop->crk_param[3].crp_p = dp; -+ kop->crk_param[3].crp_nbits = p_len * 8; -+ /* dq must of length q, rest all of length p*/ -+ kop->crk_param[4].crp_p = dq; -+ kop->crk_param[4].crp_nbits = q_len * 8; -+ kop->crk_param[5].crp_p = c; -+ kop->crk_param[5].crp_nbits = p_len * 8; -+ kop->crk_iparams = 6; -+ kop->cookie = cookie; -+ if (cryptodev_asym_async(kop, BN_num_bytes(rsa->n), r0, 0, NULL)) -+ goto err; -+ -+ return ret; -+err: -+ { -+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); -+ -+ if (kop) -+ free(kop); -+ ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); -+ if (ret) -+ /* Call user completion handler immediately */ -+ cookie->pkc_callback(cookie, 0); -+ } -+ return (ret); -+} -+ - static RSA_METHOD cryptodev_rsa = { - "cryptodev RSA method", - NULL, /* rsa_pub_enc */ -@@ -1454,6 +1655,12 @@ static RSA_METHOD cryptodev_rsa = { - NULL, /* rsa_priv_dec */ - NULL, - NULL, -+ NULL, /* rsa_pub_enc */ -+ NULL, /* rsa_pub_dec */ -+ NULL, /* rsa_priv_enc */ -+ NULL, /* rsa_priv_dec */ -+ NULL, -+ NULL, - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ -@@ -1751,126 +1958,424 @@ sw_try: - return ret; - } - -+/* Cryptodev DSA Key Gen routine */ -+static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) -+{ -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ int ret = 1, g_len; -+ unsigned char *g = NULL; - -+ if (!kop) -+ goto sw_try; - --static DSA_METHOD cryptodev_dsa = { -- "cryptodev DSA method", -- NULL, -- NULL, /* dsa_sign_setup */ -- NULL, -- NULL, /* dsa_mod_exp */ -- NULL, -- NULL, /* init */ -- NULL, /* finish */ -- 0, /* flags */ -- NULL /* app_data */ --}; -+ if (dsa->priv_key == NULL) { -+ if ((dsa->priv_key=BN_new()) == NULL) -+ goto sw_try; -+ } - --static ECDSA_METHOD cryptodev_ecdsa = { -- "cryptodev ECDSA method", -- NULL, -- NULL, /* ecdsa_sign_setup */ -- NULL, -- NULL, -- 0, /* flags */ -- NULL /* app_data */ --}; -+ if (dsa->pub_key == NULL) { -+ if ((dsa->pub_key=BN_new()) == NULL) -+ goto sw_try; -+ } - --typedef enum ec_curve_s --{ -- EC_PRIME, -- EC_BINARY --} ec_curve_t; -+ g_len = BN_num_bytes(dsa->p); -+ /** -+ * Get generator into a plain buffer. If length is less than -+ * q_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { -+ DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); -+ goto sw_try; -+ } - --/* ENGINE handler for ECDSA Sign */ --static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, -- int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) --{ -- BIGNUM *m = NULL, *p = NULL, *a = NULL; -- BIGNUM *b = NULL, *x = NULL, *y = NULL; -- BN_CTX *ctx = NULL; -- ECDSA_SIG *ret = NULL; -- ECDSA_DATA *ecdsa = NULL; -- unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; -- unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; -- int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; -- int g_len = 0, d_len = 0, ab_len = 0; -- const BIGNUM *order = NULL, *priv_key=NULL; -- const EC_GROUP *group = NULL; -- struct crypt_kop kop; -- ec_curve_t ec_crv = EC_PRIME; -+ memset(kop, 0, sizeof(struct crypt_kop)); -+ kop->crk_op = CRK_DSA_GENERATE_KEY; -+ if (bn2crparam(dsa->p, &kop->crk_param[0])) -+ goto sw_try; -+ if (bn2crparam(dsa->q, &kop->crk_param[1])) -+ goto sw_try; -+ kop->crk_param[2].crp_p = g; -+ kop->crk_param[2].crp_nbits = g_len * 8; -+ kop->crk_iparams = 3; -+ kop->cookie = cookie; - -- memset(&kop, 0, sizeof(kop)); -- ecdsa = ecdsa_check(eckey); -- if (!ecdsa) { -- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); -- return NULL; -+ /* pub_key is or prime length while priv key is of length of order */ -+ if (cryptodev_asym_async(kop, BN_num_bytes(dsa->p), dsa->pub_key, -+ BN_num_bytes(dsa->q), dsa->priv_key)) -+ goto sw_try; -+ -+ return ret; -+sw_try: -+ { -+ const DSA_METHOD *meth = DSA_OpenSSL(); -+ -+ if (kop) -+ free(kop); -+ ret = (meth->dsa_keygen)(dsa); -+ cookie->pkc_callback(cookie, 0); - } -+ return ret; -+} - -- group = EC_KEY_get0_group(eckey); -- priv_key = EC_KEY_get0_private_key(eckey); -+static int -+cryptodev_dsa_do_sign_async(const unsigned char *dgst, int dlen, DSA *dsa, -+ DSA_SIG *sig, struct pkc_cookie_s *cookie) -+{ -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ DSA_SIG *dsaret = NULL; -+ int q_len = 0, r_len = 0, g_len = 0; -+ int priv_key_len = 0, ret = 1; -+ unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; - -- if (!group || !priv_key) { -- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); -- return NULL; -+ if (((sig->r = BN_new()) == NULL) || !kop) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; - } - -- if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || -- (a = BN_new()) == NULL || (b = BN_new()) == NULL || -- (p = BN_new()) == NULL || (x = BN_new()) == NULL || -- (y = BN_new()) == NULL) { -- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ if ((sig->s = BN_new()) == NULL) { -+ BN_free(sig->r); -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - -- order = &group->order; -- if (!order || BN_is_zero(order)) { -- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); -+ if (spcf_bn2bin(dsa->p, &q, &q_len)) { -+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - goto err; - } - -- i = BN_num_bits(order); -- /* Need to truncate digest if it is too long: first truncate whole -- bytes */ -- if (8 * dgst_len > i) -- dgst_len = (i + 7)/8; -+ /* Get order of the field of private keys into plain buffer */ -+ if (spcf_bn2bin (dsa->q, &r, &r_len)) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } - -- if (!BN_bin2bn(dgst, dgst_len, m)) { -- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ /* sanity test */ -+ if (dlen > r_len) { -+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - goto err; - } - -- /* If still too long truncate remaining bits with a shift */ -- if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { -- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ g_len = q_len; -+ /** -+ * Get generator into a plain buffer. If length is less than -+ * q_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - -- /* copy the truncated bits into plain buffer */ -- if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { -- fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); -+ priv_key_len = r_len; -+ /** -+ * Get private key into a plain buffer. If length is less than -+ * r_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - -- ret = ECDSA_SIG_new(); -- if (!ret) { -- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ /* Allocate memory to store hash. */ -+ f = OPENSSL_malloc (r_len); -+ if (!f) { -+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - -- /* check if this is prime or binary EC request */ -- if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { -- ec_crv = EC_PRIME; -- /* get the generator point pair */ -- if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), -- x, y,ctx)) { -- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -- goto err; -- } -+ /* Add padding, since SEC expects hash to of size r_len */ -+ if (dlen < r_len) -+ memset(f, 0, r_len - dlen); - -- /* get the ECC curve parameters */ -- if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { -- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ /* Skip leading bytes if dgst_len < r_len */ -+ memcpy(f + r_len - dlen, dgst, dlen); -+ -+ dlen = r_len; -+ -+ memset(kop, 0, sizeof( struct crypt_kop)); -+ kop->crk_op = CRK_DSA_SIGN; -+ -+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -+ kop->crk_param[0].crp_p = (void*)f; -+ kop->crk_param[0].crp_nbits = dlen * 8; -+ kop->crk_param[1].crp_p = (void*)q; -+ kop->crk_param[1].crp_nbits = q_len * 8; -+ kop->crk_param[2].crp_p = (void*)r; -+ kop->crk_param[2].crp_nbits = r_len * 8; -+ kop->crk_param[3].crp_p = (void*)g; -+ kop->crk_param[3].crp_nbits = g_len * 8; -+ kop->crk_param[4].crp_p = (void*)priv_key; -+ kop->crk_param[4].crp_nbits = priv_key_len * 8; -+ kop->crk_iparams = 5; -+ kop->cookie = cookie; -+ -+ if (cryptodev_asym_async(kop, r_len, sig->r, r_len, sig->s)) -+ goto err; -+ -+ return ret; -+err: -+ { -+ const DSA_METHOD *meth = DSA_OpenSSL(); -+ -+ if (kop) -+ free(kop); -+ BN_free(sig->r); -+ BN_free(sig->s); -+ dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); -+ sig->r = dsaret->r; -+ sig->s = dsaret->s; -+ /* Call user callback immediately */ -+ cookie->pkc_callback(cookie, 0); -+ ret = dsaret; -+ } -+ return ret; -+} -+ -+static int -+cryptodev_dsa_verify_async(const unsigned char *dgst, int dlen, -+ DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie) -+{ -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ int q_len = 0, r_len = 0, g_len = 0; -+ int w_len = 0 ,c_len = 0, d_len = 0, ret = 1; -+ unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; -+ unsigned char *c = NULL, * d = NULL, *f = NULL; -+ -+ if (!kop) -+ goto err; -+ -+ if (spcf_bn2bin(dsa->p, &q, &q_len)) { -+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ return ret; -+ } -+ -+ /* Get Order of field of private keys */ -+ if (spcf_bn2bin(dsa->q, &r, &r_len)) { -+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ g_len = q_len; -+ /** -+ * Get generator into a plain buffer. If length is less than -+ * q_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { -+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ w_len = q_len; -+ /** -+ * Get public key into a plain buffer. If length is less than -+ * q_len then add leading padding bytes. -+ */ -+ if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { -+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ /** -+ * Get the 1st part of signature into a flat buffer with -+ * appropriate padding -+ */ -+ c_len = r_len; -+ -+ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /** -+ * Get the 2nd part of signature into a flat buffer with -+ * appropriate padding -+ */ -+ d_len = r_len; -+ -+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ -+ /* Sanity test */ -+ if (dlen > r_len) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Allocate memory to store hash. */ -+ f = OPENSSL_malloc (r_len); -+ if (!f) { -+ DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Add padding, since SEC expects hash to of size r_len */ -+ if (dlen < r_len) -+ memset(f, 0, r_len - dlen); -+ -+ /* Skip leading bytes if dgst_len < r_len */ -+ memcpy(f + r_len - dlen, dgst, dlen); -+ -+ dlen = r_len; -+ memset(kop, 0, sizeof(struct crypt_kop)); -+ -+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ -+ kop->crk_param[0].crp_p = (void*)f; -+ kop->crk_param[0].crp_nbits = dlen * 8; -+ kop->crk_param[1].crp_p = q; -+ kop->crk_param[1].crp_nbits = q_len * 8; -+ kop->crk_param[2].crp_p = r; -+ kop->crk_param[2].crp_nbits = r_len * 8; -+ kop->crk_param[3].crp_p = g; -+ kop->crk_param[3].crp_nbits = g_len * 8; -+ kop->crk_param[4].crp_p = w; -+ kop->crk_param[4].crp_nbits = w_len * 8; -+ kop->crk_param[5].crp_p = c; -+ kop->crk_param[5].crp_nbits = c_len * 8; -+ kop->crk_param[6].crp_p = d; -+ kop->crk_param[6].crp_nbits = d_len * 8; -+ kop->crk_iparams = 7; -+ kop->crk_op = CRK_DSA_VERIFY; -+ kop->cookie = cookie; -+ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) -+ goto err; -+ -+ return ret; -+err: -+ { -+ const DSA_METHOD *meth = DSA_OpenSSL(); -+ -+ if (kop) -+ free(kop); -+ -+ ret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); -+ cookie->pkc_callback(cookie, 0); -+ } -+ return ret; -+} -+ -+static DSA_METHOD cryptodev_dsa = { -+ "cryptodev DSA method", -+ NULL, -+ NULL, /* dsa_sign_setup */ -+ NULL, -+ NULL, /* dsa_mod_exp */ -+ NULL, -+ NULL, -+ NULL, -+ NULL, -+ NULL, /* init */ -+ NULL, /* finish */ -+ 0, /* flags */ -+ NULL /* app_data */ -+}; -+ -+static ECDSA_METHOD cryptodev_ecdsa = { -+ "cryptodev ECDSA method", -+ NULL, -+ NULL, /* ecdsa_sign_setup */ -+ NULL, -+ NULL, -+ NULL, -+ NULL, -+ 0, /* flags */ -+ NULL /* app_data */ -+}; -+ -+typedef enum ec_curve_s -+{ -+ EC_PRIME, -+ EC_BINARY -+} ec_curve_t; -+ -+/* ENGINE handler for ECDSA Sign */ -+static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, -+ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) -+{ -+ BIGNUM *m = NULL, *p = NULL, *a = NULL; -+ BIGNUM *b = NULL, *x = NULL, *y = NULL; -+ BN_CTX *ctx = NULL; -+ ECDSA_SIG *ret = NULL; -+ ECDSA_DATA *ecdsa = NULL; -+ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; -+ unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; -+ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; -+ int g_len = 0, d_len = 0, ab_len = 0; -+ const BIGNUM *order = NULL, *priv_key=NULL; -+ const EC_GROUP *group = NULL; -+ struct crypt_kop kop; -+ ec_curve_t ec_crv = EC_PRIME; -+ -+ memset(&kop, 0, sizeof(kop)); -+ ecdsa = ecdsa_check(eckey); -+ if (!ecdsa) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); -+ return NULL; -+ } -+ -+ group = EC_KEY_get0_group(eckey); -+ priv_key = EC_KEY_get0_private_key(eckey); -+ -+ if (!group || !priv_key) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); -+ return NULL; -+ } -+ -+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || -+ (a = BN_new()) == NULL || (b = BN_new()) == NULL || -+ (p = BN_new()) == NULL || (x = BN_new()) == NULL || -+ (y = BN_new()) == NULL) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ order = &group->order; -+ if (!order || BN_is_zero(order)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); -+ goto err; -+ } -+ -+ i = BN_num_bits(order); -+ /* Need to truncate digest if it is too long: first truncate whole -+ bytes */ -+ if (8 * dgst_len > i) -+ dgst_len = (i + 7)/8; -+ -+ if (!BN_bin2bn(dgst, dgst_len, m)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* If still too long truncate remaining bits with a shift */ -+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* copy the truncated bits into plain buffer */ -+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { -+ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); -+ goto err; -+ } -+ -+ ret = ECDSA_SIG_new(); -+ if (!ret) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* check if this is prime or binary EC request */ -+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { -+ ec_crv = EC_PRIME; -+ /* get the generator point pair */ -+ if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), -+ x, y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); - goto err; - } - } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { -@@ -2195,63 +2700,581 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, - } - - /** -- * Get the 2nd part of signature into a flat buffer with -- * appropriate padding -+ * Get the 2nd part of signature into a flat buffer with -+ * appropriate padding -+ */ -+ if (BN_num_bytes(sig->s) < r_len) -+ d_len = r_len; -+ -+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* memory for message representative */ -+ f = malloc(r_len); -+ if (!f) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Add padding, since SEC expects hash to of size r_len */ -+ memset(f, 0, r_len-dgst_len); -+ -+ /* Skip leading bytes if dgst_len < r_len */ -+ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); -+ dgst_len += r_len-dgst_len; -+ kop.crk_op = CRK_DSA_VERIFY; -+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -+ kop.crk_param[0].crp_p = f; -+ kop.crk_param[0].crp_nbits = dgst_len * 8; -+ kop.crk_param[1].crp_p = q; -+ kop.crk_param[1].crp_nbits = q_len * 8; -+ kop.crk_param[2].crp_p = r; -+ kop.crk_param[2].crp_nbits = r_len * 8; -+ kop.crk_param[3].crp_p = g_xy; -+ kop.crk_param[3].crp_nbits = g_len * 8; -+ kop.crk_param[4].crp_p = w_xy; -+ kop.crk_param[4].crp_nbits = pub_key_len * 8; -+ kop.crk_param[5].crp_p = ab; -+ kop.crk_param[5].crp_nbits = ab_len * 8; -+ kop.crk_param[6].crp_p = c; -+ kop.crk_param[6].crp_nbits = d_len * 8; -+ kop.crk_param[7].crp_p = d; -+ kop.crk_param[7].crp_nbits = d_len * 8; -+ kop.crk_iparams = 8; -+ -+ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { -+ /*OCF success value is 0, if not zero, change ret to fail*/ -+ if(0 == kop.crk_status) -+ ret = 1; -+ } else { -+ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); -+ -+ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); -+ } -+ kop.crk_param[0].crp_p = NULL; -+ zapparams(&kop); -+ -+err: -+ return ret; -+} -+ -+static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, -+ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey, -+ ECDSA_SIG *sig, struct pkc_cookie_s *cookie) -+{ -+ BIGNUM *m = NULL, *p = NULL, *a = NULL; -+ BIGNUM *b = NULL, *x = NULL, *y = NULL; -+ BN_CTX *ctx = NULL; -+ ECDSA_SIG *sig_ret = NULL; -+ ECDSA_DATA *ecdsa = NULL; -+ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; -+ unsigned char * s = NULL, *f = NULL, *tmp_dgst = NULL; -+ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; -+ int g_len = 0, ab_len = 0, ret = 1; -+ const BIGNUM *order = NULL, *priv_key=NULL; -+ const EC_GROUP *group = NULL; -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ ec_curve_t ec_crv = EC_PRIME; -+ -+ if (!(sig->r = BN_new()) || !kop) -+ goto err; -+ if ((sig->s = BN_new()) == NULL) { -+ BN_free(r); -+ goto err; -+ } -+ -+ memset(kop, 0, sizeof(struct crypt_kop)); -+ ecdsa = ecdsa_check(eckey); -+ if (!ecdsa) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); -+ goto err; -+ } -+ -+ group = EC_KEY_get0_group(eckey); -+ priv_key = EC_KEY_get0_private_key(eckey); -+ -+ if (!group || !priv_key) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); -+ goto err; -+ } -+ -+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || -+ (a = BN_new()) == NULL || (b = BN_new()) == NULL || -+ (p = BN_new()) == NULL || (x = BN_new()) == NULL || -+ (y = BN_new()) == NULL) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ order = &group->order; -+ if (!order || BN_is_zero(order)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); -+ goto err; -+ } -+ -+ i = BN_num_bits(order); -+ /* Need to truncate digest if it is too long: first truncate whole -+ bytes */ -+ if (8 * dgst_len > i) -+ dgst_len = (i + 7)/8; -+ -+ if (!BN_bin2bn(dgst, dgst_len, m)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* If still too long truncate remaining bits with a shift */ -+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* copy the truncated bits into plain buffer */ -+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { -+ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); -+ goto err; -+ } -+ -+ /* check if this is prime or binary EC request */ -+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) -+ == NID_X9_62_prime_field) { -+ ec_crv = EC_PRIME; -+ /* get the generator point pair */ -+ if (!EC_POINT_get_affine_coordinates_GFp (group, -+ EC_GROUP_get0_generator(group), x, y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { -+ ec_crv = EC_BINARY; -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the generator point pair */ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ EC_GROUP_get0_generator(group), x, y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ } else { -+ printf("Unsupported Curve\n"); -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ if (spcf_bn2bin(order, &r, &r_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (spcf_bn2bin(p, &q, &q_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ priv_key_len = r_len; -+ -+ /** -+ * If BN_num_bytes of priv_key returns less then r_len then -+ * add padding bytes before the key -+ */ -+ if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Generation of ECC curve parameters */ -+ ab_len = 2*q_len; -+ ab = eng_copy_curve_points(a, b, ab_len, q_len); -+ if (!ab) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (ec_crv == EC_BINARY) { -+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) -+ { -+ unsigned char *c_temp = NULL; -+ int c_temp_len = q_len; -+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) -+ memcpy(ab+q_len, c_temp, q_len); -+ else -+ goto err; -+ } -+ kop->curve_type = ECC_BINARY; -+ } -+ -+ /* Calculation of Generator point */ -+ g_len = 2*q_len; -+ g_xy = eng_copy_curve_points(x, y, g_len, q_len); -+ if (!g_xy) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* memory for message representative */ -+ f = malloc(r_len); -+ if (!f) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Add padding, since SEC expects hash to of size r_len */ -+ memset(f, 0, r_len - dgst_len); -+ -+ /* Skip leading bytes if dgst_len < r_len */ -+ memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); -+ -+ dgst_len += r_len - dgst_len; -+ -+ kop->crk_op = CRK_DSA_SIGN; -+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -+ kop->crk_param[0].crp_p = f; -+ kop->crk_param[0].crp_nbits = dgst_len * 8; -+ kop->crk_param[1].crp_p = q; -+ kop->crk_param[1].crp_nbits = q_len * 8; -+ kop->crk_param[2].crp_p = r; -+ kop->crk_param[2].crp_nbits = r_len * 8; -+ kop->crk_param[3].crp_p = g_xy; -+ kop->crk_param[3].crp_nbits = g_len * 8; -+ kop->crk_param[4].crp_p = s; -+ kop->crk_param[4].crp_nbits = priv_key_len * 8; -+ kop->crk_param[5].crp_p = ab; -+ kop->crk_param[5].crp_nbits = ab_len * 8; -+ kop->crk_iparams = 6; -+ kop->cookie = cookie; -+ -+ if (cryptodev_asym_async(kop, r_len, sig->r , r_len, sig->s)) -+ goto err; -+ -+ return ret; -+err: -+ { -+ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); -+ BN_free(sig->r); -+ BN_free(sig->s); -+ if (kop) -+ free(kop); -+ sig_ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); -+ sig->r = sig_ret->r; -+ sig->s = sig_ret->s; -+ cookie->pkc_callback(cookie, 0); -+ } -+ return ret; -+} -+ -+static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, -+ const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie) -+{ -+ BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; -+ BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; -+ BN_CTX *ctx = NULL; -+ ECDSA_DATA *ecdsa = NULL; -+ unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; -+ unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; -+ int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; -+ int d_len = 0, ab_len = 0, ret = 1; -+ const EC_POINT *pub_key = NULL; -+ const BIGNUM *order = NULL; -+ const EC_GROUP *group=NULL; -+ ec_curve_t ec_crv = EC_PRIME; -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ -+ if (!kop) -+ goto err; -+ -+ memset(kop, 0, sizeof(struct crypt_kop)); -+ ecdsa = ecdsa_check(eckey); -+ if (!ecdsa) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); -+ goto err; -+ } -+ -+ group = EC_KEY_get0_group(eckey); -+ pub_key = EC_KEY_get0_public_key(eckey); -+ -+ if (!group || !pub_key) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); -+ goto err; -+ } -+ -+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || -+ (a = BN_new()) == NULL || (b = BN_new()) == NULL || -+ (p = BN_new()) == NULL || (x = BN_new()) == NULL || -+ (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || -+ (w_y = BN_new()) == NULL) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ order = &group->order; -+ if (!order || BN_is_zero(order)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); -+ goto err; -+ } -+ -+ i = BN_num_bits(order); -+ /* Need to truncate digest if it is too long: first truncate whole -+ * bytes */ -+ if (8 * dgst_len > i) -+ dgst_len = (i + 7)/8; -+ -+ if (!BN_bin2bn(dgst, dgst_len, m)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* If still too long truncate remaining bits with a shift */ -+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); -+ goto err; -+ } -+ /* copy the truncated bits into plain buffer */ -+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* check if this is prime or binary EC request */ -+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { -+ ec_crv = EC_PRIME; -+ -+ /* get the generator point pair */ -+ if (!EC_POINT_get_affine_coordinates_GFp (group, -+ EC_GROUP_get0_generator(group), x, y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the public key pair for prime curve */ -+ if (!EC_POINT_get_affine_coordinates_GFp (group, -+ pub_key, w_x, w_y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ -+ ec_crv = EC_BINARY; -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the generator point pair */ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ EC_GROUP_get0_generator(group),x, y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* get the public key pair for binary curve */ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ pub_key, w_x, w_y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ }else { -+ printf("Unsupported Curve\n"); -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); -+ goto err; -+ } -+ -+ /* Get the order of the subgroup of private keys */ -+ if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Get the irreducible polynomial that creates the field */ -+ if (spcf_bn2bin(p, &q, &q_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Get the public key into a flat buffer with appropriate padding */ -+ pub_key_len = 2 * q_len; -+ -+ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); -+ if (!w_xy) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Generation of ECC curve parameters */ -+ ab_len = 2*q_len; -+ -+ ab = eng_copy_curve_points (a, b, ab_len, q_len); -+ if (!ab) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (ec_crv == EC_BINARY) { -+ /* copy b' i.e c(b), instead of only b */ -+ eng_ec_get_cparam (EC_GROUP_get_curve_name(group), -+ ab+q_len, q_len); -+ kop->curve_type = ECC_BINARY; -+ } -+ -+ /* Calculation of Generator point */ -+ g_len = 2 * q_len; -+ -+ g_xy = eng_copy_curve_points (x, y, g_len, q_len); -+ if (!g_xy) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /** -+ * Get the 1st part of signature into a flat buffer with -+ * appropriate padding -+ */ -+ if (BN_num_bytes(sig->r) < r_len) -+ c_len = r_len; -+ -+ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /** -+ * Get the 2nd part of signature into a flat buffer with -+ * appropriate padding -+ */ -+ if (BN_num_bytes(sig->s) < r_len) -+ d_len = r_len; -+ -+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* memory for message representative */ -+ f = malloc(r_len); -+ if (!f) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Add padding, since SEC expects hash to of size r_len */ -+ memset(f, 0, r_len-dgst_len); -+ -+ /* Skip leading bytes if dgst_len < r_len */ -+ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); -+ -+ dgst_len += r_len-dgst_len; -+ -+ kop->crk_op = CRK_DSA_VERIFY; -+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -+ kop->crk_param[0].crp_p = f; -+ kop->crk_param[0].crp_nbits = dgst_len * 8; -+ kop->crk_param[1].crp_p = q; -+ kop->crk_param[1].crp_nbits = q_len * 8; -+ kop->crk_param[2].crp_p = r; -+ kop->crk_param[2].crp_nbits = r_len * 8; -+ kop->crk_param[3].crp_p = g_xy; -+ kop->crk_param[3].crp_nbits = g_len * 8; -+ kop->crk_param[4].crp_p = w_xy; -+ kop->crk_param[4].crp_nbits = pub_key_len * 8; -+ kop->crk_param[5].crp_p = ab; -+ kop->crk_param[5].crp_nbits = ab_len * 8; -+ kop->crk_param[6].crp_p = c; -+ kop->crk_param[6].crp_nbits = d_len * 8; -+ kop->crk_param[7].crp_p = d; -+ kop->crk_param[7].crp_nbits = d_len * 8; -+ kop->crk_iparams = 8; -+ kop->cookie = cookie; -+ -+ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) -+ goto err; -+ -+ return ret; -+err: -+ { -+ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); -+ -+ if (kop) -+ free(kop); -+ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); -+ cookie->pkc_callback(cookie, 0); -+ } -+ -+ return ret; -+} -+ -+/* Cryptodev DH Key Gen routine */ -+static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) -+{ -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ int ret = 1, g_len; -+ unsigned char *g = NULL; -+ -+ if (!kop) -+ goto sw_try; -+ -+ if (dh->priv_key == NULL) { -+ if ((dh->priv_key=BN_new()) == NULL) -+ goto sw_try; -+ } -+ -+ if (dh->pub_key == NULL) { -+ if ((dh->pub_key=BN_new()) == NULL) -+ goto sw_try; -+ } -+ -+ g_len = BN_num_bytes(dh->p); -+ /** -+ * Get generator into a plain buffer. If length is less than -+ * q_len then add leading padding bytes. - */ -- if (BN_num_bytes(sig->s) < r_len) -- d_len = r_len; -- -- if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { -- ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -- goto err; -- } -- -- /* memory for message representative */ -- f = malloc(r_len); -- if (!f) { -- ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); -- goto err; -+ if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { -+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); -+ goto sw_try; - } - -- /* Add padding, since SEC expects hash to of size r_len */ -- memset(f, 0, r_len-dgst_len); -+ memset(kop, 0, sizeof(struct crypt_kop)); -+ kop->crk_op = CRK_DH_GENERATE_KEY; -+ if (bn2crparam(dh->p, &kop->crk_param[0])) -+ goto sw_try; -+ if (bn2crparam(dh->q, &kop->crk_param[1])) -+ goto sw_try; -+ kop->crk_param[2].crp_p = g; -+ kop->crk_param[2].crp_nbits = g_len * 8; -+ kop->crk_iparams = 3; -+ kop->cookie = cookie; - -- /* Skip leading bytes if dgst_len < r_len */ -- memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); -- dgst_len += r_len-dgst_len; -- kop.crk_op = CRK_DSA_VERIFY; -- /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -- kop.crk_param[0].crp_p = f; -- kop.crk_param[0].crp_nbits = dgst_len * 8; -- kop.crk_param[1].crp_p = q; -- kop.crk_param[1].crp_nbits = q_len * 8; -- kop.crk_param[2].crp_p = r; -- kop.crk_param[2].crp_nbits = r_len * 8; -- kop.crk_param[3].crp_p = g_xy; -- kop.crk_param[3].crp_nbits = g_len * 8; -- kop.crk_param[4].crp_p = w_xy; -- kop.crk_param[4].crp_nbits = pub_key_len * 8; -- kop.crk_param[5].crp_p = ab; -- kop.crk_param[5].crp_nbits = ab_len * 8; -- kop.crk_param[6].crp_p = c; -- kop.crk_param[6].crp_nbits = d_len * 8; -- kop.crk_param[7].crp_p = d; -- kop.crk_param[7].crp_nbits = d_len * 8; -- kop.crk_iparams = 8; -+ /* pub_key is or prime length while priv key is of length of order */ -+ if (cryptodev_asym_async(kop, BN_num_bytes(dh->p), dh->pub_key, -+ BN_num_bytes(dh->q), dh->priv_key)) -+ goto sw_try; - -- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { -- /*OCF success value is 0, if not zero, change ret to fail*/ -- if(0 == kop.crk_status) -- ret = 1; -- } else { -- const ECDSA_METHOD *meth = ECDSA_OpenSSL(); -+ return ret; -+sw_try: -+ { -+ const DH_METHOD *meth = DH_OpenSSL(); - -- ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); -+ if (kop) -+ free(kop); -+ ret = (meth->generate_key)(dh); -+ cookie->pkc_callback(cookie, 0); - } -- kop.crk_param[0].crp_p = NULL; -- zapparams(&kop); -- --err: - return ret; - } - -@@ -2360,6 +3383,54 @@ sw_try: - return (dhret); - } - -+/* Return Length if successful and 0 on failure */ -+static int -+cryptodev_dh_compute_key_async(unsigned char *key, const BIGNUM *pub_key, -+ DH *dh, struct pkc_cookie_s *cookie) -+{ -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ int ret = 1; -+ int fd, p_len; -+ unsigned char *padded_pub_key = NULL, *p = NULL; -+ -+ fd = *(int *)cookie->eng_handle; -+ -+ memset(kop, 0, sizeof(struct crypt_kop)); -+ kop->crk_op = CRK_DH_COMPUTE_KEY; -+ /* inputs: dh->priv_key pub_key dh->p key */ -+ spcf_bn2bin(dh->p, &p, &p_len); -+ spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); -+ -+ if (bn2crparam(dh->priv_key, &kop->crk_param[0])) -+ goto err; -+ kop->crk_param[1].crp_p = padded_pub_key; -+ kop->crk_param[1].crp_nbits = p_len * 8; -+ kop->crk_param[2].crp_p = p; -+ kop->crk_param[2].crp_nbits = p_len * 8; -+ kop->crk_iparams = 3; -+ -+ kop->cookie = cookie; -+ kop->crk_param[3].crp_p = (void*) key; -+ kop->crk_param[3].crp_nbits = p_len * 8; -+ kop->crk_oparams = 1; -+ -+ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) -+ goto err; -+ -+ return p_len; -+err: -+ { -+ const DH_METHOD *meth = DH_OpenSSL(); -+ -+ if (kop) -+ free(kop); -+ ret = (meth->compute_key)(key, pub_key, dh); -+ /* Call user cookie handler */ -+ cookie->pkc_callback(cookie, 0); -+ } -+ return (ret); -+} -+ - int cryptodev_ecdh_compute_key(void *out, size_t outlen, - const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, - void *out, size_t *outlen)) -@@ -2537,6 +3608,190 @@ err: - return ret; - } - -+int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, -+ const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, -+ void *out, size_t *outlen), struct pkc_cookie_s *cookie) -+{ -+ ec_curve_t ec_crv = EC_PRIME; -+ unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; -+ BIGNUM * w_x = NULL, *w_y = NULL; -+ int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; -+ BIGNUM * p = NULL, *a = NULL, *b = NULL; -+ BN_CTX *ctx; -+ EC_POINT *tmp=NULL; -+ BIGNUM *x=NULL, *y=NULL; -+ const BIGNUM *priv_key; -+ const EC_GROUP* group = NULL; -+ int ret = 1; -+ size_t buflen, len; -+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -+ -+ if (!(ctx = BN_CTX_new()) || !kop) -+ goto err; -+ -+ memset(kop, 0, sizeof(struct crypt_kop)); -+ -+ BN_CTX_start(ctx); -+ x = BN_CTX_get(ctx); -+ y = BN_CTX_get(ctx); -+ p = BN_CTX_get(ctx); -+ a = BN_CTX_get(ctx); -+ b = BN_CTX_get(ctx); -+ w_x = BN_CTX_get(ctx); -+ w_y = BN_CTX_get(ctx); -+ -+ if (!x || !y || !p || !a || !b || !w_x || !w_y) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ priv_key = EC_KEY_get0_private_key(ecdh); -+ if (priv_key == NULL) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); -+ goto err; -+ } -+ -+ group = EC_KEY_get0_group(ecdh); -+ if ((tmp=EC_POINT_new(group)) == NULL) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == -+ NID_X9_62_prime_field) { -+ ec_crv = EC_PRIME; -+ -+ if (!EC_POINT_get_affine_coordinates_GFp(group, -+ EC_GROUP_get0_generator(group), x, y, ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); -+ goto err; -+ } -+ -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* get the public key pair for prime curve */ -+ if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; -+ } -+ } else { -+ ec_crv = EC_BINARY; -+ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ EC_GROUP_get0_generator(group), x, y, ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); -+ goto err; -+ } -+ -+ /* get the ECC curve parameters */ -+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* get the public key pair for binary curve */ -+ if (!EC_POINT_get_affine_coordinates_GF2m(group, -+ pub_key, w_x, w_y,ctx)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); -+ goto err; -+ } -+ } -+ -+ /* irreducible polynomial that creates the field */ -+ if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Get the irreducible polynomial that creates the field */ -+ if (spcf_bn2bin(p, &q, &q_len)) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ /* Get the public key into a flat buffer with appropriate padding */ -+ pub_key_len = 2 * q_len; -+ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); -+ if (!w_xy) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ /* Generation of ECC curve parameters */ -+ ab_len = 2*q_len; -+ ab = eng_copy_curve_points (a, b, ab_len, q_len); -+ if (!ab) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ if (ec_crv == EC_BINARY) { -+ /* copy b' i.e c(b), instead of only b */ -+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) -+ { -+ unsigned char *c_temp = NULL; -+ int c_temp_len = q_len; -+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) -+ memcpy(ab+q_len, c_temp, q_len); -+ else -+ goto err; -+ } -+ kop->curve_type = ECC_BINARY; -+ } else -+ kop->curve_type = ECC_PRIME; -+ -+ priv_key_len = r_len; -+ -+ /* -+ * If BN_num_bytes of priv_key returns less then r_len then -+ * add padding bytes before the key -+ */ -+ if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { -+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ buflen = (EC_GROUP_get_degree(group) + 7)/8; -+ len = BN_num_bytes(x); -+ if (len > buflen || q_len < buflen) { -+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR); -+ goto err; -+ } -+ -+ kop->crk_op = CRK_DH_COMPUTE_KEY; -+ kop->crk_param[0].crp_p = (void *) s; -+ kop->crk_param[0].crp_nbits = priv_key_len*8; -+ kop->crk_param[1].crp_p = (void *) w_xy; -+ kop->crk_param[1].crp_nbits = pub_key_len*8; -+ kop->crk_param[2].crp_p = (void *) q; -+ kop->crk_param[2].crp_nbits = q_len*8; -+ kop->crk_param[3].crp_p = (void *) ab; -+ kop->crk_param[3].crp_nbits = ab_len*8; -+ kop->crk_iparams = 4; -+ kop->crk_param[4].crp_p = (void *) out; -+ kop->crk_param[4].crp_nbits = q_len*8; -+ kop->crk_oparams = 1; -+ kop->cookie = cookie; -+ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) -+ goto err; -+ -+ return q_len; -+err: -+ { -+ const ECDH_METHOD *meth = ECDH_OpenSSL(); -+ -+ if (kop) -+ free(kop); -+ ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); -+ /* Call user cookie handler */ -+ cookie->pkc_callback(cookie, 0); -+ } -+ return ret; -+} - - static DH_METHOD cryptodev_dh = { - "cryptodev DH method", -@@ -2545,6 +3800,8 @@ static DH_METHOD cryptodev_dh = { - NULL, - NULL, - NULL, -+ NULL, -+ NULL, - 0, /* flags */ - NULL /* app_data */ - }; -@@ -2553,6 +3810,7 @@ static ECDH_METHOD cryptodev_ecdh = { - "cryptodev ECDH method", - NULL, /* cryptodev_ecdh_compute_key */ - NULL, -+ NULL, - 0, /* flags */ - NULL /* app_data */ - }; -@@ -2625,12 +3883,19 @@ ENGINE_load_cryptodev(void) - cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; - if (cryptodev_asymfeat & CRF_MOD_EXP) { - cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; -- if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) -+ cryptodev_rsa.bn_mod_exp_async = -+ cryptodev_bn_mod_exp_async; -+ if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) { - cryptodev_rsa.rsa_mod_exp = - cryptodev_rsa_mod_exp; -- else -+ cryptodev_rsa.rsa_mod_exp_async = -+ cryptodev_rsa_mod_exp_async; -+ } else { - cryptodev_rsa.rsa_mod_exp = - cryptodev_rsa_nocrt_mod_exp; -+ cryptodev_rsa.rsa_mod_exp_async = -+ cryptodev_rsa_nocrt_mod_exp_async; -+ } - } - } - -@@ -2638,12 +3903,21 @@ ENGINE_load_cryptodev(void) - const DSA_METHOD *meth = DSA_OpenSSL(); - - memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); -- if (cryptodev_asymfeat & CRF_DSA_SIGN) -+ if (cryptodev_asymfeat & CRF_DSA_SIGN) { - cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; -- if (cryptodev_asymfeat & CRF_DSA_VERIFY) -+ cryptodev_dsa.dsa_do_sign_async = -+ cryptodev_dsa_do_sign_async; -+ } -+ if (cryptodev_asymfeat & CRF_DSA_VERIFY) { - cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; -- if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) -+ cryptodev_dsa.dsa_do_verify_async = -+ cryptodev_dsa_verify_async; -+ } -+ if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) { - cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; -+ cryptodev_dsa.dsa_keygen_async = -+ cryptodev_dsa_keygen_async; -+ } - } - - if (ENGINE_set_DH(engine, &cryptodev_dh)){ -@@ -2652,10 +3926,15 @@ ENGINE_load_cryptodev(void) - if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { - cryptodev_dh.compute_key = - cryptodev_dh_compute_key; -+ cryptodev_dh.compute_key_async = -+ cryptodev_dh_compute_key_async; - } - if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { - cryptodev_dh.generate_key = - cryptodev_dh_keygen; -+ cryptodev_dh.generate_key_async = -+ cryptodev_dh_keygen_async; -+ - } - } - -@@ -2664,10 +3943,14 @@ ENGINE_load_cryptodev(void) - memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); - if (cryptodev_asymfeat & CRF_DSA_SIGN) { - cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; -+ cryptodev_ecdsa.ecdsa_do_sign_async = -+ cryptodev_ecdsa_do_sign_async; - } - if (cryptodev_asymfeat & CRF_DSA_VERIFY) { - cryptodev_ecdsa.ecdsa_do_verify = - cryptodev_ecdsa_verify; -+ cryptodev_ecdsa.ecdsa_do_verify_async = -+ cryptodev_ecdsa_verify_async; - } - } - -@@ -2676,9 +3959,16 @@ ENGINE_load_cryptodev(void) - memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); - if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { - cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; -+ cryptodev_ecdh.compute_key_async = -+ cryptodev_ecdh_compute_key_async; - } - } - -+ ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability); -+ ENGINE_set_close_instance(engine, cryptodev_close_instance); -+ ENGINE_set_init_instance(engine, cryptodev_init_instance); -+ ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC); -+ - ENGINE_add(engine); - ENGINE_free(engine); - ERR_clear_error(); -diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h -index 451ef8f..8fc3077 100644 ---- a/crypto/engine/eng_int.h -+++ b/crypto/engine/eng_int.h -@@ -181,7 +181,29 @@ struct engine_st - ENGINE_LOAD_KEY_PTR load_pubkey; - - ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; -- -+ /* -+ * Instantiate Engine handle to be passed in check_pkc_availability -+ * Ensure that Engine is instantiated before any pkc asynchronous call. -+ */ -+ void *(*engine_init_instance)(void); -+ /* -+ * Instantiated Engine handle will be closed with this call. -+ * Ensure that no pkc asynchronous call is made after this call -+ */ -+ void (*engine_close_instance)(void *handle); -+ /* -+ * Check availability will extract the data from kernel. -+ * eng_handle: This is the Engine handle corresponds to which -+ * the cookies needs to be polled. -+ * return 0 if cookie available else 1 -+ */ -+ int (*check_pkc_availability)(void *eng_handle); -+ /* -+ * The following map is used to check if the engine supports asynchronous implementation -+ * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous -+ * implementation need to check this features using "int ENGINE_get_async_map(engine *)"; -+ */ -+ int async_map; - const ENGINE_CMD_DEFN *cmd_defns; - int flags; - /* reference count on the structure itself */ -diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c -index 18a6664..6fa621c 100644 ---- a/crypto/engine/eng_lib.c -+++ b/crypto/engine/eng_lib.c -@@ -98,7 +98,11 @@ void engine_set_all_null(ENGINE *e) - e->ctrl = NULL; - e->load_privkey = NULL; - e->load_pubkey = NULL; -+ e->check_pkc_availability = NULL; -+ e->engine_init_instance = NULL; -+ e->engine_close_instance = NULL; - e->cmd_defns = NULL; -+ e->async_map = 0; - e->flags = 0; - } - -@@ -233,6 +237,48 @@ int ENGINE_set_id(ENGINE *e, const char *id) - return 1; - } - -+void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)) -+ { -+ e->engine_init_instance = engine_init_instance; -+ } -+ -+void ENGINE_set_close_instance(ENGINE *e, -+ void (*engine_close_instance)(void *)) -+ { -+ e->engine_close_instance = engine_close_instance; -+ } -+ -+void ENGINE_set_async_map(ENGINE *e, int async_map) -+ { -+ e->async_map = async_map; -+ } -+ -+void *ENGINE_init_instance(ENGINE *e) -+ { -+ return e->engine_init_instance(); -+ } -+ -+void ENGINE_close_instance(ENGINE *e, void *eng_handle) -+ { -+ e->engine_close_instance(eng_handle); -+ } -+ -+int ENGINE_get_async_map(ENGINE *e) -+ { -+ return e->async_map; -+ } -+ -+void ENGINE_set_check_pkc_availability(ENGINE *e, -+ int (*check_pkc_availability)(void *eng_handle)) -+ { -+ e->check_pkc_availability = check_pkc_availability; -+ } -+ -+int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle) -+ { -+ return e->check_pkc_availability(eng_handle); -+ } -+ - int ENGINE_set_name(ENGINE *e, const char *name) - { - if(name == NULL) -diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h -index 237a6c9..ccff86a 100644 ---- a/crypto/engine/engine.h -+++ b/crypto/engine/engine.h -@@ -473,6 +473,30 @@ ENGINE *ENGINE_new(void); - int ENGINE_free(ENGINE *e); - int ENGINE_up_ref(ENGINE *e); - int ENGINE_set_id(ENGINE *e, const char *id); -+void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)); -+void ENGINE_set_close_instance(ENGINE *e, -+ void (*engine_free_instance)(void *)); -+/* -+ * Following FLAGS are bitmap store in async_map to set asynchronous interface capability -+ *of the engine -+ */ -+#define ENGINE_RSA_ASYNC 0x0001 -+#define ENGINE_DSA_ASYNC 0x0002 -+#define ENGINE_DH_ASYNC 0x0004 -+#define ENGINE_ECDSA_ASYNC 0x0008 -+#define ENGINE_ECDH_ASYNC 0x0010 -+#define ENGINE_ALLPKC_ASYNC 0x001F -+/* Engine implementation will set the bitmap based on above flags using following API */ -+void ENGINE_set_async_map(ENGINE *e, int async_map); -+ /* Application need to check the bitmap based on above flags using following API -+ * to confirm asynchronous methods supported -+ */ -+int ENGINE_get_async_map(ENGINE *e); -+void *ENGINE_init_instance(ENGINE *e); -+void ENGINE_close_instance(ENGINE *e, void *eng_handle); -+void ENGINE_set_check_pkc_availability(ENGINE *e, -+ int (*check_pkc_availability)(void *eng_handle)); -+int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle); - int ENGINE_set_name(ENGINE *e, const char *name); - int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); - int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); -diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h -index 5f269e5..6ef1b15 100644 ---- a/crypto/rsa/rsa.h -+++ b/crypto/rsa/rsa.h -@@ -101,6 +101,29 @@ struct rsa_meth_st - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ -+ /* -+ * Cookie in the following _async variant must be allocated before -+ * submission and can be freed once its corresponding callback -+ * handler is called -+ */ -+ int (*rsa_pub_enc_asyn)(int flen,const unsigned char *from, -+ unsigned char *to, RSA *rsa, int padding, -+ struct pkc_cookie_s *cookie); -+ int (*rsa_pub_dec_async)(int flen,const unsigned char *from, -+ unsigned char *to, RSA *rsa, int padding, -+ struct pkc_cookie_s *cookie); -+ int (*rsa_priv_enc_async)(int flen,const unsigned char *from, -+ unsigned char *to, RSA *rsa, int padding, -+ struct pkc_cookie_s *cookie); -+ int (*rsa_priv_dec_async)(int flen,const unsigned char *from, -+ unsigned char *to, RSA *rsa, int padding, -+ struct pkc_cookie_s *cookie); -+ int (*rsa_mod_exp_async)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, -+ BN_CTX *ctx, struct pkc_cookie_s *cookie); -+ int (*bn_mod_exp_async)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, -+ const BIGNUM *m, BN_CTX *ctx, -+ BN_MONT_CTX *m_ctx, struct pkc_cookie_s *cookie); -+ - int (*init)(RSA *rsa); /* called at new */ - int (*finish)(RSA *rsa); /* called at free */ - int flags; /* RSA_METHOD_FLAG_* things */ --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch deleted file mode 100644 index 244d230e..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch +++ /dev/null @@ -1,153 +0,0 @@ -From e4fc051f8ae1c093b25ca346c2ec351ff3b700d1 Mon Sep 17 00:00:00 2001 -From: Hou Zhiqiang -Date: Wed, 2 Apr 2014 16:10:43 +0800 -Subject: [PATCH 11/26] Add RSA keygen operation and support gendsa command - with hardware engine - -Upstream-status: Pending - -Signed-off-by: Hou Zhiqiang -Tested-by: Cristian Stoica ---- - crypto/engine/eng_cryptodev.c | 118 ++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 118 insertions(+) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 9f2416e..b2919a8 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -1906,6 +1906,121 @@ err: - return dsaret; - } - -+/* Cryptodev RSA Key Gen routine */ -+static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) -+{ -+ struct crypt_kop kop; -+ int ret, fd; -+ int p_len, q_len; -+ int i; -+ -+ if ((fd = get_asym_dev_crypto()) < 0) -+ return fd; -+ -+ if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; -+ if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; -+ if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err; -+ if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err; -+ if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err; -+ if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err; -+ if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err; -+ if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err; -+ -+ BN_copy(rsa->e, e); -+ -+ p_len = (bits+1) / (2 * 8); -+ q_len = (bits - p_len * 8) / 8; -+ memset(&kop, 0, sizeof kop); -+ kop.crk_op = CRK_RSA_GENERATE_KEY; -+ -+ /* p length */ -+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); -+ if (!kop.crk_param[kop.crk_iparams].crp_p) -+ goto err; -+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; -+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); -+ kop.crk_iparams++; -+ kop.crk_oparams++; -+ /* q length */ -+ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); -+ if (!kop.crk_param[kop.crk_iparams].crp_p) -+ goto err; -+ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; -+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); -+ kop.crk_iparams++; -+ kop.crk_oparams++; -+ /* n length */ -+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); -+ if (!kop.crk_param[kop.crk_iparams].crp_p) -+ goto err; -+ kop.crk_param[kop.crk_iparams].crp_nbits = bits; -+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0x00, p_len + q_len + 1); -+ kop.crk_iparams++; -+ kop.crk_oparams++; -+ /* d length */ -+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); -+ if (!kop.crk_param[kop.crk_iparams].crp_p) -+ goto err; -+ kop.crk_param[kop.crk_iparams].crp_nbits = bits; -+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + q_len + 1); -+ kop.crk_iparams++; -+ kop.crk_oparams++; -+ /* dp1 length */ -+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); -+ if (!kop.crk_param[kop.crk_iparams].crp_p) -+ goto err; -+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; -+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); -+ kop.crk_iparams++; -+ kop.crk_oparams++; -+ /* dq1 length */ -+ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); -+ if (!kop.crk_param[kop.crk_iparams].crp_p) -+ goto err; -+ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; -+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); -+ kop.crk_iparams++; -+ kop.crk_oparams++; -+ /* i length */ -+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); -+ if (!kop.crk_param[kop.crk_iparams].crp_p) -+ goto err; -+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; -+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); -+ kop.crk_iparams++; -+ kop.crk_oparams++; -+ -+ if (ioctl(fd, CIOCKEY, &kop) == 0) { -+ BN_bin2bn(kop.crk_param[0].crp_p, -+ p_len, rsa->p); -+ BN_bin2bn(kop.crk_param[1].crp_p, -+ q_len, rsa->q); -+ BN_bin2bn(kop.crk_param[2].crp_p, -+ bits / 8, rsa->n); -+ BN_bin2bn(kop.crk_param[3].crp_p, -+ bits / 8, rsa->d); -+ BN_bin2bn(kop.crk_param[4].crp_p, -+ p_len, rsa->dmp1); -+ BN_bin2bn(kop.crk_param[5].crp_p, -+ q_len, rsa->dmq1); -+ BN_bin2bn(kop.crk_param[6].crp_p, -+ p_len, rsa->iqmp); -+ return 1; -+ } -+sw_try: -+ { -+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); -+ ret = (meth->rsa_keygen)(rsa, bits, e, cb); -+ } -+ return ret; -+ -+err: -+ for (i = 0; i < CRK_MAXPARAM; i++) -+ free(kop.crk_param[i].crp_p); -+ return 0; -+ -+} -+ - /* Cryptodev DSA Key Gen routine */ - static int cryptodev_dsa_keygen(DSA *dsa) - { -@@ -3896,6 +4011,9 @@ ENGINE_load_cryptodev(void) - cryptodev_rsa.rsa_mod_exp_async = - cryptodev_rsa_nocrt_mod_exp_async; - } -+ if (cryptodev_asymfeat & CRF_RSA_GENERATE_KEY) -+ cryptodev_rsa.rsa_keygen = -+ cryptodev_rsa_keygen; - } - } - --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch deleted file mode 100644 index 7f907da4..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch +++ /dev/null @@ -1,64 +0,0 @@ -From ac777f046da7151386d667391362ecb553ceee90 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Wed, 16 Apr 2014 22:53:04 +0545 -Subject: [PATCH 12/26] RSA Keygen Fix - -Upstream-status: Pending - -If Kernel driver doesn't support RSA Keygen or same returns -error handling the keygen operation, the keygen is gracefully -handled by software supported rsa_keygen handler - -Signed-off-by: Yashpal Dutta -Tested-by: Cristian Stoica ---- - crypto/engine/eng_cryptodev.c | 12 +++++++----- - 1 file changed, 7 insertions(+), 5 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index b2919a8..ed5f20f 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -1915,7 +1915,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) - int i; - - if ((fd = get_asym_dev_crypto()) < 0) -- return fd; -+ goto sw_try; - - if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; - if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; -@@ -1936,7 +1936,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) - /* p length */ - kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); - if (!kop.crk_param[kop.crk_iparams].crp_p) -- goto err; -+ goto sw_try; - kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; - memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); - kop.crk_iparams++; -@@ -1944,7 +1944,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) - /* q length */ - kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); - if (!kop.crk_param[kop.crk_iparams].crp_p) -- goto err; -+ goto sw_try; - kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; - memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); - kop.crk_iparams++; -@@ -2009,8 +2009,10 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) - } - sw_try: - { -- const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); -- ret = (meth->rsa_keygen)(rsa, bits, e, cb); -+ const RSA_METHOD *meth = rsa->meth; -+ rsa->meth = RSA_PKCS1_SSLeay(); -+ ret = RSA_generate_key_ex(rsa, bits, e, cb); -+ rsa->meth = meth; - } - return ret; - --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch deleted file mode 100644 index c9d8ace8..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch +++ /dev/null @@ -1,164 +0,0 @@ -From 6aaa306cdf878250d7b6eaf30978de313653886b Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Thu, 17 Apr 2014 06:57:59 +0545 -Subject: [PATCH 13/26] Removed local copy of curve_t type - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta -Tested-by: Cristian Stoica ---- - crypto/engine/eng_cryptodev.c | 34 ++++++++++++++-------------------- - crypto/engine/eng_cryptodev_ec.h | 7 ------- - 2 files changed, 14 insertions(+), 27 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index ed5f20f..5d883fa 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -2398,12 +2398,6 @@ static ECDSA_METHOD cryptodev_ecdsa = { - NULL /* app_data */ - }; - --typedef enum ec_curve_s --{ -- EC_PRIME, -- EC_BINARY --} ec_curve_t; -- - /* ENGINE handler for ECDSA Sign */ - static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, - int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) -@@ -2420,7 +2414,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, - const BIGNUM *order = NULL, *priv_key=NULL; - const EC_GROUP *group = NULL; - struct crypt_kop kop; -- ec_curve_t ec_crv = EC_PRIME; -+ enum ec_curve_t ec_crv = EC_PRIME; - - memset(&kop, 0, sizeof(kop)); - ecdsa = ecdsa_check(eckey); -@@ -2553,7 +2547,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, - else - goto err; - } -- kop.curve_type = ECC_BINARY; -+ kop.curve_type = EC_BINARY; - } - - /* Calculation of Generator point */ -@@ -2647,7 +2641,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, - const EC_POINT *pub_key = NULL; - const BIGNUM *order = NULL; - const EC_GROUP *group=NULL; -- ec_curve_t ec_crv = EC_PRIME; -+ enum ec_curve_t ec_crv = EC_PRIME; - struct crypt_kop kop; - - memset(&kop, 0, sizeof kop); -@@ -2792,7 +2786,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, - else - goto err; - } -- kop.curve_type = ECC_BINARY; -+ kop.curve_type = EC_BINARY; - } - - /* Calculation of Generator point */ -@@ -2893,7 +2887,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, - const BIGNUM *order = NULL, *priv_key=NULL; - const EC_GROUP *group = NULL; - struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); -- ec_curve_t ec_crv = EC_PRIME; -+ enum ec_curve_t ec_crv = EC_PRIME; - - if (!(sig->r = BN_new()) || !kop) - goto err; -@@ -3029,7 +3023,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, - else - goto err; - } -- kop->curve_type = ECC_BINARY; -+ kop->curve_type = EC_BINARY; - } - - /* Calculation of Generator point */ -@@ -3105,7 +3099,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, - const EC_POINT *pub_key = NULL; - const BIGNUM *order = NULL; - const EC_GROUP *group=NULL; -- ec_curve_t ec_crv = EC_PRIME; -+ enum ec_curve_t ec_crv = EC_PRIME; - struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); - - if (!kop) -@@ -3247,7 +3241,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, - /* copy b' i.e c(b), instead of only b */ - eng_ec_get_cparam (EC_GROUP_get_curve_name(group), - ab+q_len, q_len); -- kop->curve_type = ECC_BINARY; -+ kop->curve_type = EC_BINARY; - } - - /* Calculation of Generator point */ -@@ -3552,7 +3546,7 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, - const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, - void *out, size_t *outlen)) - { -- ec_curve_t ec_crv = EC_PRIME; -+ enum ec_curve_t ec_crv = EC_PRIME; - unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; - BIGNUM * w_x = NULL, *w_y = NULL; - int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; -@@ -3678,9 +3672,9 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, - else - goto err; - } -- kop.curve_type = ECC_BINARY; -+ kop.curve_type = EC_BINARY; - } else -- kop.curve_type = ECC_PRIME; -+ kop.curve_type = EC_PRIME; - - priv_key_len = r_len; - -@@ -3729,7 +3723,7 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, - const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, - void *out, size_t *outlen), struct pkc_cookie_s *cookie) - { -- ec_curve_t ec_crv = EC_PRIME; -+ enum ec_curve_t ec_crv = EC_PRIME; - unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; - BIGNUM * w_x = NULL, *w_y = NULL; - int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; -@@ -3857,9 +3851,9 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, - else - goto err; - } -- kop->curve_type = ECC_BINARY; -+ kop->curve_type = EC_BINARY; - } else -- kop->curve_type = ECC_PRIME; -+ kop->curve_type = EC_PRIME; - - priv_key_len = r_len; - -diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h -index 77aee71..a4b8da5 100644 ---- a/crypto/engine/eng_cryptodev_ec.h -+++ b/crypto/engine/eng_cryptodev_ec.h -@@ -286,11 +286,4 @@ static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, - - return xy; - } -- --enum curve_t { -- DISCRETE_LOG, -- ECC_PRIME, -- ECC_BINARY, -- MAX_ECC_TYPE --}; - #endif --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch deleted file mode 100644 index 198bed70..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 14623ca9e417ccef1ad3f4138acfac0ebe682f1f Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Tue, 22 Apr 2014 22:58:33 +0545 -Subject: [PATCH 14/26] Modulus parameter is not populated by dhparams - -Upstream-status: Pending - -When dhparams are created, modulus parameter required for -private key generation is not populated. So, falling back -to software for proper population of modulus parameters followed -by private key generation - -Signed-off-by: Yashpal Dutta -Tested-by: Cristian Stoica ---- - crypto/engine/eng_cryptodev.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 5d883fa..6d69336 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -3364,7 +3364,7 @@ static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) - kop->crk_op = CRK_DH_GENERATE_KEY; - if (bn2crparam(dh->p, &kop->crk_param[0])) - goto sw_try; -- if (bn2crparam(dh->q, &kop->crk_param[1])) -+ if (!dh->q || bn2crparam(dh->q, &kop->crk_param[1])) - goto sw_try; - kop->crk_param[2].crp_p = g; - kop->crk_param[2].crp_nbits = g_len * 8; -@@ -3419,7 +3419,7 @@ static int cryptodev_dh_keygen(DH *dh) - kop.crk_op = CRK_DH_GENERATE_KEY; - if (bn2crparam(dh->p, &kop.crk_param[0])) - goto sw_try; -- if (bn2crparam(dh->q, &kop.crk_param[1])) -+ if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) - goto sw_try; - kop.crk_param[2].crp_p = g; - kop.crk_param[2].crp_nbits = g_len * 8; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch deleted file mode 100644 index 59330a1e..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 10be401a33e6ebcc325d6747914c70595cd53d0a Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Thu, 24 Apr 2014 00:35:34 +0545 -Subject: [PATCH 15/26] SW Backoff mechanism for dsa keygen - -Upstream-status: Pending - -DSA Keygen is not handled in default openssl dsa method. Due to -same null function pointer in SW DSA method, the backoff for dsa -keygen gives segmentation fault. - -Signed-off-by: Yashpal Dutta -Tested-by: Cristian Stoica ---- - crypto/engine/eng_cryptodev.c | 12 ++++++++---- - 1 file changed, 8 insertions(+), 4 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 6d69336..dab8fea 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -2069,8 +2069,10 @@ static int cryptodev_dsa_keygen(DSA *dsa) - return ret; - sw_try: - { -- const DSA_METHOD *meth = DSA_OpenSSL(); -- ret = (meth->dsa_keygen)(dsa); -+ const DSA_METHOD *meth = dsa->meth; -+ dsa->meth = DSA_OpenSSL(); -+ ret = DSA_generate_key(dsa); -+ dsa->meth = meth; - } - return ret; - } -@@ -2124,11 +2126,13 @@ static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) - return ret; - sw_try: - { -- const DSA_METHOD *meth = DSA_OpenSSL(); -+ const DSA_METHOD *meth = dsa->meth; - -+ dsa->meth = DSA_OpenSSL(); - if (kop) - free(kop); -- ret = (meth->dsa_keygen)(dsa); -+ ret = DSA_generate_key(dsa); -+ dsa->meth = meth; - cookie->pkc_callback(cookie, 0); - } - return ret; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch deleted file mode 100644 index 8923cb63..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch +++ /dev/null @@ -1,100 +0,0 @@ -From d2c868c6370bcc0d0a254e641907da2cdf992d62 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Thu, 1 May 2014 06:35:45 +0545 -Subject: [PATCH 16/26] Fixed DH keygen pair generator - -Upstream-status: Pending - -Wrong Padding results into keygen length error - -Signed-off-by: Yashpal Dutta -Tested-by: Cristian Stoica ---- - crypto/engine/eng_cryptodev.c | 50 ++++++++++++++++++++++++++++--------------- - 1 file changed, 33 insertions(+), 17 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index dab8fea..13d924f 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -3396,44 +3396,60 @@ sw_try: - static int cryptodev_dh_keygen(DH *dh) - { - struct crypt_kop kop; -- int ret = 1, g_len; -- unsigned char *g = NULL; -+ int ret = 1, q_len = 0; -+ unsigned char *q = NULL, *g = NULL, *s = NULL, *w = NULL; -+ BIGNUM *pub_key = NULL, *priv_key = NULL; -+ int generate_new_key = 1; - -- if (dh->priv_key == NULL) { -- if ((dh->priv_key=BN_new()) == NULL) -- goto sw_try; -- } -+ if (dh->priv_key) -+ priv_key = dh->priv_key; - -- if (dh->pub_key == NULL) { -- if ((dh->pub_key=BN_new()) == NULL) -- goto sw_try; -- } -+ if (dh->pub_key) -+ pub_key = dh->pub_key; - -- g_len = BN_num_bytes(dh->p); -+ q_len = BN_num_bytes(dh->p); - /** - * Get generator into a plain buffer. If length is less than - * q_len then add leading padding bytes. - */ -- if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { -+ if (spcf_bn2bin_ex(dh->g, &g, &q_len)) { -+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); -+ goto sw_try; -+ } -+ -+ if (spcf_bn2bin_ex(dh->p, &q, &q_len)) { - DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); - goto sw_try; - } - - memset(&kop, 0, sizeof kop); - kop.crk_op = CRK_DH_GENERATE_KEY; -- if (bn2crparam(dh->p, &kop.crk_param[0])) -- goto sw_try; -+ kop.crk_param[0].crp_p = q; -+ kop.crk_param[0].crp_nbits = q_len * 8; - if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) - goto sw_try; - kop.crk_param[2].crp_p = g; -- kop.crk_param[2].crp_nbits = g_len * 8; -+ kop.crk_param[2].crp_nbits = q_len * 8; - kop.crk_iparams = 3; - -+ s = OPENSSL_malloc (q_len); -+ if (!s) { -+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); -+ goto sw_try; -+ } -+ -+ w = OPENSSL_malloc (q_len); -+ if (!w) { -+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); -+ goto sw_try; -+ } -+ - /* pub_key is or prime length while priv key is of length of order */ -- if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, -- BN_num_bytes(dh->q), dh->priv_key)) -+ if (cryptodev_asym(&kop, q_len, w, q_len, s)) - goto sw_try; - -+ dh->pub_key = BN_bin2bn(w, q_len, pub_key); -+ dh->pub_key = BN_bin2bn(s, q_len, priv_key); - return ret; - sw_try: - { --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch deleted file mode 100644 index bd9e61ac..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch +++ /dev/null @@ -1,309 +0,0 @@ -From 11b55103463bac614e00d74e9f196ec4ec6bade1 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Mon, 16 Jun 2014 14:06:21 +0300 -Subject: [PATCH 17/26] cryptodev: add support for aes-gcm algorithm offloading - -Change-Id: I3b77dc5ef8b8f707309549244a02852d95b36168 -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/17226 ---- - apps/speed.c | 6 +- - crypto/engine/eng_cryptodev.c | 229 +++++++++++++++++++++++++++++++++++++++++- - 2 files changed, 233 insertions(+), 2 deletions(-) - -diff --git a/apps/speed.c b/apps/speed.c -index 9886ca3..099dede 100644 ---- a/apps/speed.c -+++ b/apps/speed.c -@@ -224,7 +224,11 @@ - #endif - - #undef BUFSIZE --#define BUFSIZE ((long)1024*8+1) -+/* The buffer overhead allows GCM tag at the end of the encrypted data. This -+ avoids buffer overflows from cryptodev since Linux kernel GCM -+ implementation allways adds the tag - unlike e_aes.c:aes_gcm_cipher() -+ which doesn't */ -+#define BUFSIZE ((long)1024*8 + EVP_GCM_TLS_TAG_LEN) - int run=0; - - static int mr=0; -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 13d924f..4493490 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -78,8 +78,10 @@ struct dev_crypto_state { - struct session_op d_sess; - int d_fd; - unsigned char *aad; -- unsigned int aad_len; -+ int aad_len; - unsigned int len; -+ unsigned char *iv; -+ int ivlen; - - #ifdef USE_CRYPTODEV_DIGESTS - char dummy_mac_key[HASH_MAX_LEN]; -@@ -251,6 +253,7 @@ static struct { - { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, - { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, - { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, -+ { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, - { 0, NID_undef, 0, 0, 0}, - }; - -@@ -271,6 +274,19 @@ static struct { - }; - #endif - -+/* increment counter (64-bit int) by 1 */ -+static void ctr64_inc(unsigned char *counter) { -+ int n=8; -+ unsigned char c; -+ -+ do { -+ --n; -+ c = counter[n]; -+ ++c; -+ counter[n] = c; -+ if (c) return; -+ } while (n); -+} - /* - * Return a fd if /dev/crypto seems usable, 0 otherwise. - */ -@@ -762,6 +778,197 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, - } - } - -+static int cryptodev_init_gcm_key(EVP_CIPHER_CTX *ctx, -+ const unsigned char *key, const unsigned char *iv, int enc) -+{ -+ struct dev_crypto_state *state = ctx->cipher_data; -+ struct session_op *sess = &state->d_sess; -+ int cipher = -1, i; -+ if (!iv && !key) -+ return 1; -+ -+ if (iv) -+ memcpy(ctx->iv, iv, ctx->cipher->iv_len); -+ -+ for (i = 0; ciphers[i].id; i++) -+ if (ctx->cipher->nid == ciphers[i].nid && -+ ctx->cipher->iv_len <= ciphers[i].ivmax && -+ ctx->key_len == ciphers[i].keylen) { -+ cipher = ciphers[i].id; -+ break; -+ } -+ -+ if (!ciphers[i].id) { -+ state->d_fd = -1; -+ return 0; -+ } -+ -+ memset(sess, 0, sizeof(struct session_op)); -+ -+ if ((state->d_fd = get_dev_crypto()) < 0) -+ return 0; -+ -+ sess->key = (unsigned char *) key; -+ sess->keylen = ctx->key_len; -+ sess->cipher = cipher; -+ -+ if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { -+ put_dev_crypto(state->d_fd); -+ state->d_fd = -1; -+ return 0; -+ } -+ return 1; -+} -+ -+static int cryptodev_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len) -+{ -+ struct crypt_auth_op cryp = {0}; -+ struct dev_crypto_state *state = ctx->cipher_data; -+ struct session_op *sess = &state->d_sess; -+ int rv = len; -+ -+ if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ? -+ EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV, -+ EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0) -+ return 0; -+ -+ in += EVP_GCM_TLS_EXPLICIT_IV_LEN; -+ out += EVP_GCM_TLS_EXPLICIT_IV_LEN; -+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; -+ -+ if (ctx->encrypt) { -+ len -= EVP_GCM_TLS_TAG_LEN; -+ } -+ cryp.ses = sess->ses; -+ cryp.len = len; -+ cryp.src = (unsigned char*) in; -+ cryp.dst = out; -+ cryp.auth_src = state->aad; -+ cryp.auth_len = state->aad_len; -+ cryp.iv = ctx->iv; -+ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; -+ -+ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { -+ return 0; -+ } -+ -+ if (ctx->encrypt) -+ ctr64_inc(state->iv + state->ivlen - 8); -+ else -+ rv = len - EVP_GCM_TLS_TAG_LEN; -+ -+ return rv; -+} -+ -+static int cryptodev_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len) -+{ -+ struct crypt_auth_op cryp; -+ struct dev_crypto_state *state = ctx->cipher_data; -+ struct session_op *sess = &state->d_sess; -+ -+ if (state->d_fd < 0) -+ return 0; -+ -+ if ((len % ctx->cipher->block_size) != 0) -+ return 0; -+ -+ if (state->aad_len >= 0) -+ return cryptodev_gcm_tls_cipher(ctx, out, in, len); -+ -+ memset(&cryp, 0, sizeof(cryp)); -+ -+ cryp.ses = sess->ses; -+ cryp.len = len; -+ cryp.src = (unsigned char*) in; -+ cryp.dst = out; -+ cryp.auth_src = NULL; -+ cryp.auth_len = 0; -+ cryp.iv = ctx->iv; -+ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; -+ -+ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { -+ return 0; -+ } -+ -+ return len; -+} -+ -+static int cryptodev_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, -+ void *ptr) -+{ -+ struct dev_crypto_state *state = ctx->cipher_data; -+ switch (type) { -+ case EVP_CTRL_INIT: -+ { -+ state->ivlen = ctx->cipher->iv_len; -+ state->iv = ctx->iv; -+ state->aad_len = -1; -+ return 1; -+ } -+ case EVP_CTRL_GCM_SET_IV_FIXED: -+ { -+ /* Special case: -1 length restores whole IV */ -+ if (arg == -1) -+ { -+ memcpy(state->iv, ptr, state->ivlen); -+ return 1; -+ } -+ /* Fixed field must be at least 4 bytes and invocation field -+ * at least 8. -+ */ -+ if ((arg < 4) || (state->ivlen - arg) < 8) -+ return 0; -+ if (arg) -+ memcpy(state->iv, ptr, arg); -+ if (ctx->encrypt && -+ RAND_bytes(state->iv + arg, state->ivlen - arg) <= 0) -+ return 0; -+ return 1; -+ } -+ case EVP_CTRL_AEAD_TLS1_AAD: -+ { -+ unsigned int len; -+ if (arg != 13) -+ return 0; -+ -+ memcpy(ctx->buf, ptr, arg); -+ len=ctx->buf[arg-2] << 8 | ctx->buf[arg-1]; -+ -+ /* Correct length for explicit IV */ -+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; -+ -+ /* If decrypting correct for tag too */ -+ if (!ctx->encrypt) -+ len -= EVP_GCM_TLS_TAG_LEN; -+ -+ ctx->buf[arg-2] = len >> 8; -+ ctx->buf[arg-1] = len & 0xff; -+ -+ state->aad = ctx->buf; -+ state->aad_len = arg; -+ state->len = len; -+ -+ /* Extra padding: tag appended to record */ -+ return EVP_GCM_TLS_TAG_LEN; -+ } -+ case EVP_CTRL_GCM_SET_IV_INV: -+ { -+ if (ctx->encrypt) -+ return 0; -+ memcpy(state->iv + state->ivlen - arg, ptr, arg); -+ return 1; -+ } -+ case EVP_CTRL_GCM_IV_GEN: -+ if (arg <= 0 || arg > state->ivlen) -+ arg = state->ivlen; -+ memcpy(ptr, state->iv + state->ivlen - arg, arg); -+ return 1; -+ default: -+ return -1; -+ } -+} - /* - * libcrypto EVP stuff - this is how we get wired to EVP so the engine - * gets called when libcrypto requests a cipher NID. -@@ -901,6 +1108,23 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { - cryptodev_cbc_hmac_sha1_ctrl, - NULL - }; -+ -+const EVP_CIPHER cryptodev_aes_128_gcm = { -+ NID_aes_128_gcm, -+ 1, 16, 12, -+ EVP_CIPH_GCM_MODE | EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \ -+ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ -+ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT, -+ cryptodev_init_gcm_key, -+ cryptodev_gcm_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_gcm_ctrl, -+ NULL -+}; -+ - /* - * Registered by the ENGINE when used to find out how to deal with - * a particular NID in the ENGINE. this says what we'll do at the -@@ -944,6 +1168,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - case NID_aes_256_cbc_hmac_sha1: - *cipher = &cryptodev_aes_256_cbc_hmac_sha1; - break; -+ case NID_aes_128_gcm: -+ *cipher = &cryptodev_aes_128_gcm; -+ break; - default: - *cipher = NULL; - break; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch deleted file mode 100644 index 1118a6fc..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch +++ /dev/null @@ -1,193 +0,0 @@ -From 21e3ca4ec77f9258aa4001f07faac1c4942b48b4 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Fri, 9 May 2014 17:54:06 +0300 -Subject: [PATCH 18/26] eng_cryptodev: extend TLS offload with - 3des_cbc_hmac_sha1 - -Both obj_mac.h and obj_dat.h were generated using the scripts -from crypto/objects: - -$ cd crypto/objects -$ perl objects.pl objects.txt obj_mac.num obj_mac.h -$ perl obj_dat.pl obj_mac.h obj_dat.h - -Change-Id: I94f13cdd09df67e33e6acd3c00aab47cb358ac46 -Signed-off-by: Tudor Ambarus -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/34001 ---- - crypto/engine/eng_cryptodev.c | 24 ++++++++++++++++++++++++ - crypto/objects/obj_dat.h | 10 +++++++--- - crypto/objects/obj_mac.h | 4 ++++ - crypto/objects/obj_mac.num | 1 + - crypto/objects/objects.txt | 1 + - ssl/ssl_ciph.c | 4 ++++ - 6 files changed, 41 insertions(+), 3 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 79b2678..299e84b 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -135,6 +135,7 @@ static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, - void ENGINE_load_cryptodev(void); - const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; - const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; -+const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; - - inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) - { -@@ -252,6 +253,7 @@ static struct { - { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, - { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, - { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, -+ { CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, NID_des_ede3_cbc_hmac_sha1, 8, 24, 20}, - { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, - { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, - { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, -@@ -466,6 +468,9 @@ cryptodev_usable_ciphers(const int **nids) - case NID_aes_256_cbc_hmac_sha1: - EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); - break; -+ case NID_des_ede3_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); -+ break; - } - } - return count; -@@ -571,6 +576,7 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - switch (ctx->cipher->nid) { - case NID_aes_128_cbc_hmac_sha1: - case NID_aes_256_cbc_hmac_sha1: -+ case NID_des_ede3_cbc_hmac_sha1: - cryp.flags = COP_FLAG_AEAD_TLS_TYPE; - } - cryp.ses = sess->ses; -@@ -763,6 +769,7 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, - switch (ctx->cipher->nid) { - case NID_aes_128_cbc_hmac_sha1: - case NID_aes_256_cbc_hmac_sha1: -+ case NID_des_ede3_cbc_hmac_sha1: - maclen = SHA_DIGEST_LENGTH; - } - -@@ -1082,6 +1089,20 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { - NULL - }; - -+const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1 = { -+ NID_des_ede3_cbc_hmac_sha1, -+ 8, 24, 8, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ - const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { - NID_aes_128_cbc_hmac_sha1, - 16, 16, 16, -@@ -1163,6 +1184,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - case NID_aes_256_cbc: - *cipher = &cryptodev_aes_256_cbc; - break; -+ case NID_des_ede3_cbc_hmac_sha1: -+ *cipher = &cryptodev_3des_cbc_hmac_sha1; -+ break; - case NID_aes_128_cbc_hmac_sha1: - *cipher = &cryptodev_aes_128_cbc_hmac_sha1; - break; -diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h -index bc69665..9f2267a 100644 ---- a/crypto/objects/obj_dat.h -+++ b/crypto/objects/obj_dat.h -@@ -62,9 +62,9 @@ - * [including the GNU Public Licence.] - */ - --#define NUM_NID 920 --#define NUM_SN 913 --#define NUM_LN 913 -+#define NUM_NID 921 -+#define NUM_SN 914 -+#define NUM_LN 914 - #define NUM_OBJ 857 - - static const unsigned char lvalues[5974]={ -@@ -2399,6 +2399,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ - {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", - NID_aes_256_cbc_hmac_sha1,0,NULL,0}, - {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, -+{"DES-EDE3-CBC-HMAC-SHA1","des-ede3-cbc-hmac-sha1", -+ NID_des_ede3_cbc_hmac_sha1,0,NULL,0}, - }; - - static const unsigned int sn_objs[NUM_SN]={ -@@ -2474,6 +2476,7 @@ static const unsigned int sn_objs[NUM_SN]={ - 62, /* "DES-EDE-OFB" */ - 33, /* "DES-EDE3" */ - 44, /* "DES-EDE3-CBC" */ -+920, /* "DES-EDE3-CBC-HMAC-SHA1" */ - 61, /* "DES-EDE3-CFB" */ - 658, /* "DES-EDE3-CFB1" */ - 659, /* "DES-EDE3-CFB8" */ -@@ -3585,6 +3588,7 @@ static const unsigned int ln_objs[NUM_LN]={ - 62, /* "des-ede-ofb" */ - 33, /* "des-ede3" */ - 44, /* "des-ede3-cbc" */ -+920, /* "des-ede3-cbc-hmac-sha1" */ - 61, /* "des-ede3-cfb" */ - 658, /* "des-ede3-cfb1" */ - 659, /* "des-ede3-cfb8" */ -diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h -index b5ea7cd..8751902 100644 ---- a/crypto/objects/obj_mac.h -+++ b/crypto/objects/obj_mac.h -@@ -4030,3 +4030,7 @@ - #define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1" - #define NID_aes_256_cbc_hmac_sha1 918 - -+#define SN_des_ede3_cbc_hmac_sha1 "DES-EDE3-CBC-HMAC-SHA1" -+#define LN_des_ede3_cbc_hmac_sha1 "des-ede3-cbc-hmac-sha1" -+#define NID_des_ede3_cbc_hmac_sha1 920 -+ -diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num -index 1d0a7c8..9d44bb5 100644 ---- a/crypto/objects/obj_mac.num -+++ b/crypto/objects/obj_mac.num -@@ -917,3 +917,4 @@ aes_128_cbc_hmac_sha1 916 - aes_192_cbc_hmac_sha1 917 - aes_256_cbc_hmac_sha1 918 - rsaesOaep 919 -+des_ede3_cbc_hmac_sha1 920 -diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt -index d3bfad7..90d2fc5 100644 ---- a/crypto/objects/objects.txt -+++ b/crypto/objects/objects.txt -@@ -1290,3 +1290,4 @@ kisa 1 6 : SEED-OFB : seed-ofb - : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1 - : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 - : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 -+ : DES-EDE3-CBC-HMAC-SHA1 : des-ede3-cbc-hmac-sha1 -diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c -index 8188ff5..310fe76 100644 ---- a/ssl/ssl_ciph.c -+++ b/ssl/ssl_ciph.c -@@ -639,6 +639,10 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, - c->algorithm_mac == SSL_SHA1 && - (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) - *enc = evp, *md = NULL; -+ else if (c->algorithm_enc == SSL_3DES && -+ c->algorithm_mac == SSL_SHA1 && -+ (evp = EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) -+ *enc = evp, *md = NULL; - return(1); - } - else --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch deleted file mode 100644 index 988d79ea..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch +++ /dev/null @@ -1,355 +0,0 @@ -From 1de2b740a3bdcd8e98abb5f4e176d46fd817b932 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Tue, 31 Mar 2015 16:30:17 +0300 -Subject: [PATCH 19/26] eng_cryptodev: add support for TLSv1.1 record offload - -Supported cipher suites: -- 3des-ede-cbc-sha -- aes-128-cbc-hmac-sha -- aes-256-cbc-hmac-sha - -Requires TLS patches on cryptodev and TLS algorithm support in Linux -kernel driver. - -Signed-off-by: Tudor Ambarus -Change-Id: Id414f36a528de3f476b72688cf85714787d7ccae -Reviewed-on: http://git.am.freescale.net:8181/34002 -Reviewed-by: Cristian Stoica -Tested-by: Cristian Stoica ---- - crypto/engine/eng_cryptodev.c | 101 ++++++++++++++++++++++++++++++++++++++---- - crypto/objects/obj_dat.h | 18 ++++++-- - crypto/objects/obj_mac.h | 12 +++++ - crypto/objects/obj_mac.num | 3 ++ - crypto/objects/objects.txt | 3 ++ - ssl/ssl_ciph.c | 26 +++++++++-- - 6 files changed, 148 insertions(+), 15 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 299e84b..f71ab27 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -66,6 +66,7 @@ ENGINE_load_cryptodev(void) - #include - #include - #include -+#include - #include - #include - #include -@@ -133,9 +134,12 @@ static int cryptodev_dh_compute_key(unsigned char *key, - static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, - void (*f)(void)); - void ENGINE_load_cryptodev(void); -+const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; - const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; - const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; --const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; -+const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1; -+const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1; -+const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1; - - inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) - { -@@ -256,6 +260,9 @@ static struct { - { CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, NID_des_ede3_cbc_hmac_sha1, 8, 24, 20}, - { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, - { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, -+ { CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, NID_tls11_des_ede3_cbc_hmac_sha1, 8, 24, 20}, -+ { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_128_cbc_hmac_sha1, 16, 16, 20}, -+ { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_256_cbc_hmac_sha1, 16, 32, 20}, - { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, - { 0, NID_undef, 0, 0, 0}, - }; -@@ -462,14 +469,23 @@ cryptodev_usable_ciphers(const int **nids) - /* add ciphers specific to cryptodev if found in kernel */ - for(i = 0; i < count; i++) { - switch (*(*nids + i)) { -+ case NID_des_ede3_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); -+ break; - case NID_aes_128_cbc_hmac_sha1: - EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); - break; - case NID_aes_256_cbc_hmac_sha1: - EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); - break; -- case NID_des_ede3_cbc_hmac_sha1: -- EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); -+ case NID_tls11_des_ede3_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_tls11_3des_cbc_hmac_sha1); -+ break; -+ case NID_tls11_aes_128_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_tls11_aes_128_cbc_hmac_sha1); -+ break; -+ case NID_tls11_aes_256_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_tls11_aes_256_cbc_hmac_sha1); - break; - } - } -@@ -574,9 +590,12 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - - /* TODO: make a seamless integration with cryptodev flags */ - switch (ctx->cipher->nid) { -+ case NID_des_ede3_cbc_hmac_sha1: - case NID_aes_128_cbc_hmac_sha1: - case NID_aes_256_cbc_hmac_sha1: -- case NID_des_ede3_cbc_hmac_sha1: -+ case NID_tls11_des_ede3_cbc_hmac_sha1: -+ case NID_tls11_aes_128_cbc_hmac_sha1: -+ case NID_tls11_aes_256_cbc_hmac_sha1: - cryp.flags = COP_FLAG_AEAD_TLS_TYPE; - } - cryp.ses = sess->ses; -@@ -758,8 +777,9 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, - struct dev_crypto_state *state = ctx->cipher_data; - unsigned char *p = ptr; - unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; -- unsigned int maclen, padlen; -+ unsigned int maclen, padlen, len; - unsigned int bs = ctx->cipher->block_size; -+ bool aad_needs_fix = false; - - state->aad = ptr; - state->aad_len = arg; -@@ -767,10 +787,24 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, - - /* TODO: this should be an extension of EVP_CIPHER struct */ - switch (ctx->cipher->nid) { -+ case NID_des_ede3_cbc_hmac_sha1: - case NID_aes_128_cbc_hmac_sha1: - case NID_aes_256_cbc_hmac_sha1: -- case NID_des_ede3_cbc_hmac_sha1: - maclen = SHA_DIGEST_LENGTH; -+ break; -+ case NID_tls11_des_ede3_cbc_hmac_sha1: -+ case NID_tls11_aes_128_cbc_hmac_sha1: -+ case NID_tls11_aes_256_cbc_hmac_sha1: -+ maclen = SHA_DIGEST_LENGTH; -+ aad_needs_fix = true; -+ break; -+ } -+ -+ /* Correct length for AAD Length field */ -+ if (ctx->encrypt && aad_needs_fix) { -+ len = cryptlen - bs; -+ p[arg-2] = len >> 8; -+ p[arg-1] = len & 0xff; - } - - /* space required for encryption (not only TLS padding) */ -@@ -1131,6 +1165,48 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { - NULL - }; - -+const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1 = { -+ NID_tls11_des_ede3_cbc_hmac_sha1, -+ 8, 24, 8, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ -+const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1 = { -+ NID_tls11_aes_128_cbc_hmac_sha1, -+ 16, 16, 16, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ -+const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1 = { -+ NID_tls11_aes_256_cbc_hmac_sha1, -+ 16, 32, 16, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ - const EVP_CIPHER cryptodev_aes_128_gcm = { - NID_aes_128_gcm, - 1, 16, 12, -@@ -1184,6 +1260,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - case NID_aes_256_cbc: - *cipher = &cryptodev_aes_256_cbc; - break; -+ case NID_aes_128_gcm: -+ *cipher = &cryptodev_aes_128_gcm; -+ break; - case NID_des_ede3_cbc_hmac_sha1: - *cipher = &cryptodev_3des_cbc_hmac_sha1; - break; -@@ -1193,8 +1272,14 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - case NID_aes_256_cbc_hmac_sha1: - *cipher = &cryptodev_aes_256_cbc_hmac_sha1; - break; -- case NID_aes_128_gcm: -- *cipher = &cryptodev_aes_128_gcm; -+ case NID_tls11_des_ede3_cbc_hmac_sha1: -+ *cipher = &cryptodev_tls11_3des_cbc_hmac_sha1; -+ break; -+ case NID_tls11_aes_128_cbc_hmac_sha1: -+ *cipher = &cryptodev_tls11_aes_128_cbc_hmac_sha1; -+ break; -+ case NID_tls11_aes_256_cbc_hmac_sha1: -+ *cipher = &cryptodev_tls11_aes_256_cbc_hmac_sha1; - break; - default: - *cipher = NULL; -diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h -index 9f2267a..dc89b0a 100644 ---- a/crypto/objects/obj_dat.h -+++ b/crypto/objects/obj_dat.h -@@ -62,9 +62,9 @@ - * [including the GNU Public Licence.] - */ - --#define NUM_NID 921 --#define NUM_SN 914 --#define NUM_LN 914 -+#define NUM_NID 924 -+#define NUM_SN 917 -+#define NUM_LN 917 - #define NUM_OBJ 857 - - static const unsigned char lvalues[5974]={ -@@ -2401,6 +2401,12 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ - {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, - {"DES-EDE3-CBC-HMAC-SHA1","des-ede3-cbc-hmac-sha1", - NID_des_ede3_cbc_hmac_sha1,0,NULL,0}, -+{"TLS11-DES-EDE3-CBC-HMAC-SHA1","tls11-des-ede3-cbc-hmac-sha1", -+ NID_tls11_des_ede3_cbc_hmac_sha1,0,NULL,0}, -+{"TLS11-AES-128-CBC-HMAC-SHA1","tls11-aes-128-cbc-hmac-sha1", -+ NID_tls11_aes_128_cbc_hmac_sha1,0,NULL,0}, -+{"TLS11-AES-256-CBC-HMAC-SHA1","tls11-aes-256-cbc-hmac-sha1", -+ NID_tls11_aes_256_cbc_hmac_sha1,0,NULL,0}, - }; - - static const unsigned int sn_objs[NUM_SN]={ -@@ -2586,6 +2592,9 @@ static const unsigned int sn_objs[NUM_SN]={ - 100, /* "SN" */ - 16, /* "ST" */ - 143, /* "SXNetID" */ -+922, /* "TLS11-AES-128-CBC-HMAC-SHA1" */ -+923, /* "TLS11-AES-256-CBC-HMAC-SHA1" */ -+921, /* "TLS11-DES-EDE3-CBC-HMAC-SHA1" */ - 458, /* "UID" */ - 0, /* "UNDEF" */ - 11, /* "X500" */ -@@ -4205,6 +4214,9 @@ static const unsigned int ln_objs[NUM_LN]={ - 459, /* "textEncodedORAddress" */ - 293, /* "textNotice" */ - 106, /* "title" */ -+922, /* "tls11-aes-128-cbc-hmac-sha1" */ -+923, /* "tls11-aes-256-cbc-hmac-sha1" */ -+921, /* "tls11-des-ede3-cbc-hmac-sha1" */ - 682, /* "tpBasis" */ - 436, /* "ucl" */ - 0, /* "undefined" */ -diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h -index 8751902..f181890 100644 ---- a/crypto/objects/obj_mac.h -+++ b/crypto/objects/obj_mac.h -@@ -4034,3 +4034,15 @@ - #define LN_des_ede3_cbc_hmac_sha1 "des-ede3-cbc-hmac-sha1" - #define NID_des_ede3_cbc_hmac_sha1 920 - -+#define SN_tls11_des_ede3_cbc_hmac_sha1 "TLS11-DES-EDE3-CBC-HMAC-SHA1" -+#define LN_tls11_des_ede3_cbc_hmac_sha1 "tls11-des-ede3-cbc-hmac-sha1" -+#define NID_tls11_des_ede3_cbc_hmac_sha1 921 -+ -+#define SN_tls11_aes_128_cbc_hmac_sha1 "TLS11-AES-128-CBC-HMAC-SHA1" -+#define LN_tls11_aes_128_cbc_hmac_sha1 "tls11-aes-128-cbc-hmac-sha1" -+#define NID_tls11_aes_128_cbc_hmac_sha1 922 -+ -+#define SN_tls11_aes_256_cbc_hmac_sha1 "TLS11-AES-256-CBC-HMAC-SHA1" -+#define LN_tls11_aes_256_cbc_hmac_sha1 "tls11-aes-256-cbc-hmac-sha1" -+#define NID_tls11_aes_256_cbc_hmac_sha1 923 -+ -diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num -index 9d44bb5..a02b58c 100644 ---- a/crypto/objects/obj_mac.num -+++ b/crypto/objects/obj_mac.num -@@ -918,3 +918,6 @@ aes_192_cbc_hmac_sha1 917 - aes_256_cbc_hmac_sha1 918 - rsaesOaep 919 - des_ede3_cbc_hmac_sha1 920 -+tls11_des_ede3_cbc_hmac_sha1 921 -+tls11_aes_128_cbc_hmac_sha1 922 -+tls11_aes_256_cbc_hmac_sha1 923 -diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt -index 90d2fc5..1973658 100644 ---- a/crypto/objects/objects.txt -+++ b/crypto/objects/objects.txt -@@ -1291,3 +1291,6 @@ kisa 1 6 : SEED-OFB : seed-ofb - : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 - : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 - : DES-EDE3-CBC-HMAC-SHA1 : des-ede3-cbc-hmac-sha1 -+ : TLS11-DES-EDE3-CBC-HMAC-SHA1 : tls11-des-ede3-cbc-hmac-sha1 -+ : TLS11-AES-128-CBC-HMAC-SHA1 : tls11-aes-128-cbc-hmac-sha1 -+ : TLS11-AES-256-CBC-HMAC-SHA1 : tls11-aes-256-cbc-hmac-sha1 -diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c -index 310fe76..0408986 100644 ---- a/ssl/ssl_ciph.c -+++ b/ssl/ssl_ciph.c -@@ -631,17 +631,35 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, - c->algorithm_mac == SSL_MD5 && - (evp=EVP_get_cipherbyname("RC4-HMAC-MD5"))) - *enc = evp, *md = NULL; -- else if (c->algorithm_enc == SSL_AES128 && -+ else if (s->ssl_version == TLS1_VERSION && -+ c->algorithm_enc == SSL_3DES && -+ c->algorithm_mac == SSL_SHA1 && -+ (evp=EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) -+ *enc = evp, *md = NULL; -+ else if (s->ssl_version == TLS1_VERSION && -+ c->algorithm_enc == SSL_AES128 && - c->algorithm_mac == SSL_SHA1 && - (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) - *enc = evp, *md = NULL; -- else if (c->algorithm_enc == SSL_AES256 && -+ else if (s->ssl_version == TLS1_VERSION && -+ c->algorithm_enc == SSL_AES256 && - c->algorithm_mac == SSL_SHA1 && - (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) - *enc = evp, *md = NULL; -- else if (c->algorithm_enc == SSL_3DES && -+ else if (s->ssl_version == TLS1_1_VERSION && -+ c->algorithm_enc == SSL_3DES && -+ c->algorithm_mac == SSL_SHA1 && -+ (evp=EVP_get_cipherbyname("TLS11-DES-EDE3-CBC-HMAC-SHA1"))) -+ *enc = evp, *md = NULL; -+ else if (s->ssl_version == TLS1_1_VERSION && -+ c->algorithm_enc == SSL_AES128 && -+ c->algorithm_mac == SSL_SHA1 && -+ (evp=EVP_get_cipherbyname("TLS11-AES-128-CBC-HMAC-SHA1"))) -+ *enc = evp, *md = NULL; -+ else if (s->ssl_version == TLS1_1_VERSION && -+ c->algorithm_enc == SSL_AES256 && - c->algorithm_mac == SSL_SHA1 && -- (evp = EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) -+ (evp=EVP_get_cipherbyname("TLS11-AES-256-CBC-HMAC-SHA1"))) - *enc = evp, *md = NULL; - return(1); - } --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch deleted file mode 100644 index 7370c496..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch +++ /dev/null @@ -1,359 +0,0 @@ -From a58703e6601fcfcfe69fdb3e7152ed76b40d67e9 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Tue, 31 Mar 2015 16:32:35 +0300 -Subject: [PATCH 20/26] eng_cryptodev: add support for TLSv1.2 record offload - -Supported cipher suites: -- 3des-ede-cbc-sha -- aes-128-cbc-hmac-sha -- aes-256-cbc-hmac-sha -- aes-128-cbc-hmac-sha256 -- aes-256-cbc-hmac-sha256 - -Requires TLS patches on cryptodev and TLS algorithm support in Linux -kernel driver. - -Signed-off-by: Tudor Ambarus -Change-Id: I0ac6953dd62e2655a59d8f3eaefd012b7ecebf55 -Reviewed-on: http://git.am.freescale.net:8181/34003 -Reviewed-by: Cristian Stoica -Tested-by: Cristian Stoica ---- - crypto/engine/eng_cryptodev.c | 123 ++++++++++++++++++++++++++++++++++++++++++ - crypto/objects/obj_dat.h | 26 +++++++-- - crypto/objects/obj_mac.h | 20 +++++++ - crypto/objects/obj_mac.num | 5 ++ - crypto/objects/objects.txt | 5 ++ - ssl/ssl_ciph.c | 25 +++++++++ - 6 files changed, 201 insertions(+), 3 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index f71ab27..fa5fe1b 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -140,6 +140,11 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; - const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1; - const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1; - const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1; -+const EVP_CIPHER cryptodev_tls12_3des_cbc_hmac_sha1; -+const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha1; -+const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha1; -+const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha256; -+const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha256; - - inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) - { -@@ -263,6 +268,11 @@ static struct { - { CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, NID_tls11_des_ede3_cbc_hmac_sha1, 8, 24, 20}, - { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_128_cbc_hmac_sha1, 16, 16, 20}, - { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_256_cbc_hmac_sha1, 16, 32, 20}, -+ { CRYPTO_TLS12_3DES_CBC_HMAC_SHA1, NID_tls12_des_ede3_cbc_hmac_sha1, 8, 24, 20}, -+ { CRYPTO_TLS12_AES_CBC_HMAC_SHA1, NID_tls12_aes_128_cbc_hmac_sha1, 16, 16, 20}, -+ { CRYPTO_TLS12_AES_CBC_HMAC_SHA1, NID_tls12_aes_256_cbc_hmac_sha1, 16, 32, 20}, -+ { CRYPTO_TLS12_AES_CBC_HMAC_SHA256, NID_tls12_aes_128_cbc_hmac_sha256, 16, 16, 32}, -+ { CRYPTO_TLS12_AES_CBC_HMAC_SHA256, NID_tls12_aes_256_cbc_hmac_sha256, 16, 32, 32}, - { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, - { 0, NID_undef, 0, 0, 0}, - }; -@@ -487,6 +497,21 @@ cryptodev_usable_ciphers(const int **nids) - case NID_tls11_aes_256_cbc_hmac_sha1: - EVP_add_cipher(&cryptodev_tls11_aes_256_cbc_hmac_sha1); - break; -+ case NID_tls12_des_ede3_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_tls12_3des_cbc_hmac_sha1); -+ break; -+ case NID_tls12_aes_128_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_tls12_aes_128_cbc_hmac_sha1); -+ break; -+ case NID_tls12_aes_256_cbc_hmac_sha1: -+ EVP_add_cipher(&cryptodev_tls12_aes_256_cbc_hmac_sha1); -+ break; -+ case NID_tls12_aes_128_cbc_hmac_sha256: -+ EVP_add_cipher(&cryptodev_tls12_aes_128_cbc_hmac_sha256); -+ break; -+ case NID_tls12_aes_256_cbc_hmac_sha256: -+ EVP_add_cipher(&cryptodev_tls12_aes_256_cbc_hmac_sha256); -+ break; - } - } - return count; -@@ -596,6 +621,11 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - case NID_tls11_des_ede3_cbc_hmac_sha1: - case NID_tls11_aes_128_cbc_hmac_sha1: - case NID_tls11_aes_256_cbc_hmac_sha1: -+ case NID_tls12_des_ede3_cbc_hmac_sha1: -+ case NID_tls12_aes_128_cbc_hmac_sha1: -+ case NID_tls12_aes_256_cbc_hmac_sha1: -+ case NID_tls12_aes_128_cbc_hmac_sha256: -+ case NID_tls12_aes_256_cbc_hmac_sha256: - cryp.flags = COP_FLAG_AEAD_TLS_TYPE; - } - cryp.ses = sess->ses; -@@ -795,9 +825,17 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, - case NID_tls11_des_ede3_cbc_hmac_sha1: - case NID_tls11_aes_128_cbc_hmac_sha1: - case NID_tls11_aes_256_cbc_hmac_sha1: -+ case NID_tls12_des_ede3_cbc_hmac_sha1: -+ case NID_tls12_aes_128_cbc_hmac_sha1: -+ case NID_tls12_aes_256_cbc_hmac_sha1: - maclen = SHA_DIGEST_LENGTH; - aad_needs_fix = true; - break; -+ case NID_tls12_aes_128_cbc_hmac_sha256: -+ case NID_tls12_aes_256_cbc_hmac_sha256: -+ maclen = SHA256_DIGEST_LENGTH; -+ aad_needs_fix = true; -+ break; - } - - /* Correct length for AAD Length field */ -@@ -1207,6 +1245,76 @@ const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1 = { - NULL - }; - -+const EVP_CIPHER cryptodev_tls12_3des_cbc_hmac_sha1 = { -+ NID_tls12_des_ede3_cbc_hmac_sha1, -+ 8, 24, 8, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ -+const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha1 = { -+ NID_tls12_aes_128_cbc_hmac_sha1, -+ 16, 16, 16, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ -+const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha1 = { -+ NID_tls12_aes_256_cbc_hmac_sha1, -+ 16, 32, 16, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ -+const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha256 = { -+ NID_tls12_aes_128_cbc_hmac_sha256, -+ 16, 16, 16, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ -+const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha256 = { -+ NID_tls12_aes_256_cbc_hmac_sha256, -+ 16, 32, 16, -+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, -+ cryptodev_init_aead_key, -+ cryptodev_aead_cipher, -+ cryptodev_cleanup, -+ sizeof(struct dev_crypto_state), -+ EVP_CIPHER_set_asn1_iv, -+ EVP_CIPHER_get_asn1_iv, -+ cryptodev_cbc_hmac_sha1_ctrl, -+ NULL -+}; -+ - const EVP_CIPHER cryptodev_aes_128_gcm = { - NID_aes_128_gcm, - 1, 16, 12, -@@ -1281,6 +1389,21 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - case NID_tls11_aes_256_cbc_hmac_sha1: - *cipher = &cryptodev_tls11_aes_256_cbc_hmac_sha1; - break; -+ case NID_tls12_des_ede3_cbc_hmac_sha1: -+ *cipher = &cryptodev_tls12_3des_cbc_hmac_sha1; -+ break; -+ case NID_tls12_aes_128_cbc_hmac_sha1: -+ *cipher = &cryptodev_tls12_aes_128_cbc_hmac_sha1; -+ break; -+ case NID_tls12_aes_256_cbc_hmac_sha1: -+ *cipher = &cryptodev_tls12_aes_256_cbc_hmac_sha1; -+ break; -+ case NID_tls12_aes_128_cbc_hmac_sha256: -+ *cipher = &cryptodev_tls12_aes_128_cbc_hmac_sha256; -+ break; -+ case NID_tls12_aes_256_cbc_hmac_sha256: -+ *cipher = &cryptodev_tls12_aes_256_cbc_hmac_sha256; -+ break; - default: - *cipher = NULL; - break; -diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h -index dc89b0a..dfe19da 100644 ---- a/crypto/objects/obj_dat.h -+++ b/crypto/objects/obj_dat.h -@@ -62,9 +62,9 @@ - * [including the GNU Public Licence.] - */ - --#define NUM_NID 924 --#define NUM_SN 917 --#define NUM_LN 917 -+#define NUM_NID 929 -+#define NUM_SN 922 -+#define NUM_LN 922 - #define NUM_OBJ 857 - - static const unsigned char lvalues[5974]={ -@@ -2407,6 +2407,16 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ - NID_tls11_aes_128_cbc_hmac_sha1,0,NULL,0}, - {"TLS11-AES-256-CBC-HMAC-SHA1","tls11-aes-256-cbc-hmac-sha1", - NID_tls11_aes_256_cbc_hmac_sha1,0,NULL,0}, -+{"TLS12-DES-EDE3-CBC-HMAC-SHA1","tls12-des-ede3-cbc-hmac-sha1", -+ NID_tls12_des_ede3_cbc_hmac_sha1,0,NULL,0}, -+{"TLS12-AES-128-CBC-HMAC-SHA1","tls12-aes-128-cbc-hmac-sha1", -+ NID_tls12_aes_128_cbc_hmac_sha1,0,NULL,0}, -+{"TLS12-AES-256-CBC-HMAC-SHA1","tls12-aes-256-cbc-hmac-sha1", -+ NID_tls12_aes_256_cbc_hmac_sha1,0,NULL,0}, -+{"TLS12-AES-128-CBC-HMAC-SHA256","tls12-aes-128-cbc-hmac-sha256", -+ NID_tls12_aes_128_cbc_hmac_sha256,0,NULL,0}, -+{"TLS12-AES-256-CBC-HMAC-SHA256","tls12-aes-256-cbc-hmac-sha256", -+ NID_tls12_aes_256_cbc_hmac_sha256,0,NULL,0}, - }; - - static const unsigned int sn_objs[NUM_SN]={ -@@ -2595,6 +2605,11 @@ static const unsigned int sn_objs[NUM_SN]={ - 922, /* "TLS11-AES-128-CBC-HMAC-SHA1" */ - 923, /* "TLS11-AES-256-CBC-HMAC-SHA1" */ - 921, /* "TLS11-DES-EDE3-CBC-HMAC-SHA1" */ -+925, /* "TLS12-AES-128-CBC-HMAC-SHA1" */ -+927, /* "TLS12-AES-128-CBC-HMAC-SHA256" */ -+926, /* "TLS12-AES-256-CBC-HMAC-SHA1" */ -+928, /* "TLS12-AES-256-CBC-HMAC-SHA256" */ -+924, /* "TLS12-DES-EDE3-CBC-HMAC-SHA1" */ - 458, /* "UID" */ - 0, /* "UNDEF" */ - 11, /* "X500" */ -@@ -4217,6 +4232,11 @@ static const unsigned int ln_objs[NUM_LN]={ - 922, /* "tls11-aes-128-cbc-hmac-sha1" */ - 923, /* "tls11-aes-256-cbc-hmac-sha1" */ - 921, /* "tls11-des-ede3-cbc-hmac-sha1" */ -+925, /* "tls12-aes-128-cbc-hmac-sha1" */ -+927, /* "tls12-aes-128-cbc-hmac-sha256" */ -+926, /* "tls12-aes-256-cbc-hmac-sha1" */ -+928, /* "tls12-aes-256-cbc-hmac-sha256" */ -+924, /* "tls12-des-ede3-cbc-hmac-sha1" */ - 682, /* "tpBasis" */ - 436, /* "ucl" */ - 0, /* "undefined" */ -diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h -index f181890..5af125e 100644 ---- a/crypto/objects/obj_mac.h -+++ b/crypto/objects/obj_mac.h -@@ -4046,3 +4046,23 @@ - #define LN_tls11_aes_256_cbc_hmac_sha1 "tls11-aes-256-cbc-hmac-sha1" - #define NID_tls11_aes_256_cbc_hmac_sha1 923 - -+#define SN_tls12_des_ede3_cbc_hmac_sha1 "TLS12-DES-EDE3-CBC-HMAC-SHA1" -+#define LN_tls12_des_ede3_cbc_hmac_sha1 "tls12-des-ede3-cbc-hmac-sha1" -+#define NID_tls12_des_ede3_cbc_hmac_sha1 924 -+ -+#define SN_tls12_aes_128_cbc_hmac_sha1 "TLS12-AES-128-CBC-HMAC-SHA1" -+#define LN_tls12_aes_128_cbc_hmac_sha1 "tls12-aes-128-cbc-hmac-sha1" -+#define NID_tls12_aes_128_cbc_hmac_sha1 925 -+ -+#define SN_tls12_aes_256_cbc_hmac_sha1 "TLS12-AES-256-CBC-HMAC-SHA1" -+#define LN_tls12_aes_256_cbc_hmac_sha1 "tls12-aes-256-cbc-hmac-sha1" -+#define NID_tls12_aes_256_cbc_hmac_sha1 926 -+ -+#define SN_tls12_aes_128_cbc_hmac_sha256 "TLS12-AES-128-CBC-HMAC-SHA256" -+#define LN_tls12_aes_128_cbc_hmac_sha256 "tls12-aes-128-cbc-hmac-sha256" -+#define NID_tls12_aes_128_cbc_hmac_sha256 927 -+ -+#define SN_tls12_aes_256_cbc_hmac_sha256 "TLS12-AES-256-CBC-HMAC-SHA256" -+#define LN_tls12_aes_256_cbc_hmac_sha256 "tls12-aes-256-cbc-hmac-sha256" -+#define NID_tls12_aes_256_cbc_hmac_sha256 928 -+ -diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num -index a02b58c..deeba3a 100644 ---- a/crypto/objects/obj_mac.num -+++ b/crypto/objects/obj_mac.num -@@ -921,3 +921,8 @@ des_ede3_cbc_hmac_sha1 920 - tls11_des_ede3_cbc_hmac_sha1 921 - tls11_aes_128_cbc_hmac_sha1 922 - tls11_aes_256_cbc_hmac_sha1 923 -+tls12_des_ede3_cbc_hmac_sha1 924 -+tls12_aes_128_cbc_hmac_sha1 925 -+tls12_aes_256_cbc_hmac_sha1 926 -+tls12_aes_128_cbc_hmac_sha256 927 -+tls12_aes_256_cbc_hmac_sha256 928 -diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt -index 1973658..6e4ac93 100644 ---- a/crypto/objects/objects.txt -+++ b/crypto/objects/objects.txt -@@ -1294,3 +1294,8 @@ kisa 1 6 : SEED-OFB : seed-ofb - : TLS11-DES-EDE3-CBC-HMAC-SHA1 : tls11-des-ede3-cbc-hmac-sha1 - : TLS11-AES-128-CBC-HMAC-SHA1 : tls11-aes-128-cbc-hmac-sha1 - : TLS11-AES-256-CBC-HMAC-SHA1 : tls11-aes-256-cbc-hmac-sha1 -+ : TLS12-DES-EDE3-CBC-HMAC-SHA1 : tls12-des-ede3-cbc-hmac-sha1 -+ : TLS12-AES-128-CBC-HMAC-SHA1 : tls12-aes-128-cbc-hmac-sha1 -+ : TLS12-AES-256-CBC-HMAC-SHA1 : tls12-aes-256-cbc-hmac-sha1 -+ : TLS12-AES-128-CBC-HMAC-SHA256 : tls12-aes-128-cbc-hmac-sha256 -+ : TLS12-AES-256-CBC-HMAC-SHA256 : tls12-aes-256-cbc-hmac-sha256 -diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c -index 0408986..77a82f6 100644 ---- a/ssl/ssl_ciph.c -+++ b/ssl/ssl_ciph.c -@@ -661,6 +661,31 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, - c->algorithm_mac == SSL_SHA1 && - (evp=EVP_get_cipherbyname("TLS11-AES-256-CBC-HMAC-SHA1"))) - *enc = evp, *md = NULL; -+ else if (s->ssl_version == TLS1_2_VERSION && -+ c->algorithm_enc == SSL_3DES && -+ c->algorithm_mac == SSL_SHA1 && -+ (evp=EVP_get_cipherbyname("TLS12-DES-EDE3-CBC-HMAC-SHA1"))) -+ *enc = evp, *md = NULL; -+ else if (s->ssl_version == TLS1_2_VERSION && -+ c->algorithm_enc == SSL_AES128 && -+ c->algorithm_mac == SSL_SHA1 && -+ (evp=EVP_get_cipherbyname("TLS12-AES-128-CBC-HMAC-SHA1"))) -+ *enc = evp, *md = NULL; -+ else if (s->ssl_version == TLS1_2_VERSION && -+ c->algorithm_enc == SSL_AES256 && -+ c->algorithm_mac == SSL_SHA1 && -+ (evp=EVP_get_cipherbyname("TLS12-AES-256-CBC-HMAC-SHA1"))) -+ *enc = evp, *md = NULL; -+ else if (s->ssl_version == TLS1_2_VERSION && -+ c->algorithm_enc == SSL_AES128 && -+ c->algorithm_mac == SSL_SHA256 && -+ (evp=EVP_get_cipherbyname("TLS12-AES-128-CBC-HMAC-SHA256"))) -+ *enc = evp, *md = NULL; -+ else if (s->ssl_version == TLS1_2_VERSION && -+ c->algorithm_enc == SSL_AES256 && -+ c->algorithm_mac == SSL_SHA256 && -+ (evp=EVP_get_cipherbyname("TLS12-AES-256-CBC-HMAC-SHA256"))) -+ *enc = evp, *md = NULL; - return(1); - } - else --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch deleted file mode 100644 index 16cc6882..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch +++ /dev/null @@ -1,75 +0,0 @@ -From ea4abc255c6c5feec01cb1e30c6082cfe47860e2 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Thu, 19 Feb 2015 16:11:53 +0200 -Subject: [PATCH 21/26] cryptodev: drop redundant function - -get_dev_crypto already caches the result. Another cache in-between is -useless. - -Change-Id: Ibd162529d3fb7a561a17f1a707d5d287c1586a3a -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/34216 ---- - crypto/engine/eng_cryptodev.c | 18 +++--------------- - 1 file changed, 3 insertions(+), 15 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index fa5fe1b..1ab5551 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -96,7 +96,6 @@ struct dev_crypto_state { - - static u_int32_t cryptodev_asymfeat = 0; - --static int get_asym_dev_crypto(void); - static int open_dev_crypto(void); - static int get_dev_crypto(void); - static int get_cryptodev_ciphers(const int **cnids); -@@ -357,17 +356,6 @@ static void put_dev_crypto(int fd) - #endif - } - --/* Caching version for asym operations */ --static int --get_asym_dev_crypto(void) --{ -- static int fd = -1; -- -- if (fd == -1) -- fd = get_dev_crypto(); -- return fd; --} -- - /* - * Find out what ciphers /dev/crypto will let us have a session for. - * XXX note, that some of these openssl doesn't deal with yet! -@@ -1796,7 +1784,7 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) - { - int fd, ret = -1; - -- if ((fd = get_asym_dev_crypto()) < 0) -+ if ((fd = get_dev_crypto()) < 0) - return (ret); - - if (r) { -@@ -2374,7 +2362,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) - int p_len, q_len; - int i; - -- if ((fd = get_asym_dev_crypto()) < 0) -+ if ((fd = get_dev_crypto()) < 0) - goto sw_try; - - if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; -@@ -3928,7 +3916,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) - BIGNUM *temp = NULL; - unsigned char *padded_pub_key = NULL, *p = NULL; - -- if ((fd = get_asym_dev_crypto()) < 0) -+ if ((fd = get_dev_crypto()) < 0) - goto sw_try; - - memset(&kop, 0, sizeof kop); --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch deleted file mode 100644 index 0b2f0f1b..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 75e3e7d600eb72e7374b1ecf5ece7b831bc98ed8 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Tue, 17 Feb 2015 13:12:53 +0200 -Subject: [PATCH 22/26] cryptodev: do not zero the buffer before use - -- The buffer is just about to be overwritten. Zeroing it before that has - no purpose - -Change-Id: I478c31bd2e254561474a7edf5e37980ca04217ce -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/34217 ---- - crypto/engine/eng_cryptodev.c | 13 ++++--------- - 1 file changed, 4 insertions(+), 9 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 1ab5551..dbc5989 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -1681,21 +1681,16 @@ static int - bn2crparam(const BIGNUM *a, struct crparam *crp) - { - ssize_t bytes, bits; -- u_char *b; -- -- crp->crp_p = NULL; -- crp->crp_nbits = 0; - - bits = BN_num_bits(a); - bytes = (bits + 7) / 8; - -- b = malloc(bytes); -- if (b == NULL) -+ crp->crp_nbits = bits; -+ crp->crp_p = malloc(bytes); -+ -+ if (crp->crp_p == NULL) - return (1); -- memset(b, 0, bytes); - -- crp->crp_p = (caddr_t) b; -- crp->crp_nbits = bits; - BN_bn2bin(a, crp->crp_p); - return (0); - } --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch deleted file mode 100644 index 5ff1c5ca..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 4453b06b940fc03a0973cfd96f908e46cce61054 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Wed, 18 Feb 2015 10:39:46 +0200 -Subject: [PATCH 23/26] cryptodev: clean-up code layout - -This is just a refactoring that uses else branch to check for malloc failures - -Change-Id: I6dc157af36d6ec51a4edfc82cf97fae2e7e83628 -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/34218 ---- - crypto/engine/eng_cryptodev.c | 42 ++++++++++++++++++++---------------------- - 1 file changed, 20 insertions(+), 22 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index dbc5989..dceb4f5 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -1745,30 +1745,28 @@ cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, - fd = *(int *)cookie->eng_handle; - - eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); -- -- if (eng_cookie) { -- memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); -- if (r) { -- kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); -- if (!kop->crk_param[kop->crk_iparams].crp_p) -- return -ENOMEM; -- kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; -- kop->crk_oparams++; -- eng_cookie->r = r; -- eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; -- } -- if (s) { -- kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); -- if (!kop->crk_param[kop->crk_iparams+1].crp_p) -- return -ENOMEM; -- kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; -- kop->crk_oparams++; -- eng_cookie->s = s; -- eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; -- } -- } else -+ if (!eng_cookie) - return -ENOMEM; - -+ memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); -+ if (r) { -+ kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); -+ if (!kop->crk_param[kop->crk_iparams].crp_p) -+ return -ENOMEM; -+ kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; -+ kop->crk_oparams++; -+ eng_cookie->r = r; -+ eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; -+ } -+ if (s) { -+ kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); -+ if (!kop->crk_param[kop->crk_iparams+1].crp_p) -+ return -ENOMEM; -+ kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; -+ kop->crk_oparams++; -+ eng_cookie->s = s; -+ eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; -+ } - eng_cookie->kop = kop; - cookie->eng_cookie = eng_cookie; - return ioctl(fd, CIOCASYMASYNCRYPT, kop); --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch deleted file mode 100644 index e798d3e2..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch +++ /dev/null @@ -1,100 +0,0 @@ -From a44701abd995b3db80001d0c5d88e9ead05972c1 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Thu, 19 Feb 2015 16:43:29 +0200 -Subject: [PATCH 24/26] cryptodev: do not cache file descriptor in 'open' - -The file descriptor returned by get_dev_crypto is cached after a -successful return. The issue is, it is cached inside 'open_dev_crypto' -which is no longer useful as a general purpose open("/dev/crypto") -function. - -This patch is a refactoring that moves the caching operation from -open_dev_crypto to get_dev_crypto and leaves the former as a simpler -function true to its name - -Change-Id: I980170969410381973ce75f6679a4a1401738847 -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/34219 ---- - crypto/engine/eng_cryptodev.c | 50 +++++++++++++++++++++---------------------- - 1 file changed, 24 insertions(+), 26 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index dceb4f5..b74fc7c 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -306,47 +306,45 @@ static void ctr64_inc(unsigned char *counter) { - if (c) return; - } while (n); - } --/* -- * Return a fd if /dev/crypto seems usable, 0 otherwise. -- */ --static int --open_dev_crypto(void) -+ -+static int open_dev_crypto(void) - { -- static int fd = -1; -+ int fd; - -- if (fd == -1) { -- if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1) -- return (-1); -- /* close on exec */ -- if (fcntl(fd, F_SETFD, 1) == -1) { -- close(fd); -- fd = -1; -- return (-1); -- } -+ fd = open("/dev/crypto", O_RDWR, 0); -+ if ( fd < 0) -+ return -1; -+ -+ /* close on exec */ -+ if (fcntl(fd, F_SETFD, 1) == -1) { -+ close(fd); -+ return -1; - } -- return (fd); -+ -+ return fd; - } - --static int --get_dev_crypto(void) -+static int get_dev_crypto(void) - { -- int fd, retfd; -+ static int fd = -1; -+ int retfd; - -- if ((fd = open_dev_crypto()) == -1) -- return (-1); --#ifndef CRIOGET_NOT_NEEDED -+ if (fd == -1) -+ fd = open_dev_crypto(); -+#ifdef CRIOGET_NOT_NEEDED -+ return fd; -+#else -+ if (fd == -1) -+ return -1; - if (ioctl(fd, CRIOGET, &retfd) == -1) - return (-1); -- - /* close on exec */ - if (fcntl(retfd, F_SETFD, 1) == -1) { - close(retfd); - return (-1); - } --#else -- retfd = fd; -+ return retfd; - #endif -- return (retfd); - } - - static void put_dev_crypto(int fd) --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch deleted file mode 100644 index a48dc6a6..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 84a8007b6e92fe4c2696cc9e330207ee03303a20 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Thu, 19 Feb 2015 13:09:32 +0200 -Subject: [PATCH 25/26] cryptodev: put_dev_crypto should be an int - -Change-Id: Ie0a83bc07a37132286c098b17ef35d98de74b043 -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/34220 ---- - crypto/engine/eng_cryptodev.c | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index b74fc7c..c9db27d 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -347,10 +347,12 @@ static int get_dev_crypto(void) - #endif - } - --static void put_dev_crypto(int fd) -+static int put_dev_crypto(int fd) - { --#ifndef CRIOGET_NOT_NEEDED -- close(fd); -+#ifdef CRIOGET_NOT_NEEDED -+ return 0; -+#else -+ return close(fd); - #endif - } - --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch deleted file mode 100644 index 6527ac8f..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch +++ /dev/null @@ -1,250 +0,0 @@ -From 787539e7720c99785f6c664a7484842bba08f6ed Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Thu, 19 Feb 2015 13:39:52 +0200 -Subject: [PATCH 26/26] cryptodev: simplify cryptodev pkc support code - -- Engine init returns directly a file descriptor instead of a pointer to one -- Similarly, the Engine close will now just close the file - -Change-Id: Ief736d0776c7009dee002204fb1d4ce9d31c8787 -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/34221 ---- - crypto/crypto.h | 2 +- - crypto/engine/eng_cryptodev.c | 35 +++----------------------- - crypto/engine/eng_int.h | 14 +++-------- - crypto/engine/eng_lib.c | 57 +++++++++++++++++++++---------------------- - crypto/engine/engine.h | 13 +++++----- - 5 files changed, 42 insertions(+), 79 deletions(-) - -diff --git a/crypto/crypto.h b/crypto/crypto.h -index ce12731..292427e 100644 ---- a/crypto/crypto.h -+++ b/crypto/crypto.h -@@ -618,7 +618,7 @@ struct pkc_cookie_s { - * -EINVAL: Parameters Invalid - */ - void (*pkc_callback)(struct pkc_cookie_s *cookie, int status); -- void *eng_handle; -+ int eng_handle; - }; - - #ifdef __cplusplus -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index c9db27d..f173bde 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -1742,7 +1742,7 @@ cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, - struct pkc_cookie_s *cookie = kop->cookie; - struct cryptodev_cookie_s *eng_cookie; - -- fd = *(int *)cookie->eng_handle; -+ fd = cookie->eng_handle; - - eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); - if (!eng_cookie) -@@ -1802,38 +1802,11 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) - return (ret); - } - --/* Close an opened instance of cryptodev engine */ --void cryptodev_close_instance(void *handle) --{ -- int fd; -- -- if (handle) { -- fd = *(int *)handle; -- close(fd); -- free(handle); -- } --} -- --/* Create an instance of cryptodev for asynchronous interface */ --void *cryptodev_init_instance(void) --{ -- int *fd = malloc(sizeof(int)); -- -- if (fd) { -- if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) { -- free(fd); -- return NULL; -- } -- } -- return fd; --} -- - #include - - /* Return 0 on success and 1 on failure */ --int cryptodev_check_availability(void *eng_handle) -+int cryptodev_check_availability(int fd) - { -- int fd = *(int *)eng_handle; - struct pkc_cookie_list_s cookie_list; - struct pkc_cookie_s *cookie; - int i; -@@ -4540,8 +4513,8 @@ ENGINE_load_cryptodev(void) - } - - ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability); -- ENGINE_set_close_instance(engine, cryptodev_close_instance); -- ENGINE_set_init_instance(engine, cryptodev_init_instance); -+ ENGINE_set_close_instance(engine, put_dev_crypto); -+ ENGINE_set_open_instance(engine, open_dev_crypto); - ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC); - - ENGINE_add(engine); -diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h -index 8fc3077..8fb79c0 100644 ---- a/crypto/engine/eng_int.h -+++ b/crypto/engine/eng_int.h -@@ -181,23 +181,15 @@ struct engine_st - ENGINE_LOAD_KEY_PTR load_pubkey; - - ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; -- /* -- * Instantiate Engine handle to be passed in check_pkc_availability -- * Ensure that Engine is instantiated before any pkc asynchronous call. -- */ -- void *(*engine_init_instance)(void); -- /* -- * Instantiated Engine handle will be closed with this call. -- * Ensure that no pkc asynchronous call is made after this call -- */ -- void (*engine_close_instance)(void *handle); -+ int (*engine_open_instance)(void); -+ int (*engine_close_instance)(int fd); - /* - * Check availability will extract the data from kernel. - * eng_handle: This is the Engine handle corresponds to which - * the cookies needs to be polled. - * return 0 if cookie available else 1 - */ -- int (*check_pkc_availability)(void *eng_handle); -+ int (*check_pkc_availability)(int fd); - /* - * The following map is used to check if the engine supports asynchronous implementation - * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous -diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c -index 6fa621c..6c9471b 100644 ---- a/crypto/engine/eng_lib.c -+++ b/crypto/engine/eng_lib.c -@@ -99,7 +99,7 @@ void engine_set_all_null(ENGINE *e) - e->load_privkey = NULL; - e->load_pubkey = NULL; - e->check_pkc_availability = NULL; -- e->engine_init_instance = NULL; -+ e->engine_open_instance = NULL; - e->engine_close_instance = NULL; - e->cmd_defns = NULL; - e->async_map = 0; -@@ -237,47 +237,46 @@ int ENGINE_set_id(ENGINE *e, const char *id) - return 1; - } - --void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)) -- { -- e->engine_init_instance = engine_init_instance; -- } -+void ENGINE_set_open_instance(ENGINE *e, int (*engine_open_instance)(void)) -+{ -+ e->engine_open_instance = engine_open_instance; -+} - --void ENGINE_set_close_instance(ENGINE *e, -- void (*engine_close_instance)(void *)) -- { -- e->engine_close_instance = engine_close_instance; -- } -+void ENGINE_set_close_instance(ENGINE *e, int (*engine_close_instance)(int)) -+{ -+ e->engine_close_instance = engine_close_instance; -+} - - void ENGINE_set_async_map(ENGINE *e, int async_map) - { - e->async_map = async_map; - } - --void *ENGINE_init_instance(ENGINE *e) -- { -- return e->engine_init_instance(); -- } -- --void ENGINE_close_instance(ENGINE *e, void *eng_handle) -- { -- e->engine_close_instance(eng_handle); -- } -- - int ENGINE_get_async_map(ENGINE *e) - { - return e->async_map; - } - --void ENGINE_set_check_pkc_availability(ENGINE *e, -- int (*check_pkc_availability)(void *eng_handle)) -- { -- e->check_pkc_availability = check_pkc_availability; -- } -+int ENGINE_open_instance(ENGINE *e) -+{ -+ return e->engine_open_instance(); -+} - --int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle) -- { -- return e->check_pkc_availability(eng_handle); -- } -+int ENGINE_close_instance(ENGINE *e, int fd) -+{ -+ return e->engine_close_instance(fd); -+} -+ -+void ENGINE_set_check_pkc_availability(ENGINE *e, -+ int (*check_pkc_availability)(int fd)) -+{ -+ e->check_pkc_availability = check_pkc_availability; -+} -+ -+int ENGINE_check_pkc_availability(ENGINE *e, int fd) -+{ -+ return e->check_pkc_availability(fd); -+} - - int ENGINE_set_name(ENGINE *e, const char *name) - { -diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h -index ccff86a..3ba3e97 100644 ---- a/crypto/engine/engine.h -+++ b/crypto/engine/engine.h -@@ -473,9 +473,6 @@ ENGINE *ENGINE_new(void); - int ENGINE_free(ENGINE *e); - int ENGINE_up_ref(ENGINE *e); - int ENGINE_set_id(ENGINE *e, const char *id); --void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)); --void ENGINE_set_close_instance(ENGINE *e, -- void (*engine_free_instance)(void *)); - /* - * Following FLAGS are bitmap store in async_map to set asynchronous interface capability - *of the engine -@@ -492,11 +489,13 @@ void ENGINE_set_async_map(ENGINE *e, int async_map); - * to confirm asynchronous methods supported - */ - int ENGINE_get_async_map(ENGINE *e); --void *ENGINE_init_instance(ENGINE *e); --void ENGINE_close_instance(ENGINE *e, void *eng_handle); -+int ENGINE_open_instance(ENGINE *e); -+int ENGINE_close_instance(ENGINE *e, int fd); -+void ENGINE_set_init_instance(ENGINE *e, int(*engine_init_instance)(void)); -+void ENGINE_set_close_instance(ENGINE *e, int(*engine_close_instance)(int)); - void ENGINE_set_check_pkc_availability(ENGINE *e, -- int (*check_pkc_availability)(void *eng_handle)); --int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle); -+ int (*check_pkc_availability)(int fd)); -+int ENGINE_check_pkc_availability(ENGINE *e, int fd); - int ENGINE_set_name(ENGINE *e, const char *name); - int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); - int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl.inc b/meta-fsl-ppc/recipes-connectivity/openssl/openssl.inc deleted file mode 100644 index ee02fb79..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl.inc +++ /dev/null @@ -1,173 +0,0 @@ -SUMMARY = "Secure Socket Layer" -DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." -HOMEPAGE = "http://www.openssl.org/" -BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" -SECTION = "libs/network" - -# "openssl | SSLeay" dual license -LICENSE = "openssl" -LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" - -DEPENDS = "perl-native-runtime" - -SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ - " -S = "${WORKDIR}/openssl-${PV}" - -PACKAGECONFIG[perl] = ",,," - -AR_append = " r" -# Avoid binaries being marked as requiring an executable stack since it -# doesn't(which causes and this causes issues with SELinux -CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ - -DTERMIO ${CFLAGS} -Wall -Wa,--noexecstack" - -# -02 does not work on mipsel: ssh hangs when it tries to read /dev/urandom -CFLAG_mtx-1 := "${@'${CFLAG}'.replace('-O2', '')}" -CFLAG_mtx-2 := "${@'${CFLAG}'.replace('-O2', '')}" - -export DIRS = "crypto ssl apps" -export EX_LIBS = "-lgcc -ldl" -export AS = "${CC} -c" - -inherit pkgconfig siteinfo multilib_header - -PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf" -FILES_libcrypto = "${base_libdir}/libcrypto${SOLIBS}" -FILES_libssl = "${libdir}/libssl.so.*" -FILES_${PN} =+ " ${libdir}/ssl/*" -FILES_${PN}-misc = "${libdir}/ssl/misc ${bindir}/c_rehash" -RDEPENDS_${PN}-misc = "${@base_contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" -FILES_${PN}-dev += "${base_libdir}/libcrypto${SOLIBSDEV}" - -# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto -# package RRECOMMENDS on this package. This will enable the configuration -# file to be installed for both the base openssl package and the libcrypto -# package since the base openssl package depends on the libcrypto package. -FILES_openssl-conf = "${libdir}/ssl/openssl.cnf" -CONFFILES_openssl-conf = "${libdir}/ssl/openssl.cnf" -RRECOMMENDS_libcrypto += "openssl-conf" - -do_configure_prepend_darwin () { - sed -i -e '/version-script=openssl\.ld/d' Configure -} - -do_configure () { - cd util - perl perlpath.pl ${STAGING_BINDIR_NATIVE} - cd .. - ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ - - os=${HOST_OS} - if [ "x$os" = "xlinux-uclibc" ]; then - os=linux - elif [ "x$os" = "xlinux-uclibceabi" ]; then - os=linux - elif [ "x$os" = "xlinux-uclibcspe" ]; then - os=linux - elif [ "x$os" = "xlinux-gnuspe" ]; then - os=linux - elif [ "x$os" = "xlinux-gnueabi" ]; then - os=linux - fi - target="$os-${HOST_ARCH}" - case $target in - linux-arm) - target=linux-armv4 - ;; - linux-armeb) - target=linux-elf-armeb - ;; - linux-aarch64*) - target=linux-generic64 - ;; - linux-sh3) - target=debian-sh3 - ;; - linux-sh4) - target=debian-sh4 - ;; - linux-i486) - target=debian-i386-i486 - ;; - linux-i586 | linux-viac3) - target=debian-i386-i586 - ;; - linux-i686) - target=debian-i386-i686/cmov - ;; - linux-gnux32-x86_64) - target=linux-x32 - ;; - linux-gnu64-x86_64) - target=linux-x86_64 - ;; - linux-mips) - target=debian-mips - ;; - linux-mipsel) - target=debian-mipsel - ;; - linux-*-mips64) - target=linux-mips - ;; - linux-powerpc) - target=linux-ppc - ;; - linux-powerpc64) - target=linux-ppc64 - ;; - linux-supersparc) - target=linux-sparcv8 - ;; - linux-sparc) - target=linux-sparcv8 - ;; - darwin-i386) - target=darwin-i386-cc - ;; - esac - # inject machine-specific flags - sed -i -e "s|^\(\"$target\",\s*\"[^:]\+\):\([^:]\+\)|\1:${CFLAG}|g" Configure - useprefix=${prefix} - if [ "x$useprefix" = "x" ]; then - useprefix=/ - fi - perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target -} - -do_compile () { - oe_runmake -} - -do_install () { - oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install - - oe_libinstall -so libcrypto ${D}${libdir} - oe_libinstall -so libssl ${D}${libdir} - - # Moving libcrypto to /lib - if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then - mkdir -p ${D}/${base_libdir}/ - mv ${D}${libdir}/libcrypto* ${D}${base_libdir}/ - sed -i s#libdir=\$\{exec_prefix\}\/lib#libdir=${base_libdir}# ${D}/${libdir}/pkgconfig/libcrypto.pc - fi - - install -d ${D}${includedir} - cp --dereference -R include/openssl ${D}${includedir} - - oe_multilib_header openssl/opensslconf.h - if [ "${@base_contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then - install -m 0755 ${S}/tools/c_rehash ${D}${bindir} - sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${bindir}/c_rehash - sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl - sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget - # The c_rehash utility isn't installed by the normal installation process. - else - rm -f ${D}${bindir}/c_rehash - rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget - fi -} - -BBCLASSEXTEND = "native nativesdk" - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/configure-targets.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/configure-targets.patch deleted file mode 100644 index c1f3d087..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/configure-targets.patch +++ /dev/null @@ -1,34 +0,0 @@ -Upstream-Status: Inappropriate [embedded specific] - -The number of colons are important :) - - ---- - Configure | 16 ++++++++++++++++ - 1 file changed, 16 insertions(+) - ---- a/Configure -+++ b/Configure -@@ -403,6 +403,22 @@ my %table=( - "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", - "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", - -+ # Linux on ARM -+"linux-elf-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-elf-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-gnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-uclibceabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-uclibceabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+ -+"linux-avr32","$ENV{'CC'}:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).", -+ -+#### Linux on MIPS/MIPS64 -+"linux-mips","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mips64","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mips64el","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mipsel","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+ - # Android: linux-* but without -DTERMIO and pointers to headers and libs. - "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch deleted file mode 100644 index ac1b19b9..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch +++ /dev/null @@ -1,45 +0,0 @@ -Upstream-Status: Backport [debian] - -From 83f318d68bbdab1ca898c94576a838cc97df4700 Mon Sep 17 00:00:00 2001 -From: Ludwig Nussel -Date: Wed, 21 Apr 2010 15:52:10 +0200 -Subject: [PATCH] also create old hash for compatibility - ---- - tools/c_rehash.in | 8 +++++++- - 1 files changed, 7 insertions(+), 1 deletions(-) - -Index: openssl-1.0.0d/tools/c_rehash.in -=================================================================== ---- openssl-1.0.0d.orig/tools/c_rehash.in 2011-04-13 20:41:28.000000000 +0000 -+++ openssl-1.0.0d/tools/c_rehash.in 2011-04-13 20:41:28.000000000 +0000 -@@ -86,6 +86,7 @@ - } - } - link_hash_cert($fname) if($cert); -+ link_hash_cert_old($fname) if($cert); - link_hash_crl($fname) if($crl); - } - } -@@ -119,8 +120,9 @@ - - sub link_hash_cert { - my $fname = $_[0]; -+ my $hashopt = $_[1] || '-subject_hash'; - $fname =~ s/'/'\\''/g; -- my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in "$fname"`; -+ my ($hash, $fprint) = `"$openssl" x509 $hashopt -fingerprint -noout -in "$fname"`; - chomp $hash; - chomp $fprint; - $fprint =~ s/^.*=//; -@@ -150,6 +152,10 @@ - $hashlist{$hash} = $fprint; - } - -+sub link_hash_cert_old { -+ link_hash_cert($_[0], '-subject_hash_old'); -+} -+ - # Same as above except for a CRL. CRL links are of the form .r - - sub link_hash_crl { diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/ca.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/ca.patch deleted file mode 100644 index aba4d429..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/ca.patch +++ /dev/null @@ -1,22 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-0.9.8m/apps/CA.pl.in -=================================================================== ---- openssl-0.9.8m.orig/apps/CA.pl.in 2006-04-28 00:28:51.000000000 +0000 -+++ openssl-0.9.8m/apps/CA.pl.in 2010-02-27 00:36:51.000000000 +0000 -@@ -65,6 +65,7 @@ - foreach (@ARGV) { - if ( /^(-\?|-h|-help)$/ ) { - print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; -+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; - exit 0; - } elsif (/^-newcert$/) { - # create a certificate -@@ -165,6 +166,7 @@ - } else { - print STDERR "Unknown arg $_\n"; - print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; -+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; - exit 1; - } - } diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/debian-targets.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/debian-targets.patch deleted file mode 100644 index 8101edf0..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/debian-targets.patch +++ /dev/null @@ -1,66 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.1/Configure -=================================================================== ---- openssl-1.0.1.orig/Configure 2012-03-17 15:37:54.000000000 +0000 -+++ openssl-1.0.1/Configure 2012-03-17 16:13:49.000000000 +0000 -@@ -105,6 +105,10 @@ - - my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED"; - -+# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS -+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall"; -+$debian_cflags =~ s/\n/ /g; -+ - my $strict_warnings = 0; - - my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; -@@ -338,6 +342,48 @@ - "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so", - "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so", - -+# Debian GNU/* (various architectures) -+"debian-alpha","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-alpha-ev4","gcc:-DTERMIO ${debian_cflags} -mcpu=ev4::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-alpha-ev5","gcc:-DTERMIO ${debian_cflags} -mcpu=ev5::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-armeb","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-armel","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-armhf","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::", -+"debian-avr32", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -fomit-frame-pointer::-D_REENTRANT::-ldl:BN_LLONG_BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-hppa","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -mtune=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-ia64","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i586::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i686::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-m68k","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mips", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags}::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags} -mv8::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-openbsd-alpha","gcc:-DTERMIOS ${debian_cflags}::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-openbsd-mips","gcc:-DL_ENDIAN ${debian_cflags}::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-powerpcspe","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-s390","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-s390x","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-m32r","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v8 -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v9 -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags} -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+ - #### - #### Variety of LINUX:-) - #### diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/make-targets.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/make-targets.patch deleted file mode 100644 index ee0a62c3..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/make-targets.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.1/Makefile.org -=================================================================== ---- openssl-1.0.1.orig/Makefile.org 2012-03-17 09:41:07.000000000 +0000 -+++ openssl-1.0.1/Makefile.org 2012-03-17 09:41:21.000000000 +0000 -@@ -135,7 +135,7 @@ - - BASEADDR= - --DIRS= crypto ssl engines apps test tools -+DIRS= crypto ssl engines apps tools - ENGDIRS= ccgost - SHLIBDIRS= crypto ssl - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/man-dir.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/man-dir.patch deleted file mode 100644 index 4085e3b1..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/man-dir.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.0c/Makefile.org -=================================================================== ---- openssl-1.0.0c.orig/Makefile.org 2010-12-12 16:11:27.000000000 +0100 -+++ openssl-1.0.0c/Makefile.org 2010-12-12 16:11:37.000000000 +0100 -@@ -131,7 +131,7 @@ - - MAKEFILE= Makefile - --MANDIR=$(OPENSSLDIR)/man -+MANDIR=/usr/share/man - MAN1=1 - MAN3=3 - MANSUFFIX= diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/man-section.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/man-section.patch deleted file mode 100644 index 21c1d1a4..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/man-section.patch +++ /dev/null @@ -1,34 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.0c/Makefile.org -=================================================================== ---- openssl-1.0.0c.orig/Makefile.org 2010-12-12 16:11:37.000000000 +0100 -+++ openssl-1.0.0c/Makefile.org 2010-12-12 16:13:28.000000000 +0100 -@@ -160,7 +160,8 @@ - MANDIR=/usr/share/man - MAN1=1 - MAN3=3 --MANSUFFIX= -+MANSUFFIX=ssl -+MANSECTION=SSL - HTMLSUFFIX=html - HTMLDIR=$(OPENSSLDIR)/html - SHELL=/bin/sh -@@ -651,7 +652,7 @@ - echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ - (cd `$(PERL) util/dirname.pl $$i`; \ - sh -c "$$pod2man \ -- --section=$$sec --center=OpenSSL \ -+ --section=$${sec}$(MANSECTION) --center=OpenSSL \ - --release=$(VERSION) `basename $$i`") \ - > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ - $(PERL) util/extract-names.pl < $$i | \ -@@ -668,7 +669,7 @@ - echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ - (cd `$(PERL) util/dirname.pl $$i`; \ - sh -c "$$pod2man \ -- --section=$$sec --center=OpenSSL \ -+ --section=$${sec}$(MANSECTION) --center=OpenSSL \ - --release=$(VERSION) `basename $$i`") \ - > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ - $(PERL) util/extract-names.pl < $$i | \ diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/no-rpath.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/no-rpath.patch deleted file mode 100644 index 1ccb3b86..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/no-rpath.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.0c/Makefile.shared -=================================================================== ---- openssl-1.0.0c.orig/Makefile.shared 2010-08-21 13:36:49.000000000 +0200 -+++ openssl-1.0.0c/Makefile.shared 2010-12-12 16:13:36.000000000 +0100 -@@ -153,7 +153,7 @@ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ - SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" - --DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" -+DO_GNU_APP=LDFLAGS="$(CFLAGS)" - - #This is rather special. It's a special target with which one can link - #applications without bothering with any features that have anything to diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch deleted file mode 100644 index cc4408ab..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.0c/Makefile.shared -=================================================================== ---- openssl-1.0.0c.orig/Makefile.shared 2010-12-12 16:13:36.000000000 +0100 -+++ openssl-1.0.0c/Makefile.shared 2010-12-12 16:13:44.000000000 +0100 -@@ -151,7 +151,7 @@ - SHLIB_SUFFIX=; \ - ALLSYMSFLAGS='-Wl,--whole-archive'; \ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ -- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" -+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" - - DO_GNU_APP=LDFLAGS="$(CFLAGS)" - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/pic.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/pic.patch deleted file mode 100644 index bfda3888..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/pic.patch +++ /dev/null @@ -1,177 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.1c/crypto/des/asm/desboth.pl -=================================================================== ---- openssl-1.0.1c.orig/crypto/des/asm/desboth.pl 2001-10-24 23:20:56.000000000 +0200 -+++ openssl-1.0.1c/crypto/des/asm/desboth.pl 2012-07-29 14:15:26.000000000 +0200 -@@ -16,6 +16,11 @@ - - &push("edi"); - -+ &call (&label("pic_point0")); -+ &set_label("pic_point0"); -+ &blindpop("ebp"); -+ &add ("ebp", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]"); -+ - &comment(""); - &comment("Load the data words"); - &mov($L,&DWP(0,"ebx","",0)); -@@ -47,15 +52,21 @@ - &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); - &mov(&swtmp(1), "eax"); - &mov(&swtmp(0), "ebx"); -- &call("DES_encrypt2"); -+ &exch("ebx", "ebp"); -+ &call("DES_encrypt2\@PLT"); -+ &exch("ebx", "ebp"); - &mov(&swtmp(2), (DWC(($enc)?"0":"1"))); - &mov(&swtmp(1), "edi"); - &mov(&swtmp(0), "ebx"); -- &call("DES_encrypt2"); -+ &exch("ebx", "ebp"); -+ &call("DES_encrypt2\@PLT"); -+ &exch("ebx", "ebp"); - &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); - &mov(&swtmp(1), "esi"); - &mov(&swtmp(0), "ebx"); -- &call("DES_encrypt2"); -+ &exch("ebx", "ebp"); -+ &call("DES_encrypt2\@PLT"); -+ &exch("ebx", "ebp"); - - &stack_pop(3); - &mov($L,&DWP(0,"ebx","",0)); -Index: openssl-1.0.1c/crypto/perlasm/cbc.pl -=================================================================== ---- openssl-1.0.1c.orig/crypto/perlasm/cbc.pl 2011-07-13 08:22:46.000000000 +0200 -+++ openssl-1.0.1c/crypto/perlasm/cbc.pl 2012-07-29 14:15:26.000000000 +0200 -@@ -122,7 +122,11 @@ - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - -- &call($enc_func); -+ &call (&label("pic_point0")); -+ &set_label("pic_point0"); -+ &blindpop("ebx"); -+ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]"); -+ &call("$enc_func\@PLT"); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); -@@ -185,7 +189,11 @@ - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - -- &call($enc_func); -+ &call (&label("pic_point1")); -+ &set_label("pic_point1"); -+ &blindpop("ebx"); -+ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point1") . "]"); -+ &call("$enc_func\@PLT"); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); -@@ -218,7 +226,11 @@ - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - -- &call($dec_func); -+ &call (&label("pic_point2")); -+ &set_label("pic_point2"); -+ &blindpop("ebx"); -+ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point2") . "]"); -+ &call("$dec_func\@PLT"); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # -@@ -261,7 +273,11 @@ - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - -- &call($dec_func); -+ &call (&label("pic_point3")); -+ &set_label("pic_point3"); -+ &blindpop("ebx"); -+ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point3") . "]"); -+ &call("$dec_func\@PLT"); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # -Index: openssl-1.0.1c/crypto/perlasm/x86gas.pl -=================================================================== ---- openssl-1.0.1c.orig/crypto/perlasm/x86gas.pl 2011-12-09 20:16:35.000000000 +0100 -+++ openssl-1.0.1c/crypto/perlasm/x86gas.pl 2012-07-29 14:15:26.000000000 +0200 -@@ -161,6 +161,7 @@ - if ($::macosx) { push (@out,"$tmp,2\n"); } - elsif ($::elf) { push (@out,"$tmp,4\n"); } - else { push (@out,"$tmp\n"); } -+ if ($::elf) { push (@out,".hidden\tOPENSSL_ia32cap_P\n"); } - } - push(@out,$initseg) if ($initseg); - } -@@ -218,8 +219,23 @@ - elsif ($::elf) - { $initseg.=<<___; - .section .init -+___ -+ if ($::pic) -+ { $initseg.=<<___; -+ pushl %ebx -+ call .pic_point0 -+.pic_point0: -+ popl %ebx -+ addl \$_GLOBAL_OFFSET_TABLE_+[.-.pic_point0],%ebx -+ call $f\@PLT -+ popl %ebx -+___ -+ } -+ else -+ { $initseg.=<<___; - call $f - ___ -+ } - } - elsif ($::coff) - { $initseg.=<<___; # applies to both Cygwin and Mingw -Index: openssl-1.0.1c/crypto/x86cpuid.pl -=================================================================== ---- openssl-1.0.1c.orig/crypto/x86cpuid.pl 2012-02-28 15:20:34.000000000 +0100 -+++ openssl-1.0.1c/crypto/x86cpuid.pl 2012-07-29 14:15:26.000000000 +0200 -@@ -8,6 +8,8 @@ - - for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -+push(@out, ".hidden OPENSSL_ia32cap_P\n"); -+ - &function_begin("OPENSSL_ia32_cpuid"); - &xor ("edx","edx"); - &pushf (); -@@ -139,9 +141,7 @@ - &set_label("nocpuid"); - &function_end("OPENSSL_ia32_cpuid"); - --&external_label("OPENSSL_ia32cap_P"); -- --&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); -+&function_begin_B("OPENSSL_rdtsc"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); -@@ -155,7 +155,7 @@ - # This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host], - # but it's safe to call it on any [supported] 32-bit platform... - # Just check for [non-]zero return value... --&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); -+&function_begin_B("OPENSSL_instrument_halt"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &bt (&DWP(0,"ecx"),4); - &jnc (&label("nohalt")); # no TSC -@@ -222,7 +222,7 @@ - &ret (); - &function_end_B("OPENSSL_far_spin"); - --&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); -+&function_begin_B("OPENSSL_wipe_cpu"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/version-script.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/version-script.patch deleted file mode 100644 index ece8b9b4..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/debian/version-script.patch +++ /dev/null @@ -1,4670 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.1d/Configure -=================================================================== ---- openssl-1.0.1d.orig/Configure 2013-02-06 19:41:43.000000000 +0100 -+++ openssl-1.0.1d/Configure 2013-02-06 19:41:43.000000000 +0100 -@@ -1621,6 +1621,8 @@ - } - } - -+$shared_ldflag .= " -Wl,--version-script=openssl.ld"; -+ - open(IN,'$Makefile.new") || die "unable to create $Makefile.new:$!\n"; -Index: openssl-1.0.1d/openssl.ld -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.0.1d/openssl.ld 2013-02-06 19:44:25.000000000 +0100 -@@ -0,0 +1,4620 @@ -+OPENSSL_1.0.0 { -+ global: -+ BIO_f_ssl; -+ BIO_new_buffer_ssl_connect; -+ BIO_new_ssl; -+ BIO_new_ssl_connect; -+ BIO_proxy_ssl_copy_session_id; -+ BIO_ssl_copy_session_id; -+ BIO_ssl_shutdown; -+ d2i_SSL_SESSION; -+ DTLSv1_client_method; -+ DTLSv1_method; -+ DTLSv1_server_method; -+ ERR_load_SSL_strings; -+ i2d_SSL_SESSION; -+ kssl_build_principal_2; -+ kssl_cget_tkt; -+ kssl_check_authent; -+ kssl_ctx_free; -+ kssl_ctx_new; -+ kssl_ctx_setkey; -+ kssl_ctx_setprinc; -+ kssl_ctx_setstring; -+ kssl_ctx_show; -+ kssl_err_set; -+ kssl_krb5_free_data_contents; -+ kssl_sget_tkt; -+ kssl_skip_confound; -+ kssl_validate_times; -+ PEM_read_bio_SSL_SESSION; -+ PEM_read_SSL_SESSION; -+ PEM_write_bio_SSL_SESSION; -+ PEM_write_SSL_SESSION; -+ SSL_accept; -+ SSL_add_client_CA; -+ SSL_add_dir_cert_subjects_to_stack; -+ SSL_add_dir_cert_subjs_to_stk; -+ SSL_add_file_cert_subjects_to_stack; -+ SSL_add_file_cert_subjs_to_stk; -+ SSL_alert_desc_string; -+ SSL_alert_desc_string_long; -+ SSL_alert_type_string; -+ SSL_alert_type_string_long; -+ SSL_callback_ctrl; -+ SSL_check_private_key; -+ SSL_CIPHER_description; -+ SSL_CIPHER_get_bits; -+ SSL_CIPHER_get_name; -+ SSL_CIPHER_get_version; -+ SSL_clear; -+ SSL_COMP_add_compression_method; -+ SSL_COMP_get_compression_methods; -+ SSL_COMP_get_compress_methods; -+ SSL_COMP_get_name; -+ SSL_connect; -+ SSL_copy_session_id; -+ SSL_ctrl; -+ SSL_CTX_add_client_CA; -+ SSL_CTX_add_session; -+ SSL_CTX_callback_ctrl; -+ SSL_CTX_check_private_key; -+ SSL_CTX_ctrl; -+ SSL_CTX_flush_sessions; -+ SSL_CTX_free; -+ SSL_CTX_get_cert_store; -+ SSL_CTX_get_client_CA_list; -+ SSL_CTX_get_client_cert_cb; -+ SSL_CTX_get_ex_data; -+ SSL_CTX_get_ex_new_index; -+ SSL_CTX_get_info_callback; -+ SSL_CTX_get_quiet_shutdown; -+ SSL_CTX_get_timeout; -+ SSL_CTX_get_verify_callback; -+ SSL_CTX_get_verify_depth; -+ SSL_CTX_get_verify_mode; -+ SSL_CTX_load_verify_locations; -+ SSL_CTX_new; -+ SSL_CTX_remove_session; -+ SSL_CTX_sess_get_get_cb; -+ SSL_CTX_sess_get_new_cb; -+ SSL_CTX_sess_get_remove_cb; -+ SSL_CTX_sessions; -+ SSL_CTX_sess_set_get_cb; -+ SSL_CTX_sess_set_new_cb; -+ SSL_CTX_sess_set_remove_cb; -+ SSL_CTX_set1_param; -+ SSL_CTX_set_cert_store; -+ SSL_CTX_set_cert_verify_callback; -+ SSL_CTX_set_cert_verify_cb; -+ SSL_CTX_set_cipher_list; -+ SSL_CTX_set_client_CA_list; -+ SSL_CTX_set_client_cert_cb; -+ SSL_CTX_set_client_cert_engine; -+ SSL_CTX_set_cookie_generate_cb; -+ SSL_CTX_set_cookie_verify_cb; -+ SSL_CTX_set_default_passwd_cb; -+ SSL_CTX_set_default_passwd_cb_userdata; -+ SSL_CTX_set_default_verify_paths; -+ SSL_CTX_set_def_passwd_cb_ud; -+ SSL_CTX_set_def_verify_paths; -+ SSL_CTX_set_ex_data; -+ SSL_CTX_set_generate_session_id; -+ SSL_CTX_set_info_callback; -+ SSL_CTX_set_msg_callback; -+ SSL_CTX_set_psk_client_callback; -+ SSL_CTX_set_psk_server_callback; -+ SSL_CTX_set_purpose; -+ SSL_CTX_set_quiet_shutdown; -+ SSL_CTX_set_session_id_context; -+ SSL_CTX_set_ssl_version; -+ SSL_CTX_set_timeout; -+ SSL_CTX_set_tmp_dh_callback; -+ SSL_CTX_set_tmp_ecdh_callback; -+ SSL_CTX_set_tmp_rsa_callback; -+ SSL_CTX_set_trust; -+ SSL_CTX_set_verify; -+ SSL_CTX_set_verify_depth; -+ SSL_CTX_use_cert_chain_file; -+ SSL_CTX_use_certificate; -+ SSL_CTX_use_certificate_ASN1; -+ SSL_CTX_use_certificate_chain_file; -+ SSL_CTX_use_certificate_file; -+ SSL_CTX_use_PrivateKey; -+ SSL_CTX_use_PrivateKey_ASN1; -+ SSL_CTX_use_PrivateKey_file; -+ SSL_CTX_use_psk_identity_hint; -+ SSL_CTX_use_RSAPrivateKey; -+ SSL_CTX_use_RSAPrivateKey_ASN1; -+ SSL_CTX_use_RSAPrivateKey_file; -+ SSL_do_handshake; -+ SSL_dup; -+ SSL_dup_CA_list; -+ SSLeay_add_ssl_algorithms; -+ SSL_free; -+ SSL_get1_session; -+ SSL_get_certificate; -+ SSL_get_cipher_list; -+ SSL_get_ciphers; -+ SSL_get_client_CA_list; -+ SSL_get_current_cipher; -+ SSL_get_current_compression; -+ SSL_get_current_expansion; -+ SSL_get_default_timeout; -+ SSL_get_error; -+ SSL_get_ex_data; -+ SSL_get_ex_data_X509_STORE_CTX_idx; -+ SSL_get_ex_d_X509_STORE_CTX_idx; -+ SSL_get_ex_new_index; -+ SSL_get_fd; -+ SSL_get_finished; -+ SSL_get_info_callback; -+ SSL_get_peer_cert_chain; -+ SSL_get_peer_certificate; -+ SSL_get_peer_finished; -+ SSL_get_privatekey; -+ SSL_get_psk_identity; -+ SSL_get_psk_identity_hint; -+ SSL_get_quiet_shutdown; -+ SSL_get_rbio; -+ SSL_get_read_ahead; -+ SSL_get_rfd; -+ SSL_get_servername; -+ SSL_get_servername_type; -+ SSL_get_session; -+ SSL_get_shared_ciphers; -+ SSL_get_shutdown; -+ SSL_get_SSL_CTX; -+ SSL_get_ssl_method; -+ SSL_get_verify_callback; -+ SSL_get_verify_depth; -+ SSL_get_verify_mode; -+ SSL_get_verify_result; -+ SSL_get_version; -+ SSL_get_wbio; -+ SSL_get_wfd; -+ SSL_has_matching_session_id; -+ SSL_library_init; -+ SSL_load_client_CA_file; -+ SSL_load_error_strings; -+ SSL_new; -+ SSL_peek; -+ SSL_pending; -+ SSL_read; -+ SSL_renegotiate; -+ SSL_renegotiate_pending; -+ SSL_rstate_string; -+ SSL_rstate_string_long; -+ SSL_SESSION_cmp; -+ SSL_SESSION_free; -+ SSL_SESSION_get_ex_data; -+ SSL_SESSION_get_ex_new_index; -+ SSL_SESSION_get_id; -+ SSL_SESSION_get_time; -+ SSL_SESSION_get_timeout; -+ SSL_SESSION_hash; -+ SSL_SESSION_new; -+ SSL_SESSION_print; -+ SSL_SESSION_print_fp; -+ SSL_SESSION_set_ex_data; -+ SSL_SESSION_set_time; -+ SSL_SESSION_set_timeout; -+ SSL_set1_param; -+ SSL_set_accept_state; -+ SSL_set_bio; -+ SSL_set_cipher_list; -+ SSL_set_client_CA_list; -+ SSL_set_connect_state; -+ SSL_set_ex_data; -+ SSL_set_fd; -+ SSL_set_generate_session_id; -+ SSL_set_info_callback; -+ SSL_set_msg_callback; -+ SSL_set_psk_client_callback; -+ SSL_set_psk_server_callback; -+ SSL_set_purpose; -+ SSL_set_quiet_shutdown; -+ SSL_set_read_ahead; -+ SSL_set_rfd; -+ SSL_set_session; -+ SSL_set_session_id_context; -+ SSL_set_session_secret_cb; -+ SSL_set_session_ticket_ext; -+ SSL_set_session_ticket_ext_cb; -+ SSL_set_shutdown; -+ SSL_set_SSL_CTX; -+ SSL_set_ssl_method; -+ SSL_set_tmp_dh_callback; -+ SSL_set_tmp_ecdh_callback; -+ SSL_set_tmp_rsa_callback; -+ SSL_set_trust; -+ SSL_set_verify; -+ SSL_set_verify_depth; -+ SSL_set_verify_result; -+ SSL_set_wfd; -+ SSL_shutdown; -+ SSL_state; -+ SSL_state_string; -+ SSL_state_string_long; -+ SSL_use_certificate; -+ SSL_use_certificate_ASN1; -+ SSL_use_certificate_file; -+ SSL_use_PrivateKey; -+ SSL_use_PrivateKey_ASN1; -+ SSL_use_PrivateKey_file; -+ SSL_use_psk_identity_hint; -+ SSL_use_RSAPrivateKey; -+ SSL_use_RSAPrivateKey_ASN1; -+ SSL_use_RSAPrivateKey_file; -+ SSLv23_client_method; -+ SSLv23_method; -+ SSLv23_server_method; -+ SSLv2_client_method; -+ SSLv2_method; -+ SSLv2_server_method; -+ SSLv3_client_method; -+ SSLv3_method; -+ SSLv3_server_method; -+ SSL_version; -+ SSL_want; -+ SSL_write; -+ TLSv1_client_method; -+ TLSv1_method; -+ TLSv1_server_method; -+ -+ -+ SSLeay; -+ SSLeay_version; -+ ASN1_BIT_STRING_asn1_meth; -+ ASN1_HEADER_free; -+ ASN1_HEADER_new; -+ ASN1_IA5STRING_asn1_meth; -+ ASN1_INTEGER_get; -+ ASN1_INTEGER_set; -+ ASN1_INTEGER_to_BN; -+ ASN1_OBJECT_create; -+ ASN1_OBJECT_free; -+ ASN1_OBJECT_new; -+ ASN1_PRINTABLE_type; -+ ASN1_STRING_cmp; -+ ASN1_STRING_dup; -+ ASN1_STRING_free; -+ ASN1_STRING_new; -+ ASN1_STRING_print; -+ ASN1_STRING_set; -+ ASN1_STRING_type_new; -+ ASN1_TYPE_free; -+ ASN1_TYPE_new; -+ ASN1_UNIVERSALSTRING_to_string; -+ ASN1_UTCTIME_check; -+ ASN1_UTCTIME_print; -+ ASN1_UTCTIME_set; -+ ASN1_check_infinite_end; -+ ASN1_d2i_bio; -+ ASN1_d2i_fp; -+ ASN1_digest; -+ ASN1_dup; -+ ASN1_get_object; -+ ASN1_i2d_bio; -+ ASN1_i2d_fp; -+ ASN1_object_size; -+ ASN1_parse; -+ ASN1_put_object; -+ ASN1_sign; -+ ASN1_verify; -+ BF_cbc_encrypt; -+ BF_cfb64_encrypt; -+ BF_ecb_encrypt; -+ BF_encrypt; -+ BF_ofb64_encrypt; -+ BF_options; -+ BF_set_key; -+ BIO_CONNECT_free; -+ BIO_CONNECT_new; -+ BIO_accept; -+ BIO_ctrl; -+ BIO_int_ctrl; -+ BIO_debug_callback; -+ BIO_dump; -+ BIO_dup_chain; -+ BIO_f_base64; -+ BIO_f_buffer; -+ BIO_f_cipher; -+ BIO_f_md; -+ BIO_f_null; -+ BIO_f_proxy_server; -+ BIO_fd_non_fatal_error; -+ BIO_fd_should_retry; -+ BIO_find_type; -+ BIO_free; -+ BIO_free_all; -+ BIO_get_accept_socket; -+ BIO_get_filter_bio; -+ BIO_get_host_ip; -+ BIO_get_port; -+ BIO_get_retry_BIO; -+ BIO_get_retry_reason; -+ BIO_gethostbyname; -+ BIO_gets; -+ BIO_new; -+ BIO_new_accept; -+ BIO_new_connect; -+ BIO_new_fd; -+ BIO_new_file; -+ BIO_new_fp; -+ BIO_new_socket; -+ BIO_pop; -+ BIO_printf; -+ BIO_push; -+ BIO_puts; -+ BIO_read; -+ BIO_s_accept; -+ BIO_s_connect; -+ BIO_s_fd; -+ BIO_s_file; -+ BIO_s_mem; -+ BIO_s_null; -+ BIO_s_proxy_client; -+ BIO_s_socket; -+ BIO_set; -+ BIO_set_cipher; -+ BIO_set_tcp_ndelay; -+ BIO_sock_cleanup; -+ BIO_sock_error; -+ BIO_sock_init; -+ BIO_sock_non_fatal_error; -+ BIO_sock_should_retry; -+ BIO_socket_ioctl; -+ BIO_write; -+ BN_CTX_free; -+ BN_CTX_new; -+ BN_MONT_CTX_free; -+ BN_MONT_CTX_new; -+ BN_MONT_CTX_set; -+ BN_add; -+ BN_add_word; -+ BN_hex2bn; -+ BN_bin2bn; -+ BN_bn2hex; -+ BN_bn2bin; -+ BN_clear; -+ BN_clear_bit; -+ BN_clear_free; -+ BN_cmp; -+ BN_copy; -+ BN_div; -+ BN_div_word; -+ BN_dup; -+ BN_free; -+ BN_from_montgomery; -+ BN_gcd; -+ BN_generate_prime; -+ BN_get_word; -+ BN_is_bit_set; -+ BN_is_prime; -+ BN_lshift; -+ BN_lshift1; -+ BN_mask_bits; -+ BN_mod; -+ BN_mod_exp; -+ BN_mod_exp_mont; -+ BN_mod_exp_simple; -+ BN_mod_inverse; -+ BN_mod_mul; -+ BN_mod_mul_montgomery; -+ BN_mod_word; -+ BN_mul; -+ BN_new; -+ BN_num_bits; -+ BN_num_bits_word; -+ BN_options; -+ BN_print; -+ BN_print_fp; -+ BN_rand; -+ BN_reciprocal; -+ BN_rshift; -+ BN_rshift1; -+ BN_set_bit; -+ BN_set_word; -+ BN_sqr; -+ BN_sub; -+ BN_to_ASN1_INTEGER; -+ BN_ucmp; -+ BN_value_one; -+ BUF_MEM_free; -+ BUF_MEM_grow; -+ BUF_MEM_new; -+ BUF_strdup; -+ CONF_free; -+ CONF_get_number; -+ CONF_get_section; -+ CONF_get_string; -+ CONF_load; -+ CRYPTO_add_lock; -+ CRYPTO_dbg_free; -+ CRYPTO_dbg_malloc; -+ CRYPTO_dbg_realloc; -+ CRYPTO_dbg_remalloc; -+ CRYPTO_free; -+ CRYPTO_get_add_lock_callback; -+ CRYPTO_get_id_callback; -+ CRYPTO_get_lock_name; -+ CRYPTO_get_locking_callback; -+ CRYPTO_get_mem_functions; -+ CRYPTO_lock; -+ CRYPTO_malloc; -+ CRYPTO_mem_ctrl; -+ CRYPTO_mem_leaks; -+ CRYPTO_mem_leaks_cb; -+ CRYPTO_mem_leaks_fp; -+ CRYPTO_realloc; -+ CRYPTO_remalloc; -+ CRYPTO_set_add_lock_callback; -+ CRYPTO_set_id_callback; -+ CRYPTO_set_locking_callback; -+ CRYPTO_set_mem_functions; -+ CRYPTO_thread_id; -+ DH_check; -+ DH_compute_key; -+ DH_free; -+ DH_generate_key; -+ DH_generate_parameters; -+ DH_new; -+ DH_size; -+ DHparams_print; -+ DHparams_print_fp; -+ DSA_free; -+ DSA_generate_key; -+ DSA_generate_parameters; -+ DSA_is_prime; -+ DSA_new; -+ DSA_print; -+ DSA_print_fp; -+ DSA_sign; -+ DSA_sign_setup; -+ DSA_size; -+ DSA_verify; -+ DSAparams_print; -+ DSAparams_print_fp; -+ ERR_clear_error; -+ ERR_error_string; -+ ERR_free_strings; -+ ERR_func_error_string; -+ ERR_get_err_state_table; -+ ERR_get_error; -+ ERR_get_error_line; -+ ERR_get_state; -+ ERR_get_string_table; -+ ERR_lib_error_string; -+ ERR_load_ASN1_strings; -+ ERR_load_BIO_strings; -+ ERR_load_BN_strings; -+ ERR_load_BUF_strings; -+ ERR_load_CONF_strings; -+ ERR_load_DH_strings; -+ ERR_load_DSA_strings; -+ ERR_load_ERR_strings; -+ ERR_load_EVP_strings; -+ ERR_load_OBJ_strings; -+ ERR_load_PEM_strings; -+ ERR_load_PROXY_strings; -+ ERR_load_RSA_strings; -+ ERR_load_X509_strings; -+ ERR_load_crypto_strings; -+ ERR_load_strings; -+ ERR_peek_error; -+ ERR_peek_error_line; -+ ERR_print_errors; -+ ERR_print_errors_fp; -+ ERR_put_error; -+ ERR_reason_error_string; -+ ERR_remove_state; -+ EVP_BytesToKey; -+ EVP_CIPHER_CTX_cleanup; -+ EVP_CipherFinal; -+ EVP_CipherInit; -+ EVP_CipherUpdate; -+ EVP_DecodeBlock; -+ EVP_DecodeFinal; -+ EVP_DecodeInit; -+ EVP_DecodeUpdate; -+ EVP_DecryptFinal; -+ EVP_DecryptInit; -+ EVP_DecryptUpdate; -+ EVP_DigestFinal; -+ EVP_DigestInit; -+ EVP_DigestUpdate; -+ EVP_EncodeBlock; -+ EVP_EncodeFinal; -+ EVP_EncodeInit; -+ EVP_EncodeUpdate; -+ EVP_EncryptFinal; -+ EVP_EncryptInit; -+ EVP_EncryptUpdate; -+ EVP_OpenFinal; -+ EVP_OpenInit; -+ EVP_PKEY_assign; -+ EVP_PKEY_copy_parameters; -+ EVP_PKEY_free; -+ EVP_PKEY_missing_parameters; -+ EVP_PKEY_new; -+ EVP_PKEY_save_parameters; -+ EVP_PKEY_size; -+ EVP_PKEY_type; -+ EVP_SealFinal; -+ EVP_SealInit; -+ EVP_SignFinal; -+ EVP_VerifyFinal; -+ EVP_add_alias; -+ EVP_add_cipher; -+ EVP_add_digest; -+ EVP_bf_cbc; -+ EVP_bf_cfb64; -+ EVP_bf_ecb; -+ EVP_bf_ofb; -+ EVP_cleanup; -+ EVP_des_cbc; -+ EVP_des_cfb64; -+ EVP_des_ecb; -+ EVP_des_ede; -+ EVP_des_ede3; -+ EVP_des_ede3_cbc; -+ EVP_des_ede3_cfb64; -+ EVP_des_ede3_ofb; -+ EVP_des_ede_cbc; -+ EVP_des_ede_cfb64; -+ EVP_des_ede_ofb; -+ EVP_des_ofb; -+ EVP_desx_cbc; -+ EVP_dss; -+ EVP_dss1; -+ EVP_enc_null; -+ EVP_get_cipherbyname; -+ EVP_get_digestbyname; -+ EVP_get_pw_prompt; -+ EVP_idea_cbc; -+ EVP_idea_cfb64; -+ EVP_idea_ecb; -+ EVP_idea_ofb; -+ EVP_md2; -+ EVP_md5; -+ EVP_md_null; -+ EVP_rc2_cbc; -+ EVP_rc2_cfb64; -+ EVP_rc2_ecb; -+ EVP_rc2_ofb; -+ EVP_rc4; -+ EVP_read_pw_string; -+ EVP_set_pw_prompt; -+ EVP_sha; -+ EVP_sha1; -+ MD2; -+ MD2_Final; -+ MD2_Init; -+ MD2_Update; -+ MD2_options; -+ MD5; -+ MD5_Final; -+ MD5_Init; -+ MD5_Update; -+ MDC2; -+ MDC2_Final; -+ MDC2_Init; -+ MDC2_Update; -+ NETSCAPE_SPKAC_free; -+ NETSCAPE_SPKAC_new; -+ NETSCAPE_SPKI_free; -+ NETSCAPE_SPKI_new; -+ NETSCAPE_SPKI_sign; -+ NETSCAPE_SPKI_verify; -+ OBJ_add_object; -+ OBJ_bsearch; -+ OBJ_cleanup; -+ OBJ_cmp; -+ OBJ_create; -+ OBJ_dup; -+ OBJ_ln2nid; -+ OBJ_new_nid; -+ OBJ_nid2ln; -+ OBJ_nid2obj; -+ OBJ_nid2sn; -+ OBJ_obj2nid; -+ OBJ_sn2nid; -+ OBJ_txt2nid; -+ PEM_ASN1_read; -+ PEM_ASN1_read_bio; -+ PEM_ASN1_write; -+ PEM_ASN1_write_bio; -+ PEM_SealFinal; -+ PEM_SealInit; -+ PEM_SealUpdate; -+ PEM_SignFinal; -+ PEM_SignInit; -+ PEM_SignUpdate; -+ PEM_X509_INFO_read; -+ PEM_X509_INFO_read_bio; -+ PEM_X509_INFO_write_bio; -+ PEM_dek_info; -+ PEM_do_header; -+ PEM_get_EVP_CIPHER_INFO; -+ PEM_proc_type; -+ PEM_read; -+ PEM_read_DHparams; -+ PEM_read_DSAPrivateKey; -+ PEM_read_DSAparams; -+ PEM_read_PKCS7; -+ PEM_read_PrivateKey; -+ PEM_read_RSAPrivateKey; -+ PEM_read_X509; -+ PEM_read_X509_CRL; -+ PEM_read_X509_REQ; -+ PEM_read_bio; -+ PEM_read_bio_DHparams; -+ PEM_read_bio_DSAPrivateKey; -+ PEM_read_bio_DSAparams; -+ PEM_read_bio_PKCS7; -+ PEM_read_bio_PrivateKey; -+ PEM_read_bio_RSAPrivateKey; -+ PEM_read_bio_X509; -+ PEM_read_bio_X509_CRL; -+ PEM_read_bio_X509_REQ; -+ PEM_write; -+ PEM_write_DHparams; -+ PEM_write_DSAPrivateKey; -+ PEM_write_DSAparams; -+ PEM_write_PKCS7; -+ PEM_write_PrivateKey; -+ PEM_write_RSAPrivateKey; -+ PEM_write_X509; -+ PEM_write_X509_CRL; -+ PEM_write_X509_REQ; -+ PEM_write_bio; -+ PEM_write_bio_DHparams; -+ PEM_write_bio_DSAPrivateKey; -+ PEM_write_bio_DSAparams; -+ PEM_write_bio_PKCS7; -+ PEM_write_bio_PrivateKey; -+ PEM_write_bio_RSAPrivateKey; -+ PEM_write_bio_X509; -+ PEM_write_bio_X509_CRL; -+ PEM_write_bio_X509_REQ; -+ PKCS7_DIGEST_free; -+ PKCS7_DIGEST_new; -+ PKCS7_ENCRYPT_free; -+ PKCS7_ENCRYPT_new; -+ PKCS7_ENC_CONTENT_free; -+ PKCS7_ENC_CONTENT_new; -+ PKCS7_ENVELOPE_free; -+ PKCS7_ENVELOPE_new; -+ PKCS7_ISSUER_AND_SERIAL_digest; -+ PKCS7_ISSUER_AND_SERIAL_free; -+ PKCS7_ISSUER_AND_SERIAL_new; -+ PKCS7_RECIP_INFO_free; -+ PKCS7_RECIP_INFO_new; -+ PKCS7_SIGNED_free; -+ PKCS7_SIGNED_new; -+ PKCS7_SIGNER_INFO_free; -+ PKCS7_SIGNER_INFO_new; -+ PKCS7_SIGN_ENVELOPE_free; -+ PKCS7_SIGN_ENVELOPE_new; -+ PKCS7_dup; -+ PKCS7_free; -+ PKCS7_new; -+ PROXY_ENTRY_add_noproxy; -+ PROXY_ENTRY_clear_noproxy; -+ PROXY_ENTRY_free; -+ PROXY_ENTRY_get_noproxy; -+ PROXY_ENTRY_new; -+ PROXY_ENTRY_set_server; -+ PROXY_add_noproxy; -+ PROXY_add_server; -+ PROXY_check_by_host; -+ PROXY_check_url; -+ PROXY_clear_noproxy; -+ PROXY_free; -+ PROXY_get_noproxy; -+ PROXY_get_proxies; -+ PROXY_get_proxy_entry; -+ PROXY_load_conf; -+ PROXY_new; -+ PROXY_print; -+ RAND_bytes; -+ RAND_cleanup; -+ RAND_file_name; -+ RAND_load_file; -+ RAND_screen; -+ RAND_seed; -+ RAND_write_file; -+ RC2_cbc_encrypt; -+ RC2_cfb64_encrypt; -+ RC2_ecb_encrypt; -+ RC2_encrypt; -+ RC2_ofb64_encrypt; -+ RC2_set_key; -+ RC4; -+ RC4_options; -+ RC4_set_key; -+ RSAPrivateKey_asn1_meth; -+ RSAPrivateKey_dup; -+ RSAPublicKey_dup; -+ RSA_PKCS1_SSLeay; -+ RSA_free; -+ RSA_generate_key; -+ RSA_new; -+ RSA_new_method; -+ RSA_print; -+ RSA_print_fp; -+ RSA_private_decrypt; -+ RSA_private_encrypt; -+ RSA_public_decrypt; -+ RSA_public_encrypt; -+ RSA_set_default_method; -+ RSA_sign; -+ RSA_sign_ASN1_OCTET_STRING; -+ RSA_size; -+ RSA_verify; -+ RSA_verify_ASN1_OCTET_STRING; -+ SHA; -+ SHA1; -+ SHA1_Final; -+ SHA1_Init; -+ SHA1_Update; -+ SHA_Final; -+ SHA_Init; -+ SHA_Update; -+ OpenSSL_add_all_algorithms; -+ OpenSSL_add_all_ciphers; -+ OpenSSL_add_all_digests; -+ TXT_DB_create_index; -+ TXT_DB_free; -+ TXT_DB_get_by_index; -+ TXT_DB_insert; -+ TXT_DB_read; -+ TXT_DB_write; -+ X509_ALGOR_free; -+ X509_ALGOR_new; -+ X509_ATTRIBUTE_free; -+ X509_ATTRIBUTE_new; -+ X509_CINF_free; -+ X509_CINF_new; -+ X509_CRL_INFO_free; -+ X509_CRL_INFO_new; -+ X509_CRL_add_ext; -+ X509_CRL_cmp; -+ X509_CRL_delete_ext; -+ X509_CRL_dup; -+ X509_CRL_free; -+ X509_CRL_get_ext; -+ X509_CRL_get_ext_by_NID; -+ X509_CRL_get_ext_by_OBJ; -+ X509_CRL_get_ext_by_critical; -+ X509_CRL_get_ext_count; -+ X509_CRL_new; -+ X509_CRL_sign; -+ X509_CRL_verify; -+ X509_EXTENSION_create_by_NID; -+ X509_EXTENSION_create_by_OBJ; -+ X509_EXTENSION_dup; -+ X509_EXTENSION_free; -+ X509_EXTENSION_get_critical; -+ X509_EXTENSION_get_data; -+ X509_EXTENSION_get_object; -+ X509_EXTENSION_new; -+ X509_EXTENSION_set_critical; -+ X509_EXTENSION_set_data; -+ X509_EXTENSION_set_object; -+ X509_INFO_free; -+ X509_INFO_new; -+ X509_LOOKUP_by_alias; -+ X509_LOOKUP_by_fingerprint; -+ X509_LOOKUP_by_issuer_serial; -+ X509_LOOKUP_by_subject; -+ X509_LOOKUP_ctrl; -+ X509_LOOKUP_file; -+ X509_LOOKUP_free; -+ X509_LOOKUP_hash_dir; -+ X509_LOOKUP_init; -+ X509_LOOKUP_new; -+ X509_LOOKUP_shutdown; -+ X509_NAME_ENTRY_create_by_NID; -+ X509_NAME_ENTRY_create_by_OBJ; -+ X509_NAME_ENTRY_dup; -+ X509_NAME_ENTRY_free; -+ X509_NAME_ENTRY_get_data; -+ X509_NAME_ENTRY_get_object; -+ X509_NAME_ENTRY_new; -+ X509_NAME_ENTRY_set_data; -+ X509_NAME_ENTRY_set_object; -+ X509_NAME_add_entry; -+ X509_NAME_cmp; -+ X509_NAME_delete_entry; -+ X509_NAME_digest; -+ X509_NAME_dup; -+ X509_NAME_entry_count; -+ X509_NAME_free; -+ X509_NAME_get_entry; -+ X509_NAME_get_index_by_NID; -+ X509_NAME_get_index_by_OBJ; -+ X509_NAME_get_text_by_NID; -+ X509_NAME_get_text_by_OBJ; -+ X509_NAME_hash; -+ X509_NAME_new; -+ X509_NAME_oneline; -+ X509_NAME_print; -+ X509_NAME_set; -+ X509_OBJECT_free_contents; -+ X509_OBJECT_retrieve_by_subject; -+ X509_OBJECT_up_ref_count; -+ X509_PKEY_free; -+ X509_PKEY_new; -+ X509_PUBKEY_free; -+ X509_PUBKEY_get; -+ X509_PUBKEY_new; -+ X509_PUBKEY_set; -+ X509_REQ_INFO_free; -+ X509_REQ_INFO_new; -+ X509_REQ_dup; -+ X509_REQ_free; -+ X509_REQ_get_pubkey; -+ X509_REQ_new; -+ X509_REQ_print; -+ X509_REQ_print_fp; -+ X509_REQ_set_pubkey; -+ X509_REQ_set_subject_name; -+ X509_REQ_set_version; -+ X509_REQ_sign; -+ X509_REQ_to_X509; -+ X509_REQ_verify; -+ X509_REVOKED_add_ext; -+ X509_REVOKED_delete_ext; -+ X509_REVOKED_free; -+ X509_REVOKED_get_ext; -+ X509_REVOKED_get_ext_by_NID; -+ X509_REVOKED_get_ext_by_OBJ; -+ X509_REVOKED_get_ext_by_critical; -+ X509_REVOKED_get_ext_by_critic; -+ X509_REVOKED_get_ext_count; -+ X509_REVOKED_new; -+ X509_SIG_free; -+ X509_SIG_new; -+ X509_STORE_CTX_cleanup; -+ X509_STORE_CTX_init; -+ X509_STORE_add_cert; -+ X509_STORE_add_lookup; -+ X509_STORE_free; -+ X509_STORE_get_by_subject; -+ X509_STORE_load_locations; -+ X509_STORE_new; -+ X509_STORE_set_default_paths; -+ X509_VAL_free; -+ X509_VAL_new; -+ X509_add_ext; -+ X509_asn1_meth; -+ X509_certificate_type; -+ X509_check_private_key; -+ X509_cmp_current_time; -+ X509_delete_ext; -+ X509_digest; -+ X509_dup; -+ X509_free; -+ X509_get_default_cert_area; -+ X509_get_default_cert_dir; -+ X509_get_default_cert_dir_env; -+ X509_get_default_cert_file; -+ X509_get_default_cert_file_env; -+ X509_get_default_private_dir; -+ X509_get_ext; -+ X509_get_ext_by_NID; -+ X509_get_ext_by_OBJ; -+ X509_get_ext_by_critical; -+ X509_get_ext_count; -+ X509_get_issuer_name; -+ X509_get_pubkey; -+ X509_get_pubkey_parameters; -+ X509_get_serialNumber; -+ X509_get_subject_name; -+ X509_gmtime_adj; -+ X509_issuer_and_serial_cmp; -+ X509_issuer_and_serial_hash; -+ X509_issuer_name_cmp; -+ X509_issuer_name_hash; -+ X509_load_cert_file; -+ X509_new; -+ X509_print; -+ X509_print_fp; -+ X509_set_issuer_name; -+ X509_set_notAfter; -+ X509_set_notBefore; -+ X509_set_pubkey; -+ X509_set_serialNumber; -+ X509_set_subject_name; -+ X509_set_version; -+ X509_sign; -+ X509_subject_name_cmp; -+ X509_subject_name_hash; -+ X509_to_X509_REQ; -+ X509_verify; -+ X509_verify_cert; -+ X509_verify_cert_error_string; -+ X509v3_add_ext; -+ X509v3_add_extension; -+ X509v3_add_netscape_extensions; -+ X509v3_add_standard_extensions; -+ X509v3_cleanup_extensions; -+ X509v3_data_type_by_NID; -+ X509v3_data_type_by_OBJ; -+ X509v3_delete_ext; -+ X509v3_get_ext; -+ X509v3_get_ext_by_NID; -+ X509v3_get_ext_by_OBJ; -+ X509v3_get_ext_by_critical; -+ X509v3_get_ext_count; -+ X509v3_pack_string; -+ X509v3_pack_type_by_NID; -+ X509v3_pack_type_by_OBJ; -+ X509v3_unpack_string; -+ _des_crypt; -+ a2d_ASN1_OBJECT; -+ a2i_ASN1_INTEGER; -+ a2i_ASN1_STRING; -+ asn1_Finish; -+ asn1_GetSequence; -+ bn_div_words; -+ bn_expand2; -+ bn_mul_add_words; -+ bn_mul_words; -+ BN_uadd; -+ BN_usub; -+ bn_sqr_words; -+ _ossl_old_crypt; -+ d2i_ASN1_BIT_STRING; -+ d2i_ASN1_BOOLEAN; -+ d2i_ASN1_HEADER; -+ d2i_ASN1_IA5STRING; -+ d2i_ASN1_INTEGER; -+ d2i_ASN1_OBJECT; -+ d2i_ASN1_OCTET_STRING; -+ d2i_ASN1_PRINTABLE; -+ d2i_ASN1_PRINTABLESTRING; -+ d2i_ASN1_SET; -+ d2i_ASN1_T61STRING; -+ d2i_ASN1_TYPE; -+ d2i_ASN1_UTCTIME; -+ d2i_ASN1_bytes; -+ d2i_ASN1_type_bytes; -+ d2i_DHparams; -+ d2i_DSAPrivateKey; -+ d2i_DSAPrivateKey_bio; -+ d2i_DSAPrivateKey_fp; -+ d2i_DSAPublicKey; -+ d2i_DSAparams; -+ d2i_NETSCAPE_SPKAC; -+ d2i_NETSCAPE_SPKI; -+ d2i_Netscape_RSA; -+ d2i_PKCS7; -+ d2i_PKCS7_DIGEST; -+ d2i_PKCS7_ENCRYPT; -+ d2i_PKCS7_ENC_CONTENT; -+ d2i_PKCS7_ENVELOPE; -+ d2i_PKCS7_ISSUER_AND_SERIAL; -+ d2i_PKCS7_RECIP_INFO; -+ d2i_PKCS7_SIGNED; -+ d2i_PKCS7_SIGNER_INFO; -+ d2i_PKCS7_SIGN_ENVELOPE; -+ d2i_PKCS7_bio; -+ d2i_PKCS7_fp; -+ d2i_PrivateKey; -+ d2i_PublicKey; -+ d2i_RSAPrivateKey; -+ d2i_RSAPrivateKey_bio; -+ d2i_RSAPrivateKey_fp; -+ d2i_RSAPublicKey; -+ d2i_X509; -+ d2i_X509_ALGOR; -+ d2i_X509_ATTRIBUTE; -+ d2i_X509_CINF; -+ d2i_X509_CRL; -+ d2i_X509_CRL_INFO; -+ d2i_X509_CRL_bio; -+ d2i_X509_CRL_fp; -+ d2i_X509_EXTENSION; -+ d2i_X509_NAME; -+ d2i_X509_NAME_ENTRY; -+ d2i_X509_PKEY; -+ d2i_X509_PUBKEY; -+ d2i_X509_REQ; -+ d2i_X509_REQ_INFO; -+ d2i_X509_REQ_bio; -+ d2i_X509_REQ_fp; -+ d2i_X509_REVOKED; -+ d2i_X509_SIG; -+ d2i_X509_VAL; -+ d2i_X509_bio; -+ d2i_X509_fp; -+ DES_cbc_cksum; -+ DES_cbc_encrypt; -+ DES_cblock_print_file; -+ DES_cfb64_encrypt; -+ DES_cfb_encrypt; -+ DES_decrypt3; -+ DES_ecb3_encrypt; -+ DES_ecb_encrypt; -+ DES_ede3_cbc_encrypt; -+ DES_ede3_cfb64_encrypt; -+ DES_ede3_ofb64_encrypt; -+ DES_enc_read; -+ DES_enc_write; -+ DES_encrypt1; -+ DES_encrypt2; -+ DES_encrypt3; -+ DES_fcrypt; -+ DES_is_weak_key; -+ DES_key_sched; -+ DES_ncbc_encrypt; -+ DES_ofb64_encrypt; -+ DES_ofb_encrypt; -+ DES_options; -+ DES_pcbc_encrypt; -+ DES_quad_cksum; -+ DES_random_key; -+ _ossl_old_des_random_seed; -+ _ossl_old_des_read_2passwords; -+ _ossl_old_des_read_password; -+ _ossl_old_des_read_pw; -+ _ossl_old_des_read_pw_string; -+ DES_set_key; -+ DES_set_odd_parity; -+ DES_string_to_2keys; -+ DES_string_to_key; -+ DES_xcbc_encrypt; -+ DES_xwhite_in2out; -+ fcrypt_body; -+ i2a_ASN1_INTEGER; -+ i2a_ASN1_OBJECT; -+ i2a_ASN1_STRING; -+ i2d_ASN1_BIT_STRING; -+ i2d_ASN1_BOOLEAN; -+ i2d_ASN1_HEADER; -+ i2d_ASN1_IA5STRING; -+ i2d_ASN1_INTEGER; -+ i2d_ASN1_OBJECT; -+ i2d_ASN1_OCTET_STRING; -+ i2d_ASN1_PRINTABLE; -+ i2d_ASN1_SET; -+ i2d_ASN1_TYPE; -+ i2d_ASN1_UTCTIME; -+ i2d_ASN1_bytes; -+ i2d_DHparams; -+ i2d_DSAPrivateKey; -+ i2d_DSAPrivateKey_bio; -+ i2d_DSAPrivateKey_fp; -+ i2d_DSAPublicKey; -+ i2d_DSAparams; -+ i2d_NETSCAPE_SPKAC; -+ i2d_NETSCAPE_SPKI; -+ i2d_Netscape_RSA; -+ i2d_PKCS7; -+ i2d_PKCS7_DIGEST; -+ i2d_PKCS7_ENCRYPT; -+ i2d_PKCS7_ENC_CONTENT; -+ i2d_PKCS7_ENVELOPE; -+ i2d_PKCS7_ISSUER_AND_SERIAL; -+ i2d_PKCS7_RECIP_INFO; -+ i2d_PKCS7_SIGNED; -+ i2d_PKCS7_SIGNER_INFO; -+ i2d_PKCS7_SIGN_ENVELOPE; -+ i2d_PKCS7_bio; -+ i2d_PKCS7_fp; -+ i2d_PrivateKey; -+ i2d_PublicKey; -+ i2d_RSAPrivateKey; -+ i2d_RSAPrivateKey_bio; -+ i2d_RSAPrivateKey_fp; -+ i2d_RSAPublicKey; -+ i2d_X509; -+ i2d_X509_ALGOR; -+ i2d_X509_ATTRIBUTE; -+ i2d_X509_CINF; -+ i2d_X509_CRL; -+ i2d_X509_CRL_INFO; -+ i2d_X509_CRL_bio; -+ i2d_X509_CRL_fp; -+ i2d_X509_EXTENSION; -+ i2d_X509_NAME; -+ i2d_X509_NAME_ENTRY; -+ i2d_X509_PKEY; -+ i2d_X509_PUBKEY; -+ i2d_X509_REQ; -+ i2d_X509_REQ_INFO; -+ i2d_X509_REQ_bio; -+ i2d_X509_REQ_fp; -+ i2d_X509_REVOKED; -+ i2d_X509_SIG; -+ i2d_X509_VAL; -+ i2d_X509_bio; -+ i2d_X509_fp; -+ idea_cbc_encrypt; -+ idea_cfb64_encrypt; -+ idea_ecb_encrypt; -+ idea_encrypt; -+ idea_ofb64_encrypt; -+ idea_options; -+ idea_set_decrypt_key; -+ idea_set_encrypt_key; -+ lh_delete; -+ lh_doall; -+ lh_doall_arg; -+ lh_free; -+ lh_insert; -+ lh_new; -+ lh_node_stats; -+ lh_node_stats_bio; -+ lh_node_usage_stats; -+ lh_node_usage_stats_bio; -+ lh_retrieve; -+ lh_stats; -+ lh_stats_bio; -+ lh_strhash; -+ sk_delete; -+ sk_delete_ptr; -+ sk_dup; -+ sk_find; -+ sk_free; -+ sk_insert; -+ sk_new; -+ sk_pop; -+ sk_pop_free; -+ sk_push; -+ sk_set_cmp_func; -+ sk_shift; -+ sk_unshift; -+ sk_zero; -+ BIO_f_nbio_test; -+ ASN1_TYPE_get; -+ ASN1_TYPE_set; -+ PKCS7_content_free; -+ ERR_load_PKCS7_strings; -+ X509_find_by_issuer_and_serial; -+ X509_find_by_subject; -+ PKCS7_ctrl; -+ PKCS7_set_type; -+ PKCS7_set_content; -+ PKCS7_SIGNER_INFO_set; -+ PKCS7_add_signer; -+ PKCS7_add_certificate; -+ PKCS7_add_crl; -+ PKCS7_content_new; -+ PKCS7_dataSign; -+ PKCS7_dataVerify; -+ PKCS7_dataInit; -+ PKCS7_add_signature; -+ PKCS7_cert_from_signer_info; -+ PKCS7_get_signer_info; -+ EVP_delete_alias; -+ EVP_mdc2; -+ PEM_read_bio_RSAPublicKey; -+ PEM_write_bio_RSAPublicKey; -+ d2i_RSAPublicKey_bio; -+ i2d_RSAPublicKey_bio; -+ PEM_read_RSAPublicKey; -+ PEM_write_RSAPublicKey; -+ d2i_RSAPublicKey_fp; -+ i2d_RSAPublicKey_fp; -+ BIO_copy_next_retry; -+ RSA_flags; -+ X509_STORE_add_crl; -+ X509_load_crl_file; -+ EVP_rc2_40_cbc; -+ EVP_rc4_40; -+ EVP_CIPHER_CTX_init; -+ HMAC; -+ HMAC_Init; -+ HMAC_Update; -+ HMAC_Final; -+ ERR_get_next_error_library; -+ EVP_PKEY_cmp_parameters; -+ HMAC_cleanup; -+ BIO_ptr_ctrl; -+ BIO_new_file_internal; -+ BIO_new_fp_internal; -+ BIO_s_file_internal; -+ BN_BLINDING_convert; -+ BN_BLINDING_invert; -+ BN_BLINDING_update; -+ RSA_blinding_on; -+ RSA_blinding_off; -+ i2t_ASN1_OBJECT; -+ BN_BLINDING_new; -+ BN_BLINDING_free; -+ EVP_cast5_cbc; -+ EVP_cast5_cfb64; -+ EVP_cast5_ecb; -+ EVP_cast5_ofb; -+ BF_decrypt; -+ CAST_set_key; -+ CAST_encrypt; -+ CAST_decrypt; -+ CAST_ecb_encrypt; -+ CAST_cbc_encrypt; -+ CAST_cfb64_encrypt; -+ CAST_ofb64_encrypt; -+ RC2_decrypt; -+ OBJ_create_objects; -+ BN_exp; -+ BN_mul_word; -+ BN_sub_word; -+ BN_dec2bn; -+ BN_bn2dec; -+ BIO_ghbn_ctrl; -+ CRYPTO_free_ex_data; -+ CRYPTO_get_ex_data; -+ CRYPTO_set_ex_data; -+ ERR_load_CRYPTO_strings; -+ ERR_load_CRYPTOlib_strings; -+ EVP_PKEY_bits; -+ MD5_Transform; -+ SHA1_Transform; -+ SHA_Transform; -+ X509_STORE_CTX_get_chain; -+ X509_STORE_CTX_get_current_cert; -+ X509_STORE_CTX_get_error; -+ X509_STORE_CTX_get_error_depth; -+ X509_STORE_CTX_get_ex_data; -+ X509_STORE_CTX_set_cert; -+ X509_STORE_CTX_set_chain; -+ X509_STORE_CTX_set_error; -+ X509_STORE_CTX_set_ex_data; -+ CRYPTO_dup_ex_data; -+ CRYPTO_get_new_lockid; -+ CRYPTO_new_ex_data; -+ RSA_set_ex_data; -+ RSA_get_ex_data; -+ RSA_get_ex_new_index; -+ RSA_padding_add_PKCS1_type_1; -+ RSA_padding_add_PKCS1_type_2; -+ RSA_padding_add_SSLv23; -+ RSA_padding_add_none; -+ RSA_padding_check_PKCS1_type_1; -+ RSA_padding_check_PKCS1_type_2; -+ RSA_padding_check_SSLv23; -+ RSA_padding_check_none; -+ bn_add_words; -+ d2i_Netscape_RSA_2; -+ CRYPTO_get_ex_new_index; -+ RIPEMD160_Init; -+ RIPEMD160_Update; -+ RIPEMD160_Final; -+ RIPEMD160; -+ RIPEMD160_Transform; -+ RC5_32_set_key; -+ RC5_32_ecb_encrypt; -+ RC5_32_encrypt; -+ RC5_32_decrypt; -+ RC5_32_cbc_encrypt; -+ RC5_32_cfb64_encrypt; -+ RC5_32_ofb64_encrypt; -+ BN_bn2mpi; -+ BN_mpi2bn; -+ ASN1_BIT_STRING_get_bit; -+ ASN1_BIT_STRING_set_bit; -+ BIO_get_ex_data; -+ BIO_get_ex_new_index; -+ BIO_set_ex_data; -+ X509v3_get_key_usage; -+ X509v3_set_key_usage; -+ a2i_X509v3_key_usage; -+ i2a_X509v3_key_usage; -+ EVP_PKEY_decrypt; -+ EVP_PKEY_encrypt; -+ PKCS7_RECIP_INFO_set; -+ PKCS7_add_recipient; -+ PKCS7_add_recipient_info; -+ PKCS7_set_cipher; -+ ASN1_TYPE_get_int_octetstring; -+ ASN1_TYPE_get_octetstring; -+ ASN1_TYPE_set_int_octetstring; -+ ASN1_TYPE_set_octetstring; -+ ASN1_UTCTIME_set_string; -+ ERR_add_error_data; -+ ERR_set_error_data; -+ EVP_CIPHER_asn1_to_param; -+ EVP_CIPHER_param_to_asn1; -+ EVP_CIPHER_get_asn1_iv; -+ EVP_CIPHER_set_asn1_iv; -+ EVP_rc5_32_12_16_cbc; -+ EVP_rc5_32_12_16_cfb64; -+ EVP_rc5_32_12_16_ecb; -+ EVP_rc5_32_12_16_ofb; -+ asn1_add_error; -+ d2i_ASN1_BMPSTRING; -+ i2d_ASN1_BMPSTRING; -+ BIO_f_ber; -+ BN_init; -+ COMP_CTX_new; -+ COMP_CTX_free; -+ COMP_CTX_compress_block; -+ COMP_CTX_expand_block; -+ X509_STORE_CTX_get_ex_new_index; -+ OBJ_NAME_add; -+ BIO_socket_nbio; -+ EVP_rc2_64_cbc; -+ OBJ_NAME_cleanup; -+ OBJ_NAME_get; -+ OBJ_NAME_init; -+ OBJ_NAME_new_index; -+ OBJ_NAME_remove; -+ BN_MONT_CTX_copy; -+ BIO_new_socks4a_connect; -+ BIO_s_socks4a_connect; -+ PROXY_set_connect_mode; -+ RAND_SSLeay; -+ RAND_set_rand_method; -+ RSA_memory_lock; -+ bn_sub_words; -+ bn_mul_normal; -+ bn_mul_comba8; -+ bn_mul_comba4; -+ bn_sqr_normal; -+ bn_sqr_comba8; -+ bn_sqr_comba4; -+ bn_cmp_words; -+ bn_mul_recursive; -+ bn_mul_part_recursive; -+ bn_sqr_recursive; -+ bn_mul_low_normal; -+ BN_RECP_CTX_init; -+ BN_RECP_CTX_new; -+ BN_RECP_CTX_free; -+ BN_RECP_CTX_set; -+ BN_mod_mul_reciprocal; -+ BN_mod_exp_recp; -+ BN_div_recp; -+ BN_CTX_init; -+ BN_MONT_CTX_init; -+ RAND_get_rand_method; -+ PKCS7_add_attribute; -+ PKCS7_add_signed_attribute; -+ PKCS7_digest_from_attributes; -+ PKCS7_get_attribute; -+ PKCS7_get_issuer_and_serial; -+ PKCS7_get_signed_attribute; -+ COMP_compress_block; -+ COMP_expand_block; -+ COMP_rle; -+ COMP_zlib; -+ ms_time_diff; -+ ms_time_new; -+ ms_time_free; -+ ms_time_cmp; -+ ms_time_get; -+ PKCS7_set_attributes; -+ PKCS7_set_signed_attributes; -+ X509_ATTRIBUTE_create; -+ X509_ATTRIBUTE_dup; -+ ASN1_GENERALIZEDTIME_check; -+ ASN1_GENERALIZEDTIME_print; -+ ASN1_GENERALIZEDTIME_set; -+ ASN1_GENERALIZEDTIME_set_string; -+ ASN1_TIME_print; -+ BASIC_CONSTRAINTS_free; -+ BASIC_CONSTRAINTS_new; -+ ERR_load_X509V3_strings; -+ NETSCAPE_CERT_SEQUENCE_free; -+ NETSCAPE_CERT_SEQUENCE_new; -+ OBJ_txt2obj; -+ PEM_read_NETSCAPE_CERT_SEQUENCE; -+ PEM_read_NS_CERT_SEQ; -+ PEM_read_bio_NETSCAPE_CERT_SEQUENCE; -+ PEM_read_bio_NS_CERT_SEQ; -+ PEM_write_NETSCAPE_CERT_SEQUENCE; -+ PEM_write_NS_CERT_SEQ; -+ PEM_write_bio_NETSCAPE_CERT_SEQUENCE; -+ PEM_write_bio_NS_CERT_SEQ; -+ X509V3_EXT_add; -+ X509V3_EXT_add_alias; -+ X509V3_EXT_add_conf; -+ X509V3_EXT_cleanup; -+ X509V3_EXT_conf; -+ X509V3_EXT_conf_nid; -+ X509V3_EXT_get; -+ X509V3_EXT_get_nid; -+ X509V3_EXT_print; -+ X509V3_EXT_print_fp; -+ X509V3_add_standard_extensions; -+ X509V3_add_value; -+ X509V3_add_value_bool; -+ X509V3_add_value_int; -+ X509V3_conf_free; -+ X509V3_get_value_bool; -+ X509V3_get_value_int; -+ X509V3_parse_list; -+ d2i_ASN1_GENERALIZEDTIME; -+ d2i_ASN1_TIME; -+ d2i_BASIC_CONSTRAINTS; -+ d2i_NETSCAPE_CERT_SEQUENCE; -+ d2i_ext_ku; -+ ext_ku_free; -+ ext_ku_new; -+ i2d_ASN1_GENERALIZEDTIME; -+ i2d_ASN1_TIME; -+ i2d_BASIC_CONSTRAINTS; -+ i2d_NETSCAPE_CERT_SEQUENCE; -+ i2d_ext_ku; -+ EVP_MD_CTX_copy; -+ i2d_ASN1_ENUMERATED; -+ d2i_ASN1_ENUMERATED; -+ ASN1_ENUMERATED_set; -+ ASN1_ENUMERATED_get; -+ BN_to_ASN1_ENUMERATED; -+ ASN1_ENUMERATED_to_BN; -+ i2a_ASN1_ENUMERATED; -+ a2i_ASN1_ENUMERATED; -+ i2d_GENERAL_NAME; -+ d2i_GENERAL_NAME; -+ GENERAL_NAME_new; -+ GENERAL_NAME_free; -+ GENERAL_NAMES_new; -+ GENERAL_NAMES_free; -+ d2i_GENERAL_NAMES; -+ i2d_GENERAL_NAMES; -+ i2v_GENERAL_NAMES; -+ i2s_ASN1_OCTET_STRING; -+ s2i_ASN1_OCTET_STRING; -+ X509V3_EXT_check_conf; -+ hex_to_string; -+ string_to_hex; -+ DES_ede3_cbcm_encrypt; -+ RSA_padding_add_PKCS1_OAEP; -+ RSA_padding_check_PKCS1_OAEP; -+ X509_CRL_print_fp; -+ X509_CRL_print; -+ i2v_GENERAL_NAME; -+ v2i_GENERAL_NAME; -+ i2d_PKEY_USAGE_PERIOD; -+ d2i_PKEY_USAGE_PERIOD; -+ PKEY_USAGE_PERIOD_new; -+ PKEY_USAGE_PERIOD_free; -+ v2i_GENERAL_NAMES; -+ i2s_ASN1_INTEGER; -+ X509V3_EXT_d2i; -+ name_cmp; -+ str_dup; -+ i2s_ASN1_ENUMERATED; -+ i2s_ASN1_ENUMERATED_TABLE; -+ BIO_s_log; -+ BIO_f_reliable; -+ PKCS7_dataFinal; -+ PKCS7_dataDecode; -+ X509V3_EXT_CRL_add_conf; -+ BN_set_params; -+ BN_get_params; -+ BIO_get_ex_num; -+ BIO_set_ex_free_func; -+ EVP_ripemd160; -+ ASN1_TIME_set; -+ i2d_AUTHORITY_KEYID; -+ d2i_AUTHORITY_KEYID; -+ AUTHORITY_KEYID_new; -+ AUTHORITY_KEYID_free; -+ ASN1_seq_unpack; -+ ASN1_seq_pack; -+ ASN1_unpack_string; -+ ASN1_pack_string; -+ PKCS12_pack_safebag; -+ PKCS12_MAKE_KEYBAG; -+ PKCS8_encrypt; -+ PKCS12_MAKE_SHKEYBAG; -+ PKCS12_pack_p7data; -+ PKCS12_pack_p7encdata; -+ PKCS12_add_localkeyid; -+ PKCS12_add_friendlyname_asc; -+ PKCS12_add_friendlyname_uni; -+ PKCS12_get_friendlyname; -+ PKCS12_pbe_crypt; -+ PKCS12_decrypt_d2i; -+ PKCS12_i2d_encrypt; -+ PKCS12_init; -+ PKCS12_key_gen_asc; -+ PKCS12_key_gen_uni; -+ PKCS12_gen_mac; -+ PKCS12_verify_mac; -+ PKCS12_set_mac; -+ PKCS12_setup_mac; -+ OPENSSL_asc2uni; -+ OPENSSL_uni2asc; -+ i2d_PKCS12_BAGS; -+ PKCS12_BAGS_new; -+ d2i_PKCS12_BAGS; -+ PKCS12_BAGS_free; -+ i2d_PKCS12; -+ d2i_PKCS12; -+ PKCS12_new; -+ PKCS12_free; -+ i2d_PKCS12_MAC_DATA; -+ PKCS12_MAC_DATA_new; -+ d2i_PKCS12_MAC_DATA; -+ PKCS12_MAC_DATA_free; -+ i2d_PKCS12_SAFEBAG; -+ PKCS12_SAFEBAG_new; -+ d2i_PKCS12_SAFEBAG; -+ PKCS12_SAFEBAG_free; -+ ERR_load_PKCS12_strings; -+ PKCS12_PBE_add; -+ PKCS8_add_keyusage; -+ PKCS12_get_attr_gen; -+ PKCS12_parse; -+ PKCS12_create; -+ i2d_PKCS12_bio; -+ i2d_PKCS12_fp; -+ d2i_PKCS12_bio; -+ d2i_PKCS12_fp; -+ i2d_PBEPARAM; -+ PBEPARAM_new; -+ d2i_PBEPARAM; -+ PBEPARAM_free; -+ i2d_PKCS8_PRIV_KEY_INFO; -+ PKCS8_PRIV_KEY_INFO_new; -+ d2i_PKCS8_PRIV_KEY_INFO; -+ PKCS8_PRIV_KEY_INFO_free; -+ EVP_PKCS82PKEY; -+ EVP_PKEY2PKCS8; -+ PKCS8_set_broken; -+ EVP_PBE_ALGOR_CipherInit; -+ EVP_PBE_alg_add; -+ PKCS5_pbe_set; -+ EVP_PBE_cleanup; -+ i2d_SXNET; -+ d2i_SXNET; -+ SXNET_new; -+ SXNET_free; -+ i2d_SXNETID; -+ d2i_SXNETID; -+ SXNETID_new; -+ SXNETID_free; -+ DSA_SIG_new; -+ DSA_SIG_free; -+ DSA_do_sign; -+ DSA_do_verify; -+ d2i_DSA_SIG; -+ i2d_DSA_SIG; -+ i2d_ASN1_VISIBLESTRING; -+ d2i_ASN1_VISIBLESTRING; -+ i2d_ASN1_UTF8STRING; -+ d2i_ASN1_UTF8STRING; -+ i2d_DIRECTORYSTRING; -+ d2i_DIRECTORYSTRING; -+ i2d_DISPLAYTEXT; -+ d2i_DISPLAYTEXT; -+ d2i_ASN1_SET_OF_X509; -+ i2d_ASN1_SET_OF_X509; -+ i2d_PBKDF2PARAM; -+ PBKDF2PARAM_new; -+ d2i_PBKDF2PARAM; -+ PBKDF2PARAM_free; -+ i2d_PBE2PARAM; -+ PBE2PARAM_new; -+ d2i_PBE2PARAM; -+ PBE2PARAM_free; -+ d2i_ASN1_SET_OF_GENERAL_NAME; -+ i2d_ASN1_SET_OF_GENERAL_NAME; -+ d2i_ASN1_SET_OF_SXNETID; -+ i2d_ASN1_SET_OF_SXNETID; -+ d2i_ASN1_SET_OF_POLICYQUALINFO; -+ i2d_ASN1_SET_OF_POLICYQUALINFO; -+ d2i_ASN1_SET_OF_POLICYINFO; -+ i2d_ASN1_SET_OF_POLICYINFO; -+ SXNET_add_id_asc; -+ SXNET_add_id_ulong; -+ SXNET_add_id_INTEGER; -+ SXNET_get_id_asc; -+ SXNET_get_id_ulong; -+ SXNET_get_id_INTEGER; -+ X509V3_set_conf_lhash; -+ i2d_CERTIFICATEPOLICIES; -+ CERTIFICATEPOLICIES_new; -+ CERTIFICATEPOLICIES_free; -+ d2i_CERTIFICATEPOLICIES; -+ i2d_POLICYINFO; -+ POLICYINFO_new; -+ d2i_POLICYINFO; -+ POLICYINFO_free; -+ i2d_POLICYQUALINFO; -+ POLICYQUALINFO_new; -+ d2i_POLICYQUALINFO; -+ POLICYQUALINFO_free; -+ i2d_USERNOTICE; -+ USERNOTICE_new; -+ d2i_USERNOTICE; -+ USERNOTICE_free; -+ i2d_NOTICEREF; -+ NOTICEREF_new; -+ d2i_NOTICEREF; -+ NOTICEREF_free; -+ X509V3_get_string; -+ X509V3_get_section; -+ X509V3_string_free; -+ X509V3_section_free; -+ X509V3_set_ctx; -+ s2i_ASN1_INTEGER; -+ CRYPTO_set_locked_mem_functions; -+ CRYPTO_get_locked_mem_functions; -+ CRYPTO_malloc_locked; -+ CRYPTO_free_locked; -+ BN_mod_exp2_mont; -+ ERR_get_error_line_data; -+ ERR_peek_error_line_data; -+ PKCS12_PBE_keyivgen; -+ X509_ALGOR_dup; -+ d2i_ASN1_SET_OF_DIST_POINT; -+ i2d_ASN1_SET_OF_DIST_POINT; -+ i2d_CRL_DIST_POINTS; -+ CRL_DIST_POINTS_new; -+ CRL_DIST_POINTS_free; -+ d2i_CRL_DIST_POINTS; -+ i2d_DIST_POINT; -+ DIST_POINT_new; -+ d2i_DIST_POINT; -+ DIST_POINT_free; -+ i2d_DIST_POINT_NAME; -+ DIST_POINT_NAME_new; -+ DIST_POINT_NAME_free; -+ d2i_DIST_POINT_NAME; -+ X509V3_add_value_uchar; -+ d2i_ASN1_SET_OF_X509_ATTRIBUTE; -+ i2d_ASN1_SET_OF_ASN1_TYPE; -+ d2i_ASN1_SET_OF_X509_EXTENSION; -+ d2i_ASN1_SET_OF_X509_NAME_ENTRY; -+ d2i_ASN1_SET_OF_ASN1_TYPE; -+ i2d_ASN1_SET_OF_X509_ATTRIBUTE; -+ i2d_ASN1_SET_OF_X509_EXTENSION; -+ i2d_ASN1_SET_OF_X509_NAME_ENTRY; -+ X509V3_EXT_i2d; -+ X509V3_EXT_val_prn; -+ X509V3_EXT_add_list; -+ EVP_CIPHER_type; -+ EVP_PBE_CipherInit; -+ X509V3_add_value_bool_nf; -+ d2i_ASN1_UINTEGER; -+ sk_value; -+ sk_num; -+ sk_set; -+ i2d_ASN1_SET_OF_X509_REVOKED; -+ sk_sort; -+ d2i_ASN1_SET_OF_X509_REVOKED; -+ i2d_ASN1_SET_OF_X509_ALGOR; -+ i2d_ASN1_SET_OF_X509_CRL; -+ d2i_ASN1_SET_OF_X509_ALGOR; -+ d2i_ASN1_SET_OF_X509_CRL; -+ i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO; -+ i2d_ASN1_SET_OF_PKCS7_RECIP_INFO; -+ d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO; -+ d2i_ASN1_SET_OF_PKCS7_RECIP_INFO; -+ PKCS5_PBE_add; -+ PEM_write_bio_PKCS8; -+ i2d_PKCS8_fp; -+ PEM_read_bio_PKCS8_PRIV_KEY_INFO; -+ PEM_read_bio_P8_PRIV_KEY_INFO; -+ d2i_PKCS8_bio; -+ d2i_PKCS8_PRIV_KEY_INFO_fp; -+ PEM_write_bio_PKCS8_PRIV_KEY_INFO; -+ PEM_write_bio_P8_PRIV_KEY_INFO; -+ PEM_read_PKCS8; -+ d2i_PKCS8_PRIV_KEY_INFO_bio; -+ d2i_PKCS8_fp; -+ PEM_write_PKCS8; -+ PEM_read_PKCS8_PRIV_KEY_INFO; -+ PEM_read_P8_PRIV_KEY_INFO; -+ PEM_read_bio_PKCS8; -+ PEM_write_PKCS8_PRIV_KEY_INFO; -+ PEM_write_P8_PRIV_KEY_INFO; -+ PKCS5_PBE_keyivgen; -+ i2d_PKCS8_bio; -+ i2d_PKCS8_PRIV_KEY_INFO_fp; -+ i2d_PKCS8_PRIV_KEY_INFO_bio; -+ BIO_s_bio; -+ PKCS5_pbe2_set; -+ PKCS5_PBKDF2_HMAC_SHA1; -+ PKCS5_v2_PBE_keyivgen; -+ PEM_write_bio_PKCS8PrivateKey; -+ PEM_write_PKCS8PrivateKey; -+ BIO_ctrl_get_read_request; -+ BIO_ctrl_pending; -+ BIO_ctrl_wpending; -+ BIO_new_bio_pair; -+ BIO_ctrl_get_write_guarantee; -+ CRYPTO_num_locks; -+ CONF_load_bio; -+ CONF_load_fp; -+ i2d_ASN1_SET_OF_ASN1_OBJECT; -+ d2i_ASN1_SET_OF_ASN1_OBJECT; -+ PKCS7_signatureVerify; -+ RSA_set_method; -+ RSA_get_method; -+ RSA_get_default_method; -+ RSA_check_key; -+ OBJ_obj2txt; -+ DSA_dup_DH; -+ X509_REQ_get_extensions; -+ X509_REQ_set_extension_nids; -+ BIO_nwrite; -+ X509_REQ_extension_nid; -+ BIO_nread; -+ X509_REQ_get_extension_nids; -+ BIO_nwrite0; -+ X509_REQ_add_extensions_nid; -+ BIO_nread0; -+ X509_REQ_add_extensions; -+ BIO_new_mem_buf; -+ DH_set_ex_data; -+ DH_set_method; -+ DSA_OpenSSL; -+ DH_get_ex_data; -+ DH_get_ex_new_index; -+ DSA_new_method; -+ DH_new_method; -+ DH_OpenSSL; -+ DSA_get_ex_new_index; -+ DH_get_default_method; -+ DSA_set_ex_data; -+ DH_set_default_method; -+ DSA_get_ex_data; -+ X509V3_EXT_REQ_add_conf; -+ NETSCAPE_SPKI_print; -+ NETSCAPE_SPKI_set_pubkey; -+ NETSCAPE_SPKI_b64_encode; -+ NETSCAPE_SPKI_get_pubkey; -+ NETSCAPE_SPKI_b64_decode; -+ UTF8_putc; -+ UTF8_getc; -+ RSA_null_method; -+ ASN1_tag2str; -+ BIO_ctrl_reset_read_request; -+ DISPLAYTEXT_new; -+ ASN1_GENERALIZEDTIME_free; -+ X509_REVOKED_get_ext_d2i; -+ X509_set_ex_data; -+ X509_reject_set_bit_asc; -+ X509_NAME_add_entry_by_txt; -+ X509_NAME_add_entry_by_NID; -+ X509_PURPOSE_get0; -+ PEM_read_X509_AUX; -+ d2i_AUTHORITY_INFO_ACCESS; -+ PEM_write_PUBKEY; -+ ACCESS_DESCRIPTION_new; -+ X509_CERT_AUX_free; -+ d2i_ACCESS_DESCRIPTION; -+ X509_trust_clear; -+ X509_TRUST_add; -+ ASN1_VISIBLESTRING_new; -+ X509_alias_set1; -+ ASN1_PRINTABLESTRING_free; -+ EVP_PKEY_get1_DSA; -+ ASN1_BMPSTRING_new; -+ ASN1_mbstring_copy; -+ ASN1_UTF8STRING_new; -+ DSA_get_default_method; -+ i2d_ASN1_SET_OF_ACCESS_DESCRIPTION; -+ ASN1_T61STRING_free; -+ DSA_set_method; -+ X509_get_ex_data; -+ ASN1_STRING_type; -+ X509_PURPOSE_get_by_sname; -+ ASN1_TIME_free; -+ ASN1_OCTET_STRING_cmp; -+ ASN1_BIT_STRING_new; -+ X509_get_ext_d2i; -+ PEM_read_bio_X509_AUX; -+ ASN1_STRING_set_default_mask_asc; -+ ASN1_STRING_set_def_mask_asc; -+ PEM_write_bio_RSA_PUBKEY; -+ ASN1_INTEGER_cmp; -+ d2i_RSA_PUBKEY_fp; -+ X509_trust_set_bit_asc; -+ PEM_write_bio_DSA_PUBKEY; -+ X509_STORE_CTX_free; -+ EVP_PKEY_set1_DSA; -+ i2d_DSA_PUBKEY_fp; -+ X509_load_cert_crl_file; -+ ASN1_TIME_new; -+ i2d_RSA_PUBKEY; -+ X509_STORE_CTX_purpose_inherit; -+ PEM_read_RSA_PUBKEY; -+ d2i_X509_AUX; -+ i2d_DSA_PUBKEY; -+ X509_CERT_AUX_print; -+ PEM_read_DSA_PUBKEY; -+ i2d_RSA_PUBKEY_bio; -+ ASN1_BIT_STRING_num_asc; -+ i2d_PUBKEY; -+ ASN1_UTCTIME_free; -+ DSA_set_default_method; -+ X509_PURPOSE_get_by_id; -+ ACCESS_DESCRIPTION_free; -+ PEM_read_bio_PUBKEY; -+ ASN1_STRING_set_by_NID; -+ X509_PURPOSE_get_id; -+ DISPLAYTEXT_free; -+ OTHERNAME_new; -+ X509_CERT_AUX_new; -+ X509_TRUST_cleanup; -+ X509_NAME_add_entry_by_OBJ; -+ X509_CRL_get_ext_d2i; -+ X509_PURPOSE_get0_name; -+ PEM_read_PUBKEY; -+ i2d_DSA_PUBKEY_bio; -+ i2d_OTHERNAME; -+ ASN1_OCTET_STRING_free; -+ ASN1_BIT_STRING_set_asc; -+ X509_get_ex_new_index; -+ ASN1_STRING_TABLE_cleanup; -+ X509_TRUST_get_by_id; -+ X509_PURPOSE_get_trust; -+ ASN1_STRING_length; -+ d2i_ASN1_SET_OF_ACCESS_DESCRIPTION; -+ ASN1_PRINTABLESTRING_new; -+ X509V3_get_d2i; -+ ASN1_ENUMERATED_free; -+ i2d_X509_CERT_AUX; -+ X509_STORE_CTX_set_trust; -+ ASN1_STRING_set_default_mask; -+ X509_STORE_CTX_new; -+ EVP_PKEY_get1_RSA; -+ DIRECTORYSTRING_free; -+ PEM_write_X509_AUX; -+ ASN1_OCTET_STRING_set; -+ d2i_DSA_PUBKEY_fp; -+ d2i_RSA_PUBKEY; -+ X509_TRUST_get0_name; -+ X509_TRUST_get0; -+ AUTHORITY_INFO_ACCESS_free; -+ ASN1_IA5STRING_new; -+ d2i_DSA_PUBKEY; -+ X509_check_purpose; -+ ASN1_ENUMERATED_new; -+ d2i_RSA_PUBKEY_bio; -+ d2i_PUBKEY; -+ X509_TRUST_get_trust; -+ X509_TRUST_get_flags; -+ ASN1_BMPSTRING_free; -+ ASN1_T61STRING_new; -+ ASN1_UTCTIME_new; -+ i2d_AUTHORITY_INFO_ACCESS; -+ EVP_PKEY_set1_RSA; -+ X509_STORE_CTX_set_purpose; -+ ASN1_IA5STRING_free; -+ PEM_write_bio_X509_AUX; -+ X509_PURPOSE_get_count; -+ CRYPTO_add_info; -+ X509_NAME_ENTRY_create_by_txt; -+ ASN1_STRING_get_default_mask; -+ X509_alias_get0; -+ ASN1_STRING_data; -+ i2d_ACCESS_DESCRIPTION; -+ X509_trust_set_bit; -+ ASN1_BIT_STRING_free; -+ PEM_read_bio_RSA_PUBKEY; -+ X509_add1_reject_object; -+ X509_check_trust; -+ PEM_read_bio_DSA_PUBKEY; -+ X509_PURPOSE_add; -+ ASN1_STRING_TABLE_get; -+ ASN1_UTF8STRING_free; -+ d2i_DSA_PUBKEY_bio; -+ PEM_write_RSA_PUBKEY; -+ d2i_OTHERNAME; -+ X509_reject_set_bit; -+ PEM_write_DSA_PUBKEY; -+ X509_PURPOSE_get0_sname; -+ EVP_PKEY_set1_DH; -+ ASN1_OCTET_STRING_dup; -+ ASN1_BIT_STRING_set; -+ X509_TRUST_get_count; -+ ASN1_INTEGER_free; -+ OTHERNAME_free; -+ i2d_RSA_PUBKEY_fp; -+ ASN1_INTEGER_dup; -+ d2i_X509_CERT_AUX; -+ PEM_write_bio_PUBKEY; -+ ASN1_VISIBLESTRING_free; -+ X509_PURPOSE_cleanup; -+ ASN1_mbstring_ncopy; -+ ASN1_GENERALIZEDTIME_new; -+ EVP_PKEY_get1_DH; -+ ASN1_OCTET_STRING_new; -+ ASN1_INTEGER_new; -+ i2d_X509_AUX; -+ ASN1_BIT_STRING_name_print; -+ X509_cmp; -+ ASN1_STRING_length_set; -+ DIRECTORYSTRING_new; -+ X509_add1_trust_object; -+ PKCS12_newpass; -+ SMIME_write_PKCS7; -+ SMIME_read_PKCS7; -+ DES_set_key_checked; -+ PKCS7_verify; -+ PKCS7_encrypt; -+ DES_set_key_unchecked; -+ SMIME_crlf_copy; -+ i2d_ASN1_PRINTABLESTRING; -+ PKCS7_get0_signers; -+ PKCS7_decrypt; -+ SMIME_text; -+ PKCS7_simple_smimecap; -+ PKCS7_get_smimecap; -+ PKCS7_sign; -+ PKCS7_add_attrib_smimecap; -+ CRYPTO_dbg_set_options; -+ CRYPTO_remove_all_info; -+ CRYPTO_get_mem_debug_functions; -+ CRYPTO_is_mem_check_on; -+ CRYPTO_set_mem_debug_functions; -+ CRYPTO_pop_info; -+ CRYPTO_push_info_; -+ CRYPTO_set_mem_debug_options; -+ PEM_write_PKCS8PrivateKey_nid; -+ PEM_write_bio_PKCS8PrivateKey_nid; -+ PEM_write_bio_PKCS8PrivKey_nid; -+ d2i_PKCS8PrivateKey_bio; -+ ASN1_NULL_free; -+ d2i_ASN1_NULL; -+ ASN1_NULL_new; -+ i2d_PKCS8PrivateKey_bio; -+ i2d_PKCS8PrivateKey_fp; -+ i2d_ASN1_NULL; -+ i2d_PKCS8PrivateKey_nid_fp; -+ d2i_PKCS8PrivateKey_fp; -+ i2d_PKCS8PrivateKey_nid_bio; -+ i2d_PKCS8PrivateKeyInfo_fp; -+ i2d_PKCS8PrivateKeyInfo_bio; -+ PEM_cb; -+ i2d_PrivateKey_fp; -+ d2i_PrivateKey_bio; -+ d2i_PrivateKey_fp; -+ i2d_PrivateKey_bio; -+ X509_reject_clear; -+ X509_TRUST_set_default; -+ d2i_AutoPrivateKey; -+ X509_ATTRIBUTE_get0_type; -+ X509_ATTRIBUTE_set1_data; -+ X509at_get_attr; -+ X509at_get_attr_count; -+ X509_ATTRIBUTE_create_by_NID; -+ X509_ATTRIBUTE_set1_object; -+ X509_ATTRIBUTE_count; -+ X509_ATTRIBUTE_create_by_OBJ; -+ X509_ATTRIBUTE_get0_object; -+ X509at_get_attr_by_NID; -+ X509at_add1_attr; -+ X509_ATTRIBUTE_get0_data; -+ X509at_delete_attr; -+ X509at_get_attr_by_OBJ; -+ RAND_add; -+ BIO_number_written; -+ BIO_number_read; -+ X509_STORE_CTX_get1_chain; -+ ERR_load_RAND_strings; -+ RAND_pseudo_bytes; -+ X509_REQ_get_attr_by_NID; -+ X509_REQ_get_attr; -+ X509_REQ_add1_attr_by_NID; -+ X509_REQ_get_attr_by_OBJ; -+ X509at_add1_attr_by_NID; -+ X509_REQ_add1_attr_by_OBJ; -+ X509_REQ_get_attr_count; -+ X509_REQ_add1_attr; -+ X509_REQ_delete_attr; -+ X509at_add1_attr_by_OBJ; -+ X509_REQ_add1_attr_by_txt; -+ X509_ATTRIBUTE_create_by_txt; -+ X509at_add1_attr_by_txt; -+ BN_pseudo_rand; -+ BN_is_prime_fasttest; -+ BN_CTX_end; -+ BN_CTX_start; -+ BN_CTX_get; -+ EVP_PKEY2PKCS8_broken; -+ ASN1_STRING_TABLE_add; -+ CRYPTO_dbg_get_options; -+ AUTHORITY_INFO_ACCESS_new; -+ CRYPTO_get_mem_debug_options; -+ DES_crypt; -+ PEM_write_bio_X509_REQ_NEW; -+ PEM_write_X509_REQ_NEW; -+ BIO_callback_ctrl; -+ RAND_egd; -+ RAND_status; -+ bn_dump1; -+ DES_check_key_parity; -+ lh_num_items; -+ RAND_event; -+ DSO_new; -+ DSO_new_method; -+ DSO_free; -+ DSO_flags; -+ DSO_up; -+ DSO_set_default_method; -+ DSO_get_default_method; -+ DSO_get_method; -+ DSO_set_method; -+ DSO_load; -+ DSO_bind_var; -+ DSO_METHOD_null; -+ DSO_METHOD_openssl; -+ DSO_METHOD_dlfcn; -+ DSO_METHOD_win32; -+ ERR_load_DSO_strings; -+ DSO_METHOD_dl; -+ NCONF_load; -+ NCONF_load_fp; -+ NCONF_new; -+ NCONF_get_string; -+ NCONF_free; -+ NCONF_get_number; -+ CONF_dump_fp; -+ NCONF_load_bio; -+ NCONF_dump_fp; -+ NCONF_get_section; -+ NCONF_dump_bio; -+ CONF_dump_bio; -+ NCONF_free_data; -+ CONF_set_default_method; -+ ERR_error_string_n; -+ BIO_snprintf; -+ DSO_ctrl; -+ i2d_ASN1_SET_OF_ASN1_INTEGER; -+ i2d_ASN1_SET_OF_PKCS12_SAFEBAG; -+ i2d_ASN1_SET_OF_PKCS7; -+ BIO_vfree; -+ d2i_ASN1_SET_OF_ASN1_INTEGER; -+ d2i_ASN1_SET_OF_PKCS12_SAFEBAG; -+ ASN1_UTCTIME_get; -+ X509_REQ_digest; -+ X509_CRL_digest; -+ d2i_ASN1_SET_OF_PKCS7; -+ EVP_CIPHER_CTX_set_key_length; -+ EVP_CIPHER_CTX_ctrl; -+ BN_mod_exp_mont_word; -+ RAND_egd_bytes; -+ X509_REQ_get1_email; -+ X509_get1_email; -+ X509_email_free; -+ i2d_RSA_NET; -+ d2i_RSA_NET_2; -+ d2i_RSA_NET; -+ DSO_bind_func; -+ CRYPTO_get_new_dynlockid; -+ sk_new_null; -+ CRYPTO_set_dynlock_destroy_callback; -+ CRYPTO_set_dynlock_destroy_cb; -+ CRYPTO_destroy_dynlockid; -+ CRYPTO_set_dynlock_size; -+ CRYPTO_set_dynlock_create_callback; -+ CRYPTO_set_dynlock_create_cb; -+ CRYPTO_set_dynlock_lock_callback; -+ CRYPTO_set_dynlock_lock_cb; -+ CRYPTO_get_dynlock_lock_callback; -+ CRYPTO_get_dynlock_lock_cb; -+ CRYPTO_get_dynlock_destroy_callback; -+ CRYPTO_get_dynlock_destroy_cb; -+ CRYPTO_get_dynlock_value; -+ CRYPTO_get_dynlock_create_callback; -+ CRYPTO_get_dynlock_create_cb; -+ c2i_ASN1_BIT_STRING; -+ i2c_ASN1_BIT_STRING; -+ RAND_poll; -+ c2i_ASN1_INTEGER; -+ i2c_ASN1_INTEGER; -+ BIO_dump_indent; -+ ASN1_parse_dump; -+ c2i_ASN1_OBJECT; -+ X509_NAME_print_ex_fp; -+ ASN1_STRING_print_ex_fp; -+ X509_NAME_print_ex; -+ ASN1_STRING_print_ex; -+ MD4; -+ MD4_Transform; -+ MD4_Final; -+ MD4_Update; -+ MD4_Init; -+ EVP_md4; -+ i2d_PUBKEY_bio; -+ i2d_PUBKEY_fp; -+ d2i_PUBKEY_bio; -+ ASN1_STRING_to_UTF8; -+ BIO_vprintf; -+ BIO_vsnprintf; -+ d2i_PUBKEY_fp; -+ X509_cmp_time; -+ X509_STORE_CTX_set_time; -+ X509_STORE_CTX_get1_issuer; -+ X509_OBJECT_retrieve_match; -+ X509_OBJECT_idx_by_subject; -+ X509_STORE_CTX_set_flags; -+ X509_STORE_CTX_trusted_stack; -+ X509_time_adj; -+ X509_check_issued; -+ ASN1_UTCTIME_cmp_time_t; -+ DES_set_weak_key_flag; -+ DES_check_key; -+ DES_rw_mode; -+ RSA_PKCS1_RSAref; -+ X509_keyid_set1; -+ BIO_next; -+ DSO_METHOD_vms; -+ BIO_f_linebuffer; -+ BN_bntest_rand; -+ OPENSSL_issetugid; -+ BN_rand_range; -+ ERR_load_ENGINE_strings; -+ ENGINE_set_DSA; -+ ENGINE_get_finish_function; -+ ENGINE_get_default_RSA; -+ ENGINE_get_BN_mod_exp; -+ DSA_get_default_openssl_method; -+ ENGINE_set_DH; -+ ENGINE_set_def_BN_mod_exp_crt; -+ ENGINE_set_default_BN_mod_exp_crt; -+ ENGINE_init; -+ DH_get_default_openssl_method; -+ RSA_set_default_openssl_method; -+ ENGINE_finish; -+ ENGINE_load_public_key; -+ ENGINE_get_DH; -+ ENGINE_ctrl; -+ ENGINE_get_init_function; -+ ENGINE_set_init_function; -+ ENGINE_set_default_DSA; -+ ENGINE_get_name; -+ ENGINE_get_last; -+ ENGINE_get_prev; -+ ENGINE_get_default_DH; -+ ENGINE_get_RSA; -+ ENGINE_set_default; -+ ENGINE_get_RAND; -+ ENGINE_get_first; -+ ENGINE_by_id; -+ ENGINE_set_finish_function; -+ ENGINE_get_def_BN_mod_exp_crt; -+ ENGINE_get_default_BN_mod_exp_crt; -+ RSA_get_default_openssl_method; -+ ENGINE_set_RSA; -+ ENGINE_load_private_key; -+ ENGINE_set_default_RAND; -+ ENGINE_set_BN_mod_exp; -+ ENGINE_remove; -+ ENGINE_free; -+ ENGINE_get_BN_mod_exp_crt; -+ ENGINE_get_next; -+ ENGINE_set_name; -+ ENGINE_get_default_DSA; -+ ENGINE_set_default_BN_mod_exp; -+ ENGINE_set_default_RSA; -+ ENGINE_get_default_RAND; -+ ENGINE_get_default_BN_mod_exp; -+ ENGINE_set_RAND; -+ ENGINE_set_id; -+ ENGINE_set_BN_mod_exp_crt; -+ ENGINE_set_default_DH; -+ ENGINE_new; -+ ENGINE_get_id; -+ DSA_set_default_openssl_method; -+ ENGINE_add; -+ DH_set_default_openssl_method; -+ ENGINE_get_DSA; -+ ENGINE_get_ctrl_function; -+ ENGINE_set_ctrl_function; -+ BN_pseudo_rand_range; -+ X509_STORE_CTX_set_verify_cb; -+ ERR_load_COMP_strings; -+ PKCS12_item_decrypt_d2i; -+ ASN1_UTF8STRING_it; -+ ASN1_UTF8STRING_it; -+ ENGINE_unregister_ciphers; -+ ENGINE_get_ciphers; -+ d2i_OCSP_BASICRESP; -+ KRB5_CHECKSUM_it; -+ KRB5_CHECKSUM_it; -+ EC_POINT_add; -+ ASN1_item_ex_i2d; -+ OCSP_CERTID_it; -+ OCSP_CERTID_it; -+ d2i_OCSP_RESPBYTES; -+ X509V3_add1_i2d; -+ PKCS7_ENVELOPE_it; -+ PKCS7_ENVELOPE_it; -+ UI_add_input_boolean; -+ ENGINE_unregister_RSA; -+ X509V3_EXT_nconf; -+ ASN1_GENERALSTRING_free; -+ d2i_OCSP_CERTSTATUS; -+ X509_REVOKED_set_serialNumber; -+ X509_print_ex; -+ OCSP_ONEREQ_get1_ext_d2i; -+ ENGINE_register_all_RAND; -+ ENGINE_load_dynamic; -+ PBKDF2PARAM_it; -+ PBKDF2PARAM_it; -+ EXTENDED_KEY_USAGE_new; -+ EC_GROUP_clear_free; -+ OCSP_sendreq_bio; -+ ASN1_item_digest; -+ OCSP_BASICRESP_delete_ext; -+ OCSP_SIGNATURE_it; -+ OCSP_SIGNATURE_it; -+ X509_CRL_it; -+ X509_CRL_it; -+ OCSP_BASICRESP_add_ext; -+ KRB5_ENCKEY_it; -+ KRB5_ENCKEY_it; -+ UI_method_set_closer; -+ X509_STORE_set_purpose; -+ i2d_ASN1_GENERALSTRING; -+ OCSP_response_status; -+ i2d_OCSP_SERVICELOC; -+ ENGINE_get_digest_engine; -+ EC_GROUP_set_curve_GFp; -+ OCSP_REQUEST_get_ext_by_OBJ; -+ _ossl_old_des_random_key; -+ ASN1_T61STRING_it; -+ ASN1_T61STRING_it; -+ EC_GROUP_method_of; -+ i2d_KRB5_APREQ; -+ _ossl_old_des_encrypt; -+ ASN1_PRINTABLE_new; -+ HMAC_Init_ex; -+ d2i_KRB5_AUTHENT; -+ OCSP_archive_cutoff_new; -+ EC_POINT_set_Jprojective_coordinates_GFp; -+ EC_POINT_set_Jproj_coords_GFp; -+ _ossl_old_des_is_weak_key; -+ OCSP_BASICRESP_get_ext_by_OBJ; -+ EC_POINT_oct2point; -+ OCSP_SINGLERESP_get_ext_count; -+ UI_ctrl; -+ _shadow_DES_rw_mode; -+ _shadow_DES_rw_mode; -+ asn1_do_adb; -+ ASN1_template_i2d; -+ ENGINE_register_DH; -+ UI_construct_prompt; -+ X509_STORE_set_trust; -+ UI_dup_input_string; -+ d2i_KRB5_APREQ; -+ EVP_MD_CTX_copy_ex; -+ OCSP_request_is_signed; -+ i2d_OCSP_REQINFO; -+ KRB5_ENCKEY_free; -+ OCSP_resp_get0; -+ GENERAL_NAME_it; -+ GENERAL_NAME_it; -+ ASN1_GENERALIZEDTIME_it; -+ ASN1_GENERALIZEDTIME_it; -+ X509_STORE_set_flags; -+ EC_POINT_set_compressed_coordinates_GFp; -+ EC_POINT_set_compr_coords_GFp; -+ OCSP_response_status_str; -+ d2i_OCSP_REVOKEDINFO; -+ OCSP_basic_add1_cert; -+ ERR_get_implementation; -+ EVP_CipherFinal_ex; -+ OCSP_CERTSTATUS_new; -+ CRYPTO_cleanup_all_ex_data; -+ OCSP_resp_find; -+ BN_nnmod; -+ X509_CRL_sort; -+ X509_REVOKED_set_revocationDate; -+ ENGINE_register_RAND; -+ OCSP_SERVICELOC_new; -+ EC_POINT_set_affine_coordinates_GFp; -+ EC_POINT_set_affine_coords_GFp; -+ _ossl_old_des_options; -+ SXNET_it; -+ SXNET_it; -+ UI_dup_input_boolean; -+ PKCS12_add_CSPName_asc; -+ EC_POINT_is_at_infinity; -+ ENGINE_load_cryptodev; -+ DSO_convert_filename; -+ POLICYQUALINFO_it; -+ POLICYQUALINFO_it; -+ ENGINE_register_ciphers; -+ BN_mod_lshift_quick; -+ DSO_set_filename; -+ ASN1_item_free; -+ KRB5_TKTBODY_free; -+ AUTHORITY_KEYID_it; -+ AUTHORITY_KEYID_it; -+ KRB5_APREQBODY_new; -+ X509V3_EXT_REQ_add_nconf; -+ ENGINE_ctrl_cmd_string; -+ i2d_OCSP_RESPDATA; -+ EVP_MD_CTX_init; -+ EXTENDED_KEY_USAGE_free; -+ PKCS7_ATTR_SIGN_it; -+ PKCS7_ATTR_SIGN_it; -+ UI_add_error_string; -+ KRB5_CHECKSUM_free; -+ OCSP_REQUEST_get_ext; -+ ENGINE_load_ubsec; -+ ENGINE_register_all_digests; -+ PKEY_USAGE_PERIOD_it; -+ PKEY_USAGE_PERIOD_it; -+ PKCS12_unpack_authsafes; -+ ASN1_item_unpack; -+ NETSCAPE_SPKAC_it; -+ NETSCAPE_SPKAC_it; -+ X509_REVOKED_it; -+ X509_REVOKED_it; -+ ASN1_STRING_encode; -+ EVP_aes_128_ecb; -+ KRB5_AUTHENT_free; -+ OCSP_BASICRESP_get_ext_by_critical; -+ OCSP_BASICRESP_get_ext_by_crit; -+ OCSP_cert_status_str; -+ d2i_OCSP_REQUEST; -+ UI_dup_info_string; -+ _ossl_old_des_xwhite_in2out; -+ PKCS12_it; -+ PKCS12_it; -+ OCSP_SINGLERESP_get_ext_by_critical; -+ OCSP_SINGLERESP_get_ext_by_crit; -+ OCSP_CERTSTATUS_free; -+ _ossl_old_des_crypt; -+ ASN1_item_i2d; -+ EVP_DecryptFinal_ex; -+ ENGINE_load_openssl; -+ ENGINE_get_cmd_defns; -+ ENGINE_set_load_privkey_function; -+ ENGINE_set_load_privkey_fn; -+ EVP_EncryptFinal_ex; -+ ENGINE_set_default_digests; -+ X509_get0_pubkey_bitstr; -+ asn1_ex_i2c; -+ ENGINE_register_RSA; -+ ENGINE_unregister_DSA; -+ _ossl_old_des_key_sched; -+ X509_EXTENSION_it; -+ X509_EXTENSION_it; -+ i2d_KRB5_AUTHENT; -+ SXNETID_it; -+ SXNETID_it; -+ d2i_OCSP_SINGLERESP; -+ EDIPARTYNAME_new; -+ PKCS12_certbag2x509; -+ _ossl_old_des_ofb64_encrypt; -+ d2i_EXTENDED_KEY_USAGE; -+ ERR_print_errors_cb; -+ ENGINE_set_ciphers; -+ d2i_KRB5_APREQBODY; -+ UI_method_get_flusher; -+ X509_PUBKEY_it; -+ X509_PUBKEY_it; -+ _ossl_old_des_enc_read; -+ PKCS7_ENCRYPT_it; -+ PKCS7_ENCRYPT_it; -+ i2d_OCSP_RESPONSE; -+ EC_GROUP_get_cofactor; -+ PKCS12_unpack_p7data; -+ d2i_KRB5_AUTHDATA; -+ OCSP_copy_nonce; -+ KRB5_AUTHDATA_new; -+ OCSP_RESPDATA_new; -+ EC_GFp_mont_method; -+ OCSP_REVOKEDINFO_free; -+ UI_get_ex_data; -+ KRB5_APREQBODY_free; -+ EC_GROUP_get0_generator; -+ UI_get_default_method; -+ X509V3_set_nconf; -+ PKCS12_item_i2d_encrypt; -+ X509_add1_ext_i2d; -+ PKCS7_SIGNER_INFO_it; -+ PKCS7_SIGNER_INFO_it; -+ KRB5_PRINCNAME_new; -+ PKCS12_SAFEBAG_it; -+ PKCS12_SAFEBAG_it; -+ EC_GROUP_get_order; -+ d2i_OCSP_RESPID; -+ OCSP_request_verify; -+ NCONF_get_number_e; -+ _ossl_old_des_decrypt3; -+ X509_signature_print; -+ OCSP_SINGLERESP_free; -+ ENGINE_load_builtin_engines; -+ i2d_OCSP_ONEREQ; -+ OCSP_REQUEST_add_ext; -+ OCSP_RESPBYTES_new; -+ EVP_MD_CTX_create; -+ OCSP_resp_find_status; -+ X509_ALGOR_it; -+ X509_ALGOR_it; -+ ASN1_TIME_it; -+ ASN1_TIME_it; -+ OCSP_request_set1_name; -+ OCSP_ONEREQ_get_ext_count; -+ UI_get0_result; -+ PKCS12_AUTHSAFES_it; -+ PKCS12_AUTHSAFES_it; -+ EVP_aes_256_ecb; -+ PKCS12_pack_authsafes; -+ ASN1_IA5STRING_it; -+ ASN1_IA5STRING_it; -+ UI_get_input_flags; -+ EC_GROUP_set_generator; -+ _ossl_old_des_string_to_2keys; -+ OCSP_CERTID_free; -+ X509_CERT_AUX_it; -+ X509_CERT_AUX_it; -+ CERTIFICATEPOLICIES_it; -+ CERTIFICATEPOLICIES_it; -+ _ossl_old_des_ede3_cbc_encrypt; -+ RAND_set_rand_engine; -+ DSO_get_loaded_filename; -+ X509_ATTRIBUTE_it; -+ X509_ATTRIBUTE_it; -+ OCSP_ONEREQ_get_ext_by_NID; -+ PKCS12_decrypt_skey; -+ KRB5_AUTHENT_it; -+ KRB5_AUTHENT_it; -+ UI_dup_error_string; -+ RSAPublicKey_it; -+ RSAPublicKey_it; -+ i2d_OCSP_REQUEST; -+ PKCS12_x509crl2certbag; -+ OCSP_SERVICELOC_it; -+ OCSP_SERVICELOC_it; -+ ASN1_item_sign; -+ X509_CRL_set_issuer_name; -+ OBJ_NAME_do_all_sorted; -+ i2d_OCSP_BASICRESP; -+ i2d_OCSP_RESPBYTES; -+ PKCS12_unpack_p7encdata; -+ HMAC_CTX_init; -+ ENGINE_get_digest; -+ OCSP_RESPONSE_print; -+ KRB5_TKTBODY_it; -+ KRB5_TKTBODY_it; -+ ACCESS_DESCRIPTION_it; -+ ACCESS_DESCRIPTION_it; -+ PKCS7_ISSUER_AND_SERIAL_it; -+ PKCS7_ISSUER_AND_SERIAL_it; -+ PBE2PARAM_it; -+ PBE2PARAM_it; -+ PKCS12_certbag2x509crl; -+ PKCS7_SIGNED_it; -+ PKCS7_SIGNED_it; -+ ENGINE_get_cipher; -+ i2d_OCSP_CRLID; -+ OCSP_SINGLERESP_new; -+ ENGINE_cmd_is_executable; -+ RSA_up_ref; -+ ASN1_GENERALSTRING_it; -+ ASN1_GENERALSTRING_it; -+ ENGINE_register_DSA; -+ X509V3_EXT_add_nconf_sk; -+ ENGINE_set_load_pubkey_function; -+ PKCS8_decrypt; -+ PEM_bytes_read_bio; -+ DIRECTORYSTRING_it; -+ DIRECTORYSTRING_it; -+ d2i_OCSP_CRLID; -+ EC_POINT_is_on_curve; -+ CRYPTO_set_locked_mem_ex_functions; -+ CRYPTO_set_locked_mem_ex_funcs; -+ d2i_KRB5_CHECKSUM; -+ ASN1_item_dup; -+ X509_it; -+ X509_it; -+ BN_mod_add; -+ KRB5_AUTHDATA_free; -+ _ossl_old_des_cbc_cksum; -+ ASN1_item_verify; -+ CRYPTO_set_mem_ex_functions; -+ EC_POINT_get_Jprojective_coordinates_GFp; -+ EC_POINT_get_Jproj_coords_GFp; -+ ZLONG_it; -+ ZLONG_it; -+ CRYPTO_get_locked_mem_ex_functions; -+ CRYPTO_get_locked_mem_ex_funcs; -+ ASN1_TIME_check; -+ UI_get0_user_data; -+ HMAC_CTX_cleanup; -+ DSA_up_ref; -+ _ossl_old_des_ede3_cfb64_encrypt; -+ _ossl_odes_ede3_cfb64_encrypt; -+ ASN1_BMPSTRING_it; -+ ASN1_BMPSTRING_it; -+ ASN1_tag2bit; -+ UI_method_set_flusher; -+ X509_ocspid_print; -+ KRB5_ENCDATA_it; -+ KRB5_ENCDATA_it; -+ ENGINE_get_load_pubkey_function; -+ UI_add_user_data; -+ OCSP_REQUEST_delete_ext; -+ UI_get_method; -+ OCSP_ONEREQ_free; -+ ASN1_PRINTABLESTRING_it; -+ ASN1_PRINTABLESTRING_it; -+ X509_CRL_set_nextUpdate; -+ OCSP_REQUEST_it; -+ OCSP_REQUEST_it; -+ OCSP_BASICRESP_it; -+ OCSP_BASICRESP_it; -+ AES_ecb_encrypt; -+ BN_mod_sqr; -+ NETSCAPE_CERT_SEQUENCE_it; -+ NETSCAPE_CERT_SEQUENCE_it; -+ GENERAL_NAMES_it; -+ GENERAL_NAMES_it; -+ AUTHORITY_INFO_ACCESS_it; -+ AUTHORITY_INFO_ACCESS_it; -+ ASN1_FBOOLEAN_it; -+ ASN1_FBOOLEAN_it; -+ UI_set_ex_data; -+ _ossl_old_des_string_to_key; -+ ENGINE_register_all_RSA; -+ d2i_KRB5_PRINCNAME; -+ OCSP_RESPBYTES_it; -+ OCSP_RESPBYTES_it; -+ X509_CINF_it; -+ X509_CINF_it; -+ ENGINE_unregister_digests; -+ d2i_EDIPARTYNAME; -+ d2i_OCSP_SERVICELOC; -+ ENGINE_get_digests; -+ _ossl_old_des_set_odd_parity; -+ OCSP_RESPDATA_free; -+ d2i_KRB5_TICKET; -+ OTHERNAME_it; -+ OTHERNAME_it; -+ EVP_MD_CTX_cleanup; -+ d2i_ASN1_GENERALSTRING; -+ X509_CRL_set_version; -+ BN_mod_sub; -+ OCSP_SINGLERESP_get_ext_by_NID; -+ ENGINE_get_ex_new_index; -+ OCSP_REQUEST_free; -+ OCSP_REQUEST_add1_ext_i2d; -+ X509_VAL_it; -+ X509_VAL_it; -+ EC_POINTs_make_affine; -+ EC_POINT_mul; -+ X509V3_EXT_add_nconf; -+ X509_TRUST_set; -+ X509_CRL_add1_ext_i2d; -+ _ossl_old_des_fcrypt; -+ DISPLAYTEXT_it; -+ DISPLAYTEXT_it; -+ X509_CRL_set_lastUpdate; -+ OCSP_BASICRESP_free; -+ OCSP_BASICRESP_add1_ext_i2d; -+ d2i_KRB5_AUTHENTBODY; -+ CRYPTO_set_ex_data_implementation; -+ CRYPTO_set_ex_data_impl; -+ KRB5_ENCDATA_new; -+ DSO_up_ref; -+ OCSP_crl_reason_str; -+ UI_get0_result_string; -+ ASN1_GENERALSTRING_new; -+ X509_SIG_it; -+ X509_SIG_it; -+ ERR_set_implementation; -+ ERR_load_EC_strings; -+ UI_get0_action_string; -+ OCSP_ONEREQ_get_ext; -+ EC_POINT_method_of; -+ i2d_KRB5_APREQBODY; -+ _ossl_old_des_ecb3_encrypt; -+ CRYPTO_get_mem_ex_functions; -+ ENGINE_get_ex_data; -+ UI_destroy_method; -+ ASN1_item_i2d_bio; -+ OCSP_ONEREQ_get_ext_by_OBJ; -+ ASN1_primitive_new; -+ ASN1_PRINTABLE_it; -+ ASN1_PRINTABLE_it; -+ EVP_aes_192_ecb; -+ OCSP_SIGNATURE_new; -+ LONG_it; -+ LONG_it; -+ ASN1_VISIBLESTRING_it; -+ ASN1_VISIBLESTRING_it; -+ OCSP_SINGLERESP_add1_ext_i2d; -+ d2i_OCSP_CERTID; -+ ASN1_item_d2i_fp; -+ CRL_DIST_POINTS_it; -+ CRL_DIST_POINTS_it; -+ GENERAL_NAME_print; -+ OCSP_SINGLERESP_delete_ext; -+ PKCS12_SAFEBAGS_it; -+ PKCS12_SAFEBAGS_it; -+ d2i_OCSP_SIGNATURE; -+ OCSP_request_add1_nonce; -+ ENGINE_set_cmd_defns; -+ OCSP_SERVICELOC_free; -+ EC_GROUP_free; -+ ASN1_BIT_STRING_it; -+ ASN1_BIT_STRING_it; -+ X509_REQ_it; -+ X509_REQ_it; -+ _ossl_old_des_cbc_encrypt; -+ ERR_unload_strings; -+ PKCS7_SIGN_ENVELOPE_it; -+ PKCS7_SIGN_ENVELOPE_it; -+ EDIPARTYNAME_free; -+ OCSP_REQINFO_free; -+ EC_GROUP_new_curve_GFp; -+ OCSP_REQUEST_get1_ext_d2i; -+ PKCS12_item_pack_safebag; -+ asn1_ex_c2i; -+ ENGINE_register_digests; -+ i2d_OCSP_REVOKEDINFO; -+ asn1_enc_restore; -+ UI_free; -+ UI_new_method; -+ EVP_EncryptInit_ex; -+ X509_pubkey_digest; -+ EC_POINT_invert; -+ OCSP_basic_sign; -+ i2d_OCSP_RESPID; -+ OCSP_check_nonce; -+ ENGINE_ctrl_cmd; -+ d2i_KRB5_ENCKEY; -+ OCSP_parse_url; -+ OCSP_SINGLERESP_get_ext; -+ OCSP_CRLID_free; -+ OCSP_BASICRESP_get1_ext_d2i; -+ RSAPrivateKey_it; -+ RSAPrivateKey_it; -+ ENGINE_register_all_DH; -+ i2d_EDIPARTYNAME; -+ EC_POINT_get_affine_coordinates_GFp; -+ EC_POINT_get_affine_coords_GFp; -+ OCSP_CRLID_new; -+ ENGINE_get_flags; -+ OCSP_ONEREQ_it; -+ OCSP_ONEREQ_it; -+ UI_process; -+ ASN1_INTEGER_it; -+ ASN1_INTEGER_it; -+ EVP_CipherInit_ex; -+ UI_get_string_type; -+ ENGINE_unregister_DH; -+ ENGINE_register_all_DSA; -+ OCSP_ONEREQ_get_ext_by_critical; -+ bn_dup_expand; -+ OCSP_cert_id_new; -+ BASIC_CONSTRAINTS_it; -+ BASIC_CONSTRAINTS_it; -+ BN_mod_add_quick; -+ EC_POINT_new; -+ EVP_MD_CTX_destroy; -+ OCSP_RESPBYTES_free; -+ EVP_aes_128_cbc; -+ OCSP_SINGLERESP_get1_ext_d2i; -+ EC_POINT_free; -+ DH_up_ref; -+ X509_NAME_ENTRY_it; -+ X509_NAME_ENTRY_it; -+ UI_get_ex_new_index; -+ BN_mod_sub_quick; -+ OCSP_ONEREQ_add_ext; -+ OCSP_request_sign; -+ EVP_DigestFinal_ex; -+ ENGINE_set_digests; -+ OCSP_id_issuer_cmp; -+ OBJ_NAME_do_all; -+ EC_POINTs_mul; -+ ENGINE_register_complete; -+ X509V3_EXT_nconf_nid; -+ ASN1_SEQUENCE_it; -+ ASN1_SEQUENCE_it; -+ UI_set_default_method; -+ RAND_query_egd_bytes; -+ UI_method_get_writer; -+ UI_OpenSSL; -+ PEM_def_callback; -+ ENGINE_cleanup; -+ DIST_POINT_it; -+ DIST_POINT_it; -+ OCSP_SINGLERESP_it; -+ OCSP_SINGLERESP_it; -+ d2i_KRB5_TKTBODY; -+ EC_POINT_cmp; -+ OCSP_REVOKEDINFO_new; -+ i2d_OCSP_CERTSTATUS; -+ OCSP_basic_add1_nonce; -+ ASN1_item_ex_d2i; -+ BN_mod_lshift1_quick; -+ UI_set_method; -+ OCSP_id_get0_info; -+ BN_mod_sqrt; -+ EC_GROUP_copy; -+ KRB5_ENCDATA_free; -+ _ossl_old_des_cfb_encrypt; -+ OCSP_SINGLERESP_get_ext_by_OBJ; -+ OCSP_cert_to_id; -+ OCSP_RESPID_new; -+ OCSP_RESPDATA_it; -+ OCSP_RESPDATA_it; -+ d2i_OCSP_RESPDATA; -+ ENGINE_register_all_complete; -+ OCSP_check_validity; -+ PKCS12_BAGS_it; -+ PKCS12_BAGS_it; -+ OCSP_url_svcloc_new; -+ ASN1_template_free; -+ OCSP_SINGLERESP_add_ext; -+ KRB5_AUTHENTBODY_it; -+ KRB5_AUTHENTBODY_it; -+ X509_supported_extension; -+ i2d_KRB5_AUTHDATA; -+ UI_method_get_opener; -+ ENGINE_set_ex_data; -+ OCSP_REQUEST_print; -+ CBIGNUM_it; -+ CBIGNUM_it; -+ KRB5_TICKET_new; -+ KRB5_APREQ_new; -+ EC_GROUP_get_curve_GFp; -+ KRB5_ENCKEY_new; -+ ASN1_template_d2i; -+ _ossl_old_des_quad_cksum; -+ OCSP_single_get0_status; -+ BN_swap; -+ POLICYINFO_it; -+ POLICYINFO_it; -+ ENGINE_set_destroy_function; -+ asn1_enc_free; -+ OCSP_RESPID_it; -+ OCSP_RESPID_it; -+ EC_GROUP_new; -+ EVP_aes_256_cbc; -+ i2d_KRB5_PRINCNAME; -+ _ossl_old_des_encrypt2; -+ _ossl_old_des_encrypt3; -+ PKCS8_PRIV_KEY_INFO_it; -+ PKCS8_PRIV_KEY_INFO_it; -+ OCSP_REQINFO_it; -+ OCSP_REQINFO_it; -+ PBEPARAM_it; -+ PBEPARAM_it; -+ KRB5_AUTHENTBODY_new; -+ X509_CRL_add0_revoked; -+ EDIPARTYNAME_it; -+ EDIPARTYNAME_it; -+ NETSCAPE_SPKI_it; -+ NETSCAPE_SPKI_it; -+ UI_get0_test_string; -+ ENGINE_get_cipher_engine; -+ ENGINE_register_all_ciphers; -+ EC_POINT_copy; -+ BN_kronecker; -+ _ossl_old_des_ede3_ofb64_encrypt; -+ _ossl_odes_ede3_ofb64_encrypt; -+ UI_method_get_reader; -+ OCSP_BASICRESP_get_ext_count; -+ ASN1_ENUMERATED_it; -+ ASN1_ENUMERATED_it; -+ UI_set_result; -+ i2d_KRB5_TICKET; -+ X509_print_ex_fp; -+ EVP_CIPHER_CTX_set_padding; -+ d2i_OCSP_RESPONSE; -+ ASN1_UTCTIME_it; -+ ASN1_UTCTIME_it; -+ _ossl_old_des_enc_write; -+ OCSP_RESPONSE_new; -+ AES_set_encrypt_key; -+ OCSP_resp_count; -+ KRB5_CHECKSUM_new; -+ ENGINE_load_cswift; -+ OCSP_onereq_get0_id; -+ ENGINE_set_default_ciphers; -+ NOTICEREF_it; -+ NOTICEREF_it; -+ X509V3_EXT_CRL_add_nconf; -+ OCSP_REVOKEDINFO_it; -+ OCSP_REVOKEDINFO_it; -+ AES_encrypt; -+ OCSP_REQUEST_new; -+ ASN1_ANY_it; -+ ASN1_ANY_it; -+ CRYPTO_ex_data_new_class; -+ _ossl_old_des_ncbc_encrypt; -+ i2d_KRB5_TKTBODY; -+ EC_POINT_clear_free; -+ AES_decrypt; -+ asn1_enc_init; -+ UI_get_result_maxsize; -+ OCSP_CERTID_new; -+ ENGINE_unregister_RAND; -+ UI_method_get_closer; -+ d2i_KRB5_ENCDATA; -+ OCSP_request_onereq_count; -+ OCSP_basic_verify; -+ KRB5_AUTHENTBODY_free; -+ ASN1_item_d2i; -+ ASN1_primitive_free; -+ i2d_EXTENDED_KEY_USAGE; -+ i2d_OCSP_SIGNATURE; -+ asn1_enc_save; -+ ENGINE_load_nuron; -+ _ossl_old_des_pcbc_encrypt; -+ PKCS12_MAC_DATA_it; -+ PKCS12_MAC_DATA_it; -+ OCSP_accept_responses_new; -+ asn1_do_lock; -+ PKCS7_ATTR_VERIFY_it; -+ PKCS7_ATTR_VERIFY_it; -+ KRB5_APREQBODY_it; -+ KRB5_APREQBODY_it; -+ i2d_OCSP_SINGLERESP; -+ ASN1_item_ex_new; -+ UI_add_verify_string; -+ _ossl_old_des_set_key; -+ KRB5_PRINCNAME_it; -+ KRB5_PRINCNAME_it; -+ EVP_DecryptInit_ex; -+ i2d_OCSP_CERTID; -+ ASN1_item_d2i_bio; -+ EC_POINT_dbl; -+ asn1_get_choice_selector; -+ i2d_KRB5_CHECKSUM; -+ ENGINE_set_table_flags; -+ AES_options; -+ ENGINE_load_chil; -+ OCSP_id_cmp; -+ OCSP_BASICRESP_new; -+ OCSP_REQUEST_get_ext_by_NID; -+ KRB5_APREQ_it; -+ KRB5_APREQ_it; -+ ENGINE_get_destroy_function; -+ CONF_set_nconf; -+ ASN1_PRINTABLE_free; -+ OCSP_BASICRESP_get_ext_by_NID; -+ DIST_POINT_NAME_it; -+ DIST_POINT_NAME_it; -+ X509V3_extensions_print; -+ _ossl_old_des_cfb64_encrypt; -+ X509_REVOKED_add1_ext_i2d; -+ _ossl_old_des_ofb_encrypt; -+ KRB5_TKTBODY_new; -+ ASN1_OCTET_STRING_it; -+ ASN1_OCTET_STRING_it; -+ ERR_load_UI_strings; -+ i2d_KRB5_ENCKEY; -+ ASN1_template_new; -+ OCSP_SIGNATURE_free; -+ ASN1_item_i2d_fp; -+ KRB5_PRINCNAME_free; -+ PKCS7_RECIP_INFO_it; -+ PKCS7_RECIP_INFO_it; -+ EXTENDED_KEY_USAGE_it; -+ EXTENDED_KEY_USAGE_it; -+ EC_GFp_simple_method; -+ EC_GROUP_precompute_mult; -+ OCSP_request_onereq_get0; -+ UI_method_set_writer; -+ KRB5_AUTHENT_new; -+ X509_CRL_INFO_it; -+ X509_CRL_INFO_it; -+ DSO_set_name_converter; -+ AES_set_decrypt_key; -+ PKCS7_DIGEST_it; -+ PKCS7_DIGEST_it; -+ PKCS12_x5092certbag; -+ EVP_DigestInit_ex; -+ i2a_ACCESS_DESCRIPTION; -+ OCSP_RESPONSE_it; -+ OCSP_RESPONSE_it; -+ PKCS7_ENC_CONTENT_it; -+ PKCS7_ENC_CONTENT_it; -+ OCSP_request_add0_id; -+ EC_POINT_make_affine; -+ DSO_get_filename; -+ OCSP_CERTSTATUS_it; -+ OCSP_CERTSTATUS_it; -+ OCSP_request_add1_cert; -+ UI_get0_output_string; -+ UI_dup_verify_string; -+ BN_mod_lshift; -+ KRB5_AUTHDATA_it; -+ KRB5_AUTHDATA_it; -+ asn1_set_choice_selector; -+ OCSP_basic_add1_status; -+ OCSP_RESPID_free; -+ asn1_get_field_ptr; -+ UI_add_input_string; -+ OCSP_CRLID_it; -+ OCSP_CRLID_it; -+ i2d_KRB5_AUTHENTBODY; -+ OCSP_REQUEST_get_ext_count; -+ ENGINE_load_atalla; -+ X509_NAME_it; -+ X509_NAME_it; -+ USERNOTICE_it; -+ USERNOTICE_it; -+ OCSP_REQINFO_new; -+ OCSP_BASICRESP_get_ext; -+ CRYPTO_get_ex_data_implementation; -+ CRYPTO_get_ex_data_impl; -+ ASN1_item_pack; -+ i2d_KRB5_ENCDATA; -+ X509_PURPOSE_set; -+ X509_REQ_INFO_it; -+ X509_REQ_INFO_it; -+ UI_method_set_opener; -+ ASN1_item_ex_free; -+ ASN1_BOOLEAN_it; -+ ASN1_BOOLEAN_it; -+ ENGINE_get_table_flags; -+ UI_create_method; -+ OCSP_ONEREQ_add1_ext_i2d; -+ _shadow_DES_check_key; -+ _shadow_DES_check_key; -+ d2i_OCSP_REQINFO; -+ UI_add_info_string; -+ UI_get_result_minsize; -+ ASN1_NULL_it; -+ ASN1_NULL_it; -+ BN_mod_lshift1; -+ d2i_OCSP_ONEREQ; -+ OCSP_ONEREQ_new; -+ KRB5_TICKET_it; -+ KRB5_TICKET_it; -+ EVP_aes_192_cbc; -+ KRB5_TICKET_free; -+ UI_new; -+ OCSP_response_create; -+ _ossl_old_des_xcbc_encrypt; -+ PKCS7_it; -+ PKCS7_it; -+ OCSP_REQUEST_get_ext_by_critical; -+ OCSP_REQUEST_get_ext_by_crit; -+ ENGINE_set_flags; -+ _ossl_old_des_ecb_encrypt; -+ OCSP_response_get1_basic; -+ EVP_Digest; -+ OCSP_ONEREQ_delete_ext; -+ ASN1_TBOOLEAN_it; -+ ASN1_TBOOLEAN_it; -+ ASN1_item_new; -+ ASN1_TIME_to_generalizedtime; -+ BIGNUM_it; -+ BIGNUM_it; -+ AES_cbc_encrypt; -+ ENGINE_get_load_privkey_function; -+ ENGINE_get_load_privkey_fn; -+ OCSP_RESPONSE_free; -+ UI_method_set_reader; -+ i2d_ASN1_T61STRING; -+ EC_POINT_set_to_infinity; -+ ERR_load_OCSP_strings; -+ EC_POINT_point2oct; -+ KRB5_APREQ_free; -+ ASN1_OBJECT_it; -+ ASN1_OBJECT_it; -+ OCSP_crlID_new; -+ OCSP_crlID2_new; -+ CONF_modules_load_file; -+ CONF_imodule_set_usr_data; -+ ENGINE_set_default_string; -+ CONF_module_get_usr_data; -+ ASN1_add_oid_module; -+ CONF_modules_finish; -+ OPENSSL_config; -+ CONF_modules_unload; -+ CONF_imodule_get_value; -+ CONF_module_set_usr_data; -+ CONF_parse_list; -+ CONF_module_add; -+ CONF_get1_default_config_file; -+ CONF_imodule_get_flags; -+ CONF_imodule_get_module; -+ CONF_modules_load; -+ CONF_imodule_get_name; -+ ERR_peek_top_error; -+ CONF_imodule_get_usr_data; -+ CONF_imodule_set_flags; -+ ENGINE_add_conf_module; -+ ERR_peek_last_error_line; -+ ERR_peek_last_error_line_data; -+ ERR_peek_last_error; -+ DES_read_2passwords; -+ DES_read_password; -+ UI_UTIL_read_pw; -+ UI_UTIL_read_pw_string; -+ ENGINE_load_aep; -+ ENGINE_load_sureware; -+ OPENSSL_add_all_algorithms_noconf; -+ OPENSSL_add_all_algo_noconf; -+ OPENSSL_add_all_algorithms_conf; -+ OPENSSL_add_all_algo_conf; -+ OPENSSL_load_builtin_modules; -+ AES_ofb128_encrypt; -+ AES_ctr128_encrypt; -+ AES_cfb128_encrypt; -+ ENGINE_load_4758cca; -+ _ossl_096_des_random_seed; -+ EVP_aes_256_ofb; -+ EVP_aes_192_ofb; -+ EVP_aes_128_cfb128; -+ EVP_aes_256_cfb128; -+ EVP_aes_128_ofb; -+ EVP_aes_192_cfb128; -+ CONF_modules_free; -+ NCONF_default; -+ OPENSSL_no_config; -+ NCONF_WIN32; -+ ASN1_UNIVERSALSTRING_new; -+ EVP_des_ede_ecb; -+ i2d_ASN1_UNIVERSALSTRING; -+ ASN1_UNIVERSALSTRING_free; -+ ASN1_UNIVERSALSTRING_it; -+ ASN1_UNIVERSALSTRING_it; -+ d2i_ASN1_UNIVERSALSTRING; -+ EVP_des_ede3_ecb; -+ X509_REQ_print_ex; -+ ENGINE_up_ref; -+ BUF_MEM_grow_clean; -+ CRYPTO_realloc_clean; -+ BUF_strlcat; -+ BIO_indent; -+ BUF_strlcpy; -+ OpenSSLDie; -+ OPENSSL_cleanse; -+ ENGINE_setup_bsd_cryptodev; -+ ERR_release_err_state_table; -+ EVP_aes_128_cfb8; -+ FIPS_corrupt_rsa; -+ FIPS_selftest_des; -+ EVP_aes_128_cfb1; -+ EVP_aes_192_cfb8; -+ FIPS_mode_set; -+ FIPS_selftest_dsa; -+ EVP_aes_256_cfb8; -+ FIPS_allow_md5; -+ DES_ede3_cfb_encrypt; -+ EVP_des_ede3_cfb8; -+ FIPS_rand_seeded; -+ AES_cfbr_encrypt_block; -+ AES_cfb8_encrypt; -+ FIPS_rand_seed; -+ FIPS_corrupt_des; -+ EVP_aes_192_cfb1; -+ FIPS_selftest_aes; -+ FIPS_set_prng_key; -+ EVP_des_cfb8; -+ FIPS_corrupt_dsa; -+ FIPS_test_mode; -+ FIPS_rand_method; -+ EVP_aes_256_cfb1; -+ ERR_load_FIPS_strings; -+ FIPS_corrupt_aes; -+ FIPS_selftest_sha1; -+ FIPS_selftest_rsa; -+ FIPS_corrupt_sha1; -+ EVP_des_cfb1; -+ FIPS_dsa_check; -+ AES_cfb1_encrypt; -+ EVP_des_ede3_cfb1; -+ FIPS_rand_check; -+ FIPS_md5_allowed; -+ FIPS_mode; -+ FIPS_selftest_failed; -+ sk_is_sorted; -+ X509_check_ca; -+ HMAC_CTX_set_flags; -+ d2i_PROXY_CERT_INFO_EXTENSION; -+ PROXY_POLICY_it; -+ PROXY_POLICY_it; -+ i2d_PROXY_POLICY; -+ i2d_PROXY_CERT_INFO_EXTENSION; -+ d2i_PROXY_POLICY; -+ PROXY_CERT_INFO_EXTENSION_new; -+ PROXY_CERT_INFO_EXTENSION_free; -+ PROXY_CERT_INFO_EXTENSION_it; -+ PROXY_CERT_INFO_EXTENSION_it; -+ PROXY_POLICY_free; -+ PROXY_POLICY_new; -+ BN_MONT_CTX_set_locked; -+ FIPS_selftest_rng; -+ EVP_sha384; -+ EVP_sha512; -+ EVP_sha224; -+ EVP_sha256; -+ FIPS_selftest_hmac; -+ FIPS_corrupt_rng; -+ BN_mod_exp_mont_consttime; -+ RSA_X931_hash_id; -+ RSA_padding_check_X931; -+ RSA_verify_PKCS1_PSS; -+ RSA_padding_add_X931; -+ RSA_padding_add_PKCS1_PSS; -+ PKCS1_MGF1; -+ BN_X931_generate_Xpq; -+ RSA_X931_generate_key; -+ BN_X931_derive_prime; -+ BN_X931_generate_prime; -+ RSA_X931_derive; -+ BIO_new_dgram; -+ BN_get0_nist_prime_384; -+ ERR_set_mark; -+ X509_STORE_CTX_set0_crls; -+ ENGINE_set_STORE; -+ ENGINE_register_ECDSA; -+ STORE_meth_set_list_start_fn; -+ STORE_method_set_list_start_function; -+ BN_BLINDING_invert_ex; -+ NAME_CONSTRAINTS_free; -+ STORE_ATTR_INFO_set_number; -+ BN_BLINDING_get_thread_id; -+ X509_STORE_CTX_set0_param; -+ POLICY_MAPPING_it; -+ POLICY_MAPPING_it; -+ STORE_parse_attrs_start; -+ POLICY_CONSTRAINTS_free; -+ EVP_PKEY_add1_attr_by_NID; -+ BN_nist_mod_192; -+ EC_GROUP_get_trinomial_basis; -+ STORE_set_method; -+ GENERAL_SUBTREE_free; -+ NAME_CONSTRAINTS_it; -+ NAME_CONSTRAINTS_it; -+ ECDH_get_default_method; -+ PKCS12_add_safe; -+ EC_KEY_new_by_curve_name; -+ STORE_meth_get_update_store_fn; -+ STORE_method_get_update_store_function; -+ ENGINE_register_ECDH; -+ SHA512_Update; -+ i2d_ECPrivateKey; -+ BN_get0_nist_prime_192; -+ STORE_modify_certificate; -+ EC_POINT_set_affine_coordinates_GF2m; -+ EC_POINT_set_affine_coords_GF2m; -+ BN_GF2m_mod_exp_arr; -+ STORE_ATTR_INFO_modify_number; -+ X509_keyid_get0; -+ ENGINE_load_gmp; -+ pitem_new; -+ BN_GF2m_mod_mul_arr; -+ STORE_list_public_key_endp; -+ o2i_ECPublicKey; -+ EC_KEY_copy; -+ BIO_dump_fp; -+ X509_policy_node_get0_parent; -+ EC_GROUP_check_discriminant; -+ i2o_ECPublicKey; -+ EC_KEY_precompute_mult; -+ a2i_IPADDRESS; -+ STORE_meth_set_initialise_fn; -+ STORE_method_set_initialise_function; -+ X509_STORE_CTX_set_depth; -+ X509_VERIFY_PARAM_inherit; -+ EC_POINT_point2bn; -+ STORE_ATTR_INFO_set_dn; -+ X509_policy_tree_get0_policies; -+ EC_GROUP_new_curve_GF2m; -+ STORE_destroy_method; -+ ENGINE_unregister_STORE; -+ EVP_PKEY_get1_EC_KEY; -+ STORE_ATTR_INFO_get0_number; -+ ENGINE_get_default_ECDH; -+ EC_KEY_get_conv_form; -+ ASN1_OCTET_STRING_NDEF_it; -+ ASN1_OCTET_STRING_NDEF_it; -+ STORE_delete_public_key; -+ STORE_get_public_key; -+ STORE_modify_arbitrary; -+ ENGINE_get_static_state; -+ pqueue_iterator; -+ ECDSA_SIG_new; -+ OPENSSL_DIR_end; -+ BN_GF2m_mod_sqr; -+ EC_POINT_bn2point; -+ X509_VERIFY_PARAM_set_depth; -+ EC_KEY_set_asn1_flag; -+ STORE_get_method; -+ EC_KEY_get_key_method_data; -+ ECDSA_sign_ex; -+ STORE_parse_attrs_end; -+ EC_GROUP_get_point_conversion_form; -+ EC_GROUP_get_point_conv_form; -+ STORE_method_set_store_function; -+ STORE_ATTR_INFO_in; -+ PEM_read_bio_ECPKParameters; -+ EC_GROUP_get_pentanomial_basis; -+ EVP_PKEY_add1_attr_by_txt; -+ BN_BLINDING_set_flags; -+ X509_VERIFY_PARAM_set1_policies; -+ X509_VERIFY_PARAM_set1_name; -+ X509_VERIFY_PARAM_set_purpose; -+ STORE_get_number; -+ ECDSA_sign_setup; -+ BN_GF2m_mod_solve_quad_arr; -+ EC_KEY_up_ref; -+ POLICY_MAPPING_free; -+ BN_GF2m_mod_div; -+ X509_VERIFY_PARAM_set_flags; -+ EC_KEY_free; -+ STORE_meth_set_list_next_fn; -+ STORE_method_set_list_next_function; -+ PEM_write_bio_ECPrivateKey; -+ d2i_EC_PUBKEY; -+ STORE_meth_get_generate_fn; -+ STORE_method_get_generate_function; -+ STORE_meth_set_list_end_fn; -+ STORE_method_set_list_end_function; -+ pqueue_print; -+ EC_GROUP_have_precompute_mult; -+ EC_KEY_print_fp; -+ BN_GF2m_mod_arr; -+ PEM_write_bio_X509_CERT_PAIR; -+ EVP_PKEY_cmp; -+ X509_policy_level_node_count; -+ STORE_new_engine; -+ STORE_list_public_key_start; -+ X509_VERIFY_PARAM_new; -+ ECDH_get_ex_data; -+ EVP_PKEY_get_attr; -+ ECDSA_do_sign; -+ ENGINE_unregister_ECDH; -+ ECDH_OpenSSL; -+ EC_KEY_set_conv_form; -+ EC_POINT_dup; -+ GENERAL_SUBTREE_new; -+ STORE_list_crl_endp; -+ EC_get_builtin_curves; -+ X509_policy_node_get0_qualifiers; -+ X509_pcy_node_get0_qualifiers; -+ STORE_list_crl_end; -+ EVP_PKEY_set1_EC_KEY; -+ BN_GF2m_mod_sqrt_arr; -+ i2d_ECPrivateKey_bio; -+ ECPKParameters_print_fp; -+ pqueue_find; -+ ECDSA_SIG_free; -+ PEM_write_bio_ECPKParameters; -+ STORE_method_set_ctrl_function; -+ STORE_list_public_key_end; -+ EC_KEY_set_private_key; -+ pqueue_peek; -+ STORE_get_arbitrary; -+ STORE_store_crl; -+ X509_policy_node_get0_policy; -+ PKCS12_add_safes; -+ BN_BLINDING_convert_ex; -+ X509_policy_tree_free; -+ OPENSSL_ia32cap_loc; -+ BN_GF2m_poly2arr; -+ STORE_ctrl; -+ STORE_ATTR_INFO_compare; -+ BN_get0_nist_prime_224; -+ i2d_ECParameters; -+ i2d_ECPKParameters; -+ BN_GENCB_call; -+ d2i_ECPKParameters; -+ STORE_meth_set_generate_fn; -+ STORE_method_set_generate_function; -+ ENGINE_set_ECDH; -+ NAME_CONSTRAINTS_new; -+ SHA256_Init; -+ EC_KEY_get0_public_key; -+ PEM_write_bio_EC_PUBKEY; -+ STORE_ATTR_INFO_set_cstr; -+ STORE_list_crl_next; -+ STORE_ATTR_INFO_in_range; -+ ECParameters_print; -+ STORE_meth_set_delete_fn; -+ STORE_method_set_delete_function; -+ STORE_list_certificate_next; -+ ASN1_generate_nconf; -+ BUF_memdup; -+ BN_GF2m_mod_mul; -+ STORE_meth_get_list_next_fn; -+ STORE_method_get_list_next_function; -+ STORE_ATTR_INFO_get0_dn; -+ STORE_list_private_key_next; -+ EC_GROUP_set_seed; -+ X509_VERIFY_PARAM_set_trust; -+ STORE_ATTR_INFO_free; -+ STORE_get_private_key; -+ EVP_PKEY_get_attr_count; -+ STORE_ATTR_INFO_new; -+ EC_GROUP_get_curve_GF2m; -+ STORE_meth_set_revoke_fn; -+ STORE_method_set_revoke_function; -+ STORE_store_number; -+ BN_is_prime_ex; -+ STORE_revoke_public_key; -+ X509_STORE_CTX_get0_param; -+ STORE_delete_arbitrary; -+ PEM_read_X509_CERT_PAIR; -+ X509_STORE_set_depth; -+ ECDSA_get_ex_data; -+ SHA224; -+ BIO_dump_indent_fp; -+ EC_KEY_set_group; -+ BUF_strndup; -+ STORE_list_certificate_start; -+ BN_GF2m_mod; -+ X509_REQ_check_private_key; -+ EC_GROUP_get_seed_len; -+ ERR_load_STORE_strings; -+ PEM_read_bio_EC_PUBKEY; -+ STORE_list_private_key_end; -+ i2d_EC_PUBKEY; -+ ECDSA_get_default_method; -+ ASN1_put_eoc; -+ X509_STORE_CTX_get_explicit_policy; -+ X509_STORE_CTX_get_expl_policy; -+ X509_VERIFY_PARAM_table_cleanup; -+ STORE_modify_private_key; -+ X509_VERIFY_PARAM_free; -+ EC_METHOD_get_field_type; -+ EC_GFp_nist_method; -+ STORE_meth_set_modify_fn; -+ STORE_method_set_modify_function; -+ STORE_parse_attrs_next; -+ ENGINE_load_padlock; -+ EC_GROUP_set_curve_name; -+ X509_CERT_PAIR_it; -+ X509_CERT_PAIR_it; -+ STORE_meth_get_revoke_fn; -+ STORE_method_get_revoke_function; -+ STORE_method_set_get_function; -+ STORE_modify_number; -+ STORE_method_get_store_function; -+ STORE_store_private_key; -+ BN_GF2m_mod_sqr_arr; -+ RSA_setup_blinding; -+ BIO_s_datagram; -+ STORE_Memory; -+ sk_find_ex; -+ EC_GROUP_set_curve_GF2m; -+ ENGINE_set_default_ECDSA; -+ POLICY_CONSTRAINTS_new; -+ BN_GF2m_mod_sqrt; -+ ECDH_set_default_method; -+ EC_KEY_generate_key; -+ SHA384_Update; -+ BN_GF2m_arr2poly; -+ STORE_method_get_get_function; -+ STORE_meth_set_cleanup_fn; -+ STORE_method_set_cleanup_function; -+ EC_GROUP_check; -+ d2i_ECPrivateKey_bio; -+ EC_KEY_insert_key_method_data; -+ STORE_meth_get_lock_store_fn; -+ STORE_method_get_lock_store_function; -+ X509_VERIFY_PARAM_get_depth; -+ SHA224_Final; -+ STORE_meth_set_update_store_fn; -+ STORE_method_set_update_store_function; -+ SHA224_Update; -+ d2i_ECPrivateKey; -+ ASN1_item_ndef_i2d; -+ STORE_delete_private_key; -+ ERR_pop_to_mark; -+ ENGINE_register_all_STORE; -+ X509_policy_level_get0_node; -+ i2d_PKCS7_NDEF; -+ EC_GROUP_get_degree; -+ ASN1_generate_v3; -+ STORE_ATTR_INFO_modify_cstr; -+ X509_policy_tree_level_count; -+ BN_GF2m_add; -+ EC_KEY_get0_group; -+ STORE_generate_crl; -+ STORE_store_public_key; -+ X509_CERT_PAIR_free; -+ STORE_revoke_private_key; -+ BN_nist_mod_224; -+ SHA512_Final; -+ STORE_ATTR_INFO_modify_dn; -+ STORE_meth_get_initialise_fn; -+ STORE_method_get_initialise_function; -+ STORE_delete_number; -+ i2d_EC_PUBKEY_bio; -+ BIO_dgram_non_fatal_error; -+ EC_GROUP_get_asn1_flag; -+ STORE_ATTR_INFO_in_ex; -+ STORE_list_crl_start; -+ ECDH_get_ex_new_index; -+ STORE_meth_get_modify_fn; -+ STORE_method_get_modify_function; -+ v2i_ASN1_BIT_STRING; -+ STORE_store_certificate; -+ OBJ_bsearch_ex; -+ X509_STORE_CTX_set_default; -+ STORE_ATTR_INFO_set_sha1str; -+ BN_GF2m_mod_inv; -+ BN_GF2m_mod_exp; -+ STORE_modify_public_key; -+ STORE_meth_get_list_start_fn; -+ STORE_method_get_list_start_function; -+ EC_GROUP_get0_seed; -+ STORE_store_arbitrary; -+ STORE_meth_set_unlock_store_fn; -+ STORE_method_set_unlock_store_function; -+ BN_GF2m_mod_div_arr; -+ ENGINE_set_ECDSA; -+ STORE_create_method; -+ ECPKParameters_print; -+ EC_KEY_get0_private_key; -+ PEM_write_EC_PUBKEY; -+ X509_VERIFY_PARAM_set1; -+ ECDH_set_method; -+ v2i_GENERAL_NAME_ex; -+ ECDH_set_ex_data; -+ STORE_generate_key; -+ BN_nist_mod_521; -+ X509_policy_tree_get0_level; -+ EC_GROUP_set_point_conversion_form; -+ EC_GROUP_set_point_conv_form; -+ PEM_read_EC_PUBKEY; -+ i2d_ECDSA_SIG; -+ ECDSA_OpenSSL; -+ STORE_delete_crl; -+ EC_KEY_get_enc_flags; -+ ASN1_const_check_infinite_end; -+ EVP_PKEY_delete_attr; -+ ECDSA_set_default_method; -+ EC_POINT_set_compressed_coordinates_GF2m; -+ EC_POINT_set_compr_coords_GF2m; -+ EC_GROUP_cmp; -+ STORE_revoke_certificate; -+ BN_get0_nist_prime_256; -+ STORE_meth_get_delete_fn; -+ STORE_method_get_delete_function; -+ SHA224_Init; -+ PEM_read_ECPrivateKey; -+ SHA512_Init; -+ STORE_parse_attrs_endp; -+ BN_set_negative; -+ ERR_load_ECDSA_strings; -+ EC_GROUP_get_basis_type; -+ STORE_list_public_key_next; -+ i2v_ASN1_BIT_STRING; -+ STORE_OBJECT_free; -+ BN_nist_mod_384; -+ i2d_X509_CERT_PAIR; -+ PEM_write_ECPKParameters; -+ ECDH_compute_key; -+ STORE_ATTR_INFO_get0_sha1str; -+ ENGINE_register_all_ECDH; -+ pqueue_pop; -+ STORE_ATTR_INFO_get0_cstr; -+ POLICY_CONSTRAINTS_it; -+ POLICY_CONSTRAINTS_it; -+ STORE_get_ex_new_index; -+ EVP_PKEY_get_attr_by_OBJ; -+ X509_VERIFY_PARAM_add0_policy; -+ BN_GF2m_mod_solve_quad; -+ SHA256; -+ i2d_ECPrivateKey_fp; -+ X509_policy_tree_get0_user_policies; -+ X509_pcy_tree_get0_usr_policies; -+ OPENSSL_DIR_read; -+ ENGINE_register_all_ECDSA; -+ X509_VERIFY_PARAM_lookup; -+ EC_POINT_get_affine_coordinates_GF2m; -+ EC_POINT_get_affine_coords_GF2m; -+ EC_GROUP_dup; -+ ENGINE_get_default_ECDSA; -+ EC_KEY_new; -+ SHA256_Transform; -+ EC_KEY_set_enc_flags; -+ ECDSA_verify; -+ EC_POINT_point2hex; -+ ENGINE_get_STORE; -+ SHA512; -+ STORE_get_certificate; -+ ECDSA_do_sign_ex; -+ ECDSA_do_verify; -+ d2i_ECPrivateKey_fp; -+ STORE_delete_certificate; -+ SHA512_Transform; -+ X509_STORE_set1_param; -+ STORE_method_get_ctrl_function; -+ STORE_free; -+ PEM_write_ECPrivateKey; -+ STORE_meth_get_unlock_store_fn; -+ STORE_method_get_unlock_store_function; -+ STORE_get_ex_data; -+ EC_KEY_set_public_key; -+ PEM_read_ECPKParameters; -+ X509_CERT_PAIR_new; -+ ENGINE_register_STORE; -+ RSA_generate_key_ex; -+ DSA_generate_parameters_ex; -+ ECParameters_print_fp; -+ X509V3_NAME_from_section; -+ EVP_PKEY_add1_attr; -+ STORE_modify_crl; -+ STORE_list_private_key_start; -+ POLICY_MAPPINGS_it; -+ POLICY_MAPPINGS_it; -+ GENERAL_SUBTREE_it; -+ GENERAL_SUBTREE_it; -+ EC_GROUP_get_curve_name; -+ PEM_write_X509_CERT_PAIR; -+ BIO_dump_indent_cb; -+ d2i_X509_CERT_PAIR; -+ STORE_list_private_key_endp; -+ asn1_const_Finish; -+ i2d_EC_PUBKEY_fp; -+ BN_nist_mod_256; -+ X509_VERIFY_PARAM_add0_table; -+ pqueue_free; -+ BN_BLINDING_create_param; -+ ECDSA_size; -+ d2i_EC_PUBKEY_bio; -+ BN_get0_nist_prime_521; -+ STORE_ATTR_INFO_modify_sha1str; -+ BN_generate_prime_ex; -+ EC_GROUP_new_by_curve_name; -+ SHA256_Final; -+ DH_generate_parameters_ex; -+ PEM_read_bio_ECPrivateKey; -+ STORE_meth_get_cleanup_fn; -+ STORE_method_get_cleanup_function; -+ ENGINE_get_ECDH; -+ d2i_ECDSA_SIG; -+ BN_is_prime_fasttest_ex; -+ ECDSA_sign; -+ X509_policy_check; -+ EVP_PKEY_get_attr_by_NID; -+ STORE_set_ex_data; -+ ENGINE_get_ECDSA; -+ EVP_ecdsa; -+ BN_BLINDING_get_flags; -+ PKCS12_add_cert; -+ STORE_OBJECT_new; -+ ERR_load_ECDH_strings; -+ EC_KEY_dup; -+ EVP_CIPHER_CTX_rand_key; -+ ECDSA_set_method; -+ a2i_IPADDRESS_NC; -+ d2i_ECParameters; -+ STORE_list_certificate_end; -+ STORE_get_crl; -+ X509_POLICY_NODE_print; -+ SHA384_Init; -+ EC_GF2m_simple_method; -+ ECDSA_set_ex_data; -+ SHA384_Final; -+ PKCS7_set_digest; -+ EC_KEY_print; -+ STORE_meth_set_lock_store_fn; -+ STORE_method_set_lock_store_function; -+ ECDSA_get_ex_new_index; -+ SHA384; -+ POLICY_MAPPING_new; -+ STORE_list_certificate_endp; -+ X509_STORE_CTX_get0_policy_tree; -+ EC_GROUP_set_asn1_flag; -+ EC_KEY_check_key; -+ d2i_EC_PUBKEY_fp; -+ PKCS7_set0_type_other; -+ PEM_read_bio_X509_CERT_PAIR; -+ pqueue_next; -+ STORE_meth_get_list_end_fn; -+ STORE_method_get_list_end_function; -+ EVP_PKEY_add1_attr_by_OBJ; -+ X509_VERIFY_PARAM_set_time; -+ pqueue_new; -+ ENGINE_set_default_ECDH; -+ STORE_new_method; -+ PKCS12_add_key; -+ DSO_merge; -+ EC_POINT_hex2point; -+ BIO_dump_cb; -+ SHA256_Update; -+ pqueue_insert; -+ pitem_free; -+ BN_GF2m_mod_inv_arr; -+ ENGINE_unregister_ECDSA; -+ BN_BLINDING_set_thread_id; -+ get_rfc3526_prime_8192; -+ X509_VERIFY_PARAM_clear_flags; -+ get_rfc2409_prime_1024; -+ DH_check_pub_key; -+ get_rfc3526_prime_2048; -+ get_rfc3526_prime_6144; -+ get_rfc3526_prime_1536; -+ get_rfc3526_prime_3072; -+ get_rfc3526_prime_4096; -+ get_rfc2409_prime_768; -+ X509_VERIFY_PARAM_get_flags; -+ EVP_CIPHER_CTX_new; -+ EVP_CIPHER_CTX_free; -+ Camellia_cbc_encrypt; -+ Camellia_cfb128_encrypt; -+ Camellia_cfb1_encrypt; -+ Camellia_cfb8_encrypt; -+ Camellia_ctr128_encrypt; -+ Camellia_cfbr_encrypt_block; -+ Camellia_decrypt; -+ Camellia_ecb_encrypt; -+ Camellia_encrypt; -+ Camellia_ofb128_encrypt; -+ Camellia_set_key; -+ EVP_camellia_128_cbc; -+ EVP_camellia_128_cfb128; -+ EVP_camellia_128_cfb1; -+ EVP_camellia_128_cfb8; -+ EVP_camellia_128_ecb; -+ EVP_camellia_128_ofb; -+ EVP_camellia_192_cbc; -+ EVP_camellia_192_cfb128; -+ EVP_camellia_192_cfb1; -+ EVP_camellia_192_cfb8; -+ EVP_camellia_192_ecb; -+ EVP_camellia_192_ofb; -+ EVP_camellia_256_cbc; -+ EVP_camellia_256_cfb128; -+ EVP_camellia_256_cfb1; -+ EVP_camellia_256_cfb8; -+ EVP_camellia_256_ecb; -+ EVP_camellia_256_ofb; -+ a2i_ipadd; -+ ASIdentifiers_free; -+ i2d_ASIdOrRange; -+ EVP_CIPHER_block_size; -+ v3_asid_is_canonical; -+ IPAddressChoice_free; -+ EVP_CIPHER_CTX_set_app_data; -+ BIO_set_callback_arg; -+ v3_addr_add_prefix; -+ IPAddressOrRange_it; -+ IPAddressOrRange_it; -+ BIO_set_flags; -+ ASIdentifiers_it; -+ ASIdentifiers_it; -+ v3_addr_get_range; -+ BIO_method_type; -+ v3_addr_inherits; -+ IPAddressChoice_it; -+ IPAddressChoice_it; -+ AES_ige_encrypt; -+ v3_addr_add_range; -+ EVP_CIPHER_CTX_nid; -+ d2i_ASRange; -+ v3_addr_add_inherit; -+ v3_asid_add_id_or_range; -+ v3_addr_validate_resource_set; -+ EVP_CIPHER_iv_length; -+ EVP_MD_type; -+ v3_asid_canonize; -+ IPAddressRange_free; -+ v3_asid_add_inherit; -+ EVP_CIPHER_CTX_key_length; -+ IPAddressRange_new; -+ ASIdOrRange_new; -+ EVP_MD_size; -+ EVP_MD_CTX_test_flags; -+ BIO_clear_flags; -+ i2d_ASRange; -+ IPAddressRange_it; -+ IPAddressRange_it; -+ IPAddressChoice_new; -+ ASIdentifierChoice_new; -+ ASRange_free; -+ EVP_MD_pkey_type; -+ EVP_MD_CTX_clear_flags; -+ IPAddressFamily_free; -+ i2d_IPAddressFamily; -+ IPAddressOrRange_new; -+ EVP_CIPHER_flags; -+ v3_asid_validate_resource_set; -+ d2i_IPAddressRange; -+ AES_bi_ige_encrypt; -+ BIO_get_callback; -+ IPAddressOrRange_free; -+ v3_addr_subset; -+ d2i_IPAddressFamily; -+ v3_asid_subset; -+ BIO_test_flags; -+ i2d_ASIdentifierChoice; -+ ASRange_it; -+ ASRange_it; -+ d2i_ASIdentifiers; -+ ASRange_new; -+ d2i_IPAddressChoice; -+ v3_addr_get_afi; -+ EVP_CIPHER_key_length; -+ EVP_Cipher; -+ i2d_IPAddressOrRange; -+ ASIdOrRange_it; -+ ASIdOrRange_it; -+ EVP_CIPHER_nid; -+ i2d_IPAddressChoice; -+ EVP_CIPHER_CTX_block_size; -+ ASIdentifiers_new; -+ v3_addr_validate_path; -+ IPAddressFamily_new; -+ EVP_MD_CTX_set_flags; -+ v3_addr_is_canonical; -+ i2d_IPAddressRange; -+ IPAddressFamily_it; -+ IPAddressFamily_it; -+ v3_asid_inherits; -+ EVP_CIPHER_CTX_cipher; -+ EVP_CIPHER_CTX_get_app_data; -+ EVP_MD_block_size; -+ EVP_CIPHER_CTX_flags; -+ v3_asid_validate_path; -+ d2i_IPAddressOrRange; -+ v3_addr_canonize; -+ ASIdentifierChoice_it; -+ ASIdentifierChoice_it; -+ EVP_MD_CTX_md; -+ d2i_ASIdentifierChoice; -+ BIO_method_name; -+ EVP_CIPHER_CTX_iv_length; -+ ASIdOrRange_free; -+ ASIdentifierChoice_free; -+ BIO_get_callback_arg; -+ BIO_set_callback; -+ d2i_ASIdOrRange; -+ i2d_ASIdentifiers; -+ SEED_decrypt; -+ SEED_encrypt; -+ SEED_cbc_encrypt; -+ EVP_seed_ofb; -+ SEED_cfb128_encrypt; -+ SEED_ofb128_encrypt; -+ EVP_seed_cbc; -+ SEED_ecb_encrypt; -+ EVP_seed_ecb; -+ SEED_set_key; -+ EVP_seed_cfb128; -+ X509_EXTENSIONS_it; -+ X509_EXTENSIONS_it; -+ X509_get1_ocsp; -+ OCSP_REQ_CTX_free; -+ i2d_X509_EXTENSIONS; -+ OCSP_sendreq_nbio; -+ OCSP_sendreq_new; -+ d2i_X509_EXTENSIONS; -+ X509_ALGORS_it; -+ X509_ALGORS_it; -+ X509_ALGOR_get0; -+ X509_ALGOR_set0; -+ AES_unwrap_key; -+ AES_wrap_key; -+ X509at_get0_data_by_OBJ; -+ ASN1_TYPE_set1; -+ ASN1_STRING_set0; -+ i2d_X509_ALGORS; -+ BIO_f_zlib; -+ COMP_zlib_cleanup; -+ d2i_X509_ALGORS; -+ CMS_ReceiptRequest_free; -+ PEM_write_CMS; -+ CMS_add0_CertificateChoices; -+ CMS_unsigned_add1_attr_by_OBJ; -+ ERR_load_CMS_strings; -+ CMS_sign_receipt; -+ i2d_CMS_ContentInfo; -+ CMS_signed_delete_attr; -+ d2i_CMS_bio; -+ CMS_unsigned_get_attr_by_NID; -+ CMS_verify; -+ SMIME_read_CMS; -+ CMS_decrypt_set1_key; -+ CMS_SignerInfo_get0_algs; -+ CMS_add1_cert; -+ CMS_set_detached; -+ CMS_encrypt; -+ CMS_EnvelopedData_create; -+ CMS_uncompress; -+ CMS_add0_crl; -+ CMS_SignerInfo_verify_content; -+ CMS_unsigned_get0_data_by_OBJ; -+ PEM_write_bio_CMS; -+ CMS_unsigned_get_attr; -+ CMS_RecipientInfo_ktri_cert_cmp; -+ CMS_RecipientInfo_ktri_get0_algs; -+ CMS_RecipInfo_ktri_get0_algs; -+ CMS_ContentInfo_free; -+ CMS_final; -+ CMS_add_simple_smimecap; -+ CMS_SignerInfo_verify; -+ CMS_data; -+ CMS_ContentInfo_it; -+ CMS_ContentInfo_it; -+ d2i_CMS_ReceiptRequest; -+ CMS_compress; -+ CMS_digest_create; -+ CMS_SignerInfo_cert_cmp; -+ CMS_SignerInfo_sign; -+ CMS_data_create; -+ i2d_CMS_bio; -+ CMS_EncryptedData_set1_key; -+ CMS_decrypt; -+ int_smime_write_ASN1; -+ CMS_unsigned_delete_attr; -+ CMS_unsigned_get_attr_count; -+ CMS_add_smimecap; -+ PEM_read_CMS; -+ CMS_signed_get_attr_by_OBJ; -+ d2i_CMS_ContentInfo; -+ CMS_add_standard_smimecap; -+ CMS_ContentInfo_new; -+ CMS_RecipientInfo_type; -+ CMS_get0_type; -+ CMS_is_detached; -+ CMS_sign; -+ CMS_signed_add1_attr; -+ CMS_unsigned_get_attr_by_OBJ; -+ SMIME_write_CMS; -+ CMS_EncryptedData_decrypt; -+ CMS_get0_RecipientInfos; -+ CMS_add0_RevocationInfoChoice; -+ CMS_decrypt_set1_pkey; -+ CMS_SignerInfo_set1_signer_cert; -+ CMS_get0_signers; -+ CMS_ReceiptRequest_get0_values; -+ CMS_signed_get0_data_by_OBJ; -+ CMS_get0_SignerInfos; -+ CMS_add0_cert; -+ CMS_EncryptedData_encrypt; -+ CMS_digest_verify; -+ CMS_set1_signers_certs; -+ CMS_signed_get_attr; -+ CMS_RecipientInfo_set0_key; -+ CMS_SignedData_init; -+ CMS_RecipientInfo_kekri_get0_id; -+ CMS_verify_receipt; -+ CMS_ReceiptRequest_it; -+ CMS_ReceiptRequest_it; -+ PEM_read_bio_CMS; -+ CMS_get1_crls; -+ CMS_add0_recipient_key; -+ SMIME_read_ASN1; -+ CMS_ReceiptRequest_new; -+ CMS_get0_content; -+ CMS_get1_ReceiptRequest; -+ CMS_signed_add1_attr_by_OBJ; -+ CMS_RecipientInfo_kekri_id_cmp; -+ CMS_add1_ReceiptRequest; -+ CMS_SignerInfo_get0_signer_id; -+ CMS_unsigned_add1_attr_by_NID; -+ CMS_unsigned_add1_attr; -+ CMS_signed_get_attr_by_NID; -+ CMS_get1_certs; -+ CMS_signed_add1_attr_by_NID; -+ CMS_unsigned_add1_attr_by_txt; -+ CMS_dataFinal; -+ CMS_RecipientInfo_ktri_get0_signer_id; -+ CMS_RecipInfo_ktri_get0_sigr_id; -+ i2d_CMS_ReceiptRequest; -+ CMS_add1_recipient_cert; -+ CMS_dataInit; -+ CMS_signed_add1_attr_by_txt; -+ CMS_RecipientInfo_decrypt; -+ CMS_signed_get_attr_count; -+ CMS_get0_eContentType; -+ CMS_set1_eContentType; -+ CMS_ReceiptRequest_create0; -+ CMS_add1_signer; -+ CMS_RecipientInfo_set0_pkey; -+ ENGINE_set_load_ssl_client_cert_function; -+ ENGINE_set_ld_ssl_clnt_cert_fn; -+ ENGINE_get_ssl_client_cert_function; -+ ENGINE_get_ssl_client_cert_fn; -+ ENGINE_load_ssl_client_cert; -+ ENGINE_load_capi; -+ OPENSSL_isservice; -+ FIPS_dsa_sig_decode; -+ EVP_CIPHER_CTX_clear_flags; -+ FIPS_rand_status; -+ FIPS_rand_set_key; -+ CRYPTO_set_mem_info_functions; -+ RSA_X931_generate_key_ex; -+ int_ERR_set_state_func; -+ int_EVP_MD_set_engine_callbacks; -+ int_CRYPTO_set_do_dynlock_callback; -+ FIPS_rng_stick; -+ EVP_CIPHER_CTX_set_flags; -+ BN_X931_generate_prime_ex; -+ FIPS_selftest_check; -+ FIPS_rand_set_dt; -+ CRYPTO_dbg_pop_info; -+ FIPS_dsa_free; -+ RSA_X931_derive_ex; -+ FIPS_rsa_new; -+ FIPS_rand_bytes; -+ fips_cipher_test; -+ EVP_CIPHER_CTX_test_flags; -+ CRYPTO_malloc_debug_init; -+ CRYPTO_dbg_push_info; -+ FIPS_corrupt_rsa_keygen; -+ FIPS_dh_new; -+ FIPS_corrupt_dsa_keygen; -+ FIPS_dh_free; -+ fips_pkey_signature_test; -+ EVP_add_alg_module; -+ int_RAND_init_engine_callbacks; -+ int_EVP_CIPHER_set_engine_callbacks; -+ int_EVP_MD_init_engine_callbacks; -+ FIPS_rand_test_mode; -+ FIPS_rand_reset; -+ FIPS_dsa_new; -+ int_RAND_set_callbacks; -+ BN_X931_derive_prime_ex; -+ int_ERR_lib_init; -+ int_EVP_CIPHER_init_engine_callbacks; -+ FIPS_rsa_free; -+ FIPS_dsa_sig_encode; -+ CRYPTO_dbg_remove_all_info; -+ OPENSSL_init; -+ CRYPTO_strdup; -+ JPAKE_STEP3A_process; -+ JPAKE_STEP1_release; -+ JPAKE_get_shared_key; -+ JPAKE_STEP3B_init; -+ JPAKE_STEP1_generate; -+ JPAKE_STEP1_init; -+ JPAKE_STEP3B_process; -+ JPAKE_STEP2_generate; -+ JPAKE_CTX_new; -+ JPAKE_CTX_free; -+ JPAKE_STEP3B_release; -+ JPAKE_STEP3A_release; -+ JPAKE_STEP2_process; -+ JPAKE_STEP3B_generate; -+ JPAKE_STEP1_process; -+ JPAKE_STEP3A_generate; -+ JPAKE_STEP2_release; -+ JPAKE_STEP3A_init; -+ ERR_load_JPAKE_strings; -+ JPAKE_STEP2_init; -+ pqueue_size; -+ i2d_TS_ACCURACY; -+ i2d_TS_MSG_IMPRINT_fp; -+ i2d_TS_MSG_IMPRINT; -+ EVP_PKEY_print_public; -+ EVP_PKEY_CTX_new; -+ i2d_TS_TST_INFO; -+ EVP_PKEY_asn1_find; -+ DSO_METHOD_beos; -+ TS_CONF_load_cert; -+ TS_REQ_get_ext; -+ EVP_PKEY_sign_init; -+ ASN1_item_print; -+ TS_TST_INFO_set_nonce; -+ TS_RESP_dup; -+ ENGINE_register_pkey_meths; -+ EVP_PKEY_asn1_add0; -+ PKCS7_add0_attrib_signing_time; -+ i2d_TS_TST_INFO_fp; -+ BIO_asn1_get_prefix; -+ TS_TST_INFO_set_time; -+ EVP_PKEY_meth_set_decrypt; -+ EVP_PKEY_set_type_str; -+ EVP_PKEY_CTX_get_keygen_info; -+ TS_REQ_set_policy_id; -+ d2i_TS_RESP_fp; -+ ENGINE_get_pkey_asn1_meth_engine; -+ ENGINE_get_pkey_asn1_meth_eng; -+ WHIRLPOOL_Init; -+ TS_RESP_set_status_info; -+ EVP_PKEY_keygen; -+ EVP_DigestSignInit; -+ TS_ACCURACY_set_millis; -+ TS_REQ_dup; -+ GENERAL_NAME_dup; -+ ASN1_SEQUENCE_ANY_it; -+ ASN1_SEQUENCE_ANY_it; -+ WHIRLPOOL; -+ X509_STORE_get1_crls; -+ ENGINE_get_pkey_asn1_meth; -+ EVP_PKEY_asn1_new; -+ BIO_new_NDEF; -+ ENGINE_get_pkey_meth; -+ TS_MSG_IMPRINT_set_algo; -+ i2d_TS_TST_INFO_bio; -+ TS_TST_INFO_set_ordering; -+ TS_TST_INFO_get_ext_by_OBJ; -+ CRYPTO_THREADID_set_pointer; -+ TS_CONF_get_tsa_section; -+ SMIME_write_ASN1; -+ TS_RESP_CTX_set_signer_key; -+ EVP_PKEY_encrypt_old; -+ EVP_PKEY_encrypt_init; -+ CRYPTO_THREADID_cpy; -+ ASN1_PCTX_get_cert_flags; -+ i2d_ESS_SIGNING_CERT; -+ TS_CONF_load_key; -+ i2d_ASN1_SEQUENCE_ANY; -+ d2i_TS_MSG_IMPRINT_bio; -+ EVP_PKEY_asn1_set_public; -+ b2i_PublicKey_bio; -+ BIO_asn1_set_prefix; -+ EVP_PKEY_new_mac_key; -+ BIO_new_CMS; -+ CRYPTO_THREADID_cmp; -+ TS_REQ_ext_free; -+ EVP_PKEY_asn1_set_free; -+ EVP_PKEY_get0_asn1; -+ d2i_NETSCAPE_X509; -+ EVP_PKEY_verify_recover_init; -+ EVP_PKEY_CTX_set_data; -+ EVP_PKEY_keygen_init; -+ TS_RESP_CTX_set_status_info; -+ TS_MSG_IMPRINT_get_algo; -+ TS_REQ_print_bio; -+ EVP_PKEY_CTX_ctrl_str; -+ EVP_PKEY_get_default_digest_nid; -+ PEM_write_bio_PKCS7_stream; -+ TS_MSG_IMPRINT_print_bio; -+ BN_asc2bn; -+ TS_REQ_get_policy_id; -+ ENGINE_set_default_pkey_asn1_meths; -+ ENGINE_set_def_pkey_asn1_meths; -+ d2i_TS_ACCURACY; -+ DSO_global_lookup; -+ TS_CONF_set_tsa_name; -+ i2d_ASN1_SET_ANY; -+ ENGINE_load_gost; -+ WHIRLPOOL_BitUpdate; -+ ASN1_PCTX_get_flags; -+ TS_TST_INFO_get_ext_by_NID; -+ TS_RESP_new; -+ ESS_CERT_ID_dup; -+ TS_STATUS_INFO_dup; -+ TS_REQ_delete_ext; -+ EVP_DigestVerifyFinal; -+ EVP_PKEY_print_params; -+ i2d_CMS_bio_stream; -+ TS_REQ_get_msg_imprint; -+ OBJ_find_sigid_by_algs; -+ TS_TST_INFO_get_serial; -+ TS_REQ_get_nonce; -+ X509_PUBKEY_set0_param; -+ EVP_PKEY_CTX_set0_keygen_info; -+ DIST_POINT_set_dpname; -+ i2d_ISSUING_DIST_POINT; -+ ASN1_SET_ANY_it; -+ ASN1_SET_ANY_it; -+ EVP_PKEY_CTX_get_data; -+ TS_STATUS_INFO_print_bio; -+ EVP_PKEY_derive_init; -+ d2i_TS_TST_INFO; -+ EVP_PKEY_asn1_add_alias; -+ d2i_TS_RESP_bio; -+ OTHERNAME_cmp; -+ GENERAL_NAME_set0_value; -+ PKCS7_RECIP_INFO_get0_alg; -+ TS_RESP_CTX_new; -+ TS_RESP_set_tst_info; -+ PKCS7_final; -+ EVP_PKEY_base_id; -+ TS_RESP_CTX_set_signer_cert; -+ TS_REQ_set_msg_imprint; -+ EVP_PKEY_CTX_ctrl; -+ TS_CONF_set_digests; -+ d2i_TS_MSG_IMPRINT; -+ EVP_PKEY_meth_set_ctrl; -+ TS_REQ_get_ext_by_NID; -+ PKCS5_pbe_set0_algor; -+ BN_BLINDING_thread_id; -+ TS_ACCURACY_new; -+ X509_CRL_METHOD_free; -+ ASN1_PCTX_get_nm_flags; -+ EVP_PKEY_meth_set_sign; -+ CRYPTO_THREADID_current; -+ EVP_PKEY_decrypt_init; -+ NETSCAPE_X509_free; -+ i2b_PVK_bio; -+ EVP_PKEY_print_private; -+ GENERAL_NAME_get0_value; -+ b2i_PVK_bio; -+ ASN1_UTCTIME_adj; -+ TS_TST_INFO_new; -+ EVP_MD_do_all_sorted; -+ TS_CONF_set_default_engine; -+ TS_ACCURACY_set_seconds; -+ TS_TST_INFO_get_time; -+ PKCS8_pkey_get0; -+ EVP_PKEY_asn1_get0; -+ OBJ_add_sigid; -+ PKCS7_SIGNER_INFO_sign; -+ EVP_PKEY_paramgen_init; -+ EVP_PKEY_sign; -+ OBJ_sigid_free; -+ EVP_PKEY_meth_set_init; -+ d2i_ESS_ISSUER_SERIAL; -+ ISSUING_DIST_POINT_new; -+ ASN1_TIME_adj; -+ TS_OBJ_print_bio; -+ EVP_PKEY_meth_set_verify_recover; -+ EVP_PKEY_meth_set_vrfy_recover; -+ TS_RESP_get_status_info; -+ CMS_stream; -+ EVP_PKEY_CTX_set_cb; -+ PKCS7_to_TS_TST_INFO; -+ ASN1_PCTX_get_oid_flags; -+ TS_TST_INFO_add_ext; -+ EVP_PKEY_meth_set_derive; -+ i2d_TS_RESP_fp; -+ i2d_TS_MSG_IMPRINT_bio; -+ TS_RESP_CTX_set_accuracy; -+ TS_REQ_set_nonce; -+ ESS_CERT_ID_new; -+ ENGINE_pkey_asn1_find_str; -+ TS_REQ_get_ext_count; -+ BUF_reverse; -+ TS_TST_INFO_print_bio; -+ d2i_ISSUING_DIST_POINT; -+ ENGINE_get_pkey_meths; -+ i2b_PrivateKey_bio; -+ i2d_TS_RESP; -+ b2i_PublicKey; -+ TS_VERIFY_CTX_cleanup; -+ TS_STATUS_INFO_free; -+ TS_RESP_verify_token; -+ OBJ_bsearch_ex_; -+ ASN1_bn_print; -+ EVP_PKEY_asn1_get_count; -+ ENGINE_register_pkey_asn1_meths; -+ ASN1_PCTX_set_nm_flags; -+ EVP_DigestVerifyInit; -+ ENGINE_set_default_pkey_meths; -+ TS_TST_INFO_get_policy_id; -+ TS_REQ_get_cert_req; -+ X509_CRL_set_meth_data; -+ PKCS8_pkey_set0; -+ ASN1_STRING_copy; -+ d2i_TS_TST_INFO_fp; -+ X509_CRL_match; -+ EVP_PKEY_asn1_set_private; -+ TS_TST_INFO_get_ext_d2i; -+ TS_RESP_CTX_add_policy; -+ d2i_TS_RESP; -+ TS_CONF_load_certs; -+ TS_TST_INFO_get_msg_imprint; -+ ERR_load_TS_strings; -+ TS_TST_INFO_get_version; -+ EVP_PKEY_CTX_dup; -+ EVP_PKEY_meth_set_verify; -+ i2b_PublicKey_bio; -+ TS_CONF_set_certs; -+ EVP_PKEY_asn1_get0_info; -+ TS_VERIFY_CTX_free; -+ TS_REQ_get_ext_by_critical; -+ TS_RESP_CTX_set_serial_cb; -+ X509_CRL_get_meth_data; -+ TS_RESP_CTX_set_time_cb; -+ TS_MSG_IMPRINT_get_msg; -+ TS_TST_INFO_ext_free; -+ TS_REQ_get_version; -+ TS_REQ_add_ext; -+ EVP_PKEY_CTX_set_app_data; -+ OBJ_bsearch_; -+ EVP_PKEY_meth_set_verifyctx; -+ i2d_PKCS7_bio_stream; -+ CRYPTO_THREADID_set_numeric; -+ PKCS7_sign_add_signer; -+ d2i_TS_TST_INFO_bio; -+ TS_TST_INFO_get_ordering; -+ TS_RESP_print_bio; -+ TS_TST_INFO_get_exts; -+ HMAC_CTX_copy; -+ PKCS5_pbe2_set_iv; -+ ENGINE_get_pkey_asn1_meths; -+ b2i_PrivateKey; -+ EVP_PKEY_CTX_get_app_data; -+ TS_REQ_set_cert_req; -+ CRYPTO_THREADID_set_callback; -+ TS_CONF_set_serial; -+ TS_TST_INFO_free; -+ d2i_TS_REQ_fp; -+ TS_RESP_verify_response; -+ i2d_ESS_ISSUER_SERIAL; -+ TS_ACCURACY_get_seconds; -+ EVP_CIPHER_do_all; -+ b2i_PrivateKey_bio; -+ OCSP_CERTID_dup; -+ X509_PUBKEY_get0_param; -+ TS_MSG_IMPRINT_dup; -+ PKCS7_print_ctx; -+ i2d_TS_REQ_bio; -+ EVP_whirlpool; -+ EVP_PKEY_asn1_set_param; -+ EVP_PKEY_meth_set_encrypt; -+ ASN1_PCTX_set_flags; -+ i2d_ESS_CERT_ID; -+ TS_VERIFY_CTX_new; -+ TS_RESP_CTX_set_extension_cb; -+ ENGINE_register_all_pkey_meths; -+ TS_RESP_CTX_set_status_info_cond; -+ TS_RESP_CTX_set_stat_info_cond; -+ EVP_PKEY_verify; -+ WHIRLPOOL_Final; -+ X509_CRL_METHOD_new; -+ EVP_DigestSignFinal; -+ TS_RESP_CTX_set_def_policy; -+ NETSCAPE_X509_it; -+ NETSCAPE_X509_it; -+ TS_RESP_create_response; -+ PKCS7_SIGNER_INFO_get0_algs; -+ TS_TST_INFO_get_nonce; -+ EVP_PKEY_decrypt_old; -+ TS_TST_INFO_set_policy_id; -+ TS_CONF_set_ess_cert_id_chain; -+ EVP_PKEY_CTX_get0_pkey; -+ d2i_TS_REQ; -+ EVP_PKEY_asn1_find_str; -+ BIO_f_asn1; -+ ESS_SIGNING_CERT_new; -+ EVP_PBE_find; -+ X509_CRL_get0_by_cert; -+ EVP_PKEY_derive; -+ i2d_TS_REQ; -+ TS_TST_INFO_delete_ext; -+ ESS_ISSUER_SERIAL_free; -+ ASN1_PCTX_set_str_flags; -+ ENGINE_get_pkey_asn1_meth_str; -+ TS_CONF_set_signer_key; -+ TS_ACCURACY_get_millis; -+ TS_RESP_get_token; -+ TS_ACCURACY_dup; -+ ENGINE_register_all_pkey_asn1_meths; -+ ENGINE_reg_all_pkey_asn1_meths; -+ X509_CRL_set_default_method; -+ CRYPTO_THREADID_hash; -+ CMS_ContentInfo_print_ctx; -+ TS_RESP_free; -+ ISSUING_DIST_POINT_free; -+ ESS_ISSUER_SERIAL_new; -+ CMS_add1_crl; -+ PKCS7_add1_attrib_digest; -+ TS_RESP_CTX_add_md; -+ TS_TST_INFO_dup; -+ ENGINE_set_pkey_asn1_meths; -+ PEM_write_bio_Parameters; -+ TS_TST_INFO_get_accuracy; -+ X509_CRL_get0_by_serial; -+ TS_TST_INFO_set_version; -+ TS_RESP_CTX_get_tst_info; -+ TS_RESP_verify_signature; -+ CRYPTO_THREADID_get_callback; -+ TS_TST_INFO_get_tsa; -+ TS_STATUS_INFO_new; -+ EVP_PKEY_CTX_get_cb; -+ TS_REQ_get_ext_d2i; -+ GENERAL_NAME_set0_othername; -+ TS_TST_INFO_get_ext_count; -+ TS_RESP_CTX_get_request; -+ i2d_NETSCAPE_X509; -+ ENGINE_get_pkey_meth_engine; -+ EVP_PKEY_meth_set_signctx; -+ EVP_PKEY_asn1_copy; -+ ASN1_TYPE_cmp; -+ EVP_CIPHER_do_all_sorted; -+ EVP_PKEY_CTX_free; -+ ISSUING_DIST_POINT_it; -+ ISSUING_DIST_POINT_it; -+ d2i_TS_MSG_IMPRINT_fp; -+ X509_STORE_get1_certs; -+ EVP_PKEY_CTX_get_operation; -+ d2i_ESS_SIGNING_CERT; -+ TS_CONF_set_ordering; -+ EVP_PBE_alg_add_type; -+ TS_REQ_set_version; -+ EVP_PKEY_get0; -+ BIO_asn1_set_suffix; -+ i2d_TS_STATUS_INFO; -+ EVP_MD_do_all; -+ TS_TST_INFO_set_accuracy; -+ PKCS7_add_attrib_content_type; -+ ERR_remove_thread_state; -+ EVP_PKEY_meth_add0; -+ TS_TST_INFO_set_tsa; -+ EVP_PKEY_meth_new; -+ WHIRLPOOL_Update; -+ TS_CONF_set_accuracy; -+ ASN1_PCTX_set_oid_flags; -+ ESS_SIGNING_CERT_dup; -+ d2i_TS_REQ_bio; -+ X509_time_adj_ex; -+ TS_RESP_CTX_add_flags; -+ d2i_TS_STATUS_INFO; -+ TS_MSG_IMPRINT_set_msg; -+ BIO_asn1_get_suffix; -+ TS_REQ_free; -+ EVP_PKEY_meth_free; -+ TS_REQ_get_exts; -+ TS_RESP_CTX_set_clock_precision_digits; -+ TS_RESP_CTX_set_clk_prec_digits; -+ TS_RESP_CTX_add_failure_info; -+ i2d_TS_RESP_bio; -+ EVP_PKEY_CTX_get0_peerkey; -+ PEM_write_bio_CMS_stream; -+ TS_REQ_new; -+ TS_MSG_IMPRINT_new; -+ EVP_PKEY_meth_find; -+ EVP_PKEY_id; -+ TS_TST_INFO_set_serial; -+ a2i_GENERAL_NAME; -+ TS_CONF_set_crypto_device; -+ EVP_PKEY_verify_init; -+ TS_CONF_set_policies; -+ ASN1_PCTX_new; -+ ESS_CERT_ID_free; -+ ENGINE_unregister_pkey_meths; -+ TS_MSG_IMPRINT_free; -+ TS_VERIFY_CTX_init; -+ PKCS7_stream; -+ TS_RESP_CTX_set_certs; -+ TS_CONF_set_def_policy; -+ ASN1_GENERALIZEDTIME_adj; -+ NETSCAPE_X509_new; -+ TS_ACCURACY_free; -+ TS_RESP_get_tst_info; -+ EVP_PKEY_derive_set_peer; -+ PEM_read_bio_Parameters; -+ TS_CONF_set_clock_precision_digits; -+ TS_CONF_set_clk_prec_digits; -+ ESS_ISSUER_SERIAL_dup; -+ TS_ACCURACY_get_micros; -+ ASN1_PCTX_get_str_flags; -+ NAME_CONSTRAINTS_check; -+ ASN1_BIT_STRING_check; -+ X509_check_akid; -+ ENGINE_unregister_pkey_asn1_meths; -+ ENGINE_unreg_pkey_asn1_meths; -+ ASN1_PCTX_free; -+ PEM_write_bio_ASN1_stream; -+ i2d_ASN1_bio_stream; -+ TS_X509_ALGOR_print_bio; -+ EVP_PKEY_meth_set_cleanup; -+ EVP_PKEY_asn1_free; -+ ESS_SIGNING_CERT_free; -+ TS_TST_INFO_set_msg_imprint; -+ GENERAL_NAME_cmp; -+ d2i_ASN1_SET_ANY; -+ ENGINE_set_pkey_meths; -+ i2d_TS_REQ_fp; -+ d2i_ASN1_SEQUENCE_ANY; -+ GENERAL_NAME_get0_otherName; -+ d2i_ESS_CERT_ID; -+ OBJ_find_sigid_algs; -+ EVP_PKEY_meth_set_keygen; -+ PKCS5_PBKDF2_HMAC; -+ EVP_PKEY_paramgen; -+ EVP_PKEY_meth_set_paramgen; -+ BIO_new_PKCS7; -+ EVP_PKEY_verify_recover; -+ TS_ext_print_bio; -+ TS_ASN1_INTEGER_print_bio; -+ check_defer; -+ DSO_pathbyaddr; -+ EVP_PKEY_set_type; -+ TS_ACCURACY_set_micros; -+ TS_REQ_to_TS_VERIFY_CTX; -+ EVP_PKEY_meth_set_copy; -+ ASN1_PCTX_set_cert_flags; -+ TS_TST_INFO_get_ext; -+ EVP_PKEY_asn1_set_ctrl; -+ TS_TST_INFO_get_ext_by_critical; -+ EVP_PKEY_CTX_new_id; -+ TS_REQ_get_ext_by_OBJ; -+ TS_CONF_set_signer_cert; -+ X509_NAME_hash_old; -+ ASN1_TIME_set_string; -+ EVP_MD_flags; -+ TS_RESP_CTX_free; -+ DSAparams_dup; -+ DHparams_dup; -+ OCSP_REQ_CTX_add1_header; -+ OCSP_REQ_CTX_set1_req; -+ X509_STORE_set_verify_cb; -+ X509_STORE_CTX_get0_current_crl; -+ X509_STORE_CTX_get0_parent_ctx; -+ X509_STORE_CTX_get0_current_issuer; -+ X509_STORE_CTX_get0_cur_issuer; -+ X509_issuer_name_hash_old; -+ X509_subject_name_hash_old; -+ EVP_CIPHER_CTX_copy; -+ UI_method_get_prompt_constructor; -+ UI_method_get_prompt_constructr; -+ UI_method_set_prompt_constructor; -+ UI_method_set_prompt_constructr; -+ EVP_read_pw_string_min; -+ CRYPTO_cts128_encrypt; -+ CRYPTO_cts128_decrypt_block; -+ CRYPTO_cfb128_1_encrypt; -+ CRYPTO_cbc128_encrypt; -+ CRYPTO_ctr128_encrypt; -+ CRYPTO_ofb128_encrypt; -+ CRYPTO_cts128_decrypt; -+ CRYPTO_cts128_encrypt_block; -+ CRYPTO_cbc128_decrypt; -+ CRYPTO_cfb128_encrypt; -+ CRYPTO_cfb128_8_encrypt; -+ -+ local: -+ *; -+}; -+ -+ -+OPENSSL_1.0.1 { -+ global: -+ SSL_renegotiate_abbreviated; -+ TLSv1_1_method; -+ TLSv1_1_client_method; -+ TLSv1_1_server_method; -+ SSL_CTX_set_srp_client_pwd_callback; -+ SSL_CTX_set_srp_client_pwd_cb; -+ SSL_get_srp_g; -+ SSL_CTX_set_srp_username_callback; -+ SSL_CTX_set_srp_un_cb; -+ SSL_get_srp_userinfo; -+ SSL_set_srp_server_param; -+ SSL_set_srp_server_param_pw; -+ SSL_get_srp_N; -+ SSL_get_srp_username; -+ SSL_CTX_set_srp_password; -+ SSL_CTX_set_srp_strength; -+ SSL_CTX_set_srp_verify_param_callback; -+ SSL_CTX_set_srp_vfy_param_cb; -+ SSL_CTX_set_srp_cb_arg; -+ SSL_CTX_set_srp_username; -+ SSL_CTX_SRP_CTX_init; -+ SSL_SRP_CTX_init; -+ SRP_Calc_A_param; -+ SRP_generate_server_master_secret; -+ SRP_gen_server_master_secret; -+ SSL_CTX_SRP_CTX_free; -+ SRP_generate_client_master_secret; -+ SRP_gen_client_master_secret; -+ SSL_srp_server_param_with_username; -+ SSL_srp_server_param_with_un; -+ SSL_SRP_CTX_free; -+ SSL_set_debug; -+ SSL_SESSION_get0_peer; -+ TLSv1_2_client_method; -+ SSL_SESSION_set1_id_context; -+ TLSv1_2_server_method; -+ SSL_cache_hit; -+ SSL_get0_kssl_ctx; -+ SSL_set0_kssl_ctx; -+ SSL_set_state; -+ SSL_CIPHER_get_id; -+ TLSv1_2_method; -+ kssl_ctx_get0_client_princ; -+ SSL_export_keying_material; -+ SSL_set_tlsext_use_srtp; -+ SSL_CTX_set_next_protos_advertised_cb; -+ SSL_CTX_set_next_protos_adv_cb; -+ SSL_get0_next_proto_negotiated; -+ SSL_get_selected_srtp_profile; -+ SSL_CTX_set_tlsext_use_srtp; -+ SSL_select_next_proto; -+ SSL_get_srtp_profiles; -+ SSL_CTX_set_next_proto_select_cb; -+ SSL_CTX_set_next_proto_sel_cb; -+ SSL_SESSION_get_compress_id; -+ -+ SRP_VBASE_get_by_user; -+ SRP_Calc_server_key; -+ SRP_create_verifier; -+ SRP_create_verifier_BN; -+ SRP_Calc_u; -+ SRP_VBASE_free; -+ SRP_Calc_client_key; -+ SRP_get_default_gN; -+ SRP_Calc_x; -+ SRP_Calc_B; -+ SRP_VBASE_new; -+ SRP_check_known_gN_param; -+ SRP_Calc_A; -+ SRP_Verify_A_mod_N; -+ SRP_VBASE_init; -+ SRP_Verify_B_mod_N; -+ EC_KEY_set_public_key_affine_coordinates; -+ EC_KEY_set_pub_key_aff_coords; -+ EVP_aes_192_ctr; -+ EVP_PKEY_meth_get0_info; -+ EVP_PKEY_meth_copy; -+ ERR_add_error_vdata; -+ EVP_aes_128_ctr; -+ EVP_aes_256_ctr; -+ EC_GFp_nistp224_method; -+ EC_KEY_get_flags; -+ RSA_padding_add_PKCS1_PSS_mgf1; -+ EVP_aes_128_xts; -+ EVP_aes_256_xts; -+ EVP_aes_128_gcm; -+ EC_KEY_clear_flags; -+ EC_KEY_set_flags; -+ EVP_aes_256_ccm; -+ RSA_verify_PKCS1_PSS_mgf1; -+ EVP_aes_128_ccm; -+ EVP_aes_192_gcm; -+ X509_ALGOR_set_md; -+ RAND_init_fips; -+ EVP_aes_256_gcm; -+ EVP_aes_192_ccm; -+ CMAC_CTX_copy; -+ CMAC_CTX_free; -+ CMAC_CTX_get0_cipher_ctx; -+ CMAC_CTX_cleanup; -+ CMAC_Init; -+ CMAC_Update; -+ CMAC_resume; -+ CMAC_CTX_new; -+ CMAC_Final; -+ CRYPTO_ctr128_encrypt_ctr32; -+ CRYPTO_gcm128_release; -+ CRYPTO_ccm128_decrypt_ccm64; -+ CRYPTO_ccm128_encrypt; -+ CRYPTO_gcm128_encrypt; -+ CRYPTO_xts128_encrypt; -+ EVP_rc4_hmac_md5; -+ CRYPTO_nistcts128_decrypt_block; -+ CRYPTO_gcm128_setiv; -+ CRYPTO_nistcts128_encrypt; -+ EVP_aes_128_cbc_hmac_sha1; -+ CRYPTO_gcm128_tag; -+ CRYPTO_ccm128_encrypt_ccm64; -+ ENGINE_load_rdrand; -+ CRYPTO_ccm128_setiv; -+ CRYPTO_nistcts128_encrypt_block; -+ CRYPTO_gcm128_aad; -+ CRYPTO_ccm128_init; -+ CRYPTO_nistcts128_decrypt; -+ CRYPTO_gcm128_new; -+ CRYPTO_ccm128_tag; -+ CRYPTO_ccm128_decrypt; -+ CRYPTO_ccm128_aad; -+ CRYPTO_gcm128_init; -+ CRYPTO_gcm128_decrypt; -+ ENGINE_load_rsax; -+ CRYPTO_gcm128_decrypt_ctr32; -+ CRYPTO_gcm128_encrypt_ctr32; -+ CRYPTO_gcm128_finish; -+ EVP_aes_256_cbc_hmac_sha1; -+ PKCS5_pbkdf2_set; -+ CMS_add0_recipient_password; -+ CMS_decrypt_set1_password; -+ CMS_RecipientInfo_set0_password; -+ RAND_set_fips_drbg_type; -+ X509_REQ_sign_ctx; -+ RSA_PSS_PARAMS_new; -+ X509_CRL_sign_ctx; -+ X509_signature_dump; -+ d2i_RSA_PSS_PARAMS; -+ RSA_PSS_PARAMS_it; -+ RSA_PSS_PARAMS_it; -+ RSA_PSS_PARAMS_free; -+ X509_sign_ctx; -+ i2d_RSA_PSS_PARAMS; -+ ASN1_item_sign_ctx; -+ EC_GFp_nistp521_method; -+ EC_GFp_nistp256_method; -+ OPENSSL_stderr; -+ OPENSSL_cpuid_setup; -+ OPENSSL_showfatal; -+ BIO_new_dgram_sctp; -+ BIO_dgram_sctp_msg_waiting; -+ BIO_dgram_sctp_wait_for_dry; -+ BIO_s_datagram_sctp; -+ BIO_dgram_is_sctp; -+ BIO_dgram_sctp_notification_cb; -+} OPENSSL_1.0.0; -+ -+OPENSSL_1.0.1d { -+ global: -+ CRYPTO_memcmp; -+} OPENSSL_1.0.1; -+ -Index: openssl-1.0.1d/engines/openssl.ld -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.0.1d/engines/openssl.ld 2013-02-06 19:41:43.000000000 +0100 -@@ -0,0 +1,10 @@ -+OPENSSL_1.0.0 { -+ global: -+ bind_engine; -+ v_check; -+ OPENSSL_init; -+ OPENSSL_finish; -+ local: -+ *; -+}; -+ -Index: openssl-1.0.1d/engines/ccgost/openssl.ld -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.0.1d/engines/ccgost/openssl.ld 2013-02-06 19:41:43.000000000 +0100 -@@ -0,0 +1,10 @@ -+OPENSSL_1.0.0 { -+ global: -+ bind_engine; -+ v_check; -+ OPENSSL_init; -+ OPENSSL_finish; -+ local: -+ *; -+}; -+ diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch deleted file mode 100644 index d8a6f1a2..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch +++ /dev/null @@ -1,56 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - - -Index: openssl-1.0.0/engines/Makefile -=================================================================== ---- openssl-1.0.0.orig/engines/Makefile -+++ openssl-1.0.0/engines/Makefile -@@ -107,7 +107,7 @@ - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ -- $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \ -+ $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines; \ - for l in $(LIBNAMES); do \ - ( echo installing $$l; \ - pfx=lib; \ -@@ -119,13 +119,13 @@ - *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ - *) sfx=".bad";; \ - esac; \ -- cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ -+ cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ - else \ - sfx=".so"; \ -- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ -+ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ - fi; \ -- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ -+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ -+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx ); \ - done; \ - fi - @target=install; $(RECURSIVE_MAKE) -Index: openssl-1.0.0/engines/ccgost/Makefile -=================================================================== ---- openssl-1.0.0.orig/engines/ccgost/Makefile -+++ openssl-1.0.0/engines/ccgost/Makefile -@@ -53,13 +53,13 @@ - *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ - *) sfx=".bad";; \ - esac; \ -- cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ -+ cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - else \ - sfx=".so"; \ -- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ -+ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - fi; \ -- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \ -+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ -+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx; \ - fi - - links: diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/find.pl b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/find.pl deleted file mode 100644 index 8e1b42c8..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/find.pl +++ /dev/null @@ -1,54 +0,0 @@ -warn "Legacy library @{[(caller(0))[6]]} will be removed from the Perl core distribution in the next major release. Please install it from the CPAN distribution Perl4::CoreLibs. It is being used at @{[(caller)[1]]}, line @{[(caller)[2]]}.\n"; - -# This library is deprecated and unmaintained. It is included for -# compatibility with Perl 4 scripts which may use it, but it will be -# removed in a future version of Perl. Please use the File::Find module -# instead. - -# Usage: -# require "find.pl"; -# -# &find('/foo','/bar'); -# -# sub wanted { ... } -# where wanted does whatever you want. $dir contains the -# current directory name, and $_ the current filename within -# that directory. $name contains "$dir/$_". You are cd'ed -# to $dir when the function is called. The function may -# set $prune to prune the tree. -# -# For example, -# -# find / -name .nfs\* -mtime +7 -exec rm -f {} \; -o -fstype nfs -prune -# -# corresponds to this -# -# sub wanted { -# /^\.nfs.*$/ && -# (($dev,$ino,$mode,$nlink,$uid,$gid) = lstat($_)) && -# int(-M _) > 7 && -# unlink($_) -# || -# ($nlink || (($dev,$ino,$mode,$nlink,$uid,$gid) = lstat($_))) && -# $dev < 0 && -# ($prune = 1); -# } -# -# Set the variable $dont_use_nlink if you're using AFS, since AFS cheats. - -use File::Find (); - -*name = *File::Find::name; -*prune = *File::Find::prune; -*dir = *File::Find::dir; -*topdir = *File::Find::topdir; -*topdev = *File::Find::topdev; -*topino = *File::Find::topino; -*topmode = *File::Find::topmode; -*topnlink = *File::Find::topnlink; - -sub find { - &File::Find::find(\&wanted, @_); -} - -1; diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch deleted file mode 100644 index f0e17784..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch +++ /dev/null @@ -1,22 +0,0 @@ -Upstream-Status: Submitted - -This patch adds the fix for one of the ciphers used in openssl, namely -the cipher des-ede3-cfb1. Complete bug log and patch is present here: -http://rt.openssl.org/Ticket/Display.html?id=2867 - -Signed-Off-By: Muhammad Shakeel - -diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c -index 3232cfe..df84922 100644 -=================================================================== ---- a/crypto/evp/e_des3.c -+++ b/crypto/evp/e_des3.c -@@ -173,7 +173,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - size_t n; - unsigned char c[1],d[1]; - -- for(n=0 ; n < inl ; ++n) -+ for(n=0 ; n < inl*8 ; ++n) - { - c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0; - DES_ede3_cfb_encrypt(c,d,1,1, diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch deleted file mode 100644 index 2185ff8a..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch +++ /dev/null @@ -1,119 +0,0 @@ -From: Andy Polyakov -Date: Sun, 13 Oct 2013 17:15:15 +0000 (+0200) -Subject: Initial aarch64 bits. -X-Git-Url: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=039081b80977e2a5de84e1f88f8b4d025b559956 - -Initial aarch64 bits. ---- - crypto/bn/bn_lcl.h | 9 +++++++++ - crypto/md32_common.h | 18 ++++++++++++++++++ - crypto/modes/modes_lcl.h | 8 ++++++++ - crypto/sha/sha512.c | 13 +++++++++++++ - 4 files changed, 48 insertions(+) - -Index: openssl-1.0.1f/crypto/bn/bn_lcl.h -=================================================================== ---- openssl-1.0.1f.orig/crypto/bn/bn_lcl.h 2014-01-06 15:47:42.000000000 +0200 -+++ openssl-1.0.1f/crypto/bn/bn_lcl.h 2014-02-28 10:37:55.495979037 +0200 -@@ -300,6 +300,15 @@ - : "r"(a), "r"(b)); - # endif - # endif -+# elif defined(__aarch64__) && defined(SIXTY_FOUR_BIT_LONG) -+# if defined(__GNUC__) && __GNUC__>=2 -+# define BN_UMULT_HIGH(a,b) ({ \ -+ register BN_ULONG ret; \ -+ asm ("umulh %0,%1,%2" \ -+ : "=r"(ret) \ -+ : "r"(a), "r"(b)); \ -+ ret; }) -+# endif - # endif /* cpu */ - #endif /* OPENSSL_NO_ASM */ - -Index: openssl-1.0.1f/crypto/md32_common.h -=================================================================== ---- openssl-1.0.1f.orig/crypto/md32_common.h 2014-01-06 15:47:42.000000000 +0200 -+++ openssl-1.0.1f/crypto/md32_common.h 2014-02-28 10:39:21.751979107 +0200 -@@ -213,6 +213,24 @@ - asm ("bswapl %0":"=r"(r):"0"(r)); \ - *((unsigned int *)(c))=r; (c)+=4; r; }) - # endif -+# elif defined(__aarch64__) -+# if defined(__BYTE_ORDER__) -+# if defined(__ORDER_LITTLE_ENDIAN__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__ -+# define HOST_c2l(c,l) ({ unsigned int r; \ -+ asm ("rev %w0,%w1" \ -+ :"=r"(r) \ -+ :"r"(*((const unsigned int *)(c))));\ -+ (c)+=4; (l)=r; }) -+# define HOST_l2c(l,c) ({ unsigned int r; \ -+ asm ("rev %w0,%w1" \ -+ :"=r"(r) \ -+ :"r"((unsigned int)(l)));\ -+ *((unsigned int *)(c))=r; (c)+=4; r; }) -+# elif defined(__ORDER_BIG_ENDIAN__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__ -+# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l)) -+# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l)) -+# endif -+# endif - # endif - # endif - #endif -Index: openssl-1.0.1f/crypto/modes/modes_lcl.h -=================================================================== ---- openssl-1.0.1f.orig/crypto/modes/modes_lcl.h 2014-02-28 10:47:48.731979011 +0200 -+++ openssl-1.0.1f/crypto/modes/modes_lcl.h 2014-02-28 10:48:49.707978919 +0200 -@@ -29,6 +29,7 @@ - #if defined(__i386) || defined(__i386__) || \ - defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \ -+ defined(__aarch64__) || \ - defined(__s390__) || defined(__s390x__) - # undef STRICT_ALIGNMENT - #endif -@@ -50,6 +51,13 @@ - # define BSWAP4(x) ({ u32 ret=(x); \ - asm ("bswapl %0" \ - : "+r"(ret)); ret; }) -+# elif defined(__aarch64__) -+# define BSWAP8(x) ({ u64 ret; \ -+ asm ("rev %0,%1" \ -+ : "=r"(ret) : "r"(x)); ret; }) -+# define BSWAP4(x) ({ u32 ret; \ -+ asm ("rev %w0,%w1" \ -+ : "=r"(ret) : "r"(x)); ret; }) - # elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT) - # define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \ - asm ("rev %0,%0; rev %1,%1" \ -Index: openssl-1.0.1f/crypto/sha/sha512.c -=================================================================== ---- openssl-1.0.1f.orig/crypto/sha/sha512.c 2014-01-06 15:47:42.000000000 +0200 -+++ openssl-1.0.1f/crypto/sha/sha512.c 2014-02-28 10:52:14.579978981 +0200 -@@ -55,6 +55,7 @@ - #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ - defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \ - defined(__s390__) || defined(__s390x__) || \ -+ defined(__aarch64__) || \ - defined(SHA512_ASM) - #define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA - #endif -@@ -347,6 +348,18 @@ - asm ("rotrdi %0,%1,%2" \ - : "=r"(ret) \ - : "r"(a),"K"(n)); ret; }) -+# elif defined(__aarch64__) -+# define ROTR(a,n) ({ SHA_LONG64 ret; \ -+ asm ("ror %0,%1,%2" \ -+ : "=r"(ret) \ -+ : "r"(a),"I"(n)); ret; }) -+# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \ -+ __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__ -+# define PULL64(x) ({ SHA_LONG64 ret; \ -+ asm ("rev %0,%1" \ -+ : "=r"(ret) \ -+ : "r"(*((const SHA_LONG64 *)(&(x))))); ret; }) -+# endif - # endif - # elif defined(_MSC_VER) - # if defined(_WIN64) /* applies to both IA-64 and AMD64 */ diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/oe-ldflags.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/oe-ldflags.patch deleted file mode 100644 index 292e13dc..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/oe-ldflags.patch +++ /dev/null @@ -1,24 +0,0 @@ -Upstream-Status: Inappropriate [open-embedded] - -Index: openssl-1.0.0/Makefile.shared -=================================================================== ---- openssl-1.0.0.orig/Makefile.shared -+++ openssl-1.0.0/Makefile.shared -@@ -92,7 +92,7 @@ - LINK_APP= \ - ( $(SET_X); \ - LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \ -- LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \ -+ LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$(OE_LDFLAGS) $${LDFLAGS:-$(CFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ -@@ -102,7 +102,7 @@ - ( $(SET_X); \ - LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \ - SHAREDCMD="$${SHAREDCMD:-$(CC)}"; \ -- SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ -+ SHAREDFLAGS="$(OE_LDFLAGS) $${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch deleted file mode 100644 index c161e62f..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch +++ /dev/null @@ -1,21 +0,0 @@ -openssl: avoid NULL pointer dereference in EVP_DigestInit_ex() - -We should avoid accessing the type pointer if it's NULL, -this could happen if ctx->digest is not NULL. - -Upstream-Status: Submitted -http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html - -Signed-off-by: Xufeng Zhang ---- ---- a/crypto/evp/digest.c -+++ b/crypto/evp/digest.c -@@ -199,7 +199,7 @@ - return 0; - } - #endif -- if (ctx->digest != type) -+ if (type && (ctx->digest != type)) - { - if (ctx->digest && ctx->digest->ctx_size) - OPENSSL_free(ctx->md_data); diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch deleted file mode 100644 index 3e93fe4e..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch +++ /dev/null @@ -1,39 +0,0 @@ -openssl: avoid NULL pointer dereference in dh_pub_encode()/dsa_pub_encode() - -We should avoid accessing the pointer if ASN1_STRING_new() -allocates memory failed. - -Upstream-Status: Submitted -http://www.mail-archive.com/openssl-dev@openssl.org/msg32859.html - -Signed-off-by: Xufeng Zhang ---- ---- a/crypto/dh/dh_ameth.c -+++ b/crypto/dh/dh_ameth.c -@@ -139,6 +139,12 @@ - dh=pkey->pkey.dh; - - str = ASN1_STRING_new(); -+ if (!str) -+ { -+ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ - str->length = i2d_DHparams(dh, &str->data); - if (str->length <= 0) - { ---- a/crypto/dsa/dsa_ameth.c -+++ b/crypto/dsa/dsa_ameth.c -@@ -148,6 +148,11 @@ - { - ASN1_STRING *str; - str = ASN1_STRING_new(); -+ if (!str) -+ { -+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } - str->length = i2d_DSAparams(dsa, &str->data); - if (str->length <= 0) - { diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch deleted file mode 100644 index de49729e..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch +++ /dev/null @@ -1,19 +0,0 @@ -openssl: Fix pod2man des.pod error on Ubuntu 12.04 - -This is a formatting fix, '=back' is required before -'=head1' on Ubuntu 12.04. - -Upstream-Status: Pending -Signed-off-by: Baogen Shang -diff -urpN a_origin/des.pod b_modify/des.pod ---- a_origin/crypto/des/des.pod 2013-08-15 15:02:56.211674589 +0800 -+++ b_modify/crypto/des/des.pod 2013-08-15 15:04:14.439674580 +0800 -@@ -181,6 +181,8 @@ the uuencoded file to embed in the begin - output. If there is no name specified after the B<-u>, the name text.des - will be embedded in the header. - -+=back -+ - =head1 SEE ALSO - - ps(1), diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-fix-link.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-fix-link.patch deleted file mode 100644 index 154106cb..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-fix-link.patch +++ /dev/null @@ -1,35 +0,0 @@ -From aabfb6f78af8e337d3239142117ba303fce55e7e Mon Sep 17 00:00:00 2001 -From: Dmitry Eremin-Solenikov -Date: Thu, 22 Sep 2011 08:55:26 +0200 -Subject: [PATCH] fix the parallel build regarding shared libraries. - -Upstream-Status: Pending ---- - .../openssl-1.0.0e/Makefile.org | 8 ++++---- - 1 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/Makefile.org -index 3c7aea1..6326cd6 100644 ---- a/Makefile.org -+++ b/Makefile.org -@@ -243,13 +243,13 @@ build_libs: build_crypto build_ssl build_engines - - build_crypto: - @dir=crypto; target=all; $(BUILD_ONE_CMD) --build_ssl: -+build_ssl: build_crypto - @dir=ssl; target=all; $(BUILD_ONE_CMD) --build_engines: -+build_engines: build_crypto - @dir=engines; target=all; $(BUILD_ONE_CMD) --build_apps: -+build_apps: build_crypto build_ssl - @dir=apps; target=all; $(BUILD_ONE_CMD) --build_tests: -+build_tests: build_crypto build_ssl - @dir=test; target=all; $(BUILD_ONE_CMD) - build_tools: - @dir=tools; target=all; $(BUILD_ONE_CMD) --- -1.6.6.1 - diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch deleted file mode 100644 index 93ce0343..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch +++ /dev/null @@ -1,90 +0,0 @@ -Upstream-Status: Pending - -Received from H J Liu @ Intel -Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors. -Signed-Off-By: Nitin A Kamble 2011/07/13 - -ported the patch to the 1.0.0e version -Signed-Off-By: Nitin A Kamble 2011/12/01 -Index: openssl-1.0.1e/Configure -=================================================================== ---- openssl-1.0.1e.orig/Configure -+++ openssl-1.0.1e/Configure -@@ -402,6 +402,7 @@ my %table=( - "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", -+"linux-x32", "gcc:-mx32 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32", - "linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", - #### So called "highgprs" target for z/Architecture CPUs - # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see -Index: openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c -=================================================================== ---- openssl-1.0.1e.orig/crypto/bn/asm/x86_64-gcc.c -+++ openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c -@@ -55,7 +55,7 @@ - * machine. - */ - --#ifdef _WIN64 -+#if defined _WIN64 || !defined __LP64__ - #define BN_ULONG unsigned long long - #else - #define BN_ULONG unsigned long -@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con - asm ( - " subq %2,%2 \n" - ".p2align 4 \n" -- "1: movq (%4,%2,8),%0 \n" -- " adcq (%5,%2,8),%0 \n" -- " movq %0,(%3,%2,8) \n" -+ "1: movq (%q4,%2,8),%0 \n" -+ " adcq (%q5,%2,8),%0 \n" -+ " movq %0,(%q3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" -@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con - asm ( - " subq %2,%2 \n" - ".p2align 4 \n" -- "1: movq (%4,%2,8),%0 \n" -- " sbbq (%5,%2,8),%0 \n" -- " movq %0,(%3,%2,8) \n" -+ "1: movq (%q4,%2,8),%0 \n" -+ " sbbq (%q5,%2,8),%0 \n" -+ " movq %0,(%q3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" -Index: openssl-1.0.1e/crypto/bn/bn.h -=================================================================== ---- openssl-1.0.1e.orig/crypto/bn/bn.h -+++ openssl-1.0.1e/crypto/bn/bn.h -@@ -172,6 +172,13 @@ extern "C" { - # endif - #endif - -+/* Address type. */ -+#ifdef _WIN64 -+#define BN_ADDR unsigned long long -+#else -+#define BN_ADDR unsigned long -+#endif -+ - /* assuming long is 64bit - this is the DEC Alpha - * unsigned long long is only 64 bits :-(, don't define - * BN_LLONG for the DEC Alpha */ -Index: openssl-1.0.1e/crypto/bn/bn_exp.c -=================================================================== ---- openssl-1.0.1e.orig/crypto/bn/bn_exp.c -+++ openssl-1.0.1e/crypto/bn/bn_exp.c -@@ -567,7 +567,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU - - /* Given a pointer value, compute the next address that is a cache line multiple. */ - #define MOD_EXP_CTIME_ALIGN(x_) \ -- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) -+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) - - /* This variant of BN_mod_exp_mont() uses fixed windows and the special - * precomputation memory layout to limit data-dependency to a minimum diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/shared-libs.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/shared-libs.patch deleted file mode 100644 index a7ca0a30..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/shared-libs.patch +++ /dev/null @@ -1,41 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - -Index: openssl-1.0.1e/crypto/Makefile -=================================================================== ---- openssl-1.0.1e.orig/crypto/Makefile -+++ openssl-1.0.1e/crypto/Makefile -@@ -108,7 +108,7 @@ $(LIB): $(LIBOBJ) - - shared: buildinf.h lib subdirs - if [ -n "$(SHARED_LIBS)" ]; then \ -- (cd ..; $(MAKE) $(SHARED_LIB)); \ -+ (cd ..; $(MAKE) -e $(SHARED_LIB)); \ - fi - - libs: -Index: openssl-1.0.1e/Makefile.org -=================================================================== ---- openssl-1.0.1e.orig/Makefile.org -+++ openssl-1.0.1e/Makefile.org -@@ -310,7 +310,7 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_ - - libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a - @if [ "$(SHLIB_TARGET)" != "" ]; then \ -- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ -+ $(MAKE) -e SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ - else \ - echo "There's no support for shared libraries on this platform" >&2; \ - exit 1; \ -Index: openssl-1.0.1e/ssl/Makefile -=================================================================== ---- openssl-1.0.1e.orig/ssl/Makefile -+++ openssl-1.0.1e/ssl/Makefile -@@ -62,7 +62,7 @@ lib: $(LIBOBJ) - - shared: lib - if [ -n "$(SHARED_LIBS)" ]; then \ -- (cd ..; $(MAKE) $(SHARED_LIB)); \ -+ (cd ..; $(MAKE) -e $(SHARED_LIB)); \ - fi - - files: diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1i.bb b/meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1i.bb deleted file mode 100644 index 9d093efe..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1i.bb +++ /dev/null @@ -1,53 +0,0 @@ -require openssl.inc - -# For target side versions of openssl enable support for cryptodev Linux driver -# if they are available. -DEPENDS_class-target += "cryptodev-linux" -CFLAG_class-target += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" - -export DIRS = "crypto ssl apps engines" -export OE_LDFLAGS="${LDFLAGS}" - -SRC_URI += "file://configure-targets.patch \ - file://shared-libs.patch \ - file://oe-ldflags.patch \ - file://engines-install-in-libdir-ssl.patch \ - file://openssl-fix-link.patch \ - file://debian/version-script.patch \ - file://debian/pic.patch \ - file://debian/c_rehash-compat.patch \ - file://debian/ca.patch \ - file://debian/make-targets.patch \ - file://debian/no-rpath.patch \ - file://debian/man-dir.patch \ - file://debian/man-section.patch \ - file://debian/no-symbolic.patch \ - file://debian/debian-targets.patch \ - file://openssl_fix_for_x32.patch \ - file://fix-cipher-des-ede3-cfb1.patch \ - file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \ - file://openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch \ - file://initial-aarch64-bits.patch \ - file://find.pl \ - file://openssl-fix-des.pod-error.patch \ - " - -SRC_URI[md5sum] = "c8dc151a671b9b92ff3e4c118b174972" -SRC_URI[sha256sum] = "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7" - -PACKAGES =+ " \ - ${PN}-engines-dbg \ - ${PN}-engines \ -" - -FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines" -FILES_${PN}-engines-dbg = "${libdir}/engines/.debug ${libdir}/ssl/engines/.debug" - -PARALLEL_MAKE = "" -PARALLEL_MAKEINST = "" - -do_configure_prepend() { - cp ${WORKDIR}/find.pl ${S}/util/find.pl -} diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1i.bbappend b/meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1i.bbappend deleted file mode 100644 index 7b381ffb..00000000 --- a/meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1i.bbappend +++ /dev/null @@ -1,40 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/openssl-fsl:" - -RDEPENDS_${PN}_class-target += "cryptodev-module" - -SRC_URI_append_class-target = " file://0001-remove-double-initialization-of-cryptodev-engine.patch \ - file://0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch \ - file://0003-cryptodev-fix-algorithm-registration.patch \ - file://0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch \ - file://0005-ECC-Support-header-for-Cryptodev-Engine.patch \ - file://0006-Fixed-private-key-support-for-DH.patch \ - file://0007-Fixed-private-key-support-for-DH.patch \ - file://0008-Initial-support-for-PKC-in-cryptodev-engine.patch \ - file://0009-Added-hwrng-dev-file-as-source-of-RNG.patch \ - file://0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch \ - file://0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch \ - file://0012-RSA-Keygen-Fix.patch \ - file://0013-Removed-local-copy-of-curve_t-type.patch \ - file://0014-Modulus-parameter-is-not-populated-by-dhparams.patch \ - file://0015-SW-Backoff-mechanism-for-dsa-keygen.patch \ - file://0016-Fixed-DH-keygen-pair-generator.patch \ - file://0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch \ - file://0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch \ - file://0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch \ - file://0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch \ - file://0021-cryptodev-drop-redundant-function.patch \ - file://0022-cryptodev-do-not-zero-the-buffer-before-use.patch \ - file://0023-cryptodev-clean-up-code-layout.patch \ - file://0024-cryptodev-do-not-cache-file-descriptor-in-open.patch \ - file://0025-cryptodev-put_dev_crypto-should-be-an-int.patch \ - file://0026-cryptodev-simplify-cryptodev-pkc-support-code.patch \ -" - -# Digest offloading through cryptodev is not recommended because of the -# performance penalty of the Openssl engine interface. Openssl generates a huge -# number of calls to digest functions for even a small amount of work data. -# For example there are 70 calls to cipher code and over 10000 to digest code -# when downloading only 10 files of 700 bytes each. -# Do not build OpenSSL with cryptodev digest support until engine digest -# interface gets some rework: -CFLAG_class-target := "${@'${CFLAG}'.replace('-DUSE_CRYPTODEV_DIGESTS', '')}" diff --git a/meta-fsl-ppc/recipes-core/init-ifupdown/init-ifupdown/qoriq-ppc/interfaces b/meta-fsl-ppc/recipes-core/init-ifupdown/init-ifupdown/qoriq-ppc/interfaces deleted file mode 100644 index 3737c8b2..00000000 --- a/meta-fsl-ppc/recipes-core/init-ifupdown/init-ifupdown/qoriq-ppc/interfaces +++ /dev/null @@ -1,6 +0,0 @@ -# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8) - -# The loopback interface -auto lo -iface lo inet loopback - diff --git a/meta-fsl-ppc/recipes-core/init-ifupdown/init-ifupdown_%.bbappend b/meta-fsl-ppc/recipes-core/init-ifupdown/init-ifupdown_%.bbappend deleted file mode 100644 index 00057874..00000000 --- a/meta-fsl-ppc/recipes-core/init-ifupdown/init-ifupdown_%.bbappend +++ /dev/null @@ -1,2 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:" - diff --git a/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq.bb b/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq.bb deleted file mode 100644 index 541d88c4..00000000 --- a/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq.bb +++ /dev/null @@ -1,24 +0,0 @@ -DESCRIPTION = "udev rules for Freescale QorIQ SOCs" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690" - -SRC_URI = "\ - file://71-fsl-dpaa-persistent-networking.rules \ - file://72-fsl-dpaa-persistent-networking.rules \ -" -RULE ?= "71-fsl-dpaa-persistent-networking.rules" -RULE_e6500 = "72-fsl-dpaa-persistent-networking.rules" -RULE_e6500-64b = "72-fsl-dpaa-persistent-networking.rules" -RULE_t1024 = "72-fsl-dpaa-persistent-networking.rules" -RULE_t1023 = "72-fsl-dpaa-persistent-networking.rules" - -do_install () { - install -d ${D}${sysconfdir}/udev/rules.d/ - install -m 0644 ${WORKDIR}/${RULE} ${D}${sysconfdir}/udev/rules.d/ - - # skip mmc rpmb partitions - echo "/dev/mmcblk.*rpmb" >>${D}${sysconfdir}/udev/mount.blacklist - # skip nbd (network block device) - echo "/dev/nbd*" >>${D}${sysconfdir}/udev/mount.blacklist -} - diff --git a/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/71-fsl-dpaa-persistent-networking.rules b/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/71-fsl-dpaa-persistent-networking.rules deleted file mode 100644 index 6c6dc354..00000000 --- a/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/71-fsl-dpaa-persistent-networking.rules +++ /dev/null @@ -1,20 +0,0 @@ -# Rules for handling naming the DPAA FMan ethernet ports in a consistent way -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e0000", NAME="fm1-gb0" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e2000", NAME="fm1-gb1" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e4000", NAME="fm1-gb2" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e6000", NAME="fm1-gb3" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e8000", NAME="fm1-gb4" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4f0000", NAME="fm1-10g" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e0000", NAME="fm2-gb0" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e2000", NAME="fm2-gb1" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e4000", NAME="fm2-gb2" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e6000", NAME="fm2-gb3" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e8000", NAME="fm2-gb4" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5f0000", NAME="fm2-10g" - -# P1023 has its Fman @ different offsets -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ff7e0000", NAME="fm1-gb0" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ff7e2000", NAME="fm1-gb1" - -# Rename macless0 port to "macless0" -SUBSYSTEM=="net", ATTR{device_type}=="macless0", NAME="macless0" diff --git a/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/72-fsl-dpaa-persistent-networking.rules b/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/72-fsl-dpaa-persistent-networking.rules deleted file mode 100644 index d0eec9ce..00000000 --- a/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/72-fsl-dpaa-persistent-networking.rules +++ /dev/null @@ -1,24 +0,0 @@ -# Rules for handling naming the DPAA FMan ethernet ports in a consistent way -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e0000", NAME="fm1-mac1" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e2000", NAME="fm1-mac2" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e4000", NAME="fm1-mac3" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e6000", NAME="fm1-mac4" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e8000", NAME="fm1-mac5" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4ea000", NAME="fm1-mac6" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4ec000", NAME="fm1-mac7" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4ee000", NAME="fm1-mac8" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4f0000", NAME="fm1-mac9" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4f2000", NAME="fm1-mac10" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e0000", NAME="fm2-mac1" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e2000", NAME="fm2-mac2" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e4000", NAME="fm2-mac3" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e6000", NAME="fm2-mac4" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e8000", NAME="fm2-mac5" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5ea000", NAME="fm2-mac6" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5ec000", NAME="fm2-mac7" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5ee000", NAME="fm2-mac8" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5f0000", NAME="fm2-mac9" -SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5f2000", NAME="fm2-mac10" - -# Rename macless0 to "macless0" -SUBSYSTEM=="net", ATTR{device_type}=="macless0", NAME="macless0" diff --git a/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/automount.rules b/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/automount.rules deleted file mode 100644 index a47efdab..00000000 --- a/meta-fsl-ppc/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/automount.rules +++ /dev/null @@ -1,23 +0,0 @@ -# There are a number of modifiers that are allowed to be used in some -# of the different fields. They provide the following subsitutions: -# -# %n the "kernel number" of the device. -# For example, 'sda3' has a "kernel number" of '3' -# %e the smallest number for that name which does not matches an existing node -# %k the kernel name for the device -# %M the kernel major number for the device -# %m the kernel minor number for the device -# %b the bus id for the device -# %c the string returned by the PROGRAM -# %s{filename} the content of a sysfs attribute -# %% the '%' char itself -# - -SUBSYSTEM=="block", ENV{DEVTYPE}=="partition", GOTO="automount_end" - -# Media automounting -SUBSYSTEM=="block", ACTION=="add" RUN+="/etc/udev/scripts/mount.sh" -SUBSYSTEM=="block", ACTION=="remove" RUN+="/etc/udev/scripts/mount.sh" - -LABEL="automount_end" - diff --git a/meta-fsl-ppc/recipes-core/udev/udev/skip-rules-for-mmc-rpmb-partition.patch b/meta-fsl-ppc/recipes-core/udev/udev/skip-rules-for-mmc-rpmb-partition.patch deleted file mode 100644 index edbc0b3d..00000000 --- a/meta-fsl-ppc/recipes-core/udev/udev/skip-rules-for-mmc-rpmb-partition.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 68a780f4cbba18c01d8409faafb1f7904afa86a9 Mon Sep 17 00:00:00 2001 -From: Ting Liu -Date: Thu, 31 Jul 2014 16:12:32 +0800 -Subject: [PATCH] skip rules for mmc rpmb partition - -Upstream-status: Pending - -In FSL SDK 1.6 Kernel, mmc driver has created a new partition -with "mmcblkXrpmb" if device expresses it support of RPMB. - -RPMB (Replay Protected Memory Block), A signed access to a Replay -Protected Memory Block is provided. This function provides means -for the system to store data to the specific memory area in an -authenticated and replay protected manner. - -In that case, any read/write access to this partition device will -report errors which will not impact any fuction. - -add rules to skip it. - -Signed-off-by: Ting Liu ---- - rules/60-persistent-storage.rules | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/rules/60-persistent-storage.rules b/rules/60-persistent-storage.rules -index fa687f2..bb3f8f9 100644 ---- a/rules/60-persistent-storage.rules -+++ b/rules/60-persistent-storage.rules -@@ -14,7 +14,7 @@ ACTION=="add", SUBSYSTEM=="module", KERNEL=="block", ATTR{parameters/events_dfl_ - SUBSYSTEM!="block", GOTO="persistent_storage_end" - - # skip rules for inappropriate block devices --KERNEL=="fd*|mtd*|nbd*|gnbd*|btibm*|dm-*|md*", GOTO="persistent_storage_end" -+KERNEL=="fd*|mtd*|nbd*|gnbd*|btibm*|dm-*|md*|mmcblk*rpmb", GOTO="persistent_storage_end" - - # ignore partitions that span the entire disk - TEST=="whole_disk", GOTO="persistent_storage_end" --- -1.8.3.2 - diff --git a/meta-fsl-ppc/recipes-core/udev/udev_182.bbappend b/meta-fsl-ppc/recipes-core/udev/udev_182.bbappend deleted file mode 100644 index 4eedfd89..00000000 --- a/meta-fsl-ppc/recipes-core/udev/udev_182.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:" - -SRC_URI_append_qoriq-ppc = " \ - file://skip-rules-for-mmc-rpmb-partition.patch \ -" - diff --git a/meta-fsl-ppc/recipes-devtools/qemu/qemu_fslgit.bb b/meta-fsl-ppc/recipes-devtools/qemu/qemu_fslgit.bb deleted file mode 100644 index f977a379..00000000 --- a/meta-fsl-ppc/recipes-devtools/qemu/qemu_fslgit.bb +++ /dev/null @@ -1,55 +0,0 @@ -require recipes-devtools/qemu/qemu.inc - -LIC_FILES_CHKSUM = "file://COPYING;md5=441c28d2cf86e15a37fa47e15a72fbac \ - file://COPYING.LIB;endline=24;md5=c04def7ae38850e7d3ef548588159913" - -# This means QEMU v2.2.0 with FSL specific patches applied -PV = "2.2.0+fsl" - -# NOTE: this recipe requires poky's qemu.inc which assumes version 2.3 -# where glx enable config option changed to --enable-opengl. For now we -# restore it, but we should remove the following lines when upgrading -# to qemu 2.3: -PACKAGECONFIG[glx] = "--enable-glx,--disable-glx,mesa" - -SRC_URI = "git://git.freescale.com/ppc/sdk/qemu.git;branch=master" -SRCREV = "00ac004143e9fe46944a1885b04268fcd3a95a3a" - -S = "${WORKDIR}/git" - -QEMU_TARGETS = "ppc" -PPC_OECONF = '${SDL} --cross-prefix=${TARGET_PREFIX} --disable-werror --disable-vnc --disable-bluez --disable-curl --enable-libusb' -EXTRA_OECONF_e5500-64b = "--target-list=ppc64-softmmu ${PPC_OECONF}" -EXTRA_OECONF_e6500-64b = "--target-list=ppc64-softmmu ${PPC_OECONF}" -EXTRA_OECONF_e6500 = "--target-list=ppc64-softmmu ${PPC_OECONF}" -EXTRA_OECONF_e5500 = "--target-list=ppc64-softmmu ${PPC_OECONF}" -EXTRA_OECONF_e500v2 = "--target-list=ppc-softmmu ${PPC_OECONF}" -EXTRA_OECONF_e500mc = "--target-list=ppc-softmmu ${PPC_OECONF}" - -do_configure_prepend() { - export PKG_CONFIG=${STAGING_DIR_NATIVE}${bindir_native}/pkg-config -} - -do_configure_append () { - grep 'CONFIG_FDT=y' config-host.mak -} - -# gets around qemu.inc trying to install powerpc_rom.bin -do_install_prepend() { - touch ${WORKDIR}/powerpc_rom.bin -} - -do_install_append() { - rm ${WORKDIR}/powerpc_rom.bin - # Prevent QA warnings about installed ${localstatedir}/run - if [ -d ${D}${localstatedir}/run ]; then rmdir ${D}${localstatedir}/run; fi -} - -INSANE_SKIP_${PN} += "dev-deps" - -# This is only meant to be build to run on the target -# for the given arch types listed, otherwise don't let -# the package get built. COMPATIBLE_HOST would not work -# because it was too generic -COMPATIBLE_MACHINE = "a^" -COMPATIBLE_MACHINE_libc-glibc_qoriq-ppc = ".*" diff --git a/meta-fsl-ppc/recipes-dpaa/dpa-offload/dpa-offload_git.bb b/meta-fsl-ppc/recipes-dpaa/dpa-offload/dpa-offload_git.bb deleted file mode 100644 index 73809e26..00000000 --- a/meta-fsl-ppc/recipes-dpaa/dpa-offload/dpa-offload_git.bb +++ /dev/null @@ -1,49 +0,0 @@ -DESCRIPTION = "Data-Path Acceleration Architecture Offloading User-Space Drivers" -LICENSE = "BSD & GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=c03ebb7a330b209986517466c74da72c" - -inherit pkgconfig - -PACKAGE_ARCH = "${MACHINE_ARCH}" - -DEPENDS = "usdpaa fmlib" -DEPENDS_append_b4860qds = " ipc-ust" -DEPENDS_append_b4420qds = " ipc-ust" - -RDEPENDS_${PN} = "libgcc bash" -RDEPENDS_${PN}_append_b4860qds = " ipc-ust" -RDEPENDS_${PN}_append_b4420qds = " ipc-ust" - -SRC_URI = "git://git.freescale.com/ppc/sdk/usdpaa/dpa-offload.git;nobranch=1" -SRCREV = "ed6191db9439d1aaba27fc01238da770d1d8ef9e" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = 'CC="${CC}" LD="${LD}"' -export ARCH="${TARGET_ARCH}" - -PARALLEL_MAKE_pn-${PN} = "" - -FMAN_VARIANT ?= "P4080" -FMAN_VARIANT_b4 = "FMAN_V3H" -FMAN_VARIANT_t1 = "FMAN_V3L" -FMAN_VARIANT_t2 = "FMAN_V3H" -FMAN_VARIANT_t4 = "FMAN_V3H" -FMAN_VARIANT_p1023rdb = "P1023" - -do_compile_prepend () { - export USDPAA_CFLAGS="-I ${STAGING_INCDIR}/usdpaa" - export FMLIB_CFLAGS="-I ${STAGING_INCDIR}/fmd \ - -I ${STAGING_INCDIR}/fmd/Peripherals \ - -I ${STAGING_INCDIR}/fmd/integrations \ - -D${FMAN_VARIANT} -DNCSW_LINUX" -} - -do_install () { - oe_runmake install DESTDIR=${D} -} - -ALLOW_EMPTY_${PN} = "1" - -COMPATIBLE_HOST_qoriq-ppc = ".*" -COMPATIBLE_HOST ?= "(none)" diff --git a/meta-fsl-ppc/recipes-dpaa/eth-config/eth-config_git.bb b/meta-fsl-ppc/recipes-dpaa/eth-config/eth-config_git.bb deleted file mode 100644 index 32ef1fa2..00000000 --- a/meta-fsl-ppc/recipes-dpaa/eth-config/eth-config_git.bb +++ /dev/null @@ -1,17 +0,0 @@ -DESCRIPTION = "Ethernet Configuration Files" -SECTION = "eth-config" -LICENSE = "BSD & GPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=8ed5eddbfbb84af5089ea94c382d423c" - -PR = "r2" - -SRC_URI = "git://git.freescale.com/ppc/sdk/eth-config.git;branch=master" -SRCREV = "1d6ad160fda9123e93c65141aa1578b6253ff7bc" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = "D=${D}" - -do_install() { - oe_runmake install -} diff --git a/meta-fsl-ppc/recipes-dpaa/flib/flib_git.bb b/meta-fsl-ppc/recipes-dpaa/flib/flib_git.bb deleted file mode 100644 index 3818ccf8..00000000 --- a/meta-fsl-ppc/recipes-dpaa/flib/flib_git.bb +++ /dev/null @@ -1,15 +0,0 @@ -DESCRIPTION = "Foundation Library" -SECTION = "flib" -LICENSE = "BSD & GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=75d2f6a74299640c05ae6c69ed7a4ad6" - -SRC_URI = "git://git.freescale.com/ppc/sdk/flib.git;nobranch=1" -SRCREV = "91bbb134df1cd8b65c7c19db9bec9f00d1435377" - -S = "${WORKDIR}/git" - -do_install(){ - oe_runmake install DESTDIR=${D} -} - -ALLOW_EMPTY_${PN} = "1" diff --git a/meta-fsl-ppc/recipes-dpaa/fm-ucode/fm-ucode_git.bb b/meta-fsl-ppc/recipes-dpaa/fm-ucode/fm-ucode_git.bb deleted file mode 100644 index 52c79db8..00000000 --- a/meta-fsl-ppc/recipes-dpaa/fm-ucode/fm-ucode_git.bb +++ /dev/null @@ -1,38 +0,0 @@ -DESCRIPTION = "Fman microcode binary" -SECTION = "fm-ucode" -LICENSE = "Freescale-EULA" -LIC_FILES_CHKSUM = "file://EULA;md5=60037ccba533a5995e8d1a838d85799c" - -PR = "r1" - -inherit deploy - -SRC_URI = "git://git.freescale.com/ppc/sdk/fm-ucode.git;nobranch=1" -SRCREV = "2827f0054e125b634fb1701719ca31c7d068e335" - -S = "${WORKDIR}/git" - -REGLEX ?= "${MACHINE}" -REGLEX_t1023 = "t1024" -REGLEX_t1040 = "t1040" -REGLEX_t1042 = "t1040" -REGLEX_b4420 = "b4860" -REGLEX_t4160 = "t4240" - -do_install () { - UCODE=`echo ${REGLEX} | sed -e 's,-.*$,,' -e 's,[a-zA-Z]*$,,'` - install -d ${D}/boot - install -m 644 fsl_fman_ucode_${UCODE}*.bin ${D}/boot/ -} - -do_deploy () { - UCODE=`echo ${REGLEX} | sed -e 's,-.*$,,' -e 's,[a-zA-Z]*$,,'` - install -d ${DEPLOYDIR}/ - install -m 644 fsl_fman_ucode_${UCODE}*.bin ${DEPLOYDIR}/ -} -addtask deploy before do_build after do_install - -PACKAGES += "${PN}-image" -FILES_${PN}-image += "/boot" -ALLOW_EMPTY_${PN} = "1" -COMPATIBLE_MACHINE = "(p1023rdb|e500mc|e5500|e5500-64b|e6500|e6500-64b)" diff --git a/meta-fsl-ppc/recipes-dpaa/fmc/fmc_git.bb b/meta-fsl-ppc/recipes-dpaa/fmc/fmc_git.bb deleted file mode 100644 index f9bd74f6..00000000 --- a/meta-fsl-ppc/recipes-dpaa/fmc/fmc_git.bb +++ /dev/null @@ -1,52 +0,0 @@ -DESCRIPTION = "Frame Manager Configuration tool" -SECTION = "fmc" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://COPYING;md5=a504ab5a8ff235e67c7301214749346c" - -PR = "r2" - -SRC_URI = "git://git.freescale.com/ppc/sdk/fmc.git;nobranch=1" -SRCREV = "b9e52be1f62a5fcc912d44875bf155ad55650d68" - -DEPENDS = "libxml2 fmlib tclap" - -PACKAGE_ARCH = "${MACHINE_ARCH}" -COMPATIBLE_HOST_qoriq-ppc = ".*" -COMPATIBLE_HOST ?= "(none)" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = 'FMD_USPACE_HEADER_PATH="${STAGING_INCDIR}/fmd" \ - FMD_USPACE_LIB_PATH="${STAGING_LIBDIR}" LIBXML2_HEADER_PATH="${STAGING_INCDIR}/libxml2" \ - TCLAP_HEADER_PATH="${STAGING_INCDIR}" ' -EXTRA_OEMAKE_virtclass-native = 'FMCHOSTMODE=1 FMD_USPACE_HEADER_PATH="${STAGING_INCDIR}/fmd" \ - FMD_USPACE_LIB_PATH="${STAGING_LIBDIR}" LIBXML2_HEADER_PATH="${STAGING_INCDIR}/libxml2" \ - TCLAP_HEADER_PATH="${STAGING_INCDIR}" ' - -PARALLEL_MAKE = "" - -EXTRA_OEMAKE_PLATFORM ?= "" -EXTRA_OEMAKE_PLATFORM_b4 = "b4860qds" -EXTRA_OEMAKE_PLATFORM_t2 = "b4860qds" -EXTRA_OEMAKE_PLATFORM_t4 = "b4860qds" -EXTRA_OEMAKE_PLATFORM_t1 = "t1040qds" - -do_compile () { - oe_runmake MACHINE=${EXTRA_OEMAKE_PLATFORM} -C source -} - -do_install () { - install -d ${D}/${bindir} - install -m 755 ${S}/source/fmc ${D}/${bindir}/fmc - - install -d ${D}/etc/fmc/config - install -m 644 ${S}/etc/fmc/config/hxs_pdl_v3.xml ${D}/etc/fmc/config - - install -d ${D}/${includedir}/fmc - install ${S}/source/fmc.h ${D}/${includedir}/fmc - - install -d ${D}/${libdir} - install ${S}/source/libfmc.a ${D}/${libdir} -} - -BBCLASSEXTEND = "native" diff --git a/meta-fsl-ppc/recipes-dpaa/fmlib/fmlib_git.bb b/meta-fsl-ppc/recipes-dpaa/fmlib/fmlib_git.bb deleted file mode 100644 index 8993f848..00000000 --- a/meta-fsl-ppc/recipes-dpaa/fmlib/fmlib_git.bb +++ /dev/null @@ -1,45 +0,0 @@ -DESCRIPTION = "Frame Manager User Space Library" -SECTION = "fman" -LICENSE = "BSD & GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=3f16fa8e677e45af3127c5c4bafc3c00" - -PR = "r1" - -DEPENDS += "virtual/kernel" -DEPENDS_virtclass-native = "" - -SRC_URI = "git://git.freescale.com/ppc/sdk/fmlib.git;nobranch=1" -SRCREV = "4938e099561d441c947d4ccdf2e601ab2966d8cc" - -S = "${WORKDIR}/git" - -TARGET_ARCH_FMLIB = "${DEFAULTTUNE}" -TARGET_ARCH_FMLIB_e5500 = "ppc32e5500" -TARGET_ARCH_FMLIB_e6500 = "ppc32e6500" -COMPATIBLE_HOST_qoriq-ppc = ".*" -COMPATIBLE_HOST ?= "(none)" - -EXTRA_OEMAKE = "DESTDIR=${D} PREFIX=${prefix} LIB_DEST_DIR=${libdir} \ - CROSS_COMPILE=${TARGET_PREFIX} KERNEL_SRC=${STAGING_KERNEL_DIR}" - -FMLIB_TARGET = "libfm-${TARGET_ARCH_FMLIB}" -FMLIB_TARGET_t1 = "libfm-${TARGET_ARCH_FMLIB}-fmv3l" -do_compile () { - oe_runmake ${FMLIB_TARGET}.a -} - -do_compile_virtclass-native () { -} - -do_install () { - oe_runmake install-${FMLIB_TARGET} -} - -do_install_virtclass-native () { - install -d ${D}/${includedir} - cp -rf ${S}/include/* ${D}/${includedir} -} - -ALLOW_EMPTY_${PN} = "1" - -BBCLASSEXTEND = "native" diff --git a/meta-fsl-ppc/recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb b/meta-fsl-ppc/recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb deleted file mode 100644 index cf7910b8..00000000 --- a/meta-fsl-ppc/recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb +++ /dev/null @@ -1,65 +0,0 @@ -DESCRIPTION = "User-Space Data-Path Acceleration Architecture Demo Applications" -LICENSE = "BSD & GPLv2" -LIC_FILES_CHKSUM = "file://Makefile;endline=30;md5=d2a5d894118910d49993347f3f6e0f1e" - -inherit pkgconfig - -PACKAGE_ARCH = "${MACHINE_ARCH}" - -DEPENDS = "libxml2 libedit ncurses readline fmc usdpaa dpa-offload libnl" -DEPENDS_append_b4860qds = " ipc-ust" -DEPENDS_append_b4420qds = " ipc-ust" - -RDEPENDS_${PN} = "libgcc bash" -RDEPENDS_${PN}_append_b4860qds = " ipc-ust" -RDEPENDS_${PN}_append_b4420qds = " ipc-ust" - -SRC_URI = "git://git.freescale.com/ppc/sdk/usdpaa/usdpaa-apps;nobranch=1" -SRCREV = "95744440cf214d73884c44c0dbc296e1e4b4c8f4" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = 'CC="${CC}" LD="${LD}" AR="${AR}"' -export ARCH="${TARGET_ARCH}" - -SOC ?= "P4080" -SOC_b4 = "B4860" -SOC_t1 = "T1040" -SOC_t2 = "T2080" -SOC_t4 = "T4240" -SOC_p1023rdb = "P1023" - -FMAN_VARIANT ?= "P4080" -FMAN_VARIANT_b4 = "FMAN_V3H" -FMAN_VARIANT_t1 = "FMAN_V3L" -FMAN_VARIANT_t2 = "FMAN_V3H" -FMAN_VARIANT_t4 = "FMAN_V3H" -FMAN_VARIANT_p1023rdb = "P1023" - -do_compile_prepend () { - export SOC=${SOC} - export FMC_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/fmc" - export FMLIB_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/fmd \ - -I ${STAGING_INCDIR}/fmd/Peripherals \ - -I ${STAGING_INCDIR}/fmd/integrations \ - -D${FMAN_VARIANT}" - export USDPAA_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/usdpaa" - export DPAOFFLOAD_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/dpa-offload" - export LIBNL_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/libnl3" - export LIBNL_EXTRA_LDFLAGS="-lnl-3 -lnl-route-3" - export LIBXML2_CFLAGS="`pkg-config --cflags libxml-2.0`" - export LIBXML2_LDFLAGS="`pkg-config --libs --static libxml-2.0`" - export LIBEDIT_CFLAGS="`pkg-config --cflags libedit`" - export LIBEDIT_LDFLAGS="`pkg-config --libs --static libedit`" -} - -do_install () { - export SOC=${SOC} - oe_runmake install DESTDIR=${D} -} - -PARALLEL_MAKE_pn-${PN} = "" -FILES_${PN} += "/root/SOURCE_THIS /usr/etc/" - -COMPATIBLE_HOST_qoriq-ppc = ".*" -COMPATIBLE_HOST ?= "(none)" diff --git a/meta-fsl-ppc/recipes-dpaa/usdpaa/usdpaa_git.bb b/meta-fsl-ppc/recipes-dpaa/usdpaa/usdpaa_git.bb deleted file mode 100644 index 32cad124..00000000 --- a/meta-fsl-ppc/recipes-dpaa/usdpaa/usdpaa_git.bb +++ /dev/null @@ -1,27 +0,0 @@ -DESCRIPTION = "User-Space Data-Path Acceleration Architecture Drivers" -LICENSE = "BSD & GPLv2" -LIC_FILES_CHKSUM = "file://Makefile;endline=30;md5=39e58bedc879163c9338596e52df5b1f" -PR = "r4" - -inherit pkgconfig - -PACKAGE_ARCH = "${MACHINE_ARCH}" - -DEPENDS += "flib" - -SRC_URI = "git://git.freescale.com/ppc/sdk/usdpaa.git;nobranch=1" -SRCREV = "3b0717952400577608a548fc4c4858a9efd1bd96" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = 'CC="${CC}" LD="${LD}" AR="${AR}"' -export ARCH="${TARGET_ARCH}" - -do_install () { - oe_runmake install DESTDIR=${D} -} - -PARALLEL_MAKE_pn-${PN} = "" - -COMPATIBLE_HOST_qoriq-ppc = ".*" -COMPATIBLE_HOST ?= "(none)" diff --git a/meta-fsl-ppc/recipes-extended/cst/cst_git.bb b/meta-fsl-ppc/recipes-extended/cst/cst_git.bb deleted file mode 100644 index 729ee5f8..00000000 --- a/meta-fsl-ppc/recipes-extended/cst/cst_git.bb +++ /dev/null @@ -1,26 +0,0 @@ -SUMMARY = "utility for security boot" -SECTION = "cst" -LICENSE = "BSD" - -# TODO: fix license - this file is not a license -LIC_FILES_CHKSUM = "file://RELEASENOTES;beginline=8;endline=43;md5=5a7b22a2c96b5f94e0498c5f413aa8d3" - -DEPENDS += "openssl" - -inherit kernel-arch - -SRC_URI = "git://git.freescale.com/ppc/sdk/cst.git;branch=master" -SRCREV = "6f57c86c93cab0f4d0a40d83b685afa6932a6301" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = 'CC="${CC}" LD="${CC}"' - -PARALLEL_MAKE = "" - -do_install () { - oe_runmake install DESTDIR=${D} BIN_DEST_DIR=${bindir} -} - -FILES_${PN}-dbg += "${bindir}/cst/.debug" -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-fsl-ppc/recipes-extended/merge-files/merge-files/merge/README b/meta-fsl-ppc/recipes-extended/merge-files/merge-files/merge/README deleted file mode 100644 index 8f0d85af..00000000 --- a/meta-fsl-ppc/recipes-extended/merge-files/merge-files/merge/README +++ /dev/null @@ -1,7 +0,0 @@ -This package is used to merge specified files into rootfs. - -Steps: -1> copy files to recipes-*/merge-files/merge-files/merge/ -2> add 'IMAGE_INSTALL += "merge-files"' into rootfs recipe -3> bitbake - diff --git a/meta-fsl-ppc/recipes-extended/merge-files/merge-files_1.0.bb b/meta-fsl-ppc/recipes-extended/merge-files/merge-files_1.0.bb deleted file mode 100644 index f64b909f..00000000 --- a/meta-fsl-ppc/recipes-extended/merge-files/merge-files_1.0.bb +++ /dev/null @@ -1,25 +0,0 @@ -DESCRIPTION = "Merge prebuilt/extra files into rootfs" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ - file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" - -inherit allarch - -SRC_URI = "file://merge" - -MERGED_DST ?= "${ROOT_HOME}" -do_install () { - install -d ${D}/${MERGED_DST} - find ${WORKDIR}/merge/ -maxdepth 1 -mindepth 1 -not -name README \ - -exec cp -fr '{}' ${D}/${MERGED_DST}/ \; - find ${WORKDIR}/merge/ -maxdepth 1 -mindepth 1 -exec rm -fr '{}' \; -} -do_unpack[nostamp] = "1" -do_install[nostamp] = "1" -do_configure[noexec] = "1" -do_compile[noexec] = "1" - -FILES_${PN} = "/*" -ALLOW_EMPTY_${PN} = "1" -INSANE_SKIP_${PN} = "debug-files dev-so" - diff --git a/meta-fsl-ppc/recipes-extended/procps/procps_%.bbappend b/meta-fsl-ppc/recipes-extended/procps/procps_%.bbappend deleted file mode 100644 index face0ccc..00000000 --- a/meta-fsl-ppc/recipes-extended/procps/procps_%.bbappend +++ /dev/null @@ -1,9 +0,0 @@ -do_install_append_qoriq-ppc() { - for keyword in \ - net.ipv4.conf.default.rp_filter \ - net.ipv4.conf.all.rp_filter \ - ; do - sed -i 's,'"$keyword"'=.*,'"$keyword"'=0,' ${D}${sysconfdir}/sysctl.conf - done -} - diff --git a/meta-fsl-ppc/recipes-extended/skmm-ep/skmm-ep/add-two-missing-header-files.patch b/meta-fsl-ppc/recipes-extended/skmm-ep/skmm-ep/add-two-missing-header-files.patch deleted file mode 100644 index 2a7bb9f2..00000000 --- a/meta-fsl-ppc/recipes-extended/skmm-ep/skmm-ep/add-two-missing-header-files.patch +++ /dev/null @@ -1,660 +0,0 @@ -add two missing header files - -Upstream-status: Pending - ---- - include/linux/fsl_pci_ep_vfio.h | 79 ++++++ - include/linux/vfio.h | 555 ++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 634 insertions(+) - create mode 100644 include/linux/fsl_pci_ep_vfio.h - create mode 100644 include/linux/vfio.h - -diff --git a/include/linux/fsl_pci_ep_vfio.h b/include/linux/fsl_pci_ep_vfio.h -new file mode 100644 -index 0000000..8960157 ---- /dev/null -+++ b/include/linux/fsl_pci_ep_vfio.h -@@ -0,0 +1,79 @@ -+/* -+ * Copyright 2013 Freescale Semiconductor, Inc. -+ * -+ * Author: Minghuan Lian -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License, version 2, as -+ * published by the Free Software Foundation. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -+ * -+ */ -+ -+#ifndef _FSL_PCI_EP_VFIO_H -+#define _FSL_PCI_EP_VFIO_H -+ -+#include -+ -+enum { -+ PCI_EP_TYPE_PF, -+ PCI_EP_TYPE_VF, -+}; -+ -+enum PCI_EP_REGION_TYPE { -+ PCI_EP_REGION_IBWIN, -+ PCI_EP_REGION_OBWIN, -+ PCI_EP_REGION_VF_IBWIN, -+ PCI_EP_REGION_VF_OBWIN, -+ PCI_EP_REGION_REGS, -+ PCI_EP_REGION_CONFIG, -+ PCI_EP_REGION_MEM, -+ PCI_EP_REGION_MSIX_OBWIN -+}; -+ -+enum PCI_EP_REGION_INDEX { -+ PCI_EP_WIN0_INDEX, -+ PCI_EP_WIN1_INDEX, -+ PCI_EP_WIN2_INDEX, -+ PCI_EP_WIN3_INDEX, -+ PCI_EP_WIN4_INDEX, -+ PCI_EP_WIN5_INDEX, -+}; -+ -+#define PCI_EP_MSI_WIN_INDEX PCI_EP_WIN1_INDEX -+#define PCI_EP_CCSR_WIN_INDEX PCI_EP_WIN0_INDEX -+#define PCI_EP_DEFAULT_OW_INDEX PCI_EP_WIN0_INDEX -+ -+struct pci_ep_win { -+ uint64_t pci_addr; -+ uint64_t cpu_addr; -+ uint64_t size; -+ uint64_t offset; -+ uint32_t attr; -+ uint32_t type; -+ uint32_t idx; -+}; -+ -+#define VFIO_DEVICE_SET_WIN_INFO _IO(VFIO_TYPE, VFIO_BASE + 20) -+#define VFIO_DEVICE_GET_WIN_INFO _IO(VFIO_TYPE, VFIO_BASE + 21) -+ -+struct pci_ep_info { -+ uint32_t type; -+ uint32_t pf_idx; -+ uint32_t vf_idx; -+ uint32_t iw_num; -+ uint32_t ow_num; -+ uint32_t vf_iw_num; -+ uint32_t vf_ow_num; -+ bool msix_enable; -+}; -+ -+#endif -diff --git a/include/linux/vfio.h b/include/linux/vfio.h -new file mode 100644 -index 0000000..44578d2 ---- /dev/null -+++ b/include/linux/vfio.h -@@ -0,0 +1,555 @@ -+/* -+ * VFIO API definition -+ * -+ * Copyright (C) 2012 Red Hat, Inc. All rights reserved. -+ * Author: Alex Williamson -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License version 2 as -+ * published by the Free Software Foundation. -+ */ -+#ifndef _UAPIVFIO_H -+#define _UAPIVFIO_H -+ -+#include -+#include -+ -+#define VFIO_API_VERSION 0 -+ -+ -+/* Kernel & User level defines for VFIO IOCTLs. */ -+ -+/* Extensions */ -+ -+#define VFIO_TYPE1_IOMMU 1 -+#define VFIO_SPAPR_TCE_IOMMU 2 -+#define VFIO_FSL_PAMU_IOMMU 1000 -+#define VFIO_IOMMU_DUMMY 1001 -+ -+/* -+ * The IOCTL interface is designed for extensibility by embedding the -+ * structure length (argsz) and flags into structures passed between -+ * kernel and userspace. We therefore use the _IO() macro for these -+ * defines to avoid implicitly embedding a size into the ioctl request. -+ * As structure fields are added, argsz will increase to match and flag -+ * bits will be defined to indicate additional fields with valid data. -+ * It's *always* the caller's responsibility to indicate the size of -+ * the structure passed by setting argsz appropriately. -+ */ -+ -+#define VFIO_TYPE (';') -+#define VFIO_BASE 100 -+ -+/* -------- IOCTLs for VFIO file descriptor (/dev/vfio/vfio) -------- */ -+ -+/** -+ * VFIO_GET_API_VERSION - _IO(VFIO_TYPE, VFIO_BASE + 0) -+ * -+ * Report the version of the VFIO API. This allows us to bump the entire -+ * API version should we later need to add or change features in incompatible -+ * ways. -+ * Return: VFIO_API_VERSION -+ * Availability: Always -+ */ -+#define VFIO_GET_API_VERSION _IO(VFIO_TYPE, VFIO_BASE + 0) -+ -+/** -+ * VFIO_CHECK_EXTENSION - _IOW(VFIO_TYPE, VFIO_BASE + 1, __u32) -+ * -+ * Check whether an extension is supported. -+ * Return: 0 if not supported, 1 (or some other positive integer) if supported. -+ * Availability: Always -+ */ -+#define VFIO_CHECK_EXTENSION _IO(VFIO_TYPE, VFIO_BASE + 1) -+ -+/** -+ * VFIO_SET_IOMMU - _IOW(VFIO_TYPE, VFIO_BASE + 2, __s32) -+ * -+ * Set the iommu to the given type. The type must be supported by an -+ * iommu driver as verified by calling CHECK_EXTENSION using the same -+ * type. A group must be set to this file descriptor before this -+ * ioctl is available. The IOMMU interfaces enabled by this call are -+ * specific to the value set. -+ * Return: 0 on success, -errno on failure -+ * Availability: When VFIO group attached -+ */ -+#define VFIO_SET_IOMMU _IO(VFIO_TYPE, VFIO_BASE + 2) -+ -+/* -------- IOCTLs for GROUP file descriptors (/dev/vfio/$GROUP) -------- */ -+ -+/** -+ * VFIO_GROUP_GET_STATUS - _IOR(VFIO_TYPE, VFIO_BASE + 3, -+ * struct vfio_group_status) -+ * -+ * Retrieve information about the group. Fills in provided -+ * struct vfio_group_info. Caller sets argsz. -+ * Return: 0 on succes, -errno on failure. -+ * Availability: Always -+ */ -+struct vfio_group_status { -+ __u32 argsz; -+ __u32 flags; -+#define VFIO_GROUP_FLAGS_VIABLE (1 << 0) -+#define VFIO_GROUP_FLAGS_CONTAINER_SET (1 << 1) -+}; -+#define VFIO_GROUP_GET_STATUS _IO(VFIO_TYPE, VFIO_BASE + 3) -+ -+/** -+ * VFIO_GROUP_SET_CONTAINER - _IOW(VFIO_TYPE, VFIO_BASE + 4, __s32) -+ * -+ * Set the container for the VFIO group to the open VFIO file -+ * descriptor provided. Groups may only belong to a single -+ * container. Containers may, at their discretion, support multiple -+ * groups. Only when a container is set are all of the interfaces -+ * of the VFIO file descriptor and the VFIO group file descriptor -+ * available to the user. -+ * Return: 0 on success, -errno on failure. -+ * Availability: Always -+ */ -+#define VFIO_GROUP_SET_CONTAINER _IO(VFIO_TYPE, VFIO_BASE + 4) -+ -+/** -+ * VFIO_GROUP_UNSET_CONTAINER - _IO(VFIO_TYPE, VFIO_BASE + 5) -+ * -+ * Remove the group from the attached container. This is the -+ * opposite of the SET_CONTAINER call and returns the group to -+ * an initial state. All device file descriptors must be released -+ * prior to calling this interface. When removing the last group -+ * from a container, the IOMMU will be disabled and all state lost, -+ * effectively also returning the VFIO file descriptor to an initial -+ * state. -+ * Return: 0 on success, -errno on failure. -+ * Availability: When attached to container -+ */ -+#define VFIO_GROUP_UNSET_CONTAINER _IO(VFIO_TYPE, VFIO_BASE + 5) -+ -+/** -+ * VFIO_GROUP_GET_DEVICE_FD - _IOW(VFIO_TYPE, VFIO_BASE + 6, char) -+ * -+ * Return a new file descriptor for the device object described by -+ * the provided string. The string should match a device listed in -+ * the devices subdirectory of the IOMMU group sysfs entry. The -+ * group containing the device must already be added to this context. -+ * Return: new file descriptor on success, -errno on failure. -+ * Availability: When attached to container -+ */ -+#define VFIO_GROUP_GET_DEVICE_FD _IO(VFIO_TYPE, VFIO_BASE + 6) -+ -+/* --------------- IOCTLs for DEVICE file descriptors --------------- */ -+ -+/** -+ * VFIO_DEVICE_GET_INFO - _IOR(VFIO_TYPE, VFIO_BASE + 7, -+ * struct vfio_device_info) -+ * -+ * Retrieve information about the device. Fills in provided -+ * struct vfio_device_info. Caller sets argsz. -+ * Return: 0 on success, -errno on failure. -+ */ -+struct vfio_device_info { -+ __u32 argsz; -+ __u32 flags; -+#define VFIO_DEVICE_FLAGS_RESET (1 << 0) /* Device supports reset */ -+#define VFIO_DEVICE_FLAGS_PCI (1 << 1) /* vfio-pci device */ -+ __u32 num_regions; /* Max region index + 1 */ -+ __u32 num_irqs; /* Max IRQ index + 1 */ -+}; -+#define VFIO_DEVICE_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 7) -+ -+/** -+ * VFIO_DEVICE_GET_REGION_INFO - _IOWR(VFIO_TYPE, VFIO_BASE + 8, -+ * struct vfio_region_info) -+ * -+ * Retrieve information about a device region. Caller provides -+ * struct vfio_region_info with index value set. Caller sets argsz. -+ * Implementation of region mapping is bus driver specific. This is -+ * intended to describe MMIO, I/O port, as well as bus specific -+ * regions (ex. PCI config space). Zero sized regions may be used -+ * to describe unimplemented regions (ex. unimplemented PCI BARs). -+ * Return: 0 on success, -errno on failure. -+ */ -+struct vfio_region_info { -+ __u32 argsz; -+ __u32 flags; -+#define VFIO_REGION_INFO_FLAG_READ (1 << 0) /* Region supports read */ -+#define VFIO_REGION_INFO_FLAG_WRITE (1 << 1) /* Region supports write */ -+#define VFIO_REGION_INFO_FLAG_MMAP (1 << 2) /* Region supports mmap */ -+ __u32 index; /* Region index */ -+ __u32 resv; /* Reserved for alignment */ -+ __u64 size; /* Region size (bytes) */ -+ __u64 offset; /* Region offset from start of device fd */ -+}; -+#define VFIO_DEVICE_GET_REGION_INFO _IO(VFIO_TYPE, VFIO_BASE + 8) -+ -+/** -+ * VFIO_DEVICE_GET_IRQ_INFO - _IOWR(VFIO_TYPE, VFIO_BASE + 9, -+ * struct vfio_irq_info) -+ * -+ * Retrieve information about a device IRQ. Caller provides -+ * struct vfio_irq_info with index value set. Caller sets argsz. -+ * Implementation of IRQ mapping is bus driver specific. Indexes -+ * using multiple IRQs are primarily intended to support MSI-like -+ * interrupt blocks. Zero count irq blocks may be used to describe -+ * unimplemented interrupt types. -+ * -+ * The EVENTFD flag indicates the interrupt index supports eventfd based -+ * signaling. -+ * -+ * The MASKABLE flags indicates the index supports MASK and UNMASK -+ * actions described below. -+ * -+ * AUTOMASKED indicates that after signaling, the interrupt line is -+ * automatically masked by VFIO and the user needs to unmask the line -+ * to receive new interrupts. This is primarily intended to distinguish -+ * level triggered interrupts. -+ * -+ * The NORESIZE flag indicates that the interrupt lines within the index -+ * are setup as a set and new subindexes cannot be enabled without first -+ * disabling the entire index. This is used for interrupts like PCI MSI -+ * and MSI-X where the driver may only use a subset of the available -+ * indexes, but VFIO needs to enable a specific number of vectors -+ * upfront. In the case of MSI-X, where the user can enable MSI-X and -+ * then add and unmask vectors, it's up to userspace to make the decision -+ * whether to allocate the maximum supported number of vectors or tear -+ * down setup and incrementally increase the vectors as each is enabled. -+ */ -+struct vfio_irq_info { -+ __u32 argsz; -+ __u32 flags; -+#define VFIO_IRQ_INFO_EVENTFD (1 << 0) -+#define VFIO_IRQ_INFO_MASKABLE (1 << 1) -+#define VFIO_IRQ_INFO_AUTOMASKED (1 << 2) -+#define VFIO_IRQ_INFO_NORESIZE (1 << 3) -+ __u32 index; /* IRQ index */ -+ __u32 count; /* Number of IRQs within this index */ -+}; -+#define VFIO_DEVICE_GET_IRQ_INFO _IO(VFIO_TYPE, VFIO_BASE + 9) -+ -+/** -+ * VFIO_DEVICE_SET_IRQS - _IOW(VFIO_TYPE, VFIO_BASE + 10, struct vfio_irq_set) -+ * -+ * Set signaling, masking, and unmasking of interrupts. Caller provides -+ * struct vfio_irq_set with all fields set. 'start' and 'count' indicate -+ * the range of subindexes being specified. -+ * -+ * The DATA flags specify the type of data provided. If DATA_NONE, the -+ * operation performs the specified action immediately on the specified -+ * interrupt(s). For example, to unmask AUTOMASKED interrupt [0,0]: -+ * flags = (DATA_NONE|ACTION_UNMASK), index = 0, start = 0, count = 1. -+ * -+ * DATA_BOOL allows sparse support for the same on arrays of interrupts. -+ * For example, to mask interrupts [0,1] and [0,3] (but not [0,2]): -+ * flags = (DATA_BOOL|ACTION_MASK), index = 0, start = 1, count = 3, -+ * data = {1,0,1} -+ * -+ * DATA_EVENTFD binds the specified ACTION to the provided __s32 eventfd. -+ * A value of -1 can be used to either de-assign interrupts if already -+ * assigned or skip un-assigned interrupts. For example, to set an eventfd -+ * to be trigger for interrupts [0,0] and [0,2]: -+ * flags = (DATA_EVENTFD|ACTION_TRIGGER), index = 0, start = 0, count = 3, -+ * data = {fd1, -1, fd2} -+ * If index [0,1] is previously set, two count = 1 ioctls calls would be -+ * required to set [0,0] and [0,2] without changing [0,1]. -+ * -+ * Once a signaling mechanism is set, DATA_BOOL or DATA_NONE can be used -+ * with ACTION_TRIGGER to perform kernel level interrupt loopback testing -+ * from userspace (ie. simulate hardware triggering). -+ * -+ * Setting of an event triggering mechanism to userspace for ACTION_TRIGGER -+ * enables the interrupt index for the device. Individual subindex interrupts -+ * can be disabled using the -1 value for DATA_EVENTFD or the index can be -+ * disabled as a whole with: flags = (DATA_NONE|ACTION_TRIGGER), count = 0. -+ * -+ * Note that ACTION_[UN]MASK specify user->kernel signaling (irqfds) while -+ * ACTION_TRIGGER specifies kernel->user signaling. -+ */ -+struct vfio_irq_set { -+ __u32 argsz; -+ __u32 flags; -+#define VFIO_IRQ_SET_DATA_NONE (1 << 0) /* Data not present */ -+#define VFIO_IRQ_SET_DATA_BOOL (1 << 1) /* Data is bool (u8) */ -+#define VFIO_IRQ_SET_DATA_EVENTFD (1 << 2) /* Data is eventfd (s32) */ -+#define VFIO_IRQ_SET_ACTION_MASK (1 << 3) /* Mask interrupt */ -+#define VFIO_IRQ_SET_ACTION_UNMASK (1 << 4) /* Unmask interrupt */ -+#define VFIO_IRQ_SET_ACTION_TRIGGER (1 << 5) /* Trigger interrupt */ -+ __u32 index; -+ __u32 start; -+ __u32 count; -+ __u8 data[]; -+}; -+#define VFIO_DEVICE_SET_IRQS _IO(VFIO_TYPE, VFIO_BASE + 10) -+ -+#define VFIO_IRQ_SET_DATA_TYPE_MASK (VFIO_IRQ_SET_DATA_NONE | \ -+ VFIO_IRQ_SET_DATA_BOOL | \ -+ VFIO_IRQ_SET_DATA_EVENTFD) -+#define VFIO_IRQ_SET_ACTION_TYPE_MASK (VFIO_IRQ_SET_ACTION_MASK | \ -+ VFIO_IRQ_SET_ACTION_UNMASK | \ -+ VFIO_IRQ_SET_ACTION_TRIGGER) -+/** -+ * VFIO_DEVICE_RESET - _IO(VFIO_TYPE, VFIO_BASE + 11) -+ * -+ * Reset a device. -+ */ -+#define VFIO_DEVICE_RESET _IO(VFIO_TYPE, VFIO_BASE + 11) -+ -+/* -+ * The VFIO-PCI bus driver makes use of the following fixed region and -+ * IRQ index mapping. Unimplemented regions return a size of zero. -+ * Unimplemented IRQ types return a count of zero. -+ */ -+ -+enum { -+ VFIO_PCI_BAR0_REGION_INDEX, -+ VFIO_PCI_BAR1_REGION_INDEX, -+ VFIO_PCI_BAR2_REGION_INDEX, -+ VFIO_PCI_BAR3_REGION_INDEX, -+ VFIO_PCI_BAR4_REGION_INDEX, -+ VFIO_PCI_BAR5_REGION_INDEX, -+ VFIO_PCI_ROM_REGION_INDEX, -+ VFIO_PCI_CONFIG_REGION_INDEX, -+ /* -+ * Expose VGA regions defined for PCI base class 03, subclass 00. -+ * This includes I/O port ranges 0x3b0 to 0x3bb and 0x3c0 to 0x3df -+ * as well as the MMIO range 0xa0000 to 0xbffff. Each implemented -+ * range is found at it's identity mapped offset from the region -+ * offset, for example 0x3b0 is region_info.offset + 0x3b0. Areas -+ * between described ranges are unimplemented. -+ */ -+ VFIO_PCI_VGA_REGION_INDEX, -+ VFIO_PCI_NUM_REGIONS -+}; -+ -+enum { -+ VFIO_PCI_INTX_IRQ_INDEX, -+ VFIO_PCI_MSI_IRQ_INDEX, -+ VFIO_PCI_MSIX_IRQ_INDEX, -+ VFIO_PCI_ERR_IRQ_INDEX, -+ VFIO_PCI_NUM_IRQS -+}; -+ -+/** -+ * VFIO_DEVICE_GET_PCI_HOT_RESET_INFO - _IORW(VFIO_TYPE, VFIO_BASE + 12, -+ * struct vfio_pci_hot_reset_info) -+ * -+ * Return: 0 on success, -errno on failure: -+ * -enospc = insufficient buffer, -enodev = unsupported for device. -+ */ -+struct vfio_pci_dependent_device { -+ __u32 group_id; -+ __u16 segment; -+ __u8 bus; -+ __u8 devfn; /* Use PCI_SLOT/PCI_FUNC */ -+}; -+ -+struct vfio_pci_hot_reset_info { -+ __u32 argsz; -+ __u32 flags; -+ __u32 count; -+ struct vfio_pci_dependent_device devices[]; -+}; -+ -+#define VFIO_DEVICE_GET_PCI_HOT_RESET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) -+ -+/** -+ * VFIO_DEVICE_PCI_HOT_RESET - _IOW(VFIO_TYPE, VFIO_BASE + 13, -+ * struct vfio_pci_hot_reset) -+ * -+ * Return: 0 on success, -errno on failure. -+ */ -+struct vfio_pci_hot_reset { -+ __u32 argsz; -+ __u32 flags; -+ __u32 count; -+ __s32 group_fds[]; -+}; -+ -+#define VFIO_DEVICE_PCI_HOT_RESET _IO(VFIO_TYPE, VFIO_BASE + 13) -+ -+/* -------- API for Type1 VFIO IOMMU -------- */ -+ -+/** -+ * VFIO_IOMMU_GET_INFO - _IOR(VFIO_TYPE, VFIO_BASE + 12, struct vfio_iommu_info) -+ * -+ * Retrieve information about the IOMMU object. Fills in provided -+ * struct vfio_iommu_info. Caller sets argsz. -+ * -+ * XXX Should we do these by CHECK_EXTENSION too? -+ */ -+struct vfio_iommu_type1_info { -+ __u32 argsz; -+ __u32 flags; -+#define VFIO_IOMMU_INFO_PGSIZES (1 << 0) /* supported page sizes info */ -+ __u64 iova_pgsizes; /* Bitmap of supported page sizes */ -+}; -+ -+#define VFIO_IOMMU_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) -+ -+/** -+ * VFIO_IOMMU_MAP_DMA - _IOW(VFIO_TYPE, VFIO_BASE + 13, struct vfio_dma_map) -+ * -+ * Map process virtual addresses to IO virtual addresses using the -+ * provided struct vfio_dma_map. Caller sets argsz. READ &/ WRITE required. -+ */ -+struct vfio_iommu_type1_dma_map { -+ __u32 argsz; -+ __u32 flags; -+#define VFIO_DMA_MAP_FLAG_READ (1 << 0) /* readable from device */ -+#define VFIO_DMA_MAP_FLAG_WRITE (1 << 1) /* writable from device */ -+ __u64 vaddr; /* Process virtual address */ -+ __u64 iova; /* IO virtual address */ -+ __u64 size; /* Size of mapping (bytes) */ -+}; -+ -+#define VFIO_IOMMU_MAP_DMA _IO(VFIO_TYPE, VFIO_BASE + 13) -+ -+/** -+ * VFIO_IOMMU_UNMAP_DMA - _IOWR(VFIO_TYPE, VFIO_BASE + 14, -+ * struct vfio_dma_unmap) -+ * -+ * Unmap IO virtual addresses using the provided struct vfio_dma_unmap. -+ * Caller sets argsz. The actual unmapped size is returned in the size -+ * field. No guarantee is made to the user that arbitrary unmaps of iova -+ * or size different from those used in the original mapping call will -+ * succeed. -+ */ -+struct vfio_iommu_type1_dma_unmap { -+ __u32 argsz; -+ __u32 flags; -+ __u64 iova; /* IO virtual address */ -+ __u64 size; /* Size of mapping (bytes) */ -+}; -+ -+#define VFIO_IOMMU_UNMAP_DMA _IO(VFIO_TYPE, VFIO_BASE + 14) -+ -+/*********** APIs for VFIO_PAMU type only ****************/ -+/* -+ * VFIO_IOMMU_PAMU_GET_ATTR - _IO(VFIO_TYPE, VFIO_BASE + 15, -+ * struct vfio_pamu_attr) -+ * -+ * Gets the iommu attributes for the current vfio container. -+ * Caller sets argsz and attribute. The ioctl fills in -+ * the provided struct vfio_pamu_attr based on the attribute -+ * value that was set. -+ * Return: 0 on success, -errno on failure -+ */ -+struct vfio_pamu_attr { -+ __u32 argsz; -+ __u32 flags; /* no flags currently */ -+#define VFIO_ATTR_GEOMETRY 0 -+#define VFIO_ATTR_WINDOWS 1 -+#define VFIO_ATTR_PAMU_STASH 2 -+ __u32 attribute; -+ -+ union { -+ /* VFIO_ATTR_GEOMETRY */ -+ struct { -+ /* first addr that can be mapped */ -+ __u64 aperture_start; -+ /* last addr that can be mapped */ -+ __u64 aperture_end; -+ } attr; -+ -+ /* VFIO_ATTR_WINDOWS */ -+ __u32 windows; /* number of windows in the aperture -+ * initially this will be the max number -+ * of windows that can be set -+ */ -+ /* VFIO_ATTR_PAMU_STASH */ -+ struct { -+ __u32 cpu; /* CPU number for stashing */ -+ __u32 cache; /* cache ID for stashing */ -+ } stash; -+ } attr_info; -+}; -+#define VFIO_IOMMU_PAMU_GET_ATTR _IO(VFIO_TYPE, VFIO_BASE + 15) -+ -+/* -+ * VFIO_IOMMU_PAMU_SET_ATTR - _IO(VFIO_TYPE, VFIO_BASE + 16, -+ * struct vfio_pamu_attr) -+ * -+ * Sets the iommu attributes for the current vfio container. -+ * Caller sets struct vfio_pamu attr, including argsz and attribute and -+ * setting any fields that are valid for the attribute. -+ * Return: 0 on success, -errno on failure -+ */ -+#define VFIO_IOMMU_PAMU_SET_ATTR _IO(VFIO_TYPE, VFIO_BASE + 16) -+ -+/* -+ * VFIO_IOMMU_PAMU_GET_MSI_BANK_COUNT - _IO(VFIO_TYPE, VFIO_BASE + 17, __u32) -+ * -+ * Returns the number of MSI banks for this platform. This tells user space -+ * how many aperture windows should be reserved for MSI banks when setting -+ * the PAMU geometry and window count. -+ * Return: __u32 bank count on success, -errno on failure -+ */ -+#define VFIO_IOMMU_PAMU_GET_MSI_BANK_COUNT _IO(VFIO_TYPE, VFIO_BASE + 17) -+ -+/* -+ * VFIO_IOMMU_PAMU_MAP_MSI_BANK - _IO(VFIO_TYPE, VFIO_BASE + 18, -+ * struct vfio_pamu_msi_bank_map) -+ * -+ * Maps the MSI bank at the specified index and iova. User space must -+ * call this ioctl once for each MSI bank (count of banks is returned by -+ * VFIO_IOMMU_PAMU_GET_MSI_BANK_COUNT). -+ * Caller provides struct vfio_pamu_msi_bank_map with all fields set. -+ * Return: 0 on success, -errno on failure -+ */ -+ -+struct vfio_pamu_msi_bank_map { -+ __u32 argsz; -+ __u32 flags; /* no flags currently */ -+ __u32 msi_bank_index; /* the index of the MSI bank */ -+ __u64 iova; /* the iova the bank is to be mapped to */ -+}; -+#define VFIO_IOMMU_PAMU_MAP_MSI_BANK _IO(VFIO_TYPE, VFIO_BASE + 18) -+ -+/* -+ * VFIO_IOMMU_PAMU_UNMAP_MSI_BANK - _IO(VFIO_TYPE, VFIO_BASE + 19, -+ * struct vfio_pamu_msi_bank_unmap) -+ * -+ * Unmaps the MSI bank at the specified iova. -+ * Caller provides struct vfio_pamu_msi_bank_unmap with all fields set. -+ * Operates on VFIO file descriptor (/dev/vfio/vfio). -+ * Return: 0 on success, -errno on failure -+ */ -+ -+struct vfio_pamu_msi_bank_unmap { -+ __u32 argsz; -+ __u32 flags; /* no flags currently */ -+ __u64 iova; /* the iova to be unmapped to */ -+}; -+#define VFIO_IOMMU_PAMU_UNMAP_MSI_BANK _IO(VFIO_TYPE, VFIO_BASE + 19) -+ -+/* -+ * IOCTLs to enable/disable IOMMU container usage. -+ * No parameters are supported. -+ */ -+#define VFIO_IOMMU_ENABLE _IO(VFIO_TYPE, VFIO_BASE + 15) -+#define VFIO_IOMMU_DISABLE _IO(VFIO_TYPE, VFIO_BASE + 16) -+ -+/* -------- Additional API for SPAPR TCE (Server POWERPC) IOMMU -------- */ -+ -+/* -+ * The SPAPR TCE info struct provides the information about the PCI bus -+ * address ranges available for DMA, these values are programmed into -+ * the hardware so the guest has to know that information. -+ * -+ * The DMA 32 bit window start is an absolute PCI bus address. -+ * The IOVA address passed via map/unmap ioctls are absolute PCI bus -+ * addresses too so the window works as a filter rather than an offset -+ * for IOVA addresses. -+ * -+ * A flag will need to be added if other page sizes are supported, -+ * so as defined here, it is always 4k. -+ */ -+struct vfio_iommu_spapr_tce_info { -+ __u32 argsz; -+ __u32 flags; /* reserved for future use */ -+ __u32 dma32_window_start; /* 32 bit window start (bytes) */ -+ __u32 dma32_window_size; /* 32 bit window size (bytes) */ -+}; -+ -+#define VFIO_IOMMU_SPAPR_TCE_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) -+ -+/* ***************************************************************** */ -+ -+#endif /* _UAPIVFIO_H */ --- -1.8.3.2 - diff --git a/meta-fsl-ppc/recipes-extended/skmm-ep/skmm-ep_git.bb b/meta-fsl-ppc/recipes-extended/skmm-ep/skmm-ep_git.bb deleted file mode 100644 index ca5d6734..00000000 --- a/meta-fsl-ppc/recipes-extended/skmm-ep/skmm-ep_git.bb +++ /dev/null @@ -1,31 +0,0 @@ -DESCRIPTION = "SKMM application for PCIe endpoint" -SECTION = "skmm-ep" -LICENSE = "BSD & GPLv2" -LIC_FILES_CHKSUM = "file://Makefile;endline=30;md5=39e58bedc879163c9338596e52df5b1f" - -DEPENDS = "libedit openssl virtual/kernel" - -PACKAGE_ARCH = "${MACHINE_ARCH}" - -SRC_URI = "git://git.freescale.com/ppc/sdk/skmm-ep.git;nobranch=1 \ - file://add-two-missing-header-files.patch \ -" -SRCREV = "27156a6621c8f6d7f98210b1ca5cd97bde926875" - -COMPATIBLE_MACHINE = "(p4080ds|t4240qds|c293pcie)" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = 'MACHINE=${MACHINE}' - -export LIBEDIT_CFLAGS = "`pkg-config --cflags libedit`" -export LIBEDIT_LDFLAGS = "`pkg-config --libs --static libedit`" - -do_compile () { - export ARCH=${TARGET_ARCH} - oe_runmake -} - -do_install () { - oe_runmake ARCH=${TARGET_ARCH} install DESTDIR=${D} -} diff --git a/meta-fsl-ppc/recipes-extended/testfloat/files/SoftFloat-powerpc-1.patch b/meta-fsl-ppc/recipes-extended/testfloat/files/SoftFloat-powerpc-1.patch deleted file mode 100644 index b6db2de2..00000000 --- a/meta-fsl-ppc/recipes-extended/testfloat/files/SoftFloat-powerpc-1.patch +++ /dev/null @@ -1,1427 +0,0 @@ -This patch adds PowerPC support in SoftFloat. - -Signed-off-by: Ebony Zhu -Signed-off-by: Liu Yu ---- - SoftFloat-2b/processors/powerpc-GCC.h | 87 ++++ - SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile | 26 ++ - SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h | 55 +++ - .../bits32/powerpc-GCC/softfloat-specialize | 252 ++++++++++++ - .../softfloat/bits32/powerpc-GCC/softfloat.h | 155 +++++++ - SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile | 24 ++ - SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h | 55 +++ - .../bits64/powerpc-GCC/softfloat-specialize | 422 ++++++++++++++++++++ - .../softfloat/bits64/powerpc-GCC/softfloat.h | 269 +++++++++++++ - 9 files changed, 1345 insertions(+), 0 deletions(-) - create mode 100644 SoftFloat-2b/processors/powerpc-GCC.h - create mode 100644 SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile - create mode 100644 SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h - create mode 100644 SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat-specialize - create mode 100644 SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat.h - create mode 100644 SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile - create mode 100644 SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h - create mode 100644 SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat-specialize - create mode 100644 SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat.h - -diff --git a/SoftFloat-2b/processors/powerpc-GCC.h b/SoftFloat-2b/processors/powerpc-GCC.h -new file mode 100644 -index 0000000..002a786 ---- /dev/null -+++ b/SoftFloat-2b/processors/powerpc-GCC.h -@@ -0,0 +1,87 @@ -+/* -+ * This file is derived from processors/386-gcc.h, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ * -+ * THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -+ * been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -+ * RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -+ * AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -+ * COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -+ * EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -+ * INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR -+ * OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. -+ */ -+ -+/*---------------------------------------------------------------------------- -+| One of the macros `BIGENDIAN' or `LITTLEENDIAN' must be defined. -+*----------------------------------------------------------------------------*/ -+#define BIGENDIAN -+ -+/*---------------------------------------------------------------------------- -+| The macro `BITS64' can be defined to indicate that 64-bit integer types are -+| supported by the compiler. -+*----------------------------------------------------------------------------*/ -+#define BITS32 -+ -+/*---------------------------------------------------------------------------- -+| Each of the following `typedef's defines the most convenient type that holds -+| integers of at least as many bits as specified. For example, `uint8' should -+| be the most convenient type that can hold unsigned integers of as many as -+| 8 bits. The `flag' type must be able to hold either a 0 or 1. For most -+| implementations of C, `flag', `uint8', and `int8' should all be `typedef'ed -+| to the same as `int'. -+*----------------------------------------------------------------------------*/ -+typedef int flag; -+typedef int uint8; -+typedef int int8; -+typedef int uint16; -+typedef int int16; -+typedef unsigned int uint32; -+typedef signed int int32; -+#ifdef BITS64 -+typedef unsigned long long int uint64; -+typedef signed long long int int64; -+#endif -+ -+/*---------------------------------------------------------------------------- -+| Each of the following `typedef's defines a type that holds integers -+| of _exactly_ the number of bits specified. For instance, for most -+| implementation of C, `bits16' and `sbits16' should be `typedef'ed to -+| `unsigned short int' and `signed short int' (or `short int'), respectively. -+*----------------------------------------------------------------------------*/ -+typedef unsigned char bits8; -+typedef signed char sbits8; -+typedef unsigned short int bits16; -+typedef signed short int sbits16; -+typedef unsigned int bits32; -+typedef signed int sbits32; -+#ifdef BITS64 -+typedef unsigned long long int bits64; -+typedef signed long long int sbits64; -+#endif -+ -+#ifdef BITS64 -+/*---------------------------------------------------------------------------- -+| The `LIT64' macro takes as its argument a textual integer literal and -+| if necessary ``marks'' the literal as having a 64-bit integer type. -+| For example, the GNU C Compiler (`gcc') requires that 64-bit literals be -+| appended with the letters `LL' standing for `long long', which is `gcc's -+| name for the 64-bit integer type. Some compilers may allow `LIT64' to be -+| defined as the identity macro: `#define LIT64( a ) a'. -+*----------------------------------------------------------------------------*/ -+#define LIT64( a ) a##LL -+#endif -+ -+/*---------------------------------------------------------------------------- -+| The macro `INLINE' can be used before functions that should be inlined. If -+| a compiler does not support explicit inlining, this macro should be defined -+| to be `static'. -+*----------------------------------------------------------------------------*/ -+#define INLINE extern inline -+ -diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile -new file mode 100644 -index 0000000..28f1e33 ---- /dev/null -+++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile -@@ -0,0 +1,26 @@ -+ -+PROCESSOR_H = ../../../processors/powerpc-GCC.h -+SOFTFLOAT_MACROS = ../softfloat-macros -+ -+OBJ = .o -+EXE = -+INCLUDES = -I. -I.. -+COMPILE_C = $(COMPILE_PREFIX)gcc -msoft-float -c -o $@ $(INCLUDES) -I- -O2 -+LINK = $(COMPILE_PREFIX)gcc -o $@ -+ -+ALL: softfloat$(OBJ) timesoftfloat$(EXE) -+ -+milieu.h: $(PROCESSOR_H) -+ touch milieu.h -+ -+softfloat$(OBJ): milieu.h softfloat.h softfloat-specialize $(SOFTFLOAT_MACROS) ../softfloat.c -+ $(COMPILE_C) ../softfloat.c -+ -+timesoftfloat$(OBJ): milieu.h softfloat.h ../timesoftfloat.c -+ $(COMPILE_C) ../timesoftfloat.c -+ -+timesoftfloat$(EXE): softfloat$(OBJ) timesoftfloat$(OBJ) -+ $(LINK) softfloat$(OBJ) timesoftfloat$(OBJ) -+ -+clean: -+ rm -f *.o timesoftfloat$(EXE) -diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h -new file mode 100644 -index 0000000..d8b6012 ---- /dev/null -+++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h -@@ -0,0 +1,55 @@ -+/* -+ * This file is derived from softfloat/bits32/386-Win32-GCC/milieu.h, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/*============================================================================ -+ -+This C header file is part of the SoftFloat IEC/IEEE Floating-point Arithmetic -+Package, Release 2b. -+ -+Written by John R. Hauser. This work was made possible in part by the -+International Computer Science Institute, located at Suite 600, 1947 Center -+Street, Berkeley, California 94704. Funding was partially provided by the -+National Science Foundation under grant MIP-9311980. The original version -+of this code was written as part of a project to build a fixed-point vector -+processor in collaboration with the University of California at Berkeley, -+overseen by Profs. Nelson Morgan and John Wawrzynek. More information -+is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ -+arithmetic/SoftFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -+been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -+RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -+AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -+COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -+EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -+INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR -+OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) the source code for the derivative work includes prominent notice that -+the work is derivative, and (2) the source code includes prominent notice with -+these four paragraphs for those parts of this code that are retained. -+ -+=============================================================================*/ -+ -+/*---------------------------------------------------------------------------- -+| Include common integer types and flags. -+*----------------------------------------------------------------------------*/ -+#include "../../../processors/powerpc-GCC.h" -+ -+/*---------------------------------------------------------------------------- -+| Symbolic Boolean literals. -+*----------------------------------------------------------------------------*/ -+enum { -+ FALSE = 0, -+ TRUE = 1 -+}; -+ -diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat-specialize b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat-specialize -new file mode 100644 -index 0000000..fd2caa4 ---- /dev/null -+++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat-specialize -@@ -0,0 +1,252 @@ -+/* -+ * This file is derived from softfloat/bits32/386-Win32-GCC/softfloat-specialize, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/*============================================================================ -+ -+This C source fragment is part of the SoftFloat IEC/IEEE Floating-point -+Arithmetic Package, Release 2b. -+ -+Written by John R. Hauser. This work was made possible in part by the -+International Computer Science Institute, located at Suite 600, 1947 Center -+Street, Berkeley, California 94704. Funding was partially provided by the -+National Science Foundation under grant MIP-9311980. The original version -+of this code was written as part of a project to build a fixed-point vector -+processor in collaboration with the University of California at Berkeley, -+overseen by Profs. Nelson Morgan and John Wawrzynek. More information -+is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ -+arithmetic/SoftFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -+been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -+RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -+AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -+COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -+EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -+INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR -+OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) the source code for the derivative work includes prominent notice that -+the work is derivative, and (2) the source code includes prominent notice with -+these four paragraphs for those parts of this code that are retained. -+ -+=============================================================================*/ -+ -+/*---------------------------------------------------------------------------- -+| Underflow tininess-detection mode, statically initialized to default value. -+| (The declaration in `softfloat.h' must match the `int8' type here.) -+*----------------------------------------------------------------------------*/ -+int8 float_detect_tininess = float_tininess_after_rounding; -+ -+/*---------------------------------------------------------------------------- -+| Raises the exceptions specified by `flags'. Floating-point traps can be -+| defined here if desired. It is currently not possible for such a trap -+| to substitute a result value. If traps are not implemented, this routine -+| should be simply `float_exception_flags |= flags;'. -+*----------------------------------------------------------------------------*/ -+ -+void float_raise( int8 flags ) -+{ -+ -+ float_exception_flags |= flags; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Internal canonical NaN format. -+*----------------------------------------------------------------------------*/ -+typedef struct { -+ flag sign; -+ bits32 high, low; -+} commonNaNT; -+ -+/*---------------------------------------------------------------------------- -+| The pattern for a default generated single-precision NaN. -+*----------------------------------------------------------------------------*/ -+enum { -+ float32_default_nan = 0xFFFFFFFF -+}; -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the single-precision floating-point value `a' is a NaN; -+| otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float32_is_nan( float32 a ) -+{ -+ -+ return ( 0xFF000000 < (bits32) ( a<<1 ) ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the single-precision floating-point value `a' is a signaling -+| NaN; otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float32_is_signaling_nan( float32 a ) -+{ -+ -+ return ( ( ( a>>22 ) & 0x1FF ) == 0x1FE ) && ( a & 0x003FFFFF ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the single-precision floating-point NaN -+| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid -+| exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static commonNaNT float32ToCommonNaN( float32 a ) -+{ -+ commonNaNT z; -+ -+ if ( float32_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); -+ z.sign = a>>31; -+ z.low = 0; -+ z.high = a<<9; -+ return z; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the canonical NaN `a' to the single- -+| precision floating-point format. -+*----------------------------------------------------------------------------*/ -+ -+static float32 commonNaNToFloat32( commonNaNT a ) -+{ -+ -+ return ( ( (bits32) a.sign )<<31 ) | 0x7FC00000 | ( a.high>>9 ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Takes two single-precision floating-point values `a' and `b', one of which -+| is a NaN, and returns the appropriate NaN result. If either `a' or `b' is a -+| signaling NaN, the invalid exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static float32 propagateFloat32NaN( float32 a, float32 b ) -+{ -+ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; -+ -+ aIsNaN = float32_is_nan( a ); -+ aIsSignalingNaN = float32_is_signaling_nan( a ); -+ bIsNaN = float32_is_nan( b ); -+ bIsSignalingNaN = float32_is_signaling_nan( b ); -+ a |= 0x00400000; -+ b |= 0x00400000; -+ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); -+ if ( aIsNaN ) { -+ return ( aIsSignalingNaN & bIsNaN ) ? b : a; -+ } -+ else { -+ return b; -+ } -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| The pattern for a default generated double-precision NaN. The `high' and -+| `low' values hold the most- and least-significant bits, respectively. -+*----------------------------------------------------------------------------*/ -+enum { -+ float64_default_nan_high = 0xFFFFFFFF, -+ float64_default_nan_low = 0xFFFFFFFF -+}; -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the double-precision floating-point value `a' is a NaN; -+| otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float64_is_nan( float64 a ) -+{ -+ -+ return -+ ( 0xFFE00000 <= (bits32) ( a.high<<1 ) ) -+ && ( a.low || ( a.high & 0x000FFFFF ) ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the double-precision floating-point value `a' is a signaling -+| NaN; otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float64_is_signaling_nan( float64 a ) -+{ -+ -+ return -+ ( ( ( a.high>>19 ) & 0xFFF ) == 0xFFE ) -+ && ( a.low || ( a.high & 0x0007FFFF ) ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the double-precision floating-point NaN -+| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid -+| exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static commonNaNT float64ToCommonNaN( float64 a ) -+{ -+ commonNaNT z; -+ -+ if ( float64_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); -+ z.sign = a.high>>31; -+ shortShift64Left( a.high, a.low, 12, &z.high, &z.low ); -+ return z; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the canonical NaN `a' to the double- -+| precision floating-point format. -+*----------------------------------------------------------------------------*/ -+ -+static float64 commonNaNToFloat64( commonNaNT a ) -+{ -+ float64 z; -+ -+ shift64Right( a.high, a.low, 12, &z.high, &z.low ); -+ z.high |= ( ( (bits32) a.sign )<<31 ) | 0x7FF80000; -+ return z; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Takes two double-precision floating-point values `a' and `b', one of which -+| is a NaN, and returns the appropriate NaN result. If either `a' or `b' is a -+| signaling NaN, the invalid exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static float64 propagateFloat64NaN( float64 a, float64 b ) -+{ -+ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; -+ -+ aIsNaN = float64_is_nan( a ); -+ aIsSignalingNaN = float64_is_signaling_nan( a ); -+ bIsNaN = float64_is_nan( b ); -+ bIsSignalingNaN = float64_is_signaling_nan( b ); -+ a.high |= 0x00080000; -+ b.high |= 0x00080000; -+ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); -+ if ( aIsNaN ) { -+ return ( aIsSignalingNaN & bIsNaN ) ? b : a; -+ } -+ else { -+ return b; -+ } -+ -+} -+ -diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat.h b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat.h -new file mode 100644 -index 0000000..0015b8e ---- /dev/null -+++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat.h -@@ -0,0 +1,155 @@ -+/* -+ * This file is derived from softfloat/bits32/386-Win32-GCC/softfloat.h, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/*============================================================================ -+ -+This C header file is part of the SoftFloat IEC/IEEE Floating-point Arithmetic -+Package, Release 2b. -+ -+Written by John R. Hauser. This work was made possible in part by the -+International Computer Science Institute, located at Suite 600, 1947 Center -+Street, Berkeley, California 94704. Funding was partially provided by the -+National Science Foundation under grant MIP-9311980. The original version -+of this code was written as part of a project to build a fixed-point vector -+processor in collaboration with the University of California at Berkeley, -+overseen by Profs. Nelson Morgan and John Wawrzynek. More information -+is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ -+arithmetic/SoftFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -+been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -+RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -+AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -+COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -+EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -+INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR -+OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) the source code for the derivative work includes prominent notice that -+the work is derivative, and (2) the source code includes prominent notice with -+these four paragraphs for those parts of this code that are retained. -+ -+=============================================================================*/ -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE floating-point types. -+*----------------------------------------------------------------------------*/ -+typedef bits32 float32; -+typedef struct { -+ bits32 high, low; -+} float64; -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE floating-point underflow tininess-detection mode. -+*----------------------------------------------------------------------------*/ -+extern int8 float_detect_tininess; -+enum { -+ float_tininess_after_rounding = 0, -+ float_tininess_before_rounding = 1 -+}; -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE floating-point rounding mode. -+*----------------------------------------------------------------------------*/ -+extern int8 float_rounding_mode; -+enum { -+ float_round_nearest_even = 0, -+ float_round_to_zero = 1, -+ float_round_up = 2, -+ float_round_down = 3 -+}; -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE floating-point exception flags. -+*----------------------------------------------------------------------------*/ -+/* -+extern int8 float_exception_flags; -+enum { -+ float_flag_inexact = 1, -+ float_flag_underflow = 2, -+ float_flag_overflow = 4, -+ float_flag_divbyzero = 8, -+ float_flag_invalid = 16 -+}; -+*/ -+ -+extern int8 float_exception_flags; -+enum { -+ float_flag_inexact = 16, -+ float_flag_underflow = 2, -+ float_flag_overflow = 1, -+ float_flag_divbyzero = 4, -+ float_flag_invalid = 8 -+}; -+ -+/*---------------------------------------------------------------------------- -+| Routine to raise any or all of the software IEC/IEEE floating-point -+| exception flags. -+*----------------------------------------------------------------------------*/ -+void float_raise( int8 ); -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE integer-to-floating-point conversion routines. -+*----------------------------------------------------------------------------*/ -+float32 int32_to_float32( int32 ); -+float64 int32_to_float64( int32 ); -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE single-precision conversion routines. -+*----------------------------------------------------------------------------*/ -+int32 float32_to_int32( float32 ); -+int32 float32_to_int32_round_to_zero( float32 ); -+float64 float32_to_float64( float32 ); -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE single-precision operations. -+*----------------------------------------------------------------------------*/ -+float32 float32_round_to_int( float32 ); -+float32 float32_add( float32, float32 ); -+float32 float32_sub( float32, float32 ); -+float32 float32_mul( float32, float32 ); -+float32 float32_div( float32, float32 ); -+float32 float32_rem( float32, float32 ); -+float32 float32_sqrt( float32 ); -+flag float32_eq( float32, float32 ); -+flag float32_le( float32, float32 ); -+flag float32_lt( float32, float32 ); -+flag float32_eq_signaling( float32, float32 ); -+flag float32_le_quiet( float32, float32 ); -+flag float32_lt_quiet( float32, float32 ); -+flag float32_is_signaling_nan( float32 ); -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE double-precision conversion routines. -+*----------------------------------------------------------------------------*/ -+int32 float64_to_int32( float64 ); -+int32 float64_to_int32_round_to_zero( float64 ); -+float32 float64_to_float32( float64 ); -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE double-precision operations. -+*----------------------------------------------------------------------------*/ -+float64 float64_round_to_int( float64 ); -+float64 float64_add( float64, float64 ); -+float64 float64_sub( float64, float64 ); -+float64 float64_mul( float64, float64 ); -+float64 float64_div( float64, float64 ); -+float64 float64_rem( float64, float64 ); -+float64 float64_sqrt( float64 ); -+flag float64_eq( float64, float64 ); -+flag float64_le( float64, float64 ); -+flag float64_lt( float64, float64 ); -+flag float64_eq_signaling( float64, float64 ); -+flag float64_le_quiet( float64, float64 ); -+flag float64_lt_quiet( float64, float64 ); -+flag float64_is_signaling_nan( float64 ); -+ -diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile -new file mode 100644 -index 0000000..a5e2cc7 ---- /dev/null -+++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile -@@ -0,0 +1,24 @@ -+ -+PROCESSOR_H = ../../../processors/powerpc-GCC.h -+SOFTFLOAT_MACROS = ../softfloat-macros -+ -+OBJ = .o -+EXE = -+INCLUDES = -I. -I.. -+COMPILE_C = $(COMPILE_PREFIX) -mcpu=8548 -mhard-float -mfloat-gprs=double -o $@ $(INCLUDES) -I- -O2 -+LINK = $(COMPILE_PREFIX) -o $@ -+ -+ALL: softfloat$(OBJ) timesoftfloat$(EXE) -+ -+milieu.h: $(PROCESSOR_H) -+ touch milieu.h -+ -+softfloat$(OBJ): milieu.h softfloat.h softfloat-specialize $(SOFTFLOAT_MACROS) ../softfloat.c -+ $(COMPILE_C) ../softfloat.c -+ -+timesoftfloat$(OBJ): milieu.h softfloat.h ../timesoftfloat.c -+ $(COMPILE_C) ../timesoftfloat.c -+ -+timesoftfloat$(EXE): softfloat$(OBJ) timesoftfloat$(OBJ) -+ $(LINK) softfloat$(OBJ) timesoftfloat$(OBJ) -+ -diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h -new file mode 100644 -index 0000000..1b66490 ---- /dev/null -+++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h -@@ -0,0 +1,55 @@ -+/* -+ * This file is derived from softfloat/bits64/386-Win32-GCC/milieu.h, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/*============================================================================ -+ -+This C header file is part of the SoftFloat IEC/IEEE Floating-point Arithmetic -+Package, Release 2b. -+ -+Written by John R. Hauser. This work was made possible in part by the -+International Computer Science Institute, located at Suite 600, 1947 Center -+Street, Berkeley, California 94704. Funding was partially provided by the -+National Science Foundation under grant MIP-9311980. The original version -+of this code was written as part of a project to build a fixed-point vector -+processor in collaboration with the University of California at Berkeley, -+overseen by Profs. Nelson Morgan and John Wawrzynek. More information -+is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ -+arithmetic/SoftFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -+been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -+RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -+AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -+COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -+EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -+INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR -+OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) the source code for the derivative work includes prominent notice that -+the work is derivative, and (2) the source code includes prominent notice with -+these four paragraphs for those parts of this code that are retained. -+ -+=============================================================================*/ -+ -+/*---------------------------------------------------------------------------- -+| Include common integer types and flags. -+*----------------------------------------------------------------------------*/ -+#include "../../../processors/SPARC-GCC.h" -+ -+/*---------------------------------------------------------------------------- -+| Symbolic Boolean literals. -+*----------------------------------------------------------------------------*/ -+enum { -+ FALSE = 0, -+ TRUE = 1 -+}; -+ -diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat-specialize b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat-specialize -new file mode 100644 -index 0000000..b1d0bc8 ---- /dev/null -+++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat-specialize -@@ -0,0 +1,422 @@ -+/* -+ * This file is derived from softfloat/bits64/386-Win32-GCC/softfloat-specialize, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/*============================================================================ -+ -+This C source fragment is part of the SoftFloat IEC/IEEE Floating-point -+Arithmetic Package, Release 2b. -+ -+Written by John R. Hauser. This work was made possible in part by the -+International Computer Science Institute, located at Suite 600, 1947 Center -+Street, Berkeley, California 94704. Funding was partially provided by the -+National Science Foundation under grant MIP-9311980. The original version -+of this code was written as part of a project to build a fixed-point vector -+processor in collaboration with the University of California at Berkeley, -+overseen by Profs. Nelson Morgan and John Wawrzynek. More information -+is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ -+arithmetic/SoftFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -+been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -+RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -+AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -+COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -+EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -+INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR -+OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) the source code for the derivative work includes prominent notice that -+the work is derivative, and (2) the source code includes prominent notice with -+these four paragraphs for those parts of this code that are retained. -+ -+=============================================================================*/ -+ -+/*---------------------------------------------------------------------------- -+| Underflow tininess-detection mode, statically initialized to default value. -+| (The declaration in `softfloat.h' must match the `int8' type here.) -+*----------------------------------------------------------------------------*/ -+int8 float_detect_tininess = float_tininess_before_rounding; -+ -+/*---------------------------------------------------------------------------- -+| Raises the exceptions specified by `flags'. Floating-point traps can be -+| defined here if desired. It is currently not possible for such a trap -+| to substitute a result value. If traps are not implemented, this routine -+| should be simply `float_exception_flags |= flags;'. -+*----------------------------------------------------------------------------*/ -+ -+void float_raise( int8 flags ) -+{ -+ -+ float_exception_flags |= flags; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Internal canonical NaN format. -+*----------------------------------------------------------------------------*/ -+typedef struct { -+ flag sign; -+ bits64 high, low; -+} commonNaNT; -+ -+/*---------------------------------------------------------------------------- -+| The pattern for a default generated single-precision NaN. -+*----------------------------------------------------------------------------*/ -+#define float32_default_nan 0x7FFFFFFF -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the single-precision floating-point value `a' is a NaN; -+| otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float32_is_nan( float32 a ) -+{ -+ -+ return ( 0xFF000000 < (bits32) ( a<<1 ) ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the single-precision floating-point value `a' is a signaling -+| NaN; otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float32_is_signaling_nan( float32 a ) -+{ -+ -+ return ( ( ( a>>22 ) & 0x1FF ) == 0x1FE ) && ( a & 0x003FFFFF ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the single-precision floating-point NaN -+| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid -+| exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static commonNaNT float32ToCommonNaN( float32 a ) -+{ -+ commonNaNT z; -+ -+ if ( float32_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); -+ z.sign = a>>31; -+ z.low = 0; -+ z.high = ( (bits64) a )<<41; -+ return z; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the canonical NaN `a' to the single- -+| precision floating-point format. -+*----------------------------------------------------------------------------*/ -+ -+static float32 commonNaNToFloat32( commonNaNT a ) -+{ -+ -+ return ( ( (bits32) a.sign )<<31 ) | 0x7FC00000 | ( a.high>>41 ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Takes two single-precision floating-point values `a' and `b', one of which -+| is a NaN, and returns the appropriate NaN result. If either `a' or `b' is a -+| signaling NaN, the invalid exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static float32 propagateFloat32NaN( float32 a, float32 b ) -+{ -+ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; -+ -+ aIsNaN = float32_is_nan( a ); -+ aIsSignalingNaN = float32_is_signaling_nan( a ); -+ bIsNaN = float32_is_nan( b ); -+ bIsSignalingNaN = float32_is_signaling_nan( b ); -+ a |= 0x00400000; -+ b |= 0x00400000; -+ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); -+ return bIsSignalingNaN ? b : aIsSignalingNaN ? a : bIsNaN ? b : a; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| The pattern for a default generated double-precision NaN. -+*----------------------------------------------------------------------------*/ -+#define float64_default_nan LIT64( 0x7FFFFFFFFFFFFFFF ) -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the double-precision floating-point value `a' is a NaN; -+| otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float64_is_nan( float64 a ) -+{ -+ -+ return ( LIT64( 0xFFE0000000000000 ) < (bits64) ( a<<1 ) ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the double-precision floating-point value `a' is a signaling -+| NaN; otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float64_is_signaling_nan( float64 a ) -+{ -+ -+ return -+ ( ( ( a>>51 ) & 0xFFF ) == 0xFFE ) -+ && ( a & LIT64( 0x0007FFFFFFFFFFFF ) ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the double-precision floating-point NaN -+| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid -+| exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static commonNaNT float64ToCommonNaN( float64 a ) -+{ -+ commonNaNT z; -+ -+ if ( float64_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); -+ z.sign = a>>63; -+ z.low = 0; -+ z.high = a<<12; -+ return z; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the canonical NaN `a' to the double- -+| precision floating-point format. -+*----------------------------------------------------------------------------*/ -+ -+static float64 commonNaNToFloat64( commonNaNT a ) -+{ -+ -+ return -+ ( ( (bits64) a.sign )<<63 ) -+ | LIT64( 0x7FF8000000000000 ) -+ | ( a.high>>12 ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Takes two double-precision floating-point values `a' and `b', one of which -+| is a NaN, and returns the appropriate NaN result. If either `a' or `b' is a -+| signaling NaN, the invalid exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static float64 propagateFloat64NaN( float64 a, float64 b ) -+{ -+ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; -+ -+ aIsNaN = float64_is_nan( a ); -+ aIsSignalingNaN = float64_is_signaling_nan( a ); -+ bIsNaN = float64_is_nan( b ); -+ bIsSignalingNaN = float64_is_signaling_nan( b ); -+ a |= LIT64( 0x0008000000000000 ); -+ b |= LIT64( 0x0008000000000000 ); -+ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); -+ return bIsSignalingNaN ? b : aIsSignalingNaN ? a : bIsNaN ? b : a; -+ -+} -+ -+#ifdef FLOATX80 -+ -+/*---------------------------------------------------------------------------- -+| The pattern for a default generated extended double-precision NaN. The -+| `high' and `low' values hold the most- and least-significant bits, -+| respectively. -+*----------------------------------------------------------------------------*/ -+#define floatx80_default_nan_high 0x7FFF -+#define floatx80_default_nan_low LIT64( 0xFFFFFFFFFFFFFFFF ) -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the extended double-precision floating-point value `a' is a -+| NaN; otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag floatx80_is_nan( floatx80 a ) -+{ -+ -+ return ( ( a.high & 0x7FFF ) == 0x7FFF ) && (bits64) ( a.low<<1 ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the extended double-precision floating-point value `a' is a -+| signaling NaN; otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag floatx80_is_signaling_nan( floatx80 a ) -+{ -+ bits64 aLow; -+ -+ aLow = a.low & ~ LIT64( 0x4000000000000000 ); -+ return -+ ( ( a.high & 0x7FFF ) == 0x7FFF ) -+ && (bits64) ( aLow<<1 ) -+ && ( a.low == aLow ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the extended double-precision floating- -+| point NaN `a' to the canonical NaN format. If `a' is a signaling NaN, the -+| invalid exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static commonNaNT floatx80ToCommonNaN( floatx80 a ) -+{ -+ commonNaNT z; -+ -+ if ( floatx80_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); -+ z.sign = a.high>>15; -+ z.low = 0; -+ z.high = a.low<<1; -+ return z; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the canonical NaN `a' to the extended -+| double-precision floating-point format. -+*----------------------------------------------------------------------------*/ -+ -+static floatx80 commonNaNToFloatx80( commonNaNT a ) -+{ -+ floatx80 z; -+ -+ z.low = LIT64( 0xC000000000000000 ) | ( a.high>>1 ); -+ z.high = ( ( (bits16) a.sign )<<15 ) | 0x7FFF; -+ return z; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Takes two extended double-precision floating-point values `a' and `b', one -+| of which is a NaN, and returns the appropriate NaN result. If either `a' or -+| `b' is a signaling NaN, the invalid exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static floatx80 propagateFloatx80NaN( floatx80 a, floatx80 b ) -+{ -+ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; -+ -+ aIsNaN = floatx80_is_nan( a ); -+ aIsSignalingNaN = floatx80_is_signaling_nan( a ); -+ bIsNaN = floatx80_is_nan( b ); -+ bIsSignalingNaN = floatx80_is_signaling_nan( b ); -+ a.low |= LIT64( 0xC000000000000000 ); -+ b.low |= LIT64( 0xC000000000000000 ); -+ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); -+ return bIsSignalingNaN ? b : aIsSignalingNaN ? a : bIsNaN ? b : a; -+ -+} -+ -+#endif -+ -+#ifdef FLOAT128 -+ -+/*---------------------------------------------------------------------------- -+| The pattern for a default generated quadruple-precision NaN. The `high' and -+| `low' values hold the most- and least-significant bits, respectively. -+*----------------------------------------------------------------------------*/ -+#define float128_default_nan_high LIT64( 0x7FFFFFFFFFFFFFFF ) -+#define float128_default_nan_low LIT64( 0xFFFFFFFFFFFFFFFF ) -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the quadruple-precision floating-point value `a' is a NaN; -+| otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float128_is_nan( float128 a ) -+{ -+ -+ return -+ ( LIT64( 0xFFFE000000000000 ) <= (bits64) ( a.high<<1 ) ) -+ && ( a.low || ( a.high & LIT64( 0x0000FFFFFFFFFFFF ) ) ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns 1 if the quadruple-precision floating-point value `a' is a -+| signaling NaN; otherwise returns 0. -+*----------------------------------------------------------------------------*/ -+ -+flag float128_is_signaling_nan( float128 a ) -+{ -+ -+ return -+ ( ( ( a.high>>47 ) & 0xFFFF ) == 0xFFFE ) -+ && ( a.low || ( a.high & LIT64( 0x00007FFFFFFFFFFF ) ) ); -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the quadruple-precision floating-point NaN -+| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid -+| exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static commonNaNT float128ToCommonNaN( float128 a ) -+{ -+ commonNaNT z; -+ -+ if ( float128_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); -+ z.sign = a.high>>63; -+ shortShift128Left( a.high, a.low, 16, &z.high, &z.low ); -+ return z; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Returns the result of converting the canonical NaN `a' to the quadruple- -+| precision floating-point format. -+*----------------------------------------------------------------------------*/ -+ -+static float128 commonNaNToFloat128( commonNaNT a ) -+{ -+ float128 z; -+ -+ shift128Right( a.high, a.low, 16, &z.high, &z.low ); -+ z.high |= ( ( (bits64) a.sign )<<63 ) | LIT64( 0x7FFF800000000000 ); -+ return z; -+ -+} -+ -+/*---------------------------------------------------------------------------- -+| Takes two quadruple-precision floating-point values `a' and `b', one of -+| which is a NaN, and returns the appropriate NaN result. If either `a' or -+| `b' is a signaling NaN, the invalid exception is raised. -+*----------------------------------------------------------------------------*/ -+ -+static float128 propagateFloat128NaN( float128 a, float128 b ) -+{ -+ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; -+ -+ aIsNaN = float128_is_nan( a ); -+ aIsSignalingNaN = float128_is_signaling_nan( a ); -+ bIsNaN = float128_is_nan( b ); -+ bIsSignalingNaN = float128_is_signaling_nan( b ); -+ a.high |= LIT64( 0x0000800000000000 ); -+ b.high |= LIT64( 0x0000800000000000 ); -+ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); -+ return bIsSignalingNaN ? b : aIsSignalingNaN ? a : bIsNaN ? b : a; -+ -+} -+ -+#endif -+ -diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat.h b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat.h -new file mode 100644 -index 0000000..5b7cb1c ---- /dev/null -+++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat.h -@@ -0,0 +1,269 @@ -+/* -+ * This file is derived from softfloat/bits64/386-Win32-GCC/softfloat.h, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/*============================================================================ -+ -+This C header file is part of the SoftFloat IEC/IEEE Floating-point Arithmetic -+Package, Release 2b. -+ -+Written by John R. Hauser. This work was made possible in part by the -+International Computer Science Institute, located at Suite 600, 1947 Center -+Street, Berkeley, California 94704. Funding was partially provided by the -+National Science Foundation under grant MIP-9311980. The original version -+of this code was written as part of a project to build a fixed-point vector -+processor in collaboration with the University of California at Berkeley, -+overseen by Profs. Nelson Morgan and John Wawrzynek. More information -+is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ -+arithmetic/SoftFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -+been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -+RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -+AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -+COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -+EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -+INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR -+OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) the source code for the derivative work includes prominent notice that -+the work is derivative, and (2) the source code includes prominent notice with -+these four paragraphs for those parts of this code that are retained. -+ -+=============================================================================*/ -+ -+/*---------------------------------------------------------------------------- -+| The macro `FLOATX80' must be defined to enable the extended double-precision -+| floating-point format `floatx80'. If this macro is not defined, the -+| `floatx80' type will not be defined, and none of the functions that either -+| input or output the `floatx80' type will be defined. The same applies to -+| the `FLOAT128' macro and the quadruple-precision format `float128'. -+*----------------------------------------------------------------------------*/ -+#define FLOATX80 -+#define FLOAT128 -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE floating-point types. -+*----------------------------------------------------------------------------*/ -+typedef unsigned int float32; -+typedef unsigned long long float64; -+#ifdef FLOATX80 -+typedef struct { -+ unsigned short high; -+ unsigned long long low; -+} floatx80; -+#endif -+#ifdef FLOAT128 -+typedef struct { -+ unsigned long long high, low; -+} float128; -+#endif -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE floating-point underflow tininess-detection mode. -+*----------------------------------------------------------------------------*/ -+extern int float_detect_tininess; -+enum { -+ float_tininess_after_rounding = 0, -+ float_tininess_before_rounding = 1 -+}; -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE floating-point rounding mode. -+*----------------------------------------------------------------------------*/ -+extern int float_rounding_mode; -+enum { -+ float_round_nearest_even = 0, -+ float_round_to_zero = 1, -+ float_round_up = 2, -+ float_round_down = 3 -+}; -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE floating-point exception flags. -+*----------------------------------------------------------------------------*/ -+extern int float_exception_flags; -+enum { -+ float_flag_inexact = 1, -+ float_flag_divbyzero = 2, -+ float_flag_underflow = 4, -+ float_flag_overflow = 8, -+ float_flag_invalid = 16 -+}; -+ -+/*---------------------------------------------------------------------------- -+| Routine to raise any or all of the software IEC/IEEE floating-point -+| exception flags. -+*----------------------------------------------------------------------------*/ -+void float_raise( int ); -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE integer-to-floating-point conversion routines. -+*----------------------------------------------------------------------------*/ -+float32 int32_to_float32( int ); -+float64 int32_to_float64( int ); -+#ifdef FLOATX80 -+floatx80 int32_to_floatx80( int ); -+#endif -+#ifdef FLOAT128 -+float128 int32_to_float128( int ); -+#endif -+float32 int64_to_float32( long long ); -+float64 int64_to_float64( long long ); -+#ifdef FLOATX80 -+floatx80 int64_to_floatx80( long long ); -+#endif -+#ifdef FLOAT128 -+float128 int64_to_float128( long long ); -+#endif -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE single-precision conversion routines. -+*----------------------------------------------------------------------------*/ -+int float32_to_int32( float32 ); -+int float32_to_int32_round_to_zero( float32 ); -+long long float32_to_int64( float32 ); -+long long float32_to_int64_round_to_zero( float32 ); -+float64 float32_to_float64( float32 ); -+#ifdef FLOATX80 -+floatx80 float32_to_floatx80( float32 ); -+#endif -+#ifdef FLOAT128 -+float128 float32_to_float128( float32 ); -+#endif -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE single-precision operations. -+*----------------------------------------------------------------------------*/ -+float32 float32_round_to_int( float32 ); -+float32 float32_add( float32, float32 ); -+float32 float32_sub( float32, float32 ); -+float32 float32_mul( float32, float32 ); -+float32 float32_div( float32, float32 ); -+float32 float32_rem( float32, float32 ); -+float32 float32_sqrt( float32 ); -+int float32_eq( float32, float32 ); -+int float32_le( float32, float32 ); -+int float32_lt( float32, float32 ); -+int float32_eq_signaling( float32, float32 ); -+int float32_le_quiet( float32, float32 ); -+int float32_lt_quiet( float32, float32 ); -+int float32_is_signaling_nan( float32 ); -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE double-precision conversion routines. -+*----------------------------------------------------------------------------*/ -+int float64_to_int32( float64 ); -+int float64_to_int32_round_to_zero( float64 ); -+long long float64_to_int64( float64 ); -+long long float64_to_int64_round_to_zero( float64 ); -+float32 float64_to_float32( float64 ); -+#ifdef FLOATX80 -+floatx80 float64_to_floatx80( float64 ); -+#endif -+#ifdef FLOAT128 -+float128 float64_to_float128( float64 ); -+#endif -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE double-precision operations. -+*----------------------------------------------------------------------------*/ -+float64 float64_round_to_int( float64 ); -+float64 float64_add( float64, float64 ); -+float64 float64_sub( float64, float64 ); -+float64 float64_mul( float64, float64 ); -+float64 float64_div( float64, float64 ); -+float64 float64_rem( float64, float64 ); -+float64 float64_sqrt( float64 ); -+int float64_eq( float64, float64 ); -+int float64_le( float64, float64 ); -+int float64_lt( float64, float64 ); -+int float64_eq_signaling( float64, float64 ); -+int float64_le_quiet( float64, float64 ); -+int float64_lt_quiet( float64, float64 ); -+int float64_is_signaling_nan( float64 ); -+ -+#ifdef FLOATX80 -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE extended double-precision conversion routines. -+*----------------------------------------------------------------------------*/ -+int floatx80_to_int32( floatx80 ); -+int floatx80_to_int32_round_to_zero( floatx80 ); -+long long floatx80_to_int64( floatx80 ); -+long long floatx80_to_int64_round_to_zero( floatx80 ); -+float32 floatx80_to_float32( floatx80 ); -+float64 floatx80_to_float64( floatx80 ); -+#ifdef FLOAT128 -+float128 floatx80_to_float128( floatx80 ); -+#endif -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE extended double-precision rounding precision. Valid -+| values are 32, 64, and 80. -+*----------------------------------------------------------------------------*/ -+extern int floatx80_rounding_precision; -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE extended double-precision operations. -+*----------------------------------------------------------------------------*/ -+floatx80 floatx80_round_to_int( floatx80 ); -+floatx80 floatx80_add( floatx80, floatx80 ); -+floatx80 floatx80_sub( floatx80, floatx80 ); -+floatx80 floatx80_mul( floatx80, floatx80 ); -+floatx80 floatx80_div( floatx80, floatx80 ); -+floatx80 floatx80_rem( floatx80, floatx80 ); -+floatx80 floatx80_sqrt( floatx80 ); -+int floatx80_eq( floatx80, floatx80 ); -+int floatx80_le( floatx80, floatx80 ); -+int floatx80_lt( floatx80, floatx80 ); -+int floatx80_eq_signaling( floatx80, floatx80 ); -+int floatx80_le_quiet( floatx80, floatx80 ); -+int floatx80_lt_quiet( floatx80, floatx80 ); -+int floatx80_is_signaling_nan( floatx80 ); -+ -+#endif -+ -+#ifdef FLOAT128 -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE quadruple-precision conversion routines. -+*----------------------------------------------------------------------------*/ -+int float128_to_int32( float128 ); -+int float128_to_int32_round_to_zero( float128 ); -+long long float128_to_int64( float128 ); -+long long float128_to_int64_round_to_zero( float128 ); -+float32 float128_to_float32( float128 ); -+float64 float128_to_float64( float128 ); -+#ifdef FLOATX80 -+floatx80 float128_to_floatx80( float128 ); -+#endif -+ -+/*---------------------------------------------------------------------------- -+| Software IEC/IEEE quadruple-precision operations. -+*----------------------------------------------------------------------------*/ -+float128 float128_round_to_int( float128 ); -+float128 float128_add( float128, float128 ); -+float128 float128_sub( float128, float128 ); -+float128 float128_mul( float128, float128 ); -+float128 float128_div( float128, float128 ); -+float128 float128_rem( float128, float128 ); -+float128 float128_sqrt( float128 ); -+int float128_eq( float128, float128 ); -+int float128_le( float128, float128 ); -+int float128_lt( float128, float128 ); -+int float128_eq_signaling( float128, float128 ); -+int float128_le_quiet( float128, float128 ); -+int float128_lt_quiet( float128, float128 ); -+int float128_is_signaling_nan( float128 ); -+ -+#endif -+ --- -1.5.4 - diff --git a/meta-fsl-ppc/recipes-extended/testfloat/files/TestFloat-powerpc-E500v2-SPE-1.patch b/meta-fsl-ppc/recipes-extended/testfloat/files/TestFloat-powerpc-E500v2-SPE-1.patch deleted file mode 100644 index c34421cf..00000000 --- a/meta-fsl-ppc/recipes-extended/testfloat/files/TestFloat-powerpc-E500v2-SPE-1.patch +++ /dev/null @@ -1,1644 +0,0 @@ -This patch adds PowerPC E500v2 SPE support in TestFloat. -And it disables the testing for hardware that can not trigger SPE interrupt. - -Signed-off-by: Ebony Zhu -Signed-off-by: Liu Yu ---- - processors/POWERPC-gcc.h | 99 +++++ - testfloat/powerpc-linux-gcc/Makefile | 83 +++++ - testfloat/powerpc-linux-gcc/milieu.h | 71 ++++ - testfloat/powerpc-linux-gcc/systflags.c | 107 ++++++ - testfloat/powerpc-linux-gcc/systfloat.c | 595 +++++++++++++++++++++++++++++++ - testfloat/powerpc-linux-gcc/systmodes.c | 67 ++++ - testfloat/templates/Makefile | 18 +- - testfloat/templates/milieu.h | 2 +- - testfloat/testFunction.h | 2 +- - testfloat/testLoops.c | 216 +++++++++++ - 10 files changed, 1252 insertions(+), 8 deletions(-) - create mode 100644 processors/POWERPC-gcc.h - create mode 100644 testfloat/powerpc-linux-gcc/Makefile - create mode 100644 testfloat/powerpc-linux-gcc/milieu.h - create mode 100644 testfloat/powerpc-linux-gcc/systflags.c - create mode 100644 testfloat/powerpc-linux-gcc/systfloat.c - create mode 100644 testfloat/powerpc-linux-gcc/systmodes.c - -diff --git a/processors/POWERPC-gcc.h b/processors/POWERPC-gcc.h -new file mode 100644 -index 0000000..4201faa ---- /dev/null -+++ b/processors/POWERPC-gcc.h -@@ -0,0 +1,99 @@ -+/* -+ * This file is derived from processors/i386-GCC.h, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ * -+ * THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -+ * been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -+ * RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -+ * AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -+ * COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -+ * EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -+ * INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR -+ * OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. -+ */ -+ -+/* -+------------------------------------------------------------------------------- -+One of the macros `BIGENDIAN' or `LITTLEENDIAN' must be defined. -+------------------------------------------------------------------------------- -+*/ -+#define BIGENDIAN -+ -+/* -+------------------------------------------------------------------------------- -+The macro `BITS64' can be defined to indicate that 64-bit integer types are -+supported by the compiler. -+------------------------------------------------------------------------------- -+*/ -+#undef BITS64 -+ -+/* -+------------------------------------------------------------------------------- -+Each of the following `typedef's defines the most convenient type that holds -+integers of at least as many bits as specified. For example, `uint8' should -+be the most convenient type that can hold unsigned integers of as many as -+8 bits. The `flag' type must be able to hold either a 0 or 1. For most -+implementations of C, `flag', `uint8', and `int8' should all be `typedef'ed -+to the same as `int'. -+------------------------------------------------------------------------------- -+*/ -+typedef int flag; -+typedef int uint8; -+typedef int int8; -+typedef int uint16; -+typedef int int16; -+typedef unsigned int uint32; -+typedef signed int int32; -+#ifdef BITS64 -+typedef unsigned long long int uint64; -+typedef signed long long int int64; -+#endif -+ -+/* -+------------------------------------------------------------------------------- -+Each of the following `typedef's defines a type that holds integers -+of _exactly_ the number of bits specified. For instance, for most -+implementation of C, `bits16' and `sbits16' should be `typedef'ed to -+`unsigned short int' and `signed short int' (or `short int'), respectively. -+------------------------------------------------------------------------------- -+*/ -+typedef unsigned char bits8; -+typedef signed char sbits8; -+typedef unsigned short int bits16; -+typedef signed short int sbits16; -+typedef unsigned int bits32; -+typedef signed int sbits32; -+#ifdef BITS64 -+typedef unsigned long long int bits64; -+typedef signed long long int sbits64; -+#endif -+ -+#ifdef BITS64 -+/* -+------------------------------------------------------------------------------- -+The `LIT64' macro takes as its argument a textual integer literal and -+if necessary ``marks'' the literal as having a 64-bit integer type. -+For example, the GNU C Compiler (`gcc') requires that 64-bit literals be -+appended with the letters `LL' standing for `long long', which is `gcc's -+name for the 64-bit integer type. Some compilers may allow `LIT64' to be -+defined as the identity macro: `#define LIT64( a ) a'. -+------------------------------------------------------------------------------- -+*/ -+#define LIT64( a ) a##LL -+#endif -+ -+/* -+------------------------------------------------------------------------------- -+The macro `INLINE' can be used before functions that should be inlined. If -+a compiler does not support explicit inlining, this macro should be defined -+to be `static'. -+------------------------------------------------------------------------------- -+*/ -+#define INLINE extern inline -+ -diff --git a/testfloat/powerpc-linux-gcc/Makefile b/testfloat/powerpc-linux-gcc/Makefile -new file mode 100644 -index 0000000..de50aad ---- /dev/null -+++ b/testfloat/powerpc-linux-gcc/Makefile -@@ -0,0 +1,83 @@ -+ -+PROCESSOR_H = ../../processors/POWERPC-gcc.h -+SOFTFLOAT_VERSION = bits32 -+TARGET = powerpc-GCC -+SOFTFLOAT_DIR = ../../SoftFloat-2b/softfloat/$(SOFTFLOAT_VERSION)/$(TARGET) -+ -+OBJ = .o -+EXE = -+INCLUDES = -I. -I.. -I$(SOFTFLOAT_DIR) -+ -+COMPILE_C = $(COMPILE_PREFIX)gcc -c -o $@ $(INCLUDES) -I- -O $(EXTRA_CFLAGS) -+ -+COMPILE_C_HARD = $(COMPILE_PREFIX)gcc -c -te500v2 -o $@ $(INCLUDES) -+ -+COMPILE_SLOWFLOAT_C = $(COMPILE_PREFIX)gcc -c -o $@ $(INCLUDES) -I- -O -+ -+LINK = $(COMPILE_PREFIX)gcc -lm -o $@ -+ -+SOFTFLOAT_H = $(SOFTFLOAT_DIR)/softfloat.h -+SOFTFLOAT_OBJ = $(SOFTFLOAT_DIR)/softfloat$(OBJ) -+ -+ALL: testsoftfloat$(EXE) testfloat$(EXE) -+ -+systmodes$(OBJ): milieu.h systmodes.c -+ $(COMPILE_C) systmodes.c -+ -+systflags$(OBJ): milieu.h ../systflags.h systflags.c -+ $(COMPILE_C) systflags.c -+ -+systfloat$(OBJ): milieu.h $(SOFTFLOAT_H) ../systfloat.h systfloat.c -+ $(COMPILE_C_HARD) systfloat.c -+ -+#------------------------------------------------------------------------------ -+# Probably O.K. below here. -+#------------------------------------------------------------------------------ -+ -+milieu.h: $(PROCESSOR_H) -+ touch milieu.h -+ -+fail$(OBJ): milieu.h ../fail.h -+ $(COMPILE_C) ../fail.c -+ -+random$(OBJ): milieu.h ../random.h -+ $(COMPILE_C) ../random.c -+ -+testCases$(OBJ): milieu.h ../fail.h ../random.h $(SOFTFLOAT_H) ../testCases.h ../testCases.c -+ $(COMPILE_C) ../testCases.c -+ -+writeHex$(OBJ): milieu.h $(SOFTFLOAT_H) ../writeHex.h ../writeHex.c -+ $(COMPILE_C) ../writeHex.c -+ -+testLoops$(OBJ): milieu.h $(SOFTFLOAT_H) ../testCases.h ../writeHex.h ../testLoops.h ../testLoops.c -+ $(COMPILE_C) ../testLoops.c -+ -+slowfloat$(OBJ): milieu.h $(SOFTFLOAT_H) ../slowfloat.h ../slowfloat-32.c ../slowfloat-64.c ../slowfloat.c -+ $(COMPILE_SLOWFLOAT_C) ../slowfloat.c -+ -+testsoftfloat$(OBJ): milieu.h ../fail.h $(SOFTFLOAT_H) ../testCases.h ../testLoops.h ../slowfloat.h ../testsoftfloat.c -+ $(COMPILE_C) ../testsoftfloat.c -+ -+testsoftfloat$(EXE): fail$(OBJ) random$(OBJ) $(SOFTFLOAT_OBJ) testCases$(OBJ) writeHex$(OBJ) testLoops$(OBJ) slowfloat$(OBJ) testsoftfloat$(OBJ) systflags$(OBJ) systmodes$(OBJ) -+ $(LINK) fail$(OBJ) random$(OBJ) $(SOFTFLOAT_OBJ) testCases$(OBJ) writeHex$(OBJ) testLoops$(OBJ) slowfloat$(OBJ) testsoftfloat$(OBJ) systflags$(OBJ) systmodes$(OBJ) -+ -+testFunction$(OBJ): milieu.h $(SOFTFLOAT_H) ../testCases.h ../testLoops.h ../systmodes.h ../systflags.h ../systfloat.h ../testFunction.h ../testFunction.c -+ $(COMPILE_C) ../testFunction.c -+ -+testfloat$(OBJ): milieu.h ../fail.h $(SOFTFLOAT_H) ../testCases.h ../testLoops.h ../systflags.h ../testFunction.h ../testfloat.c -+ $(COMPILE_C) ../testfloat.c -+ -+testfloat$(EXE): fail$(OBJ) random$(OBJ) $(SOFTFLOAT_OBJ) testCases$(OBJ) writeHex$(OBJ) testLoops$(OBJ) systmodes$(OBJ) systflags$(OBJ) systfloat$(OBJ) testFunction$(OBJ) testfloat$(OBJ) -+ $(LINK) fail$(OBJ) random$(OBJ) $(SOFTFLOAT_OBJ) testCases$(OBJ) writeHex$(OBJ) testLoops$(OBJ) systmodes$(OBJ) systflags$(OBJ) systfloat$(OBJ) testFunction$(OBJ) testfloat$(OBJ) -+ -+$(SOFTFLOAT_OBJ): -+ make -C $(SOFTFLOAT_DIR) -+ -+cp: ALL -+ cp testsoftfloat$(EXE) ../../test_softfloat$(EXE) -+ cp testfloat$(EXE) ../../test_float$(EXE) -+ -+clean: -+ make -C $(SOFTFLOAT_DIR) clean -+ rm -f *.o testfloat$(EXE) testsoftfloat$(EXE) -+ rm -f ../../test_softfloat$(EXE) ../../test_float$(EXE) -diff --git a/testfloat/powerpc-linux-gcc/milieu.h b/testfloat/powerpc-linux-gcc/milieu.h -new file mode 100644 -index 0000000..29d2b18 ---- /dev/null -+++ b/testfloat/powerpc-linux-gcc/milieu.h -@@ -0,0 +1,71 @@ -+/* -+ * This file is derived from testfloat/386-Win32-gcc/milieu.h, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/* -+=============================================================================== -+ -+This C header file is part of TestFloat, Release 2a, a package of programs -+for testing the correctness of floating-point arithmetic complying to the -+IEC/IEEE Standard for Floating-Point. -+ -+Written by John R. Hauser. More information is available through the Web -+page `http://HTTP.CS.Berkeley.EDU/~jhauser/arithmetic/TestFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort -+has been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT -+TIMES RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO -+PERSONS AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ANY -+AND ALL LOSSES, COSTS, OR OTHER PROBLEMS ARISING FROM ITS USE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) they include prominent notice that the work is derivative, and (2) they -+include prominent notice akin to these four paragraphs for those parts of -+this code that are retained. -+ -+=============================================================================== -+*/ -+ -+/* -+------------------------------------------------------------------------------- -+Include common integer types and flags. -+------------------------------------------------------------------------------- -+*/ -+#include "../../processors/POWERPC-gcc.h" -+/* -+------------------------------------------------------------------------------- -+If the `BITS64' macro is defined by the processor header file but the -+version of SoftFloat being used/tested is the 32-bit one (`bits32'), the -+`BITS64' macro must be undefined here. -+------------------------------------------------------------------------------- -+*/ -+ -+#undef BITS64 -+/* -+------------------------------------------------------------------------------- -+The macro `LONG_DOUBLE_IS_FLOATX80' can be defined to indicate that the -+C compiler supports the type `long double' as an extended double-precision -+format. Alternatively, the macro `LONG_DOUBLE_IS_FLOAT128' can be defined -+to indicate that `long double' is a quadruple-precision format. If neither -+of these macros is defined, `long double' will be ignored. -+------------------------------------------------------------------------------- -+#define LONG_DOUBLE_IS_FLOATX80 -+*/ -+ -+/* -+------------------------------------------------------------------------------- -+Symbolic Boolean literals. -+------------------------------------------------------------------------------- -+*/ -+enum { -+ FALSE = 0, -+ TRUE = 1 -+}; -+ -diff --git a/testfloat/powerpc-linux-gcc/systflags.c b/testfloat/powerpc-linux-gcc/systflags.c -new file mode 100644 -index 0000000..c382442 ---- /dev/null -+++ b/testfloat/powerpc-linux-gcc/systflags.c -@@ -0,0 +1,107 @@ -+/* -+ * This file is derived from testfloat/386-Win32-gcc/systflags.c, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/* -+=============================================================================== -+ -+This C source file is part of TestFloat, Release 2a, a package of programs -+for testing the correctness of floating-point arithmetic complying to the -+IEC/IEEE Standard for Floating-Point. -+ -+Written by John R. Hauser. More information is available through the Web -+page `http://HTTP.CS.Berkeley.EDU/~jhauser/arithmetic/TestFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort -+has been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT -+TIMES RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO -+PERSONS AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ANY -+AND ALL LOSSES, COSTS, OR OTHER PROBLEMS ARISING FROM ITS USE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) they include prominent notice that the work is derivative, and (2) they -+include prominent notice akin to these four paragraphs for those parts of -+this code that are retained. -+ -+=============================================================================== -+*/ -+ -+#include "milieu.h" -+#include "systflags.h" -+#include -+#include -+#include -+#include -+#include -+ -+#ifdef __SPE__ -+ -+#include -+ -+ -+#define SPE_FINV_ENABLE (1UL << 5) -+#define SPE_FDBZ_ENABLE (1UL << 4) -+#define SPE_FUNF_ENABLE (1UL << 3) -+#define SPE_FOVF_ENABLE (1UL << 2) -+ -+#define SPE_FG (1UL << 13) -+#define SPE_FX (1UL << 12) -+#define SPE_FINV (1UL << 11) -+#define SPE_FDBZ (1UL << 10) -+#define SPE_FUNF (1UL << 9) -+#define SPE_FOVF (1UL << 8) -+ -+#define SPE_FG_H (1UL << 29) -+#define SPE_FX_H (1UL << 28) -+#define SPE_FINV_H (1UL << 27) -+#define SPE_FDBZ_H (1UL << 26) -+#define SPE_FUNF_H (1UL << 25) -+#define SPE_FOVF_H (1UL << 24) -+ -+static int is_soft_emu = 0; -+ -+#endif -+/* -+------------------------------------------------------------------------------- -+Clears the system's IEC/IEEE floating-point exception flags. Returns the -+previous value of the flags. -+------------------------------------------------------------------------------- -+*/ -+extern int rounding; -+unsigned int spefscr = 0; -+ -+int8 syst_float_flags_clear( void ) -+{ -+#ifdef TEST_KERNEL_EMU -+ if( (spefscr & (SPE_FINV | SPE_FINV_H)) -+ || (spefscr & (SPE_FDBZ | SPE_FDBZ_H)) -+ || (spefscr & (SPE_FUNF | SPE_FUNF_H)) -+ || (spefscr & (SPE_FOVF | SPE_FOVF_H)) -+ || (spefscr & (SPE_FX | SPE_FG | SPE_FX_H | SPE_FG_H))){ -+ is_soft_emu = 1; -+ } else { -+ is_soft_emu = 0; -+ } -+#endif -+ __builtin_spe_mtspefscr(0x3c|(rounding & 0x3)); -+ -+ return ((spefscr>>17) & 0x1f); -+} -+ -+int syst_float_is_soft_emu(void) -+{ -+ int ret = 0; -+#ifdef TEST_KERNEL_EMU -+ ret = is_soft_emu; -+#endif -+ return ret; -+} -+ -+ -diff --git a/testfloat/powerpc-linux-gcc/systfloat.c b/testfloat/powerpc-linux-gcc/systfloat.c -new file mode 100644 -index 0000000..8d06f9f ---- /dev/null -+++ b/testfloat/powerpc-linux-gcc/systfloat.c -@@ -0,0 +1,595 @@ -+/* -+ * This file is derived from testfloat/systfloat.c, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/* -+=============================================================================== -+ -+This C source file is part of TestFloat, Release 2a, a package of programs -+for testing the correctness of floating-point arithmetic complying to the -+IEC/IEEE Standard for Floating-Point. -+ -+Written by John R. Hauser. More information is available through the Web -+page `http://HTTP.CS.Berkeley.EDU/~jhauser/arithmetic/TestFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort -+has been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT -+TIMES RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO -+PERSONS AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ANY -+AND ALL LOSSES, COSTS, OR OTHER PROBLEMS ARISING FROM ITS USE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) they include prominent notice that the work is derivative, and (2) they -+include prominent notice akin to these four paragraphs for those parts of -+this code that are retained. -+ -+=============================================================================== -+*/ -+ -+#include -+#include "milieu.h" -+#include "softfloat.h" -+#include "systfloat.h" -+ -+extern unsigned int spefscr; -+ -+float32 syst_int32_to_float32( int32 a ) -+{ -+ float32 z; -+ -+ *( (float *) &z ) = a; -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+float64 syst_int32_to_float64( int32 a ) -+{ -+ float64 z; -+ -+ *( (double *) &z ) = a; -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) -+ -+floatx80 syst_int32_to_floatx80( int32 a ) -+{ -+ floatx80 z; -+ -+ *( (long double *) &z ) = a; -+ return z; -+ -+} -+ -+#endif -+ -+#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) -+ -+float128 syst_int32_to_float128( int32 a ) -+{ -+ float128 z; -+ -+ *( (long double *) &z ) = a; -+ return z; -+ -+} -+ -+#endif -+ -+#ifdef BITS64 -+ -+float32 syst_int64_to_float32( int64 a ) -+{ -+ float32 z; -+ -+ *( (float *) &z ) = a; -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+float64 syst_int64_to_float64( int64 a ) -+{ -+ float64 z; -+ -+ *( (double *) &z ) = a; -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) -+ -+floatx80 syst_int64_to_floatx80( int64 a ) -+{ -+ floatx80 z; -+ -+ *( (long double *) &z ) = a; -+ return z; -+ -+} -+ -+#endif -+ -+#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) -+ -+float128 syst_int64_to_float128( int64 a ) -+{ -+ float128 z; -+ -+ *( (long double *) &z ) = a; -+ return z; -+ -+} -+ -+#endif -+ -+#endif -+ -+int32 syst_float32_to_int32_round_to_zero( float32 a ) -+{ -+ int32 z = *( (float *) &a ); -+ spefscr = __builtin_spe_mfspefscr(); -+ -+ return z; -+ -+} -+ -+#ifdef BITS64 -+ -+int64 syst_float32_to_int64_round_to_zero( float32 a ) -+{ -+ int64 z = *( (float *) &a ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+#endif -+ -+float64 syst_float32_to_float64( float32 a ) -+{ -+ float64 z; -+ -+ *( (double *) &z ) = *( (float *) &a ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) -+ -+floatx80 syst_float32_to_floatx80( float32 a ) -+{ -+ floatx80 z; -+ -+ *( (long double *) &z ) = *( (float *) &a ); -+ return z; -+ -+} -+ -+#endif -+ -+#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) -+ -+float128 syst_float32_to_float128( float32 a ) -+{ -+ float128 z; -+ -+ *( (long double *) &z ) = *( (float *) &a ); -+ return z; -+ -+} -+ -+#endif -+ -+float32 syst_float32_add( float32 a, float32 b ) -+{ -+ float32 z; -+ -+ *( (float *) &z ) = *( (float *) &a ) + *( (float *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+float32 syst_float32_sub( float32 a, float32 b ) -+{ -+ float32 z; -+ -+ *( (float *) &z ) = *( (float *) &a ) - *( (float *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+float32 syst_float32_mul( float32 a, float32 b ) -+{ -+ float32 z; -+ -+ *( (float *) &z ) = *( (float *) &a ) * *( (float *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+float32 syst_float32_div( float32 a, float32 b ) -+{ -+ float32 z; -+ -+ *( (float *) &z ) = *( (float *) &a ) / *( (float *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+flag syst_float32_eq( float32 a, float32 b ) -+{ -+ flag f = ( *( (float *) &a ) == *( (float *) &b ) ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return f; -+ -+} -+ -+flag syst_float32_le( float32 a, float32 b ) -+{ -+ flag f = ( *( (float *) &a ) <= *( (float *) &b ) ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return f; -+ -+} -+ -+flag syst_float32_lt( float32 a, float32 b ) -+{ -+ flag f = ( *( (float *) &a ) < *( (float *) &b ) ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return f; -+ -+} -+ -+int32 syst_float64_to_int32_round_to_zero( float64 a ) -+{ -+ int32 z = *( (double *) &a ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+#ifdef BITS64 -+ -+int64 syst_float64_to_int64_round_to_zero( float64 a ) -+{ -+ int64 z = *( (double *) &a ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+#endif -+ -+float32 syst_float64_to_float32( float64 a ) -+{ -+ float32 z; -+ -+ *( (float *) &z ) = *( (double *) &a ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) -+ -+floatx80 syst_float64_to_floatx80( float64 a ) -+{ -+ floatx80 z; -+ -+ *( (long double *) &z ) = *( (double *) &a ); -+ return z; -+ -+} -+ -+#endif -+ -+#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) -+ -+float128 syst_float64_to_float128( float64 a ) -+{ -+ float128 z; -+ -+ *( (long double *) &z ) = *( (double *) &a ); -+ return z; -+ -+} -+ -+#endif -+ -+float64 syst_float64_add( float64 a, float64 b ) -+{ -+ float64 z; -+ -+ *( (double *) &z ) = *( (double *) &a ) + *( (double *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+float64 syst_float64_sub( float64 a, float64 b ) -+{ -+ float64 z; -+ -+ *( (double *) &z ) = *( (double *) &a ) - *( (double *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+float64 syst_float64_mul( float64 a, float64 b ) -+{ -+ float64 z; -+ -+ *( (double *) &z ) = *( (double *) &a ) * *( (double *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+float64 syst_float64_div( float64 a, float64 b ) -+{ -+ float64 z; -+ -+ *( (double *) &z ) = *( (double *) &a ) / *( (double *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+float64 syst_float64_sqrt( float64 a ) -+{ -+ /* Ebony -+ float64 z; -+ -+ *( (double *) &z ) = sqrt( *( (double *) &a ) ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ */ -+ -+} -+ -+flag syst_float64_eq( float64 a, float64 b ) -+{ -+ flag f = ( *( (double *) &a ) == *( (double *) &b ) ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return f; -+ -+} -+ -+flag syst_float64_le( float64 a, float64 b ) -+{ -+ flag f = ( *( (double *) &a ) <= *( (double *) &b ) ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return f; -+ -+} -+ -+flag syst_float64_lt( float64 a, float64 b ) -+{ -+ flag f = ( *( (double *) &a ) < *( (double *) &b ) ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return f; -+ -+} -+ -+#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) -+ -+int32 syst_floatx80_to_int32_round_to_zero( floatx80 a ) -+{ -+ -+ return *( (long double *) &a ); -+ -+} -+ -+#ifdef BITS64 -+ -+int64 syst_floatx80_to_int64_round_to_zero( floatx80 a ) -+{ -+ -+ return *( (long double *) &a ); -+ -+} -+ -+#endif -+ -+float32 syst_floatx80_to_float32( floatx80 a ) -+{ -+ float32 z; -+ -+ *( (float *) &z ) = *( (long double *) &a ); -+ return z; -+ -+} -+ -+float64 syst_floatx80_to_float64( floatx80 a ) -+{ -+ float64 z; -+ -+ *( (double *) &z ) = *( (long double *) &a ); -+ return z; -+ -+} -+ -+floatx80 syst_floatx80_add( floatx80 a, floatx80 b ) -+{ -+ floatx80 z; -+ -+ *( (long double *) &z ) = -+ *( (long double *) &a ) + *( (long double *) &b ); -+ return z; -+ -+} -+ -+floatx80 syst_floatx80_sub( floatx80 a, floatx80 b ) -+{ -+ floatx80 z; -+ -+ *( (long double *) &z ) = -+ *( (long double *) &a ) - *( (long double *) &b ); -+ return z; -+ -+} -+ -+floatx80 syst_floatx80_mul( floatx80 a, floatx80 b ) -+{ -+ floatx80 z; -+ -+ *( (long double *) &z ) = -+ *( (long double *) &a ) * *( (long double *) &b ); -+ return z; -+ -+} -+ -+floatx80 syst_floatx80_div( floatx80 a, floatx80 b ) -+{ -+ floatx80 z; -+ -+ *( (long double *) &z ) = -+ *( (long double *) &a ) / *( (long double *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+flag syst_floatx80_eq( floatx80 a, floatx80 b ) -+{ -+ -+ return ( *( (long double *) &a ) == *( (long double *) &b ) ); -+ -+} -+ -+flag syst_floatx80_le( floatx80 a, floatx80 b ) -+{ -+ -+ return ( *( (long double *) &a ) <= *( (long double *) &b ) ); -+ -+} -+ -+flag syst_floatx80_lt( floatx80 a, floatx80 b ) -+{ -+ -+ return ( *( (long double *) &a ) < *( (long double *) &b ) ); -+ -+} -+ -+#endif -+ -+#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) -+ -+int32 syst_float128_to_int32_round_to_zero( float128 a ) -+{ -+ -+ return *( (long double *) &a ); -+ -+} -+ -+#ifdef BITS64 -+ -+int64 syst_float128_to_int64_round_to_zero( float128 a ) -+{ -+ -+ return *( (long double *) &a ); -+ -+} -+ -+#endif -+ -+float32 syst_float128_to_float32( float128 a ) -+{ -+ float32 z; -+ -+ *( (float *) &z ) = *( (long double *) &a ); -+ return z; -+ -+} -+ -+float64 syst_float128_to_float64( float128 a ) -+{ -+ float64 z; -+ -+ *( (double *) &z ) = *( (long double *) &a ); -+ return z; -+ -+} -+ -+float128 syst_float128_add( float128 a, float128 b ) -+{ -+ float128 z; -+ -+ *( (long double *) &z ) = -+ *( (long double *) &a ) + *( (long double *) &b ); -+ return z; -+ -+} -+ -+float128 syst_float128_sub( float128 a, float128 b ) -+{ -+ float128 z; -+ -+ *( (long double *) &z ) = -+ *( (long double *) &a ) - *( (long double *) &b ); -+ return z; -+ -+} -+ -+float128 syst_float128_mul( float128 a, float128 b ) -+{ -+ float128 z; -+ -+ *( (long double *) &z ) = -+ *( (long double *) &a ) * *( (long double *) &b ); -+ return z; -+ -+} -+ -+float128 syst_float128_div( float128 a, float128 b ) -+{ -+ float128 z; -+ -+ *( (long double *) &z ) = -+ *( (long double *) &a ) / *( (long double *) &b ); -+ spefscr = __builtin_spe_mfspefscr(); -+ return z; -+ -+} -+ -+flag syst_float128_eq( float128 a, float128 b ) -+{ -+ -+ return ( *( (long double *) &a ) == *( (long double *) &b ) ); -+ -+} -+ -+flag syst_float128_le( float128 a, float128 b ) -+{ -+ -+ return ( *( (long double *) &a ) <= *( (long double *) &b ) ); -+ -+} -+ -+flag syst_float128_lt( float128 a, float128 b ) -+{ -+ -+ return ( *( (long double *) &a ) < *( (long double *) &b ) ); -+ -+} -+ -+#endif -+ -diff --git a/testfloat/powerpc-linux-gcc/systmodes.c b/testfloat/powerpc-linux-gcc/systmodes.c -new file mode 100644 -index 0000000..143cdea ---- /dev/null -+++ b/testfloat/powerpc-linux-gcc/systmodes.c -@@ -0,0 +1,67 @@ -+/* -+ * This file is derived from testfloat/386-Win32-gcc/systmodes.S, -+ * the copyright for that material belongs to the original owners. -+ * -+ * Additional material and changes where applicable is: -+ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. -+ * -+ * Author: Ebony Zhu, -+ * Yu Liu, -+ */ -+ -+/* -+=============================================================================== -+ -+This C source file is part of TestFloat, Release 2a, a package of programs -+for testing the correctness of floating-point arithmetic complying to the -+IEC/IEEE Standard for Floating-Point. -+ -+Written by John R. Hauser. More information is available through the Web -+page `http://HTTP.CS.Berkeley.EDU/~jhauser/arithmetic/TestFloat.html'. -+ -+THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort -+has been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT -+TIMES RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO -+PERSONS AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ANY -+AND ALL LOSSES, COSTS, OR OTHER PROBLEMS ARISING FROM ITS USE. -+ -+Derivative works are acceptable, even for commercial purposes, so long as -+(1) they include prominent notice that the work is derivative, and (2) they -+include prominent notice akin to these four paragraphs for those parts of -+this code that are retained. -+ -+=============================================================================== -+*/ -+ -+#include -+#include "milieu.h" -+#include "systmodes.h" -+/* -+------------------------------------------------------------------------------- -+Sets the system's IEC/IEEE floating-point rounding mode. Also disables all -+system exception traps. -+------------------------------------------------------------------------------- -+*/ -+int rounding; -+ -+void syst_float_set_rounding_mode( int8 roundingMode ) -+{ -+ (void) fesetround ( roundingMode ); -+ rounding = roundingMode; -+} -+ -+/* -+------------------------------------------------------------------------------- -+Sets the rounding precision of subsequent extended double-precision -+operations. The `precision' argument should be one of 0, 32, 64, or 80. -+If `precision' is 32, the rounding precision is set equivalent to single -+precision; else if `precision' is 64, the rounding precision is set -+equivalent to double precision; else the rounding precision is set to full -+extended double precision. -+------------------------------------------------------------------------------- -+*/ -+void syst_float_set_rounding_precision( int8 precision ) -+{ -+ -+} -+ -diff --git a/testfloat/templates/Makefile b/testfloat/templates/Makefile -index f5f3cde..18cffe0 100644 ---- a/testfloat/templates/Makefile -+++ b/testfloat/templates/Makefile -@@ -1,15 +1,21 @@ - --PROCESSOR_H = ../../processors/!!!processor.h -+#PROCESSOR_H = ../../processors/!!!processor.h -+PROCESSOR_H = ../../processors/POWERPC-gcc.h - SOFTFLOAT_VERSION = bits64 --TARGET = !!!target --SOFTFLOAT_DIR = ../../softfloat/$(SOFTFLOAT_VERSION)/$(TARGET) -+ -+#TARGET = !!!target -+TARGET = powerpc-GCC -+SOFTFLOAT_DIR = ../../../SoftFloat-2b/softfloat/$(SOFTFLOAT_VERSION)/$(TARGET) - - OBJ = .o - EXE = - INCLUDES = -I. -I.. -I$(SOFTFLOAT_DIR) --COMPILE_C = gcc -c -o $@ $(INCLUDES) -I- -O2 --COMPILE_SLOWFLOAT_C = gcc -c -o $@ $(INCLUDES) -I- -O3 --LINK = gcc -o $@ -+#COMPILE_C = gcc -c -o $@ $(INCLUDES) -I- -O2 -+#COMPILE_SLOWFLOAT_C = gcc -c -o $@ $(INCLUDES) -I- -O3 -+#LINK = gcc -o $@ -+COMPILE_C = /opt/mtwk/usr/local/gcc-3_4-e500-glibc-2.3.4-dp/powerpc-linux-gnuspe/bin/powerpc-linux-gnuspe-gcc -c -o $@ $(INCLUDES) -I- -O2 -+COMPILE_SLOWFLOAT_C = /opt/mtwk/usr/local/gcc-3_4-e500-glibc-2.3.4-dp/powerpc-linux-gnuspe/bin/powerpc-linux-gnuspe-gcc -c -o $@ $(INCLUDES) -I- -O3 -+LINK = /opt/mtwk/usr/local/gcc-3_4-e500-glibc-2.3.4-dp/powerpc-linux-gnuspe/bin/powerpc-linux-gnuspe-gcc -o $@ - - SOFTFLOAT_H = $(SOFTFLOAT_DIR)/softfloat.h - SOFTFLOAT_OBJ = $(SOFTFLOAT_DIR)/softfloat$(OBJ) -diff --git a/testfloat/templates/milieu.h b/testfloat/templates/milieu.h -index 56d3ac4..3214ca8 100644 ---- a/testfloat/templates/milieu.h -+++ b/testfloat/templates/milieu.h -@@ -28,7 +28,7 @@ this code that are retained. - Include common integer types and flags. - ------------------------------------------------------------------------------- - */ --#include "../../processors/!!!processor.h" -+#include "../../processors/SPARC-gcc.h" - - /* - ------------------------------------------------------------------------------- -diff --git a/testfloat/testFunction.h b/testfloat/testFunction.h -index 04bf856..00139a7 100644 ---- a/testfloat/testFunction.h -+++ b/testfloat/testFunction.h -@@ -126,8 +126,8 @@ extern const flag functionExists[ NUM_FUNCTIONS ]; - enum { - ROUND_NEAREST_EVEN = 1, - ROUND_TO_ZERO, -- ROUND_DOWN, - ROUND_UP, -+ ROUND_DOWN, - NUM_ROUNDINGMODES - }; - -diff --git a/testfloat/testLoops.c b/testfloat/testLoops.c -index 8ba92f3..ba05548 100644 ---- a/testfloat/testLoops.c -+++ b/testfloat/testLoops.c -@@ -488,6 +488,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_int32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -539,6 +544,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_int32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -592,6 +602,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_int32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -647,6 +662,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_int32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -702,6 +722,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_int64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -753,6 +778,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_int64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -806,6 +836,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_int64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -861,6 +896,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_int64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -916,6 +956,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -973,6 +1018,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1030,6 +1080,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1087,6 +1142,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1146,6 +1206,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1203,6 +1268,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1260,6 +1330,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float32, testCases_b_float32 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1312,6 +1387,25 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float32, testCases_b_float32 ); - testFlags = testFlagsFunctionPtr(); -+ -+if(testCases_a_float32 == 0x7ffffe && testCases_b_float32 == 0x3f7ffffe) -+{ -+ -+ writeErrorFound( 10000 - count ); -+ writeInputs_ab_float32(); -+ fputs( " ", stdout ); -+ writeOutputs_z_float32( trueZ, trueFlags, testZ, testFlags ); -+ fflush( stdout ); -+ if (! syst_float_is_soft_emu()){ -+ exit(-1); -+ } -+} -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif -+ - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1370,6 +1464,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1427,6 +1526,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1484,6 +1588,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1541,6 +1650,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1600,6 +1714,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1657,6 +1776,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1714,6 +1838,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float64, testCases_b_float64 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1766,6 +1895,13 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float64, testCases_b_float64 ); - testFlags = testFlagsFunctionPtr(); -+ -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif -+ - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1826,6 +1962,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_floatx80 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1883,6 +2024,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_floatx80 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1940,6 +2086,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_floatx80 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -1995,6 +2146,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_floatx80 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2052,6 +2208,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_floatx80 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2109,6 +2270,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_floatx80 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2166,6 +2332,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_floatx80, testCases_b_floatx80 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2218,6 +2389,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_floatx80, testCases_b_floatx80 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2280,6 +2456,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float128 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2337,6 +2518,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float128 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2394,6 +2580,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float128 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2449,6 +2640,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float128 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2506,6 +2702,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float128 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2563,6 +2764,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float128 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2620,6 +2826,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float128, testCases_b_float128 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); -@@ -2672,6 +2883,11 @@ void - (void) testFlagsFunctionPtr(); - testZ = testFunction( testCases_a_float128, testCases_b_float128 ); - testFlags = testFlagsFunctionPtr(); -+#ifdef TEST_KERNEL_EMU -+ if (! syst_float_is_soft_emu()){ -+ continue; -+ } -+#endif - --count; - if ( count == 0 ) { - checkEarlyExit(); --- -1.5.4 - diff --git a/meta-fsl-ppc/recipes-extended/testfloat/files/Yocto-replace-COMPILE_PREFIX-gcc.patch b/meta-fsl-ppc/recipes-extended/testfloat/files/Yocto-replace-COMPILE_PREFIX-gcc.patch deleted file mode 100644 index 42de56d3..00000000 --- a/meta-fsl-ppc/recipes-extended/testfloat/files/Yocto-replace-COMPILE_PREFIX-gcc.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 6c7567e05c28b8cb6c7dc68c278950a32feb6f64 Mon Sep 17 00:00:00 2001 -From: Ting Liu -Date: Wed, 9 May 2012 02:42:57 -0500 -Subject: [PATCH] Yocto: replace $(COMPILE_PREFIX)gcc with $(CC) and remove -te500v2 flags - -Signed-off-by: Ting Liu ---- - SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile | 4 ++-- - SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile | 4 ++-- - testfloat/powerpc-linux-gcc/Makefile | 8 ++++---- - 3 files changed, 8 insertions(+), 8 deletions(-) - -diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile -index 28f1e33..4098048 100644 ---- a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile -+++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile -@@ -5,8 +5,8 @@ SOFTFLOAT_MACROS = ../softfloat-macros - OBJ = .o - EXE = - INCLUDES = -I. -I.. --COMPILE_C = $(COMPILE_PREFIX)gcc -msoft-float -c -o $@ $(INCLUDES) -I- -O2 --LINK = $(COMPILE_PREFIX)gcc -o $@ -+COMPILE_C = $(CC) -msoft-float -c -o $@ $(INCLUDES) -I- -O2 -+LINK = $(CC) -o $@ - - ALL: softfloat$(OBJ) timesoftfloat$(EXE) - -diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile -index a5e2cc7..c34e16e 100644 ---- a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile -+++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile -@@ -5,8 +5,8 @@ SOFTFLOAT_MACROS = ../softfloat-macros - OBJ = .o - EXE = - INCLUDES = -I. -I.. --COMPILE_C = $(COMPILE_PREFIX) -mcpu=8548 -mhard-float -mfloat-gprs=double -o $@ $(INCLUDES) -I- -O2 --LINK = $(COMPILE_PREFIX) -o $@ -+COMPILE_C = $(CC) -mcpu=8548 -mhard-float -mfloat-gprs=double -o $@ $(INCLUDES) -I- -O2 -+LINK = $(CC) -o $@ - - ALL: softfloat$(OBJ) timesoftfloat$(EXE) - -diff --git a/testfloat/powerpc-linux-gcc/Makefile b/testfloat/powerpc-linux-gcc/Makefile -index de50aad..1a8b5f7 100644 ---- a/testfloat/powerpc-linux-gcc/Makefile -+++ b/testfloat/powerpc-linux-gcc/Makefile -@@ -8,13 +8,13 @@ OBJ = .o - EXE = - INCLUDES = -I. -I.. -I$(SOFTFLOAT_DIR) - --COMPILE_C = $(COMPILE_PREFIX)gcc -c -o $@ $(INCLUDES) -I- -O $(EXTRA_CFLAGS) -+COMPILE_C = $(CC) -c -o $@ $(INCLUDES) -I- -O $(EXTRA_CFLAGS) - --COMPILE_C_HARD = $(COMPILE_PREFIX)gcc -c -te500v2 -o $@ $(INCLUDES) -+COMPILE_C_HARD = $(CC) -c -o $@ $(INCLUDES) - --COMPILE_SLOWFLOAT_C = $(COMPILE_PREFIX)gcc -c -o $@ $(INCLUDES) -I- -O -+COMPILE_SLOWFLOAT_C = $(CC) -c -o $@ $(INCLUDES) -I- -O - --LINK = $(COMPILE_PREFIX)gcc -lm -o $@ -+LINK = $(CC) -lm -o $@ - - SOFTFLOAT_H = $(SOFTFLOAT_DIR)/softfloat.h - SOFTFLOAT_OBJ = $(SOFTFLOAT_DIR)/softfloat$(OBJ) --- -1.7.3.4 - diff --git a/meta-fsl-ppc/recipes-extended/testfloat/testfloat_2a.bb b/meta-fsl-ppc/recipes-extended/testfloat/testfloat_2a.bb deleted file mode 100644 index 800cef3d..00000000 --- a/meta-fsl-ppc/recipes-extended/testfloat/testfloat_2a.bb +++ /dev/null @@ -1,45 +0,0 @@ -DESCRIPTION = "A program for testing floating-point implementation" -LICENSE = "TestFloat" - -LIC_FILES_CHKSUM = "file://testfloat/testfloat.txt;beginline=87;endline=95;md5=bdb2e8111838a48015c29bd97f5b6145" - -SRC_URI = " http://www.jhauser.us/arithmetic/TestFloat-2a.tar.Z;name=TestFloat \ - http://www.jhauser.us/arithmetic/SoftFloat-2b.tar.Z;name=SoftFloat \ - " -SRC_URI_append_qoriq-ppc = " file://SoftFloat-powerpc-1.patch \ - file://TestFloat-powerpc-E500v2-SPE-1.patch \ - file://Yocto-replace-COMPILE_PREFIX-gcc.patch \ - " -SRC_URI[TestFloat.md5sum] = "4dc889319ae1e0c5381ec511f784553a" -SRC_URI[TestFloat.sha256sum] = "84d14aa42adefbda2ec9708b42946f7fa59f93689b042684bd027863481f8e4e" -SRC_URI[SoftFloat.md5sum] = "b4a58b5c941f1a2317e4c2500086e3fa" -SRC_URI[SoftFloat.sha256sum] = "89d14b55113a2ba8cbda7011443ba1d298d381c89d939515d56c5f18f2febf81" - -S = "${WORKDIR}/TestFloat-2a" - -do_unpack2(){ - mv ${WORKDIR}/SoftFloat-2b ${S}/SoftFloat-2b - cd ${S} - if [ -n "$(which fromdos)" ];then - find -type f -exec fromdos {} \; - elif [ -n "$(which dos2unix)" ];then - find -type f -exec dos2unix {} \; - else - echo -e "\nERROR: command dos2unix or fromdos not found\n" && return 1 - fi -} -addtask do_unpack2 after do_unpack before do_patch - -do_compile(){ - oe_runmake -C testfloat/powerpc-linux-gcc/ CC="${CC}" EXTRA_CFLAGS="-DTEST_KERNEL_EMU" -} - -do_install(){ - install -d ${D}/${bindir} - install testfloat/powerpc-linux-gcc/testfloat ${D}/${bindir} - install testfloat/powerpc-linux-gcc/testsoftfloat ${D}/${bindir} -} - -COMPATIBLE_HOST_e500v2 = ".*" -COMPATIBLE_HOST ?= "(none)" - diff --git a/meta-fsl-ppc/recipes-extended/web-sysmon/web-sysmon_git.bb b/meta-fsl-ppc/recipes-extended/web-sysmon/web-sysmon_git.bb deleted file mode 100644 index 84f60d51..00000000 --- a/meta-fsl-ppc/recipes-extended/web-sysmon/web-sysmon_git.bb +++ /dev/null @@ -1,23 +0,0 @@ -DESCRIPTION = "Web System Monitor Files" -SECTION = "web-sysmon" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e" - -SRC_URI = "git://git.freescale.com/ppc/sdk/web-sysmon-dev.git;nobranch=1" -SRCREV = "8d0c6eca1113832fabe917fd0cb25abe2d4d7157" - -inherit update-rc.d - -S = "${WORKDIR}/git" - -RDEPENDS_${PN} = "lighttpd" - -EXTRA_OEMAKE += "D=${D}" -do_install () { - oe_runmake install -} - -FILES_${PN} += "/" - -INITSCRIPT_NAME = "web-sysmon.sh" -INITSCRIPT_PARAMS = "defaults 99 20" diff --git a/meta-fsl-ppc/recipes-graphics/xorg-driver/xf86-video-fbdev_0.4.2.bb b/meta-fsl-ppc/recipes-graphics/xorg-driver/xf86-video-fbdev_0.4.2.bb deleted file mode 100644 index 038c421d..00000000 --- a/meta-fsl-ppc/recipes-graphics/xorg-driver/xf86-video-fbdev_0.4.2.bb +++ /dev/null @@ -1,11 +0,0 @@ -require xorg-driver-video.inc -LIC_FILES_CHKSUM = "file://COPYING;md5=d8cbd99fff773f92e844948f74ef0df8" - -DESCRIPTION = "X.Org X server -- fbdev display driver" -PE = "1" -PR = "${INC_PR}.1" - -DEPENDS += "virtual/xserver" - -SRC_URI[md5sum] = "53a533d9e0c2da50962282526bace074" -SRC_URI[sha256sum] = "93b271b4b41d7e5ca108849a583b9523e96c51813d046282285355b7001f82d5" diff --git a/meta-fsl-ppc/recipes-graphics/xorg-driver/xorg-driver-common.inc b/meta-fsl-ppc/recipes-graphics/xorg-driver/xorg-driver-common.inc deleted file mode 100644 index c0f4a15a..00000000 --- a/meta-fsl-ppc/recipes-graphics/xorg-driver/xorg-driver-common.inc +++ /dev/null @@ -1,40 +0,0 @@ -DESCRIPTION = "X driver" -HOMEPAGE = "http://www.x.org" -SECTION = "x11/drivers" -LICENSE = "MIT-X" -INC_PR = "r15" - -DEPENDS = "randrproto virtual/xserver-xf86 xproto" - -SRC_URI = "${XORG_MIRROR}/individual/driver/${BPN}-${PV}.tar.bz2" - -S = "${WORKDIR}/${BPN}-${PV}" - -FILES_${PN} += " ${libdir}/xorg/modules" -FILES_${PN}-dbg += "${libdir}/xorg/modules/*/.debug" - -inherit autotools pkgconfig - -TARGET_CPPFLAGS += "-I${STAGING_DIR_HOST}/usr/include/xorg" - -# Another sucky behavor from Xorg configure scripts. -# They use AC_CHECK_FILE to check for DRI headers. Yuck! -# Of course this will blow up when cross compiling. - -do_configure_prepend() { - incdir=${layout_includedir}/xorg - for f in dri.h sarea.h dristruct.h exa.h damage.h xf86Module.h; do - path="$incdir/$f" - if [ -f "${STAGING_DIR_HOST}/$path" ]; then - p=`echo "$path" | sed 'y%*+%pp%;s%[^_[:alnum:]]%_%g'` - eval "export ac_cv_file_$p=yes" - fi - done -} - -# FIXME: We don't want to include the libtool archives (*.la) from modules -# directory, as they serve no useful purpose. Upstream should fix Makefile.am -do_install_append() { - find ${D}${libdir}/xorg/modules -regex ".*\.la$" | xargs rm -f -- -} - diff --git a/meta-fsl-ppc/recipes-graphics/xorg-driver/xorg-driver-video.inc b/meta-fsl-ppc/recipes-graphics/xorg-driver/xorg-driver-video.inc deleted file mode 100644 index bce8c9a7..00000000 --- a/meta-fsl-ppc/recipes-graphics/xorg-driver/xorg-driver-video.inc +++ /dev/null @@ -1,4 +0,0 @@ -include xorg-driver-common.inc - -DEPENDS = "randrproto renderproto videoproto xextproto fontsproto xproto" - diff --git a/meta-fsl-ppc/recipes-graphics/xorg-xserver/xserver-xf86-config/p1022ds/xorg.conf b/meta-fsl-ppc/recipes-graphics/xorg-xserver/xserver-xf86-config/p1022ds/xorg.conf deleted file mode 100644 index 57f284e8..00000000 --- a/meta-fsl-ppc/recipes-graphics/xorg-xserver/xserver-xf86-config/p1022ds/xorg.conf +++ /dev/null @@ -1,27 +0,0 @@ -Section "Screen" - Identifier "Builtin Default fbdev Screen 0" - Device "Builtin Default fbdev Device 0" -EndSection - -Section "ServerLayout" - Identifier "Builtin Default Layout" - Screen "Builtin Default fbdev Screen 0" -EndSection - -Section "ServerFlags" - Option "DontZap" "0" -EndSection - -Section "InputClass" - Identifier "keyboard-all" - Driver "evdev" - MatchIsKeyboard "on" -EndSection - - -Section "InputClass" - Identifier "mouse-all" - Driver "evdev" - MatchIsPointer "on" -EndSection - diff --git a/meta-fsl-ppc/recipes-graphics/xorg-xserver/xserver-xf86-config_%.bbappend b/meta-fsl-ppc/recipes-graphics/xorg-xserver/xserver-xf86-config_%.bbappend deleted file mode 100644 index 6d4804d1..00000000 --- a/meta-fsl-ppc/recipes-graphics/xorg-xserver/xserver-xf86-config_%.bbappend +++ /dev/null @@ -1,2 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - diff --git a/meta-fsl-ppc/recipes-kernel/asf/asf_git.bb b/meta-fsl-ppc/recipes-kernel/asf/asf_git.bb deleted file mode 100644 index 6e25ecf5..00000000 --- a/meta-fsl-ppc/recipes-kernel/asf/asf_git.bb +++ /dev/null @@ -1,33 +0,0 @@ -DESCRIPTION = "Non-DPAA software Application Specific Fast-path" -SECTION = "asf" -LICENSE = "GPLv2 & GPLv2+ & BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=b5881ecf398da8a03a3f4c501e29d287" - -SRC_URI = "git://git.freescale.com/ppc/sdk/asf.git;branch=master" -SRCREV = "62ba10ab6bab8f8f53934e4bb55b5a552bf3fd6b" - -inherit module qoriq_build_64bit_kernel - -S = "${WORKDIR}/git/asfmodule" - -EXTRA_OEMAKE = "CROSS_COMPILE=${TARGET_PREFIX}" -export KERNEL_PATH = "${STAGING_KERNEL_DIR}" - -INHIBIT_PACKAGE_STRIP = "1" - -do_configure[depends] += "virtual/kernel:do_shared_workdir" -do_configure_prepend () { - find ${S} -name Makefile -exec \ - sed -i 's,$(KERNEL_PATH)/.config,$(KBUILD_OUTPUT)/.config,' {} \; -} - -do_install(){ - install -d ${D}/${libexecdir} - install -d ${D}/lib/modules/${KERNEL_VERSION}/asf - cp -rf ${S}/bin/full ${D}/lib/modules/${KERNEL_VERSION}/asf - cp -rf ${S}/bin/min ${D}/lib/modules/${KERNEL_VERSION}/asf - cp -rf ${S}/../scripts ${D}/${libexecdir}/ -} - -FILES_${PN} += "${libexecdir} /lib/modules/${KERNEL_VERSION}/asf" -RDEPENDS_${PN} += "ipsec-tools" diff --git a/meta-fsl-ppc/recipes-kernel/auto-resp/ar_git.bb b/meta-fsl-ppc/recipes-kernel/auto-resp/ar_git.bb deleted file mode 100644 index 52d9f57d..00000000 --- a/meta-fsl-ppc/recipes-kernel/auto-resp/ar_git.bb +++ /dev/null @@ -1,29 +0,0 @@ -SUMMARY = "Auto Response Control Module" -LICENSE = "GPLv2 & BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=b5881ecf398da8a03a3f4c501e29d287" - -inherit module - -SRC_URI = "git://git.freescale.com/ppc/sdk/auto-resp.git;branch=sdk-v1.7.x" -SRCREV = "dbede76fb4020a370baa393f7c53af4c0db8f175" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = "CROSS_COMPILE=${TARGET_PREFIX} SYSROOT=${STAGING_DIR_TARGET}" -export KERNEL_PATH - -INHIBIT_PACKAGE_STRIP = "1" - -do_compile_prepend() { - sed -i -e 's,EXTRA_CFLAGS += -I$(PWD),EXTRA_CFLAGS += -I${S},' ${S}/armodule/source/Makefile -} - -do_install(){ - install -d ${D}/lib/modules/${KERNEL_VERSION} - install -d ${D}${bindir} - install -m 644 ${B}/bin/ar.ko ${D}/lib/modules/${KERNEL_VERSION}/ - cp -f ${S}/bin/ar_* ${D}${bindir}/ -} - -FILES_${PN} += "${bindir}/" - diff --git a/meta-fsl-ppc/recipes-kernel/ceetm/ceetm_git.bb b/meta-fsl-ppc/recipes-kernel/ceetm/ceetm_git.bb deleted file mode 100644 index beaed31e..00000000 --- a/meta-fsl-ppc/recipes-kernel/ceetm/ceetm_git.bb +++ /dev/null @@ -1,30 +0,0 @@ -DESCRIPTION = "CEETM TC QDISC" -LICENSE = "GPLv2 & BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=b5881ecf398da8a03a3f4c501e29d287" - -DEPENDS="virtual/kernel" - -inherit module qoriq_build_64bit_kernel - -SRC_URI = "git://git.freescale.com/ppc/sdk/ceetm.git;nobranch=1" -SRCREV = "ecf55c9ca0cd42a212653e1f99c19cd611e3a008" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = "CROSS_COMPILE=${TARGET_PREFIX} SYSROOT=${STAGING_DIR_TARGET}" -export KERNEL_PATH = "${STAGING_KERNEL_DIR}" - -do_configure[depends] += "virtual/kernel:do_shared_workdir" -do_configure_prepend () { - sed -i 's,$(KERNEL_PATH)/.config,$(KBUILD_OUTPUT)/.config,' ${S}/ceetm_module/Makefile -} - -do_install(){ - mkdir -p ${D}/usr/driver/ceetm - mkdir -p ${D}/${libdir}/tc - cp ${S}/bin/ceetm.ko ${D}/usr/driver/ceetm - cp ${S}/bin/q_ceetm.so ${D}/${libdir}/tc/. -} - -FILES_${PN} += "/usr/driver/ceetm ${libdir}/tc" -INHIBIT_PACKAGE_STRIP = "1" diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-linux_1.7.bb b/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-linux_1.7.bb deleted file mode 100644 index 92ccd717..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-linux_1.7.bb +++ /dev/null @@ -1,12 +0,0 @@ -require cryptodev_${PV}.inc - -SUMMARY = "A /dev/crypto device driver header file" - -do_compile[noexec] = "1" - -# Just install cryptodev.h which is the only header file needed to be exported -do_install() { - install -D ${S}/crypto/cryptodev.h ${D}${includedir}/crypto/cryptodev.h -} - -ALLOW_EMPTY_${PN} = "1" diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-module_1.7.bb b/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-module_1.7.bb deleted file mode 100644 index e6b1f27c..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-module_1.7.bb +++ /dev/null @@ -1,10 +0,0 @@ -require cryptodev_${PV}.inc - -SUMMARY = "A /dev/crypto device driver kernel module" - -inherit module qoriq_build_64bit_kernel - -# Header file provided by a separate package -DEPENDS += "cryptodev-linux" - -EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"' diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-tests_1.7.bb b/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-tests_1.7.bb deleted file mode 100644 index 128ccc99..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-tests_1.7.bb +++ /dev/null @@ -1,17 +0,0 @@ -require cryptodev_${PV}.inc - -SUMMARY = "A test suite for /dev/crypto device driver" -DEPENDS = "openssl" - -EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"' - -do_compile() { - oe_runmake testprogs -} - -do_install() { - oe_runmake install_tests -} - -FILES_${PN}-dbg += "${bindir}/tests_cryptodev/.debug" -FILES_${PN} = "${bindir}/tests_cryptodev/*" diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev_1.7.inc b/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev_1.7.inc deleted file mode 100644 index 6b65f729..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev_1.7.inc +++ /dev/null @@ -1,47 +0,0 @@ -HOMEPAGE = "http://cryptodev-linux.org/" - -RCONFLICTS_${PN} = "ocf-linux" -RREPLACES_${PN} = "ocf-linux" - -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" - -SRC_URI = "http://download.gna.org/cryptodev-linux/cryptodev-linux-${PV}.tar.gz" -SRC_URI[md5sum] = "0b63b3481cf2c90386b35f057481d36b" -SRC_URI[sha256sum] = "41880533b53de4d7b3f054e230f576988dafb8eed7bef5ebcf6422bb2e3a3b25" - -# Upstream hotfixes and yocto specific patches -SRC_URI_append = " \ -file://0001-fix-compilation-against-linux-3.19.patch \ -file://0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch \ -file://0003-Disable-installing-header-file-provided-by-another-p.patch \ -file://0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch \ -" -# SDK patches -SRC_URI_append = " file://0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch \ -file://0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch \ -file://0003-PKC-support-added-in-cryptodev-module.patch \ -file://0004-Compat-versions-of-PKC-IOCTLs.patch \ -file://0005-Asynchronous-interface-changes-in-cryptodev.patch \ -file://0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch \ -file://0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch \ -file://0008-Add-RSA-Key-generation-offloading.patch \ -file://0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch \ -file://0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch \ -file://0011-add-support-for-TLSv1.1-record-offload.patch \ -file://0012-add-support-for-TLSv1.2-record-offload.patch \ -file://0013-clean-up-code-layout.patch \ -file://0014-remove-redundant-data-copy-for-pkc-operations.patch \ -file://0015-fix-pkc-request-deallocation.patch \ -file://0016-add-basic-detection-of-asym-features.patch \ -file://0017-remove-dead-code.patch \ -file://0018-fix-compat-warnings.patch \ -file://0019-fix-size_t-print-format.patch \ -file://0020-fix-uninitialized-variable-compiler-warning.patch \ -" - -# NOTE: remove this patch and all traces of DISTRO_FEATURE c29x_pkc -# if pkc-host does not need customized cryptodev patches anymore -SRC_URI_append = "${@base_contains('DISTRO_FEATURES', 'c29x_pkc', ' file://0001-don-t-advertise-RSA-keygen.patch', '', d)}" - -S = "${WORKDIR}/cryptodev-linux-${PV}" diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch deleted file mode 100644 index 7d957ec1..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch +++ /dev/null @@ -1,52 +0,0 @@ -From c653e3a70499c6bb66b57c1788d2d38ca9b8a07e Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Thu, 29 Aug 2013 16:52:30 +0300 -Subject: [PATCH 01/15] add support for composite TLS10(SHA1,AES) algorithm - offload - -This adds support for composite algorithm offload as a primitive -crypto (cipher + hmac) operation. - -It requires kernel support for tls10(hmac(sha1),cbc(aes)) algorithm -provided either in software or accelerated by hardware such as -Freescale B*, P* and T* platforms. - -Change-Id: Ia1c605da3860e91e681295dfc8df7c09eb4006cf -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/17218 ---- - crypto/cryptodev.h | 1 + - ioctl.c | 5 +++++ - 2 files changed, 6 insertions(+) - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 7fb9c7d..c0e8cd4 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -50,6 +50,7 @@ enum cryptodev_crypto_op_t { - CRYPTO_SHA2_384, - CRYPTO_SHA2_512, - CRYPTO_SHA2_224_HMAC, -+ CRYPTO_TLS10_AES_CBC_HMAC_SHA1, - CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ - }; - -diff --git a/ioctl.c b/ioctl.c -index b23f5fd..a3f8379 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -159,6 +159,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) - stream = 1; - aead = 1; - break; -+ case CRYPTO_TLS10_AES_CBC_HMAC_SHA1: -+ alg_name = "tls10(hmac(sha1),cbc(aes))"; -+ stream = 0; -+ aead = 1; -+ break; - case CRYPTO_NULL: - alg_name = "ecb(cipher_null)"; - stream = 1; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch deleted file mode 100644 index 10d6c8b5..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch +++ /dev/null @@ -1,33 +0,0 @@ -From d30c9c64aca4a7905e1b7eb3e28e1c616191bd34 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Tue, 9 Dec 2014 16:41:25 +0200 -Subject: [PATCH] don't advertise RSA keygen - -Disable RSA keygen operations when they are not available. - -Currently no testing can be done and this patch should be applied -selectively on platforms that have incomplete support for RSA operations -(for example pkc driver on C293) - -Change-Id: Ic8df014623410c3cf4b0b217a246efcea8f2eeef -Signed-off-by: Cristian Stoica ---- - ioctl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ioctl.c b/ioctl.c -index 53dbf64..27dc66e 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -979,7 +979,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMFEAT: - ses = 0; - if (crypto_has_alg("pkc(rsa)", 0, 0)) -- ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_RSA_GENERATE_KEY; -+ ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP ; - if (crypto_has_alg("pkc(dsa)", 0, 0)) - ses |= CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DSA_GENERATE_KEY; - if (crypto_has_alg("pkc(dh)", 0, 0)) --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch deleted file mode 100644 index ab276d2d..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 5054d20d45571cc85339351fde52f872eeb82206 Mon Sep 17 00:00:00 2001 -From: Phil Sutter -Date: Tue, 10 Feb 2015 04:57:05 +0100 -Subject: [PATCH 1/4] fix compilation against linux-3.19 - -Commit f938612dd97d481b8b5bf960c992ae577f081c17 in linux.git removes -get_unused_fd() macro. This patch changes the calling code to use it's -content 'get_unused_fd_flags(0)' instead. Checking for when -get_unused_fd_flags was introduced shows it's been there since 2.6.23 at -least, so probably no need to make this change conditional on the target -kernel version. - -Original patch by Ricardo Ribalda Delgado for Open Embedded, reported by -Oleg Rakhmanov. - -Signed-off-by: Phil Sutter ---- - ioctl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ioctl.c b/ioctl.c -index 5a55a76..b23f5fd 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -546,7 +546,7 @@ static int - clonefd(struct file *filp) - { - int ret; -- ret = get_unused_fd(); -+ ret = get_unused_fd_flags(0); - if (ret >= 0) { - get_file(filp); - fd_install(ret, filp); --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch deleted file mode 100644 index f5ab8b4f..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 47ff1eb9bb4f872c1d731b93d334ee5865bf3439 Mon Sep 17 00:00:00 2001 -From: Denys Dmytriyenko -Date: Sun, 6 Apr 2014 22:16:30 -0400 -Subject: [PATCH] Fix tests Makefile usage of LDLIBS vs. LDFLAGS - -Libraries must come after objects, as link order matters, especially -when using linker flags like -Wl,--as-needed. - -Signed-off-by: Denys Dmytriyenko - -Upstream-Status: Pending ---- - tests/Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/Makefile b/tests/Makefile -index cd202af..67c3c83 100644 ---- a/tests/Makefile -+++ b/tests/Makefile -@@ -39,5 +39,5 @@ testprogs: $(hostprogs) - clean: - rm -f *.o *~ $(hostprogs) - --${comp_progs}: LDFLAGS += -lssl -lcrypto -+${comp_progs}: LDLIBS += -lssl -lcrypto - ${comp_progs}: %: %.o openssl_wrapper.o --- -1.9.1 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch deleted file mode 100644 index 08d92313..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch +++ /dev/null @@ -1,207 +0,0 @@ -From 71b317347179225693c6d41b740d387ae2c25061 Mon Sep 17 00:00:00 2001 -From: Horia Geanta -Date: Wed, 4 Dec 2013 15:43:41 +0200 -Subject: [PATCH 02/15] add support for COMPAT_CIOCAUTHCRYPT ioctl() - -Upstream-status: Pending - -Needed for 64b kernel with 32b user space. - -Change-Id: I44a999a4164e7ae7122dee6ed0716b2f25cadbc1 -Signed-off-by: Horia Geanta -Tested-by: Cristian Stoica ---- - authenc.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - cryptodev_int.h | 40 +++++++++++++++++++++++++++++ - ioctl.c | 16 ++++++++++++ - 3 files changed, 134 insertions(+) - -diff --git a/authenc.c b/authenc.c -index 1bd7377..ef0d3db 100644 ---- a/authenc.c -+++ b/authenc.c -@@ -272,6 +272,84 @@ static int fill_caop_from_kcaop(struct kernel_crypt_auth_op *kcaop, struct fcryp - return 0; - } - -+/* compatibility code for 32bit userlands */ -+#ifdef CONFIG_COMPAT -+ -+static inline void -+compat_to_crypt_auth_op(struct compat_crypt_auth_op *compat, -+ struct crypt_auth_op *caop) -+{ -+ caop->ses = compat->ses; -+ caop->op = compat->op; -+ caop->flags = compat->flags; -+ caop->len = compat->len; -+ caop->auth_len = compat->auth_len; -+ caop->tag_len = compat->tag_len; -+ caop->iv_len = compat->iv_len; -+ -+ caop->auth_src = compat_ptr(compat->auth_src); -+ caop->src = compat_ptr(compat->src); -+ caop->dst = compat_ptr(compat->dst); -+ caop->tag = compat_ptr(compat->tag); -+ caop->iv = compat_ptr(compat->iv); -+} -+ -+static inline void -+crypt_auth_op_to_compat(struct crypt_auth_op *caop, -+ struct compat_crypt_auth_op *compat) -+{ -+ compat->ses = caop->ses; -+ compat->op = caop->op; -+ compat->flags = caop->flags; -+ compat->len = caop->len; -+ compat->auth_len = caop->auth_len; -+ compat->tag_len = caop->tag_len; -+ compat->iv_len = caop->iv_len; -+ -+ compat->auth_src = ptr_to_compat(caop->auth_src); -+ compat->src = ptr_to_compat(caop->src); -+ compat->dst = ptr_to_compat(caop->dst); -+ compat->tag = ptr_to_compat(caop->tag); -+ compat->iv = ptr_to_compat(caop->iv); -+} -+ -+int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop, -+ struct fcrypt *fcr, void __user *arg) -+{ -+ struct compat_crypt_auth_op compat_caop; -+ -+ if (unlikely(copy_from_user(&compat_caop, arg, sizeof(compat_caop)))) { -+ dprintk(1, KERN_ERR, "Error in copying from userspace\n"); -+ return -EFAULT; -+ } -+ -+ compat_to_crypt_auth_op(&compat_caop, &kcaop->caop); -+ -+ return fill_kcaop_from_caop(kcaop, fcr); -+} -+ -+int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop, -+ struct fcrypt *fcr, void __user *arg) -+{ -+ int ret; -+ struct compat_crypt_auth_op compat_caop; -+ -+ ret = fill_caop_from_kcaop(kcaop, fcr); -+ if (unlikely(ret)) { -+ dprintk(1, KERN_ERR, "fill_caop_from_kcaop\n"); -+ return ret; -+ } -+ -+ crypt_auth_op_to_compat(&kcaop->caop, &compat_caop); -+ -+ if (unlikely(copy_to_user(arg, &compat_caop, sizeof(compat_caop)))) { -+ dprintk(1, KERN_ERR, "Error in copying to userspace\n"); -+ return -EFAULT; -+ } -+ return 0; -+} -+ -+#endif /* CONFIG_COMPAT */ - - int kcaop_from_user(struct kernel_crypt_auth_op *kcaop, - struct fcrypt *fcr, void __user *arg) -diff --git a/cryptodev_int.h b/cryptodev_int.h -index d7660fa..8e687e7 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -73,11 +73,42 @@ struct compat_crypt_op { - compat_uptr_t iv;/* initialization vector for encryption operations */ - }; - -+ /* input of CIOCAUTHCRYPT */ -+struct compat_crypt_auth_op { -+ uint32_t ses; /* session identifier */ -+ uint16_t op; /* COP_ENCRYPT or COP_DECRYPT */ -+ uint16_t flags; /* see COP_FLAG_AEAD_* */ -+ uint32_t len; /* length of source data */ -+ uint32_t auth_len; /* length of auth data */ -+ compat_uptr_t auth_src; /* authenticated-only data */ -+ -+ /* The current implementation is more efficient if data are -+ * encrypted in-place (src==dst). */ -+ compat_uptr_t src; /* data to be encrypted and -+ authenticated */ -+ compat_uptr_t dst; /* pointer to output data. Must have -+ * space for tag. For TLS this should be -+ * at least len + tag_size + block_size -+ * for padding */ -+ -+ compat_uptr_t tag; /* where the tag will be copied to. TLS -+ * mode doesn't use that as tag is -+ * copied to dst. -+ * SRTP mode copies tag there. */ -+ uint32_t tag_len; /* the length of the tag. Use zero for -+ * digest size or max tag. */ -+ -+ /* initialization vector for encryption operations */ -+ compat_uptr_t iv; -+ uint32_t iv_len; -+}; -+ - /* compat ioctls, defined for the above structs */ - #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) - #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) - #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) - #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) -+#define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) - - #endif /* CONFIG_COMPAT */ - -@@ -108,6 +139,15 @@ struct kernel_crypt_auth_op { - - /* auth */ - -+#ifdef CONFIG_COMPAT -+int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop, -+ struct fcrypt *fcr, void __user *arg); -+ -+int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop, -+ struct fcrypt *fcr, void __user *arg); -+#endif /* CONFIG_COMPAT */ -+ -+ - int kcaop_from_user(struct kernel_crypt_auth_op *kcop, - struct fcrypt *fcr, void __user *arg); - int kcaop_to_user(struct kernel_crypt_auth_op *kcaop, -diff --git a/ioctl.c b/ioctl.c -index a3f8379..5a44807 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -998,6 +998,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - struct session_op sop; - struct compat_session_op compat_sop; - struct kernel_crypt_op kcop; -+ struct kernel_crypt_auth_op kcaop; - int ret; - - if (unlikely(!pcr)) -@@ -1040,6 +1041,21 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - return ret; - - return compat_kcop_to_user(&kcop, fcr, arg); -+ -+ case COMPAT_CIOCAUTHCRYPT: -+ if (unlikely(ret = compat_kcaop_from_user(&kcaop, fcr, arg))) { -+ dprintk(1, KERN_WARNING, "Error copying from user\n"); -+ return ret; -+ } -+ -+ ret = crypto_auth_run(fcr, &kcaop); -+ if (unlikely(ret)) { -+ dprintk(1, KERN_WARNING, "Error in crypto_auth_run\n"); -+ return ret; -+ } -+ -+ return compat_kcaop_to_user(&kcaop, fcr, arg); -+ - #ifdef ENABLE_ASYNC - case COMPAT_CIOCASYNCCRYPT: - if (unlikely(ret = compat_kcop_from_user(&kcop, fcr, arg))) --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch deleted file mode 100644 index 68c48e0c..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch +++ /dev/null @@ -1,28 +0,0 @@ -From da730106c2558c8e0c8e1b1b1812d32ef9574ab7 Mon Sep 17 00:00:00 2001 -From: Phil Sutter -Date: Sat, 11 Apr 2015 12:45:05 +0200 -Subject: [PATCH 2/4] tests/Makefile: fix arg passing to CC in implicit rule - -GCC docs suggest passing -lfoo after object files referring to functions -in libfoo. Therefore use LDLIBS to specify libraries, which puts them at -the right place when make calls CC implicitly. - -Signed-off-by: Phil Sutter ---- - tests/Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/Makefile b/tests/Makefile -index c9f04e8..20c52ba 100644 ---- a/tests/Makefile -+++ b/tests/Makefile -@@ -31,5 +31,5 @@ check: $(hostprogs) - clean: - rm -f *.o *~ $(hostprogs) - --${comp_progs}: LDFLAGS += -lssl -lcrypto -+${comp_progs}: LDLIBS += -lssl -lcrypto - ${comp_progs}: %: %.o openssl_wrapper.o --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch deleted file mode 100644 index e384950c..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch +++ /dev/null @@ -1,29 +0,0 @@ -From c618f882c283511dd4f7547113a1117c4785f56f Mon Sep 17 00:00:00 2001 -From: Denys Dmytriyenko -Date: Sun, 6 Apr 2014 19:51:39 -0400 -Subject: [PATCH 3/4] Disable installing header file provided by another - package - -Signed-off-by: Denys Dmytriyenko - -Upstream-Status: Inappropriate [ OE specific ] ---- - Makefile | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/Makefile b/Makefile -index 31c4b3f..855bb54 100644 ---- a/Makefile -+++ b/Makefile -@@ -31,8 +31,6 @@ install: modules_install - - modules_install: - make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install -- @echo "Installing cryptodev.h in $(PREFIX)/usr/include/crypto ..." -- @install -D crypto/cryptodev.h $(PREFIX)/usr/include/crypto/cryptodev.h - - clean: - make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch deleted file mode 100644 index 46f24320..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch +++ /dev/null @@ -1,898 +0,0 @@ -From fc9ee6ed33c76372de6e3748d2e951fa10f7c47e Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Fri, 7 Mar 2014 06:16:09 +0545 -Subject: [PATCH 03/15] PKC support added in cryptodev module - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - cryptlib.c | 66 +++++++++- - cryptlib.h | 28 ++++ - crypto/cryptodev.h | 15 ++- - cryptodev_int.h | 20 ++- - ioctl.c | 196 +++++++++++++++++++++++++-- - main.c | 378 +++++++++++++++++++++++++++++++++++++++++++++++++++++ - 6 files changed, 685 insertions(+), 18 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 44ce763..6900028 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -5,6 +5,8 @@ - * Portions Copyright (c) 2010 Michael Weiser - * Portions Copyright (c) 2010 Phil Sutter - * -+ * Copyright 2012 Freescale Semiconductor, Inc. -+ * - * This file is part of linux cryptodev. - * - * This program is free software; you can redistribute it and/or -@@ -39,11 +41,6 @@ - #include "cryptodev_int.h" - - --struct cryptodev_result { -- struct completion completion; -- int err; --}; -- - static void cryptodev_complete(struct crypto_async_request *req, int err) - { - struct cryptodev_result *res = req->data; -@@ -259,7 +256,6 @@ static inline int waitfor(struct cryptodev_result *cr, ssize_t ret) - case 0: - break; - case -EINPROGRESS: -- case -EBUSY: - wait_for_completion(&cr->completion); - /* At this point we known for sure the request has finished, - * because wait_for_completion above was not interruptible. -@@ -439,3 +435,61 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) - return waitfor(hdata->async.result, ret); - } - -+int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) -+{ -+ int ret = 0; -+ struct pkc_request *pkc_req = &pkc->req, *pkc_requested; -+ -+ switch (pkc_req->type) { -+ case RSA_PUB: -+ case RSA_PRIV_FORM1: -+ case RSA_PRIV_FORM2: -+ case RSA_PRIV_FORM3: -+ pkc->s = crypto_alloc_pkc("pkc(rsa)", -+ CRYPTO_ALG_TYPE_PKC_RSA, 0); -+ break; -+ case DSA_SIGN: -+ case DSA_VERIFY: -+ case ECDSA_SIGN: -+ case ECDSA_VERIFY: -+ pkc->s = crypto_alloc_pkc("pkc(dsa)", -+ CRYPTO_ALG_TYPE_PKC_DSA, 0); -+ break; -+ case DH_COMPUTE_KEY: -+ case ECDH_COMPUTE_KEY: -+ pkc->s = crypto_alloc_pkc("pkc(dh)", -+ CRYPTO_ALG_TYPE_PKC_DH, 0); -+ break; -+ default: -+ return -EINVAL; -+ } -+ -+ if (IS_ERR_OR_NULL(pkc->s)) -+ return -EINVAL; -+ -+ init_completion(&pkc->result.completion); -+ pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL); -+ -+ if (unlikely(IS_ERR_OR_NULL(pkc_requested))) { -+ ret = -ENOMEM; -+ goto error; -+ } -+ pkc_requested->type = pkc_req->type; -+ pkc_requested->curve_type = pkc_req->curve_type; -+ memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u)); -+ pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG, -+ cryptodev_complete_asym, pkc); -+ ret = crypto_pkc_op(pkc_requested); -+ if (ret != -EINPROGRESS && ret != 0) -+ goto error2; -+ -+ if (pkc->type == SYNCHRONOUS) -+ ret = waitfor(&pkc->result, ret); -+ -+ return ret; -+error2: -+ kfree(pkc_requested); -+error: -+ crypto_free_pkc(pkc->s); -+ return ret; -+} -diff --git a/cryptlib.h b/cryptlib.h -index a0a8a63..56d325a 100644 ---- a/cryptlib.h -+++ b/cryptlib.h -@@ -1,3 +1,6 @@ -+/* -+ * Copyright 2012 Freescale Semiconductor, Inc. -+ */ - #ifndef CRYPTLIB_H - # define CRYPTLIB_H - -@@ -89,5 +92,30 @@ void cryptodev_hash_deinit(struct hash_data *hdata); - int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, - int hmac_mode, void *mackey, size_t mackeylen); - -+/* Operation Type */ -+enum offload_type { -+ SYNCHRONOUS, -+ ASYNCHRONOUS -+}; -+ -+struct cryptodev_result { -+ struct completion completion; -+ int err; -+}; -+ -+struct cryptodev_pkc { -+ struct list_head list; /* To maintain the Jobs in completed -+ cryptodev lists */ -+ struct kernel_crypt_kop kop; -+ struct crypto_pkc *s; /* Transform pointer from CryptoAPI */ -+ struct cryptodev_result result; /* Result to be updated by -+ completion handler */ -+ struct pkc_request req; /* PKC request structure allocated -+ from CryptoAPI */ -+ enum offload_type type; /* Synchronous Vs Asynchronous request */ -+ void *cookie; /*Additional opaque cookie to be used in future */ -+ struct crypt_priv *priv; -+}; - -+int cryptodev_pkc_offload(struct cryptodev_pkc *); - #endif -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index c0e8cd4..96675fe 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -1,6 +1,10 @@ --/* This is a source compatible implementation with the original API of -+/* -+ * Copyright 2012 Freescale Semiconductor, Inc. -+ * -+ * This is a source compatible implementation with the original API of - * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h. -- * Placed under public domain */ -+ * Placed under public domain -+ */ - - #ifndef L_CRYPTODEV_H - #define L_CRYPTODEV_H -@@ -245,6 +249,9 @@ struct crypt_kop { - __u16 crk_oparams; - __u32 crk_pad1; - struct crparam crk_param[CRK_MAXPARAM]; -+ enum curve_t curve_type; /* 0 == Discrete Log, -+ 1 = EC_PRIME, 2 = EC_BINARY */ -+ void *cookie; - }; - - enum cryptodev_crk_op_t { -@@ -289,5 +296,7 @@ enum cryptodev_crk_op_t { - */ - #define CIOCASYNCCRYPT _IOW('c', 110, struct crypt_op) - #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) -- -+/* additional ioctls for asynchronous operation for asymmetric ciphers*/ -+#define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop) -+#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop) - #endif /* L_CRYPTODEV_H */ -diff --git a/cryptodev_int.h b/cryptodev_int.h -index 8e687e7..fdbcc61 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -1,4 +1,6 @@ --/* cipher stuff */ -+/* cipher stuff -+ * Copyright 2012 Freescale Semiconductor, Inc. -+ */ - #ifndef CRYPTODEV_INT_H - # define CRYPTODEV_INT_H - -@@ -112,6 +114,14 @@ struct compat_crypt_auth_op { - - #endif /* CONFIG_COMPAT */ - -+/* kernel-internal extension to struct crypt_kop */ -+struct kernel_crypt_kop { -+ struct crypt_kop kop; -+ -+ struct task_struct *task; -+ struct mm_struct *mm; -+}; -+ - /* kernel-internal extension to struct crypt_op */ - struct kernel_crypt_op { - struct crypt_op cop; -@@ -157,6 +167,14 @@ int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop); - - #include - -+/* Cryptodev Key operation handler */ -+int crypto_bn_modexp(struct cryptodev_pkc *); -+int crypto_modexp_crt(struct cryptodev_pkc *); -+int crypto_kop_dsasign(struct cryptodev_pkc *); -+int crypto_kop_dsaverify(struct cryptodev_pkc *); -+int crypto_run_asym(struct cryptodev_pkc *); -+void cryptodev_complete_asym(struct crypto_async_request *, int); -+ - /* other internal structs */ - struct csession { - struct list_head entry; -diff --git a/ioctl.c b/ioctl.c -index 5a44807..69980e3 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -4,6 +4,7 @@ - * Copyright (c) 2004 Michal Ludvig , SuSE Labs - * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos - * Copyright (c) 2010 Phil Sutter -+ * Copyright 2012 Freescale Semiconductor, Inc. - * - * This file is part of linux cryptodev. - * -@@ -89,8 +90,37 @@ struct crypt_priv { - int itemcount; - struct work_struct cryptask; - wait_queue_head_t user_waiter; -+ /* List of pending cryptodev_pkc asym requests */ -+ struct list_head asym_completed_list; -+ /* For addition/removal of entry in pending list of asymmetric request*/ -+ spinlock_t completion_lock; - }; - -+/* Asymmetric request Completion handler */ -+void cryptodev_complete_asym(struct crypto_async_request *req, int err) -+{ -+ struct cryptodev_pkc *pkc = req->data; -+ struct cryptodev_result *res = &pkc->result; -+ -+ crypto_free_pkc(pkc->s); -+ res->err = err; -+ if (pkc->type == SYNCHRONOUS) { -+ if (err == -EINPROGRESS) -+ return; -+ complete(&res->completion); -+ } else { -+ struct crypt_priv *pcr = pkc->priv; -+ unsigned long flags; -+ spin_lock_irqsave(&pcr->completion_lock, flags); -+ list_add_tail(&pkc->list, &pcr->asym_completed_list); -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ /* wake for POLLIN */ -+ wake_up_interruptible(&pcr->user_waiter); -+ } -+ -+ kfree(req); -+} -+ - #define FILL_SG(sg, ptr, len) \ - do { \ - (sg)->page = virt_to_page(ptr); \ -@@ -472,7 +502,8 @@ cryptodev_open(struct inode *inode, struct file *filp) - INIT_LIST_HEAD(&pcr->free.list); - INIT_LIST_HEAD(&pcr->todo.list); - INIT_LIST_HEAD(&pcr->done.list); -- -+ INIT_LIST_HEAD(&pcr->asym_completed_list); -+ spin_lock_init(&pcr->completion_lock); - INIT_WORK(&pcr->cryptask, cryptask_routine); - - init_waitqueue_head(&pcr->user_waiter); -@@ -639,6 +670,79 @@ static int crypto_async_fetch(struct crypt_priv *pcr, - } - #endif - -+/* get the first asym cipher completed job from the "done" queue -+ * -+ * returns: -+ * -EBUSY if no completed jobs are ready (yet) -+ * the return value otherwise */ -+static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) -+{ -+ int ret = 0; -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *ckop = &kop->kop; -+ struct pkc_request *pkc_req = &pkc->req; -+ -+ switch (ckop->crk_op) { -+ case CRK_MOD_EXP: -+ { -+ struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; -+ copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, -+ rsa_req->g_len); -+ } -+ break; -+ case CRK_MOD_EXP_CRT: -+ { -+ struct rsa_priv_frm3_req_s *rsa_req = -+ &pkc_req->req_u.rsa_priv_f3; -+ copy_to_user(ckop->crk_param[6].crp_p, -+ rsa_req->f, rsa_req->f_len); -+ } -+ break; -+ case CRK_DSA_SIGN: -+ { -+ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; -+ -+ if (pkc_req->type == ECDSA_SIGN) { -+ copy_to_user(ckop->crk_param[6].crp_p, -+ dsa_req->c, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[7].crp_p, -+ dsa_req->d, dsa_req->d_len); -+ } else { -+ copy_to_user(ckop->crk_param[5].crp_p, -+ dsa_req->c, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[6].crp_p, -+ dsa_req->d, dsa_req->d_len); -+ } -+ } -+ break; -+ case CRK_DSA_VERIFY: -+ break; -+ case CRK_DH_COMPUTE_KEY: -+ { -+ struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; -+ if (pkc_req->type == ECDH_COMPUTE_KEY) -+ copy_to_user(ckop->crk_param[4].crp_p, -+ dh_req->z, dh_req->z_len); -+ else -+ copy_to_user(ckop->crk_param[3].crp_p, -+ dh_req->z, dh_req->z_len); -+ } -+ break; -+ default: -+ ret = -EINVAL; -+ } -+ kfree(pkc->cookie); -+ return ret; -+} -+ -+/* this function has to be called from process context */ -+static int fill_kop_from_cop(struct kernel_crypt_kop *kop) -+{ -+ kop->task = current; -+ kop->mm = current->mm; -+ return 0; -+} -+ - /* this function has to be called from process context */ - static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) - { -@@ -662,11 +766,8 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) - - if (cop->iv) { - rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen); -- if (unlikely(rc)) { -- derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p", -- kcop->ivlen, rc, cop->iv); -+ if (unlikely(rc)) - return -EFAULT; -- } - } - - return 0; -@@ -692,6 +793,25 @@ static int fill_cop_from_kcop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) - return 0; - } - -+static int kop_from_user(struct kernel_crypt_kop *kop, -+ void __user *arg) -+{ -+ if (unlikely(copy_from_user(&kop->kop, arg, sizeof(kop->kop)))) -+ return -EFAULT; -+ -+ return fill_kop_from_cop(kop); -+} -+ -+static int kop_to_user(struct kernel_crypt_kop *kop, -+ void __user *arg) -+{ -+ if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) { -+ dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); -+ return -EFAULT; -+ } -+ return 0; -+} -+ - static int kcop_from_user(struct kernel_crypt_op *kcop, - struct fcrypt *fcr, void __user *arg) - { -@@ -821,7 +941,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - - switch (cmd) { - case CIOCASYMFEAT: -- return put_user(0, p); -+ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | -+ CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); -@@ -857,6 +978,24 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - if (unlikely(ret)) - return ret; - return copy_to_user(arg, &siop, sizeof(siop)); -+ case CIOCKEY: -+ { -+ struct cryptodev_pkc *pkc = -+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ -+ if (!pkc) -+ return -ENOMEM; -+ -+ ret = kop_from_user(&pkc->kop, arg); -+ if (unlikely(ret)) { -+ kfree(pkc); -+ return ret; -+ } -+ pkc->type = SYNCHRONOUS; -+ ret = crypto_run_asym(pkc); -+ kfree(pkc); -+ } -+ return ret; - case CIOCCRYPT: - if (unlikely(ret = kcop_from_user(&kcop, fcr, arg))) { - dwarning(1, "Error copying from user"); -@@ -895,6 +1034,45 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - - return kcop_to_user(&kcop, fcr, arg); - #endif -+ case CIOCASYMASYNCRYPT: -+ { -+ struct cryptodev_pkc *pkc = -+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ ret = kop_from_user(&pkc->kop, arg); -+ -+ if (unlikely(ret)) -+ return -EINVAL; -+ -+ /* Store associated FD priv data with asymmetric request */ -+ pkc->priv = pcr; -+ pkc->type = ASYNCHRONOUS; -+ ret = crypto_run_asym(pkc); -+ if (ret == -EINPROGRESS) -+ ret = 0; -+ } -+ return ret; -+ case CIOCASYMASYNFETCH: -+ { -+ struct cryptodev_pkc *pkc; -+ unsigned long flags; -+ -+ spin_lock_irqsave(&pcr->completion_lock, flags); -+ if (list_empty(&pcr->asym_completed_list)) { -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ return -ENOMEM; -+ } -+ pkc = list_first_entry(&pcr->asym_completed_list, -+ struct cryptodev_pkc, list); -+ list_del(&pkc->list); -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ ret = crypto_async_fetch_asym(pkc); -+ -+ /* Reflect the updated request to user-space */ -+ if (!ret) -+ kop_to_user(&pkc->kop, arg); -+ kfree(pkc); -+ } -+ return ret; - default: - return -EINVAL; - } -@@ -1083,9 +1261,11 @@ static unsigned int cryptodev_poll(struct file *file, poll_table *wait) - - poll_wait(file, &pcr->user_waiter, wait); - -- if (!list_empty_careful(&pcr->done.list)) -+ if (!list_empty_careful(&pcr->done.list) || -+ !list_empty_careful(&pcr->asym_completed_list)) - ret |= POLLIN | POLLRDNORM; -- if (!list_empty_careful(&pcr->free.list) || pcr->itemcount < MAX_COP_RINGSIZE) -+ if (!list_empty_careful(&pcr->free.list) || -+ pcr->itemcount < MAX_COP_RINGSIZE) - ret |= POLLOUT | POLLWRNORM; - - return ret; -diff --git a/main.c b/main.c -index 57e5c38..0b7951e 100644 ---- a/main.c -+++ b/main.c -@@ -181,6 +181,384 @@ __crypto_run_zc(struct csession *ses_ptr, struct kernel_crypt_op *kcop) - return ret; - } - -+int crypto_kop_dsasign(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req = &pkc->req; -+ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; -+ int rc, buf_size; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || -+ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 6 && -+ !cop->crk_param[7].crp_nbits)) -+ return -EINVAL; -+ -+ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ dsa_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8; -+ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len + -+ dsa_req->g_len + dsa_req->priv_key_len + dsa_req->d_len + -+ dsa_req->d_len; -+ if (cop->crk_iparams == 6) { -+ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; -+ buf_size += dsa_req->ab_len; -+ pkc_req->type = ECDSA_SIGN; -+ pkc_req->curve_type = cop->curve_type; -+ } else { -+ pkc_req->type = DSA_SIGN; -+ } -+ -+ buf = kzalloc(buf_size, GFP_DMA); -+ -+ dsa_req->q = buf; -+ dsa_req->r = dsa_req->q + dsa_req->q_len; -+ dsa_req->g = dsa_req->r + dsa_req->r_len; -+ dsa_req->priv_key = dsa_req->g + dsa_req->g_len; -+ dsa_req->m = dsa_req->priv_key + dsa_req->priv_key_len; -+ dsa_req->c = dsa_req->m + dsa_req->m_len; -+ dsa_req->d = dsa_req->c + dsa_req->d_len; -+ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); -+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); -+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); -+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); -+ copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p, -+ dsa_req->priv_key_len); -+ if (cop->crk_iparams == 6) { -+ dsa_req->ab = dsa_req->d + dsa_req->d_len; -+ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, -+ dsa_req->ab_len); -+ } -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ if (cop->crk_iparams == 6) { -+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->c, -+ dsa_req->d_len); -+ copy_to_user(cop->crk_param[7].crp_p, dsa_req->d, -+ dsa_req->d_len); -+ } else { -+ copy_to_user(cop->crk_param[5].crp_p, dsa_req->c, -+ dsa_req->d_len); -+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->d, -+ dsa_req->d_len); -+ } -+ } else { -+ if (rc != -EINPROGRESS && rc != 0) -+ goto err; -+ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct dsa_verify_req_s *dsa_req; -+ int rc, buf_size; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || -+ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 8 && -+ !cop->crk_param[7].crp_nbits)) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ dsa_req = &pkc_req->req_u.dsa_verify; -+ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ dsa_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8; -+ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len + -+ dsa_req->g_len + dsa_req->pub_key_len + dsa_req->d_len + -+ dsa_req->d_len; -+ if (cop->crk_iparams == 8) { -+ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; -+ buf_size += dsa_req->ab_len; -+ pkc_req->type = ECDSA_VERIFY; -+ pkc_req->curve_type = cop->curve_type; -+ } else { -+ pkc_req->type = DSA_VERIFY; -+ } -+ -+ buf = kzalloc(buf_size, GFP_DMA); -+ -+ dsa_req->q = buf; -+ dsa_req->r = dsa_req->q + dsa_req->q_len; -+ dsa_req->g = dsa_req->r + dsa_req->r_len; -+ dsa_req->pub_key = dsa_req->g + dsa_req->g_len; -+ dsa_req->m = dsa_req->pub_key + dsa_req->pub_key_len; -+ dsa_req->c = dsa_req->m + dsa_req->m_len; -+ dsa_req->d = dsa_req->c + dsa_req->d_len; -+ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); -+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); -+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); -+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); -+ copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p, -+ dsa_req->pub_key_len); -+ if (cop->crk_iparams == 8) { -+ dsa_req->ab = dsa_req->d + dsa_req->d_len; -+ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, -+ dsa_req->ab_len); -+ copy_from_user(dsa_req->c, cop->crk_param[6].crp_p, -+ dsa_req->d_len); -+ copy_from_user(dsa_req->d, cop->crk_param[7].crp_p, -+ dsa_req->d_len); -+ } else { -+ copy_from_user(dsa_req->c, cop->crk_param[5].crp_p, -+ dsa_req->d_len); -+ copy_from_user(dsa_req->d, cop->crk_param[6].crp_p, -+ dsa_req->d_len); -+ } -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ } else { -+ if (rc != -EINPROGRESS && !rc) -+ goto err; -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_kop_dh_key(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct dh_key_req_s *dh_req; -+ int buf_size; -+ uint8_t *buf; -+ int rc = -EINVAL; -+ -+ pkc_req = &pkc->req; -+ dh_req = &pkc_req->req_u.dh_req; -+ dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len; -+ if (cop->crk_iparams == 4) { -+ pkc_req->type = ECDH_COMPUTE_KEY; -+ dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ buf_size += dh_req->ab_len; -+ } else { -+ dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ pkc_req->type = DH_COMPUTE_KEY; -+ } -+ buf_size += dh_req->z_len; -+ buf = kzalloc(buf_size, GFP_DMA); -+ dh_req->q = buf; -+ dh_req->s = dh_req->q + dh_req->q_len; -+ dh_req->pub_key = dh_req->s + dh_req->s_len; -+ dh_req->z = dh_req->pub_key + dh_req->pub_key_len; -+ if (cop->crk_iparams == 4) { -+ dh_req->ab = dh_req->z + dh_req->z_len; -+ pkc_req->curve_type = cop->curve_type; -+ copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, -+ dh_req->ab_len); -+ } -+ copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len); -+ copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p, -+ dh_req->pub_key_len); -+ copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len); -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ if (cop->crk_iparams == 4) -+ copy_to_user(cop->crk_param[4].crp_p, dh_req->z, -+ dh_req->z_len); -+ else -+ copy_to_user(cop->crk_param[3].crp_p, dh_req->z, -+ dh_req->z_len); -+ } else { -+ if (rc != -EINPROGRESS && rc != 0) -+ goto err; -+ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_modexp_crt(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct rsa_priv_frm3_req_s *rsa_req; -+ int rc; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ pkc_req->type = RSA_PRIV_FORM3; -+ rsa_req = &pkc_req->req_u.rsa_priv_f3; -+ rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ rsa_req->dp_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8; -+ rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8; -+ buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + -+ rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len + -+ rsa_req->g_len, GFP_DMA); -+ rsa_req->p = buf; -+ rsa_req->q = rsa_req->p + rsa_req->p_len; -+ rsa_req->g = rsa_req->q + rsa_req->q_len; -+ rsa_req->dp = rsa_req->g + rsa_req->g_len; -+ rsa_req->dq = rsa_req->dp + rsa_req->dp_len; -+ rsa_req->c = rsa_req->dq + rsa_req->dq_len; -+ rsa_req->f = rsa_req->c + rsa_req->c_len; -+ copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len); -+ copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len); -+ copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len); -+ copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len); -+ copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len); -+ copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len); -+ rc = cryptodev_pkc_offload(pkc); -+ -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ copy_to_user(cop->crk_param[6].crp_p, rsa_req->f, -+ rsa_req->f_len); -+ } else { -+ if (rc != -EINPROGRESS && rc != 0) -+ goto err; -+ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_bn_modexp(struct cryptodev_pkc *pkc) -+{ -+ struct pkc_request *pkc_req; -+ struct rsa_pub_req_s *rsa_req; -+ int rc; -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ pkc_req->type = RSA_PUB; -+ rsa_req = &pkc_req->req_u.rsa_pub_req; -+ rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len -+ + rsa_req->g_len, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; -+ -+ rsa_req->e = buf; -+ rsa_req->f = rsa_req->e + rsa_req->e_len; -+ rsa_req->g = rsa_req->f + rsa_req->f_len; -+ rsa_req->n = rsa_req->g + rsa_req->g_len; -+ copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len); -+ copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len); -+ copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len); -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ -+ copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, -+ rsa_req->g_len); -+ } else { -+ if (rc != -EINPROGRESS && rc != 0) -+ goto err; -+ -+ /* This one will be freed later in fetch handler */ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_run_asym(struct cryptodev_pkc *pkc) -+{ -+ int ret = -EINVAL; -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ -+ switch (kop->kop.crk_op) { -+ case CRK_MOD_EXP: -+ if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1) -+ goto err; -+ -+ ret = crypto_bn_modexp(pkc); -+ break; -+ case CRK_MOD_EXP_CRT: -+ if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1) -+ goto err; -+ -+ ret = crypto_modexp_crt(pkc); -+ break; -+ case CRK_DSA_SIGN: -+ if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) || -+ kop->kop.crk_oparams != 2) -+ goto err; -+ -+ ret = crypto_kop_dsasign(pkc); -+ break; -+ case CRK_DSA_VERIFY: -+ if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) || -+ kop->kop.crk_oparams != 0) -+ goto err; -+ -+ ret = crypto_kop_dsaverify(pkc); -+ break; -+ case CRK_DH_COMPUTE_KEY: -+ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) || -+ kop->kop.crk_oparams != 1) -+ goto err; -+ ret = crypto_kop_dh_key(pkc); -+ break; -+ } -+err: -+ return ret; -+} -+ - int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop) - { - struct csession *ses_ptr; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch deleted file mode 100644 index 25a52a9c..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 188f30f6233d05eb62b58bf6d94a16bcbeeae0ee Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Mon, 27 Apr 2015 15:26:14 +0300 -Subject: [PATCH 4/4] Add the compile and install rules for cryptodev tests - -Change-Id: Ica10dc563c77220dcf0e0993515230df8a86c34d -Signed-off-by: Yu Zongchun ---- - Makefile | 6 ++++++ - tests/Makefile | 8 ++++++++ - 2 files changed, 14 insertions(+) - -diff --git a/Makefile b/Makefile -index 855bb54..5497037 100644 ---- a/Makefile -+++ b/Makefile -@@ -32,6 +32,9 @@ install: modules_install - modules_install: - make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install - -+install_tests: -+ make -C tests install DESTDIR=$(PREFIX) -+ - clean: - make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean - rm -f $(hostprogs) *~ -@@ -40,6 +43,9 @@ clean: - check: - CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) make -C tests check - -+testprogs: -+ KERNEL_DIR=$(KERNEL_DIR) make -C tests testprogs -+ - CPOPTS = - ifneq (${SHOW_TYPES},) - CPOPTS += --show-types -diff --git a/tests/Makefile b/tests/Makefile -index 20c52ba..67c3c83 100644 ---- a/tests/Makefile -+++ b/tests/Makefile -@@ -19,6 +19,12 @@ example-async-hmac-objs := async_hmac.o - example-async-speed-objs := async_speed.o - example-hashcrypt-speed-objs := hashcrypt_speed.c - -+install: -+ install -d $(DESTDIR)/usr/bin/tests_cryptodev -+ for bin in $(hostprogs); do \ -+ install -m 755 $${bin} $(DESTDIR)/usr/bin/tests_cryptodev/; \ -+ done -+ - check: $(hostprogs) - ./cipher - ./hmac -@@ -28,6 +34,8 @@ check: $(hostprogs) - ./cipher-gcm - ./cipher-aead - -+testprogs: $(hostprogs) -+ - clean: - rm -f *.o *~ $(hostprogs) - --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch deleted file mode 100644 index 2f35768b..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch +++ /dev/null @@ -1,200 +0,0 @@ -From b109fbdb64de6be0dc2f0d2ef108cead34652495 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Fri, 7 Mar 2014 06:52:13 +0545 -Subject: [PATCH 04/15] Compat versions of PKC IOCTLs - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - cryptodev_int.h | 20 ++++++++++ - ioctl.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 140 insertions(+) - -diff --git a/cryptodev_int.h b/cryptodev_int.h -index fdbcc61..cf54dac 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -75,6 +75,24 @@ struct compat_crypt_op { - compat_uptr_t iv;/* initialization vector for encryption operations */ - }; - -+/* input of CIOCKEY */ -+struct compat_crparam { -+ compat_uptr_t crp_p; -+ uint32_t crp_nbits; -+}; -+ -+struct compat_crypt_kop { -+ uint32_t crk_op; /* cryptodev_crk_ot_t */ -+ uint32_t crk_status; -+ uint16_t crk_iparams; -+ uint16_t crk_oparams; -+ uint32_t crk_pad1; -+ struct compat_crparam crk_param[CRK_MAXPARAM]; -+ enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, -+ 2 = EC_BINARY */ -+ compat_uptr_t cookie; -+}; -+ - /* input of CIOCAUTHCRYPT */ - struct compat_crypt_auth_op { - uint32_t ses; /* session identifier */ -@@ -111,6 +129,8 @@ struct compat_crypt_auth_op { - #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) - #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) - #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) -+#define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop) -+#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop) - - #endif /* CONFIG_COMPAT */ - -diff --git a/ioctl.c b/ioctl.c -index 69980e3..9431025 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -1081,6 +1081,68 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - /* compatibility code for 32bit userlands */ - #ifdef CONFIG_COMPAT - -+static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat, -+ struct crypt_kop *kop) -+{ -+ int i; -+ kop->crk_op = compat->crk_op; -+ kop->crk_status = compat->crk_status; -+ kop->crk_iparams = compat->crk_iparams; -+ kop->crk_oparams = compat->crk_oparams; -+ -+ for (i = 0; i < CRK_MAXPARAM; i++) { -+ kop->crk_param[i].crp_p = -+ compat_ptr(compat->crk_param[i].crp_p); -+ kop->crk_param[i].crp_nbits = compat->crk_param[i].crp_nbits; -+ } -+ -+ kop->curve_type = compat->curve_type; -+ kop->cookie = compat->cookie; -+} -+ -+static int compat_kop_from_user(struct kernel_crypt_kop *kop, -+ void __user *arg) -+{ -+ struct compat_crypt_kop compat_kop; -+ -+ if (unlikely(copy_from_user(&compat_kop, arg, sizeof(compat_kop)))) -+ return -EFAULT; -+ -+ compat_to_crypt_kop(&compat_kop, &kop->kop); -+ return fill_kop_from_cop(kop); -+} -+ -+static inline void crypt_kop_to_compat(struct crypt_kop *kop, -+ struct compat_crypt_kop *compat) -+{ -+ int i; -+ -+ compat->crk_op = kop->crk_op; -+ compat->crk_status = kop->crk_status; -+ compat->crk_iparams = kop->crk_iparams; -+ compat->crk_oparams = kop->crk_oparams; -+ -+ for (i = 0; i < CRK_MAXPARAM; i++) { -+ compat->crk_param[i].crp_p = -+ ptr_to_compat(kop->crk_param[i].crp_p); -+ compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits; -+ } -+ compat->cookie = kop->cookie; -+ compat->curve_type = kop->curve_type; -+} -+ -+static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) -+{ -+ struct compat_crypt_kop compat_kop; -+ -+ crypt_kop_to_compat(&kop->kop, &compat_kop); -+ if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) { -+ dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); -+ return -EFAULT; -+ } -+ return 0; -+} -+ - static inline void - compat_to_session_op(struct compat_session_op *compat, struct session_op *sop) - { -@@ -1208,7 +1270,26 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - return -EFAULT; - } - return ret; -+ case COMPAT_CIOCKEY: -+ { -+ struct cryptodev_pkc *pkc = -+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ -+ if (!pkc) -+ return -ENOMEM; -+ -+ ret = compat_kop_from_user(&pkc->kop, arg); -+ -+ if (unlikely(ret)) { -+ kfree(pkc); -+ return ret; -+ } - -+ pkc->type = SYNCHRONOUS; -+ ret = crypto_run_asym(pkc); -+ kfree(pkc); -+ } -+ return ret; - case COMPAT_CIOCCRYPT: - ret = compat_kcop_from_user(&kcop, fcr, arg); - if (unlikely(ret)) -@@ -1247,6 +1328,45 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - - return compat_kcop_to_user(&kcop, fcr, arg); - #endif -+ case COMPAT_CIOCASYMASYNCRYPT: -+ { -+ struct cryptodev_pkc *pkc = -+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ -+ ret = compat_kop_from_user(&pkc->kop, arg); -+ if (unlikely(ret)) -+ return -EINVAL; -+ -+ /* Store associated FD priv data with asymmetric request */ -+ pkc->priv = pcr; -+ pkc->type = ASYNCHRONOUS; -+ ret = crypto_run_asym(pkc); -+ if (ret == -EINPROGRESS) -+ ret = 0; -+ } -+ return ret; -+ case COMPAT_CIOCASYMASYNFETCH: -+ { -+ struct cryptodev_pkc *pkc; -+ unsigned long flags; -+ -+ spin_lock_irqsave(&pcr->completion_lock, flags); -+ if (list_empty(&pcr->asym_completed_list)) { -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ return -ENOMEM; -+ } -+ pkc = list_first_entry(&pcr->asym_completed_list, -+ struct cryptodev_pkc, list); -+ list_del(&pkc->list); -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ ret = crypto_async_fetch_asym(pkc); -+ -+ /* Reflect the updated request to user-space */ -+ if (!ret) -+ compat_kop_to_user(&pkc->kop, arg); -+ kfree(pkc); -+ } -+ return ret; - default: - return -EINVAL; - } --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch deleted file mode 100644 index 8827fb0f..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch +++ /dev/null @@ -1,213 +0,0 @@ -From 7594d5375d998eb25241750b623661ff021697d3 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Fri, 7 Mar 2014 07:24:00 +0545 -Subject: [PATCH 05/15] Asynchronous interface changes in cryptodev - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - cryptlib.h | 7 ++++- - crypto/cryptodev.h | 10 ++++++- - cryptodev_int.h | 10 ++++++- - ioctl.c | 76 +++++++++++++++++++++++++++++++++++++----------------- - 4 files changed, 76 insertions(+), 27 deletions(-) - -diff --git a/cryptlib.h b/cryptlib.h -index 56d325a..7ffa54c 100644 ---- a/cryptlib.h -+++ b/cryptlib.h -@@ -113,7 +113,12 @@ struct cryptodev_pkc { - struct pkc_request req; /* PKC request structure allocated - from CryptoAPI */ - enum offload_type type; /* Synchronous Vs Asynchronous request */ -- void *cookie; /*Additional opaque cookie to be used in future */ -+ /* -+ * cookie used for transfering tranparent information from async -+ * submission to async fetch. Currently some dynamic allocated -+ * buffers are maintained which will be freed later during fetch -+ */ -+ void *cookie; - struct crypt_priv *priv; - }; - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 96675fe..4436fbf 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -254,6 +254,14 @@ struct crypt_kop { - void *cookie; - }; - -+#define MAX_COOKIES 4 -+ -+struct pkc_cookie_list_s { -+ int cookie_available; -+ void *cookie[MAX_COOKIES]; -+ int status[MAX_COOKIES]; -+}; -+ - enum cryptodev_crk_op_t { - CRK_MOD_EXP = 0, - CRK_MOD_EXP_CRT = 1, -@@ -298,5 +306,5 @@ enum cryptodev_crk_op_t { - #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) - /* additional ioctls for asynchronous operation for asymmetric ciphers*/ - #define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop) --#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop) -+#define CIOCASYMFETCHCOOKIE _IOR('c', 113, struct pkc_cookie_list_s) - #endif /* L_CRYPTODEV_H */ -diff --git a/cryptodev_int.h b/cryptodev_int.h -index cf54dac..5347cae 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -93,6 +93,12 @@ struct compat_crypt_kop { - compat_uptr_t cookie; - }; - -+struct compat_pkc_cookie_list_s { -+ int cookie_available; -+ compat_uptr_t cookie[MAX_COOKIES]; -+ int status[MAX_COOKIES]; -+}; -+ - /* input of CIOCAUTHCRYPT */ - struct compat_crypt_auth_op { - uint32_t ses; /* session identifier */ -@@ -126,11 +132,13 @@ struct compat_crypt_auth_op { - /* compat ioctls, defined for the above structs */ - #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) - #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) -+#define COMPAT_CIOCKEY _IOW('c', 105, struct compat_crypt_kop) - #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) - #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) - #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) - #define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop) --#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop) -+#define COMPAT_CIOCASYMFETCHCOOKIE _IOR('c', 111, \ -+ struct compat_pkc_cookie_list_s) - - #endif /* CONFIG_COMPAT */ - -diff --git a/ioctl.c b/ioctl.c -index 9431025..e2f407f 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -105,8 +105,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) - crypto_free_pkc(pkc->s); - res->err = err; - if (pkc->type == SYNCHRONOUS) { -- if (err == -EINPROGRESS) -- return; - complete(&res->completion); - } else { - struct crypt_priv *pcr = pkc->priv; -@@ -1051,26 +1049,41 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - ret = 0; - } - return ret; -- case CIOCASYMASYNFETCH: -+ case CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; - unsigned long flags; -+ int i; -+ struct pkc_cookie_list_s cookie_list; - - spin_lock_irqsave(&pcr->completion_lock, flags); -- if (list_empty(&pcr->asym_completed_list)) { -- spin_unlock_irqrestore(&pcr->completion_lock, flags); -- return -ENOMEM; -+ cookie_list.cookie_available = 0; -+ for (i = 0; i < MAX_COOKIES; i++) { -+ if (!list_empty(&pcr->asym_completed_list)) { -+ /* Run a loop in the list for upto elements -+ and copy their response back */ -+ pkc = -+ list_first_entry(&pcr->asym_completed_list, -+ struct cryptodev_pkc, list); -+ list_del(&pkc->list); -+ ret = crypto_async_fetch_asym(pkc); -+ if (!ret) { -+ cookie_list.cookie_available++; -+ cookie_list.cookie[i] = -+ pkc->kop.kop.cookie; -+ cookie_list.status[i] = pkc->result.err; -+ } -+ kfree(pkc); -+ } else { -+ break; -+ } - } -- pkc = list_first_entry(&pcr->asym_completed_list, -- struct cryptodev_pkc, list); -- list_del(&pkc->list); - spin_unlock_irqrestore(&pcr->completion_lock, flags); -- ret = crypto_async_fetch_asym(pkc); - - /* Reflect the updated request to user-space */ -- if (!ret) -- kop_to_user(&pkc->kop, arg); -- kfree(pkc); -+ if (cookie_list.cookie_available) -+ copy_to_user(arg, &cookie_list, -+ sizeof(struct pkc_cookie_list_s)); - } - return ret; - default: -@@ -1345,26 +1358,41 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - ret = 0; - } - return ret; -- case COMPAT_CIOCASYMASYNFETCH: -+ case COMPAT_CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; - unsigned long flags; -+ int i = 0; -+ struct compat_pkc_cookie_list_s cookie_list; - - spin_lock_irqsave(&pcr->completion_lock, flags); -- if (list_empty(&pcr->asym_completed_list)) { -- spin_unlock_irqrestore(&pcr->completion_lock, flags); -- return -ENOMEM; -+ cookie_list.cookie_available = 0; -+ -+ for (i = 0; i < MAX_COOKIES; i++) { -+ if (!list_empty(&pcr->asym_completed_list)) { -+ /* Run a loop in the list for upto elements -+ and copy their response back */ -+ pkc = -+ list_first_entry(&pcr->asym_completed_list, -+ struct cryptodev_pkc, list); -+ list_del(&pkc->list); -+ ret = crypto_async_fetch_asym(pkc); -+ if (!ret) { -+ cookie_list.cookie_available++; -+ cookie_list.cookie[i] = -+ pkc->kop.kop.cookie; -+ } -+ kfree(pkc); -+ } else { -+ break; -+ } - } -- pkc = list_first_entry(&pcr->asym_completed_list, -- struct cryptodev_pkc, list); -- list_del(&pkc->list); - spin_unlock_irqrestore(&pcr->completion_lock, flags); -- ret = crypto_async_fetch_asym(pkc); - - /* Reflect the updated request to user-space */ -- if (!ret) -- compat_kop_to_user(&pkc->kop, arg); -- kfree(pkc); -+ if (cookie_list.cookie_available) -+ copy_to_user(arg, &cookie_list, -+ sizeof(struct compat_pkc_cookie_list_s)); - } - return ret; - default: --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch deleted file mode 100644 index 89cace37..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch +++ /dev/null @@ -1,212 +0,0 @@ -From eccd6277b067cd85094eb057225cc0a983300b9f Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Fri, 7 Mar 2014 07:53:53 +0545 -Subject: [PATCH 06/15] ECC_KEYGEN and DLC_KEYGEN supported in cryptodev module - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - cryptlib.c | 2 ++ - crypto/cryptodev.h | 5 +++- - ioctl.c | 29 +++++++++++++++++-- - main.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ - 4 files changed, 118 insertions(+), 3 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 6900028..47cd568 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -452,6 +452,8 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - case DSA_VERIFY: - case ECDSA_SIGN: - case ECDSA_VERIFY: -+ case DLC_KEYGEN: -+ case ECC_KEYGEN: - pkc->s = crypto_alloc_pkc("pkc(dsa)", - CRYPTO_ALG_TYPE_PKC_DSA, 0); - break; -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 4436fbf..275a55c 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -268,6 +268,8 @@ enum cryptodev_crk_op_t { - CRK_DSA_SIGN = 2, - CRK_DSA_VERIFY = 3, - CRK_DH_COMPUTE_KEY = 4, -+ CRK_DSA_GENERATE_KEY = 5, -+ CRK_DH_GENERATE_KEY = 6, - CRK_ALGORITHM_ALL - }; - -@@ -280,7 +282,8 @@ enum cryptodev_crk_op_t { - #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) - #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) - #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) -- -+#define CRF_DSA_GENERATE_KEY (1 << CRK_DSA_GENERATE_KEY) -+#define CRF_DH_GENERATE_KEY (1 << CRK_DH_GENERATE_KEY) - - /* ioctl's. Compatible with old linux cryptodev.h - */ -diff --git a/ioctl.c b/ioctl.c -index e2f407f..1f0741a 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -726,6 +726,23 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - dh_req->z, dh_req->z_len); - } - break; -+ case CRK_DSA_GENERATE_KEY: -+ case CRK_DH_GENERATE_KEY: -+ { -+ struct keygen_req_s *key_req = &pkc_req->req_u.keygen; -+ -+ if (pkc_req->type == ECC_KEYGEN) { -+ copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, -+ key_req->pub_key_len); -+ copy_to_user(ckop->crk_param[5].crp_p, -+ key_req->priv_key, key_req->priv_key_len); -+ } else { -+ copy_to_user(ckop->crk_param[3].crp_p, -+ key_req->pub_key, key_req->pub_key_len); -+ copy_to_user(ckop->crk_param[4].crp_p, -+ key_req->priv_key, key_req->priv_key_len); -+ } -+ } - default: - ret = -EINVAL; - } -@@ -939,8 +956,9 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - - switch (cmd) { - case CIOCASYMFEAT: -- return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | -- CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p); -+ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | -+ CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | -+ CRF_DSA_GENERATE_KEY, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); -@@ -1084,7 +1102,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - if (cookie_list.cookie_available) - copy_to_user(arg, &cookie_list, - sizeof(struct pkc_cookie_list_s)); -+ else { -+ struct pkc_cookie_list_s *user_ck_list = (void *)arg; -+ -+ put_user(0, &(user_ck_list->cookie_available)); -+ } -+ ret = cookie_list.cookie_available; - } -+ - return ret; - default: - return -EINVAL; -diff --git a/main.c b/main.c -index 0b7951e..c901bc7 100644 ---- a/main.c -+++ b/main.c -@@ -342,6 +342,85 @@ err: - return rc; - } - -+int crypto_kop_keygen(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct keygen_req_s *key_req; -+ int rc, buf_size; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ key_req = &pkc_req->req_u.keygen; -+ key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ if (cop->crk_iparams == 3) { -+ key_req->pub_key_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ buf_size = key_req->q_len + key_req->r_len + key_req->g_len + -+ key_req->pub_key_len + key_req->priv_key_len; -+ pkc_req->type = DLC_KEYGEN; -+ } else { -+ key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ key_req->priv_key_len = (cop->crk_param[5].crp_nbits + 7)/8; -+ buf_size = key_req->q_len + key_req->r_len + key_req->g_len + -+ key_req->pub_key_len + key_req->priv_key_len + -+ key_req->ab_len; -+ pkc_req->type = ECC_KEYGEN; -+ pkc_req->curve_type = cop->curve_type; -+ } -+ -+ buf = kzalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; -+ -+ key_req->q = buf; -+ key_req->r = key_req->q + key_req->q_len; -+ key_req->g = key_req->r + key_req->r_len; -+ key_req->pub_key = key_req->g + key_req->g_len; -+ key_req->priv_key = key_req->pub_key + key_req->pub_key_len; -+ copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); -+ copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); -+ copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); -+ if (cop->crk_iparams == 3) { -+ copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p, -+ key_req->pub_key_len); -+ copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p, -+ key_req->priv_key_len); -+ } else { -+ key_req->ab = key_req->priv_key + key_req->priv_key_len; -+ copy_from_user(key_req->ab, cop->crk_param[3].crp_p, -+ key_req->ab_len); -+ copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p, -+ key_req->pub_key_len); -+ copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p, -+ key_req->priv_key_len); -+ } -+ -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ } else { -+ if (rc != -EINPROGRESS && !rc) -+ goto err; -+ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ - int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; -@@ -554,6 +633,12 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) - goto err; - ret = crypto_kop_dh_key(pkc); - break; -+ case CRK_DH_GENERATE_KEY: -+ case CRK_DSA_GENERATE_KEY: -+ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4)) -+ goto err; -+ ret = crypto_kop_keygen(pkc); -+ break; - } - err: - return ret; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch deleted file mode 100644 index a76aca47..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch +++ /dev/null @@ -1,238 +0,0 @@ -From 78c01e1882def52c72966c0e86913950ec201af9 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Fri, 7 Mar 2014 08:49:15 +0545 -Subject: [PATCH 07/15] RCU stall fixed in PKC asynchronous interface - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta ---- - ioctl.c | 23 +++++++++++------------ - main.c | 43 +++++++++++++++++++++++++++---------------- - 2 files changed, 38 insertions(+), 28 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index 1f0741a..e4e16a8 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -108,10 +108,9 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) - complete(&res->completion); - } else { - struct crypt_priv *pcr = pkc->priv; -- unsigned long flags; -- spin_lock_irqsave(&pcr->completion_lock, flags); -+ spin_lock_bh(&pcr->completion_lock); - list_add_tail(&pkc->list, &pcr->asym_completed_list); -- spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ spin_unlock_bh(&pcr->completion_lock); - /* wake for POLLIN */ - wake_up_interruptible(&pcr->user_waiter); - } -@@ -958,7 +957,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMFEAT: - return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | - CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | -- CRF_DSA_GENERATE_KEY, p); -+ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); -@@ -997,7 +996,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCKEY: - { - struct cryptodev_pkc *pkc = -- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); - - if (!pkc) - return -ENOMEM; -@@ -1053,7 +1052,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMASYNCRYPT: - { - struct cryptodev_pkc *pkc = -- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); - ret = kop_from_user(&pkc->kop, arg); - - if (unlikely(ret)) -@@ -1070,13 +1069,12 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; -- unsigned long flags; - int i; - struct pkc_cookie_list_s cookie_list; - -- spin_lock_irqsave(&pcr->completion_lock, flags); - cookie_list.cookie_available = 0; - for (i = 0; i < MAX_COOKIES; i++) { -+ spin_lock_bh(&pcr->completion_lock); - if (!list_empty(&pcr->asym_completed_list)) { - /* Run a loop in the list for upto elements - and copy their response back */ -@@ -1084,6 +1082,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - list_first_entry(&pcr->asym_completed_list, - struct cryptodev_pkc, list); - list_del(&pkc->list); -+ spin_unlock_bh(&pcr->completion_lock); - ret = crypto_async_fetch_asym(pkc); - if (!ret) { - cookie_list.cookie_available++; -@@ -1093,10 +1092,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - } - kfree(pkc); - } else { -+ spin_unlock_bh(&pcr->completion_lock); - break; - } - } -- spin_unlock_irqrestore(&pcr->completion_lock, flags); - - /* Reflect the updated request to user-space */ - if (cookie_list.cookie_available) -@@ -1386,14 +1385,13 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - case COMPAT_CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; -- unsigned long flags; - int i = 0; - struct compat_pkc_cookie_list_s cookie_list; - -- spin_lock_irqsave(&pcr->completion_lock, flags); - cookie_list.cookie_available = 0; - - for (i = 0; i < MAX_COOKIES; i++) { -+ spin_lock_bh(&pcr->completion_lock); - if (!list_empty(&pcr->asym_completed_list)) { - /* Run a loop in the list for upto elements - and copy their response back */ -@@ -1401,6 +1399,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - list_first_entry(&pcr->asym_completed_list, - struct cryptodev_pkc, list); - list_del(&pkc->list); -+ spin_unlock_bh(&pcr->completion_lock); - ret = crypto_async_fetch_asym(pkc); - if (!ret) { - cookie_list.cookie_available++; -@@ -1409,10 +1408,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - } - kfree(pkc); - } else { -+ spin_unlock_bh(&pcr->completion_lock); - break; - } - } -- spin_unlock_irqrestore(&pcr->completion_lock, flags); - - /* Reflect the updated request to user-space */ - if (cookie_list.cookie_available) -diff --git a/main.c b/main.c -index c901bc7..2747706 100644 ---- a/main.c -+++ b/main.c -@@ -215,7 +215,9 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) - pkc_req->type = DSA_SIGN; - } - -- buf = kzalloc(buf_size, GFP_DMA); -+ buf = kmalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; - - dsa_req->q = buf; - dsa_req->r = dsa_req->q + dsa_req->q_len; -@@ -298,7 +300,9 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) - pkc_req->type = DSA_VERIFY; - } - -- buf = kzalloc(buf_size, GFP_DMA); -+ buf = kmalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; - - dsa_req->q = buf; - dsa_req->r = dsa_req->q + dsa_req->q_len; -@@ -378,7 +382,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - pkc_req->curve_type = cop->curve_type; - } - -- buf = kzalloc(buf_size, GFP_DMA); -+ buf = kmalloc(buf_size, GFP_DMA); - if (!buf) - return -ENOMEM; - -@@ -390,25 +394,28 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); - copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); - copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); -- if (cop->crk_iparams == 3) { -- copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p, -- key_req->pub_key_len); -- copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p, -- key_req->priv_key_len); -- } else { -+ if (cop->crk_iparams == 4) { - key_req->ab = key_req->priv_key + key_req->priv_key_len; - copy_from_user(key_req->ab, cop->crk_param[3].crp_p, - key_req->ab_len); -- copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p, -- key_req->pub_key_len); -- copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p, -- key_req->priv_key_len); - } - - rc = cryptodev_pkc_offload(pkc); - if (pkc->type == SYNCHRONOUS) { - if (rc) - goto err; -+ -+ if (cop->crk_iparams == 4) { -+ copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key, -+ key_req->pub_key_len); -+ copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key, -+ key_req->priv_key_len); -+ } else { -+ copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key, -+ key_req->pub_key_len); -+ copy_to_user(cop->crk_param[4].crp_p, -+ key_req->priv_key, key_req->priv_key_len); -+ } - } else { - if (rc != -EINPROGRESS && !rc) - goto err; -@@ -447,7 +454,9 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - pkc_req->type = DH_COMPUTE_KEY; - } - buf_size += dh_req->z_len; -- buf = kzalloc(buf_size, GFP_DMA); -+ buf = kmalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; - dh_req->q = buf; - dh_req->s = dh_req->q + dh_req->q_len; - dh_req->pub_key = dh_req->s + dh_req->s_len; -@@ -508,9 +517,11 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) - rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8; - rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8; - rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8; -- buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + -+ buf = kmalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + - rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len + - rsa_req->g_len, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; - rsa_req->p = buf; - rsa_req->q = rsa_req->p + rsa_req->p_len; - rsa_req->g = rsa_req->q + rsa_req->q_len; -@@ -563,7 +574,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) - rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; - rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; - rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; -- buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len -+ buf = kmalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len - + rsa_req->g_len, GFP_DMA); - if (!buf) - return -ENOMEM; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch deleted file mode 100644 index d251c660..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch +++ /dev/null @@ -1,170 +0,0 @@ -From 5127db3483a2e4f6dc13330bea7237931c5f15a0 Mon Sep 17 00:00:00 2001 -From: Hou Zhiqiang -Date: Wed, 19 Mar 2014 14:02:46 +0800 -Subject: [PATCH 08/15] Add RSA Key generation offloading - -Upstream-status: Pending - -Signed-off-by: Hou Zhiqiang -Tested-by: Cristian Stoica ---- - cryptlib.c | 1 + - crypto/cryptodev.h | 2 ++ - ioctl.c | 3 +- - main.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++- - 4 files changed, 84 insertions(+), 2 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 47cd568..4dd1847 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -441,6 +441,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - struct pkc_request *pkc_req = &pkc->req, *pkc_requested; - - switch (pkc_req->type) { -+ case RSA_KEYGEN: - case RSA_PUB: - case RSA_PRIV_FORM1: - case RSA_PRIV_FORM2: -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 275a55c..d0cc542 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -270,6 +270,7 @@ enum cryptodev_crk_op_t { - CRK_DH_COMPUTE_KEY = 4, - CRK_DSA_GENERATE_KEY = 5, - CRK_DH_GENERATE_KEY = 6, -+ CRK_RSA_GENERATE_KEY = 7, - CRK_ALGORITHM_ALL - }; - -@@ -279,6 +280,7 @@ enum cryptodev_crk_op_t { - */ - #define CRF_MOD_EXP (1 << CRK_MOD_EXP) - #define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT) -+#define CRF_RSA_GENERATE_KEY (1 << CRK_RSA_GENERATE_KEY) - #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) - #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) - #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) -diff --git a/ioctl.c b/ioctl.c -index e4e16a8..3762a47 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -957,7 +957,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMFEAT: - return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | - CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | -- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p); -+ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY | -+ CRF_RSA_GENERATE_KEY, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); -diff --git a/main.c b/main.c -index 2747706..14dcf40 100644 ---- a/main.c -+++ b/main.c -@@ -346,6 +346,82 @@ err: - return rc; - } - -+int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct rsa_keygen_req_s *key_req; -+ int rc, buf_size; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || -+ !cop->crk_param[6].crp_nbits) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ pkc_req->type = RSA_KEYGEN; -+ key_req = &pkc_req->req_u.rsa_keygen; -+ key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8; -+ key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8; -+ key_req->n_len = (cop->crk_param[2].crp_nbits + 7) / 8; -+ key_req->d_len = (cop->crk_param[3].crp_nbits + 7) / 8; -+ key_req->dp_len = (cop->crk_param[4].crp_nbits + 7) / 8; -+ key_req->dq_len = (cop->crk_param[5].crp_nbits + 7) / 8; -+ key_req->c_len = (cop->crk_param[6].crp_nbits + 7) / 8; -+ -+ buf_size = key_req->p_len + key_req->q_len + key_req->n_len + -+ key_req->d_len + key_req->dp_len + -+ key_req->dq_len + key_req->c_len; -+ -+ buf = kmalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; -+ key_req->p = buf; -+ key_req->q = key_req->p + key_req->p_len; -+ key_req->n = key_req->q + key_req->q_len; -+ key_req->d = key_req->n + key_req->n_len; -+ key_req->dp = key_req->d + key_req->d_len; -+ key_req->dq = key_req->dp + key_req->dp_len; -+ key_req->c = key_req->dq + key_req->dq_len; -+ -+ rc = cryptodev_pkc_offload(pkc); -+ -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ -+ copy_to_user(cop->crk_param[0].crp_p, -+ key_req->p, key_req->p_len); -+ copy_to_user(cop->crk_param[1].crp_p, -+ key_req->q, key_req->q_len); -+ copy_to_user(cop->crk_param[2].crp_p, -+ key_req->n, key_req->n_len); -+ copy_to_user(cop->crk_param[3].crp_p, -+ key_req->d, key_req->d_len); -+ copy_to_user(cop->crk_param[4].crp_p, -+ key_req->dp, key_req->dp_len); -+ copy_to_user(cop->crk_param[5].crp_p, -+ key_req->dq, key_req->dq_len); -+ copy_to_user(cop->crk_param[6].crp_p, -+ key_req->c, key_req->c_len); -+ } else { -+ if (rc != -EINPROGRESS && !rc) { -+ printk("%s: Failed\n", __func__); -+ goto err; -+ } -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+ -+} -+ - int crypto_kop_keygen(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; -@@ -385,7 +461,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - buf = kmalloc(buf_size, GFP_DMA); - if (!buf) - return -ENOMEM; -- - key_req->q = buf; - key_req->r = key_req->q + key_req->q_len; - key_req->g = key_req->r + key_req->r_len; -@@ -650,6 +725,9 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) - goto err; - ret = crypto_kop_keygen(pkc); - break; -+ case CRK_RSA_GENERATE_KEY: -+ ret = crypto_kop_rsa_keygen(pkc); -+ break; - } - err: - return ret; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch deleted file mode 100644 index 2213faec..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch +++ /dev/null @@ -1,160 +0,0 @@ -From 800af48d0c26830943ca2308dd426b5b09811750 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta -Date: Thu, 17 Apr 2014 07:08:47 +0545 -Subject: [PATCH 09/15] Fixed compilation error of openssl with fsl cryptodev - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta -Tested-by: Cristian Stoica ---- - authenc.c | 1 + - cryptlib.c | 9 ++++----- - crypto/cryptodev.h | 9 ++++++++- - cryptodev_int.h | 2 +- - ioctl.c | 8 ++++++-- - main.c | 1 + - 6 files changed, 21 insertions(+), 9 deletions(-) - -diff --git a/authenc.c b/authenc.c -index ef0d3db..2aa4d38 100644 ---- a/authenc.c -+++ b/authenc.c -@@ -2,6 +2,7 @@ - * Driver for /dev/crypto device (aka CryptoDev) - * - * Copyright (c) 2011, 2012 OpenSSL Software Foundation, Inc. -+ * Copyright (c) 2014 Freescale Semiconductor, Inc. - * - * Author: Nikos Mavrogiannopoulos - * -diff --git a/cryptlib.c b/cryptlib.c -index 4dd1847..ec6693e 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -4,8 +4,7 @@ - * Copyright (c) 2010,2011 Nikos Mavrogiannopoulos - * Portions Copyright (c) 2010 Michael Weiser - * Portions Copyright (c) 2010 Phil Sutter -- * -- * Copyright 2012 Freescale Semiconductor, Inc. -+ * Copyright 2012-2014 Freescale Semiconductor, Inc. - * - * This file is part of linux cryptodev. - * -@@ -144,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - if (alg->max_keysize > 0 && - unlikely((keylen < alg->min_keysize) || - (keylen > alg->max_keysize))) { -- ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.", -+ ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", - keylen, alg_name, alg->min_keysize, alg->max_keysize); - ret = -EINVAL; - goto error; -@@ -171,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - } - - if (unlikely(ret)) { -- ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8); -+ ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); - ret = -EINVAL; - goto error; - } -@@ -338,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, - if (hmac_mode != 0) { - ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen); - if (unlikely(ret)) { -- ddebug(1, "Setting hmac key failed for %s-%zu.", -+ ddebug(1, "Setting hmac key failed for %s-%u.", - alg_name, mackeylen*8); - ret = -EINVAL; - goto error; -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index d0cc542..e7edd97 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -234,6 +234,13 @@ struct crypt_auth_op { - #define CRYPTO_ALG_FLAG_RNG_ENABLE 2 - #define CRYPTO_ALG_FLAG_DSA_SHA 4 - -+enum ec_curve_t { -+ EC_DISCRETE_LOG, -+ EC_PRIME, -+ EC_BINARY, -+ MAX_EC_TYPE -+}; -+ - struct crparam { - __u8 *crp_p; - __u32 crp_nbits; -@@ -249,7 +256,7 @@ struct crypt_kop { - __u16 crk_oparams; - __u32 crk_pad1; - struct crparam crk_param[CRK_MAXPARAM]; -- enum curve_t curve_type; /* 0 == Discrete Log, -+ enum ec_curve_t curve_type; /* 0 == Discrete Log, - 1 = EC_PRIME, 2 = EC_BINARY */ - void *cookie; - }; -diff --git a/cryptodev_int.h b/cryptodev_int.h -index 5347cae..c83c885 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -88,7 +88,7 @@ struct compat_crypt_kop { - uint16_t crk_oparams; - uint32_t crk_pad1; - struct compat_crparam crk_param[CRK_MAXPARAM]; -- enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, -+ enum ec_curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, - 2 = EC_BINARY */ - compat_uptr_t cookie; - }; -diff --git a/ioctl.c b/ioctl.c -index 3762a47..c97320b 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -4,7 +4,7 @@ - * Copyright (c) 2004 Michal Ludvig , SuSE Labs - * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos - * Copyright (c) 2010 Phil Sutter -- * Copyright 2012 Freescale Semiconductor, Inc. -+ * Copyright 2012-2014 Freescale Semiconductor, Inc. - * - * This file is part of linux cryptodev. - * -@@ -501,6 +501,7 @@ cryptodev_open(struct inode *inode, struct file *filp) - INIT_LIST_HEAD(&pcr->done.list); - INIT_LIST_HEAD(&pcr->asym_completed_list); - spin_lock_init(&pcr->completion_lock); -+ - INIT_WORK(&pcr->cryptask, cryptask_routine); - - init_waitqueue_head(&pcr->user_waiter); -@@ -780,8 +781,11 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) - - if (cop->iv) { - rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen); -- if (unlikely(rc)) -+ if (unlikely(rc)) { -+ derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p", -+ kcop->ivlen, rc, cop->iv); - return -EFAULT; -+ } - } - - return 0; -diff --git a/main.c b/main.c -index 14dcf40..6365911 100644 ---- a/main.c -+++ b/main.c -@@ -3,6 +3,7 @@ - * - * Copyright (c) 2004 Michal Ludvig , SuSE Labs - * Copyright (c) 2009-2013 Nikos Mavrogiannopoulos -+ * Copyright (c) 2014 Freescale Semiconductor, Inc. - * - * This file is part of linux cryptodev. - * --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch deleted file mode 100644 index 20321595..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 55ee0ae703a68db74a492f5910937260502b9602 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Tue, 10 Jun 2014 08:27:59 +0300 -Subject: [PATCH 10/15] add support for composite TLS10(SHA1,3DES) algorithm - offload - -This adds support for composite algorithm offload in a single crypto -(cipher + hmac) operation. - -It requires either software or hardware TLS support in the Linux kernel -and can be used with Freescale B*, P* and T* platforms that have support -for hardware TLS acceleration. - -Change-Id: Ibce0ceb4174809c9c96b453cd3202bc5220ff084 -Signed-off-by: Tudor Ambarus -Reviewed-on: http://git.am.freescale.net:8181/34000 -Reviewed-by: Cristian Stoica -Tested-by: Cristian Stoica ---- - crypto/cryptodev.h | 1 + - ioctl.c | 5 +++++ - 2 files changed, 6 insertions(+) - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index e7edd97..07f40b2 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -55,6 +55,7 @@ enum cryptodev_crypto_op_t { - CRYPTO_SHA2_512, - CRYPTO_SHA2_224_HMAC, - CRYPTO_TLS10_AES_CBC_HMAC_SHA1, -+ CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, - CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ - }; - -diff --git a/ioctl.c b/ioctl.c -index c97320b..574e913 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -191,6 +191,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) - stream = 0; - aead = 1; - break; -+ case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: -+ alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; -+ stream = 0; -+ aead = 1; -+ break; - case CRYPTO_NULL: - alg_name = "ecb(cipher_null)"; - stream = 1; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch deleted file mode 100644 index 37862b55..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 06cca15fd0412ae872c2b2c5d50216e1eb34fc50 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Tue, 31 Mar 2015 16:15:47 +0300 -Subject: [PATCH 11/15] add support for TLSv1.1 record offload - -This adds support for composite algorithm offload in a single crypto -(cipher + hmac) operation. - -Supported cipher suites: -- 3des-ede-cbc-sha -- aes-128-cbc-hmac-sha -- aes-256-cbc-hmac-sha - -It requires either software or hardware TLS support in the Linux kernel -and can be used with Freescale B*, P* and T* platforms that have support -for hardware TLS acceleration. - -Signed-off-by: Tudor Ambarus -Change-Id: Ia5f3fa7ec090d5643d71b0f608c68a274ec6b51f -Reviewed-on: http://git.am.freescale.net:8181/33998 -Reviewed-by: Cristian Stoica -Tested-by: Cristian Stoica ---- - crypto/cryptodev.h | 4 +++- - ioctl.c | 14 ++++++++++++-- - 2 files changed, 15 insertions(+), 3 deletions(-) - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 07f40b2..61e8599 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -54,8 +54,10 @@ enum cryptodev_crypto_op_t { - CRYPTO_SHA2_384, - CRYPTO_SHA2_512, - CRYPTO_SHA2_224_HMAC, -- CRYPTO_TLS10_AES_CBC_HMAC_SHA1, - CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, -+ CRYPTO_TLS10_AES_CBC_HMAC_SHA1, -+ CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, -+ CRYPTO_TLS11_AES_CBC_HMAC_SHA1, - CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ - }; - -diff --git a/ioctl.c b/ioctl.c -index 574e913..ba82387 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -186,13 +186,23 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) - stream = 1; - aead = 1; - break; -+ case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: -+ alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; -+ stream = 0; -+ aead = 1; -+ break; - case CRYPTO_TLS10_AES_CBC_HMAC_SHA1: - alg_name = "tls10(hmac(sha1),cbc(aes))"; - stream = 0; - aead = 1; - break; -- case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: -- alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; -+ case CRYPTO_TLS11_3DES_CBC_HMAC_SHA1: -+ alg_name = "tls11(hmac(sha1),cbc(des3_ede))"; -+ stream = 0; -+ aead = 1; -+ break; -+ case CRYPTO_TLS11_AES_CBC_HMAC_SHA1: -+ alg_name = "tls11(hmac(sha1),cbc(aes))"; - stream = 0; - aead = 1; - break; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch deleted file mode 100644 index 6aa672a7..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 15999e402dd7472cafe51be3fd0ce66433ca924b Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Tue, 31 Mar 2015 16:16:28 +0300 -Subject: [PATCH 12/15] add support for TLSv1.2 record offload - -This adds support for composite algorithm offload in a single crypto -(cipher + hmac) operation. - -Supported cipher suites: -- 3des-ede-cbc-sha -- aes-128-cbc-hmac-sha -- aes-256-cbc-hmac-sha -- aes-128-cbc-hmac-sha256 -- aes-256-cbc-hmac-sha256 - -It requires either software or hardware TLS support in the Linux kernel -and can be used with Freescale B*, P* and T* platforms that have support -for hardware TLS acceleration. - -Signed-off-by: Tudor Ambarus -Change-Id: I21f45993505fc3dad09848a13aa20f778a7c2de0 -Reviewed-on: http://git.am.freescale.net:8181/33999 -Reviewed-by: Cristian Stoica -Tested-by: Cristian Stoica ---- - crypto/cryptodev.h | 3 +++ - ioctl.c | 15 +++++++++++++++ - 2 files changed, 18 insertions(+) - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 61e8599..f6058ca 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -58,6 +58,9 @@ enum cryptodev_crypto_op_t { - CRYPTO_TLS10_AES_CBC_HMAC_SHA1, - CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, - CRYPTO_TLS11_AES_CBC_HMAC_SHA1, -+ CRYPTO_TLS12_3DES_CBC_HMAC_SHA1, -+ CRYPTO_TLS12_AES_CBC_HMAC_SHA1, -+ CRYPTO_TLS12_AES_CBC_HMAC_SHA256, - CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ - }; - -diff --git a/ioctl.c b/ioctl.c -index ba82387..fb4c4e3 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -206,6 +206,21 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) - stream = 0; - aead = 1; - break; -+ case CRYPTO_TLS12_3DES_CBC_HMAC_SHA1: -+ alg_name = "tls12(hmac(sha1),cbc(des3_ede))"; -+ stream = 0; -+ aead = 1; -+ break; -+ case CRYPTO_TLS12_AES_CBC_HMAC_SHA1: -+ alg_name = "tls12(hmac(sha1),cbc(aes))"; -+ stream = 0; -+ aead = 1; -+ break; -+ case CRYPTO_TLS12_AES_CBC_HMAC_SHA256: -+ alg_name = "tls12(hmac(sha256),cbc(aes))"; -+ stream = 0; -+ aead = 1; -+ break; - case CRYPTO_NULL: - alg_name = "ecb(cipher_null)"; - stream = 1; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch deleted file mode 100644 index 86cf6a2b..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch +++ /dev/null @@ -1,186 +0,0 @@ -From 39abcb9cea60540528e848d6c66169c36d666861 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Fri, 20 Feb 2015 12:46:58 +0200 -Subject: [PATCH 13/15] clean-up code layout - -Signed-off-by: Cristian Stoica -Change-Id: I92c2f4baeed9470a2c3c42b592d878e65918b0af -Reviewed-on: http://git.am.freescale.net:8181/34222 ---- - cryptlib.c | 11 ++++------- - ioctl.c | 55 +++++++++++++++++++++---------------------------------- - main.c | 4 +--- - 3 files changed, 26 insertions(+), 44 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index ec6693e..21e691b 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -434,7 +434,7 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) - return waitfor(hdata->async.result, ret); - } - --int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) -+int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - { - int ret = 0; - struct pkc_request *pkc_req = &pkc->req, *pkc_requested; -@@ -445,8 +445,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - case RSA_PRIV_FORM1: - case RSA_PRIV_FORM2: - case RSA_PRIV_FORM3: -- pkc->s = crypto_alloc_pkc("pkc(rsa)", -- CRYPTO_ALG_TYPE_PKC_RSA, 0); -+ pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0); - break; - case DSA_SIGN: - case DSA_VERIFY: -@@ -454,13 +453,11 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - case ECDSA_VERIFY: - case DLC_KEYGEN: - case ECC_KEYGEN: -- pkc->s = crypto_alloc_pkc("pkc(dsa)", -- CRYPTO_ALG_TYPE_PKC_DSA, 0); -+ pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0); - break; - case DH_COMPUTE_KEY: - case ECDH_COMPUTE_KEY: -- pkc->s = crypto_alloc_pkc("pkc(dh)", -- CRYPTO_ALG_TYPE_PKC_DH, 0); -+ pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0); - break; - default: - return -EINVAL; -diff --git a/ioctl.c b/ioctl.c -index fb4c4e3..ee0486c 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -714,16 +714,13 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - case CRK_MOD_EXP: - { - struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; -- copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, -- rsa_req->g_len); -+ copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); - } - break; - case CRK_MOD_EXP_CRT: - { -- struct rsa_priv_frm3_req_s *rsa_req = -- &pkc_req->req_u.rsa_priv_f3; -- copy_to_user(ckop->crk_param[6].crp_p, -- rsa_req->f, rsa_req->f_len); -+ struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3; -+ copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); - } - break; - case CRK_DSA_SIGN: -@@ -731,15 +728,11 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; - - if (pkc_req->type == ECDSA_SIGN) { -- copy_to_user(ckop->crk_param[6].crp_p, -- dsa_req->c, dsa_req->d_len); -- copy_to_user(ckop->crk_param[7].crp_p, -- dsa_req->d, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); - } else { -- copy_to_user(ckop->crk_param[5].crp_p, -- dsa_req->c, dsa_req->d_len); -- copy_to_user(ckop->crk_param[6].crp_p, -- dsa_req->d, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); - } - } - break; -@@ -749,11 +742,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - { - struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; - if (pkc_req->type == ECDH_COMPUTE_KEY) -- copy_to_user(ckop->crk_param[4].crp_p, -- dh_req->z, dh_req->z_len); -+ copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); - else -- copy_to_user(ckop->crk_param[3].crp_p, -- dh_req->z, dh_req->z_len); -+ copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); - } - break; - case CRK_DSA_GENERATE_KEY: -@@ -763,14 +754,14 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - - if (pkc_req->type == ECC_KEYGEN) { - copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, -- key_req->pub_key_len); -- copy_to_user(ckop->crk_param[5].crp_p, -- key_req->priv_key, key_req->priv_key_len); -+ key_req->pub_key_len); -+ copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, -+ key_req->priv_key_len); - } else { -- copy_to_user(ckop->crk_param[3].crp_p, -- key_req->pub_key, key_req->pub_key_len); -- copy_to_user(ckop->crk_param[4].crp_p, -- key_req->priv_key, key_req->priv_key_len); -+ copy_to_user(ckop->crk_param[3].crp_p, key_req->pub_key, -+ key_req->pub_key_len); -+ copy_to_user(ckop->crk_param[4].crp_p, key_req->priv_key, -+ key_req->priv_key_len); - } - } - default: -@@ -1113,16 +1104,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - if (!list_empty(&pcr->asym_completed_list)) { - /* Run a loop in the list for upto elements - and copy their response back */ -- pkc = -- list_first_entry(&pcr->asym_completed_list, -+ pkc = list_first_entry(&pcr->asym_completed_list, - struct cryptodev_pkc, list); - list_del(&pkc->list); - spin_unlock_bh(&pcr->completion_lock); - ret = crypto_async_fetch_asym(pkc); - if (!ret) { - cookie_list.cookie_available++; -- cookie_list.cookie[i] = -- pkc->kop.kop.cookie; -+ cookie_list.cookie[i] = pkc->kop.kop.cookie; - cookie_list.status[i] = pkc->result.err; - } - kfree(pkc); -@@ -1133,12 +1122,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - } - - /* Reflect the updated request to user-space */ -- if (cookie_list.cookie_available) -- copy_to_user(arg, &cookie_list, -- sizeof(struct pkc_cookie_list_s)); -- else { -+ if (cookie_list.cookie_available) { -+ copy_to_user(arg, &cookie_list, sizeof(struct pkc_cookie_list_s)); -+ } else { - struct pkc_cookie_list_s *user_ck_list = (void *)arg; -- - put_user(0, &(user_ck_list->cookie_available)); - } - ret = cookie_list.cookie_available; -diff --git a/main.c b/main.c -index 6365911..af66553 100644 ---- a/main.c -+++ b/main.c -@@ -666,9 +666,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) - if (pkc->type == SYNCHRONOUS) { - if (rc) - goto err; -- -- copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, -- rsa_req->g_len); -+ copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); - } else { - if (rc != -EINPROGRESS && rc != 0) - goto err; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch deleted file mode 100644 index b9e9d2bd..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch +++ /dev/null @@ -1,494 +0,0 @@ -From 34e765977633b5f81845c0183af6d388d8225f00 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Mon, 23 Feb 2015 12:14:07 +0200 -Subject: [PATCH 14/15] remove redundant data copy for pkc operations - -This patch removes a copy of a pkc request that was -allocated on the hot-path. The copy was not necessary -and was just slowing things down. - -Change-Id: I3ad85f78c188f100ab9fc03a5777bb704a9dcb63 -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/34223 ---- - cryptlib.c | 49 +++---------------- - cryptlib.h | 3 +- - ioctl.c | 17 +++---- - main.c | 162 +++++++++++++++++++++++++++++++++++++------------------------ - 4 files changed, 113 insertions(+), 118 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 21e691b..5882a30 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -436,59 +436,22 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) - - int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - { -- int ret = 0; -- struct pkc_request *pkc_req = &pkc->req, *pkc_requested; -- -- switch (pkc_req->type) { -- case RSA_KEYGEN: -- case RSA_PUB: -- case RSA_PRIV_FORM1: -- case RSA_PRIV_FORM2: -- case RSA_PRIV_FORM3: -- pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0); -- break; -- case DSA_SIGN: -- case DSA_VERIFY: -- case ECDSA_SIGN: -- case ECDSA_VERIFY: -- case DLC_KEYGEN: -- case ECC_KEYGEN: -- pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0); -- break; -- case DH_COMPUTE_KEY: -- case ECDH_COMPUTE_KEY: -- pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0); -- break; -- default: -- return -EINVAL; -- } -- -- if (IS_ERR_OR_NULL(pkc->s)) -- return -EINVAL; -+ int ret; - - init_completion(&pkc->result.completion); -- pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL); -- -- if (unlikely(IS_ERR_OR_NULL(pkc_requested))) { -- ret = -ENOMEM; -- goto error; -- } -- pkc_requested->type = pkc_req->type; -- pkc_requested->curve_type = pkc_req->curve_type; -- memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u)); -- pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG, -+ pkc_request_set_callback(pkc->req, CRYPTO_TFM_REQ_MAY_BACKLOG, - cryptodev_complete_asym, pkc); -- ret = crypto_pkc_op(pkc_requested); -+ ret = crypto_pkc_op(pkc->req); - if (ret != -EINPROGRESS && ret != 0) -- goto error2; -+ goto error; - - if (pkc->type == SYNCHRONOUS) - ret = waitfor(&pkc->result, ret); - - return ret; --error2: -- kfree(pkc_requested); -+ - error: -+ kfree(pkc->req); - crypto_free_pkc(pkc->s); - return ret; - } -diff --git a/cryptlib.h b/cryptlib.h -index 7ffa54c..4fac0c8 100644 ---- a/cryptlib.h -+++ b/cryptlib.h -@@ -110,8 +110,7 @@ struct cryptodev_pkc { - struct crypto_pkc *s; /* Transform pointer from CryptoAPI */ - struct cryptodev_result result; /* Result to be updated by - completion handler */ -- struct pkc_request req; /* PKC request structure allocated -- from CryptoAPI */ -+ struct pkc_request *req; /* PKC request allocated from CryptoAPI */ - enum offload_type type; /* Synchronous Vs Asynchronous request */ - /* - * cookie used for transfering tranparent information from async -diff --git a/ioctl.c b/ioctl.c -index ee0486c..797b73c 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -708,26 +708,25 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - int ret = 0; - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *ckop = &kop->kop; -- struct pkc_request *pkc_req = &pkc->req; - - switch (ckop->crk_op) { - case CRK_MOD_EXP: - { -- struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; -+ struct rsa_pub_req_s *rsa_req = &pkc->req->req_u.rsa_pub_req; - copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); - } - break; - case CRK_MOD_EXP_CRT: - { -- struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3; -+ struct rsa_priv_frm3_req_s *rsa_req = &pkc->req->req_u.rsa_priv_f3; - copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); - } - break; - case CRK_DSA_SIGN: - { -- struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; -+ struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; - -- if (pkc_req->type == ECDSA_SIGN) { -+ if (pkc->req->type == ECDSA_SIGN) { - copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); - copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); - } else { -@@ -740,8 +739,8 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - break; - case CRK_DH_COMPUTE_KEY: - { -- struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; -- if (pkc_req->type == ECDH_COMPUTE_KEY) -+ struct dh_key_req_s *dh_req = &pkc->req->req_u.dh_req; -+ if (pkc->req->type == ECDH_COMPUTE_KEY) - copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); - else - copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); -@@ -750,9 +749,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - case CRK_DSA_GENERATE_KEY: - case CRK_DH_GENERATE_KEY: - { -- struct keygen_req_s *key_req = &pkc_req->req_u.keygen; -+ struct keygen_req_s *key_req = &pkc->req->req_u.keygen; - -- if (pkc_req->type == ECC_KEYGEN) { -+ if (pkc->req->type == ECC_KEYGEN) { - copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, - key_req->pub_key_len); - copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, -diff --git a/main.c b/main.c -index af66553..ed1c69a 100644 ---- a/main.c -+++ b/main.c -@@ -186,8 +186,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req = &pkc->req; -- struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; -+ struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; - int rc, buf_size; - uint8_t *buf; - -@@ -210,10 +209,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) - if (cop->crk_iparams == 6) { - dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; - buf_size += dsa_req->ab_len; -- pkc_req->type = ECDSA_SIGN; -- pkc_req->curve_type = cop->curve_type; -- } else { -- pkc_req->type = DSA_SIGN; -+ pkc->req->curve_type = cop->curve_type; - } - - buf = kmalloc(buf_size, GFP_DMA); -@@ -269,7 +265,6 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct dsa_verify_req_s *dsa_req; - int rc, buf_size; - uint8_t *buf; -@@ -281,8 +276,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) - !cop->crk_param[7].crp_nbits)) - return -EINVAL; - -- pkc_req = &pkc->req; -- dsa_req = &pkc_req->req_u.dsa_verify; -+ dsa_req = &pkc->req->req_u.dsa_verify; - dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; - dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; - dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; -@@ -295,10 +289,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) - if (cop->crk_iparams == 8) { - dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; - buf_size += dsa_req->ab_len; -- pkc_req->type = ECDSA_VERIFY; -- pkc_req->curve_type = cop->curve_type; -- } else { -- pkc_req->type = DSA_VERIFY; -+ pkc->req->curve_type = cop->curve_type; - } - - buf = kmalloc(buf_size, GFP_DMA); -@@ -351,7 +342,6 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct rsa_keygen_req_s *key_req; - int rc, buf_size; - uint8_t *buf; -@@ -362,9 +352,7 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) - !cop->crk_param[6].crp_nbits) - return -EINVAL; - -- pkc_req = &pkc->req; -- pkc_req->type = RSA_KEYGEN; -- key_req = &pkc_req->req_u.rsa_keygen; -+ key_req = &pkc->req->req_u.rsa_keygen; - key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; - key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8; - key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8; -@@ -427,7 +415,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct keygen_req_s *key_req; - int rc, buf_size; - uint8_t *buf; -@@ -437,8 +424,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - !cop->crk_param[4].crp_nbits) - return -EINVAL; - -- pkc_req = &pkc->req; -- key_req = &pkc_req->req_u.keygen; -+ key_req = &pkc->req->req_u.keygen; - key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8; - key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8; - key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; -@@ -447,7 +433,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; - buf_size = key_req->q_len + key_req->r_len + key_req->g_len + - key_req->pub_key_len + key_req->priv_key_len; -- pkc_req->type = DLC_KEYGEN; - } else { - key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; - key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -@@ -455,8 +440,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - buf_size = key_req->q_len + key_req->r_len + key_req->g_len + - key_req->pub_key_len + key_req->priv_key_len + - key_req->ab_len; -- pkc_req->type = ECC_KEYGEN; -- pkc_req->curve_type = cop->curve_type; -+ pkc->req->curve_type = cop->curve_type; - } - - buf = kmalloc(buf_size, GFP_DMA); -@@ -508,26 +492,22 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct dh_key_req_s *dh_req; - int buf_size; - uint8_t *buf; - int rc = -EINVAL; - -- pkc_req = &pkc->req; -- dh_req = &pkc_req->req_u.dh_req; -+ dh_req = &pkc->req->req_u.dh_req; - dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; - dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8; - dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8; - buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len; - if (cop->crk_iparams == 4) { -- pkc_req->type = ECDH_COMPUTE_KEY; - dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; - dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8; - buf_size += dh_req->ab_len; - } else { - dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8; -- pkc_req->type = DH_COMPUTE_KEY; - } - buf_size += dh_req->z_len; - buf = kmalloc(buf_size, GFP_DMA); -@@ -539,7 +519,7 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - dh_req->z = dh_req->pub_key + dh_req->pub_key_len; - if (cop->crk_iparams == 4) { - dh_req->ab = dh_req->z + dh_req->z_len; -- pkc_req->curve_type = cop->curve_type; -+ pkc->req->curve_type = cop->curve_type; - copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, - dh_req->ab_len); - } -@@ -573,7 +553,6 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct rsa_priv_frm3_req_s *rsa_req; - int rc; - uint8_t *buf; -@@ -583,9 +562,7 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) - !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits) - return -EINVAL; - -- pkc_req = &pkc->req; -- pkc_req->type = RSA_PRIV_FORM3; -- rsa_req = &pkc_req->req_u.rsa_priv_f3; -+ rsa_req = &pkc->req->req_u.rsa_priv_f3; - rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8; - rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; - rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; -@@ -632,7 +609,6 @@ err: - - int crypto_bn_modexp(struct cryptodev_pkc *pkc) - { -- struct pkc_request *pkc_req; - struct rsa_pub_req_s *rsa_req; - int rc; - struct kernel_crypt_kop *kop = &pkc->kop; -@@ -643,9 +619,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) - !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits) - return -EINVAL; - -- pkc_req = &pkc->req; -- pkc_req->type = RSA_PUB; -- rsa_req = &pkc_req->req_u.rsa_pub_req; -+ rsa_req = &pkc->req->req_u.rsa_pub_req; - rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8; - rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; - rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; -@@ -680,56 +654,116 @@ err: - return rc; - } - -+static struct { -+ char *alg_name; -+ u32 type; -+ u32 mask; -+} pkc_alg_list[] = { -+ {"pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0}, -+ {"pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0}, -+ {"pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0}, -+}; -+ - int crypto_run_asym(struct cryptodev_pkc *pkc) - { -- int ret = -EINVAL; -+ int err = -EINVAL; -+ int id; - struct kernel_crypt_kop *kop = &pkc->kop; -+ enum pkc_req_type pkc_req_type; -+ int (*call_next_action)(struct cryptodev_pkc *pkc); - - switch (kop->kop.crk_op) { - case CRK_MOD_EXP: - if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1) -- goto err; -- -- ret = crypto_bn_modexp(pkc); -+ return err; -+ pkc_req_type = RSA_PUB; -+ id = 0; -+ call_next_action = crypto_bn_modexp; - break; - case CRK_MOD_EXP_CRT: - if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1) -- goto err; -- -- ret = crypto_modexp_crt(pkc); -+ return err; -+ pkc_req_type = RSA_PRIV_FORM3; -+ id = 0; -+ call_next_action = crypto_modexp_crt; - break; - case CRK_DSA_SIGN: -- if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) || -- kop->kop.crk_oparams != 2) -- goto err; -- -- ret = crypto_kop_dsasign(pkc); -+ if (kop->kop.crk_oparams != 2) -+ return err; -+ else if (kop->kop.crk_iparams == 5) -+ pkc_req_type = DSA_SIGN; -+ else if (kop->kop.crk_iparams == 6) -+ pkc_req_type = ECDSA_SIGN; -+ else -+ return err; -+ id = 1; -+ call_next_action = crypto_kop_dsasign; - break; - case CRK_DSA_VERIFY: -- if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) || -- kop->kop.crk_oparams != 0) -- goto err; -- -- ret = crypto_kop_dsaverify(pkc); -+ if (kop->kop.crk_oparams != 0) -+ return err; -+ else if (kop->kop.crk_iparams == 7) -+ pkc_req_type = DSA_VERIFY; -+ else if (kop->kop.crk_iparams == 8) -+ pkc_req_type = ECDSA_VERIFY; -+ else -+ return err; -+ id = 1; -+ call_next_action = crypto_kop_dsaverify; - break; - case CRK_DH_COMPUTE_KEY: -- if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) || -- kop->kop.crk_oparams != 1) -- goto err; -- ret = crypto_kop_dh_key(pkc); -+ if (kop->kop.crk_oparams != 1) -+ return err; -+ else if (kop->kop.crk_iparams == 3) -+ pkc_req_type = DH_COMPUTE_KEY; -+ else if (kop->kop.crk_iparams == 4) -+ pkc_req_type = ECDH_COMPUTE_KEY; -+ else -+ return err; -+ id = 2; -+ call_next_action = crypto_kop_dh_key; - break; - case CRK_DH_GENERATE_KEY: - case CRK_DSA_GENERATE_KEY: -- if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4)) -- goto err; -- ret = crypto_kop_keygen(pkc); -+ if (kop->kop.crk_iparams == 3) -+ pkc_req_type = DLC_KEYGEN; -+ else if (kop->kop.crk_iparams == 4) -+ pkc_req_type = ECC_KEYGEN; -+ else -+ return err; -+ id = 1; -+ call_next_action = crypto_kop_keygen; - break; - case CRK_RSA_GENERATE_KEY: -- ret = crypto_kop_rsa_keygen(pkc); -+ pkc_req_type = RSA_KEYGEN; -+ id = 0; -+ call_next_action = crypto_kop_rsa_keygen; - break; -+ default: -+ return err; - } --err: -- return ret; -+ err = -ENOMEM; -+ pkc->s = crypto_alloc_pkc(pkc_alg_list[id].alg_name, -+ pkc_alg_list[id].type, -+ pkc_alg_list[id].mask); -+ if (IS_ERR_OR_NULL(pkc->s)) -+ return err; -+ -+ pkc->req = pkc_request_alloc(pkc->s, GFP_KERNEL); -+ if (IS_ERR_OR_NULL(pkc->req)) -+ goto out_free_tfm; -+ -+ /* todo - fix alloc-free on error path */ -+ pkc->req->type = pkc_req_type; -+ err = call_next_action(pkc); -+ if (pkc->type == SYNCHRONOUS) -+ kfree(pkc->req); -+ -+ return err; -+ -+out_free_tfm: -+ crypto_free_pkc(pkc->s); -+ return err; - } - - int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop) --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch deleted file mode 100644 index 949fe121..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 8361f99c940fbe270fca2112dae3d97c9a5776d6 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Mon, 23 Feb 2015 15:28:22 +0200 -Subject: [PATCH 15/15] fix pkc request deallocation - -The request to be freed is actually pkc->req, and should be done inside -the fetch ioctl for ASYNC (this patch) and in crypt ioctl for SYNC -operations. - -Change-Id: I6f046f2ebeae4cb513a419996ca96b52e37468ed -Signed-off-by: Cristian Stoica -Reviewed-on: http://git.am.freescale.net:8181/34224 ---- - ioctl.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index 797b73c..da3a842 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -114,8 +114,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) - /* wake for POLLIN */ - wake_up_interruptible(&pcr->user_waiter); - } -- -- kfree(req); - } - - #define FILL_SG(sg, ptr, len) \ -@@ -1113,6 +1111,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - cookie_list.cookie[i] = pkc->kop.kop.cookie; - cookie_list.status[i] = pkc->result.err; - } -+ kfree(pkc->req); - kfree(pkc); - } else { - spin_unlock_bh(&pcr->completion_lock); --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch deleted file mode 100644 index cefb6dcc..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 586bc4a6cd1014c57364020013062f07a8861e38 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica -Date: Mon, 20 Apr 2015 13:18:47 +0300 -Subject: [PATCH] add basic detection of asym features - -Change-Id: I3b3ba8664bf631a63be1f11e715024509e20f841 -Signed-off-by: Cristian Stoica ---- - ioctl.c | 12 ++++++++---- - 1 file changed, 8 insertions(+), 4 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index da3a842..53dbf64 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -977,10 +977,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - - switch (cmd) { - case CIOCASYMFEAT: -- return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | -- CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | -- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY | -- CRF_RSA_GENERATE_KEY, p); -+ ses = 0; -+ if (crypto_has_alg("pkc(rsa)", 0, 0)) -+ ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_RSA_GENERATE_KEY; -+ if (crypto_has_alg("pkc(dsa)", 0, 0)) -+ ses |= CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DSA_GENERATE_KEY; -+ if (crypto_has_alg("pkc(dh)", 0, 0)) -+ ses |= CRF_DH_COMPUTE_KEY |CRF_DH_GENERATE_KEY; -+ return put_user(ses, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch deleted file mode 100644 index b3c36b3d..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 0ca641091b4113d73e75d30ef530c88836849308 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Fri, 29 May 2015 15:28:47 +0300 -Subject: [PATCH 17/20] remove dead code - -Functions kop_to_user and compat_kop_to_user are never used. Delete them -to avoid compiler warnings. - - -crypto/../../cryptodev-linux/ioctl.c:841:12: warning: 'kop_to_user' defined but not used [-Wunused-function] - static int kop_to_user(struct kernel_crypt_kop *kop, - ^ -crypto/../../cryptodev-linux/ioctl.c: At top level: -crypto/../../cryptodev-linux/ioctl.c:1195:12: warning: 'compat_kop_to_user' defined but not used [-Wunused-function] - static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) - ^ -Signed-off-by: Tudor Ambarus -Signed-off-by: Cristian Stoica -Change-Id: I6bd8a7eb6144224a20cd400813ab15a7a192dbb1 -Reviewed-on: http://git.am.freescale.net:8181/37440 ---- - ioctl.c | 22 ---------------------- - 1 file changed, 22 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index 53dbf64..39635a4 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -838,16 +838,6 @@ static int kop_from_user(struct kernel_crypt_kop *kop, - return fill_kop_from_cop(kop); - } - --static int kop_to_user(struct kernel_crypt_kop *kop, -- void __user *arg) --{ -- if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) { -- dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); -- return -EFAULT; -- } -- return 0; --} -- - static int kcop_from_user(struct kernel_crypt_op *kcop, - struct fcrypt *fcr, void __user *arg) - { -@@ -1192,18 +1182,6 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop, - compat->curve_type = kop->curve_type; - } - --static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) --{ -- struct compat_crypt_kop compat_kop; -- -- crypt_kop_to_compat(&kop->kop, &compat_kop); -- if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) { -- dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); -- return -EFAULT; -- } -- return 0; --} -- - static inline void - compat_to_session_op(struct compat_session_op *compat, struct session_op *sop) - { --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch deleted file mode 100644 index bf93f5b1..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 596378a22532908487f2c5e4d717c5ae618c4c7d Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Tue, 2 Jun 2015 10:44:12 +0300 -Subject: [PATCH 18/20] fix compat warnings - - CC [M] crypto/../../cryptodev-linux/ioctl.o -crypto/../../cryptodev-linux/ioctl.c: In function 'compat_to_crypt_kop': -crypto/../../cryptodev-linux/ioctl.c:1161:14: warning: assignment makes pointer from integer without a cast - kop->cookie = compat->cookie; - ^ -crypto/../../cryptodev-linux/ioctl.c: In function 'crypt_kop_to_compat': -crypto/../../cryptodev-linux/ioctl.c:1191:17: warning: assignment makes integer from pointer without a cast - compat->cookie = kop->cookie; - ^ -crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl': -crypto/../../cryptodev-linux/ioctl.c:1430:28: warning: assignment makes integer from pointer without a cast - cookie_list.cookie[i] = - ^ - -Signed-off-by: Tudor Ambarus -Change-Id: Id851408c0c743c01447f3b0ced38fbc1ae94d4db -Reviewed-on: http://git.am.freescale.net:8181/37442 -Reviewed-by: Cristian Stoica -Tested-by: Cristian Stoica ---- - ioctl.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index 39635a4..f3ce2f6 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -1148,7 +1148,7 @@ static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat, - } - - kop->curve_type = compat->curve_type; -- kop->cookie = compat->cookie; -+ kop->cookie = compat_ptr(compat->cookie); - } - - static int compat_kop_from_user(struct kernel_crypt_kop *kop, -@@ -1178,7 +1178,7 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop, - ptr_to_compat(kop->crk_param[i].crp_p); - compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits; - } -- compat->cookie = kop->cookie; -+ compat->cookie = ptr_to_compat(kop->cookie); - compat->curve_type = kop->curve_type; - } - -@@ -1405,8 +1405,8 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - ret = crypto_async_fetch_asym(pkc); - if (!ret) { - cookie_list.cookie_available++; -- cookie_list.cookie[i] = -- pkc->kop.kop.cookie; -+ cookie_list.cookie[i] = ptr_to_compat( -+ pkc->kop.kop.cookie); - } - kfree(pkc); - } else { --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch deleted file mode 100644 index a71cff49..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 1d10f06bef0f07980a08b387850c1daf1d3a8e87 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Tue, 2 Jun 2015 12:11:12 +0300 -Subject: [PATCH 19/20] fix size_t print format - - CC [M] crypto/../../cryptodev-linux/cryptlib.o -crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_cipher_init': -crypto/../../cryptodev-linux/cryptlib.c:146:5: warning: format '%u' expects argument of type 'unsigned int', but argument 6 has type 'size_t' [-Wformat=] - ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", - ^ -crypto/../../cryptodev-linux/cryptlib.c:173:3: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=] - ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); - ^ -crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_hash_init': -crypto/../../cryptodev-linux/cryptlib.c:340:4: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=] - ddebug(1, "Setting hmac key failed for %s-%u.", - ^ - -Signed-off-by: Tudor Ambarus -Change-Id: I67f2d79f68b4d62b598073c6a918a110523fadfd -Reviewed-on: http://git.am.freescale.net:8181/37443 -Reviewed-by: Cristian Stoica -Tested-by: Cristian Stoica ---- - cryptlib.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 5882a30..10f5e1a 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -143,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - if (alg->max_keysize > 0 && - unlikely((keylen < alg->min_keysize) || - (keylen > alg->max_keysize))) { -- ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", -+ ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.", - keylen, alg_name, alg->min_keysize, alg->max_keysize); - ret = -EINVAL; - goto error; -@@ -170,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - } - - if (unlikely(ret)) { -- ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); -+ ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8); - ret = -EINVAL; - goto error; - } -@@ -337,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, - if (hmac_mode != 0) { - ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen); - if (unlikely(ret)) { -- ddebug(1, "Setting hmac key failed for %s-%u.", -+ ddebug(1, "Setting hmac key failed for %s-%zu.", - alg_name, mackeylen*8); - ret = -EINVAL; - goto error; --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch deleted file mode 100644 index a97a2d4e..00000000 --- a/meta-fsl-ppc/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch +++ /dev/null @@ -1,38 +0,0 @@ -From be9f6a0dc90847dbb00307d23f47b8b3fc3ff130 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus -Date: Fri, 29 May 2015 15:49:22 +0300 -Subject: [PATCH 20/20] fix uninitialized variable compiler warning - -crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl': -crypto/../../cryptodev-linux/ioctl.c:1445:2: warning: 'ret' may be used uninitialized in this function [-Wmaybe-uninitialized] - return ret; - ^ - -Signed-off-by: Tudor Ambarus -Change-Id: Id5226fc97a3bb880ca6db86df58957122bbaa428 -Reviewed-on: http://git.am.freescale.net:8181/37441 -Reviewed-by: Cristian Stoica -Tested-by: Cristian Stoica ---- - ioctl.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/ioctl.c b/ioctl.c -index f3ce2f6..7cd3c56 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -1387,9 +1387,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - case COMPAT_CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; -- int i = 0; -+ int i; - struct compat_pkc_cookie_list_s cookie_list; - -+ ret = 0; - cookie_list.cookie_available = 0; - - for (i = 0; i < MAX_COOKIES; i++) { --- -2.3.5 - diff --git a/meta-fsl-ppc/recipes-kernel/ipc/ipc-modules-multi_git.bb b/meta-fsl-ppc/recipes-kernel/ipc/ipc-modules-multi_git.bb deleted file mode 100644 index e5dc1151..00000000 --- a/meta-fsl-ppc/recipes-kernel/ipc/ipc-modules-multi_git.bb +++ /dev/null @@ -1,11 +0,0 @@ -require ipc-modules.inc - -EXTRA_OEMAKE ="KERNEL_DIR=${STAGING_KERNEL_DIR} ${SOC}=1 CONFIG_MULTI_RAT=1" - -do_install(){ - install -d ${D}/usr/driver/IPC/multi_rat - install -m 755 ${S}/kernel/*.ko ${D}/usr/driver/IPC/multi_rat -} - -FILES_${PN} += "/usr/driver/IPC/multi_rat/*.ko" -FILES_${PN}-dbg += "/usr/driver/IPC/multi_rat/.debug" diff --git a/meta-fsl-ppc/recipes-kernel/ipc/ipc-modules-single_git.bb b/meta-fsl-ppc/recipes-kernel/ipc/ipc-modules-single_git.bb deleted file mode 100644 index 03817e0e..00000000 --- a/meta-fsl-ppc/recipes-kernel/ipc/ipc-modules-single_git.bb +++ /dev/null @@ -1,11 +0,0 @@ -require ipc-modules.inc - -EXTRA_OEMAKE ="KERNEL_DIR=${STAGING_KERNEL_DIR} ${SOC}=1" - -do_install(){ - install -d ${D}/usr/driver/IPC/single_rat - install -m 755 ${S}/kernel/*.ko ${D}/usr/driver/IPC/single_rat -} - -FILES_${PN} += "/usr/driver/IPC/single_rat/*.ko" -FILES_${PN}-dbg += "/usr/driver/IPC/single_rat/.debug" diff --git a/meta-fsl-ppc/recipes-kernel/ipc/ipc-modules.inc b/meta-fsl-ppc/recipes-kernel/ipc/ipc-modules.inc deleted file mode 100644 index 79ba7ef1..00000000 --- a/meta-fsl-ppc/recipes-kernel/ipc/ipc-modules.inc +++ /dev/null @@ -1,26 +0,0 @@ -SUMMARY = "Linux IPC KERNEL MODULE " -DESCRIPTION = "DSP boot application and ipc test application" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=fa38cd73d71527dc6efb546474f64d10" - -require recipes-bsp/ipc/ipc.inc - -inherit module qoriq_build_64bit_kernel - -S = "${WORKDIR}/git" - -do_configure[depends] += "virtual/kernel:do_shared_workdir" -do_configure_prepend() { - sed -i 's,$(KERNEL_DIR)/.config,$(KBUILD_OUTPUT)/.config,' ${S}/kernel/Makefile -} - -do_compile_prepend () { - cd ${S}/kernel - case ${MACHINE} in - bsc9132qds|bsc9131rdb) SOC=B913x;; - b4860qds|b4420qds) SOC=B4860;; - esac -} - -INHIBIT_PACKAGE_STRIP = "1" - diff --git a/meta-fsl-ppc/recipes-kernel/linux/files/modify-defconfig-t1040-nr-cpus.patch b/meta-fsl-ppc/recipes-kernel/linux/files/modify-defconfig-t1040-nr-cpus.patch deleted file mode 100644 index 7d109edb..00000000 --- a/meta-fsl-ppc/recipes-kernel/linux/files/modify-defconfig-t1040-nr-cpus.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 8545129540a5862b22aad03badb2a9f93bf29117 Mon Sep 17 00:00:00 2001 -From: Bob Cochran -Date: Mon, 3 Nov 2014 22:45:35 -0500 -Subject: [meta-fsl-ppc][PATCH] linux-qoriq: Change defconfig for T1040 to - match number of CPUS - -Having a number higher than necessary for NR_CPUS wastes memory by -instantiating unnecessary structures in RAM. An example is in the DPAA where -DPAA_ETH_TX_QUEUES is defined based on NR_CPUS and used to create -dozens of extra qman_fq structures. Using the prior value of 24, which was -left over from the T4240 created an additonal 60 frame queue structures alone. - -This has been tested on t1040rdb-64b. . - -Signed-off-by: Bob Cochran ---- - arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig b/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig -index a401e7c..5542248 100644 ---- a/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig -+++ b/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig -@@ -1,6 +1,6 @@ - CONFIG_PPC_85xx=y - CONFIG_SMP=y --CONFIG_NR_CPUS=8 -+CONFIG_NR_CPUS=4 - CONFIG_EXPERIMENTAL=y - CONFIG_SYSVIPC=y - CONFIG_POSIX_MQUEUE=y --- -1.7.9.5 diff --git a/meta-fsl-ppc/recipes-kernel/linux/files/net-sctp-CVE-2014-0101.patch b/meta-fsl-ppc/recipes-kernel/linux/files/net-sctp-CVE-2014-0101.patch deleted file mode 100644 index ddcb6c5d..00000000 --- a/meta-fsl-ppc/recipes-kernel/linux/files/net-sctp-CVE-2014-0101.patch +++ /dev/null @@ -1,145 +0,0 @@ -From 00c53b02cb01976b35d37670a4b5c5d7a6ad3c62 Mon Sep 17 00:00:00 2001 -From: Daniel Borkmann -Date: Mon, 3 Mar 2014 17:23:04 +0100 -Subject: [PATCH] net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is - AUTH capable - -[ Upstream commit ec0223ec48a90cb605244b45f7c62de856403729 ] - -RFC4895 introduced AUTH chunks for SCTP; during the SCTP -handshake RANDOM; CHUNKS; HMAC-ALGO are negotiated (CHUNKS -being optional though): - - ---------- INIT[RANDOM; CHUNKS; HMAC-ALGO] ----------> - <------- INIT-ACK[RANDOM; CHUNKS; HMAC-ALGO] --------- - -------------------- COOKIE-ECHO --------------------> - <-------------------- COOKIE-ACK --------------------- - -A special case is when an endpoint requires COOKIE-ECHO -chunks to be authenticated: - - ---------- INIT[RANDOM; CHUNKS; HMAC-ALGO] ----------> - <------- INIT-ACK[RANDOM; CHUNKS; HMAC-ALGO] --------- - ------------------ AUTH; COOKIE-ECHO ----------------> - <-------------------- COOKIE-ACK --------------------- - -RFC4895, section 6.3. Receiving Authenticated Chunks says: - - The receiver MUST use the HMAC algorithm indicated in - the HMAC Identifier field. If this algorithm was not - specified by the receiver in the HMAC-ALGO parameter in - the INIT or INIT-ACK chunk during association setup, the - AUTH chunk and all the chunks after it MUST be discarded - and an ERROR chunk SHOULD be sent with the error cause - defined in Section 4.1. [...] If no endpoint pair shared - key has been configured for that Shared Key Identifier, - all authenticated chunks MUST be silently discarded. [...] - - When an endpoint requires COOKIE-ECHO chunks to be - authenticated, some special procedures have to be followed - because the reception of a COOKIE-ECHO chunk might result - in the creation of an SCTP association. If a packet arrives - containing an AUTH chunk as a first chunk, a COOKIE-ECHO - chunk as the second chunk, and possibly more chunks after - them, and the receiver does not have an STCB for that - packet, then authentication is based on the contents of - the COOKIE-ECHO chunk. In this situation, the receiver MUST - authenticate the chunks in the packet by using the RANDOM - parameters, CHUNKS parameters and HMAC_ALGO parameters - obtained from the COOKIE-ECHO chunk, and possibly a local - shared secret as inputs to the authentication procedure - specified in Section 6.3. If authentication fails, then - the packet is discarded. If the authentication is successful, - the COOKIE-ECHO and all the chunks after the COOKIE-ECHO - MUST be processed. If the receiver has an STCB, it MUST - process the AUTH chunk as described above using the STCB - from the existing association to authenticate the - COOKIE-ECHO chunk and all the chunks after it. [...] - -Commit bbd0d59809f9 introduced the possibility to receive -and verification of AUTH chunk, including the edge case for -authenticated COOKIE-ECHO. On reception of COOKIE-ECHO, -the function sctp_sf_do_5_1D_ce() handles processing, -unpacks and creates a new association if it passed sanity -checks and also tests for authentication chunks being -present. After a new association has been processed, it -invokes sctp_process_init() on the new association and -walks through the parameter list it received from the INIT -chunk. It checks SCTP_PARAM_RANDOM, SCTP_PARAM_HMAC_ALGO -and SCTP_PARAM_CHUNKS, and copies them into asoc->peer -meta data (peer_random, peer_hmacs, peer_chunks) in case -sysctl -w net.sctp.auth_enable=1 is set. If in INIT's -SCTP_PARAM_SUPPORTED_EXT parameter SCTP_CID_AUTH is set, -peer_random != NULL and peer_hmacs != NULL the peer is to be -assumed asoc->peer.auth_capable=1, in any other case -asoc->peer.auth_capable=0. - -Now, if in sctp_sf_do_5_1D_ce() chunk->auth_chunk is -available, we set up a fake auth chunk and pass that on to -sctp_sf_authenticate(), which at latest in -sctp_auth_calculate_hmac() reliably dereferences a NULL pointer -at position 0..0008 when setting up the crypto key in -crypto_hash_setkey() by using asoc->asoc_shared_key that is -NULL as condition key_id == asoc->active_key_id is true if -the AUTH chunk was injected correctly from remote. This -happens no matter what net.sctp.auth_enable sysctl says. - -The fix is to check for net->sctp.auth_enable and for -asoc->peer.auth_capable before doing any operations like -sctp_sf_authenticate() as no key is activated in -sctp_auth_asoc_init_active_key() for each case. - -Now as RFC4895 section 6.3 states that if the used HMAC-ALGO -passed from the INIT chunk was not used in the AUTH chunk, we -SHOULD send an error; however in this case it would be better -to just silently discard such a maliciously prepared handshake -as we didn't even receive a parameter at all. Also, as our -endpoint has no shared key configured, section 6.3 says that -MUST silently discard, which we are doing from now onwards. - -Before calling sctp_sf_pdiscard(), we need not only to free -the association, but also the chunk->auth_chunk skb, as -commit bbd0d59809f9 created a skb clone in that case. - -I have tested this locally by using netfilter's nfqueue and -re-injecting packets into the local stack after maliciously -modifying the INIT chunk (removing RANDOM; HMAC-ALGO param) -and the SCTP packet containing the COOKIE_ECHO (injecting -AUTH chunk before COOKIE_ECHO). Fixed with this patch applied. - -This fixes CVE-2014-0101 -Upstream-Status: Backport - -Fixes: bbd0d59809f9 ("[SCTP]: Implement the receive and verification of AUTH chunk") -Signed-off-by: Daniel Borkmann -Cc: Vlad Yasevich -Cc: Neil Horman -Acked-by: Vlad Yasevich -Signed-off-by: David S. Miller -Signed-off-by: Jiri Slaby -Signed-off-by: Sona Sarmadi ---- - net/sctp/sm_statefuns.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c -index dfe3f36..56ebe71 100644 ---- a/net/sctp/sm_statefuns.c -+++ b/net/sctp/sm_statefuns.c -@@ -768,6 +768,13 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(struct net *net, - return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); - } - -+ /* Make sure that we and the peer are AUTH capable */ -+ if (!net->sctp.auth_enable || !new_asoc->peer.auth_capable) { -+ kfree_skb(chunk->auth_chunk); -+ sctp_association_free(new_asoc); -+ return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); -+ } -+ - /* set-up our fake chunk so that we can process it */ - auth.skb = chunk->auth_chunk; - auth.asoc = chunk->asoc; --- -1.9.1 - diff --git a/meta-fsl-ppc/recipes-kernel/linux/linux-qoriq.inc b/meta-fsl-ppc/recipes-kernel/linux/linux-qoriq.inc deleted file mode 100644 index a832b46a..00000000 --- a/meta-fsl-ppc/recipes-kernel/linux/linux-qoriq.inc +++ /dev/null @@ -1,46 +0,0 @@ -inherit kernel qoriq_build_64bit_kernel -require recipes-kernel/linux/linux-dtb.inc - -DESCRIPTION = "Linux kernel for Freescale platforms" -SECTION = "kernel" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=d7810fab7487fb0aad327b76f1be7cd7" - -KSRC ?= "" -S = '${@base_conditional("KSRC", "", "${WORKDIR}/git", "${KSRC}", d)}' - -DEPENDS_append = " libgcc" -KERNEL_CC_append = " ${TOOLCHAIN_OPTIONS}" -KERNEL_LD_append = " ${TOOLCHAIN_OPTIONS}" - -SCMVERSION ?= "y" -DELTA_KERNEL_DEFCONFIG ?= "" -do_configure_prepend() { - # copy desired defconfig so we pick it up for the real kernel_do_configure - cp ${KERNEL_DEFCONFIG} ${B}/.config - - # add config fragments - for deltacfg in ${DELTA_KERNEL_DEFCONFIG}; do - if [ -f "${deltacfg}" ]; then - ${S}/scripts/kconfig/merge_config.sh -m .config ${deltacfg} - elif [ -f "${S}/arch/powerpc/configs/${deltacfg}" ]; then - ${S}/scripts/kconfig/merge_config.sh -m .config \ - ${S}/arch/powerpc/configs/${deltacfg} - fi - done - - #add git revision to the local version - if [ "${SCMVERSION}" = "y" ]; then - # append sdk version if SDK_VERSION is defined - sdkversion='' - if [ -n "${SDK_VERSION}" ]; then - sdkversion="-${SDK_VERSION}" - fi - head=`git --git-dir=${S}/.git rev-parse --verify --short HEAD 2> /dev/null` - printf "%s%s%s" $sdkversion +g $head > ${B}/.scmversion - fi -} - -# make everything compatible for the time being -COMPATIBLE_MACHINE_$MACHINE = "$MACHINE" - diff --git a/meta-fsl-ppc/recipes-kernel/linux/linux-qoriq_3.12.bb b/meta-fsl-ppc/recipes-kernel/linux/linux-qoriq_3.12.bb deleted file mode 100644 index 3e0ab954..00000000 --- a/meta-fsl-ppc/recipes-kernel/linux/linux-qoriq_3.12.bb +++ /dev/null @@ -1,7 +0,0 @@ -require recipes-kernel/linux/linux-qoriq.inc - -SRC_URI = "git://git.freescale.com/ppc/sdk/linux.git;nobranch=1 \ - file://modify-defconfig-t1040-nr-cpus.patch \ - file://net-sctp-CVE-2014-0101.patch \ -" -SRCREV = "f488de6741d5ba805b9fe813d2ddf32368d3a888" diff --git a/meta-fsl-ppc/recipes-kernel/lttng/lttng-modules_%.bbappend b/meta-fsl-ppc/recipes-kernel/lttng/lttng-modules_%.bbappend deleted file mode 100644 index 5ff765d4..00000000 --- a/meta-fsl-ppc/recipes-kernel/lttng/lttng-modules_%.bbappend +++ /dev/null @@ -1,2 +0,0 @@ -inherit qoriq_build_64bit_kernel - diff --git a/meta-fsl-ppc/recipes-kernel/pkc-host/pkc-host_git.bb b/meta-fsl-ppc/recipes-kernel/pkc-host/pkc-host_git.bb deleted file mode 100644 index 2609adb7..00000000 --- a/meta-fsl-ppc/recipes-kernel/pkc-host/pkc-host_git.bb +++ /dev/null @@ -1,35 +0,0 @@ -DESCRIPTION = "pkc host driver" -SECTION = "pkc-host" -LICENSE = "BSD & GPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=99803d8e9a595c0bdb45ca710f353813" - -inherit module qoriq_build_64bit_kernel -RDEPENDS_${PN} += "cryptodev-module bc" - -# Currently pkc-host does not support RSA_KEYGEN, remove this -# if it is fixed. -REQUIRED_DISTRO_FEATURES = "c29x_pkc" - -SRC_URI = "git://git.freescale.com/ppc/sdk/pkc-host.git;nobranch=1" -SRCREV = "564f535d596f43eb2901a7ff77bbe529a118c16e" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"' - -do_install() { - oe_runmake INSTALL_MOD_PATH="${D}" modules_install - install -d ${D}/etc/crypto - install -d ${D}/${bindir} - cp ${S}/crypto.cfg ${D}/etc/crypto - cp ${S}/images/pkc-firmware.bin ${D}/etc/crypto - cp ${S}/apps/cli/cli ${D}/${bindir} - cp ${S}/perf/c29x_driver_perf_profile.sh ${D}/${bindir} -} - - -FILES_${PN} = "${bindir}/cli \ - ${bindir}/c29x_driver_perf_profile.sh \ - /etc/crypto/crypto.cfg \ - /etc/crypto/pkc-firmware.bin \ -" diff --git a/meta-fsl-ppc/recipes-kernel/qoriq-debug/qoriq-debug_git.bb b/meta-fsl-ppc/recipes-kernel/qoriq-debug/qoriq-debug_git.bb deleted file mode 100644 index c08f057f..00000000 --- a/meta-fsl-ppc/recipes-kernel/qoriq-debug/qoriq-debug_git.bb +++ /dev/null @@ -1,15 +0,0 @@ -DESCRIPTION = "QorIQ Debug File System Module" -SECTION = "qoriq-debug" -LICENSE = "GPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=e29234dd5d40dc352cc60cc0c93437ba" - -inherit module autotools-brokensep qoriq_build_64bit_kernel - -SRC_URI = "git://git.freescale.com/ppc/sdk/qoriq-debug.git;nobranch=1" -SRCREV = "20615c1ea332102635f8314cee5787c48c1a4254" - -S = "${WORKDIR}/git" - -EXTRA_OECONF += "--with-linux=${STAGING_KERNEL_DIR}" -EXTRA_OEMAKE += 'SYSROOT="${D}"' - diff --git a/meta-fsl-ppc/recipes-kernel/skmm-host/skmm-host_git.bb b/meta-fsl-ppc/recipes-kernel/skmm-host/skmm-host_git.bb deleted file mode 100644 index e3d6dbee..00000000 --- a/meta-fsl-ppc/recipes-kernel/skmm-host/skmm-host_git.bb +++ /dev/null @@ -1,15 +0,0 @@ -DESCRIPTION = "skmm host driver offload data to PCIe EP and push the data en-decrypted back to application" -SECTION = "c293-skmm-host" -LICENSE = "BSD & GPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=99803d8e9a595c0bdb45ca710f353813" - -inherit module qoriq_build_64bit_kernel - -SRC_URI = "git://git.freescale.com/ppc/sdk/skmm-host.git;nobranch=1" -SRCREV = "a655c571a92f4a5d6ced09869c2f17609ee47361" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"' - -FILES_${PN} += "/etc/skmm/ /usr/bin/" diff --git a/meta-fsl-ppc/recipes-kernel/uio-seville/uio-seville_0.1.bb b/meta-fsl-ppc/recipes-kernel/uio-seville/uio-seville_0.1.bb deleted file mode 100755 index 7ca4c8fd..00000000 --- a/meta-fsl-ppc/recipes-kernel/uio-seville/uio-seville_0.1.bb +++ /dev/null @@ -1,14 +0,0 @@ -DESCRIPTION = "UIO driver for T1040 L2 Switch" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e" - -SRC_URI = "git://git.freescale.com/ppc/sdk/l2switch-uio.git;branch=master" -SRCREV = "80de8322d0ab8c28f5dfbe3cde8759a1efbe06c9" - -inherit module - -S = "${WORKDIR}/git/uio-driver" - -COMPATIBLE_MACHINE ?= "(none)" -COMPATIBLE_MACHINE_t1040 = ".*" -COMPATIBLE_MACHINE_t1042 = ".*" diff --git a/meta-fsl-ppc/recipes-virtualization/hv-cfg/hv-cfg_git.bb b/meta-fsl-ppc/recipes-virtualization/hv-cfg/hv-cfg_git.bb deleted file mode 100644 index e4f18e07..00000000 --- a/meta-fsl-ppc/recipes-virtualization/hv-cfg/hv-cfg_git.bb +++ /dev/null @@ -1,52 +0,0 @@ -DESCRIPTION = "Hypervisor Config" -SECTION = "hv-cfg" -LICENSE = "BSD" -PR = "r6" - -LIC_FILES_CHKSUM = " \ - file://p2041rdb/LICENSE;md5=96dd72f26e9bb861de5c76c60e35e1bc \ - file://p3041ds/LICENSE;md5=96dd72f26e9bb861de5c76c60e35e1bc \ - file://p4080ds/LICENSE;md5=96dd72f26e9bb861de5c76c60e35e1bc \ - file://p5020ds/LICENSE;md5=96dd72f26e9bb861de5c76c60e35e1bc \ -" - -DEPENDS += "dtc-native" - -# this package is specific to the machine itself -INHIBIT_DEFAULT_DEPS = "1" -PACKAGE_ARCH = "${MACHINE_ARCH}" - -inherit deploy - -SRC_URI = "git://git.freescale.com/ppc/sdk/hv-cfg.git;nobranch=1" -SRCREV = "b9287b07390d17bfba936a806a72b91b89507c22" - -S = "${WORKDIR}/git" - -do_install () { - make install - - M=`echo ${MACHINE} | sed s/-64b//g` - if [ "t1042d4rdb" = "${M}" ] || [ "t1040d4rdb" = "${M}" ];then - M=t1040rdb - fi - install -d ${D}/boot/hv-cfg - cp -r ${S}/${M}/${M}/* ${D}/boot/hv-cfg -} - -do_deploy () { - M=`echo ${MACHINE} | sed s/-64b//g` - if [ "t1042d4rdb" = "${M}" ] || [ "t1040d4rdb" = "${M}" ];then - M=t1040rdb - fi - install -d ${DEPLOYDIR}/hv-cfg - cp -r ${S}/${M}/${M}/* ${DEPLOYDIR}/hv-cfg -} -addtask deploy after do_install - -PACKAGES += "${PN}-image" -FILES_${PN}-image += "/boot" - -COMPATIBLE_HOST_qoriq-ppc = ".*" -COMPATIBLE_HOST ?= "(none)" -ALLOW_EMPTY_${PN} = "1" diff --git a/meta-fsl-ppc/recipes-virtualization/hypervisor/files/81-fsl-embedded-hv.rules b/meta-fsl-ppc/recipes-virtualization/hypervisor/files/81-fsl-embedded-hv.rules deleted file mode 100644 index 5edfa113..00000000 --- a/meta-fsl-ppc/recipes-virtualization/hypervisor/files/81-fsl-embedded-hv.rules +++ /dev/null @@ -1,2 +0,0 @@ -# Add rule to handle setting up device node for FSL HV mgmt driver -SUBSYSTEM=="misc", KERNEL=="fsl-hv", NAME="fsl-hv" diff --git a/meta-fsl-ppc/recipes-virtualization/hypervisor/hypervisor_git.bb b/meta-fsl-ppc/recipes-virtualization/hypervisor/hypervisor_git.bb deleted file mode 100644 index 80ba635f..00000000 --- a/meta-fsl-ppc/recipes-virtualization/hypervisor/hypervisor_git.bb +++ /dev/null @@ -1,94 +0,0 @@ -DESCRIPTION = "Freescale embedded hypervisor" -SECTION = "embedded-hv" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://README;endline=22;md5=0655bbc3b7d7166c30c87208b4e23cf0" - -PR = "r3" - -DEPENDS = "u-boot-mkimage-native" - -inherit deploy - -# TODO: fix dtc to use the already built package -SRC_URI = " \ - git://git.freescale.com/ppc/sdk/hypervisor/hypervisor.git;name=hypervisor;nobranch=1 \ - git://git.freescale.com/ppc/sdk/hypervisor/kconfig.git;name=kconfig;destsuffix=git/kconfig;nobranch=1 \ - git://git.freescale.com/ppc/sdk/hypervisor/libos.git;name=libos;destsuffix=git/libos;nobranch=1 \ - git://git.kernel.org/pub/scm/utils/dtc/dtc.git;name=dtc;destsuffix=dtc \ - git://git.freescale.com/ppc/sdk/hypertrk.git;name=hypertrk;destsuffix=git/hypertrk;nobranch=1 \ - file://81-fsl-embedded-hv.rules \ - " - -SRCREV_FORMAT="hypervisor" -SRCREV = "e17b3ecbbdadebf7e31ba21134b689334da74e10" -SRCREV_kconfig = "a56025d4da992b856796b0eccac2e410d751dbac" -SRCREV_libos = "2ff7649c8047dd0d2143acb4743c53e6e6ba4878" -SRCREV_dtc = "a6d55e039fd22048687fe061b4609e2807efe764" -SRCREV_hypertrk = "975c98b562186afbd3bbf103ae54b96cf9b3e533" - -S = "${WORKDIR}/git" - -OUTPUT ?= "output32" -OUTPUT_powerpc64 = "output64" - -EXTRA_OEMAKE = 'CROSS_COMPILE=${TARGET_PREFIX} CC="${TARGET_PREFIX}gcc ${TOOLCHAIN_OPTIONS}" O="${OUTPUT}"' - -DEFCONFIG = "defconfig" -DEFCONFIG_powerpc64 = "64bit_defconfig" - -COMPATIBLE_HOST_qoriq-ppc = ".*" -COMPATIBLE_HOST ?= "(none)" - -inherit cml1 -do_configure () { - oe_runmake ${DEFCONFIG} -} - -PKG_HV_HYPERTRK_SUPPORT = "n" -do_compile () { - if [ "${PKG_HV_HYPERTRK_SUPPORT}" = "y" ] - then - oe_runmake silentoldconfig - export HV_DIR=$PWD - cd hypertrk - oe_runmake deploy - cd .. - fi - - oe_runmake - oe_runmake partman -} - -do_install () { - install -d ${D}/${bindir} - install ${B}/${OUTPUT}/bin/linux/partman ${D}/${bindir}/partman - - install -d ${D}${sysconfdir}/udev/rules.d - install -m 0644 ${WORKDIR}/81-fsl-embedded-hv.rules ${D}${sysconfdir}/udev/rules.d - - install -d ${D}/boot/hv - install ${B}/${OUTPUT}/.config ${D}/boot/hv/hypervisor.config - install -m 644 ${B}/${OUTPUT}/bin/hv ${B}/${OUTPUT}/bin/hv.map \ - ${B}/${OUTPUT}/bin/hv.uImage ${B}/${OUTPUT}/bin/hv.bin \ - ${D}/boot/hv/ -} - -do_deploy () { - install -d ${DEPLOYDIR}/hv/ - install ${B}/${OUTPUT}/.config ${DEPLOYDIR}/hv/hypervisor.config - install -m 644 ${B}/${OUTPUT}/bin/hv ${B}/${OUTPUT}/bin/hv.map \ - ${B}/${OUTPUT}/bin/hv.uImage ${B}/${OUTPUT}/bin/hv.bin \ - ${DEPLOYDIR}/hv/ -} -addtask deploy before do_build after do_install - -do_deploy_append() { - rm -f ${B}/../hv -} - -INSANE_SKIP_${PN} = 'already-stripped' -INHIBIT_PACKAGE_DEBUG_SPLIT = "1" -ALLOW_EMPTY_${PN} = "1" -PACKAGES_prepend = "${PN}-image ${PN}-partman " -FILES_${PN}-image = "/boot/" -FILES_${PN}-partman = "${bindir}/partman" diff --git a/meta-fsl-ppc/recipes-virtualization/mux-server/mux-server_1.02.bb b/meta-fsl-ppc/recipes-virtualization/mux-server/mux-server_1.02.bb deleted file mode 100644 index 744a84c2..00000000 --- a/meta-fsl-ppc/recipes-virtualization/mux-server/mux-server_1.02.bb +++ /dev/null @@ -1,27 +0,0 @@ -DESCRIPTION = "A Linux-based utility supporting console multiplexing and demultiplexing" -SECTION = "mux-server" -LICENSE = "LGPL-2.1" -LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" - -SRC_URI = "git://git.freescale.com/ppc/sdk/hypervisor/mux_server.git;branch=master" -SRCREV = "3e4c6a44a81bb5cf2996830e8034d26850f80efc" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE='HOSTCC="${CC}"' - -inherit deploy - -do_install () { - install -d ${D}${bindir} - install -m 755 mux_server ${D}${bindir} -} - -do_deploy() { - install -d ${DEPLOYDIR}/hv - install -m 755 mux_server ${DEPLOYDIR}/hv/mux_server-${PKGV}-${PKGR} - ln -sf mux_server-${PKGV}-${PKGR} ${DEPLOYDIR}/hv/mux_server -} -addtask deploy after do_install - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-fsl-ppc/virtualization-layer/recipes-extended/libvirt/libvirt/qoriq-ppc/qemu.conf b/meta-fsl-ppc/virtualization-layer/recipes-extended/libvirt/libvirt/qoriq-ppc/qemu.conf deleted file mode 100644 index cc22fa13..00000000 --- a/meta-fsl-ppc/virtualization-layer/recipes-extended/libvirt/libvirt/qoriq-ppc/qemu.conf +++ /dev/null @@ -1,465 +0,0 @@ -# Master configuration file for the QEMU driver. -# All settings described here are optional - if omitted, sensible -# defaults are used. - -# VNC is configured to listen on 127.0.0.1 by default. -# To make it listen on all public interfaces, uncomment -# this next option. -# -# NB, strong recommendation to enable TLS + x509 certificate -# verification when allowing public access -# -#vnc_listen = "0.0.0.0" - -# Enable this option to have VNC served over an automatically created -# unix socket. This prevents unprivileged access from users on the -# host machine, though most VNC clients do not support it. -# -# This will only be enabled for VNC configurations that do not have -# a hardcoded 'listen' or 'socket' value. This setting takes preference -# over vnc_listen. -# -#vnc_auto_unix_socket = 1 - -# Enable use of TLS encryption on the VNC server. This requires -# a VNC client which supports the VeNCrypt protocol extension. -# Examples include vinagre, virt-viewer, virt-manager and vencrypt -# itself. UltraVNC, RealVNC, TightVNC do not support this -# -# It is necessary to setup CA and issue a server certificate -# before enabling this. -# -#vnc_tls = 1 - - -# Use of TLS requires that x509 certificates be issued. The -# default it to keep them in /etc/pki/libvirt-vnc. This directory -# must contain -# -# ca-cert.pem - the CA master certificate -# server-cert.pem - the server certificate signed with ca-cert.pem -# server-key.pem - the server private key -# -# This option allows the certificate directory to be changed -# -#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc" - - -# The default TLS configuration only uses certificates for the server -# allowing the client to verify the server's identity and establish -# an encrypted channel. -# -# It is possible to use x509 certificates for authentication too, by -# issuing a x509 certificate to every client who needs to connect. -# -# Enabling this option will reject any client who does not have a -# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem -# -#vnc_tls_x509_verify = 1 - - -# The default VNC password. Only 8 letters are significant for -# VNC passwords. This parameter is only used if the per-domain -# XML config does not already provide a password. To allow -# access without passwords, leave this commented out. An empty -# string will still enable passwords, but be rejected by QEMU, -# effectively preventing any use of VNC. Obviously change this -# example here before you set this. -# -#vnc_password = "XYZ12345" - - -# Enable use of SASL encryption on the VNC server. This requires -# a VNC client which supports the SASL protocol extension. -# Examples include vinagre, virt-viewer and virt-manager -# itself. UltraVNC, RealVNC, TightVNC do not support this -# -# It is necessary to configure /etc/sasl2/qemu.conf to choose -# the desired SASL plugin (eg, GSSPI for Kerberos) -# -#vnc_sasl = 1 - - -# The default SASL configuration file is located in /etc/sasl2/ -# When running libvirtd unprivileged, it may be desirable to -# override the configs in this location. Set this parameter to -# point to the directory, and create a qemu.conf in that location -# -#vnc_sasl_dir = "/some/directory/sasl2" - - -# QEMU implements an extension for providing audio over a VNC connection, -# though if your VNC client does not support it, your only chance for getting -# sound output is through regular audio backends. By default, libvirt will -# disable all QEMU sound backends if using VNC, since they can cause -# permissions issues. Enabling this option will make libvirtd honor the -# QEMU_AUDIO_DRV environment variable when using VNC. -# -#vnc_allow_host_audio = 0 - - - -# SPICE is configured to listen on 127.0.0.1 by default. -# To make it listen on all public interfaces, uncomment -# this next option. -# -# NB, strong recommendation to enable TLS + x509 certificate -# verification when allowing public access -# -#spice_listen = "0.0.0.0" - - -# Enable use of TLS encryption on the SPICE server. -# -# It is necessary to setup CA and issue a server certificate -# before enabling this. -# -#spice_tls = 1 - - -# Use of TLS requires that x509 certificates be issued. The -# default it to keep them in /etc/pki/libvirt-spice. This directory -# must contain -# -# ca-cert.pem - the CA master certificate -# server-cert.pem - the server certificate signed with ca-cert.pem -# server-key.pem - the server private key -# -# This option allows the certificate directory to be changed. -# -#spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice" - - -# The default SPICE password. This parameter is only used if the -# per-domain XML config does not already provide a password. To -# allow access without passwords, leave this commented out. An -# empty string will still enable passwords, but be rejected by -# QEMU, effectively preventing any use of SPICE. Obviously change -# this example here before you set this. -# -#spice_password = "XYZ12345" - - -# Enable use of SASL encryption on the SPICE server. This requires -# a SPICE client which supports the SASL protocol extension. -# -# It is necessary to configure /etc/sasl2/qemu.conf to choose -# the desired SASL plugin (eg, GSSPI for Kerberos) -# -#spice_sasl = 1 - -# The default SASL configuration file is located in /etc/sasl2/ -# When running libvirtd unprivileged, it may be desirable to -# override the configs in this location. Set this parameter to -# point to the directory, and create a qemu.conf in that location -# -#spice_sasl_dir = "/some/directory/sasl2" - - -# By default, if no graphical front end is configured, libvirt will disable -# QEMU audio output since directly talking to alsa/pulseaudio may not work -# with various security settings. If you know what you're doing, enable -# the setting below and libvirt will passthrough the QEMU_AUDIO_DRV -# environment variable when using nographics. -# -#nographics_allow_host_audio = 1 - - -# Override the port for creating both VNC and SPICE sessions (min). -# This defaults to 5900 and increases for consecutive sessions -# or when ports are occupied, until it hits the maximum. -# -# Minimum must be greater than or equal to 5900 as lower number would -# result into negative vnc display number. -# -# Maximum must be less than 65536, because higher numbers do not make -# sense as a port number. -# -#remote_display_port_min = 5900 -#remote_display_port_max = 65535 - -# VNC WebSocket port policies, same rules apply as with remote display -# ports. VNC WebSockets use similar display <-> port mappings, with -# the exception being that ports starts from 5700 instead of 5900. -# -#remote_websocket_port_min = 5700 -#remote_websocket_port_max = 65535 - -# The default security driver is SELinux. If SELinux is disabled -# on the host, then the security driver will automatically disable -# itself. If you wish to disable QEMU SELinux security driver while -# leaving SELinux enabled for the host in general, then set this -# to 'none' instead. It's also possible to use more than one security -# driver at the same time, for this use a list of names separated by -# comma and delimited by square brackets. For example: -# -# security_driver = [ "selinux", "apparmor" ] -# -# Notes: The DAC security driver is always enabled; as a result, the -# value of security_driver cannot contain "dac". The value "none" is -# a special value; security_driver can be set to that value in -# isolation, but it cannot appear in a list of drivers. -# -#security_driver = "selinux" - -# If set to non-zero, then the default security labeling -# will make guests confined. If set to zero, then guests -# will be unconfined by default. Defaults to 1. -#security_default_confined = 1 - -# If set to non-zero, then attempts to create unconfined -# guests will be blocked. Defaults to 0. -#security_require_confined = 1 - -# The user for QEMU processes run by the system instance. It can be -# specified as a user name or as a user id. The qemu driver will try to -# parse this value first as a name and then, if the name doesn't exist, -# as a user id. -# -# Since a sequence of digits is a valid user name, a leading plus sign -# can be used to ensure that a user id will not be interpreted as a user -# name. -# -# Some examples of valid values are: -# -# user = "qemu" # A user named "qemu" -# user = "+0" # Super user (uid=0) -# user = "100" # A user named "100" or a user with uid=100 -# -#user = "root" - -# The group for QEMU processes run by the system instance. It can be -# specified in a similar way to user. -#group = "root" - -# Whether libvirt should dynamically change file ownership -# to match the configured user/group above. Defaults to 1. -# Set to 0 to disable file ownership changes. -#dynamic_ownership = 1 - - -# What cgroup controllers to make use of with QEMU guests -# -# - 'cpu' - use for schedular tunables -# - 'devices' - use for device whitelisting -# - 'memory' - use for memory tunables -# - 'blkio' - use for block devices I/O tunables -# - 'cpuset' - use for CPUs and memory nodes -# - 'cpuacct' - use for CPUs statistics. -# -# NB, even if configured here, they won't be used unless -# the administrator has mounted cgroups, e.g.: -# -# mkdir /dev/cgroup -# mount -t cgroup -o devices,cpu,memory,blkio,cpuset none /dev/cgroup -# -# They can be mounted anywhere, and different controllers -# can be mounted in different locations. libvirt will detect -# where they are located. -# -#cgroup_controllers = [ "cpu", "devices", "memory", "blkio", "cpuset", "cpuacct" ] - -# This is the basic set of devices allowed / required by -# all virtual machines. -# -# As well as this, any configured block backed disks, -# all sound device, and all PTY devices are allowed. -# -# This will only need setting if newer QEMU suddenly -# wants some device we don't already know about. -# -cgroup_device_acl = [ - "/dev/null", "/dev/full", "/dev/zero", - "/dev/random", "/dev/urandom", - "/dev/ptmx", "/dev/kvm", "/dev/kqemu", - "/dev/rtc", "/dev/hpet", "/dev/vfio/vfio", "/dev/net/tun" -] - - -# The default format for Qemu/KVM guest save images is raw; that is, the -# memory from the domain is dumped out directly to a file. If you have -# guests with a large amount of memory, however, this can take up quite -# a bit of space. If you would like to compress the images while they -# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz" -# for save_image_format. Note that this means you slow down the process of -# saving a domain in order to save disk space; the list above is in descending -# order by performance and ascending order by compression ratio. -# -# save_image_format is used when you use 'virsh save' or 'virsh managedsave' -# at scheduled saving, and it is an error if the specified save_image_format -# is not valid, or the requested compression program can't be found. -# -# dump_image_format is used when you use 'virsh dump' at emergency -# crashdump, and if the specified dump_image_format is not valid, or -# the requested compression program can't be found, this falls -# back to "raw" compression. -# -# snapshot_image_format specifies the compression algorithm of the memory save -# image when an external snapshot of a domain is taken. This does not apply -# on disk image format. It is an error if the specified format isn't valid, -# or the requested compression program can't be found. -# -#save_image_format = "raw" -#dump_image_format = "raw" -#snapshot_image_format = "raw" - -# When a domain is configured to be auto-dumped when libvirtd receives a -# watchdog event from qemu guest, libvirtd will save dump files in directory -# specified by auto_dump_path. Default value is /var/lib/libvirt/qemu/dump -# -#auto_dump_path = "/var/lib/libvirt/qemu/dump" - -# When a domain is configured to be auto-dumped, enabling this flag -# has the same effect as using the VIR_DUMP_BYPASS_CACHE flag with the -# virDomainCoreDump API. That is, the system will avoid using the -# file system cache while writing the dump file, but may cause -# slower operation. -# -#auto_dump_bypass_cache = 0 - -# When a domain is configured to be auto-started, enabling this flag -# has the same effect as using the VIR_DOMAIN_START_BYPASS_CACHE flag -# with the virDomainCreateWithFlags API. That is, the system will -# avoid using the file system cache when restoring any managed state -# file, but may cause slower operation. -# -#auto_start_bypass_cache = 0 - -# If provided by the host and a hugetlbfs mount point is configured, -# a guest may request huge page backing. When this mount point is -# unspecified here, determination of a host mount point in /proc/mounts -# will be attempted. Specifying an explicit mount overrides detection -# of the same in /proc/mounts. Setting the mount point to "" will -# disable guest hugepage backing. -# -# NB, within this mount point, guests will create memory backing files -# in a location of $MOUNTPOINT/libvirt/qemu -# -#hugetlbfs_mount = "/dev/hugepages" - - -# Path to the setuid helper for creating tap devices. This executable -# is used to create interfaces when libvirtd is -# running unprivileged. libvirt invokes the helper directly, instead -# of using "-netdev bridge", for security reasons. -#bridge_helper = "/usr/libexec/qemu-bridge-helper" - - - -# If clear_emulator_capabilities is enabled, libvirt will drop all -# privileged capabilities of the QEmu/KVM emulator. This is enabled by -# default. -# -# Warning: Disabling this option means that a compromised guest can -# exploit the privileges and possibly do damage to the host. -# -#clear_emulator_capabilities = 1 - - -# If enabled, libvirt will have QEMU set its process name to -# "qemu:VM_NAME", where VM_NAME is the name of the VM. The QEMU -# process will appear as "qemu:VM_NAME" in process listings and -# other system monitoring tools. By default, QEMU does not set -# its process title, so the complete QEMU command (emulator and -# its arguments) appear in process listings. -# -#set_process_name = 1 - - -# If max_processes is set to a positive integer, libvirt will use -# it to set the maximum number of processes that can be run by qemu -# user. This can be used to override default value set by host OS. -# The same applies to max_files which sets the limit on the maximum -# number of opened files. -# -#max_processes = 0 -#max_files = 0 - - - -# mac_filter enables MAC addressed based filtering on bridge ports. -# This currently requires ebtables to be installed. -# -#mac_filter = 1 - - -# By default, PCI devices below non-ACS switch are not allowed to be assigned -# to guests. By setting relaxed_acs_check to 1 such devices will be allowed to -# be assigned to guests. -# -#relaxed_acs_check = 1 - - -# If allow_disk_format_probing is enabled, libvirt will probe disk -# images to attempt to identify their format, when not otherwise -# specified in the XML. This is disabled by default. -# -# WARNING: Enabling probing is a security hole in almost all -# deployments. It is strongly recommended that users update their -# guest XML elements to include -# elements instead of enabling this option. -# -#allow_disk_format_probing = 1 - - -# To enable 'Sanlock' project based locking of the file -# content (to prevent two VMs writing to the same -# disk), uncomment this -# -#lock_manager = "sanlock" - - - -# Set limit of maximum APIs queued on one domain. All other APIs -# over this threshold will fail on acquiring job lock. Specially, -# setting to zero turns this feature off. -# Note, that job lock is per domain. -# -#max_queued = 0 - -################################################################### -# Keepalive protocol: -# This allows qemu driver to detect broken connections to remote -# libvirtd during peer-to-peer migration. A keepalive message is -# sent to the deamon after keepalive_interval seconds of inactivity -# to check if the deamon is still responding; keepalive_count is a -# maximum number of keepalive messages that are allowed to be sent -# to the deamon without getting any response before the connection -# is considered broken. In other words, the connection is -# automatically closed approximately after -# keepalive_interval * (keepalive_count + 1) seconds since the last -# message received from the deamon. If keepalive_interval is set to -# -1, qemu driver will not send keepalive requests during -# peer-to-peer migration; however, the remote libvirtd can still -# send them and source libvirtd will send responses. When -# keepalive_count is set to 0, connections will be automatically -# closed after keepalive_interval seconds of inactivity without -# sending any keepalive messages. -# -#keepalive_interval = 5 -#keepalive_count = 5 - - - -# Use seccomp syscall whitelisting in QEMU. -# 1 = on, 0 = off, -1 = use QEMU default -# Defaults to -1. -# -#seccomp_sandbox = 1 - - - -# Override the listen address for all incoming migrations. Defaults to -# 0.0.0.0 or :: in case if both host and qemu are capable of IPv6. -#migration_address = "127.0.0.1" - - -# Override the port range used for incoming migrations. -# -# Minimum must be greater than 0, however when QEMU is not running as root, -# setting the minimum to be lower than 1024 will not work. -# -# Maximum must not be greater than 65535. -# -#migration_port_min = 49152 -#migration_port_max = 49215 diff --git a/meta-fsl-ppc/virtualization-layer/recipes-extended/libvirt/libvirt_%.bbappend b/meta-fsl-ppc/virtualization-layer/recipes-extended/libvirt/libvirt_%.bbappend deleted file mode 100644 index c7e6d32e..00000000 --- a/meta-fsl-ppc/virtualization-layer/recipes-extended/libvirt/libvirt_%.bbappend +++ /dev/null @@ -1,9 +0,0 @@ -PACKAGECONFIG_qoriq-ppc = "qemu yajl lxc test remote macvtap libvirtd netcf udev python" - -FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:" -SRC_URI_append_qoriq-ppc = " file://qemu.conf" - -do_install_append_qoriq-ppc() { - install -m 0644 ${WORKDIR}/qemu.conf ${D}${sysconfdir}/libvirt/qemu.conf -} - diff --git a/recipes-bsp/apptrk/apptrk_git.bb b/recipes-bsp/apptrk/apptrk_git.bb index 4453cf87..1d251070 100644 --- a/recipes-bsp/apptrk/apptrk_git.bb +++ b/recipes-bsp/apptrk/apptrk_git.bb @@ -18,6 +18,7 @@ S = "${WORKDIR}/git" EXTRA_OEMAKE = "" CFLAGS += " -I${STAGING_INCDIR}" +CFLAGS_append_powerpc64 = " -DENABLE_64BIT_SUPPORT" do_install() { oe_runmake install DESTDIR=${D} diff --git a/recipes-bsp/boot-format/boot-format/flags.patch b/recipes-bsp/boot-format/boot-format/flags.patch new file mode 100644 index 00000000..cddb34cd --- /dev/null +++ b/recipes-bsp/boot-format/boot-format/flags.patch @@ -0,0 +1,21 @@ +Index: git/Makefile +=================================================================== +--- git.orig/Makefile ++++ git/Makefile +@@ -3,14 +3,14 @@ + INSTALL=install + PREFIX=/usr + +-CFLAGS=-Wall ++override CFLAGS+=-Wall + + all: boot_format + + boot_format.o: boot_format.c boot_format.h + + boot_format: boot_format.o +- $(CC) $< -o $@ ++ $(CC) $(CFLAGS) $< -o $@ $(LDFLAGS) + + install: boot_format + $(INSTALL) -d $(DESTDIR)$(PREFIX)/bin diff --git a/recipes-bsp/boot-format/boot-format_git.bb b/recipes-bsp/boot-format/boot-format_git.bb new file mode 100644 index 00000000..2d9f9b1d --- /dev/null +++ b/recipes-bsp/boot-format/boot-format_git.bb @@ -0,0 +1,20 @@ +DESCRIPTION = "Boot format utility for booting from eSDHC/eSPI" +LICENSE = "GPLv2" +PR = "r6" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" + +SRC_URI = "git://git.freescale.com/ppc/sdk/boot-format.git;nobranch=1 \ + file://flags.patch" +SRCREV = "4eb81a6797ef4e58bf7d9b2d58afb37a21c1f550" + +S = "${WORKDIR}/git" +EXTRA_OEMAKE = 'CC="${CC}" CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}"' + +do_install(){ + oe_runmake DESTDIR=${D} PREFIX=${prefix} install +} + +PACKAGES =+ "${PN}-config" +FILES_${PN}-config += "${datadir}/*" + +BBCLASSEXTEND = "native nativesdk" diff --git a/recipes-bsp/ipc/ipc-ust_git.bb b/recipes-bsp/ipc/ipc-ust_git.bb new file mode 100644 index 00000000..c6b3cfe6 --- /dev/null +++ b/recipes-bsp/ipc/ipc-ust_git.bb @@ -0,0 +1,50 @@ +SUMMARY = "Linux IPC Userspace Tool" +DESCRIPTION = "DSP boot application and ipc test application" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=fa38cd73d71527dc6efb546474f64d10" + +require ipc.inc + +S = "${WORKDIR}/git" + +# workaround for issue of parallel build, required a actual fix in ipc source +PARALLEL_MAKE = "" + +EXTRA_OEMAKE = 'CROSS_COMPILE="${TARGET_PREFIX}" CC="${CC}" AR="${AR}"' + +do_compile () { + case ${MACHINE} in + bsc9132qds|bsc9131rdb) SOC=B913x;; + b4860qds|b4420qds|b4860qds-64b) SOC=B4860;; + esac + oe_runmake ${SOC}=1 +} + +do_install () { + install -d ${D}${bindir} + install -d ${D}${includedir} + install -d ${D}/ipc + install -m 755 ${S}/dsp_boot/dsp_bt ${D}/ipc + install -m 755 ${S}/ipc/ipc_test ${D}/ipc + install -m 755 ${S}/ipc/ipc_test67 ${D}/ipc + install -m 755 ${S}/ipc/l1d_app ${D}/ipc + install -m 755 ${S}/fsl_shm/app ${D}${bindir}/lg_shm_test + install -d ${D}${base_libdir} + install -m 755 ${S}/ipc/libipc.so ${D}${base_libdir} + install -m 755 ${S}/ipc/libmem.so ${D}${base_libdir} + install -m 755 ${S}/ipc/libdspboot.so ${D}${base_libdir} + install -d ${D}${includedir}/ipc + install -d ${D}${includedir}/ipc/ipc/include + install -d ${D}${includedir}/ipc/fsl_shm/lib + install ${S}/ipc/include/*.h ${D}${includedir}/ipc/ipc/include + install ${S}/dsp_boot/*.h ${D}${includedir}/ipc/ipc/include + install ${S}/kernel/fsl_ipc_types.h ${D}${includedir}/ipc/ipc/include + install ${S}/kernel/fsl_heterogeneous_common.h ${D}${includedir}/ipc/ipc/include + install ${S}/kernel/fsl_heterogeneous_l1_defense.h ${D}${includedir}/ipc/ipc/include + install ${S}/fsl_shm/include/*.h ${D}${includedir}/ipc/ipc/include + install ${S}/fsl_shm/lib/*.h ${D}${includedir}/ipc/fsl_shm/lib +} + +FILES_${PN} += "/ipc/*" +FILES_${PN}-dbg += "/ipc/.debug" + diff --git a/recipes-bsp/ipc/ipc.inc b/recipes-bsp/ipc/ipc.inc new file mode 100644 index 00000000..547771ae --- /dev/null +++ b/recipes-bsp/ipc/ipc.inc @@ -0,0 +1,7 @@ +DEPENDS = "virtual/kernel" + +SRC_URI = "git://git.freescale.com/ppc/sdk/ipc.git;nobranch=1" +SRCREV = "c9c92ac6a7a31c9d878096eb7d135c22a38f20ff" + +COMPATIBLE_MACHINE = "(bsc9132qds|bsc9131rdb|b4860qds|b4420qds)" + diff --git a/recipes-bsp/pkc-firmware/pkc-firmware_git.bb b/recipes-bsp/pkc-firmware/pkc-firmware_git.bb new file mode 100644 index 00000000..3cc5d446 --- /dev/null +++ b/recipes-bsp/pkc-firmware/pkc-firmware_git.bb @@ -0,0 +1,41 @@ +DESCRIPTION = "U-boot firmware for c293pcie support " +HOMEPAGE = "http://u-boot.sf.net" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=1707d6db1d42237583f50183a5651ecb" + +INHIBIT_DEFAULT_DEPS = "1" +DEPENDS = "virtual/${TARGET_PREFIX}gcc libgcc" + +inherit deploy + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +SRC_URI = "git://git.freescale.com/ppc/sdk/pkc-firmware.git;nobranch=1" +SRCREV = "b891873c1eea7a7d53f9472ea601712897cb17b7" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = 'CROSS_COMPILE=${TARGET_PREFIX} CC="${TARGET_PREFIX}gcc ${TOOLCHAIN_OPTIONS}"' + +do_compile () { + unset LDFLAGS + unset CFLAGS + unset CPPFLAGS + oe_runmake C293QDS_36BIT_SDCARD +} + +do_install(){ + install -d ${D}${sysconfdir}/crypto/ + install ${S}/u-boot.bin ${D}${sysconfdir}/crypto/pkc-firmware.bin +} + +do_deploy(){ + install -d ${DEPLOYDIR}/pkc-firmware + install ${S}/u-boot.bin ${DEPLOYDIR}/pkc-firmware/pkc-firmware.bin +} + +addtask deploy after do_install + +FILES_{PN} += "/etc/crypto/pkc-firmware.bin" +COMPATIBLE_MACHINE = "(c293pcie)" + diff --git a/recipes-bsp/qe-ucode/qe-ucode_git.bb b/recipes-bsp/qe-ucode/qe-ucode_git.bb index 28af4b65..395789d9 100644 --- a/recipes-bsp/qe-ucode/qe-ucode_git.bb +++ b/recipes-bsp/qe-ucode/qe-ucode_git.bb @@ -33,4 +33,4 @@ addtask deploy before do_build after do_install PACKAGES += "${PN}-image" FILES_${PN}-image += "/boot/*" ALLOW_EMPTY_${PN} = "1" -COMPATIBLE_MACHINE = "(ls102xa)" +COMPATIBLE_MACHINE = "(ls102xa|p1021rdb|p1025twr|t1)" diff --git a/recipes-bsp/rcw/rcw_git.bb b/recipes-bsp/rcw/rcw_git.bb index 2a03309c..016ef820 100644 --- a/recipes-bsp/rcw/rcw_git.bb +++ b/recipes-bsp/rcw/rcw_git.bb @@ -33,4 +33,4 @@ FILES_${PN}-image += "/boot" ALLOW_EMPTY_${PN} = "1" PACKAGE_ARCH = "${MACHINE_ARCH}" -COMPATIBLE_MACHINE = "(ls102xa)" +COMPATIBLE_MACHINE = "(ls102xa|qoriq-ppc)" diff --git a/recipes-bsp/u-boot/files/0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch b/recipes-bsp/u-boot/files/0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch new file mode 100644 index 00000000..e6b8d2e5 --- /dev/null +++ b/recipes-bsp/u-boot/files/0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch @@ -0,0 +1,77 @@ +From 9ba002f1b1afc7af84a352f4ecab32a30d7ba353 Mon Sep 17 00:00:00 2001 +From: Zhenhua Luo +Date: Mon, 9 Feb 2015 18:33:56 +0800 +Subject: [PATCH] u-boot/mpc85xx/u-boot*.lds: remove _GLOBAL_OFFSET_TABLE_ + definition + +In binutils-2.25, the _GLOBAL_OFFSET_TABLE_ symbols defined by PROVIDE in +u-boot.lds overrides the linker built-in symbols +(https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=b893397a4b1316610f49819344817715e4305de9), +so the linker is treating _GLOBAL_OFFSET_TABLE_ as a definition into the .reloc section. + +To align with the change of binutils-2.25, the _GLOBAL_OFFSET_TABLE_ symbol +should not be defined in sections, and the symbols in linker generated .got +section should be used(https://sourceware.org/ml/binutils/2008-09/msg00122.html). + +Fixed the following build errors with binutils-2.25: +| powerpc-poky-linux-gnuspe-ld.bfd: _GLOBAL_OFFSET_TABLE_ not defined in linker created .got + +Signed-off-by: Zhenhua Luo +--- + arch/powerpc/cpu/mpc85xx/u-boot-nand.lds | 1 - + arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds | 1 - + arch/powerpc/cpu/mpc85xx/u-boot-spl.lds | 1 - + arch/powerpc/cpu/mpc85xx/u-boot.lds | 1 - + 4 files changed, 4 deletions(-) + +diff --git a/arch/powerpc/cpu/mpc85xx/u-boot-nand.lds b/arch/powerpc/cpu/mpc85xx/u-boot-nand.lds +index f933b21..0399f93 100644 +--- a/arch/powerpc/cpu/mpc85xx/u-boot-nand.lds ++++ b/arch/powerpc/cpu/mpc85xx/u-boot-nand.lds +@@ -44,7 +44,6 @@ SECTIONS + _GOT2_TABLE_ = .; + KEEP(*(.got2)) + KEEP(*(.got)) +- PROVIDE(_GLOBAL_OFFSET_TABLE_ = . + 4); + _FIXUP_TABLE_ = .; + KEEP(*(.fixup)) + } +diff --git a/arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds b/arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds +index b83c553..f044564 100644 +--- a/arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds ++++ b/arch/powerpc/cpu/mpc85xx/u-boot-nand_spl.lds +@@ -22,7 +22,6 @@ SECTIONS + _GOT2_TABLE_ = .; + KEEP(*(.got2)) + KEEP(*(.got)) +- PROVIDE(_GLOBAL_OFFSET_TABLE_ = . + 4); + _FIXUP_TABLE_ = .; + KEEP(*(.fixup)) + } +diff --git a/arch/powerpc/cpu/mpc85xx/u-boot-spl.lds b/arch/powerpc/cpu/mpc85xx/u-boot-spl.lds +index 5ae7b3e..889a4c2 100644 +--- a/arch/powerpc/cpu/mpc85xx/u-boot-spl.lds ++++ b/arch/powerpc/cpu/mpc85xx/u-boot-spl.lds +@@ -29,7 +29,6 @@ SECTIONS + _GOT2_TABLE_ = .; + KEEP(*(.got2)) + KEEP(*(.got)) +- PROVIDE(_GLOBAL_OFFSET_TABLE_ = . + 4); + _FIXUP_TABLE_ = .; + KEEP(*(.fixup)) + } +diff --git a/arch/powerpc/cpu/mpc85xx/u-boot.lds b/arch/powerpc/cpu/mpc85xx/u-boot.lds +index 2cf0b25..f15eaf3 100644 +--- a/arch/powerpc/cpu/mpc85xx/u-boot.lds ++++ b/arch/powerpc/cpu/mpc85xx/u-boot.lds +@@ -50,7 +50,6 @@ SECTIONS + _GOT2_TABLE_ = .; + KEEP(*(.got2)) + KEEP(*(.got)) +- PROVIDE(_GLOBAL_OFFSET_TABLE_ = . + 4); + _FIXUP_TABLE_ = .; + KEEP(*(.fixup)) + } +-- +2.1.0 + diff --git a/recipes-bsp/u-boot/files/Fix-the-depend-race-issue.patch b/recipes-bsp/u-boot/files/Fix-the-depend-race-issue.patch new file mode 100644 index 00000000..1ddc6675 --- /dev/null +++ b/recipes-bsp/u-boot/files/Fix-the-depend-race-issue.patch @@ -0,0 +1,38 @@ +Upstream-Status: Pending + +From 301832414369b749918e0d5db850eed19b81c0fc Mon Sep 17 00:00:00 2001 +From: Zhenhua Luo +Date: Tue, 24 Sep 2013 00:54:40 -0500 +Subject: [PATCH] Fix the depend race issue + +| make[3]: Entering directory `/srv/home/pokybuild/yocto-autobuilder-new/yocto-slave/nightly-fsl-ppc/build/build/tmp/work/p1022ds-poky-linux-gnuspe/u-boot/git-r30/git/arch/powerpc/cpu/mpc85xx' +| /srv/home/pokybuild/yocto-autobuilder-new/yocto-slave/nightly-fsl-ppc/build/build/tmp/work/p1022ds-poky-linux-gnuspe/u-boot/git-r30/git/P1022DS_NAND/spl/arch/powerpc/cpu/mpc85xx/.depend:125: *** missing separator. Stop. +| make[3]: Leaving directory `/srv/home/pokybuild/yocto-autobuilder-new/yocto-slave/nightly-fsl-ppc/build/build/tmp/work/p1022ds-poky-linux-gnuspe/u-boot/git-r30/git/arch/powerpc/cpu/mpc85xx' +| make[2]: *** [/srv/home/pokybuild/yocto-autobuilder-new/yocto-slave/nightly-fsl-ppc/build/build/tmp/work/p1022ds-poky-linux-gnuspe/u-boot/git-r30/git/P1022DS_NAND/spl/arch/powerpc/cpu/mpc85xx/start.o] Error 2 +| make[2]: *** Waiting for unfinished jobs.... + +Signed-off-by: Zhenhua Luo +--- + spl/Makefile | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/spl/Makefile b/spl/Makefile +index 6dbb105..3156d87 100644 +--- a/spl/Makefile ++++ b/spl/Makefile +@@ -185,7 +185,11 @@ $(eval $(call make_u_boot_list, $(obj)u-boot.lst, $(LIBS))) + $(obj)u-boot-spl.lds: $(LDSCRIPT) $(obj)u-boot.lst depend + $(CPP) $(CPPFLAGS) $(LDPPFLAGS) -I$(obj). -ansi -D__ASSEMBLY__ -P - < $< > $@ + +-depend: $(obj).depend ++# Explicitly make _depend in subdirs containing multiple targets to prevent ++# parallel sub-makes creating .depend files simultaneously. ++depend dep: $(obj).depend ++ for dir in $(SUBDIRS) $(CPUDIR) $(LDSCRIPT_MAKEFILE_DIR) ; do \ ++ $(MAKE) -C $(SRCTREE)/$$dir _depend ; done + .PHONY: depend + + # defines $(obj).depend target +-- +1.8.2.1 + diff --git a/recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb b/recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb new file mode 100644 index 00000000..17c470dc --- /dev/null +++ b/recipes-bsp/u-boot/u-boot-qoriq_2015.01.bb @@ -0,0 +1,189 @@ +DESCRIPTION = "U-boot bootloader" +HOMEPAGE = "http://u-boot.sf.net" +SECTION = "bootloaders" +PROVIDES = "virtual/bootloader u-boot" +LICENSE = "GPLv2 & BSD-3-Clause & BSD-2-Clause & LGPL-2.0 & LGPL-2.1" +LIC_FILES_CHKSUM = " \ + file://Licenses/gpl-2.0.txt;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://Licenses/bsd-2-clause.txt;md5=6a31f076f5773aabd8ff86191ad6fdd5 \ + file://Licenses/bsd-3-clause.txt;md5=4a1190eac56a9db675d58ebe86eaf50c \ + file://Licenses/lgpl-2.0.txt;md5=5f30f0716dfdd0d91eb439ebec522ec2 \ + file://Licenses/lgpl-2.1.txt;md5=4fbd65380cdd255951079008b364516c \ +" + +PV = "2014.07+fslgit" +INHIBIT_DEFAULT_DEPS = "1" +DEPENDS = "boot-format-native libgcc ${@base_contains('TCMODE', 'external-fsl', '', 'virtual/${TARGET_PREFIX}gcc', d)}" + +inherit deploy + +SRC_URI = "git://git.freescale.com/ppc/sdk/u-boot.git;nobranch=1 \ + file://0001-u-boot-mpc85xx-u-boot-.lds-remove-_GLOBAL_OFFSET_TAB.patch" +SRCREV = "6ba8eedbcdc4b063f59a63e6288b938af739e8ad" + +python () { + if d.getVar("TCMODE", True) == "external-fsl": + return + + ml = d.getVar("MULTILIB_VARIANTS", True) + arch = d.getVar("OVERRIDES", True) + + if "e5500-64b:" in arch or "e6500-64b:" in arch: + if not "lib32" in ml: + raise bb.parse.SkipPackage("Building the u-boot for this arch requires multilib to be enabled") + sys_multilib = 'powerpc' + d.getVar('TARGET_VENDOR') + 'mllib32-' + d.getVar('HOST_OS') + d.setVar('DEPENDS_append', ' lib32-gcc-cross-powerpc lib32-libgcc') + d.setVar('PATH_append', ':' + d.getVar('STAGING_BINDIR_NATIVE') + '/' + sys_multilib) + d.setVar('TOOLCHAIN_OPTIONS_append', '/../lib32-' + d.getVar("MACHINE")) + d.setVar("WRAP_TARGET_PREFIX", sys_multilib + '-') +} + +WRAP_TARGET_PREFIX ?= "${TARGET_PREFIX}" + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +UBOOT_LOCALVERSION = "${@d.getVar('SDK_VERSION', True).partition(' ')[0]}" + +USRC ?= "" +S = '${@base_conditional("USRC", "", "${WORKDIR}/git", "${USRC}", d)}' + +EXTRA_OEMAKE = 'CROSS_COMPILE=${WRAP_TARGET_PREFIX} CC="${WRAP_TARGET_PREFIX}gcc ${TOOLCHAIN_OPTIONS}"' + +do_compile () { + unset LDFLAGS + unset CFLAGS + unset CPPFLAGS + + if [ ! -e ${B}/.scmversion -a ! -e ${S}/.scmversion ] + then + head=`git rev-parse --verify --short HEAD 2> /dev/null` + printf "%s%s%s" ${UBOOT_LOCALVERSION} +g $head > ${B}/.scmversion + printf "%s%s%s" ${UBOOT_LOCALVERSION} +g $head > ${S}/.scmversion + fi + + if [ "x${UBOOT_MACHINES}" = "x" ]; then + UBOOT_MACHINES=${UBOOT_MACHINE} + fi + + python ./tools/genboardscfg.py + for board in ${UBOOT_MACHINES}; do + if ! grep -wq $board ${S}/boards.cfg;then + echo "WARNING: $board not supported in boards.cfg" + continue + fi + + oe_runmake O=${board} distclean + oe_runmake O=${board} ${board}_config + oe_runmake O=${board} all + + case "${board}" in + *SDCARD*) UBOOT_TARGET="u-boot-sd";; + *SPIFLASH*) UBOOT_TARGET="u-boot-spi";; + *NAND*) UBOOT_TARGET="u-boot-nand";; + *SRIO*) UBOOT_TARGET="u-boot-srio";; + *) UBOOT_TARGET="";; + esac + + # deal with sd/spi/nand/srio image + UBOOT_SOURCE=u-boot.bin + if [ "x${UBOOT_TARGET}" != "x" ] && echo $board |egrep -qi "SECBOOT|SECURE"; then + cp ${S}/${board}/${UBOOT_SOURCE} ${S}/${board}/${UBOOT_TARGET}.bin + elif [ "x${UBOOT_TARGET}" != "x" ]; then + # some boards' final binary was not named as u-boot.bin + if [ "${UBOOT_TARGET}" = "u-boot-nand" ];then + if echo $board |egrep -q "^(BSC|C29|P10|P2020RDB)";then + UBOOT_SOURCE=u-boot-with-spl.bin + elif echo $board |egrep -q "^(B4|T1|T2|T4)";then + UBOOT_SOURCE=u-boot-with-spl-pbl.bin + elif echo $board |egrep -q "^(P2041|P3|P4|P5)";then + UBOOT_SOURCE=u-boot.pbl + fi + elif [ "${UBOOT_TARGET}" = "u-boot-spi" ];then + if echo $board |egrep -q "^(P10|P2020RDB)";then + UBOOT_SOURCE=u-boot-with-spl.bin + elif echo $board |egrep -q "^(T1|T2)";then + UBOOT_SOURCE=u-boot-with-spl-pbl.bin + elif echo $board |egrep -q "^(B4|P2041|P3|P4|P5|T4)";then + UBOOT_SOURCE=u-boot.pbl + fi + elif [ "${UBOOT_TARGET}" = "u-boot-sd" ];then + if echo $board |egrep -q "^(P10|P2020RDB)";then + UBOOT_SOURCE=u-boot-with-spl.bin + elif echo $board |egrep -q "^(B4|T1|T2|T4)";then + UBOOT_SOURCE=u-boot-with-spl-pbl.bin + elif echo $board |egrep -q "^(P2041|P3|P4|P5)";then + UBOOT_SOURCE=u-boot.pbl + fi + fi + cp ${S}/${board}/${UBOOT_SOURCE} ${S}/${board}/${UBOOT_TARGET}.bin + + # use boot-format to regenerate spi image if BOOTFORMAT_CONFIG is not empty + if [ "${UBOOT_TARGET}" = "u-boot-spi" ] && [ -n "${BOOTFORMAT_CONFIG}" ];then + ${STAGING_BINDIR_NATIVE}/boot_format \ + ${STAGING_DATADIR_NATIVE}/boot_format/${BOOTFORMAT_CONFIG} \ + ${S}/${board}/${UBOOT_SOURCE} -spi ${S}/${board}/${UBOOT_TARGET}.bin + fi + fi + done +} + +do_install(){ + if [ "x${UBOOT_MACHINES}" = "x" ]; then + UBOOT_MACHINES=${UBOOT_MACHINE} + fi + + for board in ${UBOOT_MACHINES}; do + if ! grep -wq $board ${S}/boards.cfg;then + continue + fi + + case "${board}" in + *SDCARD*) UBOOT_TARGET="u-boot-sd";; + *SPIFLASH*) UBOOT_TARGET="u-boot-spi";; + *NAND*) UBOOT_TARGET="u-boot-nand";; + *SRIO*) UBOOT_TARGET="u-boot-srio";; + *) UBOOT_TARGET="u-boot";; + esac + + if [ -f ${S}/${board}/${UBOOT_TARGET}.bin ]; then + mkdir -p ${D}/boot/ + install ${S}/${board}/${UBOOT_TARGET}.bin ${D}/boot/${UBOOT_TARGET}-${board}-${PV}-${PR}.bin + ln -sf ${UBOOT_TARGET}-${board}-${PV}-${PR}.bin ${D}/boot/${UBOOT_TARGET}.bin + fi + done +} + +do_deploy(){ + if [ "x${UBOOT_MACHINES}" = "x" ]; then + UBOOT_MACHINES=${UBOOT_MACHINE} + fi + + for board in ${UBOOT_MACHINES}; do + if ! grep -wq $board ${S}/boards.cfg;then + continue + fi + + case "${board}" in + *SDCARD*) UBOOT_TARGET="u-boot-sd";; + *SPIFLASH*) UBOOT_TARGET="u-boot-spi";; + *NAND*) UBOOT_TARGET="u-boot-nand";; + *SRIO*) UBOOT_TARGET="u-boot-srio";; + *) UBOOT_TARGET="u-boot";; + esac + + if [ -f ${S}/${board}/${UBOOT_TARGET}.bin ]; then + mkdir -p ${DEPLOYDIR} + install ${S}/${board}/${UBOOT_TARGET}.bin ${DEPLOYDIR}/${UBOOT_TARGET}-${board}-${PV}-${PR}.bin + + cd ${DEPLOYDIR} + rm -f ${UBOOT_TARGET}-${board}.bin + ln -sf ${UBOOT_TARGET}-${board}-${PV}-${PR}.bin ${UBOOT_TARGET}-${board}.bin + fi + done +} +addtask deploy after do_install + +PACKAGES += "${PN}-images" +FILES_${PN}-images += "/boot" + +ALLOW_EMPTY_${PN} = "1" diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README new file mode 100644 index 00000000..9578982d --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README @@ -0,0 +1,77 @@ +test_setkey script usage + +The scripts in this directory may be used for testing +native Linux IPsec with the talitos driver as a loadable module. + +It's assumed that these scripts have been placed in the directory +named /test_setkey. + +The scripts setup_left and setup_right configure the ip addresses +for two boards named 'left' and 'right', which are two gateways for +an IPsec tunnel. Connect the eth1 interfaces of left and right boards together. +For smartbits testing, connect eth0 on each board to a smartbits port. +For other testing (ping, netperf, iperf), connect eth0 on each board to another system. + +The scripts named left.conf-* and right.conf-* are setkey scripts +which configure the IPsec SA and SPD entries. +The scripts ending in -tunnel use tunnel mode IPsec, and the scripts +ending in -transport used transport mode IPsec. +Transport mode is useful for quickly testing security functionality +using ping or netperf between two boards. +Tunnel mode can be used for testing throughput using smartbits or other +performance test equipment. + +There is a top level script called 'setup' which +is used for a one-step setup on the left and right boards. +'setup' uses two or three parameters. The first parameter is the side, left or right. +The second parameter is the setkey suffix for the left.conf- and right.conf- files. +If the third parameter is supplied, the setup will modprobe that name, so +typically you should provide talitos as the third parameter if you want to load the driver. +If you have built the talitos driver into the kernel, omit the third parameter to setup. +You may test software encryption if talitos is built as a module and you omit the third parameter. + +Below are example uses of the 'setup' script. + +1) One-step setup for smartbits + Use a tunnel mode setup on each side. + AES-HMAC-SHA1: + Left side: + /test_setkey/setup left aes-sha1-tunnel talitos + Right side: + /test_setkey/setup right aes-sha1-tunnel talitos + + 3DES-HMAC-SHA1: + Left side: + /test_setkey/setup left 3des-sha1-tunnel talitos + Right side: + /test_setkey/setup right 3des-sha1-tunnel talitos + +2) One-step setup for testing ping, netperf, or iperf between two boards. + Use a transport mode setup on each side. + AES-HMAC-SHA1: + Left side: + /test_setkey/setup left aes-sha1-transport talitos + Right side: + /test_setkey/setup right aes-sha1-transport talitos + + 3DES-HMAC-SHA1: + Left side: + /test_setkey/setup left 3des-sha1-transport talitos + Right side: + /test_setkey/setup right 3des-sha1-transport talitos + +3) Testing ipv4 + To test ipv4 (with no security) over the two gateways, use steps below. + Testing ipv4 is helpful to get your smartbits configuration verified + and also establish a baseline performance for throughput. + + On the left board: + cd /test_setkey + ./setup_left + ./left.ipv4 + + On the right board: + cd /test_setkey + ./setup_right + ./right.ipv4 + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel new file mode 100755 index 00000000..6bd6c5d8 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel @@ -0,0 +1,32 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) +# +# Security policies +spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel new file mode 100755 index 00000000..eebf307a --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel @@ -0,0 +1,31 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board B setup +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) +# +# Security policies + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + +spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey new file mode 100755 index 00000000..0be30562 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey @@ -0,0 +1,4 @@ +#!/usr/sbin/setkey -f + +flush; +spdflush; diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left new file mode 100644 index 00000000..d9d6c0c6 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left @@ -0,0 +1,29 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + charondebug="chd 2, knl 2" + crlcheckinterval=180 + strictcrlpolicy=no + plutostart=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + keyexchange=ikev2 + type=tunnel + auth=esp + compress=no + mobike=no + +conn net-net + left=200.200.200.10 + leftsubnet=192.168.1.0/24 + leftcert=moonCert.pem + leftid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" + leftfirewall=yes + right=200.200.200.20 + rightsubnet=192.168.2.0/24 + rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" + auto=add diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right new file mode 100644 index 00000000..c14dee2b --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right @@ -0,0 +1,28 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + charondebug="chd 2, knl 2" + crlcheckinterval=180 + strictcrlpolicy=no + plutostart=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + keyexchange=ikev2 + auth=esp + compress=no + mobike=no + +conn net-net + left=200.200.200.20 + leftcert=sunCert.pem + leftid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" + leftsubnet=192.168.2.0/24 + leftfirewall=yes + right=200.200.200.10 + rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" + rightsubnet=192.168.1.0/24 + auto=add diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left new file mode 100644 index 00000000..e86d6aa5 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left @@ -0,0 +1,3 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: RSA moonKey.pem diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right new file mode 100644 index 00000000..1095b74c --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right @@ -0,0 +1,8 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: RSA sunKey.pem + + + + + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left new file mode 100644 index 00000000..55025dbc --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left @@ -0,0 +1,39 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + plutodebug=control + crlcheckinterval=180 + strictcrlpolicy=no + charonstart=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + keyexchange=ikev1 + left=200.200.200.10 + leftcert=moonCert.pem + leftid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" + leftfirewall=yes + +conn net-net + left=%defaultroute + leftsubnet=192.168.1.0/24 + leftcert=moonCert.pem + right=200.200.200.20 + rightsubnet=192.168.2.0/24 + rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" + auto=add + +conn host-host + left=%defaultroute + leftcert=moonCert.pem + right=200.200.200.20 + rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" + auto=add + +conn rw + leftsubnet=192.168.1.0/24 + right=%any + auto=add diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right new file mode 100644 index 00000000..479791ea --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right @@ -0,0 +1,34 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + plutodebug=control + crlcheckinterval=180 + strictcrlpolicy=no + charonstart=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + keyexchange=ikev1 + left=200.200.200.20 + leftcert=sunCert.pem + leftid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" + leftfirewall=yes + +conn net-net + left=%defaultroute + leftsubnet=192.168.2.0/24 + leftcert=sunCert.pem + right=200.200.200.10 + rightsubnet=192.168.1.0/24 + rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" + auto=add + +conn host-host + left=%defaultroute + leftcert=sunCert.pem + right=200.200.200.10 + rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" + auto=add diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport new file mode 100755 index 00000000..5422771b --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.10 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-md5 authentication using 128 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; + + +spdadd 200.200.200.20 200.200.200.10 any -P in ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P out ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel new file mode 100755 index 00000000..52bf9c3f --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) +# +# Security policies +spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-md5 authentication using 128 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport new file mode 100755 index 00000000..e5ee0054 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport @@ -0,0 +1,22 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.10 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha1 authentication using 160 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; + +spdadd 200.200.200.20 200.200.200.10 any -P in ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P out ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel new file mode 100755 index 00000000..eb2881db --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) +# +# Security policies +spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha1 authentication using 160 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport new file mode 100755 index 00000000..b5286320 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.10 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha2-256 authentication using 256 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; + + +spdadd 200.200.200.20 200.200.200.10 any -P in ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P out ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel new file mode 100755 index 00000000..e7726f08 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) +# +# Security policies +spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha2-256 authentication using 256 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; + +add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport new file mode 100755 index 00000000..96f57837 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.10 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-md5 authentication using 128 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; + + +spdadd 200.200.200.20 200.200.200.10 any -P in ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P out ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel new file mode 100755 index 00000000..b2cf84bf --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) +# +# Security policies +spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-md5 authentication using 128 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport new file mode 100755 index 00000000..f3ffaf5c --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport @@ -0,0 +1,22 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.10 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha1 authentication using 160 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; + +spdadd 200.200.200.20 200.200.200.10 any -P in ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P out ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel new file mode 100755 index 00000000..1ab7874f --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) +# +# Security policies +spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha1 authentication using 160 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport new file mode 100755 index 00000000..d2645d6f --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.10 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha2-256 authentication using 256 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; + + +spdadd 200.200.200.20 200.200.200.10 any -P in ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P out ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel new file mode 100755 index 00000000..8ed697d1 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) +# +# Security policies +spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha2-256 authentication using 256 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; + +add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport new file mode 100755 index 00000000..84275d07 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.10 + +flush; +spdflush; + +# ESP SAs doing null encryption +# and null authentication +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E null + -A null; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E null + -A null; + + +spdadd 200.200.200.20 200.200.200.10 any -P in ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P out ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel new file mode 100755 index 00000000..478d14a8 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) +# +# Security policies +spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + + +# ESP SAs doing null encryption +# and null authentication +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E null + -A null; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E null + -A null; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 new file mode 100755 index 00000000..e219f2ad --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 @@ -0,0 +1,2 @@ +set -v +route add -net 192.168.2.0 netmask 255.255.255.0 gw 200.200.200.20 diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem new file mode 100644 index 00000000..d5c970f4 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEIjCCAwqgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ +MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS +b290IENBMB4XDTA5MDgyNzEwMDMzMloXDTE0MDgyNjEwMDMzMlowRjELMAkGA1UE +BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHDAaBgNVBAMTE21vb24u +c3Ryb25nc3dhbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK +L2M91Lu6BYYhWxWgMS9z9TMSTwszm5rhO7ZIsCtMRo4PAeYw+++SGXt3CPXb/+p+ +SWKGlm11rPE71eQ3ehgh2C3hAurfmWO0iQQaCw+fdreeIVCqOQIOP6UqZ327h5yY +YpHk8VQv4vBJTpxclU1PqnWheqe1ZlLxsW773LRml/fQt/UgvJkCBTZZONLNMfK+ +7TDnYaVsAtncgvDN78nUNEe2qY92KK7SrBJ6SpUEg49m51F+XgsGcsgWVHS85on3 +Om/G48crLEVJjdu8CxewSRVgb+lPJWzHd8QsU0Vg/7vlqs3ZRMyNtNKrr4opSvVb +A6agGlTXhDCreDiXU8KHAgMBAAGjggEaMIIBFjAJBgNVHRMEAjAAMAsGA1UdDwQE +AwIDqDAdBgNVHQ4EFgQUapx00fiJeYn2WpTpifH6w2SdKS4wbQYDVR0jBGYwZIAU +XafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkwFwYDVQQK +ExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJvb3QgQ0GC +AQAwHgYDVR0RBBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzATBgNVHSUEDDAKBggr +BgEFBQcDATA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u +b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCctXg2xeMozaTV +jiBL1P8MY9uEH5JtU0EceQ1RbI5/2vGRdnECND9oADY5vamaaE2Mdq2Qh/vlXnML +o3ii5ELjsQlYdTYZOcMOdcUUXYvbbFX1cwpkBhyBl1H25KptHcgQ/HnceKp3kOuq +wYOYjgwePXulcpWXx0E2QtQCFQQZFPyEWeNJxH0oglg53QPXfHY9I2/Gukj5V0bz +p7ME0Gs8KdnYdmbbDqzQgPsta96/m+HoJlsrVF+4Gqihj6BWMBQ2ybjPWZdG3oH9 +25cE8v60Ry98D0Z/tygbAUFnh5oOvaf642paVgc3aoA77I8U+UZjECxISoiHultY +7QTufOwP +-----END CERTIFICATE----- diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem new file mode 100644 index 00000000..4d99866f --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAyi9jPdS7ugWGIVsVoDEvc/UzEk8LM5ua4Tu2SLArTEaODwHm +MPvvkhl7dwj12//qfklihpZtdazxO9XkN3oYIdgt4QLq35ljtIkEGgsPn3a3niFQ +qjkCDj+lKmd9u4ecmGKR5PFUL+LwSU6cXJVNT6p1oXqntWZS8bFu+9y0Zpf30Lf1 +ILyZAgU2WTjSzTHyvu0w52GlbALZ3ILwze/J1DRHtqmPdiiu0qwSekqVBIOPZudR +fl4LBnLIFlR0vOaJ9zpvxuPHKyxFSY3bvAsXsEkVYG/pTyVsx3fELFNFYP+75arN +2UTMjbTSq6+KKUr1WwOmoBpU14Qwq3g4l1PChwIDAQABAoIBACBFB/Xqajv6fbn9 +K6pxrz02uXwGmacXAtVIDoPzejWmXS4QA4l17HrJDmelSnhelDKry8nnYHkTrTz7 +mn0wQ4HDWy86o/okJUG/TKRLd6bf79aRQqqohqd3iQkHk43GyzuXH+oGioVKF0fc +ACDWw4wfjL7FMNdHCZ4Bz9DrHO/ysHe9B6rvSYm3VZRhSxaneIkaLkkDadKpVx3f +XNFlMxY4qKPJYYSoJZ61iMqrO7+rnA93tmyDDs8PKU3BtnpfNrdePgleJHhk8Zqy +Ev2/NOCSUxbKE8NCtLpGTs+T0qjjnu4k3WPd3ZOBAan0uPDekHZeHB/aXGLhYcxx +J5SurqECgYEA+F1gppkER5Jtoaudt/CUpdQ1sR9wxf75VBqJ4FiYABGQz9xlG4oj +zL/o572s0iV3bwFpnQa+WuWrxGkP6ZuB/Z82npc0N/vLou/b4dxvg4n7K+eOOEf0 +8FMjsse2tqTIXKCqcmQnR0NPQ1jwuvEKsXP5w/JOlnRXAXnd4jxsJI0CgYEA0GaT +61ySttUW9jC3mxuY6jkQy8TEQqR3nOFvWwmCXIWOpN/MTTPus+Telxp/pdKhU+mo +PmX3Unyne5PvwleWDq3YzltX5ZDZGJ5UJlKuNnfGIzQ6OcHRbb7zBpQG6qSRPuug +bgo688hTnb1L59nK88zWVK45euf6pyuoI+SwIGMCgYEA7yvE8knyhBXvezuv0z1b +eGHmHp5/VDwY0DQKSEAoiBBiWrkLqLybgwXf/KJ8dZZc8En08aFX2GLJyYe/KiB1 +ys3ypEBJqgvRayP+o/9KZ+qNNRd0rqAksPXvL7ABNNt0kzapTSVDae3Yu6s/j1am +DIL5qAeERIDedG5uDPpQzdUCgYB7MtjpP63ABhLv8XbpbBQnCxtByw3W89F+Xcrt +v55gQdhE4cSuMzA/CuMH4vNpPS6AI9aBJNhj3CtKo/cOJachAGb1/wvkO5ALvLW0 +fhZdPstUTnDJain7vfF/hwzbs/PlhXgu9T9KlLfRvXFdG+Sd4g8mumRiozcLkoRw +y6XPTwKBgDJP+s9wXmdG90HST/aqC7FKrVXLpB63dY5swNUfQP6sa0pFnON0r0JC +h/YCsGFFIAebQ2uOkM3g3f9nkwTp7910ov+/5uThvRI2w2BBPy0mVuALPjyyF1Z2 +cb9zpyKiIuXoXRCf4sd8r1lR9bn0Fxx0Svpxf+fpMGSI5quHNBKY +-----END RSA PRIVATE KEY----- diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh new file mode 100755 index 00000000..faefb245 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh @@ -0,0 +1,19 @@ +#!/bin/bash +# +# Usage: ./pingsizes.sh 1440 20 (or greater) +# + +PINGDEST=${PINGDEST:-200.200.200.10} +k=$1 +lim="$((k+$2))" +((k-=1)) +while [ "$k" != "$lim" ] ; do + echo -n "ping -s $((k+=1)) : " + ping -i 1000 -c 1 -s $k $PINGDEST | grep packets & + sleep 1 + PID=`ps -eaf | grep 'ping -i' | grep -v grep | sed 's/[ ][ ]*/ /g' | cut -d " " -f 2` + if [ -n "$PID" ] ; then + echo "****************** killing $PID" + kill $PID > /dev/null + fi +done diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh new file mode 100755 index 00000000..d5ff0f7d --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh @@ -0,0 +1,19 @@ +#!/bin/bash +# +# Usage: ./pingsizes.sh 1440 20 (or greater) +# + +PINGDEST=${PINGDEST:-200.200.200.10} +k=$1 +lim="$((k+$2))" +((k-=1)) +while [ "$k" != "$lim" ] ; do + echo ping -s $((k+=1)) + ping -i 1000 -c 1 -s $k $PINGDEST & + sleep 1 + PID=`ps -eaf | grep 'ping -i' | sed 's/[ ][ ]*/ /g' | cut -d " " -f 2` + if [ -n "$PID" ] ; then + echo "****************** killing $PID" + kill $PID + fi +done diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt new file mode 100644 index 00000000..46c1ff41 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt @@ -0,0 +1,2 @@ +200.200.200.20 secretkeyracoon +200.200.200.10 secretkeyracoon diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf new file mode 100644 index 00000000..cf561f51 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf @@ -0,0 +1,22 @@ +path pre_shared_key "/test_setkey/psk.txt" ; + + remote anonymous + { + exchange_mode main ; + lifetime time 1 hour ; + proposal { + encryption_algorithm 3des; + hash_algorithm sha1; + authentication_method pre_shared_key ; + dh_group 2 ; + } + } + + sainfo anonymous + { + pfs_group 2; + lifetime time 1 hour ; + encryption_algorithm 3des ; + authentication_algorithm hmac_sha1 ; + compression_algorithm deflate ; + } diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport new file mode 100755 index 00000000..7f82fb46 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.20 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-md5 authentication using 128 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; + + +spdadd 200.200.200.20 200.200.200.10 any -P out ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P in ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel new file mode 100755 index 00000000..5a752579 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board B setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) +# +# Security policies +spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + +spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-md5 authentication using 128 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport new file mode 100755 index 00000000..6ef885d4 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport @@ -0,0 +1,22 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.20 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha1 authentication using 160 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; + +# Security policies +spdadd 200.200.200.20 200.200.200.10 any -P out ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P in ipsec + esp/transport//require; diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel new file mode 100755 index 00000000..16c31578 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel @@ -0,0 +1,41 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board B setup +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) +# +# Security policies + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + +spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha1 authentication using 160 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport new file mode 100755 index 00000000..b9772092 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.20 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha2-256 authentication using 256 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; + + +spdadd 200.200.200.20 200.200.200.10 any -P out ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P in ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel new file mode 100755 index 00000000..e7c5b4e6 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) +# +# Security policies +spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + +spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha2-256 authentication using 256 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel + -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; + +add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel + -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport new file mode 100755 index 00000000..5d55d001 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.20 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-md5 authentication using 128 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; + + +spdadd 200.200.200.20 200.200.200.10 any -P out ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P in ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel new file mode 100755 index 00000000..f49bd54a --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board B setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) +# +# Security policies +spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + +spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-md5 authentication using 128 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport new file mode 100755 index 00000000..d9c65a45 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport @@ -0,0 +1,22 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.20 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha1 authentication using 160 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; + +# Security policies +spdadd 200.200.200.20 200.200.200.10 any -P out ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P in ipsec + esp/transport//require; diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel new file mode 100755 index 00000000..1f10136a --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel @@ -0,0 +1,41 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board B setup +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) +# +# Security policies + +spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + +spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha1 authentication using 160 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport new file mode 100755 index 00000000..817a8bd4 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.20 + +flush; +spdflush; + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha2-256 authentication using 256 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; + + +spdadd 200.200.200.20 200.200.200.10 any -P out ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P in ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel new file mode 100755 index 00000000..9bca18fb --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board A setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) +# +# Security policies +spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + +spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + + +# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) +# and hmac-sha2-256 authentication using 256 bit long keys +add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel + -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 + -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; + +add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel + -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df + -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport new file mode 100755 index 00000000..26dfe2e1 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport @@ -0,0 +1,23 @@ +#!/usr/sbin/setkey -f +#I am 200.200.200.20 + +flush; +spdflush; + +# ESP SAs doing null encryption +# and null authentication +add 200.200.200.10 200.200.200.20 esp 0x10513 + -E null + -A null; + +add 200.200.200.20 200.200.200.10 esp 0x10514 + -E null + -A null; + + +spdadd 200.200.200.20 200.200.200.10 any -P out ipsec + esp/transport//require; + +spdadd 200.200.200.10 200.200.200.20 any -P in ipsec + esp/transport//require; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel new file mode 100755 index 00000000..bc4f38eb --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel @@ -0,0 +1,42 @@ +#!/usr/sbin/setkey -f +# +# +# Example ESP Tunnel for VPN. +# +# ========= ESP ========= +# | | +# Network-A Gateway-A Gateway-B Network-B +# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 +# +# ====== 83xx board A ====== ===== 83xx board B ===== +# | | | | +# eth0 eth1 eth1 eth0 +# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 +# +# +# Board B setup +# +# Flush the SAD and SPD +flush; +spdflush; + +# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) +# +# Security policies +spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec + esp/tunnel/200.200.200.20-200.200.200.10/require; + +spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec + esp/tunnel/200.200.200.10-200.200.200.20/require; + + +# ESP SAs doing null encryption +# and null authentication +add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel + -E null + -A null; + +add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel + -E null + -A null; + diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 new file mode 100755 index 00000000..67cd1b2c --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 @@ -0,0 +1,2 @@ +set -v +route add -net 192.168.1.0 netmask 255.255.255.0 gw 200.200.200.10 diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup new file mode 100755 index 00000000..9e6fa7fa --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup @@ -0,0 +1,47 @@ +# setup - quick setup for left or right side of ipsec test +# see README for example use. + +SCRIPT_HOME=/test_setkey/ +cd $SCRIPT_HOME + +export PATH=$SCRIPT_HOME:$PATH + +if [ "$1" != "left" -a "$1" != "right" ] ; then + echo "Usage: $0 side [config] [driver]" + echo " where side is either left or right." + echo " where config is either" + echo " aes-sha1-tunnel (default)" + echo " or 3des-sha1-tunnel" + echo " if driver is supplied, script does 'modprobe driver'" + exit 1 +fi + +SIDE=$1 +POLICY_CFG=$SIDE.conf +DEFAULT_POLICY=aes-sha1-tunnel + +if [ -n "$2" ] ; then + POLICY=$2 +else + POLICY=$DEFAULT_POLICY +fi + +SETKEY_FILE=$POLICY_CFG-$POLICY + +if [ ! -f $SETKEY_FILE ] ; then + echo "Missing setkey command file: $SETKEY_FILE" + exit 1 +fi + +# modprobe any driver name given as last parameter +if [ -n "$3" ] ; then + modprobe $3 +fi + +SETUP_CMD_FILE=./setup_$SIDE +. $SETUP_CMD_FILE + +$SETKEY_FILE + +setkey -D +setkey -D -P diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left new file mode 100755 index 00000000..da769099 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left @@ -0,0 +1,13 @@ +# board on left setup +set -v +ifconfig eth0 down +ifconfig eth0 hw ether 00:04:9F:11:22:33 +ifconfig eth0 192.168.1.130 netmask 255.255.255.0 +ifconfig eth0 up +ifconfig eth1 down +ifconfig eth1 hw ether 00:E0:0C:00:7D:FD +ifconfig eth1 200.200.200.10 netmask 255.255.255.0 +ifconfig eth1 up +arp -s 192.168.1.21 00:00:00:00:00:01 +route add default dev eth1 +echo 1 > /proc/sys/net/ipv4/ip_forward diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right new file mode 100755 index 00000000..f0e333ee --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right @@ -0,0 +1,13 @@ +# board on right setup +set -v +ifconfig eth0 down +ifconfig eth0 hw ether 00:E0:0C:00:01:FD +ifconfig eth0 192.168.2.130 netmask 255.255.255.0 +ifconfig eth0 up +ifconfig eth1 down +ifconfig eth1 hw ether 00:E0:0C:00:00:FD +ifconfig eth1 200.200.200.20 netmask 255.255.255.0 +ifconfig eth1 up +arp -s 192.168.2.21 00:00:00:00:00:02 +route add default dev eth1 +echo 1 > /proc/sys/net/ipv4/ip_forward diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf new file mode 100644 index 00000000..1701f4ab --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf @@ -0,0 +1,19 @@ +# strongswan.conf - strongSwan configuration file + +charon { + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-raw updown + multiple_authentication = no +} + +pluto { + + # plugins to load in pluto + #load = aes des sha1 md5 sha2 hmac gmp random pubkey + +} + +libstrongswan { + + # set to no, the DH exponent size is optimized + # dh_exponent_ansi_x9_42 = no +} diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem new file mode 100644 index 00000000..0865ad22 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ +MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS +b290IENBMB4XDTA0MDkxMDEwMDExOFoXDTE5MDkwNzEwMDExOFowRTELMAkGA1UE +BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9u +Z1N3YW4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/y +X2LqPVZuWLPIeknK86xhz6ljd3NNhC2z+P1uoCP3sBMuZiZQEjFzhnKcbXxCeo2f +FnvhOOjrrisSuVkzuu82oxXD3fIkzuS7m9V4E10EZzgmKWIf+WuNRfbgAuUINmLc +4YGAXBQLPyzpP4Ou48hhz/YQo58Bics6PHy5v34qCVROIXDvqhj91P8g+pS+F21/ +7P+CH2jRcVIEHZtG8M/PweTPQ95dPzpYd2Ov6SZ/U7EWmbMmT8VcUYn1aChxFmy5 +gweVBWlkH6MP+1DeE0/tL5c87xo5KCeGK8Tdqpe7sBRC4pPEEHDQciTUvkeuJ1Pr +K+1LwdqRxo7HgMRiDw8CAwEAAaOBsjCBrzASBgNVHRMBAf8ECDAGAQH/AgEBMAsG +A1UdDwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0j +BGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkw +FwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJv +b3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBACOSmqEBtBLR9aV3UyCI8gmzR5in +Lte9aUXXS+qis6F2h2Stf4sN+Nl6Gj7REC6SpfEH4wWdwiUL5J0CJhyoOjQuDl3n +1Dw3dE4/zqMZdyDKEYTU75TmvusNJBdGsLkrf7EATAjoi/nrTOYPPhSUZvPp/D+Y +vORJ9Ej51GXlK1nwEB5iA8+tDYniNQn6BD1MEgIejzK+fbiy7braZB1kqhoEr2Si +7luBSnU912sw494E88a2EWbmMvg2TVHPNzCpVkpNk7kifCiwmw9VldkqYy9y/lCa +Epyp7lTfKw7cbD04Vk8QJW782L6Csuxkl346b17wmOqn8AZips3tFsuAY3w= +-----END CERTIFICATE----- diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left new file mode 100755 index 00000000..e55c3e42 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left @@ -0,0 +1,10 @@ +#strongswan on left board +set -v +cp -rf ipsec.conf.left /etc/ipsec.conf +cp -rf ipsec.secrets.left /etc/ipsec.secrets +cp -rf strongswan.conf /etc/ +cp -rf strongswanCert.pem /etc/ipsec.d/cacerts/ +cp -rf moonCert.pem /etc/ipsec.d/certs/ +mkdir /etc/ipsec.d/private +cp -rf sunKey.pem /etc/ipsec.d/private/ +cp -rf moonKey.pem /etc/ipsec.d/private/ diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right new file mode 100755 index 00000000..bcdbb731 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right @@ -0,0 +1,10 @@ +#strongswan on left board +set -v +cp -rf ipsec.conf.right /etc/ipsec.conf +cp -rf ipsec.secrets.right /etc/ipsec.secrets +cp -rf strongswan.conf /etc/ +cp -rf strongswanCert.pem /etc/ipsec.d/cacerts/ +cp -rf sunCert.pem /etc/ipsec.d/certs/ +mkdir /etc/ipsec.d/private +cp -rf sunKey.pem /etc/ipsec.d/private/ +cp -rf moonKey.pem /etc/ipsec.d/private/ diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem new file mode 100644 index 00000000..d0937bab --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEIDCCAwigAwIBAgIBFjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ +MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS +b290IENBMB4XDTA5MDgyNzA5NTkwNFoXDTE0MDgyNjA5NTkwNFowRTELMAkGA1UE +BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN1bi5z +dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+V +VIpn6Q5jaU//EN6p6A5cSfUfhBK0mFa2laFFZh/Y0h66AXqqrQ3X917h7YNsSk68 +oowY9h9I3gOx7hNVBsJr2VjdYC+b0q5NTha09/A5mimv/prYj6o0yawxoPjoDs9Y +h7D7Kf+F8fkgk0stlHJZX66J7dNrFXbg1xBld+Ep5Or2FbEZ9QWUpRQTuhdpNt/4 +9YuxQ59DemY9IRbwsrKCHH0mGrJsDdqeb0ap+8QvSXHjCt1fr9MNKWaAFAQLKQI4 +e0da1ntPCEQLeE833+NNRBgGufk0KqGT3eAXqrxa9AEIUJnVcPexQdqUMjcUpXFb +8WNzRWB8Egh3BDK6FsECAwEAAaOCARkwggEVMAkGA1UdEwQCMAAwCwYDVR0PBAQD +AgOoMB0GA1UdDgQWBBRW1p4v2qihzRlcI1PnxbZwluML+zBtBgNVHSMEZjBkgBRd +p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT +EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB +ADAdBgNVHREEFjAUghJzdW4uc3Ryb25nc3dhbi5vcmcwEwYDVR0lBAwwCgYIKwYB +BQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9y +Zy9zdHJvbmdzd2FuLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAo37LYT9Awx0MK/nA +FZpPJqUr0Ey+O5Ukcsdx7nd00SlmpiQRY8KmuRXCBQnDEgdLstd3slQjT0pJEgWF +0pzxybnI6eOzYAhLfhart+X1hURiNGbXjggm2s4I5+K32bVIkNEqlsYnd/6F9oo5 +ZNO0/eTTruLZfkNe/zchBGKe/Z7MacVwlYWWCbMtBV4K1d5dGcRRgpQ9WivDlmat +Nh9wlscDSgSGk3HJkbxnq695VN7zUbDWAUvWWhV5bIDjlAR/xyT9ApqIxiyVVRul +fYrE7U05Hbt6GgAroAKLp6qJup9+TxQAKSjKIwJ0hf7OuYyQ8TZtVHS7AOhm+T/5 +G/jGGA== +-----END CERTIFICATE----- diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem new file mode 100644 index 00000000..d8fad9aa --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA35VUimfpDmNpT/8Q3qnoDlxJ9R+EErSYVraVoUVmH9jSHroB +eqqtDdf3XuHtg2xKTryijBj2H0jeA7HuE1UGwmvZWN1gL5vSrk1OFrT38DmaKa/+ +mtiPqjTJrDGg+OgOz1iHsPsp/4Xx+SCTSy2Ucllfront02sVduDXEGV34Snk6vYV +sRn1BZSlFBO6F2k23/j1i7FDn0N6Zj0hFvCysoIcfSYasmwN2p5vRqn7xC9JceMK +3V+v0w0pZoAUBAspAjh7R1rWe08IRAt4Tzff401EGAa5+TQqoZPd4BeqvFr0AQhQ +mdVw97FB2pQyNxSlcVvxY3NFYHwSCHcEMroWwQIDAQABAoIBADH51hjN2zk9HVgl +QmcTAWzcUie5cLMhrP+M9mtC8O3jcCwwFY6OwfnbMU8DHy0GMqHg5lB8b99UUVPw +HLAzjDw/ESkc6pgZs4EEhJTsxJLsvTnePgHssEgyXnXf7gRVEqJkPohfy+Zy0UCH +eIUQXiMlOQ7xg7iDMhwNa+UdWSt539DztSKilQn2xdPZjFnMT0/prvl4NA/8Zn54 +/SdWDq5yRdLWb6EK1V7yJ3687GXR1jzGtgy7TXuncUJVTYgX7RdP1Tn6gWD8YAQ/ +RfT0DdWYm4WHSgSb9/NW8lBZH2yy3hg+lNgofXEvTfBkO5QyW31LIr0tCV6zhJIc +Y9MxaKUCgYEA9sktaXfhPLe0ECjdeQEOq5EKuDrCviSKCOuAV4BDSOsdw6+5LWfY +Vb/oke8N70lL3RCblcj1pOKWUi2O/SpEJdDRduiw2gM9cXt3/bChSTHC4TsIxxN/ +Db9OGg72kZ4sRY5Au+zyAAQYBwXhFWux194Jk5qK0JblNG9J5QMqZDcCgYEA5+5h +BgHUMEO+pdME5lAiSc5PcNTejpA6j+OikCh4/HFXy3C/dLx+Cs1+egw64c8iVaIv +NEo7n7E9I0e3XqanPRXhMnBRrP+39OVsWPmZ18Li2Hi84KwJyi8Y11l3XJOqaYpF +wMVUuZpxR0dfG5k/5GwT/tEkmQBglOgG3m2zUMcCgYEA4m3Vd9ahV5dp5AXKpzKc +JjiPMFfhxJo7+FEz0ZUCp03qYljBu/Jy4MKS/grrqyiCLdQGHNlk4SNxLvdUId78 +5gGBnuuDEJU2dAAIKUE9yq2YlBUZSacOxStI2snt28/X6P3LUWHm7LLU5OS1D3Vf +mKPF/6MlSJuas5CEqVZNN+MCgYBH9Qh7IaQgmVQUBKVXg3Mv7OduvUyTdKIGtHxi +N3xZ7hxsDP4JjNWaKmlcGmFGX8pqQRheI83d3NJ4GK8GmbP3Wst0p65fezMqsudr +r30QmPFicgs/tYCQDw6o+aPzwAi2F+VOSqrfrtAIaldSq7hL+VA21dKB+cD9UgOX +jPd+TwKBgQCbKeg2QNS2qhPIG9eaqJDROuxmxb/07d7OBctgMgxVvKhqW9hW42Sy +gJ59fyz5QjFBaSfcOdf4gkKyEawVo45/q6ymIQU37R4vF4CW9Z3CfaIbwJp7LcHV +zH07so/HNsZua6GWCSCLJU5MeCRiZzk2RFiS9KIaLP4gZndv4lXOiQ== +-----END RSA PRIVATE KEY----- diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb b/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb new file mode 100644 index 00000000..56070605 --- /dev/null +++ b/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb @@ -0,0 +1,25 @@ +SUMMARY = "Scripts and configuration files for ipsec demo" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +RDEPENDS_${PN} = "ipsec-tools" + +inherit allarch + +SRC_URI = "file://test_setkey" + +do_configure() { + : +} + +do_compile() { + : +} + +do_install(){ + install -d ${D}${datadir} + cp -a ${WORKDIR}/test_setkey ${D}${datadir}/ +} + +FILES_${PN} = "${datadir}/*" + diff --git a/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch b/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch new file mode 100644 index 00000000..e7b874f5 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch @@ -0,0 +1,83 @@ +From 9297e3834518ff0558d6e7004a62adfd107e659a Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Tue, 10 Sep 2013 12:46:46 +0300 +Subject: [PATCH 01/26] remove double initialization of cryptodev engine + +cryptodev engine is initialized together with the other engines in +ENGINE_load_builtin_engines. The initialization done through +OpenSSL_add_all_algorithms is redundant. + +Change-Id: Ic9488500967595543ff846f147b36f383db7cb27 +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/17222 +--- + crypto/engine/eng_all.c | 11 ----------- + crypto/engine/engine.h | 4 ---- + crypto/evp/c_all.c | 5 ----- + util/libeay.num | 2 +- + 4 files changed, 1 insertion(+), 21 deletions(-) + +diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c +index 6093376..f16c043 100644 +--- a/crypto/engine/eng_all.c ++++ b/crypto/engine/eng_all.c +@@ -122,14 +122,3 @@ void ENGINE_load_builtin_engines(void) + #endif + ENGINE_register_all_complete(); + } +- +-#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) +-void ENGINE_setup_bsd_cryptodev(void) { +- static int bsd_cryptodev_default_loaded = 0; +- if (!bsd_cryptodev_default_loaded) { +- ENGINE_load_cryptodev(); +- ENGINE_register_all_complete(); +- } +- bsd_cryptodev_default_loaded=1; +-} +-#endif +diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h +index f8be497..237a6c9 100644 +--- a/crypto/engine/engine.h ++++ b/crypto/engine/engine.h +@@ -740,10 +740,6 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, + * values. */ + void *ENGINE_get_static_state(void); + +-#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) +-void ENGINE_setup_bsd_cryptodev(void); +-#endif +- + /* BEGIN ERROR CODES */ + /* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. +diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c +index 766c4ce..5d6c21b 100644 +--- a/crypto/evp/c_all.c ++++ b/crypto/evp/c_all.c +@@ -82,9 +82,4 @@ void OPENSSL_add_all_algorithms_noconf(void) + OPENSSL_cpuid_setup(); + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); +-#ifndef OPENSSL_NO_ENGINE +-# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) +- ENGINE_setup_bsd_cryptodev(); +-# endif +-#endif + } +diff --git a/util/libeay.num b/util/libeay.num +index aa86b2b..ae50040 100755 +--- a/util/libeay.num ++++ b/util/libeay.num +@@ -2801,7 +2801,7 @@ BIO_indent 3242 EXIST::FUNCTION: + BUF_strlcpy 3243 EXIST::FUNCTION: + OpenSSLDie 3244 EXIST::FUNCTION: + OPENSSL_cleanse 3245 EXIST::FUNCTION: +-ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE ++ENGINE_setup_bsd_cryptodev 3246 NOEXIST::FUNCTION: + ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH + EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES + FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch new file mode 100644 index 00000000..ab2b7ea9 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch @@ -0,0 +1,317 @@ +From dfd6ba263dc25ea2a4bbc32448b24ca2b1fc40e8 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Thu, 29 Aug 2013 16:51:18 +0300 +Subject: [PATCH 02/26] eng_cryptodev: add support for TLS algorithms offload + +- aes-128-cbc-hmac-sha1 +- aes-256-cbc-hmac-sha1 + +Requires TLS patches on cryptodev and TLS algorithm support in Linux +kernel driver. + +Change-Id: I43048caa348414daddd6c1a5cdc55e769ac1945f +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/17223 +--- + crypto/engine/eng_cryptodev.c | 222 +++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 211 insertions(+), 11 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 5a715ac..7588a28 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -72,6 +72,9 @@ ENGINE_load_cryptodev(void) + struct dev_crypto_state { + struct session_op d_sess; + int d_fd; ++ unsigned char *aad; ++ unsigned int aad_len; ++ unsigned int len; + + #ifdef USE_CRYPTODEV_DIGESTS + char dummy_mac_key[HASH_MAX_LEN]; +@@ -140,17 +143,20 @@ static struct { + int nid; + int ivmax; + int keylen; ++ int mackeylen; + } ciphers[] = { +- { CRYPTO_ARC4, NID_rc4, 0, 16, }, +- { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, +- { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, +- { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, +- { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, }, +- { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, }, +- { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, +- { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, +- { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, +- { 0, NID_undef, 0, 0, }, ++ { CRYPTO_ARC4, NID_rc4, 0, 16, 0}, ++ { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, 0}, ++ { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, 0}, ++ { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, 0}, ++ { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, 0}, ++ { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, 0}, ++ { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, ++ { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, ++ { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, ++ { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, ++ { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { 0, NID_undef, 0, 0, 0}, + }; + + #ifdef USE_CRYPTODEV_DIGESTS +@@ -250,13 +256,15 @@ get_cryptodev_ciphers(const int **cnids) + } + memset(&sess, 0, sizeof(sess)); + sess.key = (caddr_t)"123456789abcdefghijklmno"; ++ sess.mackey = (caddr_t)"123456789ABCDEFGHIJKLMNO"; + + for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { + if (ciphers[i].nid == NID_undef) + continue; + sess.cipher = ciphers[i].id; + sess.keylen = ciphers[i].keylen; +- sess.mac = 0; ++ sess.mackeylen = ciphers[i].mackeylen; ++ + if (ioctl(fd, CIOCGSESSION, &sess) != -1 && + ioctl(fd, CIOCFSESSION, &sess.ses) != -1) + nids[count++] = ciphers[i].nid; +@@ -414,6 +422,67 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + return (1); + } + ++ ++static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, ++ const unsigned char *in, size_t len) ++{ ++ struct crypt_auth_op cryp; ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ const void *iiv; ++ unsigned char save_iv[EVP_MAX_IV_LENGTH]; ++ ++ if (state->d_fd < 0) ++ return (0); ++ if (!len) ++ return (1); ++ if ((len % ctx->cipher->block_size) != 0) ++ return (0); ++ ++ memset(&cryp, 0, sizeof(cryp)); ++ ++ /* TODO: make a seamless integration with cryptodev flags */ ++ switch (ctx->cipher->nid) { ++ case NID_aes_128_cbc_hmac_sha1: ++ case NID_aes_256_cbc_hmac_sha1: ++ cryp.flags = COP_FLAG_AEAD_TLS_TYPE; ++ } ++ cryp.ses = sess->ses; ++ cryp.len = state->len; ++ cryp.src = (caddr_t) in; ++ cryp.dst = (caddr_t) out; ++ cryp.auth_src = state->aad; ++ cryp.auth_len = state->aad_len; ++ ++ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; ++ ++ if (ctx->cipher->iv_len) { ++ cryp.iv = (caddr_t) ctx->iv; ++ if (!ctx->encrypt) { ++ iiv = in + len - ctx->cipher->iv_len; ++ memcpy(save_iv, iiv, ctx->cipher->iv_len); ++ } ++ } else ++ cryp.iv = NULL; ++ ++ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { ++ /* XXX need better errror handling ++ * this can fail for a number of different reasons. ++ */ ++ return (0); ++ } ++ ++ if (ctx->cipher->iv_len) { ++ if (ctx->encrypt) ++ iiv = out + len - ctx->cipher->iv_len; ++ else ++ iiv = save_iv; ++ memcpy(ctx->iv, iiv, ctx->cipher->iv_len); ++ } ++ return (1); ++} ++ ++ + static int + cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +@@ -452,6 +521,45 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + return (1); + } + ++/* Save the encryption key provided by upper layers. ++ * ++ * This function is called by EVP_CipherInit_ex to initialize the algorithm's ++ * extra data. We can't do much here because the mac key is not available. ++ * The next call should/will be to cryptodev_cbc_hmac_sha1_ctrl with parameter ++ * EVP_CTRL_AEAD_SET_MAC_KEY, to set the hmac key. There we call CIOCGSESSION ++ * with both the crypto and hmac keys. ++ */ ++static int cryptodev_init_aead_key(EVP_CIPHER_CTX *ctx, ++ const unsigned char *key, const unsigned char *iv, int enc) ++{ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ int cipher = -1, i; ++ ++ for (i = 0; ciphers[i].id; i++) ++ if (ctx->cipher->nid == ciphers[i].nid && ++ ctx->cipher->iv_len <= ciphers[i].ivmax && ++ ctx->key_len == ciphers[i].keylen) { ++ cipher = ciphers[i].id; ++ break; ++ } ++ ++ if (!ciphers[i].id) { ++ state->d_fd = -1; ++ return (0); ++ } ++ ++ memset(sess, 0, sizeof(struct session_op)); ++ ++ sess->key = (caddr_t)key; ++ sess->keylen = ctx->key_len; ++ sess->cipher = cipher; ++ ++ /* for whatever reason, (1) means success */ ++ return (1); ++} ++ ++ + /* + * free anything we allocated earlier when initting a + * session, and close the session. +@@ -488,6 +596,63 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx) + return (ret); + } + ++static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, ++ void *ptr) ++{ ++ switch (type) { ++ case EVP_CTRL_AEAD_SET_MAC_KEY: ++ { ++ /* TODO: what happens with hmac keys larger than 64 bytes? */ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ ++ if ((state->d_fd = get_dev_crypto()) < 0) ++ return (0); ++ ++ /* the rest should have been set in cryptodev_init_aead_key */ ++ sess->mackey = ptr; ++ sess->mackeylen = arg; ++ ++ if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { ++ put_dev_crypto(state->d_fd); ++ state->d_fd = -1; ++ return (0); ++ } ++ return (1); ++ } ++ case EVP_CTRL_AEAD_TLS1_AAD: ++ { ++ /* ptr points to the associated data buffer of 13 bytes */ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ unsigned char *p = ptr; ++ unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; ++ unsigned int maclen, padlen; ++ unsigned int bs = ctx->cipher->block_size; ++ ++ state->aad = ptr; ++ state->aad_len = arg; ++ state->len = cryptlen; ++ ++ /* TODO: this should be an extension of EVP_CIPHER struct */ ++ switch (ctx->cipher->nid) { ++ case NID_aes_128_cbc_hmac_sha1: ++ case NID_aes_256_cbc_hmac_sha1: ++ maclen = SHA_DIGEST_LENGTH; ++ } ++ ++ /* space required for encryption (not only TLS padding) */ ++ padlen = maclen; ++ if (ctx->encrypt) { ++ cryptlen += maclen; ++ padlen += bs - (cryptlen % bs); ++ } ++ return padlen; ++ } ++ default: ++ return -1; ++ } ++} ++ + /* + * libcrypto EVP stuff - this is how we get wired to EVP so the engine + * gets called when libcrypto requests a cipher NID. +@@ -600,6 +765,33 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { + NULL + }; + ++const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { ++ NID_aes_128_cbc_hmac_sha1, ++ 16, 16, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { ++ NID_aes_256_cbc_hmac_sha1, ++ 16, 32, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; + /* + * Registered by the ENGINE when used to find out how to deal with + * a particular NID in the ENGINE. this says what we'll do at the +@@ -637,6 +829,12 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc: + *cipher = &cryptodev_aes_256_cbc; + break; ++ case NID_aes_128_cbc_hmac_sha1: ++ *cipher = &cryptodev_aes_128_cbc_hmac_sha1; ++ break; ++ case NID_aes_256_cbc_hmac_sha1: ++ *cipher = &cryptodev_aes_256_cbc_hmac_sha1; ++ break; + default: + *cipher = NULL; + break; +@@ -1384,6 +1582,8 @@ ENGINE_load_cryptodev(void) + } + put_dev_crypto(fd); + ++ EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); ++ EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); + if (!ENGINE_set_id(engine, "cryptodev") || + !ENGINE_set_name(engine, "BSD cryptodev engine") || + !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch b/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch new file mode 100644 index 00000000..f0d97e9a --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch @@ -0,0 +1,64 @@ +From 084fa469a8fef530d71a0870364df1c7997f6465 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Thu, 31 Jul 2014 14:06:19 +0300 +Subject: [PATCH 03/26] cryptodev: fix algorithm registration + +Cryptodev specific algorithms must register only if available in kernel. + +Change-Id: Iec5af8f4f3138357e4b96f2ec1627278134e4808 +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/15326 +Reviewed-by: Horia Ioan Geanta Neag +Reviewed-on: http://git.am.freescale.net:8181/17224 +--- + crypto/engine/eng_cryptodev.c | 20 +++++++++++++++++--- + 1 file changed, 17 insertions(+), 3 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 7588a28..e3eb98b 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -133,6 +133,8 @@ static int cryptodev_dh_compute_key(unsigned char *key, + static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, + void (*f)(void)); + void ENGINE_load_cryptodev(void); ++const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; + + static const ENGINE_CMD_DEFN cryptodev_defns[] = { + { 0, NULL, NULL, 0 } +@@ -342,7 +344,21 @@ get_cryptodev_digests(const int **cnids) + static int + cryptodev_usable_ciphers(const int **nids) + { +- return (get_cryptodev_ciphers(nids)); ++ int i, count; ++ ++ count = get_cryptodev_ciphers(nids); ++ /* add ciphers specific to cryptodev if found in kernel */ ++ for(i = 0; i < count; i++) { ++ switch (*(*nids + i)) { ++ case NID_aes_128_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); ++ break; ++ case NID_aes_256_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); ++ break; ++ } ++ } ++ return count; + } + + static int +@@ -1582,8 +1598,6 @@ ENGINE_load_cryptodev(void) + } + put_dev_crypto(fd); + +- EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); +- EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); + if (!ENGINE_set_id(engine, "cryptodev") || + !ENGINE_set_name(engine, "BSD cryptodev engine") || + !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch b/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch new file mode 100644 index 00000000..2d722d8a --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch @@ -0,0 +1,74 @@ +From 7d770f0324498d1fa78300cc5cecc8c1dcd3b788 Mon Sep 17 00:00:00 2001 +From: Andy Polyakov +Date: Sun, 21 Oct 2012 18:19:41 +0000 +Subject: [PATCH 04/26] linux-pcc: make it more robust and recognize + KERNEL_BITS variable. + +(cherry picked from commit 78c3e20579d3baa159c8b51b59d415b6e521614b) + +Change-Id: I769c466f052305681ab54a1b6545d94c7fbf5a9d +Signed-off-by: Cristian Stoica +--- + config | 19 +++++++++++++------ + crypto/ppccap.c | 7 +++++++ + 2 files changed, 20 insertions(+), 6 deletions(-) + +diff --git a/config b/config +index 41fa2a6..f37b9e6 100755 +--- a/config ++++ b/config +@@ -587,13 +587,20 @@ case "$GUESSOS" in + fi + ;; + ppc64-*-linux2) +- echo "WARNING! If you wish to build 64-bit library, then you have to" +- echo " invoke './Configure linux-ppc64' *manually*." +- if [ "$TEST" = "false" -a -t 1 ]; then +- echo " You have about 5 seconds to press Ctrl-C to abort." +- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1 ++ if [ -z "$KERNEL_BITS" ]; then ++ echo "WARNING! If you wish to build 64-bit library, then you have to" ++ echo " invoke './Configure linux-ppc64' *manually*." ++ if [ "$TEST" = "false" -a -t 1 ]; then ++ echo " You have about 5 seconds to press Ctrl-C to abort." ++ (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1 ++ fi ++ fi ++ if [ "$KERNEL_BITS" = "64" ]; then ++ OUT="linux-ppc64" ++ else ++ OUT="linux-ppc" ++ (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || options="$options -m32" + fi +- OUT="linux-ppc" + ;; + ppc-*-linux2) OUT="linux-ppc" ;; + ppc60x-*-vxworks*) OUT="vxworks-ppc60x" ;; +diff --git a/crypto/ppccap.c b/crypto/ppccap.c +index f71ba66..531f1b3 100644 +--- a/crypto/ppccap.c ++++ b/crypto/ppccap.c +@@ -4,6 +4,9 @@ + #include + #include + #include ++#ifdef __linux ++#include ++#endif + #include + #include + +@@ -102,6 +105,10 @@ void OPENSSL_cpuid_setup(void) + + if (sizeof(size_t)==4) + { ++#ifdef __linux ++ struct utsname uts; ++ if (uname(&uts)==0 && strcmp(uts.machine,"ppc64")==0) ++#endif + if (sigsetjmp(ill_jmp,1) == 0) + { + OPENSSL_ppc64_probe(); +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch b/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch new file mode 100644 index 00000000..c9ff5aa8 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch @@ -0,0 +1,318 @@ +From 15abbcd740eafbf2a46b5da24be76acf4982743d Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Tue, 11 Mar 2014 05:56:54 +0545 +Subject: [PATCH 05/26] ECC Support header for Cryptodev Engine + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + crypto/engine/eng_cryptodev_ec.h | 296 +++++++++++++++++++++++++++++++++++++++ + 1 file changed, 296 insertions(+) + create mode 100644 crypto/engine/eng_cryptodev_ec.h + +diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h +new file mode 100644 +index 0000000..77aee71 +--- /dev/null ++++ b/crypto/engine/eng_cryptodev_ec.h +@@ -0,0 +1,296 @@ ++/* ++ * Copyright (C) 2012 Freescale Semiconductor, Inc. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR ++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES ++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN ++ * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED ++ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR ++ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ++ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING ++ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS ++ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ */ ++#ifndef __ENG_EC_H ++#define __ENG_EC_H ++ ++#define SPCF_CPARAM_INIT(X,...) \ ++static unsigned char X##_c[] = {__VA_ARGS__} \ ++ ++#define SPCF_FREE_BN(X) do { if(X) { BN_clear_free(X); X = NULL; } } while (0) ++ ++#define SPCF_COPY_CPARAMS(NIDBUF) \ ++ do { \ ++ memcpy (buf, NIDBUF, buf_len); \ ++ } while (0) ++ ++#define SPCF_CPARAM_CASE(X) \ ++ case NID_##X: \ ++ SPCF_COPY_CPARAMS(X##_c); \ ++ break ++ ++SPCF_CPARAM_INIT(sect113r1, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, 0xEC, 0x76, ++ 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); ++SPCF_CPARAM_INIT(sect113r2, 0x00, 0x54, 0xD9, 0xF0, 0x39, 0x57, 0x17, 0x4A, ++ 0x32, 0x32, 0x91, 0x67, 0xD7, 0xFE, 0x71); ++SPCF_CPARAM_INIT(sect131r1, 0x03, 0xDB, 0x89, 0xB4, 0x05, 0xE4, 0x91, 0x16, ++ 0x0E, 0x3B, 0x2F, 0x07, 0xB0, 0xCE, 0x20, 0xB3, 0x7E); ++SPCF_CPARAM_INIT(sect131r2, 0x07, 0xCB, 0xB9, 0x92, 0x0D, 0x71, 0xA4, 0x8E, ++ 0x09, 0x9C, 0x38, 0xD7, 0x1D, 0xA6, 0x49, 0x0E, 0xB1); ++SPCF_CPARAM_INIT(sect163k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(sect163r1, 0x05, 0xED, 0x40, 0x3E, 0xD5, 0x8E, 0xB4, 0x5B, ++ 0x1C, 0xCE, 0xCA, 0x0F, 0x4F, 0x61, 0x65, 0x55, 0x49, 0x86, ++ 0x1B, 0xE0, 0x52); ++SPCF_CPARAM_INIT(sect163r2, 0x07, 0x2C, 0x4E, 0x1E, 0xF7, 0xCB, 0x2F, 0x3A, ++ 0x03, 0x5D, 0x33, 0x10, 0x42, 0x94, 0x15, 0x96, 0x09, 0x13, ++ 0x8B, 0xB4, 0x04); ++SPCF_CPARAM_INIT(sect193r1, 0x01, 0x67, 0xB3, 0x5E, 0xB4, 0x31, 0x3F, 0x26, ++ 0x3D, 0x0F, 0x7A, 0x3D, 0x50, 0x36, 0xF0, 0xA0, 0xA3, 0xC9, ++ 0x80, 0xD4, 0x0E, 0x5A, 0x05, 0x3E, 0xD2); ++SPCF_CPARAM_INIT(sect193r2, 0x00, 0x69, 0x89, 0xFE, 0x6B, 0xFE, 0x30, 0xED, ++ 0xDC, 0x32, 0x44, 0x26, 0x9F, 0x3A, 0xAD, 0x18, 0xD6, 0x6C, ++ 0xF3, 0xDB, 0x3E, 0x33, 0x02, 0xFA, 0xA8); ++SPCF_CPARAM_INIT(sect233k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x01); ++SPCF_CPARAM_INIT(sect233r1, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, 0xDF, 0xF1, ++ 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, 0xCE, 0x35, ++ 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, 0xC0, 0xF2, ++ 0x68, 0x6C); ++SPCF_CPARAM_INIT(sect239k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x01); ++SPCF_CPARAM_INIT(sect283k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(sect283r1, 0x03, 0xD8, 0xC9, 0x3D, 0x3B, 0x0E, 0xA8, 0x1D, ++ 0x92, 0x94, 0x03, 0x4D, 0x7E, 0xE3, 0x13, 0x5D, 0x0A, 0xC5, ++ 0xFC, 0x8D, 0x9C, 0xB0, 0x27, 0x6F, 0x72, 0x11, 0xF8, 0x80, ++ 0xF0, 0xD8, 0x1C, 0xA4, 0xC6, 0xE8, 0x7B, 0x38); ++SPCF_CPARAM_INIT(sect409k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(sect409r1, 0x01, 0x49, 0xB8, 0xB7, 0xBE, 0xBD, 0x9B, 0x63, ++ 0x65, 0x3E, 0xF1, 0xCD, 0x8C, 0x6A, 0x5D, 0xD1, 0x05, 0xA2, ++ 0xAA, 0xAC, 0x36, 0xFE, 0x2E, 0xAE, 0x43, 0xCF, 0x28, 0xCE, ++ 0x1C, 0xB7, 0xC8, 0x30, 0xC1, 0xEC, 0xDB, 0xFA, 0x41, 0x3A, ++ 0xB0, 0x7F, 0xE3, 0x5A, 0x57, 0x81, 0x1A, 0xE4, 0xF8, 0x8D, ++ 0x30, 0xAC, 0x63, 0xFB); ++SPCF_CPARAM_INIT(sect571k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(sect571r1, 0x06, 0x39, 0x5D, 0xB2, 0x2A, 0xB5, 0x94, 0xB1, ++ 0x86, 0x8C, 0xED, 0x95, 0x25, 0x78, 0xB6, 0x53, 0x9F, 0xAB, ++ 0xA6, 0x94, 0x06, 0xD9, 0xB2, 0x98, 0x61, 0x23, 0xA1, 0x85, ++ 0xC8, 0x58, 0x32, 0xE2, 0x5F, 0xD5, 0xB6, 0x38, 0x33, 0xD5, ++ 0x14, 0x42, 0xAB, 0xF1, 0xA9, 0xC0, 0x5F, 0xF0, 0xEC, 0xBD, ++ 0x88, 0xD7, 0xF7, 0x79, 0x97, 0xF4, 0xDC, 0x91, 0x56, 0xAA, ++ 0xF1, 0xCE, 0x08, 0x16, 0x46, 0x86, 0xDD, 0xFF, 0x75, 0x11, ++ 0x6F, 0xBC, 0x9A, 0x7A); ++SPCF_CPARAM_INIT(X9_62_c2pnb163v1, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, 0x1F, ++ 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, 0x81, ++ 0xE7, 0xEA, 0x26, 0xEC); ++SPCF_CPARAM_INIT(X9_62_c2pnb163v2, 0x04, 0x35, 0xC0, 0x19, 0x66, 0x0E, 0x01, ++ 0x01, 0xBA, 0x87, 0x0C, 0xA3, 0x9F, 0xD9, 0xA7, 0x76, 0x86, ++ 0x50, 0x9D, 0x28, 0x13); ++SPCF_CPARAM_INIT(X9_62_c2pnb163v3, 0x06, 0x55, 0xC4, 0x54, 0xE4, 0x1E, 0x38, ++ 0x0C, 0x7A, 0x60, 0xB6, 0x67, 0x9A, 0x5B, 0x7A, 0x3F, 0x3A, ++ 0xF6, 0x8E, 0x22, 0xC5); ++SPCF_CPARAM_INIT(X9_62_c2pnb176v1, 0x00, 0x69, 0xF7, 0xDA, 0x36, 0x19, 0xA7, ++ 0x42, 0xA3, 0x82, 0xFF, 0x05, 0x08, 0x8F, 0xD3, 0x99, 0x42, ++ 0xCA, 0x0F, 0x1D, 0x90, 0xB6, 0x5B); ++SPCF_CPARAM_INIT(X9_62_c2tnb191v1, 0x4C, 0x45, 0x25, 0xAB, 0x0B, 0x68, 0x4A, ++ 0x64, 0x44, 0x62, 0x0A, 0x86, 0x45, 0xEF, 0x54, 0x6D, 0x54, ++ 0x69, 0x39, 0x68, 0xC2, 0xAE, 0x84, 0xAC); ++SPCF_CPARAM_INIT(X9_62_c2tnb191v2, 0x03, 0x7C, 0x8F, 0x57, 0xA2, 0x25, 0xC7, ++ 0xB3, 0xD4, 0xED, 0xD5, 0x88, 0x0F, 0x38, 0x0A, 0xCC, 0x55, ++ 0x74, 0xEC, 0xB3, 0x6C, 0x9F, 0x51, 0x21); ++SPCF_CPARAM_INIT(X9_62_c2tnb191v3, 0x37, 0x39, 0xFF, 0x98, 0xB4, 0xD1, 0x69, ++ 0x3E, 0xCF, 0x52, 0x7A, 0x98, 0x51, 0xED, 0xCF, 0x99, 0x9D, ++ 0x9E, 0x75, 0x05, 0x43, 0x33, 0x43, 0x24); ++SPCF_CPARAM_INIT(X9_62_c2pnb208w1, 0x00, 0xDB, 0x05, 0x3C, 0x41, 0x76, 0xCC, ++ 0x1D, 0xA1, 0x27, 0x85, 0x2C, 0xA6, 0xD9, 0x88, 0xBE, 0x1A, ++ 0xCC, 0xD1, 0x5B, 0x2A, 0xC1, 0xC1, 0x07, 0x42, 0x57, 0x34); ++SPCF_CPARAM_INIT(X9_62_c2tnb239v1, 0x24, 0x59, 0xFC, 0xF4, 0x51, 0x7B, 0xC5, ++ 0xA6, 0xB9, 0x9B, 0xE5, 0xC6, 0xC5, 0x62, 0x85, 0xC0, 0x21, ++ 0xFE, 0x32, 0xEE, 0x2B, 0x6F, 0x1C, 0x22, 0xEA, 0x5B, 0xE1, ++ 0xB8, 0x4B, 0x93); ++SPCF_CPARAM_INIT(X9_62_c2tnb239v2, 0x64, 0x98, 0x84, 0x19, 0x3B, 0x56, 0x2D, ++ 0x4A, 0x50, 0xB4, 0xFA, 0x56, 0x34, 0xE0, 0x34, 0x41, 0x3F, ++ 0x94, 0xC4, 0x59, 0xDA, 0x7C, 0xDB, 0x16, 0x64, 0x9D, 0xDD, ++ 0xF7, 0xE6, 0x0A); ++SPCF_CPARAM_INIT(X9_62_c2tnb239v3, 0x32, 0x63, 0x2E, 0x65, 0x2B, 0xEE, 0x91, ++ 0xC2, 0xE4, 0xA2, 0xF5, 0x42, 0xA3, 0x2D, 0x67, 0xA8, 0xB5, ++ 0xB4, 0x5F, 0x21, 0xA0, 0x81, 0x02, 0xFB, 0x1F, 0x2A, 0xFB, ++ 0xB6, 0xAC, 0xDA); ++SPCF_CPARAM_INIT(X9_62_c2pnb272w1, 0x00, 0xDA, 0x7B, 0x60, 0x28, 0xF4, 0xC8, ++ 0x09, 0xA0, 0xB9, 0x78, 0x81, 0xC3, 0xA5, 0x7E, 0x4D, 0x71, ++ 0x81, 0x34, 0xD1, 0x3F, 0xEC, 0xE0, 0x90, 0x85, 0x8A, 0xC3, ++ 0x1A, 0xE2, 0xDC, 0x2E, 0xDF, 0x8E, 0x3C, 0x8B); ++SPCF_CPARAM_INIT(X9_62_c2pnb304w1, 0x00, 0x3C, 0x67, 0xB4, 0x07, 0xC6, 0xF3, ++ 0x3F, 0x81, 0x0B, 0x17, 0xDC, 0x16, 0xE2, 0x14, 0x8A, 0x2C, ++ 0x9C, 0xE2, 0x9D, 0x56, 0x05, 0x23, 0x69, 0x6A, 0x55, 0x93, ++ 0x8A, 0x15, 0x40, 0x81, 0xE3, 0xE3, 0xAE, 0xFB, 0xCE, 0x45, ++ 0x70, 0xC9); ++SPCF_CPARAM_INIT(X9_62_c2tnb359v1, 0x22, 0x39, 0xAA, 0x58, 0x4A, 0xC5, 0x9A, ++ 0xF9, 0x61, 0xD0, 0xFA, 0x2D, 0x52, 0x85, 0xB6, 0xFD, 0xF7, ++ 0x34, 0x9B, 0xC6, 0x0E, 0x91, 0xE3, 0x20, 0xF4, 0x71, 0x64, ++ 0xCE, 0x11, 0xF5, 0x18, 0xEF, 0xB4, 0xC0, 0x8B, 0x9B, 0xDA, ++ 0x99, 0x9A, 0x8A, 0x37, 0xF8, 0x2A, 0x22, 0x61); ++SPCF_CPARAM_INIT(X9_62_c2pnb368w1, 0x00, 0xC0, 0x6C, 0xCF, 0x42, 0x89, 0x3A, ++ 0x8A, 0xAA, 0x00, 0x1E, 0x0B, 0xC0, 0xD2, 0xA2, 0x27, 0x66, ++ 0xEF, 0x3E, 0x41, 0x88, 0x7C, 0xC6, 0x77, 0x6F, 0x4A, 0x04, ++ 0x1E, 0xE4, 0x45, 0x14, 0xB2, 0x0A, 0xFC, 0x4E, 0x5C, 0x30, ++ 0x40, 0x60, 0x06, 0x5B, 0xC8, 0xD6, 0xCF, 0x04, 0xD3, 0x25); ++SPCF_CPARAM_INIT(X9_62_c2tnb431r1, 0x64, 0xF5, 0xBB, 0xE9, 0xBB, 0x31, 0x66, ++ 0xA3, 0xA0, 0x2F, 0x2F, 0x22, 0xBF, 0x05, 0xD9, 0xF7, 0xDA, ++ 0x43, 0xEE, 0x70, 0xC1, 0x79, 0x03, 0x15, 0x2B, 0x70, 0xA0, ++ 0xB4, 0x25, 0x9B, 0xD2, 0xFC, 0xB2, 0x20, 0x3B, 0x7F, 0xB8, ++ 0xD3, 0x39, 0x4E, 0x20, 0xEB, 0x0E, 0xA9, 0x84, 0xDD, 0xB1, ++ 0xE1, 0xF1, 0x4C, 0x67, 0xB1, 0x36, 0x2B); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls4, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, ++ 0xEC, 0x76, 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls5, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, ++ 0x1F, 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, ++ 0x81, 0xE7, 0xEA, 0x26, 0xEC); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls11, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, ++ 0xDF, 0xF1, 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, ++ 0xCE, 0x35, 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, ++ 0xC0, 0xF2, 0x68, 0x6C); ++/* Oakley curve #3 over 155 bit binary filed */ ++SPCF_CPARAM_INIT(ipsec3, 0x00, 0x31, 0x10, 0x00, 0x00, 0x02, 0x23, 0xA0, 0x00, ++ 0xC4, 0x47, 0x40, 0x00, 0x08, 0x8E, 0x80, 0x00, 0x11, 0x1D, ++ 0x1D); ++/* Oakley curve #4 over 185 bit binary filed */ ++SPCF_CPARAM_INIT(ipsec4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, ++ 0x01, 0x80, 0x00, 0xC0, 0x0C, 0x00, 0x00, 0x00, 0x63, 0x80, ++ 0x30, 0x00, 0x1C, 0x00, 0x09); ++ ++static inline int ++eng_ec_get_cparam(int nid, unsigned char *buf, unsigned int buf_len) ++{ ++ int ret = 0; ++ switch (nid) { ++ SPCF_CPARAM_CASE(sect113r1); ++ SPCF_CPARAM_CASE(sect113r2); ++ SPCF_CPARAM_CASE(sect131r1); ++ SPCF_CPARAM_CASE(sect131r2); ++ SPCF_CPARAM_CASE(sect163k1); ++ SPCF_CPARAM_CASE(sect163r1); ++ SPCF_CPARAM_CASE(sect163r2); ++ SPCF_CPARAM_CASE(sect193r1); ++ SPCF_CPARAM_CASE(sect193r2); ++ SPCF_CPARAM_CASE(sect233k1); ++ SPCF_CPARAM_CASE(sect233r1); ++ SPCF_CPARAM_CASE(sect239k1); ++ SPCF_CPARAM_CASE(sect283k1); ++ SPCF_CPARAM_CASE(sect283r1); ++ SPCF_CPARAM_CASE(sect409k1); ++ SPCF_CPARAM_CASE(sect409r1); ++ SPCF_CPARAM_CASE(sect571k1); ++ SPCF_CPARAM_CASE(sect571r1); ++ SPCF_CPARAM_CASE(X9_62_c2pnb163v1); ++ SPCF_CPARAM_CASE(X9_62_c2pnb163v2); ++ SPCF_CPARAM_CASE(X9_62_c2pnb163v3); ++ SPCF_CPARAM_CASE(X9_62_c2pnb176v1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb191v1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb191v2); ++ SPCF_CPARAM_CASE(X9_62_c2tnb191v3); ++ SPCF_CPARAM_CASE(X9_62_c2pnb208w1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb239v1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb239v2); ++ SPCF_CPARAM_CASE(X9_62_c2tnb239v3); ++ SPCF_CPARAM_CASE(X9_62_c2pnb272w1); ++ SPCF_CPARAM_CASE(X9_62_c2pnb304w1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb359v1); ++ SPCF_CPARAM_CASE(X9_62_c2pnb368w1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb431r1); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls1); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls3); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls4); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls5); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls10); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls11); ++ /* Oakley curve #3 over 155 bit binary filed */ ++ SPCF_CPARAM_CASE(ipsec3); ++ /* Oakley curve #4 over 185 bit binary filed */ ++ SPCF_CPARAM_CASE(ipsec4); ++ default: ++ ret = -EINVAL; ++ break; ++ } ++ return ret; ++} ++ ++/* Copies the curve points to a flat buffer with appropriate padding */ ++static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, ++ int xy_len, int crv_len) ++{ ++ unsigned char *xy = NULL; ++ int len1 = 0, len2 = 0; ++ ++ len1 = BN_num_bytes(x); ++ len2 = BN_num_bytes(y); ++ ++ if (!(xy = malloc(xy_len))) { ++ return NULL; ++ } ++ ++ memset(xy, 0, xy_len); ++ ++ if (len1 < crv_len) { ++ if (!BN_is_zero(x)) ++ BN_bn2bin(x, xy + (crv_len - len1)); ++ } else { ++ BN_bn2bin(x, xy); ++ } ++ ++ if (len2 < crv_len) { ++ if (!BN_is_zero(y)) ++ BN_bn2bin(y, xy+crv_len+(crv_len-len2)); ++ } else { ++ BN_bn2bin(y, xy+crv_len); ++ } ++ ++ return xy; ++} ++ ++enum curve_t { ++ DISCRETE_LOG, ++ ECC_PRIME, ++ ECC_BINARY, ++ MAX_ECC_TYPE ++}; ++#endif +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch b/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch new file mode 100644 index 00000000..01c268b6 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch @@ -0,0 +1,33 @@ +From 39a9e609290a8a1163a721915bcde0c7cf8f92f7 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Tue, 11 Mar 2014 05:57:47 +0545 +Subject: [PATCH 06/26] Fixed private key support for DH + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + crypto/dh/dh_ameth.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c +index 02ec2d4..ed32004 100644 +--- a/crypto/dh/dh_ameth.c ++++ b/crypto/dh/dh_ameth.c +@@ -422,6 +422,13 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) + if (to->pkey.dh->g != NULL) + BN_free(to->pkey.dh->g); + to->pkey.dh->g=a; ++ if ((a=BN_dup(from->pkey.dh->q)) != NULL) { ++ if (to->pkey.dh->q != NULL) ++ BN_free(to->pkey.dh->q); ++ to->pkey.dh->q=a; ++ } ++ ++ to->pkey.dh->length = from->pkey.dh->length; + + return 1; + } +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch b/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch new file mode 100644 index 00000000..12fcd7df --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch @@ -0,0 +1,35 @@ +From 8322e4157bf49d992b5b9e460f2c0785865dd1c1 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Thu, 20 Mar 2014 19:55:51 -0500 +Subject: [PATCH 07/26] Fixed private key support for DH + +Upstream-status: Pending + +Required Length of the DH result is not returned in dh method in openssl + +Tested-by: Yashpal Dutta +--- + crypto/dh/dh_ameth.c | 7 ------- + 1 file changed, 7 deletions(-) + +diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c +index ed32004..02ec2d4 100644 +--- a/crypto/dh/dh_ameth.c ++++ b/crypto/dh/dh_ameth.c +@@ -422,13 +422,6 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) + if (to->pkey.dh->g != NULL) + BN_free(to->pkey.dh->g); + to->pkey.dh->g=a; +- if ((a=BN_dup(from->pkey.dh->q)) != NULL) { +- if (to->pkey.dh->q != NULL) +- BN_free(to->pkey.dh->q); +- to->pkey.dh->q=a; +- } +- +- to->pkey.dh->length = from->pkey.dh->length; + + return 1; + } +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch b/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch new file mode 100644 index 00000000..8c8b1f22 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch @@ -0,0 +1,1564 @@ +From 107a10d45db0f2e58482f698add04ed9183f7268 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Tue, 11 Mar 2014 06:29:52 +0545 +Subject: [PATCH 08/26] Initial support for PKC in cryptodev engine + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + crypto/engine/eng_cryptodev.c | 1343 ++++++++++++++++++++++++++++++++++++----- + 1 file changed, 1183 insertions(+), 160 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index e3eb98b..7ee314b 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -54,11 +54,14 @@ ENGINE_load_cryptodev(void) + #else + + #include +-#include + #include + #include + #include + #include ++#include ++#include ++#include ++#include + #include + #include + #include +@@ -68,6 +71,8 @@ ENGINE_load_cryptodev(void) + #include + #include + #include ++#include "eng_cryptodev_ec.h" ++#include + + struct dev_crypto_state { + struct session_op d_sess; +@@ -116,18 +121,10 @@ static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, + static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, + RSA *rsa, BN_CTX *ctx); + static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); +-static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, +- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +-static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, +- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, +- BN_CTX *ctx, BN_MONT_CTX *mont); + static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, + int dlen, DSA *dsa); + static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len, + DSA_SIG *sig, DSA *dsa); +-static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, +- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, +- BN_MONT_CTX *m_ctx); + static int cryptodev_dh_compute_key(unsigned char *key, + const BIGNUM *pub_key, DH *dh); + static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, +@@ -136,6 +133,102 @@ void ENGINE_load_cryptodev(void); + const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; + ++inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) ++{ ++ int len; ++ unsigned char *p; ++ ++ len = BN_num_bytes(bn); ++ ++ if (!len) ++ return -1; ++ ++ p = malloc(len); ++ if (!p) ++ return -1; ++ ++ BN_bn2bin(bn,p); ++ ++ *bin = p; ++ *bin_len = len; ++ ++ return 0; ++} ++ ++inline int spcf_bn2bin_ex(BIGNUM *bn, unsigned char **bin, int *bin_len) ++{ ++ int len; ++ unsigned char *p; ++ ++ len = BN_num_bytes(bn); ++ ++ if (!len) ++ return -1; ++ ++ if (len < *bin_len) ++ p = malloc(*bin_len); ++ else ++ p = malloc(len); ++ ++ if (!p) ++ return -ENOMEM; ++ ++ if (len < *bin_len) { ++ /* place padding */ ++ memset(p, 0, (*bin_len - len)); ++ BN_bn2bin(bn,p+(*bin_len-len)); ++ } else { ++ BN_bn2bin(bn,p); ++ } ++ ++ *bin = p; ++ if (len >= *bin_len) ++ *bin_len = len; ++ ++ return 0; ++} ++ ++/** ++ * Convert an ECC F2m 'b' parameter into the 'c' parameter. ++ *Inputs: ++ * q, the curve's modulus ++ * b, the curve's b parameter ++ * (a bignum for b, a buffer for c) ++ * Output: ++ * c, written into bin, right-adjusted to fill q_len bytes. ++ */ ++static int ++eng_ec_compute_cparam(const BIGNUM* b, const BIGNUM* q, ++ unsigned char **bin, int *bin_len) ++{ ++ BIGNUM* c = BN_new(); ++ BIGNUM* exp = BN_new(); ++ BN_CTX *ctx = BN_CTX_new(); ++ int m = BN_num_bits(q) - 1; ++ int ok = 0; ++ ++ if (!c || !exp || !ctx || *bin) ++ goto err; ++ ++ /* ++ * We have to compute c, where b = c^4, i.e., the fourth root of b. ++ * The equation for c is c = b^(2^(m-2)) ++ * Compute exp = 2^(m-2) ++ * (1 << x) == 2^x ++ * and then compute c = b^exp ++ */ ++ BN_lshift(exp, BN_value_one(), m-2); ++ BN_GF2m_mod_exp(c, b, exp, q, ctx); ++ /* Store c */ ++ spcf_bn2bin_ex(c, bin, bin_len); ++ ok = 1; ++err: ++ if (ctx) BN_CTX_free(ctx); ++ if (c) BN_free(c); ++ if (exp) BN_free(exp); ++ return ok; ++} ++ + static const ENGINE_CMD_DEFN cryptodev_defns[] = { + { 0, NULL, NULL, 0 } + }; +@@ -1139,7 +1232,6 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, + static int + bn2crparam(const BIGNUM *a, struct crparam *crp) + { +- int i, j, k; + ssize_t bytes, bits; + u_char *b; + +@@ -1156,15 +1248,7 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) + + crp->crp_p = (caddr_t) b; + crp->crp_nbits = bits; +- +- for (i = 0, j = 0; i < a->top; i++) { +- for (k = 0; k < BN_BITS2 / 8; k++) { +- if ((j + k) >= bytes) +- return (0); +- b[j + k] = a->d[i] >> (k * 8); +- } +- j += BN_BITS2 / 8; +- } ++ BN_bn2bin(a, crp->crp_p); + return (0); + } + +@@ -1172,22 +1256,14 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) + static int + crparam2bn(struct crparam *crp, BIGNUM *a) + { +- u_int8_t *pd; +- int i, bytes; ++ int bytes; + + bytes = (crp->crp_nbits + 7) / 8; + + if (bytes == 0) + return (-1); + +- if ((pd = (u_int8_t *) malloc(bytes)) == NULL) +- return (-1); +- +- for (i = 0; i < bytes; i++) +- pd[i] = crp->crp_p[bytes - i - 1]; +- +- BN_bin2bn(pd, bytes, a); +- free(pd); ++ BN_bin2bn(crp->crp_p, bytes, a); + + return (0); + } +@@ -1235,6 +1311,32 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) + return (ret); + } + ++/* Close an opened instance of cryptodev engine */ ++void cryptodev_close_instance(void *handle) ++{ ++ int fd; ++ ++ if (handle) { ++ fd = *(int *)handle; ++ close(fd); ++ free(handle); ++ } ++} ++ ++/* Create an instance of cryptodev for asynchronous interface */ ++void *cryptodev_init_instance(void) ++{ ++ int *fd = malloc(sizeof(int)); ++ ++ if (fd) { ++ if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) { ++ free(fd); ++ return NULL; ++ } ++ } ++ return fd; ++} ++ + static int + cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +@@ -1250,9 +1352,9 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + return (ret); + } + +- memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_MOD_EXP; +- ++ kop.crk_oparams = 0; ++ kop.crk_status = 0; + /* inputs: a^p % m */ + if (bn2crparam(a, &kop.crk_param[0])) + goto err; +@@ -1293,28 +1395,38 @@ static int + cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) + { + struct crypt_kop kop; +- int ret = 1; ++ int ret = 1, f_len, p_len, q_len; ++ unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; + + if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { + /* XXX 0 means failure?? */ + return (0); + } + +- memset(&kop, 0, sizeof kop); ++ kop.crk_oparams = 0; ++ kop.crk_status = 0; + kop.crk_op = CRK_MOD_EXP_CRT; ++ f_len = BN_num_bytes(rsa->n); ++ spcf_bn2bin_ex(I, &f, &f_len); ++ spcf_bn2bin(rsa->p, &p, &p_len); ++ spcf_bn2bin(rsa->q, &q, &q_len); ++ spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); ++ spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); ++ spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); + /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ +- if (bn2crparam(rsa->p, &kop.crk_param[0])) +- goto err; +- if (bn2crparam(rsa->q, &kop.crk_param[1])) +- goto err; +- if (bn2crparam(I, &kop.crk_param[2])) +- goto err; +- if (bn2crparam(rsa->dmp1, &kop.crk_param[3])) +- goto err; +- if (bn2crparam(rsa->dmq1, &kop.crk_param[4])) +- goto err; +- if (bn2crparam(rsa->iqmp, &kop.crk_param[5])) +- goto err; ++ kop.crk_param[0].crp_p = p; ++ kop.crk_param[0].crp_nbits = p_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = f; ++ kop.crk_param[2].crp_nbits = f_len * 8; ++ kop.crk_param[3].crp_p = dp; ++ kop.crk_param[3].crp_nbits = p_len * 8; ++ /* dq must of length q, rest all of length p*/ ++ kop.crk_param[4].crp_p = dq; ++ kop.crk_param[4].crp_nbits = q_len * 8; ++ kop.crk_param[5].crp_p = c; ++ kop.crk_param[5].crp_nbits = p_len * 8; + kop.crk_iparams = 6; + + if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) { +@@ -1350,90 +1462,117 @@ static RSA_METHOD cryptodev_rsa = { + NULL /* rsa_verify */ + }; + +-static int +-cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) +-{ +- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); +-} +- +-static int +-cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, +- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, +- BN_CTX *ctx, BN_MONT_CTX *mont) ++static DSA_SIG * ++cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) + { +- BIGNUM t2; +- int ret = 0; +- +- BN_init(&t2); +- +- /* v = ( g^u1 * y^u2 mod p ) mod q */ +- /* let t1 = g ^ u1 mod p */ +- ret = 0; ++ struct crypt_kop kop; ++ BIGNUM *c = NULL, *d = NULL; ++ DSA_SIG *dsaret = NULL; ++ int q_len = 0, r_len = 0, g_len = 0; ++ int priv_key_len = 0, ret; ++ unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; + +- if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont)) ++ memset(&kop, 0, sizeof kop); ++ if ((c = BN_new()) == NULL) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; ++ } + +- /* let t2 = y ^ u2 mod p */ +- if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont)) ++ if ((d = BN_new()) == NULL) { ++ BN_free(c); ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; +- /* let u1 = t1 * t2 mod p */ +- if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx)) ++ } ++ ++ if (spcf_bn2bin(dsa->p, &q, &q_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + goto err; ++ } + +- BN_copy(t1,u1); ++ /* Get order of the field of private keys into plain buffer */ ++ if (spcf_bn2bin (dsa->q, &r, &r_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } + +- ret = 1; +-err: +- BN_free(&t2); +- return(ret); +-} ++ /* sanity test */ ++ if (dlen > r_len) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); ++ goto err; ++ } + +-static DSA_SIG * +-cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) +-{ +- struct crypt_kop kop; +- BIGNUM *r = NULL, *s = NULL; +- DSA_SIG *dsaret = NULL; ++ g_len = q_len; ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } + +- if ((r = BN_new()) == NULL) ++ priv_key_len = r_len; ++ /** ++ * Get private key into a plain buffer. If length is less than ++ * r_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; +- if ((s = BN_new()) == NULL) { +- BN_free(r); ++ } ++ ++ /* Allocate memory to store hash. */ ++ f = OPENSSL_malloc (r_len); ++ if (!f) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- memset(&kop, 0, sizeof kop); ++ /* Add padding, since SEC expects hash to of size r_len */ ++ if (dlen < r_len) ++ memset(f, 0, r_len - dlen); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dlen, dgst, dlen); ++ + kop.crk_op = CRK_DSA_SIGN; + + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ +- kop.crk_param[0].crp_p = (caddr_t)dgst; +- kop.crk_param[0].crp_nbits = dlen * 8; +- if (bn2crparam(dsa->p, &kop.crk_param[1])) +- goto err; +- if (bn2crparam(dsa->q, &kop.crk_param[2])) +- goto err; +- if (bn2crparam(dsa->g, &kop.crk_param[3])) +- goto err; +- if (bn2crparam(dsa->priv_key, &kop.crk_param[4])) +- goto err; ++ kop.crk_param[0].crp_p = (void*)f; ++ kop.crk_param[0].crp_nbits = r_len * 8; ++ kop.crk_param[1].crp_p = (void*)q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = (void*)r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = (void*)g; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = (void*)priv_key; ++ kop.crk_param[4].crp_nbits = priv_key_len * 8; + kop.crk_iparams = 5; + +- if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r, +- BN_num_bytes(dsa->q), s) == 0) { +- dsaret = DSA_SIG_new(); +- dsaret->r = r; +- dsaret->s = s; +- } else { +- const DSA_METHOD *meth = DSA_OpenSSL(); +- BN_free(r); +- BN_free(s); +- dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); ++ ret = cryptodev_asym(&kop, r_len, c, r_len, d); ++ ++ if (ret) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DECODE_ERROR); ++ goto err; + } +-err: +- kop.crk_param[0].crp_p = NULL; ++ ++ dsaret = DSA_SIG_new(); ++ dsaret->r = c; ++ dsaret->s = d; ++ + zapparams(&kop); + return (dsaret); ++err: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ if (c) ++ BN_free(c); ++ if (d) ++ BN_free(d); ++ dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); ++ return (dsaret); ++ } + } + + static int +@@ -1441,42 +1580,179 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, + DSA_SIG *sig, DSA *dsa) + { + struct crypt_kop kop; +- int dsaret = 1; ++ int dsaret = 1, q_len = 0, r_len = 0, g_len = 0; ++ int w_len = 0 ,c_len = 0, d_len = 0, ret = -1; ++ unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; ++ unsigned char * c = NULL, * d = NULL, *f = NULL; + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DSA_VERIFY; + +- /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ +- kop.crk_param[0].crp_p = (caddr_t)dgst; +- kop.crk_param[0].crp_nbits = dlen * 8; +- if (bn2crparam(dsa->p, &kop.crk_param[1])) ++ if (spcf_bn2bin(dsa->p, &q, &q_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ return ret; ++ } ++ ++ /* Get Order of field of private keys */ ++ if (spcf_bn2bin(dsa->q, &r, &r_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(dsa->q, &kop.crk_param[2])) ++ } ++ ++ g_len = q_len; ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(dsa->g, &kop.crk_param[3])) ++ } ++ w_len = q_len; ++ /** ++ * Get public key into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ /** ++ * Get the 1st part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ c_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(dsa->pub_key, &kop.crk_param[4])) ++ } ++ ++ /** ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(sig->r, &kop.crk_param[5])) ++ } ++ ++ ++ /* Sanity test */ ++ if (dlen > r_len) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(sig->s, &kop.crk_param[6])) ++ } ++ ++ /* Allocate memory to store hash. */ ++ f = OPENSSL_malloc (r_len); ++ if (!f) { ++ DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ if (dlen < r_len) ++ memset(f, 0, r_len - dlen); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dlen, dgst, dlen); ++ ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ ++ kop.crk_param[0].crp_p = (void*)f; ++ kop.crk_param[0].crp_nbits = r_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = g; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = w; ++ kop.crk_param[4].crp_nbits = w_len * 8; ++ kop.crk_param[5].crp_p = c; ++ kop.crk_param[5].crp_nbits = c_len * 8; ++ kop.crk_param[6].crp_p = d; ++ kop.crk_param[6].crp_nbits = d_len * 8; + kop.crk_iparams = 7; + +- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { +-/*OCF success value is 0, if not zero, change dsaret to fail*/ +- if(0 != kop.crk_status) dsaret = 0; +- } else { +- const DSA_METHOD *meth = DSA_OpenSSL(); ++ if ((cryptodev_asym(&kop, 0, NULL, 0, NULL))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); ++ goto err; ++ } + +- dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); ++ /*OCF success value is 0, if not zero, change dsaret to fail*/ ++ if(0 != kop.crk_status) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); ++ goto err; + } +-err: +- kop.crk_param[0].crp_p = NULL; ++ + zapparams(&kop); + return (dsaret); ++err: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ++ dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); ++ } ++ return dsaret; + } + ++/* Cryptodev DSA Key Gen routine */ ++static int cryptodev_dsa_keygen(DSA *dsa) ++{ ++ struct crypt_kop kop; ++ int ret = 1, g_len; ++ unsigned char *g = NULL; ++ ++ if (dsa->priv_key == NULL) { ++ if ((dsa->priv_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ if (dsa->pub_key == NULL) { ++ if ((dsa->pub_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ g_len = BN_num_bytes(dsa->p); ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * p_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ ++ memset(&kop, 0, sizeof kop); ++ ++ kop.crk_op = CRK_DSA_GENERATE_KEY; ++ if (bn2crparam(dsa->p, &kop.crk_param[0])) ++ goto sw_try; ++ if (bn2crparam(dsa->q, &kop.crk_param[1])) ++ goto sw_try; ++ kop.crk_param[2].crp_p = g; ++ kop.crk_param[2].crp_nbits = g_len * 8; ++ kop.crk_iparams = 3; ++ ++ /* pub_key is or prime length while priv key is of length of order */ ++ if (cryptodev_asym(&kop, BN_num_bytes(dsa->p), dsa->pub_key, ++ BN_num_bytes(dsa->q), dsa->priv_key)) ++ goto sw_try; ++ ++ return ret; ++sw_try: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ret = (meth->dsa_keygen)(dsa); ++ } ++ return ret; ++} ++ ++ ++ + static DSA_METHOD cryptodev_dsa = { + "cryptodev DSA method", + NULL, +@@ -1490,12 +1766,543 @@ static DSA_METHOD cryptodev_dsa = { + NULL /* app_data */ + }; + +-static int +-cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, +- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, +- BN_MONT_CTX *m_ctx) ++static ECDSA_METHOD cryptodev_ecdsa = { ++ "cryptodev ECDSA method", ++ NULL, ++ NULL, /* ecdsa_sign_setup */ ++ NULL, ++ NULL, ++ 0, /* flags */ ++ NULL /* app_data */ ++}; ++ ++typedef enum ec_curve_s ++{ ++ EC_PRIME, ++ EC_BINARY ++} ec_curve_t; ++ ++/* ENGINE handler for ECDSA Sign */ ++static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, ++ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) + { +- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); ++ BIGNUM *m = NULL, *p = NULL, *a = NULL; ++ BIGNUM *b = NULL, *x = NULL, *y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_SIG *ret = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; ++ unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; ++ int g_len = 0, d_len = 0, ab_len = 0; ++ const BIGNUM *order = NULL, *priv_key=NULL; ++ const EC_GROUP *group = NULL; ++ struct crypt_kop kop; ++ ec_curve_t ec_crv = EC_PRIME; ++ ++ memset(&kop, 0, sizeof(kop)); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ return NULL; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ priv_key = EC_KEY_get0_private_key(eckey); ++ ++ if (!group || !priv_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ return NULL; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); ++ goto err; ++ } ++ ++ ret = ECDSA_SIG_new(); ++ if (!ret) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), ++ x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { ++ ec_crv = EC_BINARY; ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ if (spcf_bn2bin(order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ priv_key_len = r_len; ++ ++ /** ++ * If BN_num_bytes of priv_key returns less then r_len then ++ * add padding bytes before the key ++ */ ++ if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ab = eng_copy_curve_points(a, b, ab_len, q_len); ++ if (!ab) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop.curve_type = ECC_BINARY; ++ } ++ ++ /* Calculation of Generator point */ ++ g_len = 2*q_len; ++ g_xy = eng_copy_curve_points(x, y, g_len, q_len); ++ if (!g_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Memory allocation for first part of digital signature */ ++ c = malloc(r_len); ++ if (!c) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ d_len = r_len; ++ ++ /* Memory allocation for second part of digital signature */ ++ d = malloc(d_len); ++ if (!d) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len - dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); ++ ++ dgst_len += r_len - dgst_len; ++ kop.crk_op = CRK_DSA_SIGN; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop.crk_param[0].crp_p = f; ++ kop.crk_param[0].crp_nbits = dgst_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = g_xy; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = s; ++ kop.crk_param[4].crp_nbits = priv_key_len * 8; ++ kop.crk_param[5].crp_p = ab; ++ kop.crk_param[5].crp_nbits = ab_len * 8; ++ kop.crk_iparams = 6; ++ kop.crk_param[6].crp_p = c; ++ kop.crk_param[6].crp_nbits = d_len * 8; ++ kop.crk_param[7].crp_p = d; ++ kop.crk_param[7].crp_nbits = d_len * 8; ++ kop.crk_oparams = 2; ++ ++ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { ++ /* Check if ret->r and s needs to allocated */ ++ crparam2bn(&kop.crk_param[6], ret->r); ++ crparam2bn(&kop.crk_param[7], ret->s); ++ } else { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); ++ } ++ kop.crk_param[0].crp_p = NULL; ++ zapparams(&kop); ++err: ++ if (!ret) { ++ ECDSA_SIG_free(ret); ++ ret = NULL; ++ } ++ return ret; ++} ++ ++static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, ++ ECDSA_SIG *sig, EC_KEY *eckey) ++{ ++ BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; ++ BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; ++ unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; ++ int d_len = 0, ab_len = 0, ret = -1; ++ const EC_POINT *pub_key = NULL; ++ const BIGNUM *order = NULL; ++ const EC_GROUP *group=NULL; ++ ec_curve_t ec_crv = EC_PRIME; ++ struct crypt_kop kop; ++ ++ memset(&kop, 0, sizeof kop); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); ++ return ret; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ pub_key = EC_KEY_get0_public_key(eckey); ++ ++ if (!group || !pub_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); ++ return ret; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || ++ (w_y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ * bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); ++ goto err; ++ } ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for prime curve */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ ++ ec_crv = EC_BINARY; ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group),x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for binary curve */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ }else { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* Get the order of the subgroup of private keys */ ++ if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the irreducible polynomial that creates the field */ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the public key into a flat buffer with appropriate padding */ ++ pub_key_len = 2 * q_len; ++ ++ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); ++ if (!w_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ++ ab = eng_copy_curve_points (a, b, ab_len, q_len); ++ if (!ab) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ /* copy b' i.e c(b), instead of only b */ ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop.curve_type = ECC_BINARY; ++ } ++ ++ /* Calculation of Generator point */ ++ g_len = 2 * q_len; ++ ++ g_xy = eng_copy_curve_points (x, y, g_len, q_len); ++ if (!g_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 1st part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->r) < r_len) ++ c_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->s) < r_len) ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len-dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); ++ dgst_len += r_len-dgst_len; ++ kop.crk_op = CRK_DSA_VERIFY; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop.crk_param[0].crp_p = f; ++ kop.crk_param[0].crp_nbits = dgst_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = g_xy; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = w_xy; ++ kop.crk_param[4].crp_nbits = pub_key_len * 8; ++ kop.crk_param[5].crp_p = ab; ++ kop.crk_param[5].crp_nbits = ab_len * 8; ++ kop.crk_param[6].crp_p = c; ++ kop.crk_param[6].crp_nbits = d_len * 8; ++ kop.crk_param[7].crp_p = d; ++ kop.crk_param[7].crp_nbits = d_len * 8; ++ kop.crk_iparams = 8; ++ ++ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { ++ /*OCF success value is 0, if not zero, change ret to fail*/ ++ if(0 == kop.crk_status) ++ ret = 1; ++ } else { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ ++ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); ++ } ++ kop.crk_param[0].crp_p = NULL; ++ zapparams(&kop); ++ ++err: ++ return ret; ++} ++ ++static int cryptodev_dh_keygen(DH *dh) ++{ ++ struct crypt_kop kop; ++ int ret = 1, g_len; ++ unsigned char *g = NULL; ++ ++ if (dh->priv_key == NULL) { ++ if ((dh->priv_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ if (dh->pub_key == NULL) { ++ if ((dh->pub_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ g_len = BN_num_bytes(dh->p); ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ ++ memset(&kop, 0, sizeof kop); ++ kop.crk_op = CRK_DH_GENERATE_KEY; ++ if (bn2crparam(dh->p, &kop.crk_param[0])) ++ goto sw_try; ++ if (bn2crparam(dh->q, &kop.crk_param[1])) ++ goto sw_try; ++ kop.crk_param[2].crp_p = g; ++ kop.crk_param[2].crp_nbits = g_len * 8; ++ kop.crk_iparams = 3; ++ ++ /* pub_key is or prime length while priv key is of length of order */ ++ if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, ++ BN_num_bytes(dh->q), dh->priv_key)) ++ goto sw_try; ++ ++ return ret; ++sw_try: ++ { ++ const DH_METHOD *meth = DH_OpenSSL(); ++ ret = (meth->generate_key)(dh); ++ } ++ return ret; + } + + static int +@@ -1503,43 +2310,234 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) + { + struct crypt_kop kop; + int dhret = 1; +- int fd, keylen; ++ int fd, p_len; ++ BIGNUM *temp = NULL; ++ unsigned char *padded_pub_key = NULL, *p = NULL; ++ ++ if ((fd = get_asym_dev_crypto()) < 0) ++ goto sw_try; ++ ++ memset(&kop, 0, sizeof kop); ++ kop.crk_op = CRK_DH_COMPUTE_KEY; ++ /* inputs: dh->priv_key pub_key dh->p key */ ++ spcf_bn2bin(dh->p, &p, &p_len); ++ spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); ++ if (bn2crparam(dh->priv_key, &kop.crk_param[0])) ++ goto sw_try; ++ ++ kop.crk_param[1].crp_p = padded_pub_key; ++ kop.crk_param[1].crp_nbits = p_len * 8; ++ kop.crk_param[2].crp_p = p; ++ kop.crk_param[2].crp_nbits = p_len * 8; ++ kop.crk_iparams = 3; ++ kop.crk_param[3].crp_p = (void*) key; ++ kop.crk_param[3].crp_nbits = p_len * 8; ++ kop.crk_oparams = 1; ++ dhret = p_len; ++ ++ if (ioctl(fd, CIOCKEY, &kop)) ++ goto sw_try; + +- if ((fd = get_asym_dev_crypto()) < 0) { ++ if ((temp = BN_new())) { ++ if (!BN_bin2bn(key, p_len, temp)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto sw_try; ++ } ++ if (dhret > BN_num_bytes(temp)) ++ dhret=BN_bn2bin(temp,key); ++ BN_free(temp); ++ } ++ ++ kop.crk_param[3].crp_p = NULL; ++ zapparams(&kop); ++ return (dhret); ++sw_try: ++ { + const DH_METHOD *meth = DH_OpenSSL(); + +- return ((meth->compute_key)(key, pub_key, dh)); ++ dhret = (meth->compute_key)(key, pub_key, dh); + } ++ return (dhret); ++} + +- keylen = BN_num_bits(dh->p); ++int cryptodev_ecdh_compute_key(void *out, size_t outlen, ++ const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, ++ void *out, size_t *outlen)) ++{ ++ ec_curve_t ec_crv = EC_PRIME; ++ unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; ++ BIGNUM * w_x = NULL, *w_y = NULL; ++ int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; ++ BIGNUM * p = NULL, *a = NULL, *b = NULL; ++ BN_CTX *ctx; ++ EC_POINT *tmp=NULL; ++ BIGNUM *x=NULL, *y=NULL; ++ const BIGNUM *priv_key; ++ const EC_GROUP* group = NULL; ++ int ret = -1; ++ size_t buflen, len; ++ struct crypt_kop kop; + + memset(&kop, 0, sizeof kop); +- kop.crk_op = CRK_DH_COMPUTE_KEY; + +- /* inputs: dh->priv_key pub_key dh->p key */ +- if (bn2crparam(dh->priv_key, &kop.crk_param[0])) ++ if ((ctx = BN_CTX_new()) == NULL) goto err; ++ BN_CTX_start(ctx); ++ x = BN_CTX_get(ctx); ++ y = BN_CTX_get(ctx); ++ p = BN_CTX_get(ctx); ++ a = BN_CTX_get(ctx); ++ b = BN_CTX_get(ctx); ++ w_x = BN_CTX_get(ctx); ++ w_y = BN_CTX_get(ctx); ++ ++ if (!x || !y || !p || !a || !b || !w_x || !w_y) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(pub_key, &kop.crk_param[1])) ++ } ++ ++ priv_key = EC_KEY_get0_private_key(ecdh); ++ if (priv_key == NULL) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); + goto err; +- if (bn2crparam(dh->p, &kop.crk_param[2])) ++ } ++ ++ group = EC_KEY_get0_group(ecdh); ++ if ((tmp=EC_POINT_new(group)) == NULL) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); + goto err; +- kop.crk_iparams = 3; ++ } + +- kop.crk_param[3].crp_p = (caddr_t) key; +- kop.crk_param[3].crp_nbits = keylen * 8; +- kop.crk_oparams = 1; ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == ++ NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; + +- if (ioctl(fd, CIOCKEY, &kop) == -1) { +- const DH_METHOD *meth = DH_OpenSSL(); ++ if (!EC_POINT_get_affine_coordinates_GFp(group, ++ EC_GROUP_get0_generator(group), x, y, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); ++ goto err; ++ } + +- dhret = (meth->compute_key)(key, pub_key, dh); ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for prime curve */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ } else { ++ ec_crv = EC_BINARY; ++ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group), x, y, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for binary curve */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } ++ ++ /* irreducible polynomial that creates the field */ ++ if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the irreducible polynomial that creates the field */ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; + } ++ ++ /* Get the public key into a flat buffer with appropriate padding */ ++ pub_key_len = 2 * q_len; ++ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); ++ if (!w_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ab = eng_copy_curve_points (a, b, ab_len, q_len); ++ if (!ab) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ /* copy b' i.e c(b), instead of only b */ ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop.curve_type = ECC_BINARY; ++ } else ++ kop.curve_type = ECC_PRIME; ++ ++ priv_key_len = r_len; ++ ++ /* ++ * If BN_num_bytes of priv_key returns less then r_len then ++ * add padding bytes before the key ++ */ ++ if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ buflen = (EC_GROUP_get_degree(group) + 7)/8; ++ len = BN_num_bytes(x); ++ if (len > buflen || q_len < buflen) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR); ++ goto err; ++ } ++ ++ kop.crk_op = CRK_DH_COMPUTE_KEY; ++ kop.crk_param[0].crp_p = (void*) s; ++ kop.crk_param[0].crp_nbits = priv_key_len*8; ++ kop.crk_param[1].crp_p = (void*) w_xy; ++ kop.crk_param[1].crp_nbits = pub_key_len*8; ++ kop.crk_param[2].crp_p = (void*) q; ++ kop.crk_param[2].crp_nbits = q_len*8; ++ kop.crk_param[3].crp_p = (void*) ab; ++ kop.crk_param[3].crp_nbits = ab_len*8; ++ kop.crk_iparams = 4; ++ kop.crk_param[4].crp_p = (void*) out; ++ kop.crk_param[4].crp_nbits = q_len*8; ++ kop.crk_oparams = 1; ++ ret = q_len; ++ if (cryptodev_asym(&kop, 0, NULL, 0, NULL)) { ++ const ECDH_METHOD *meth = ECDH_OpenSSL(); ++ ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); ++ } else ++ ret = q_len; + err: +- kop.crk_param[3].crp_p = NULL; ++ kop.crk_param[4].crp_p = NULL; + zapparams(&kop); +- return (dhret); ++ return ret; + } + ++ + static DH_METHOD cryptodev_dh = { + "cryptodev DH method", + NULL, /* cryptodev_dh_generate_key */ +@@ -1551,6 +2549,14 @@ static DH_METHOD cryptodev_dh = { + NULL /* app_data */ + }; + ++static ECDH_METHOD cryptodev_ecdh = { ++ "cryptodev ECDH method", ++ NULL, /* cryptodev_ecdh_compute_key */ ++ NULL, ++ 0, /* flags */ ++ NULL /* app_data */ ++}; ++ + /* + * ctrl right now is just a wrapper that doesn't do much + * but I expect we'll want some options soon. +@@ -1634,25 +2640,42 @@ ENGINE_load_cryptodev(void) + memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); + if (cryptodev_asymfeat & CRF_DSA_SIGN) + cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; +- if (cryptodev_asymfeat & CRF_MOD_EXP) { +- cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; +- cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; +- } + if (cryptodev_asymfeat & CRF_DSA_VERIFY) + cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; ++ if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) ++ cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; + } + + if (ENGINE_set_DH(engine, &cryptodev_dh)){ + const DH_METHOD *dh_meth = DH_OpenSSL(); ++ memcpy(&cryptodev_dh, dh_meth, sizeof(DH_METHOD)); ++ if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { ++ cryptodev_dh.compute_key = ++ cryptodev_dh_compute_key; ++ } ++ if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { ++ cryptodev_dh.generate_key = ++ cryptodev_dh_keygen; ++ } ++ } + +- cryptodev_dh.generate_key = dh_meth->generate_key; +- cryptodev_dh.compute_key = dh_meth->compute_key; +- cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; +- if (cryptodev_asymfeat & CRF_MOD_EXP) { +- cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; +- if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) +- cryptodev_dh.compute_key = +- cryptodev_dh_compute_key; ++ if (ENGINE_set_ECDSA(engine, &cryptodev_ecdsa)) { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); ++ if (cryptodev_asymfeat & CRF_DSA_SIGN) { ++ cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; ++ } ++ if (cryptodev_asymfeat & CRF_DSA_VERIFY) { ++ cryptodev_ecdsa.ecdsa_do_verify = ++ cryptodev_ecdsa_verify; ++ } ++ } ++ ++ if (ENGINE_set_ECDH(engine, &cryptodev_ecdh)) { ++ const ECDH_METHOD *ecdh_meth = ECDH_OpenSSL(); ++ memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); ++ if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { ++ cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; + } + } + +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch b/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch new file mode 100644 index 00000000..0fb01821 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch @@ -0,0 +1,28 @@ +From 81c4c62a4f5f5542843381bfb34e39a6171d5cdd Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Tue, 11 Mar 2014 06:42:59 +0545 +Subject: [PATCH 09/26] Added hwrng dev file as source of RNG + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + e_os.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/e_os.h b/e_os.h +index 6a0aad1..57c0563 100644 +--- a/e_os.h ++++ b/e_os.h +@@ -79,7 +79,7 @@ extern "C" { + #ifndef DEVRANDOM + /* set this to a comma-separated list of 'random' device files to try out. + * My default, we will try to read at least one of these files */ +-#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" ++#define DEVRANDOM "/dev/hwrng","/dev/urandom","/dev/random","/dev/srandom" + #endif + #ifndef DEVRANDOM_EGD + /* set this to a comma-seperated list of 'egd' sockets to try out. These +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch b/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch new file mode 100644 index 00000000..0f889c0f --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch @@ -0,0 +1,2039 @@ +From a933e6341fd8989bdd82f8a5446b6f04aa00eef9 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Tue, 11 Mar 2014 07:14:30 +0545 +Subject: [PATCH 10/26] Asynchronous interface added for PKC cryptodev + interface + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + crypto/crypto.h | 16 + + crypto/dh/dh.h | 4 +- + crypto/dsa/dsa.h | 5 + + crypto/ecdh/ech_locl.h | 3 + + crypto/ecdsa/ecs_locl.h | 5 + + crypto/engine/eng_cryptodev.c | 1578 +++++++++++++++++++++++++++++++++++++---- + crypto/engine/eng_int.h | 24 +- + crypto/engine/eng_lib.c | 46 ++ + crypto/engine/engine.h | 24 + + crypto/rsa/rsa.h | 23 + + 10 files changed, 1582 insertions(+), 146 deletions(-) + +diff --git a/crypto/crypto.h b/crypto/crypto.h +index f92fc51..ce12731 100644 +--- a/crypto/crypto.h ++++ b/crypto/crypto.h +@@ -605,6 +605,22 @@ void ERR_load_CRYPTO_strings(void); + #define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101 + #define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100 + ++/* Additions for Asynchronous PKC Infrastructure */ ++struct pkc_cookie_s { ++ void *cookie; /* To be filled by openssl library primitive method function caller */ ++ void *eng_cookie; /* To be filled by Engine */ ++ /* ++ * Callback handler to be provided by caller. Ensure to pass a ++ * handler which takes the crypto operation to completion. ++ * cookie: Container cookie from library ++ * status: Status of the crypto Job completion. ++ * 0: Job handled without any issue ++ * -EINVAL: Parameters Invalid ++ */ ++ void (*pkc_callback)(struct pkc_cookie_s *cookie, int status); ++ void *eng_handle; ++}; ++ + #ifdef __cplusplus + } + #endif +diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h +index ea59e61..20ffad2 100644 +--- a/crypto/dh/dh.h ++++ b/crypto/dh/dh.h +@@ -118,7 +118,9 @@ struct dh_method + int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx); /* Can be null */ +- ++ int (*compute_key_async)(unsigned char *key,const BIGNUM *pub_key,DH *dh, ++ struct pkc_cookie_s *cookie); ++ int (*generate_key_async)(DH *dh, struct pkc_cookie_s *cookie); + int (*init)(DH *dh); + int (*finish)(DH *dh); + int flags; +diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h +index a6f6d0b..b04a029 100644 +--- a/crypto/dsa/dsa.h ++++ b/crypto/dsa/dsa.h +@@ -140,6 +140,10 @@ struct dsa_method + int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx); /* Can be null */ ++ int (*dsa_do_sign_async)(const unsigned char *dgst, int dlen, DSA *dsa, ++ DSA_SIG *sig, struct pkc_cookie_s *cookie); ++ int (*dsa_do_verify_async)(const unsigned char *dgst, int dgst_len, ++ DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie); + int (*init)(DSA *dsa); + int (*finish)(DSA *dsa); + int flags; +@@ -151,6 +155,7 @@ struct dsa_method + BN_GENCB *cb); + /* If this is non-NULL, it is used to generate DSA keys */ + int (*dsa_keygen)(DSA *dsa); ++ int (*dsa_keygen_async)(DSA *dsa, struct pkc_cookie_s *cookie); + }; + + struct dsa_st +diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h +index f6cad6a..adce6b3 100644 +--- a/crypto/ecdh/ech_locl.h ++++ b/crypto/ecdh/ech_locl.h +@@ -67,6 +67,9 @@ struct ecdh_method + const char *name; + int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); ++ int (*compute_key_async)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, ++ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen), ++ struct pkc_cookie_s *cookie); + #if 0 + int (*init)(EC_KEY *eckey); + int (*finish)(EC_KEY *eckey); +diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h +index cb3be13..eb0ebe0 100644 +--- a/crypto/ecdsa/ecs_locl.h ++++ b/crypto/ecdsa/ecs_locl.h +@@ -74,6 +74,11 @@ struct ecdsa_method + BIGNUM **r); + int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, + const ECDSA_SIG *sig, EC_KEY *eckey); ++ int (*ecdsa_do_sign_async)(const unsigned char *dgst, int dgst_len, ++ const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey, ++ ECDSA_SIG *sig, struct pkc_cookie_s *cookie); ++ int (*ecdsa_do_verify_async)(const unsigned char *dgst, int dgst_len, ++ const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie); + #if 0 + int (*init)(EC_KEY *eckey); + int (*finish)(EC_KEY *eckey); +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 7ee314b..9f2416e 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1281,6 +1281,56 @@ zapparams(struct crypt_kop *kop) + } + } + ++/* Any PKC request has at max 2 output parameters and they are stored here to ++be used while copying in the check availability */ ++struct cryptodev_cookie_s { ++ BIGNUM *r; ++ struct crparam r_param; ++ BIGNUM *s; ++ struct crparam s_param; ++ struct crypt_kop *kop; ++}; ++ ++static int ++cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, ++ BIGNUM *s) ++{ ++ int fd; ++ struct pkc_cookie_s *cookie = kop->cookie; ++ struct cryptodev_cookie_s *eng_cookie; ++ ++ fd = *(int *)cookie->eng_handle; ++ ++ eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); ++ ++ if (eng_cookie) { ++ memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); ++ if (r) { ++ kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); ++ if (!kop->crk_param[kop->crk_iparams].crp_p) ++ return -ENOMEM; ++ kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; ++ kop->crk_oparams++; ++ eng_cookie->r = r; ++ eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; ++ } ++ if (s) { ++ kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); ++ if (!kop->crk_param[kop->crk_iparams+1].crp_p) ++ return -ENOMEM; ++ kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; ++ kop->crk_oparams++; ++ eng_cookie->s = s; ++ eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; ++ } ++ } else ++ return -ENOMEM; ++ ++ eng_cookie->kop = kop; ++ cookie->eng_cookie = eng_cookie; ++ return ioctl(fd, CIOCASYMASYNCRYPT, kop); ++} ++ + static int + cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) + { +@@ -1337,6 +1387,44 @@ void *cryptodev_init_instance(void) + return fd; + } + ++#include ++ ++/* Return 0 on success and 1 on failure */ ++int cryptodev_check_availability(void *eng_handle) ++{ ++ int fd = *(int *)eng_handle; ++ struct pkc_cookie_list_s cookie_list; ++ struct pkc_cookie_s *cookie; ++ int i; ++ ++ /* FETCH COOKIE returns number of cookies extracted */ ++ if (ioctl(fd, CIOCASYMFETCHCOOKIE, &cookie_list) <= 0) ++ return 1; ++ ++ for (i = 0; i < cookie_list.cookie_available; i++) { ++ cookie = cookie_list.cookie[i]; ++ if (cookie) { ++ struct cryptodev_cookie_s *eng_cookie = cookie->eng_cookie; ++ if (eng_cookie) { ++ struct crypt_kop *kop = eng_cookie->kop; ++ ++ if (eng_cookie->r) ++ crparam2bn(&eng_cookie->r_param, eng_cookie->r); ++ if (eng_cookie->s) ++ crparam2bn(&eng_cookie->s_param, eng_cookie->s); ++ if (kop->crk_op == CRK_DH_COMPUTE_KEY) ++ kop->crk_oparams = 0; ++ ++ zapparams(eng_cookie->kop); ++ free(eng_cookie->kop); ++ free (eng_cookie); ++ } ++ cookie->pkc_callback(cookie, cookie_list.status[i]); ++ } ++ } ++ return 0; ++} ++ + static int + cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +@@ -1382,6 +1470,63 @@ err: + } + + static int ++cryptodev_bn_mod_exp_async(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, ++ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1; ++ ++ /* Currently, we know we can do mod exp iff we can do any ++ * asymmetric operations at all. ++ */ ++ if (cryptodev_asymfeat == 0 || !kop) { ++ ret = BN_mod_exp(r, a, p, m, ctx); ++ return (ret); ++ } ++ ++ kop->crk_oparams = 0; ++ kop->crk_status = 0; ++ kop->crk_op = CRK_MOD_EXP; ++ kop->cookie = cookie; ++ /* inputs: a^p % m */ ++ if (bn2crparam(a, &kop->crk_param[0])) ++ goto err; ++ if (bn2crparam(p, &kop->crk_param[1])) ++ goto err; ++ if (bn2crparam(m, &kop->crk_param[2])) ++ goto err; ++ ++ kop->crk_iparams = 3; ++ if (cryptodev_asym_async(kop, BN_num_bytes(m), r, 0, NULL)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); ++ ++ if (kop) ++ free(kop); ++ ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); ++ if (ret) ++ /* Call the completion handler immediately */ ++ cookie->pkc_callback(cookie, 0); ++ } ++ return ret; ++} ++ ++static int ++cryptodev_rsa_nocrt_mod_exp_async(BIGNUM *r0, const BIGNUM *I, ++ RSA *rsa, BN_CTX *ctx, struct pkc_cookie_s *cookie) ++{ ++ int r; ++ ctx = BN_CTX_new(); ++ r = cryptodev_bn_mod_exp_async(r0, I, rsa->d, rsa->n, ctx, NULL, cookie); ++ BN_CTX_free(ctx); ++ return r; ++} ++ ++static int + cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) + { + int r; +@@ -1446,6 +1591,62 @@ err: + return (ret); + } + ++static int ++cryptodev_rsa_mod_exp_async(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx, ++ struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1, f_len, p_len, q_len; ++ unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; ++ ++ if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp || !kop) { ++ return (0); ++ } ++ ++ kop->crk_oparams = 0; ++ kop->crk_status = 0; ++ kop->crk_op = CRK_MOD_EXP_CRT; ++ f_len = BN_num_bytes(rsa->n); ++ spcf_bn2bin_ex(I, &f, &f_len); ++ spcf_bn2bin(rsa->p, &p, &p_len); ++ spcf_bn2bin(rsa->q, &q, &q_len); ++ spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); ++ spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); ++ spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); ++ /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ ++ kop->crk_param[0].crp_p = p; ++ kop->crk_param[0].crp_nbits = p_len * 8; ++ kop->crk_param[1].crp_p = q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = f; ++ kop->crk_param[2].crp_nbits = f_len * 8; ++ kop->crk_param[3].crp_p = dp; ++ kop->crk_param[3].crp_nbits = p_len * 8; ++ /* dq must of length q, rest all of length p*/ ++ kop->crk_param[4].crp_p = dq; ++ kop->crk_param[4].crp_nbits = q_len * 8; ++ kop->crk_param[5].crp_p = c; ++ kop->crk_param[5].crp_nbits = p_len * 8; ++ kop->crk_iparams = 6; ++ kop->cookie = cookie; ++ if (cryptodev_asym_async(kop, BN_num_bytes(rsa->n), r0, 0, NULL)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); ++ ++ if (kop) ++ free(kop); ++ ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); ++ if (ret) ++ /* Call user completion handler immediately */ ++ cookie->pkc_callback(cookie, 0); ++ } ++ return (ret); ++} ++ + static RSA_METHOD cryptodev_rsa = { + "cryptodev RSA method", + NULL, /* rsa_pub_enc */ +@@ -1454,6 +1655,12 @@ static RSA_METHOD cryptodev_rsa = { + NULL, /* rsa_priv_dec */ + NULL, + NULL, ++ NULL, /* rsa_pub_enc */ ++ NULL, /* rsa_pub_dec */ ++ NULL, /* rsa_priv_enc */ ++ NULL, /* rsa_priv_dec */ ++ NULL, ++ NULL, + NULL, /* init */ + NULL, /* finish */ + 0, /* flags */ +@@ -1751,126 +1958,424 @@ sw_try: + return ret; + } + ++/* Cryptodev DSA Key Gen routine */ ++static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1, g_len; ++ unsigned char *g = NULL; + ++ if (!kop) ++ goto sw_try; + +-static DSA_METHOD cryptodev_dsa = { +- "cryptodev DSA method", +- NULL, +- NULL, /* dsa_sign_setup */ +- NULL, +- NULL, /* dsa_mod_exp */ +- NULL, +- NULL, /* init */ +- NULL, /* finish */ +- 0, /* flags */ +- NULL /* app_data */ +-}; ++ if (dsa->priv_key == NULL) { ++ if ((dsa->priv_key=BN_new()) == NULL) ++ goto sw_try; ++ } + +-static ECDSA_METHOD cryptodev_ecdsa = { +- "cryptodev ECDSA method", +- NULL, +- NULL, /* ecdsa_sign_setup */ +- NULL, +- NULL, +- 0, /* flags */ +- NULL /* app_data */ +-}; ++ if (dsa->pub_key == NULL) { ++ if ((dsa->pub_key=BN_new()) == NULL) ++ goto sw_try; ++ } + +-typedef enum ec_curve_s +-{ +- EC_PRIME, +- EC_BINARY +-} ec_curve_t; ++ g_len = BN_num_bytes(dsa->p); ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } + +-/* ENGINE handler for ECDSA Sign */ +-static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, +- int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) +-{ +- BIGNUM *m = NULL, *p = NULL, *a = NULL; +- BIGNUM *b = NULL, *x = NULL, *y = NULL; +- BN_CTX *ctx = NULL; +- ECDSA_SIG *ret = NULL; +- ECDSA_DATA *ecdsa = NULL; +- unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; +- unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; +- int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; +- int g_len = 0, d_len = 0, ab_len = 0; +- const BIGNUM *order = NULL, *priv_key=NULL; +- const EC_GROUP *group = NULL; +- struct crypt_kop kop; +- ec_curve_t ec_crv = EC_PRIME; ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ kop->crk_op = CRK_DSA_GENERATE_KEY; ++ if (bn2crparam(dsa->p, &kop->crk_param[0])) ++ goto sw_try; ++ if (bn2crparam(dsa->q, &kop->crk_param[1])) ++ goto sw_try; ++ kop->crk_param[2].crp_p = g; ++ kop->crk_param[2].crp_nbits = g_len * 8; ++ kop->crk_iparams = 3; ++ kop->cookie = cookie; + +- memset(&kop, 0, sizeof(kop)); +- ecdsa = ecdsa_check(eckey); +- if (!ecdsa) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); +- return NULL; ++ /* pub_key is or prime length while priv key is of length of order */ ++ if (cryptodev_asym_async(kop, BN_num_bytes(dsa->p), dsa->pub_key, ++ BN_num_bytes(dsa->q), dsa->priv_key)) ++ goto sw_try; ++ ++ return ret; ++sw_try: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ret = (meth->dsa_keygen)(dsa); ++ cookie->pkc_callback(cookie, 0); + } ++ return ret; ++} + +- group = EC_KEY_get0_group(eckey); +- priv_key = EC_KEY_get0_private_key(eckey); ++static int ++cryptodev_dsa_do_sign_async(const unsigned char *dgst, int dlen, DSA *dsa, ++ DSA_SIG *sig, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ DSA_SIG *dsaret = NULL; ++ int q_len = 0, r_len = 0, g_len = 0; ++ int priv_key_len = 0, ret = 1; ++ unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; + +- if (!group || !priv_key) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); +- return NULL; ++ if (((sig->r = BN_new()) == NULL) || !kop) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; + } + +- if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || +- (a = BN_new()) == NULL || (b = BN_new()) == NULL || +- (p = BN_new()) == NULL || (x = BN_new()) == NULL || +- (y = BN_new()) == NULL) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ if ((sig->s = BN_new()) == NULL) { ++ BN_free(sig->r); ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- order = &group->order; +- if (!order || BN_is_zero(order)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); ++ if (spcf_bn2bin(dsa->p, &q, &q_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + goto err; + } + +- i = BN_num_bits(order); +- /* Need to truncate digest if it is too long: first truncate whole +- bytes */ +- if (8 * dgst_len > i) +- dgst_len = (i + 7)/8; ++ /* Get order of the field of private keys into plain buffer */ ++ if (spcf_bn2bin (dsa->q, &r, &r_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } + +- if (!BN_bin2bn(dgst, dgst_len, m)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ /* sanity test */ ++ if (dlen > r_len) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + goto err; + } + +- /* If still too long truncate remaining bits with a shift */ +- if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ g_len = q_len; ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- /* copy the truncated bits into plain buffer */ +- if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { +- fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); ++ priv_key_len = r_len; ++ /** ++ * Get private key into a plain buffer. If length is less than ++ * r_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- ret = ECDSA_SIG_new(); +- if (!ret) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ /* Allocate memory to store hash. */ ++ f = OPENSSL_malloc (r_len); ++ if (!f) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- /* check if this is prime or binary EC request */ +- if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { +- ec_crv = EC_PRIME; +- /* get the generator point pair */ +- if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), +- x, y,ctx)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); +- goto err; +- } ++ /* Add padding, since SEC expects hash to of size r_len */ ++ if (dlen < r_len) ++ memset(f, 0, r_len - dlen); + +- /* get the ECC curve parameters */ +- if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dlen, dgst, dlen); ++ ++ dlen = r_len; ++ ++ memset(kop, 0, sizeof( struct crypt_kop)); ++ kop->crk_op = CRK_DSA_SIGN; ++ ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop->crk_param[0].crp_p = (void*)f; ++ kop->crk_param[0].crp_nbits = dlen * 8; ++ kop->crk_param[1].crp_p = (void*)q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = (void*)r; ++ kop->crk_param[2].crp_nbits = r_len * 8; ++ kop->crk_param[3].crp_p = (void*)g; ++ kop->crk_param[3].crp_nbits = g_len * 8; ++ kop->crk_param[4].crp_p = (void*)priv_key; ++ kop->crk_param[4].crp_nbits = priv_key_len * 8; ++ kop->crk_iparams = 5; ++ kop->cookie = cookie; ++ ++ if (cryptodev_asym_async(kop, r_len, sig->r, r_len, sig->s)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ BN_free(sig->r); ++ BN_free(sig->s); ++ dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); ++ sig->r = dsaret->r; ++ sig->s = dsaret->s; ++ /* Call user callback immediately */ ++ cookie->pkc_callback(cookie, 0); ++ ret = dsaret; ++ } ++ return ret; ++} ++ ++static int ++cryptodev_dsa_verify_async(const unsigned char *dgst, int dlen, ++ DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int q_len = 0, r_len = 0, g_len = 0; ++ int w_len = 0 ,c_len = 0, d_len = 0, ret = 1; ++ unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; ++ unsigned char *c = NULL, * d = NULL, *f = NULL; ++ ++ if (!kop) ++ goto err; ++ ++ if (spcf_bn2bin(dsa->p, &q, &q_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ return ret; ++ } ++ ++ /* Get Order of field of private keys */ ++ if (spcf_bn2bin(dsa->q, &r, &r_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ g_len = q_len; ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ w_len = q_len; ++ /** ++ * Get public key into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ /** ++ * Get the 1st part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ c_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ ++ /* Sanity test */ ++ if (dlen > r_len) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Allocate memory to store hash. */ ++ f = OPENSSL_malloc (r_len); ++ if (!f) { ++ DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ if (dlen < r_len) ++ memset(f, 0, r_len - dlen); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dlen, dgst, dlen); ++ ++ dlen = r_len; ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ ++ kop->crk_param[0].crp_p = (void*)f; ++ kop->crk_param[0].crp_nbits = dlen * 8; ++ kop->crk_param[1].crp_p = q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = r; ++ kop->crk_param[2].crp_nbits = r_len * 8; ++ kop->crk_param[3].crp_p = g; ++ kop->crk_param[3].crp_nbits = g_len * 8; ++ kop->crk_param[4].crp_p = w; ++ kop->crk_param[4].crp_nbits = w_len * 8; ++ kop->crk_param[5].crp_p = c; ++ kop->crk_param[5].crp_nbits = c_len * 8; ++ kop->crk_param[6].crp_p = d; ++ kop->crk_param[6].crp_nbits = d_len * 8; ++ kop->crk_iparams = 7; ++ kop->crk_op = CRK_DSA_VERIFY; ++ kop->cookie = cookie; ++ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ++ ret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); ++ cookie->pkc_callback(cookie, 0); ++ } ++ return ret; ++} ++ ++static DSA_METHOD cryptodev_dsa = { ++ "cryptodev DSA method", ++ NULL, ++ NULL, /* dsa_sign_setup */ ++ NULL, ++ NULL, /* dsa_mod_exp */ ++ NULL, ++ NULL, ++ NULL, ++ NULL, ++ NULL, /* init */ ++ NULL, /* finish */ ++ 0, /* flags */ ++ NULL /* app_data */ ++}; ++ ++static ECDSA_METHOD cryptodev_ecdsa = { ++ "cryptodev ECDSA method", ++ NULL, ++ NULL, /* ecdsa_sign_setup */ ++ NULL, ++ NULL, ++ NULL, ++ NULL, ++ 0, /* flags */ ++ NULL /* app_data */ ++}; ++ ++typedef enum ec_curve_s ++{ ++ EC_PRIME, ++ EC_BINARY ++} ec_curve_t; ++ ++/* ENGINE handler for ECDSA Sign */ ++static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, ++ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) ++{ ++ BIGNUM *m = NULL, *p = NULL, *a = NULL; ++ BIGNUM *b = NULL, *x = NULL, *y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_SIG *ret = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; ++ unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; ++ int g_len = 0, d_len = 0, ab_len = 0; ++ const BIGNUM *order = NULL, *priv_key=NULL; ++ const EC_GROUP *group = NULL; ++ struct crypt_kop kop; ++ ec_curve_t ec_crv = EC_PRIME; ++ ++ memset(&kop, 0, sizeof(kop)); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ return NULL; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ priv_key = EC_KEY_get0_private_key(eckey); ++ ++ if (!group || !priv_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ return NULL; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); ++ goto err; ++ } ++ ++ ret = ECDSA_SIG_new(); ++ if (!ret) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), ++ x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); + goto err; + } + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { +@@ -2195,63 +2700,581 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, + } + + /** +- * Get the 2nd part of signature into a flat buffer with +- * appropriate padding ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->s) < r_len) ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len-dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); ++ dgst_len += r_len-dgst_len; ++ kop.crk_op = CRK_DSA_VERIFY; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop.crk_param[0].crp_p = f; ++ kop.crk_param[0].crp_nbits = dgst_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = g_xy; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = w_xy; ++ kop.crk_param[4].crp_nbits = pub_key_len * 8; ++ kop.crk_param[5].crp_p = ab; ++ kop.crk_param[5].crp_nbits = ab_len * 8; ++ kop.crk_param[6].crp_p = c; ++ kop.crk_param[6].crp_nbits = d_len * 8; ++ kop.crk_param[7].crp_p = d; ++ kop.crk_param[7].crp_nbits = d_len * 8; ++ kop.crk_iparams = 8; ++ ++ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { ++ /*OCF success value is 0, if not zero, change ret to fail*/ ++ if(0 == kop.crk_status) ++ ret = 1; ++ } else { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ ++ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); ++ } ++ kop.crk_param[0].crp_p = NULL; ++ zapparams(&kop); ++ ++err: ++ return ret; ++} ++ ++static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, ++ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey, ++ ECDSA_SIG *sig, struct pkc_cookie_s *cookie) ++{ ++ BIGNUM *m = NULL, *p = NULL, *a = NULL; ++ BIGNUM *b = NULL, *x = NULL, *y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_SIG *sig_ret = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; ++ unsigned char * s = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; ++ int g_len = 0, ab_len = 0, ret = 1; ++ const BIGNUM *order = NULL, *priv_key=NULL; ++ const EC_GROUP *group = NULL; ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ ec_curve_t ec_crv = EC_PRIME; ++ ++ if (!(sig->r = BN_new()) || !kop) ++ goto err; ++ if ((sig->s = BN_new()) == NULL) { ++ BN_free(r); ++ goto err; ++ } ++ ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ goto err; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ priv_key = EC_KEY_get0_private_key(eckey); ++ ++ if (!group || !priv_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ goto err; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ++ == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { ++ ec_crv = EC_BINARY; ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else { ++ printf("Unsupported Curve\n"); ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ if (spcf_bn2bin(order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ priv_key_len = r_len; ++ ++ /** ++ * If BN_num_bytes of priv_key returns less then r_len then ++ * add padding bytes before the key ++ */ ++ if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ab = eng_copy_curve_points(a, b, ab_len, q_len); ++ if (!ab) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop->curve_type = ECC_BINARY; ++ } ++ ++ /* Calculation of Generator point */ ++ g_len = 2*q_len; ++ g_xy = eng_copy_curve_points(x, y, g_len, q_len); ++ if (!g_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len - dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); ++ ++ dgst_len += r_len - dgst_len; ++ ++ kop->crk_op = CRK_DSA_SIGN; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop->crk_param[0].crp_p = f; ++ kop->crk_param[0].crp_nbits = dgst_len * 8; ++ kop->crk_param[1].crp_p = q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = r; ++ kop->crk_param[2].crp_nbits = r_len * 8; ++ kop->crk_param[3].crp_p = g_xy; ++ kop->crk_param[3].crp_nbits = g_len * 8; ++ kop->crk_param[4].crp_p = s; ++ kop->crk_param[4].crp_nbits = priv_key_len * 8; ++ kop->crk_param[5].crp_p = ab; ++ kop->crk_param[5].crp_nbits = ab_len * 8; ++ kop->crk_iparams = 6; ++ kop->cookie = cookie; ++ ++ if (cryptodev_asym_async(kop, r_len, sig->r , r_len, sig->s)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ BN_free(sig->r); ++ BN_free(sig->s); ++ if (kop) ++ free(kop); ++ sig_ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); ++ sig->r = sig_ret->r; ++ sig->s = sig_ret->s; ++ cookie->pkc_callback(cookie, 0); ++ } ++ return ret; ++} ++ ++static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, ++ const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie) ++{ ++ BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; ++ BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; ++ unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; ++ int d_len = 0, ab_len = 0, ret = 1; ++ const EC_POINT *pub_key = NULL; ++ const BIGNUM *order = NULL; ++ const EC_GROUP *group=NULL; ++ ec_curve_t ec_crv = EC_PRIME; ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ ++ if (!kop) ++ goto err; ++ ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); ++ goto err; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ pub_key = EC_KEY_get0_public_key(eckey); ++ ++ if (!group || !pub_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); ++ goto err; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || ++ (w_y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ * bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); ++ goto err; ++ } ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for prime curve */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ ++ ec_crv = EC_BINARY; ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group),x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for binary curve */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ }else { ++ printf("Unsupported Curve\n"); ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* Get the order of the subgroup of private keys */ ++ if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the irreducible polynomial that creates the field */ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the public key into a flat buffer with appropriate padding */ ++ pub_key_len = 2 * q_len; ++ ++ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); ++ if (!w_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ++ ab = eng_copy_curve_points (a, b, ab_len, q_len); ++ if (!ab) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ /* copy b' i.e c(b), instead of only b */ ++ eng_ec_get_cparam (EC_GROUP_get_curve_name(group), ++ ab+q_len, q_len); ++ kop->curve_type = ECC_BINARY; ++ } ++ ++ /* Calculation of Generator point */ ++ g_len = 2 * q_len; ++ ++ g_xy = eng_copy_curve_points (x, y, g_len, q_len); ++ if (!g_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 1st part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->r) < r_len) ++ c_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->s) < r_len) ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len-dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); ++ ++ dgst_len += r_len-dgst_len; ++ ++ kop->crk_op = CRK_DSA_VERIFY; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop->crk_param[0].crp_p = f; ++ kop->crk_param[0].crp_nbits = dgst_len * 8; ++ kop->crk_param[1].crp_p = q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = r; ++ kop->crk_param[2].crp_nbits = r_len * 8; ++ kop->crk_param[3].crp_p = g_xy; ++ kop->crk_param[3].crp_nbits = g_len * 8; ++ kop->crk_param[4].crp_p = w_xy; ++ kop->crk_param[4].crp_nbits = pub_key_len * 8; ++ kop->crk_param[5].crp_p = ab; ++ kop->crk_param[5].crp_nbits = ab_len * 8; ++ kop->crk_param[6].crp_p = c; ++ kop->crk_param[6].crp_nbits = d_len * 8; ++ kop->crk_param[7].crp_p = d; ++ kop->crk_param[7].crp_nbits = d_len * 8; ++ kop->crk_iparams = 8; ++ kop->cookie = cookie; ++ ++ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); ++ cookie->pkc_callback(cookie, 0); ++ } ++ ++ return ret; ++} ++ ++/* Cryptodev DH Key Gen routine */ ++static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1, g_len; ++ unsigned char *g = NULL; ++ ++ if (!kop) ++ goto sw_try; ++ ++ if (dh->priv_key == NULL) { ++ if ((dh->priv_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ if (dh->pub_key == NULL) { ++ if ((dh->pub_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ g_len = BN_num_bytes(dh->p); ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. + */ +- if (BN_num_bytes(sig->s) < r_len) +- d_len = r_len; +- +- if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); +- goto err; +- } +- +- /* memory for message representative */ +- f = malloc(r_len); +- if (!f) { +- ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); +- goto err; ++ if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; + } + +- /* Add padding, since SEC expects hash to of size r_len */ +- memset(f, 0, r_len-dgst_len); ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ kop->crk_op = CRK_DH_GENERATE_KEY; ++ if (bn2crparam(dh->p, &kop->crk_param[0])) ++ goto sw_try; ++ if (bn2crparam(dh->q, &kop->crk_param[1])) ++ goto sw_try; ++ kop->crk_param[2].crp_p = g; ++ kop->crk_param[2].crp_nbits = g_len * 8; ++ kop->crk_iparams = 3; ++ kop->cookie = cookie; + +- /* Skip leading bytes if dgst_len < r_len */ +- memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); +- dgst_len += r_len-dgst_len; +- kop.crk_op = CRK_DSA_VERIFY; +- /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ +- kop.crk_param[0].crp_p = f; +- kop.crk_param[0].crp_nbits = dgst_len * 8; +- kop.crk_param[1].crp_p = q; +- kop.crk_param[1].crp_nbits = q_len * 8; +- kop.crk_param[2].crp_p = r; +- kop.crk_param[2].crp_nbits = r_len * 8; +- kop.crk_param[3].crp_p = g_xy; +- kop.crk_param[3].crp_nbits = g_len * 8; +- kop.crk_param[4].crp_p = w_xy; +- kop.crk_param[4].crp_nbits = pub_key_len * 8; +- kop.crk_param[5].crp_p = ab; +- kop.crk_param[5].crp_nbits = ab_len * 8; +- kop.crk_param[6].crp_p = c; +- kop.crk_param[6].crp_nbits = d_len * 8; +- kop.crk_param[7].crp_p = d; +- kop.crk_param[7].crp_nbits = d_len * 8; +- kop.crk_iparams = 8; ++ /* pub_key is or prime length while priv key is of length of order */ ++ if (cryptodev_asym_async(kop, BN_num_bytes(dh->p), dh->pub_key, ++ BN_num_bytes(dh->q), dh->priv_key)) ++ goto sw_try; + +- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { +- /*OCF success value is 0, if not zero, change ret to fail*/ +- if(0 == kop.crk_status) +- ret = 1; +- } else { +- const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ return ret; ++sw_try: ++ { ++ const DH_METHOD *meth = DH_OpenSSL(); + +- ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); ++ if (kop) ++ free(kop); ++ ret = (meth->generate_key)(dh); ++ cookie->pkc_callback(cookie, 0); + } +- kop.crk_param[0].crp_p = NULL; +- zapparams(&kop); +- +-err: + return ret; + } + +@@ -2360,6 +3383,54 @@ sw_try: + return (dhret); + } + ++/* Return Length if successful and 0 on failure */ ++static int ++cryptodev_dh_compute_key_async(unsigned char *key, const BIGNUM *pub_key, ++ DH *dh, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1; ++ int fd, p_len; ++ unsigned char *padded_pub_key = NULL, *p = NULL; ++ ++ fd = *(int *)cookie->eng_handle; ++ ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ kop->crk_op = CRK_DH_COMPUTE_KEY; ++ /* inputs: dh->priv_key pub_key dh->p key */ ++ spcf_bn2bin(dh->p, &p, &p_len); ++ spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); ++ ++ if (bn2crparam(dh->priv_key, &kop->crk_param[0])) ++ goto err; ++ kop->crk_param[1].crp_p = padded_pub_key; ++ kop->crk_param[1].crp_nbits = p_len * 8; ++ kop->crk_param[2].crp_p = p; ++ kop->crk_param[2].crp_nbits = p_len * 8; ++ kop->crk_iparams = 3; ++ ++ kop->cookie = cookie; ++ kop->crk_param[3].crp_p = (void*) key; ++ kop->crk_param[3].crp_nbits = p_len * 8; ++ kop->crk_oparams = 1; ++ ++ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) ++ goto err; ++ ++ return p_len; ++err: ++ { ++ const DH_METHOD *meth = DH_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ret = (meth->compute_key)(key, pub_key, dh); ++ /* Call user cookie handler */ ++ cookie->pkc_callback(cookie, 0); ++ } ++ return (ret); ++} ++ + int cryptodev_ecdh_compute_key(void *out, size_t outlen, + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, + void *out, size_t *outlen)) +@@ -2537,6 +3608,190 @@ err: + return ret; + } + ++int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, ++ const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, ++ void *out, size_t *outlen), struct pkc_cookie_s *cookie) ++{ ++ ec_curve_t ec_crv = EC_PRIME; ++ unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; ++ BIGNUM * w_x = NULL, *w_y = NULL; ++ int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; ++ BIGNUM * p = NULL, *a = NULL, *b = NULL; ++ BN_CTX *ctx; ++ EC_POINT *tmp=NULL; ++ BIGNUM *x=NULL, *y=NULL; ++ const BIGNUM *priv_key; ++ const EC_GROUP* group = NULL; ++ int ret = 1; ++ size_t buflen, len; ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ ++ if (!(ctx = BN_CTX_new()) || !kop) ++ goto err; ++ ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ ++ BN_CTX_start(ctx); ++ x = BN_CTX_get(ctx); ++ y = BN_CTX_get(ctx); ++ p = BN_CTX_get(ctx); ++ a = BN_CTX_get(ctx); ++ b = BN_CTX_get(ctx); ++ w_x = BN_CTX_get(ctx); ++ w_y = BN_CTX_get(ctx); ++ ++ if (!x || !y || !p || !a || !b || !w_x || !w_y) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ priv_key = EC_KEY_get0_private_key(ecdh); ++ if (priv_key == NULL) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); ++ goto err; ++ } ++ ++ group = EC_KEY_get0_group(ecdh); ++ if ((tmp=EC_POINT_new(group)) == NULL) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == ++ NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ ++ if (!EC_POINT_get_affine_coordinates_GFp(group, ++ EC_GROUP_get0_generator(group), x, y, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for prime curve */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ } else { ++ ec_crv = EC_BINARY; ++ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group), x, y, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for binary curve */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } ++ ++ /* irreducible polynomial that creates the field */ ++ if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the irreducible polynomial that creates the field */ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* Get the public key into a flat buffer with appropriate padding */ ++ pub_key_len = 2 * q_len; ++ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); ++ if (!w_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ab = eng_copy_curve_points (a, b, ab_len, q_len); ++ if (!ab) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ /* copy b' i.e c(b), instead of only b */ ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop->curve_type = ECC_BINARY; ++ } else ++ kop->curve_type = ECC_PRIME; ++ ++ priv_key_len = r_len; ++ ++ /* ++ * If BN_num_bytes of priv_key returns less then r_len then ++ * add padding bytes before the key ++ */ ++ if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ buflen = (EC_GROUP_get_degree(group) + 7)/8; ++ len = BN_num_bytes(x); ++ if (len > buflen || q_len < buflen) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR); ++ goto err; ++ } ++ ++ kop->crk_op = CRK_DH_COMPUTE_KEY; ++ kop->crk_param[0].crp_p = (void *) s; ++ kop->crk_param[0].crp_nbits = priv_key_len*8; ++ kop->crk_param[1].crp_p = (void *) w_xy; ++ kop->crk_param[1].crp_nbits = pub_key_len*8; ++ kop->crk_param[2].crp_p = (void *) q; ++ kop->crk_param[2].crp_nbits = q_len*8; ++ kop->crk_param[3].crp_p = (void *) ab; ++ kop->crk_param[3].crp_nbits = ab_len*8; ++ kop->crk_iparams = 4; ++ kop->crk_param[4].crp_p = (void *) out; ++ kop->crk_param[4].crp_nbits = q_len*8; ++ kop->crk_oparams = 1; ++ kop->cookie = cookie; ++ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) ++ goto err; ++ ++ return q_len; ++err: ++ { ++ const ECDH_METHOD *meth = ECDH_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); ++ /* Call user cookie handler */ ++ cookie->pkc_callback(cookie, 0); ++ } ++ return ret; ++} + + static DH_METHOD cryptodev_dh = { + "cryptodev DH method", +@@ -2545,6 +3800,8 @@ static DH_METHOD cryptodev_dh = { + NULL, + NULL, + NULL, ++ NULL, ++ NULL, + 0, /* flags */ + NULL /* app_data */ + }; +@@ -2553,6 +3810,7 @@ static ECDH_METHOD cryptodev_ecdh = { + "cryptodev ECDH method", + NULL, /* cryptodev_ecdh_compute_key */ + NULL, ++ NULL, + 0, /* flags */ + NULL /* app_data */ + }; +@@ -2625,12 +3883,19 @@ ENGINE_load_cryptodev(void) + cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; +- if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) ++ cryptodev_rsa.bn_mod_exp_async = ++ cryptodev_bn_mod_exp_async; ++ if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) { + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_mod_exp; +- else ++ cryptodev_rsa.rsa_mod_exp_async = ++ cryptodev_rsa_mod_exp_async; ++ } else { + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_nocrt_mod_exp; ++ cryptodev_rsa.rsa_mod_exp_async = ++ cryptodev_rsa_nocrt_mod_exp_async; ++ } + } + } + +@@ -2638,12 +3903,21 @@ ENGINE_load_cryptodev(void) + const DSA_METHOD *meth = DSA_OpenSSL(); + + memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); +- if (cryptodev_asymfeat & CRF_DSA_SIGN) ++ if (cryptodev_asymfeat & CRF_DSA_SIGN) { + cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; +- if (cryptodev_asymfeat & CRF_DSA_VERIFY) ++ cryptodev_dsa.dsa_do_sign_async = ++ cryptodev_dsa_do_sign_async; ++ } ++ if (cryptodev_asymfeat & CRF_DSA_VERIFY) { + cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; +- if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) ++ cryptodev_dsa.dsa_do_verify_async = ++ cryptodev_dsa_verify_async; ++ } ++ if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) { + cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; ++ cryptodev_dsa.dsa_keygen_async = ++ cryptodev_dsa_keygen_async; ++ } + } + + if (ENGINE_set_DH(engine, &cryptodev_dh)){ +@@ -2652,10 +3926,15 @@ ENGINE_load_cryptodev(void) + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { + cryptodev_dh.compute_key = + cryptodev_dh_compute_key; ++ cryptodev_dh.compute_key_async = ++ cryptodev_dh_compute_key_async; + } + if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { + cryptodev_dh.generate_key = + cryptodev_dh_keygen; ++ cryptodev_dh.generate_key_async = ++ cryptodev_dh_keygen_async; ++ + } + } + +@@ -2664,10 +3943,14 @@ ENGINE_load_cryptodev(void) + memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); + if (cryptodev_asymfeat & CRF_DSA_SIGN) { + cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; ++ cryptodev_ecdsa.ecdsa_do_sign_async = ++ cryptodev_ecdsa_do_sign_async; + } + if (cryptodev_asymfeat & CRF_DSA_VERIFY) { + cryptodev_ecdsa.ecdsa_do_verify = + cryptodev_ecdsa_verify; ++ cryptodev_ecdsa.ecdsa_do_verify_async = ++ cryptodev_ecdsa_verify_async; + } + } + +@@ -2676,9 +3959,16 @@ ENGINE_load_cryptodev(void) + memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { + cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; ++ cryptodev_ecdh.compute_key_async = ++ cryptodev_ecdh_compute_key_async; + } + } + ++ ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability); ++ ENGINE_set_close_instance(engine, cryptodev_close_instance); ++ ENGINE_set_init_instance(engine, cryptodev_init_instance); ++ ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC); ++ + ENGINE_add(engine); + ENGINE_free(engine); + ERR_clear_error(); +diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h +index 451ef8f..8fc3077 100644 +--- a/crypto/engine/eng_int.h ++++ b/crypto/engine/eng_int.h +@@ -181,7 +181,29 @@ struct engine_st + ENGINE_LOAD_KEY_PTR load_pubkey; + + ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; +- ++ /* ++ * Instantiate Engine handle to be passed in check_pkc_availability ++ * Ensure that Engine is instantiated before any pkc asynchronous call. ++ */ ++ void *(*engine_init_instance)(void); ++ /* ++ * Instantiated Engine handle will be closed with this call. ++ * Ensure that no pkc asynchronous call is made after this call ++ */ ++ void (*engine_close_instance)(void *handle); ++ /* ++ * Check availability will extract the data from kernel. ++ * eng_handle: This is the Engine handle corresponds to which ++ * the cookies needs to be polled. ++ * return 0 if cookie available else 1 ++ */ ++ int (*check_pkc_availability)(void *eng_handle); ++ /* ++ * The following map is used to check if the engine supports asynchronous implementation ++ * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous ++ * implementation need to check this features using "int ENGINE_get_async_map(engine *)"; ++ */ ++ int async_map; + const ENGINE_CMD_DEFN *cmd_defns; + int flags; + /* reference count on the structure itself */ +diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c +index 18a6664..6fa621c 100644 +--- a/crypto/engine/eng_lib.c ++++ b/crypto/engine/eng_lib.c +@@ -98,7 +98,11 @@ void engine_set_all_null(ENGINE *e) + e->ctrl = NULL; + e->load_privkey = NULL; + e->load_pubkey = NULL; ++ e->check_pkc_availability = NULL; ++ e->engine_init_instance = NULL; ++ e->engine_close_instance = NULL; + e->cmd_defns = NULL; ++ e->async_map = 0; + e->flags = 0; + } + +@@ -233,6 +237,48 @@ int ENGINE_set_id(ENGINE *e, const char *id) + return 1; + } + ++void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)) ++ { ++ e->engine_init_instance = engine_init_instance; ++ } ++ ++void ENGINE_set_close_instance(ENGINE *e, ++ void (*engine_close_instance)(void *)) ++ { ++ e->engine_close_instance = engine_close_instance; ++ } ++ ++void ENGINE_set_async_map(ENGINE *e, int async_map) ++ { ++ e->async_map = async_map; ++ } ++ ++void *ENGINE_init_instance(ENGINE *e) ++ { ++ return e->engine_init_instance(); ++ } ++ ++void ENGINE_close_instance(ENGINE *e, void *eng_handle) ++ { ++ e->engine_close_instance(eng_handle); ++ } ++ ++int ENGINE_get_async_map(ENGINE *e) ++ { ++ return e->async_map; ++ } ++ ++void ENGINE_set_check_pkc_availability(ENGINE *e, ++ int (*check_pkc_availability)(void *eng_handle)) ++ { ++ e->check_pkc_availability = check_pkc_availability; ++ } ++ ++int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle) ++ { ++ return e->check_pkc_availability(eng_handle); ++ } ++ + int ENGINE_set_name(ENGINE *e, const char *name) + { + if(name == NULL) +diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h +index 237a6c9..ccff86a 100644 +--- a/crypto/engine/engine.h ++++ b/crypto/engine/engine.h +@@ -473,6 +473,30 @@ ENGINE *ENGINE_new(void); + int ENGINE_free(ENGINE *e); + int ENGINE_up_ref(ENGINE *e); + int ENGINE_set_id(ENGINE *e, const char *id); ++void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)); ++void ENGINE_set_close_instance(ENGINE *e, ++ void (*engine_free_instance)(void *)); ++/* ++ * Following FLAGS are bitmap store in async_map to set asynchronous interface capability ++ *of the engine ++ */ ++#define ENGINE_RSA_ASYNC 0x0001 ++#define ENGINE_DSA_ASYNC 0x0002 ++#define ENGINE_DH_ASYNC 0x0004 ++#define ENGINE_ECDSA_ASYNC 0x0008 ++#define ENGINE_ECDH_ASYNC 0x0010 ++#define ENGINE_ALLPKC_ASYNC 0x001F ++/* Engine implementation will set the bitmap based on above flags using following API */ ++void ENGINE_set_async_map(ENGINE *e, int async_map); ++ /* Application need to check the bitmap based on above flags using following API ++ * to confirm asynchronous methods supported ++ */ ++int ENGINE_get_async_map(ENGINE *e); ++void *ENGINE_init_instance(ENGINE *e); ++void ENGINE_close_instance(ENGINE *e, void *eng_handle); ++void ENGINE_set_check_pkc_availability(ENGINE *e, ++ int (*check_pkc_availability)(void *eng_handle)); ++int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle); + int ENGINE_set_name(ENGINE *e, const char *name); + int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); + int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); +diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h +index 5f269e5..6ef1b15 100644 +--- a/crypto/rsa/rsa.h ++++ b/crypto/rsa/rsa.h +@@ -101,6 +101,29 @@ struct rsa_meth_st + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx); /* Can be null */ ++ /* ++ * Cookie in the following _async variant must be allocated before ++ * submission and can be freed once its corresponding callback ++ * handler is called ++ */ ++ int (*rsa_pub_enc_asyn)(int flen,const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding, ++ struct pkc_cookie_s *cookie); ++ int (*rsa_pub_dec_async)(int flen,const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding, ++ struct pkc_cookie_s *cookie); ++ int (*rsa_priv_enc_async)(int flen,const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding, ++ struct pkc_cookie_s *cookie); ++ int (*rsa_priv_dec_async)(int flen,const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding, ++ struct pkc_cookie_s *cookie); ++ int (*rsa_mod_exp_async)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, ++ BN_CTX *ctx, struct pkc_cookie_s *cookie); ++ int (*bn_mod_exp_async)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, ++ const BIGNUM *m, BN_CTX *ctx, ++ BN_MONT_CTX *m_ctx, struct pkc_cookie_s *cookie); ++ + int (*init)(RSA *rsa); /* called at new */ + int (*finish)(RSA *rsa); /* called at free */ + int flags; /* RSA_METHOD_FLAG_* things */ +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch b/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch new file mode 100644 index 00000000..244d230e --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch @@ -0,0 +1,153 @@ +From e4fc051f8ae1c093b25ca346c2ec351ff3b700d1 Mon Sep 17 00:00:00 2001 +From: Hou Zhiqiang +Date: Wed, 2 Apr 2014 16:10:43 +0800 +Subject: [PATCH 11/26] Add RSA keygen operation and support gendsa command + with hardware engine + +Upstream-status: Pending + +Signed-off-by: Hou Zhiqiang +Tested-by: Cristian Stoica +--- + crypto/engine/eng_cryptodev.c | 118 ++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 118 insertions(+) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 9f2416e..b2919a8 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1906,6 +1906,121 @@ err: + return dsaret; + } + ++/* Cryptodev RSA Key Gen routine */ ++static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) ++{ ++ struct crypt_kop kop; ++ int ret, fd; ++ int p_len, q_len; ++ int i; ++ ++ if ((fd = get_asym_dev_crypto()) < 0) ++ return fd; ++ ++ if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; ++ if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; ++ if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err; ++ if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err; ++ if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err; ++ if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err; ++ if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err; ++ if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err; ++ ++ BN_copy(rsa->e, e); ++ ++ p_len = (bits+1) / (2 * 8); ++ q_len = (bits - p_len * 8) / 8; ++ memset(&kop, 0, sizeof kop); ++ kop.crk_op = CRK_RSA_GENERATE_KEY; ++ ++ /* p length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* q length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* n length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = bits; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0x00, p_len + q_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* d length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = bits; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + q_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* dp1 length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* dq1 length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* i length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ ++ if (ioctl(fd, CIOCKEY, &kop) == 0) { ++ BN_bin2bn(kop.crk_param[0].crp_p, ++ p_len, rsa->p); ++ BN_bin2bn(kop.crk_param[1].crp_p, ++ q_len, rsa->q); ++ BN_bin2bn(kop.crk_param[2].crp_p, ++ bits / 8, rsa->n); ++ BN_bin2bn(kop.crk_param[3].crp_p, ++ bits / 8, rsa->d); ++ BN_bin2bn(kop.crk_param[4].crp_p, ++ p_len, rsa->dmp1); ++ BN_bin2bn(kop.crk_param[5].crp_p, ++ q_len, rsa->dmq1); ++ BN_bin2bn(kop.crk_param[6].crp_p, ++ p_len, rsa->iqmp); ++ return 1; ++ } ++sw_try: ++ { ++ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); ++ ret = (meth->rsa_keygen)(rsa, bits, e, cb); ++ } ++ return ret; ++ ++err: ++ for (i = 0; i < CRK_MAXPARAM; i++) ++ free(kop.crk_param[i].crp_p); ++ return 0; ++ ++} ++ + /* Cryptodev DSA Key Gen routine */ + static int cryptodev_dsa_keygen(DSA *dsa) + { +@@ -3896,6 +4011,9 @@ ENGINE_load_cryptodev(void) + cryptodev_rsa.rsa_mod_exp_async = + cryptodev_rsa_nocrt_mod_exp_async; + } ++ if (cryptodev_asymfeat & CRF_RSA_GENERATE_KEY) ++ cryptodev_rsa.rsa_keygen = ++ cryptodev_rsa_keygen; + } + } + +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch b/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch new file mode 100644 index 00000000..7f907da4 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch @@ -0,0 +1,64 @@ +From ac777f046da7151386d667391362ecb553ceee90 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Wed, 16 Apr 2014 22:53:04 +0545 +Subject: [PATCH 12/26] RSA Keygen Fix + +Upstream-status: Pending + +If Kernel driver doesn't support RSA Keygen or same returns +error handling the keygen operation, the keygen is gracefully +handled by software supported rsa_keygen handler + +Signed-off-by: Yashpal Dutta +Tested-by: Cristian Stoica +--- + crypto/engine/eng_cryptodev.c | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index b2919a8..ed5f20f 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1915,7 +1915,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + int i; + + if ((fd = get_asym_dev_crypto()) < 0) +- return fd; ++ goto sw_try; + + if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; + if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; +@@ -1936,7 +1936,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + /* p length */ + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); + if (!kop.crk_param[kop.crk_iparams].crp_p) +- goto err; ++ goto sw_try; + kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); + kop.crk_iparams++; +@@ -1944,7 +1944,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + /* q length */ + kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); + if (!kop.crk_param[kop.crk_iparams].crp_p) +- goto err; ++ goto sw_try; + kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); + kop.crk_iparams++; +@@ -2009,8 +2009,10 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + } + sw_try: + { +- const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); +- ret = (meth->rsa_keygen)(rsa, bits, e, cb); ++ const RSA_METHOD *meth = rsa->meth; ++ rsa->meth = RSA_PKCS1_SSLeay(); ++ ret = RSA_generate_key_ex(rsa, bits, e, cb); ++ rsa->meth = meth; + } + return ret; + +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch b/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch new file mode 100644 index 00000000..c9d8ace8 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch @@ -0,0 +1,164 @@ +From 6aaa306cdf878250d7b6eaf30978de313653886b Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Thu, 17 Apr 2014 06:57:59 +0545 +Subject: [PATCH 13/26] Removed local copy of curve_t type + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +Tested-by: Cristian Stoica +--- + crypto/engine/eng_cryptodev.c | 34 ++++++++++++++-------------------- + crypto/engine/eng_cryptodev_ec.h | 7 ------- + 2 files changed, 14 insertions(+), 27 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index ed5f20f..5d883fa 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -2398,12 +2398,6 @@ static ECDSA_METHOD cryptodev_ecdsa = { + NULL /* app_data */ + }; + +-typedef enum ec_curve_s +-{ +- EC_PRIME, +- EC_BINARY +-} ec_curve_t; +- + /* ENGINE handler for ECDSA Sign */ + static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, + int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) +@@ -2420,7 +2414,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, + const BIGNUM *order = NULL, *priv_key=NULL; + const EC_GROUP *group = NULL; + struct crypt_kop kop; +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + + memset(&kop, 0, sizeof(kop)); + ecdsa = ecdsa_check(eckey); +@@ -2553,7 +2547,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, + else + goto err; + } +- kop.curve_type = ECC_BINARY; ++ kop.curve_type = EC_BINARY; + } + + /* Calculation of Generator point */ +@@ -2647,7 +2641,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, + const EC_POINT *pub_key = NULL; + const BIGNUM *order = NULL; + const EC_GROUP *group=NULL; +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + struct crypt_kop kop; + + memset(&kop, 0, sizeof kop); +@@ -2792,7 +2786,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, + else + goto err; + } +- kop.curve_type = ECC_BINARY; ++ kop.curve_type = EC_BINARY; + } + + /* Calculation of Generator point */ +@@ -2893,7 +2887,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, + const BIGNUM *order = NULL, *priv_key=NULL; + const EC_GROUP *group = NULL; + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + + if (!(sig->r = BN_new()) || !kop) + goto err; +@@ -3029,7 +3023,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, + else + goto err; + } +- kop->curve_type = ECC_BINARY; ++ kop->curve_type = EC_BINARY; + } + + /* Calculation of Generator point */ +@@ -3105,7 +3099,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, + const EC_POINT *pub_key = NULL; + const BIGNUM *order = NULL; + const EC_GROUP *group=NULL; +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); + + if (!kop) +@@ -3247,7 +3241,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, + /* copy b' i.e c(b), instead of only b */ + eng_ec_get_cparam (EC_GROUP_get_curve_name(group), + ab+q_len, q_len); +- kop->curve_type = ECC_BINARY; ++ kop->curve_type = EC_BINARY; + } + + /* Calculation of Generator point */ +@@ -3552,7 +3546,7 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, + void *out, size_t *outlen)) + { +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; + BIGNUM * w_x = NULL, *w_y = NULL; + int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; +@@ -3678,9 +3672,9 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, + else + goto err; + } +- kop.curve_type = ECC_BINARY; ++ kop.curve_type = EC_BINARY; + } else +- kop.curve_type = ECC_PRIME; ++ kop.curve_type = EC_PRIME; + + priv_key_len = r_len; + +@@ -3729,7 +3723,7 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, + void *out, size_t *outlen), struct pkc_cookie_s *cookie) + { +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; + BIGNUM * w_x = NULL, *w_y = NULL; + int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; +@@ -3857,9 +3851,9 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, + else + goto err; + } +- kop->curve_type = ECC_BINARY; ++ kop->curve_type = EC_BINARY; + } else +- kop->curve_type = ECC_PRIME; ++ kop->curve_type = EC_PRIME; + + priv_key_len = r_len; + +diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h +index 77aee71..a4b8da5 100644 +--- a/crypto/engine/eng_cryptodev_ec.h ++++ b/crypto/engine/eng_cryptodev_ec.h +@@ -286,11 +286,4 @@ static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, + + return xy; + } +- +-enum curve_t { +- DISCRETE_LOG, +- ECC_PRIME, +- ECC_BINARY, +- MAX_ECC_TYPE +-}; + #endif +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch b/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch new file mode 100644 index 00000000..198bed70 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch @@ -0,0 +1,43 @@ +From 14623ca9e417ccef1ad3f4138acfac0ebe682f1f Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Tue, 22 Apr 2014 22:58:33 +0545 +Subject: [PATCH 14/26] Modulus parameter is not populated by dhparams + +Upstream-status: Pending + +When dhparams are created, modulus parameter required for +private key generation is not populated. So, falling back +to software for proper population of modulus parameters followed +by private key generation + +Signed-off-by: Yashpal Dutta +Tested-by: Cristian Stoica +--- + crypto/engine/eng_cryptodev.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 5d883fa..6d69336 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -3364,7 +3364,7 @@ static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) + kop->crk_op = CRK_DH_GENERATE_KEY; + if (bn2crparam(dh->p, &kop->crk_param[0])) + goto sw_try; +- if (bn2crparam(dh->q, &kop->crk_param[1])) ++ if (!dh->q || bn2crparam(dh->q, &kop->crk_param[1])) + goto sw_try; + kop->crk_param[2].crp_p = g; + kop->crk_param[2].crp_nbits = g_len * 8; +@@ -3419,7 +3419,7 @@ static int cryptodev_dh_keygen(DH *dh) + kop.crk_op = CRK_DH_GENERATE_KEY; + if (bn2crparam(dh->p, &kop.crk_param[0])) + goto sw_try; +- if (bn2crparam(dh->q, &kop.crk_param[1])) ++ if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) + goto sw_try; + kop.crk_param[2].crp_p = g; + kop.crk_param[2].crp_nbits = g_len * 8; +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch b/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch new file mode 100644 index 00000000..59330a1e --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch @@ -0,0 +1,53 @@ +From 10be401a33e6ebcc325d6747914c70595cd53d0a Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Thu, 24 Apr 2014 00:35:34 +0545 +Subject: [PATCH 15/26] SW Backoff mechanism for dsa keygen + +Upstream-status: Pending + +DSA Keygen is not handled in default openssl dsa method. Due to +same null function pointer in SW DSA method, the backoff for dsa +keygen gives segmentation fault. + +Signed-off-by: Yashpal Dutta +Tested-by: Cristian Stoica +--- + crypto/engine/eng_cryptodev.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 6d69336..dab8fea 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -2069,8 +2069,10 @@ static int cryptodev_dsa_keygen(DSA *dsa) + return ret; + sw_try: + { +- const DSA_METHOD *meth = DSA_OpenSSL(); +- ret = (meth->dsa_keygen)(dsa); ++ const DSA_METHOD *meth = dsa->meth; ++ dsa->meth = DSA_OpenSSL(); ++ ret = DSA_generate_key(dsa); ++ dsa->meth = meth; + } + return ret; + } +@@ -2124,11 +2126,13 @@ static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) + return ret; + sw_try: + { +- const DSA_METHOD *meth = DSA_OpenSSL(); ++ const DSA_METHOD *meth = dsa->meth; + ++ dsa->meth = DSA_OpenSSL(); + if (kop) + free(kop); +- ret = (meth->dsa_keygen)(dsa); ++ ret = DSA_generate_key(dsa); ++ dsa->meth = meth; + cookie->pkc_callback(cookie, 0); + } + return ret; +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch b/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch new file mode 100644 index 00000000..8923cb63 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch @@ -0,0 +1,100 @@ +From d2c868c6370bcc0d0a254e641907da2cdf992d62 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Thu, 1 May 2014 06:35:45 +0545 +Subject: [PATCH 16/26] Fixed DH keygen pair generator + +Upstream-status: Pending + +Wrong Padding results into keygen length error + +Signed-off-by: Yashpal Dutta +Tested-by: Cristian Stoica +--- + crypto/engine/eng_cryptodev.c | 50 ++++++++++++++++++++++++++++--------------- + 1 file changed, 33 insertions(+), 17 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index dab8fea..13d924f 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -3396,44 +3396,60 @@ sw_try: + static int cryptodev_dh_keygen(DH *dh) + { + struct crypt_kop kop; +- int ret = 1, g_len; +- unsigned char *g = NULL; ++ int ret = 1, q_len = 0; ++ unsigned char *q = NULL, *g = NULL, *s = NULL, *w = NULL; ++ BIGNUM *pub_key = NULL, *priv_key = NULL; ++ int generate_new_key = 1; + +- if (dh->priv_key == NULL) { +- if ((dh->priv_key=BN_new()) == NULL) +- goto sw_try; +- } ++ if (dh->priv_key) ++ priv_key = dh->priv_key; + +- if (dh->pub_key == NULL) { +- if ((dh->pub_key=BN_new()) == NULL) +- goto sw_try; +- } ++ if (dh->pub_key) ++ pub_key = dh->pub_key; + +- g_len = BN_num_bytes(dh->p); ++ q_len = BN_num_bytes(dh->p); + /** + * Get generator into a plain buffer. If length is less than + * q_len then add leading padding bytes. + */ +- if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { ++ if (spcf_bn2bin_ex(dh->g, &g, &q_len)) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ ++ if (spcf_bn2bin_ex(dh->p, &q, &q_len)) { + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); + goto sw_try; + } + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DH_GENERATE_KEY; +- if (bn2crparam(dh->p, &kop.crk_param[0])) +- goto sw_try; ++ kop.crk_param[0].crp_p = q; ++ kop.crk_param[0].crp_nbits = q_len * 8; + if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) + goto sw_try; + kop.crk_param[2].crp_p = g; +- kop.crk_param[2].crp_nbits = g_len * 8; ++ kop.crk_param[2].crp_nbits = q_len * 8; + kop.crk_iparams = 3; + ++ s = OPENSSL_malloc (q_len); ++ if (!s) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ ++ w = OPENSSL_malloc (q_len); ++ if (!w) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ + /* pub_key is or prime length while priv key is of length of order */ +- if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, +- BN_num_bytes(dh->q), dh->priv_key)) ++ if (cryptodev_asym(&kop, q_len, w, q_len, s)) + goto sw_try; + ++ dh->pub_key = BN_bin2bn(w, q_len, pub_key); ++ dh->pub_key = BN_bin2bn(s, q_len, priv_key); + return ret; + sw_try: + { +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch b/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch new file mode 100644 index 00000000..bd9e61ac --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch @@ -0,0 +1,309 @@ +From 11b55103463bac614e00d74e9f196ec4ec6bade1 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Mon, 16 Jun 2014 14:06:21 +0300 +Subject: [PATCH 17/26] cryptodev: add support for aes-gcm algorithm offloading + +Change-Id: I3b77dc5ef8b8f707309549244a02852d95b36168 +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/17226 +--- + apps/speed.c | 6 +- + crypto/engine/eng_cryptodev.c | 229 +++++++++++++++++++++++++++++++++++++++++- + 2 files changed, 233 insertions(+), 2 deletions(-) + +diff --git a/apps/speed.c b/apps/speed.c +index 9886ca3..099dede 100644 +--- a/apps/speed.c ++++ b/apps/speed.c +@@ -224,7 +224,11 @@ + #endif + + #undef BUFSIZE +-#define BUFSIZE ((long)1024*8+1) ++/* The buffer overhead allows GCM tag at the end of the encrypted data. This ++ avoids buffer overflows from cryptodev since Linux kernel GCM ++ implementation allways adds the tag - unlike e_aes.c:aes_gcm_cipher() ++ which doesn't */ ++#define BUFSIZE ((long)1024*8 + EVP_GCM_TLS_TAG_LEN) + int run=0; + + static int mr=0; +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 13d924f..4493490 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -78,8 +78,10 @@ struct dev_crypto_state { + struct session_op d_sess; + int d_fd; + unsigned char *aad; +- unsigned int aad_len; ++ int aad_len; + unsigned int len; ++ unsigned char *iv; ++ int ivlen; + + #ifdef USE_CRYPTODEV_DIGESTS + char dummy_mac_key[HASH_MAX_LEN]; +@@ -251,6 +253,7 @@ static struct { + { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, + { 0, NID_undef, 0, 0, 0}, + }; + +@@ -271,6 +274,19 @@ static struct { + }; + #endif + ++/* increment counter (64-bit int) by 1 */ ++static void ctr64_inc(unsigned char *counter) { ++ int n=8; ++ unsigned char c; ++ ++ do { ++ --n; ++ c = counter[n]; ++ ++c; ++ counter[n] = c; ++ if (c) return; ++ } while (n); ++} + /* + * Return a fd if /dev/crypto seems usable, 0 otherwise. + */ +@@ -762,6 +778,197 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + } + } + ++static int cryptodev_init_gcm_key(EVP_CIPHER_CTX *ctx, ++ const unsigned char *key, const unsigned char *iv, int enc) ++{ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ int cipher = -1, i; ++ if (!iv && !key) ++ return 1; ++ ++ if (iv) ++ memcpy(ctx->iv, iv, ctx->cipher->iv_len); ++ ++ for (i = 0; ciphers[i].id; i++) ++ if (ctx->cipher->nid == ciphers[i].nid && ++ ctx->cipher->iv_len <= ciphers[i].ivmax && ++ ctx->key_len == ciphers[i].keylen) { ++ cipher = ciphers[i].id; ++ break; ++ } ++ ++ if (!ciphers[i].id) { ++ state->d_fd = -1; ++ return 0; ++ } ++ ++ memset(sess, 0, sizeof(struct session_op)); ++ ++ if ((state->d_fd = get_dev_crypto()) < 0) ++ return 0; ++ ++ sess->key = (unsigned char *) key; ++ sess->keylen = ctx->key_len; ++ sess->cipher = cipher; ++ ++ if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { ++ put_dev_crypto(state->d_fd); ++ state->d_fd = -1; ++ return 0; ++ } ++ return 1; ++} ++ ++static int cryptodev_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, ++ const unsigned char *in, size_t len) ++{ ++ struct crypt_auth_op cryp = {0}; ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ int rv = len; ++ ++ if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ? ++ EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV, ++ EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0) ++ return 0; ++ ++ in += EVP_GCM_TLS_EXPLICIT_IV_LEN; ++ out += EVP_GCM_TLS_EXPLICIT_IV_LEN; ++ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; ++ ++ if (ctx->encrypt) { ++ len -= EVP_GCM_TLS_TAG_LEN; ++ } ++ cryp.ses = sess->ses; ++ cryp.len = len; ++ cryp.src = (unsigned char*) in; ++ cryp.dst = out; ++ cryp.auth_src = state->aad; ++ cryp.auth_len = state->aad_len; ++ cryp.iv = ctx->iv; ++ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; ++ ++ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { ++ return 0; ++ } ++ ++ if (ctx->encrypt) ++ ctr64_inc(state->iv + state->ivlen - 8); ++ else ++ rv = len - EVP_GCM_TLS_TAG_LEN; ++ ++ return rv; ++} ++ ++static int cryptodev_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, ++ const unsigned char *in, size_t len) ++{ ++ struct crypt_auth_op cryp; ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ ++ if (state->d_fd < 0) ++ return 0; ++ ++ if ((len % ctx->cipher->block_size) != 0) ++ return 0; ++ ++ if (state->aad_len >= 0) ++ return cryptodev_gcm_tls_cipher(ctx, out, in, len); ++ ++ memset(&cryp, 0, sizeof(cryp)); ++ ++ cryp.ses = sess->ses; ++ cryp.len = len; ++ cryp.src = (unsigned char*) in; ++ cryp.dst = out; ++ cryp.auth_src = NULL; ++ cryp.auth_len = 0; ++ cryp.iv = ctx->iv; ++ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; ++ ++ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { ++ return 0; ++ } ++ ++ return len; ++} ++ ++static int cryptodev_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, ++ void *ptr) ++{ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ switch (type) { ++ case EVP_CTRL_INIT: ++ { ++ state->ivlen = ctx->cipher->iv_len; ++ state->iv = ctx->iv; ++ state->aad_len = -1; ++ return 1; ++ } ++ case EVP_CTRL_GCM_SET_IV_FIXED: ++ { ++ /* Special case: -1 length restores whole IV */ ++ if (arg == -1) ++ { ++ memcpy(state->iv, ptr, state->ivlen); ++ return 1; ++ } ++ /* Fixed field must be at least 4 bytes and invocation field ++ * at least 8. ++ */ ++ if ((arg < 4) || (state->ivlen - arg) < 8) ++ return 0; ++ if (arg) ++ memcpy(state->iv, ptr, arg); ++ if (ctx->encrypt && ++ RAND_bytes(state->iv + arg, state->ivlen - arg) <= 0) ++ return 0; ++ return 1; ++ } ++ case EVP_CTRL_AEAD_TLS1_AAD: ++ { ++ unsigned int len; ++ if (arg != 13) ++ return 0; ++ ++ memcpy(ctx->buf, ptr, arg); ++ len=ctx->buf[arg-2] << 8 | ctx->buf[arg-1]; ++ ++ /* Correct length for explicit IV */ ++ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; ++ ++ /* If decrypting correct for tag too */ ++ if (!ctx->encrypt) ++ len -= EVP_GCM_TLS_TAG_LEN; ++ ++ ctx->buf[arg-2] = len >> 8; ++ ctx->buf[arg-1] = len & 0xff; ++ ++ state->aad = ctx->buf; ++ state->aad_len = arg; ++ state->len = len; ++ ++ /* Extra padding: tag appended to record */ ++ return EVP_GCM_TLS_TAG_LEN; ++ } ++ case EVP_CTRL_GCM_SET_IV_INV: ++ { ++ if (ctx->encrypt) ++ return 0; ++ memcpy(state->iv + state->ivlen - arg, ptr, arg); ++ return 1; ++ } ++ case EVP_CTRL_GCM_IV_GEN: ++ if (arg <= 0 || arg > state->ivlen) ++ arg = state->ivlen; ++ memcpy(ptr, state->iv + state->ivlen - arg, arg); ++ return 1; ++ default: ++ return -1; ++ } ++} + /* + * libcrypto EVP stuff - this is how we get wired to EVP so the engine + * gets called when libcrypto requests a cipher NID. +@@ -901,6 +1108,23 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { + cryptodev_cbc_hmac_sha1_ctrl, + NULL + }; ++ ++const EVP_CIPHER cryptodev_aes_128_gcm = { ++ NID_aes_128_gcm, ++ 1, 16, 12, ++ EVP_CIPH_GCM_MODE | EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \ ++ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ ++ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT, ++ cryptodev_init_gcm_key, ++ cryptodev_gcm_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_gcm_ctrl, ++ NULL ++}; ++ + /* + * Registered by the ENGINE when used to find out how to deal with + * a particular NID in the ENGINE. this says what we'll do at the +@@ -944,6 +1168,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc_hmac_sha1: + *cipher = &cryptodev_aes_256_cbc_hmac_sha1; + break; ++ case NID_aes_128_gcm: ++ *cipher = &cryptodev_aes_128_gcm; ++ break; + default: + *cipher = NULL; + break; +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch b/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch new file mode 100644 index 00000000..1118a6fc --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch @@ -0,0 +1,193 @@ +From 21e3ca4ec77f9258aa4001f07faac1c4942b48b4 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Fri, 9 May 2014 17:54:06 +0300 +Subject: [PATCH 18/26] eng_cryptodev: extend TLS offload with + 3des_cbc_hmac_sha1 + +Both obj_mac.h and obj_dat.h were generated using the scripts +from crypto/objects: + +$ cd crypto/objects +$ perl objects.pl objects.txt obj_mac.num obj_mac.h +$ perl obj_dat.pl obj_mac.h obj_dat.h + +Change-Id: I94f13cdd09df67e33e6acd3c00aab47cb358ac46 +Signed-off-by: Tudor Ambarus +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/34001 +--- + crypto/engine/eng_cryptodev.c | 24 ++++++++++++++++++++++++ + crypto/objects/obj_dat.h | 10 +++++++--- + crypto/objects/obj_mac.h | 4 ++++ + crypto/objects/obj_mac.num | 1 + + crypto/objects/objects.txt | 1 + + ssl/ssl_ciph.c | 4 ++++ + 6 files changed, 41 insertions(+), 3 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 79b2678..299e84b 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -135,6 +135,7 @@ static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, + void ENGINE_load_cryptodev(void); + const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; + + inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) + { +@@ -252,6 +253,7 @@ static struct { + { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, + { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, + { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, ++ { CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, NID_des_ede3_cbc_hmac_sha1, 8, 24, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, + { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, +@@ -466,6 +468,9 @@ cryptodev_usable_ciphers(const int **nids) + case NID_aes_256_cbc_hmac_sha1: + EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); + break; ++ case NID_des_ede3_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); ++ break; + } + } + return count; +@@ -571,6 +576,7 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + switch (ctx->cipher->nid) { + case NID_aes_128_cbc_hmac_sha1: + case NID_aes_256_cbc_hmac_sha1: ++ case NID_des_ede3_cbc_hmac_sha1: + cryp.flags = COP_FLAG_AEAD_TLS_TYPE; + } + cryp.ses = sess->ses; +@@ -763,6 +769,7 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + switch (ctx->cipher->nid) { + case NID_aes_128_cbc_hmac_sha1: + case NID_aes_256_cbc_hmac_sha1: ++ case NID_des_ede3_cbc_hmac_sha1: + maclen = SHA_DIGEST_LENGTH; + } + +@@ -1082,6 +1089,20 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { + NULL + }; + ++const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1 = { ++ NID_des_ede3_cbc_hmac_sha1, ++ 8, 24, 8, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ + const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { + NID_aes_128_cbc_hmac_sha1, + 16, 16, 16, +@@ -1163,6 +1184,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc: + *cipher = &cryptodev_aes_256_cbc; + break; ++ case NID_des_ede3_cbc_hmac_sha1: ++ *cipher = &cryptodev_3des_cbc_hmac_sha1; ++ break; + case NID_aes_128_cbc_hmac_sha1: + *cipher = &cryptodev_aes_128_cbc_hmac_sha1; + break; +diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h +index bc69665..9f2267a 100644 +--- a/crypto/objects/obj_dat.h ++++ b/crypto/objects/obj_dat.h +@@ -62,9 +62,9 @@ + * [including the GNU Public Licence.] + */ + +-#define NUM_NID 920 +-#define NUM_SN 913 +-#define NUM_LN 913 ++#define NUM_NID 921 ++#define NUM_SN 914 ++#define NUM_LN 914 + #define NUM_OBJ 857 + + static const unsigned char lvalues[5974]={ +@@ -2399,6 +2399,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ + {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", + NID_aes_256_cbc_hmac_sha1,0,NULL,0}, + {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, ++{"DES-EDE3-CBC-HMAC-SHA1","des-ede3-cbc-hmac-sha1", ++ NID_des_ede3_cbc_hmac_sha1,0,NULL,0}, + }; + + static const unsigned int sn_objs[NUM_SN]={ +@@ -2474,6 +2476,7 @@ static const unsigned int sn_objs[NUM_SN]={ + 62, /* "DES-EDE-OFB" */ + 33, /* "DES-EDE3" */ + 44, /* "DES-EDE3-CBC" */ ++920, /* "DES-EDE3-CBC-HMAC-SHA1" */ + 61, /* "DES-EDE3-CFB" */ + 658, /* "DES-EDE3-CFB1" */ + 659, /* "DES-EDE3-CFB8" */ +@@ -3585,6 +3588,7 @@ static const unsigned int ln_objs[NUM_LN]={ + 62, /* "des-ede-ofb" */ + 33, /* "des-ede3" */ + 44, /* "des-ede3-cbc" */ ++920, /* "des-ede3-cbc-hmac-sha1" */ + 61, /* "des-ede3-cfb" */ + 658, /* "des-ede3-cfb1" */ + 659, /* "des-ede3-cfb8" */ +diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h +index b5ea7cd..8751902 100644 +--- a/crypto/objects/obj_mac.h ++++ b/crypto/objects/obj_mac.h +@@ -4030,3 +4030,7 @@ + #define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1" + #define NID_aes_256_cbc_hmac_sha1 918 + ++#define SN_des_ede3_cbc_hmac_sha1 "DES-EDE3-CBC-HMAC-SHA1" ++#define LN_des_ede3_cbc_hmac_sha1 "des-ede3-cbc-hmac-sha1" ++#define NID_des_ede3_cbc_hmac_sha1 920 ++ +diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num +index 1d0a7c8..9d44bb5 100644 +--- a/crypto/objects/obj_mac.num ++++ b/crypto/objects/obj_mac.num +@@ -917,3 +917,4 @@ aes_128_cbc_hmac_sha1 916 + aes_192_cbc_hmac_sha1 917 + aes_256_cbc_hmac_sha1 918 + rsaesOaep 919 ++des_ede3_cbc_hmac_sha1 920 +diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt +index d3bfad7..90d2fc5 100644 +--- a/crypto/objects/objects.txt ++++ b/crypto/objects/objects.txt +@@ -1290,3 +1290,4 @@ kisa 1 6 : SEED-OFB : seed-ofb + : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1 + : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 + : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 ++ : DES-EDE3-CBC-HMAC-SHA1 : des-ede3-cbc-hmac-sha1 +diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c +index 8188ff5..310fe76 100644 +--- a/ssl/ssl_ciph.c ++++ b/ssl/ssl_ciph.c +@@ -639,6 +639,10 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, + c->algorithm_mac == SSL_SHA1 && + (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; ++ else if (c->algorithm_enc == SSL_3DES && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp = EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; + return(1); + } + else +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch new file mode 100644 index 00000000..988d79ea --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch @@ -0,0 +1,355 @@ +From 1de2b740a3bdcd8e98abb5f4e176d46fd817b932 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Tue, 31 Mar 2015 16:30:17 +0300 +Subject: [PATCH 19/26] eng_cryptodev: add support for TLSv1.1 record offload + +Supported cipher suites: +- 3des-ede-cbc-sha +- aes-128-cbc-hmac-sha +- aes-256-cbc-hmac-sha + +Requires TLS patches on cryptodev and TLS algorithm support in Linux +kernel driver. + +Signed-off-by: Tudor Ambarus +Change-Id: Id414f36a528de3f476b72688cf85714787d7ccae +Reviewed-on: http://git.am.freescale.net:8181/34002 +Reviewed-by: Cristian Stoica +Tested-by: Cristian Stoica +--- + crypto/engine/eng_cryptodev.c | 101 ++++++++++++++++++++++++++++++++++++++---- + crypto/objects/obj_dat.h | 18 ++++++-- + crypto/objects/obj_mac.h | 12 +++++ + crypto/objects/obj_mac.num | 3 ++ + crypto/objects/objects.txt | 3 ++ + ssl/ssl_ciph.c | 26 +++++++++-- + 6 files changed, 148 insertions(+), 15 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 299e84b..f71ab27 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -66,6 +66,7 @@ ENGINE_load_cryptodev(void) + #include + #include + #include ++#include + #include + #include + #include +@@ -133,9 +134,12 @@ static int cryptodev_dh_compute_key(unsigned char *key, + static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, + void (*f)(void)); + void ENGINE_load_cryptodev(void); ++const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; +-const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1; + + inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) + { +@@ -256,6 +260,9 @@ static struct { + { CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, NID_des_ede3_cbc_hmac_sha1, 8, 24, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, NID_tls11_des_ede3_cbc_hmac_sha1, 8, 24, 20}, ++ { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_128_cbc_hmac_sha1, 16, 16, 20}, ++ { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_256_cbc_hmac_sha1, 16, 32, 20}, + { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, + { 0, NID_undef, 0, 0, 0}, + }; +@@ -462,14 +469,23 @@ cryptodev_usable_ciphers(const int **nids) + /* add ciphers specific to cryptodev if found in kernel */ + for(i = 0; i < count; i++) { + switch (*(*nids + i)) { ++ case NID_des_ede3_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); ++ break; + case NID_aes_128_cbc_hmac_sha1: + EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); + break; + case NID_aes_256_cbc_hmac_sha1: + EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); + break; +- case NID_des_ede3_cbc_hmac_sha1: +- EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); ++ case NID_tls11_des_ede3_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls11_3des_cbc_hmac_sha1); ++ break; ++ case NID_tls11_aes_128_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls11_aes_128_cbc_hmac_sha1); ++ break; ++ case NID_tls11_aes_256_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls11_aes_256_cbc_hmac_sha1); + break; + } + } +@@ -574,9 +590,12 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + + /* TODO: make a seamless integration with cryptodev flags */ + switch (ctx->cipher->nid) { ++ case NID_des_ede3_cbc_hmac_sha1: + case NID_aes_128_cbc_hmac_sha1: + case NID_aes_256_cbc_hmac_sha1: +- case NID_des_ede3_cbc_hmac_sha1: ++ case NID_tls11_des_ede3_cbc_hmac_sha1: ++ case NID_tls11_aes_128_cbc_hmac_sha1: ++ case NID_tls11_aes_256_cbc_hmac_sha1: + cryp.flags = COP_FLAG_AEAD_TLS_TYPE; + } + cryp.ses = sess->ses; +@@ -758,8 +777,9 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + struct dev_crypto_state *state = ctx->cipher_data; + unsigned char *p = ptr; + unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; +- unsigned int maclen, padlen; ++ unsigned int maclen, padlen, len; + unsigned int bs = ctx->cipher->block_size; ++ bool aad_needs_fix = false; + + state->aad = ptr; + state->aad_len = arg; +@@ -767,10 +787,24 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + + /* TODO: this should be an extension of EVP_CIPHER struct */ + switch (ctx->cipher->nid) { ++ case NID_des_ede3_cbc_hmac_sha1: + case NID_aes_128_cbc_hmac_sha1: + case NID_aes_256_cbc_hmac_sha1: +- case NID_des_ede3_cbc_hmac_sha1: + maclen = SHA_DIGEST_LENGTH; ++ break; ++ case NID_tls11_des_ede3_cbc_hmac_sha1: ++ case NID_tls11_aes_128_cbc_hmac_sha1: ++ case NID_tls11_aes_256_cbc_hmac_sha1: ++ maclen = SHA_DIGEST_LENGTH; ++ aad_needs_fix = true; ++ break; ++ } ++ ++ /* Correct length for AAD Length field */ ++ if (ctx->encrypt && aad_needs_fix) { ++ len = cryptlen - bs; ++ p[arg-2] = len >> 8; ++ p[arg-1] = len & 0xff; + } + + /* space required for encryption (not only TLS padding) */ +@@ -1131,6 +1165,48 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { + NULL + }; + ++const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1 = { ++ NID_tls11_des_ede3_cbc_hmac_sha1, ++ 8, 24, 8, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1 = { ++ NID_tls11_aes_128_cbc_hmac_sha1, ++ 16, 16, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1 = { ++ NID_tls11_aes_256_cbc_hmac_sha1, ++ 16, 32, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ + const EVP_CIPHER cryptodev_aes_128_gcm = { + NID_aes_128_gcm, + 1, 16, 12, +@@ -1184,6 +1260,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc: + *cipher = &cryptodev_aes_256_cbc; + break; ++ case NID_aes_128_gcm: ++ *cipher = &cryptodev_aes_128_gcm; ++ break; + case NID_des_ede3_cbc_hmac_sha1: + *cipher = &cryptodev_3des_cbc_hmac_sha1; + break; +@@ -1193,8 +1272,14 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc_hmac_sha1: + *cipher = &cryptodev_aes_256_cbc_hmac_sha1; + break; +- case NID_aes_128_gcm: +- *cipher = &cryptodev_aes_128_gcm; ++ case NID_tls11_des_ede3_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls11_3des_cbc_hmac_sha1; ++ break; ++ case NID_tls11_aes_128_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls11_aes_128_cbc_hmac_sha1; ++ break; ++ case NID_tls11_aes_256_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls11_aes_256_cbc_hmac_sha1; + break; + default: + *cipher = NULL; +diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h +index 9f2267a..dc89b0a 100644 +--- a/crypto/objects/obj_dat.h ++++ b/crypto/objects/obj_dat.h +@@ -62,9 +62,9 @@ + * [including the GNU Public Licence.] + */ + +-#define NUM_NID 921 +-#define NUM_SN 914 +-#define NUM_LN 914 ++#define NUM_NID 924 ++#define NUM_SN 917 ++#define NUM_LN 917 + #define NUM_OBJ 857 + + static const unsigned char lvalues[5974]={ +@@ -2401,6 +2401,12 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ + {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, + {"DES-EDE3-CBC-HMAC-SHA1","des-ede3-cbc-hmac-sha1", + NID_des_ede3_cbc_hmac_sha1,0,NULL,0}, ++{"TLS11-DES-EDE3-CBC-HMAC-SHA1","tls11-des-ede3-cbc-hmac-sha1", ++ NID_tls11_des_ede3_cbc_hmac_sha1,0,NULL,0}, ++{"TLS11-AES-128-CBC-HMAC-SHA1","tls11-aes-128-cbc-hmac-sha1", ++ NID_tls11_aes_128_cbc_hmac_sha1,0,NULL,0}, ++{"TLS11-AES-256-CBC-HMAC-SHA1","tls11-aes-256-cbc-hmac-sha1", ++ NID_tls11_aes_256_cbc_hmac_sha1,0,NULL,0}, + }; + + static const unsigned int sn_objs[NUM_SN]={ +@@ -2586,6 +2592,9 @@ static const unsigned int sn_objs[NUM_SN]={ + 100, /* "SN" */ + 16, /* "ST" */ + 143, /* "SXNetID" */ ++922, /* "TLS11-AES-128-CBC-HMAC-SHA1" */ ++923, /* "TLS11-AES-256-CBC-HMAC-SHA1" */ ++921, /* "TLS11-DES-EDE3-CBC-HMAC-SHA1" */ + 458, /* "UID" */ + 0, /* "UNDEF" */ + 11, /* "X500" */ +@@ -4205,6 +4214,9 @@ static const unsigned int ln_objs[NUM_LN]={ + 459, /* "textEncodedORAddress" */ + 293, /* "textNotice" */ + 106, /* "title" */ ++922, /* "tls11-aes-128-cbc-hmac-sha1" */ ++923, /* "tls11-aes-256-cbc-hmac-sha1" */ ++921, /* "tls11-des-ede3-cbc-hmac-sha1" */ + 682, /* "tpBasis" */ + 436, /* "ucl" */ + 0, /* "undefined" */ +diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h +index 8751902..f181890 100644 +--- a/crypto/objects/obj_mac.h ++++ b/crypto/objects/obj_mac.h +@@ -4034,3 +4034,15 @@ + #define LN_des_ede3_cbc_hmac_sha1 "des-ede3-cbc-hmac-sha1" + #define NID_des_ede3_cbc_hmac_sha1 920 + ++#define SN_tls11_des_ede3_cbc_hmac_sha1 "TLS11-DES-EDE3-CBC-HMAC-SHA1" ++#define LN_tls11_des_ede3_cbc_hmac_sha1 "tls11-des-ede3-cbc-hmac-sha1" ++#define NID_tls11_des_ede3_cbc_hmac_sha1 921 ++ ++#define SN_tls11_aes_128_cbc_hmac_sha1 "TLS11-AES-128-CBC-HMAC-SHA1" ++#define LN_tls11_aes_128_cbc_hmac_sha1 "tls11-aes-128-cbc-hmac-sha1" ++#define NID_tls11_aes_128_cbc_hmac_sha1 922 ++ ++#define SN_tls11_aes_256_cbc_hmac_sha1 "TLS11-AES-256-CBC-HMAC-SHA1" ++#define LN_tls11_aes_256_cbc_hmac_sha1 "tls11-aes-256-cbc-hmac-sha1" ++#define NID_tls11_aes_256_cbc_hmac_sha1 923 ++ +diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num +index 9d44bb5..a02b58c 100644 +--- a/crypto/objects/obj_mac.num ++++ b/crypto/objects/obj_mac.num +@@ -918,3 +918,6 @@ aes_192_cbc_hmac_sha1 917 + aes_256_cbc_hmac_sha1 918 + rsaesOaep 919 + des_ede3_cbc_hmac_sha1 920 ++tls11_des_ede3_cbc_hmac_sha1 921 ++tls11_aes_128_cbc_hmac_sha1 922 ++tls11_aes_256_cbc_hmac_sha1 923 +diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt +index 90d2fc5..1973658 100644 +--- a/crypto/objects/objects.txt ++++ b/crypto/objects/objects.txt +@@ -1291,3 +1291,6 @@ kisa 1 6 : SEED-OFB : seed-ofb + : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 + : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 + : DES-EDE3-CBC-HMAC-SHA1 : des-ede3-cbc-hmac-sha1 ++ : TLS11-DES-EDE3-CBC-HMAC-SHA1 : tls11-des-ede3-cbc-hmac-sha1 ++ : TLS11-AES-128-CBC-HMAC-SHA1 : tls11-aes-128-cbc-hmac-sha1 ++ : TLS11-AES-256-CBC-HMAC-SHA1 : tls11-aes-256-cbc-hmac-sha1 +diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c +index 310fe76..0408986 100644 +--- a/ssl/ssl_ciph.c ++++ b/ssl/ssl_ciph.c +@@ -631,17 +631,35 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, + c->algorithm_mac == SSL_MD5 && + (evp=EVP_get_cipherbyname("RC4-HMAC-MD5"))) + *enc = evp, *md = NULL; +- else if (c->algorithm_enc == SSL_AES128 && ++ else if (s->ssl_version == TLS1_VERSION && ++ c->algorithm_enc == SSL_3DES && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_VERSION && ++ c->algorithm_enc == SSL_AES128 && + c->algorithm_mac == SSL_SHA1 && + (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; +- else if (c->algorithm_enc == SSL_AES256 && ++ else if (s->ssl_version == TLS1_VERSION && ++ c->algorithm_enc == SSL_AES256 && + c->algorithm_mac == SSL_SHA1 && + (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; +- else if (c->algorithm_enc == SSL_3DES && ++ else if (s->ssl_version == TLS1_1_VERSION && ++ c->algorithm_enc == SSL_3DES && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS11-DES-EDE3-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_1_VERSION && ++ c->algorithm_enc == SSL_AES128 && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS11-AES-128-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_1_VERSION && ++ c->algorithm_enc == SSL_AES256 && + c->algorithm_mac == SSL_SHA1 && +- (evp = EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) ++ (evp=EVP_get_cipherbyname("TLS11-AES-256-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; + return(1); + } +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch new file mode 100644 index 00000000..7370c496 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch @@ -0,0 +1,359 @@ +From a58703e6601fcfcfe69fdb3e7152ed76b40d67e9 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Tue, 31 Mar 2015 16:32:35 +0300 +Subject: [PATCH 20/26] eng_cryptodev: add support for TLSv1.2 record offload + +Supported cipher suites: +- 3des-ede-cbc-sha +- aes-128-cbc-hmac-sha +- aes-256-cbc-hmac-sha +- aes-128-cbc-hmac-sha256 +- aes-256-cbc-hmac-sha256 + +Requires TLS patches on cryptodev and TLS algorithm support in Linux +kernel driver. + +Signed-off-by: Tudor Ambarus +Change-Id: I0ac6953dd62e2655a59d8f3eaefd012b7ecebf55 +Reviewed-on: http://git.am.freescale.net:8181/34003 +Reviewed-by: Cristian Stoica +Tested-by: Cristian Stoica +--- + crypto/engine/eng_cryptodev.c | 123 ++++++++++++++++++++++++++++++++++++++++++ + crypto/objects/obj_dat.h | 26 +++++++-- + crypto/objects/obj_mac.h | 20 +++++++ + crypto/objects/obj_mac.num | 5 ++ + crypto/objects/objects.txt | 5 ++ + ssl/ssl_ciph.c | 25 +++++++++ + 6 files changed, 201 insertions(+), 3 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index f71ab27..fa5fe1b 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -140,6 +140,11 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls12_3des_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha256; ++const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha256; + + inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) + { +@@ -263,6 +268,11 @@ static struct { + { CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, NID_tls11_des_ede3_cbc_hmac_sha1, 8, 24, 20}, + { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_128_cbc_hmac_sha1, 16, 16, 20}, + { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { CRYPTO_TLS12_3DES_CBC_HMAC_SHA1, NID_tls12_des_ede3_cbc_hmac_sha1, 8, 24, 20}, ++ { CRYPTO_TLS12_AES_CBC_HMAC_SHA1, NID_tls12_aes_128_cbc_hmac_sha1, 16, 16, 20}, ++ { CRYPTO_TLS12_AES_CBC_HMAC_SHA1, NID_tls12_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { CRYPTO_TLS12_AES_CBC_HMAC_SHA256, NID_tls12_aes_128_cbc_hmac_sha256, 16, 16, 32}, ++ { CRYPTO_TLS12_AES_CBC_HMAC_SHA256, NID_tls12_aes_256_cbc_hmac_sha256, 16, 32, 32}, + { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, + { 0, NID_undef, 0, 0, 0}, + }; +@@ -487,6 +497,21 @@ cryptodev_usable_ciphers(const int **nids) + case NID_tls11_aes_256_cbc_hmac_sha1: + EVP_add_cipher(&cryptodev_tls11_aes_256_cbc_hmac_sha1); + break; ++ case NID_tls12_des_ede3_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls12_3des_cbc_hmac_sha1); ++ break; ++ case NID_tls12_aes_128_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls12_aes_128_cbc_hmac_sha1); ++ break; ++ case NID_tls12_aes_256_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls12_aes_256_cbc_hmac_sha1); ++ break; ++ case NID_tls12_aes_128_cbc_hmac_sha256: ++ EVP_add_cipher(&cryptodev_tls12_aes_128_cbc_hmac_sha256); ++ break; ++ case NID_tls12_aes_256_cbc_hmac_sha256: ++ EVP_add_cipher(&cryptodev_tls12_aes_256_cbc_hmac_sha256); ++ break; + } + } + return count; +@@ -596,6 +621,11 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + case NID_tls11_des_ede3_cbc_hmac_sha1: + case NID_tls11_aes_128_cbc_hmac_sha1: + case NID_tls11_aes_256_cbc_hmac_sha1: ++ case NID_tls12_des_ede3_cbc_hmac_sha1: ++ case NID_tls12_aes_128_cbc_hmac_sha1: ++ case NID_tls12_aes_256_cbc_hmac_sha1: ++ case NID_tls12_aes_128_cbc_hmac_sha256: ++ case NID_tls12_aes_256_cbc_hmac_sha256: + cryp.flags = COP_FLAG_AEAD_TLS_TYPE; + } + cryp.ses = sess->ses; +@@ -795,9 +825,17 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + case NID_tls11_des_ede3_cbc_hmac_sha1: + case NID_tls11_aes_128_cbc_hmac_sha1: + case NID_tls11_aes_256_cbc_hmac_sha1: ++ case NID_tls12_des_ede3_cbc_hmac_sha1: ++ case NID_tls12_aes_128_cbc_hmac_sha1: ++ case NID_tls12_aes_256_cbc_hmac_sha1: + maclen = SHA_DIGEST_LENGTH; + aad_needs_fix = true; + break; ++ case NID_tls12_aes_128_cbc_hmac_sha256: ++ case NID_tls12_aes_256_cbc_hmac_sha256: ++ maclen = SHA256_DIGEST_LENGTH; ++ aad_needs_fix = true; ++ break; + } + + /* Correct length for AAD Length field */ +@@ -1207,6 +1245,76 @@ const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1 = { + NULL + }; + ++const EVP_CIPHER cryptodev_tls12_3des_cbc_hmac_sha1 = { ++ NID_tls12_des_ede3_cbc_hmac_sha1, ++ 8, 24, 8, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha1 = { ++ NID_tls12_aes_128_cbc_hmac_sha1, ++ 16, 16, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha1 = { ++ NID_tls12_aes_256_cbc_hmac_sha1, ++ 16, 32, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha256 = { ++ NID_tls12_aes_128_cbc_hmac_sha256, ++ 16, 16, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha256 = { ++ NID_tls12_aes_256_cbc_hmac_sha256, ++ 16, 32, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ + const EVP_CIPHER cryptodev_aes_128_gcm = { + NID_aes_128_gcm, + 1, 16, 12, +@@ -1281,6 +1389,21 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_tls11_aes_256_cbc_hmac_sha1: + *cipher = &cryptodev_tls11_aes_256_cbc_hmac_sha1; + break; ++ case NID_tls12_des_ede3_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls12_3des_cbc_hmac_sha1; ++ break; ++ case NID_tls12_aes_128_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls12_aes_128_cbc_hmac_sha1; ++ break; ++ case NID_tls12_aes_256_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls12_aes_256_cbc_hmac_sha1; ++ break; ++ case NID_tls12_aes_128_cbc_hmac_sha256: ++ *cipher = &cryptodev_tls12_aes_128_cbc_hmac_sha256; ++ break; ++ case NID_tls12_aes_256_cbc_hmac_sha256: ++ *cipher = &cryptodev_tls12_aes_256_cbc_hmac_sha256; ++ break; + default: + *cipher = NULL; + break; +diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h +index dc89b0a..dfe19da 100644 +--- a/crypto/objects/obj_dat.h ++++ b/crypto/objects/obj_dat.h +@@ -62,9 +62,9 @@ + * [including the GNU Public Licence.] + */ + +-#define NUM_NID 924 +-#define NUM_SN 917 +-#define NUM_LN 917 ++#define NUM_NID 929 ++#define NUM_SN 922 ++#define NUM_LN 922 + #define NUM_OBJ 857 + + static const unsigned char lvalues[5974]={ +@@ -2407,6 +2407,16 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ + NID_tls11_aes_128_cbc_hmac_sha1,0,NULL,0}, + {"TLS11-AES-256-CBC-HMAC-SHA1","tls11-aes-256-cbc-hmac-sha1", + NID_tls11_aes_256_cbc_hmac_sha1,0,NULL,0}, ++{"TLS12-DES-EDE3-CBC-HMAC-SHA1","tls12-des-ede3-cbc-hmac-sha1", ++ NID_tls12_des_ede3_cbc_hmac_sha1,0,NULL,0}, ++{"TLS12-AES-128-CBC-HMAC-SHA1","tls12-aes-128-cbc-hmac-sha1", ++ NID_tls12_aes_128_cbc_hmac_sha1,0,NULL,0}, ++{"TLS12-AES-256-CBC-HMAC-SHA1","tls12-aes-256-cbc-hmac-sha1", ++ NID_tls12_aes_256_cbc_hmac_sha1,0,NULL,0}, ++{"TLS12-AES-128-CBC-HMAC-SHA256","tls12-aes-128-cbc-hmac-sha256", ++ NID_tls12_aes_128_cbc_hmac_sha256,0,NULL,0}, ++{"TLS12-AES-256-CBC-HMAC-SHA256","tls12-aes-256-cbc-hmac-sha256", ++ NID_tls12_aes_256_cbc_hmac_sha256,0,NULL,0}, + }; + + static const unsigned int sn_objs[NUM_SN]={ +@@ -2595,6 +2605,11 @@ static const unsigned int sn_objs[NUM_SN]={ + 922, /* "TLS11-AES-128-CBC-HMAC-SHA1" */ + 923, /* "TLS11-AES-256-CBC-HMAC-SHA1" */ + 921, /* "TLS11-DES-EDE3-CBC-HMAC-SHA1" */ ++925, /* "TLS12-AES-128-CBC-HMAC-SHA1" */ ++927, /* "TLS12-AES-128-CBC-HMAC-SHA256" */ ++926, /* "TLS12-AES-256-CBC-HMAC-SHA1" */ ++928, /* "TLS12-AES-256-CBC-HMAC-SHA256" */ ++924, /* "TLS12-DES-EDE3-CBC-HMAC-SHA1" */ + 458, /* "UID" */ + 0, /* "UNDEF" */ + 11, /* "X500" */ +@@ -4217,6 +4232,11 @@ static const unsigned int ln_objs[NUM_LN]={ + 922, /* "tls11-aes-128-cbc-hmac-sha1" */ + 923, /* "tls11-aes-256-cbc-hmac-sha1" */ + 921, /* "tls11-des-ede3-cbc-hmac-sha1" */ ++925, /* "tls12-aes-128-cbc-hmac-sha1" */ ++927, /* "tls12-aes-128-cbc-hmac-sha256" */ ++926, /* "tls12-aes-256-cbc-hmac-sha1" */ ++928, /* "tls12-aes-256-cbc-hmac-sha256" */ ++924, /* "tls12-des-ede3-cbc-hmac-sha1" */ + 682, /* "tpBasis" */ + 436, /* "ucl" */ + 0, /* "undefined" */ +diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h +index f181890..5af125e 100644 +--- a/crypto/objects/obj_mac.h ++++ b/crypto/objects/obj_mac.h +@@ -4046,3 +4046,23 @@ + #define LN_tls11_aes_256_cbc_hmac_sha1 "tls11-aes-256-cbc-hmac-sha1" + #define NID_tls11_aes_256_cbc_hmac_sha1 923 + ++#define SN_tls12_des_ede3_cbc_hmac_sha1 "TLS12-DES-EDE3-CBC-HMAC-SHA1" ++#define LN_tls12_des_ede3_cbc_hmac_sha1 "tls12-des-ede3-cbc-hmac-sha1" ++#define NID_tls12_des_ede3_cbc_hmac_sha1 924 ++ ++#define SN_tls12_aes_128_cbc_hmac_sha1 "TLS12-AES-128-CBC-HMAC-SHA1" ++#define LN_tls12_aes_128_cbc_hmac_sha1 "tls12-aes-128-cbc-hmac-sha1" ++#define NID_tls12_aes_128_cbc_hmac_sha1 925 ++ ++#define SN_tls12_aes_256_cbc_hmac_sha1 "TLS12-AES-256-CBC-HMAC-SHA1" ++#define LN_tls12_aes_256_cbc_hmac_sha1 "tls12-aes-256-cbc-hmac-sha1" ++#define NID_tls12_aes_256_cbc_hmac_sha1 926 ++ ++#define SN_tls12_aes_128_cbc_hmac_sha256 "TLS12-AES-128-CBC-HMAC-SHA256" ++#define LN_tls12_aes_128_cbc_hmac_sha256 "tls12-aes-128-cbc-hmac-sha256" ++#define NID_tls12_aes_128_cbc_hmac_sha256 927 ++ ++#define SN_tls12_aes_256_cbc_hmac_sha256 "TLS12-AES-256-CBC-HMAC-SHA256" ++#define LN_tls12_aes_256_cbc_hmac_sha256 "tls12-aes-256-cbc-hmac-sha256" ++#define NID_tls12_aes_256_cbc_hmac_sha256 928 ++ +diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num +index a02b58c..deeba3a 100644 +--- a/crypto/objects/obj_mac.num ++++ b/crypto/objects/obj_mac.num +@@ -921,3 +921,8 @@ des_ede3_cbc_hmac_sha1 920 + tls11_des_ede3_cbc_hmac_sha1 921 + tls11_aes_128_cbc_hmac_sha1 922 + tls11_aes_256_cbc_hmac_sha1 923 ++tls12_des_ede3_cbc_hmac_sha1 924 ++tls12_aes_128_cbc_hmac_sha1 925 ++tls12_aes_256_cbc_hmac_sha1 926 ++tls12_aes_128_cbc_hmac_sha256 927 ++tls12_aes_256_cbc_hmac_sha256 928 +diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt +index 1973658..6e4ac93 100644 +--- a/crypto/objects/objects.txt ++++ b/crypto/objects/objects.txt +@@ -1294,3 +1294,8 @@ kisa 1 6 : SEED-OFB : seed-ofb + : TLS11-DES-EDE3-CBC-HMAC-SHA1 : tls11-des-ede3-cbc-hmac-sha1 + : TLS11-AES-128-CBC-HMAC-SHA1 : tls11-aes-128-cbc-hmac-sha1 + : TLS11-AES-256-CBC-HMAC-SHA1 : tls11-aes-256-cbc-hmac-sha1 ++ : TLS12-DES-EDE3-CBC-HMAC-SHA1 : tls12-des-ede3-cbc-hmac-sha1 ++ : TLS12-AES-128-CBC-HMAC-SHA1 : tls12-aes-128-cbc-hmac-sha1 ++ : TLS12-AES-256-CBC-HMAC-SHA1 : tls12-aes-256-cbc-hmac-sha1 ++ : TLS12-AES-128-CBC-HMAC-SHA256 : tls12-aes-128-cbc-hmac-sha256 ++ : TLS12-AES-256-CBC-HMAC-SHA256 : tls12-aes-256-cbc-hmac-sha256 +diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c +index 0408986..77a82f6 100644 +--- a/ssl/ssl_ciph.c ++++ b/ssl/ssl_ciph.c +@@ -661,6 +661,31 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, + c->algorithm_mac == SSL_SHA1 && + (evp=EVP_get_cipherbyname("TLS11-AES-256-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_3DES && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS12-DES-EDE3-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_AES128 && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS12-AES-128-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_AES256 && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS12-AES-256-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_AES128 && ++ c->algorithm_mac == SSL_SHA256 && ++ (evp=EVP_get_cipherbyname("TLS12-AES-128-CBC-HMAC-SHA256"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_AES256 && ++ c->algorithm_mac == SSL_SHA256 && ++ (evp=EVP_get_cipherbyname("TLS12-AES-256-CBC-HMAC-SHA256"))) ++ *enc = evp, *md = NULL; + return(1); + } + else +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch b/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch new file mode 100644 index 00000000..16cc6882 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch @@ -0,0 +1,75 @@ +From ea4abc255c6c5feec01cb1e30c6082cfe47860e2 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Thu, 19 Feb 2015 16:11:53 +0200 +Subject: [PATCH 21/26] cryptodev: drop redundant function + +get_dev_crypto already caches the result. Another cache in-between is +useless. + +Change-Id: Ibd162529d3fb7a561a17f1a707d5d287c1586a3a +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/34216 +--- + crypto/engine/eng_cryptodev.c | 18 +++--------------- + 1 file changed, 3 insertions(+), 15 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index fa5fe1b..1ab5551 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -96,7 +96,6 @@ struct dev_crypto_state { + + static u_int32_t cryptodev_asymfeat = 0; + +-static int get_asym_dev_crypto(void); + static int open_dev_crypto(void); + static int get_dev_crypto(void); + static int get_cryptodev_ciphers(const int **cnids); +@@ -357,17 +356,6 @@ static void put_dev_crypto(int fd) + #endif + } + +-/* Caching version for asym operations */ +-static int +-get_asym_dev_crypto(void) +-{ +- static int fd = -1; +- +- if (fd == -1) +- fd = get_dev_crypto(); +- return fd; +-} +- + /* + * Find out what ciphers /dev/crypto will let us have a session for. + * XXX note, that some of these openssl doesn't deal with yet! +@@ -1796,7 +1784,7 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) + { + int fd, ret = -1; + +- if ((fd = get_asym_dev_crypto()) < 0) ++ if ((fd = get_dev_crypto()) < 0) + return (ret); + + if (r) { +@@ -2374,7 +2362,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + int p_len, q_len; + int i; + +- if ((fd = get_asym_dev_crypto()) < 0) ++ if ((fd = get_dev_crypto()) < 0) + goto sw_try; + + if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; +@@ -3928,7 +3916,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) + BIGNUM *temp = NULL; + unsigned char *padded_pub_key = NULL, *p = NULL; + +- if ((fd = get_asym_dev_crypto()) < 0) ++ if ((fd = get_dev_crypto()) < 0) + goto sw_try; + + memset(&kop, 0, sizeof kop); +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch b/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch new file mode 100644 index 00000000..0b2f0f1b --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch @@ -0,0 +1,48 @@ +From 75e3e7d600eb72e7374b1ecf5ece7b831bc98ed8 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Tue, 17 Feb 2015 13:12:53 +0200 +Subject: [PATCH 22/26] cryptodev: do not zero the buffer before use + +- The buffer is just about to be overwritten. Zeroing it before that has + no purpose + +Change-Id: I478c31bd2e254561474a7edf5e37980ca04217ce +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/34217 +--- + crypto/engine/eng_cryptodev.c | 13 ++++--------- + 1 file changed, 4 insertions(+), 9 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 1ab5551..dbc5989 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1681,21 +1681,16 @@ static int + bn2crparam(const BIGNUM *a, struct crparam *crp) + { + ssize_t bytes, bits; +- u_char *b; +- +- crp->crp_p = NULL; +- crp->crp_nbits = 0; + + bits = BN_num_bits(a); + bytes = (bits + 7) / 8; + +- b = malloc(bytes); +- if (b == NULL) ++ crp->crp_nbits = bits; ++ crp->crp_p = malloc(bytes); ++ ++ if (crp->crp_p == NULL) + return (1); +- memset(b, 0, bytes); + +- crp->crp_p = (caddr_t) b; +- crp->crp_nbits = bits; + BN_bn2bin(a, crp->crp_p); + return (0); + } +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch b/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch new file mode 100644 index 00000000..5ff1c5ca --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch @@ -0,0 +1,72 @@ +From 4453b06b940fc03a0973cfd96f908e46cce61054 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Wed, 18 Feb 2015 10:39:46 +0200 +Subject: [PATCH 23/26] cryptodev: clean-up code layout + +This is just a refactoring that uses else branch to check for malloc failures + +Change-Id: I6dc157af36d6ec51a4edfc82cf97fae2e7e83628 +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/34218 +--- + crypto/engine/eng_cryptodev.c | 42 ++++++++++++++++++++---------------------- + 1 file changed, 20 insertions(+), 22 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index dbc5989..dceb4f5 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1745,30 +1745,28 @@ cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, + fd = *(int *)cookie->eng_handle; + + eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); +- +- if (eng_cookie) { +- memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); +- if (r) { +- kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); +- if (!kop->crk_param[kop->crk_iparams].crp_p) +- return -ENOMEM; +- kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; +- kop->crk_oparams++; +- eng_cookie->r = r; +- eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; +- } +- if (s) { +- kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); +- if (!kop->crk_param[kop->crk_iparams+1].crp_p) +- return -ENOMEM; +- kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; +- kop->crk_oparams++; +- eng_cookie->s = s; +- eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; +- } +- } else ++ if (!eng_cookie) + return -ENOMEM; + ++ memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); ++ if (r) { ++ kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); ++ if (!kop->crk_param[kop->crk_iparams].crp_p) ++ return -ENOMEM; ++ kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; ++ kop->crk_oparams++; ++ eng_cookie->r = r; ++ eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; ++ } ++ if (s) { ++ kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); ++ if (!kop->crk_param[kop->crk_iparams+1].crp_p) ++ return -ENOMEM; ++ kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; ++ kop->crk_oparams++; ++ eng_cookie->s = s; ++ eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; ++ } + eng_cookie->kop = kop; + cookie->eng_cookie = eng_cookie; + return ioctl(fd, CIOCASYMASYNCRYPT, kop); +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch b/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch new file mode 100644 index 00000000..e798d3e2 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch @@ -0,0 +1,100 @@ +From a44701abd995b3db80001d0c5d88e9ead05972c1 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Thu, 19 Feb 2015 16:43:29 +0200 +Subject: [PATCH 24/26] cryptodev: do not cache file descriptor in 'open' + +The file descriptor returned by get_dev_crypto is cached after a +successful return. The issue is, it is cached inside 'open_dev_crypto' +which is no longer useful as a general purpose open("/dev/crypto") +function. + +This patch is a refactoring that moves the caching operation from +open_dev_crypto to get_dev_crypto and leaves the former as a simpler +function true to its name + +Change-Id: I980170969410381973ce75f6679a4a1401738847 +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/34219 +--- + crypto/engine/eng_cryptodev.c | 50 +++++++++++++++++++++---------------------- + 1 file changed, 24 insertions(+), 26 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index dceb4f5..b74fc7c 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -306,47 +306,45 @@ static void ctr64_inc(unsigned char *counter) { + if (c) return; + } while (n); + } +-/* +- * Return a fd if /dev/crypto seems usable, 0 otherwise. +- */ +-static int +-open_dev_crypto(void) ++ ++static int open_dev_crypto(void) + { +- static int fd = -1; ++ int fd; + +- if (fd == -1) { +- if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1) +- return (-1); +- /* close on exec */ +- if (fcntl(fd, F_SETFD, 1) == -1) { +- close(fd); +- fd = -1; +- return (-1); +- } ++ fd = open("/dev/crypto", O_RDWR, 0); ++ if ( fd < 0) ++ return -1; ++ ++ /* close on exec */ ++ if (fcntl(fd, F_SETFD, 1) == -1) { ++ close(fd); ++ return -1; + } +- return (fd); ++ ++ return fd; + } + +-static int +-get_dev_crypto(void) ++static int get_dev_crypto(void) + { +- int fd, retfd; ++ static int fd = -1; ++ int retfd; + +- if ((fd = open_dev_crypto()) == -1) +- return (-1); +-#ifndef CRIOGET_NOT_NEEDED ++ if (fd == -1) ++ fd = open_dev_crypto(); ++#ifdef CRIOGET_NOT_NEEDED ++ return fd; ++#else ++ if (fd == -1) ++ return -1; + if (ioctl(fd, CRIOGET, &retfd) == -1) + return (-1); +- + /* close on exec */ + if (fcntl(retfd, F_SETFD, 1) == -1) { + close(retfd); + return (-1); + } +-#else +- retfd = fd; ++ return retfd; + #endif +- return (retfd); + } + + static void put_dev_crypto(int fd) +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch b/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch new file mode 100644 index 00000000..a48dc6a6 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch @@ -0,0 +1,35 @@ +From 84a8007b6e92fe4c2696cc9e330207ee03303a20 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Thu, 19 Feb 2015 13:09:32 +0200 +Subject: [PATCH 25/26] cryptodev: put_dev_crypto should be an int + +Change-Id: Ie0a83bc07a37132286c098b17ef35d98de74b043 +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/34220 +--- + crypto/engine/eng_cryptodev.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index b74fc7c..c9db27d 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -347,10 +347,12 @@ static int get_dev_crypto(void) + #endif + } + +-static void put_dev_crypto(int fd) ++static int put_dev_crypto(int fd) + { +-#ifndef CRIOGET_NOT_NEEDED +- close(fd); ++#ifdef CRIOGET_NOT_NEEDED ++ return 0; ++#else ++ return close(fd); + #endif + } + +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch b/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch new file mode 100644 index 00000000..6527ac8f --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch @@ -0,0 +1,250 @@ +From 787539e7720c99785f6c664a7484842bba08f6ed Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Thu, 19 Feb 2015 13:39:52 +0200 +Subject: [PATCH 26/26] cryptodev: simplify cryptodev pkc support code + +- Engine init returns directly a file descriptor instead of a pointer to one +- Similarly, the Engine close will now just close the file + +Change-Id: Ief736d0776c7009dee002204fb1d4ce9d31c8787 +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/34221 +--- + crypto/crypto.h | 2 +- + crypto/engine/eng_cryptodev.c | 35 +++----------------------- + crypto/engine/eng_int.h | 14 +++-------- + crypto/engine/eng_lib.c | 57 +++++++++++++++++++++---------------------- + crypto/engine/engine.h | 13 +++++----- + 5 files changed, 42 insertions(+), 79 deletions(-) + +diff --git a/crypto/crypto.h b/crypto/crypto.h +index ce12731..292427e 100644 +--- a/crypto/crypto.h ++++ b/crypto/crypto.h +@@ -618,7 +618,7 @@ struct pkc_cookie_s { + * -EINVAL: Parameters Invalid + */ + void (*pkc_callback)(struct pkc_cookie_s *cookie, int status); +- void *eng_handle; ++ int eng_handle; + }; + + #ifdef __cplusplus +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index c9db27d..f173bde 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1742,7 +1742,7 @@ cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, + struct pkc_cookie_s *cookie = kop->cookie; + struct cryptodev_cookie_s *eng_cookie; + +- fd = *(int *)cookie->eng_handle; ++ fd = cookie->eng_handle; + + eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); + if (!eng_cookie) +@@ -1802,38 +1802,11 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) + return (ret); + } + +-/* Close an opened instance of cryptodev engine */ +-void cryptodev_close_instance(void *handle) +-{ +- int fd; +- +- if (handle) { +- fd = *(int *)handle; +- close(fd); +- free(handle); +- } +-} +- +-/* Create an instance of cryptodev for asynchronous interface */ +-void *cryptodev_init_instance(void) +-{ +- int *fd = malloc(sizeof(int)); +- +- if (fd) { +- if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) { +- free(fd); +- return NULL; +- } +- } +- return fd; +-} +- + #include + + /* Return 0 on success and 1 on failure */ +-int cryptodev_check_availability(void *eng_handle) ++int cryptodev_check_availability(int fd) + { +- int fd = *(int *)eng_handle; + struct pkc_cookie_list_s cookie_list; + struct pkc_cookie_s *cookie; + int i; +@@ -4540,8 +4513,8 @@ ENGINE_load_cryptodev(void) + } + + ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability); +- ENGINE_set_close_instance(engine, cryptodev_close_instance); +- ENGINE_set_init_instance(engine, cryptodev_init_instance); ++ ENGINE_set_close_instance(engine, put_dev_crypto); ++ ENGINE_set_open_instance(engine, open_dev_crypto); + ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC); + + ENGINE_add(engine); +diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h +index 8fc3077..8fb79c0 100644 +--- a/crypto/engine/eng_int.h ++++ b/crypto/engine/eng_int.h +@@ -181,23 +181,15 @@ struct engine_st + ENGINE_LOAD_KEY_PTR load_pubkey; + + ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; +- /* +- * Instantiate Engine handle to be passed in check_pkc_availability +- * Ensure that Engine is instantiated before any pkc asynchronous call. +- */ +- void *(*engine_init_instance)(void); +- /* +- * Instantiated Engine handle will be closed with this call. +- * Ensure that no pkc asynchronous call is made after this call +- */ +- void (*engine_close_instance)(void *handle); ++ int (*engine_open_instance)(void); ++ int (*engine_close_instance)(int fd); + /* + * Check availability will extract the data from kernel. + * eng_handle: This is the Engine handle corresponds to which + * the cookies needs to be polled. + * return 0 if cookie available else 1 + */ +- int (*check_pkc_availability)(void *eng_handle); ++ int (*check_pkc_availability)(int fd); + /* + * The following map is used to check if the engine supports asynchronous implementation + * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous +diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c +index 6fa621c..6c9471b 100644 +--- a/crypto/engine/eng_lib.c ++++ b/crypto/engine/eng_lib.c +@@ -99,7 +99,7 @@ void engine_set_all_null(ENGINE *e) + e->load_privkey = NULL; + e->load_pubkey = NULL; + e->check_pkc_availability = NULL; +- e->engine_init_instance = NULL; ++ e->engine_open_instance = NULL; + e->engine_close_instance = NULL; + e->cmd_defns = NULL; + e->async_map = 0; +@@ -237,47 +237,46 @@ int ENGINE_set_id(ENGINE *e, const char *id) + return 1; + } + +-void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)) +- { +- e->engine_init_instance = engine_init_instance; +- } ++void ENGINE_set_open_instance(ENGINE *e, int (*engine_open_instance)(void)) ++{ ++ e->engine_open_instance = engine_open_instance; ++} + +-void ENGINE_set_close_instance(ENGINE *e, +- void (*engine_close_instance)(void *)) +- { +- e->engine_close_instance = engine_close_instance; +- } ++void ENGINE_set_close_instance(ENGINE *e, int (*engine_close_instance)(int)) ++{ ++ e->engine_close_instance = engine_close_instance; ++} + + void ENGINE_set_async_map(ENGINE *e, int async_map) + { + e->async_map = async_map; + } + +-void *ENGINE_init_instance(ENGINE *e) +- { +- return e->engine_init_instance(); +- } +- +-void ENGINE_close_instance(ENGINE *e, void *eng_handle) +- { +- e->engine_close_instance(eng_handle); +- } +- + int ENGINE_get_async_map(ENGINE *e) + { + return e->async_map; + } + +-void ENGINE_set_check_pkc_availability(ENGINE *e, +- int (*check_pkc_availability)(void *eng_handle)) +- { +- e->check_pkc_availability = check_pkc_availability; +- } ++int ENGINE_open_instance(ENGINE *e) ++{ ++ return e->engine_open_instance(); ++} + +-int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle) +- { +- return e->check_pkc_availability(eng_handle); +- } ++int ENGINE_close_instance(ENGINE *e, int fd) ++{ ++ return e->engine_close_instance(fd); ++} ++ ++void ENGINE_set_check_pkc_availability(ENGINE *e, ++ int (*check_pkc_availability)(int fd)) ++{ ++ e->check_pkc_availability = check_pkc_availability; ++} ++ ++int ENGINE_check_pkc_availability(ENGINE *e, int fd) ++{ ++ return e->check_pkc_availability(fd); ++} + + int ENGINE_set_name(ENGINE *e, const char *name) + { +diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h +index ccff86a..3ba3e97 100644 +--- a/crypto/engine/engine.h ++++ b/crypto/engine/engine.h +@@ -473,9 +473,6 @@ ENGINE *ENGINE_new(void); + int ENGINE_free(ENGINE *e); + int ENGINE_up_ref(ENGINE *e); + int ENGINE_set_id(ENGINE *e, const char *id); +-void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)); +-void ENGINE_set_close_instance(ENGINE *e, +- void (*engine_free_instance)(void *)); + /* + * Following FLAGS are bitmap store in async_map to set asynchronous interface capability + *of the engine +@@ -492,11 +489,13 @@ void ENGINE_set_async_map(ENGINE *e, int async_map); + * to confirm asynchronous methods supported + */ + int ENGINE_get_async_map(ENGINE *e); +-void *ENGINE_init_instance(ENGINE *e); +-void ENGINE_close_instance(ENGINE *e, void *eng_handle); ++int ENGINE_open_instance(ENGINE *e); ++int ENGINE_close_instance(ENGINE *e, int fd); ++void ENGINE_set_init_instance(ENGINE *e, int(*engine_init_instance)(void)); ++void ENGINE_set_close_instance(ENGINE *e, int(*engine_close_instance)(int)); + void ENGINE_set_check_pkc_availability(ENGINE *e, +- int (*check_pkc_availability)(void *eng_handle)); +-int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle); ++ int (*check_pkc_availability)(int fd)); ++int ENGINE_check_pkc_availability(ENGINE *e, int fd); + int ENGINE_set_name(ENGINE *e, const char *name); + int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); + int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl.inc b/recipes-connectivity/openssl/openssl.inc new file mode 100644 index 00000000..ee02fb79 --- /dev/null +++ b/recipes-connectivity/openssl/openssl.inc @@ -0,0 +1,173 @@ +SUMMARY = "Secure Socket Layer" +DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." +HOMEPAGE = "http://www.openssl.org/" +BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" +SECTION = "libs/network" + +# "openssl | SSLeay" dual license +LICENSE = "openssl" +LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" + +DEPENDS = "perl-native-runtime" + +SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ + " +S = "${WORKDIR}/openssl-${PV}" + +PACKAGECONFIG[perl] = ",,," + +AR_append = " r" +# Avoid binaries being marked as requiring an executable stack since it +# doesn't(which causes and this causes issues with SELinux +CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ + -DTERMIO ${CFLAGS} -Wall -Wa,--noexecstack" + +# -02 does not work on mipsel: ssh hangs when it tries to read /dev/urandom +CFLAG_mtx-1 := "${@'${CFLAG}'.replace('-O2', '')}" +CFLAG_mtx-2 := "${@'${CFLAG}'.replace('-O2', '')}" + +export DIRS = "crypto ssl apps" +export EX_LIBS = "-lgcc -ldl" +export AS = "${CC} -c" + +inherit pkgconfig siteinfo multilib_header + +PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf" +FILES_libcrypto = "${base_libdir}/libcrypto${SOLIBS}" +FILES_libssl = "${libdir}/libssl.so.*" +FILES_${PN} =+ " ${libdir}/ssl/*" +FILES_${PN}-misc = "${libdir}/ssl/misc ${bindir}/c_rehash" +RDEPENDS_${PN}-misc = "${@base_contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" +FILES_${PN}-dev += "${base_libdir}/libcrypto${SOLIBSDEV}" + +# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto +# package RRECOMMENDS on this package. This will enable the configuration +# file to be installed for both the base openssl package and the libcrypto +# package since the base openssl package depends on the libcrypto package. +FILES_openssl-conf = "${libdir}/ssl/openssl.cnf" +CONFFILES_openssl-conf = "${libdir}/ssl/openssl.cnf" +RRECOMMENDS_libcrypto += "openssl-conf" + +do_configure_prepend_darwin () { + sed -i -e '/version-script=openssl\.ld/d' Configure +} + +do_configure () { + cd util + perl perlpath.pl ${STAGING_BINDIR_NATIVE} + cd .. + ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ + + os=${HOST_OS} + if [ "x$os" = "xlinux-uclibc" ]; then + os=linux + elif [ "x$os" = "xlinux-uclibceabi" ]; then + os=linux + elif [ "x$os" = "xlinux-uclibcspe" ]; then + os=linux + elif [ "x$os" = "xlinux-gnuspe" ]; then + os=linux + elif [ "x$os" = "xlinux-gnueabi" ]; then + os=linux + fi + target="$os-${HOST_ARCH}" + case $target in + linux-arm) + target=linux-armv4 + ;; + linux-armeb) + target=linux-elf-armeb + ;; + linux-aarch64*) + target=linux-generic64 + ;; + linux-sh3) + target=debian-sh3 + ;; + linux-sh4) + target=debian-sh4 + ;; + linux-i486) + target=debian-i386-i486 + ;; + linux-i586 | linux-viac3) + target=debian-i386-i586 + ;; + linux-i686) + target=debian-i386-i686/cmov + ;; + linux-gnux32-x86_64) + target=linux-x32 + ;; + linux-gnu64-x86_64) + target=linux-x86_64 + ;; + linux-mips) + target=debian-mips + ;; + linux-mipsel) + target=debian-mipsel + ;; + linux-*-mips64) + target=linux-mips + ;; + linux-powerpc) + target=linux-ppc + ;; + linux-powerpc64) + target=linux-ppc64 + ;; + linux-supersparc) + target=linux-sparcv8 + ;; + linux-sparc) + target=linux-sparcv8 + ;; + darwin-i386) + target=darwin-i386-cc + ;; + esac + # inject machine-specific flags + sed -i -e "s|^\(\"$target\",\s*\"[^:]\+\):\([^:]\+\)|\1:${CFLAG}|g" Configure + useprefix=${prefix} + if [ "x$useprefix" = "x" ]; then + useprefix=/ + fi + perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target +} + +do_compile () { + oe_runmake +} + +do_install () { + oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install + + oe_libinstall -so libcrypto ${D}${libdir} + oe_libinstall -so libssl ${D}${libdir} + + # Moving libcrypto to /lib + if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then + mkdir -p ${D}/${base_libdir}/ + mv ${D}${libdir}/libcrypto* ${D}${base_libdir}/ + sed -i s#libdir=\$\{exec_prefix\}\/lib#libdir=${base_libdir}# ${D}/${libdir}/pkgconfig/libcrypto.pc + fi + + install -d ${D}${includedir} + cp --dereference -R include/openssl ${D}${includedir} + + oe_multilib_header openssl/opensslconf.h + if [ "${@base_contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then + install -m 0755 ${S}/tools/c_rehash ${D}${bindir} + sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${bindir}/c_rehash + sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl + sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget + # The c_rehash utility isn't installed by the normal installation process. + else + rm -f ${D}${bindir}/c_rehash + rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget + fi +} + +BBCLASSEXTEND = "native nativesdk" + diff --git a/recipes-connectivity/openssl/openssl/configure-targets.patch b/recipes-connectivity/openssl/openssl/configure-targets.patch new file mode 100644 index 00000000..c1f3d087 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/configure-targets.patch @@ -0,0 +1,34 @@ +Upstream-Status: Inappropriate [embedded specific] + +The number of colons are important :) + + +--- + Configure | 16 ++++++++++++++++ + 1 file changed, 16 insertions(+) + +--- a/Configure ++++ b/Configure +@@ -403,6 +403,22 @@ my %table=( + "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", + "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", + ++ # Linux on ARM ++"linux-elf-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-elf-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-gnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-uclibceabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-uclibceabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++ ++"linux-avr32","$ENV{'CC'}:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).", ++ ++#### Linux on MIPS/MIPS64 ++"linux-mips","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-mips64","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-mips64el","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-mipsel","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++ + # Android: linux-* but without -DTERMIO and pointers to headers and libs. + "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch b/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch new file mode 100644 index 00000000..ac1b19b9 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch @@ -0,0 +1,45 @@ +Upstream-Status: Backport [debian] + +From 83f318d68bbdab1ca898c94576a838cc97df4700 Mon Sep 17 00:00:00 2001 +From: Ludwig Nussel +Date: Wed, 21 Apr 2010 15:52:10 +0200 +Subject: [PATCH] also create old hash for compatibility + +--- + tools/c_rehash.in | 8 +++++++- + 1 files changed, 7 insertions(+), 1 deletions(-) + +Index: openssl-1.0.0d/tools/c_rehash.in +=================================================================== +--- openssl-1.0.0d.orig/tools/c_rehash.in 2011-04-13 20:41:28.000000000 +0000 ++++ openssl-1.0.0d/tools/c_rehash.in 2011-04-13 20:41:28.000000000 +0000 +@@ -86,6 +86,7 @@ + } + } + link_hash_cert($fname) if($cert); ++ link_hash_cert_old($fname) if($cert); + link_hash_crl($fname) if($crl); + } + } +@@ -119,8 +120,9 @@ + + sub link_hash_cert { + my $fname = $_[0]; ++ my $hashopt = $_[1] || '-subject_hash'; + $fname =~ s/'/'\\''/g; +- my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in "$fname"`; ++ my ($hash, $fprint) = `"$openssl" x509 $hashopt -fingerprint -noout -in "$fname"`; + chomp $hash; + chomp $fprint; + $fprint =~ s/^.*=//; +@@ -150,6 +152,10 @@ + $hashlist{$hash} = $fprint; + } + ++sub link_hash_cert_old { ++ link_hash_cert($_[0], '-subject_hash_old'); ++} ++ + # Same as above except for a CRL. CRL links are of the form .r + + sub link_hash_crl { diff --git a/recipes-connectivity/openssl/openssl/debian/ca.patch b/recipes-connectivity/openssl/openssl/debian/ca.patch new file mode 100644 index 00000000..aba4d429 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/ca.patch @@ -0,0 +1,22 @@ +Upstream-Status: Backport [debian] + +Index: openssl-0.9.8m/apps/CA.pl.in +=================================================================== +--- openssl-0.9.8m.orig/apps/CA.pl.in 2006-04-28 00:28:51.000000000 +0000 ++++ openssl-0.9.8m/apps/CA.pl.in 2010-02-27 00:36:51.000000000 +0000 +@@ -65,6 +65,7 @@ + foreach (@ARGV) { + if ( /^(-\?|-h|-help)$/ ) { + print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; ++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; + exit 0; + } elsif (/^-newcert$/) { + # create a certificate +@@ -165,6 +166,7 @@ + } else { + print STDERR "Unknown arg $_\n"; + print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; ++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; + exit 1; + } + } diff --git a/recipes-connectivity/openssl/openssl/debian/debian-targets.patch b/recipes-connectivity/openssl/openssl/debian/debian-targets.patch new file mode 100644 index 00000000..8101edf0 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/debian-targets.patch @@ -0,0 +1,66 @@ +Upstream-Status: Backport [debian] + +Index: openssl-1.0.1/Configure +=================================================================== +--- openssl-1.0.1.orig/Configure 2012-03-17 15:37:54.000000000 +0000 ++++ openssl-1.0.1/Configure 2012-03-17 16:13:49.000000000 +0000 +@@ -105,6 +105,10 @@ + + my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED"; + ++# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS ++my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall"; ++$debian_cflags =~ s/\n/ /g; ++ + my $strict_warnings = 0; + + my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; +@@ -338,6 +342,48 @@ + "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so", + "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so", + ++# Debian GNU/* (various architectures) ++"debian-alpha","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-alpha-ev4","gcc:-DTERMIO ${debian_cflags} -mcpu=ev4::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-alpha-ev5","gcc:-DTERMIO ${debian_cflags} -mcpu=ev5::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-armeb","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-armel","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-armhf","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::", ++"debian-avr32", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -fomit-frame-pointer::-D_REENTRANT::-ldl:BN_LLONG_BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-hppa","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -mtune=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-ia64","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-i386","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i586::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i686::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-m68k","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-mips", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags}::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags} -mv8::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-openbsd-alpha","gcc:-DTERMIOS ${debian_cflags}::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-openbsd-mips","gcc:-DL_ENDIAN ${debian_cflags}::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-powerpcspe","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-s390","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-s390x","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-m32r","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sparc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v8 -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v9 -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sparc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags} -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++ + #### + #### Variety of LINUX:-) + #### diff --git a/recipes-connectivity/openssl/openssl/debian/make-targets.patch b/recipes-connectivity/openssl/openssl/debian/make-targets.patch new file mode 100644 index 00000000..ee0a62c3 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/make-targets.patch @@ -0,0 +1,15 @@ +Upstream-Status: Backport [debian] + +Index: openssl-1.0.1/Makefile.org +=================================================================== +--- openssl-1.0.1.orig/Makefile.org 2012-03-17 09:41:07.000000000 +0000 ++++ openssl-1.0.1/Makefile.org 2012-03-17 09:41:21.000000000 +0000 +@@ -135,7 +135,7 @@ + + BASEADDR= + +-DIRS= crypto ssl engines apps test tools ++DIRS= crypto ssl engines apps tools + ENGDIRS= ccgost + SHLIBDIRS= crypto ssl + diff --git a/recipes-connectivity/openssl/openssl/debian/man-dir.patch b/recipes-connectivity/openssl/openssl/debian/man-dir.patch new file mode 100644 index 00000000..4085e3b1 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/man-dir.patch @@ -0,0 +1,15 @@ +Upstream-Status: Backport [debian] + +Index: openssl-1.0.0c/Makefile.org +=================================================================== +--- openssl-1.0.0c.orig/Makefile.org 2010-12-12 16:11:27.000000000 +0100 ++++ openssl-1.0.0c/Makefile.org 2010-12-12 16:11:37.000000000 +0100 +@@ -131,7 +131,7 @@ + + MAKEFILE= Makefile + +-MANDIR=$(OPENSSLDIR)/man ++MANDIR=/usr/share/man + MAN1=1 + MAN3=3 + MANSUFFIX= diff --git a/recipes-connectivity/openssl/openssl/debian/man-section.patch b/recipes-connectivity/openssl/openssl/debian/man-section.patch new file mode 100644 index 00000000..21c1d1a4 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/man-section.patch @@ -0,0 +1,34 @@ +Upstream-Status: Backport [debian] + +Index: openssl-1.0.0c/Makefile.org +=================================================================== +--- openssl-1.0.0c.orig/Makefile.org 2010-12-12 16:11:37.000000000 +0100 ++++ openssl-1.0.0c/Makefile.org 2010-12-12 16:13:28.000000000 +0100 +@@ -160,7 +160,8 @@ + MANDIR=/usr/share/man + MAN1=1 + MAN3=3 +-MANSUFFIX= ++MANSUFFIX=ssl ++MANSECTION=SSL + HTMLSUFFIX=html + HTMLDIR=$(OPENSSLDIR)/html + SHELL=/bin/sh +@@ -651,7 +652,7 @@ + echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ + (cd `$(PERL) util/dirname.pl $$i`; \ + sh -c "$$pod2man \ +- --section=$$sec --center=OpenSSL \ ++ --section=$${sec}$(MANSECTION) --center=OpenSSL \ + --release=$(VERSION) `basename $$i`") \ + > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ + $(PERL) util/extract-names.pl < $$i | \ +@@ -668,7 +669,7 @@ + echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ + (cd `$(PERL) util/dirname.pl $$i`; \ + sh -c "$$pod2man \ +- --section=$$sec --center=OpenSSL \ ++ --section=$${sec}$(MANSECTION) --center=OpenSSL \ + --release=$(VERSION) `basename $$i`") \ + > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ + $(PERL) util/extract-names.pl < $$i | \ diff --git a/recipes-connectivity/openssl/openssl/debian/no-rpath.patch b/recipes-connectivity/openssl/openssl/debian/no-rpath.patch new file mode 100644 index 00000000..1ccb3b86 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/no-rpath.patch @@ -0,0 +1,15 @@ +Upstream-Status: Backport [debian] + +Index: openssl-1.0.0c/Makefile.shared +=================================================================== +--- openssl-1.0.0c.orig/Makefile.shared 2010-08-21 13:36:49.000000000 +0200 ++++ openssl-1.0.0c/Makefile.shared 2010-12-12 16:13:36.000000000 +0100 +@@ -153,7 +153,7 @@ + NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ + SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" + +-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" ++DO_GNU_APP=LDFLAGS="$(CFLAGS)" + + #This is rather special. It's a special target with which one can link + #applications without bothering with any features that have anything to diff --git a/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch b/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch new file mode 100644 index 00000000..cc4408ab --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch @@ -0,0 +1,15 @@ +Upstream-Status: Backport [debian] + +Index: openssl-1.0.0c/Makefile.shared +=================================================================== +--- openssl-1.0.0c.orig/Makefile.shared 2010-12-12 16:13:36.000000000 +0100 ++++ openssl-1.0.0c/Makefile.shared 2010-12-12 16:13:44.000000000 +0100 +@@ -151,7 +151,7 @@ + SHLIB_SUFFIX=; \ + ALLSYMSFLAGS='-Wl,--whole-archive'; \ + NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ +- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" ++ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" + + DO_GNU_APP=LDFLAGS="$(CFLAGS)" + diff --git a/recipes-connectivity/openssl/openssl/debian/pic.patch b/recipes-connectivity/openssl/openssl/debian/pic.patch new file mode 100644 index 00000000..bfda3888 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/pic.patch @@ -0,0 +1,177 @@ +Upstream-Status: Backport [debian] + +Index: openssl-1.0.1c/crypto/des/asm/desboth.pl +=================================================================== +--- openssl-1.0.1c.orig/crypto/des/asm/desboth.pl 2001-10-24 23:20:56.000000000 +0200 ++++ openssl-1.0.1c/crypto/des/asm/desboth.pl 2012-07-29 14:15:26.000000000 +0200 +@@ -16,6 +16,11 @@ + + &push("edi"); + ++ &call (&label("pic_point0")); ++ &set_label("pic_point0"); ++ &blindpop("ebp"); ++ &add ("ebp", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]"); ++ + &comment(""); + &comment("Load the data words"); + &mov($L,&DWP(0,"ebx","",0)); +@@ -47,15 +52,21 @@ + &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); + &mov(&swtmp(1), "eax"); + &mov(&swtmp(0), "ebx"); +- &call("DES_encrypt2"); ++ &exch("ebx", "ebp"); ++ &call("DES_encrypt2\@PLT"); ++ &exch("ebx", "ebp"); + &mov(&swtmp(2), (DWC(($enc)?"0":"1"))); + &mov(&swtmp(1), "edi"); + &mov(&swtmp(0), "ebx"); +- &call("DES_encrypt2"); ++ &exch("ebx", "ebp"); ++ &call("DES_encrypt2\@PLT"); ++ &exch("ebx", "ebp"); + &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); + &mov(&swtmp(1), "esi"); + &mov(&swtmp(0), "ebx"); +- &call("DES_encrypt2"); ++ &exch("ebx", "ebp"); ++ &call("DES_encrypt2\@PLT"); ++ &exch("ebx", "ebp"); + + &stack_pop(3); + &mov($L,&DWP(0,"ebx","",0)); +Index: openssl-1.0.1c/crypto/perlasm/cbc.pl +=================================================================== +--- openssl-1.0.1c.orig/crypto/perlasm/cbc.pl 2011-07-13 08:22:46.000000000 +0200 ++++ openssl-1.0.1c/crypto/perlasm/cbc.pl 2012-07-29 14:15:26.000000000 +0200 +@@ -122,7 +122,11 @@ + &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call + &mov(&DWP($data_off+4,"esp","",0), "ebx"); # + +- &call($enc_func); ++ &call (&label("pic_point0")); ++ &set_label("pic_point0"); ++ &blindpop("ebx"); ++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]"); ++ &call("$enc_func\@PLT"); + + &mov("eax", &DWP($data_off,"esp","",0)); + &mov("ebx", &DWP($data_off+4,"esp","",0)); +@@ -185,7 +189,11 @@ + &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call + &mov(&DWP($data_off+4,"esp","",0), "ebx"); # + +- &call($enc_func); ++ &call (&label("pic_point1")); ++ &set_label("pic_point1"); ++ &blindpop("ebx"); ++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point1") . "]"); ++ &call("$enc_func\@PLT"); + + &mov("eax", &DWP($data_off,"esp","",0)); + &mov("ebx", &DWP($data_off+4,"esp","",0)); +@@ -218,7 +226,11 @@ + &mov(&DWP($data_off,"esp","",0), "eax"); # put back + &mov(&DWP($data_off+4,"esp","",0), "ebx"); # + +- &call($dec_func); ++ &call (&label("pic_point2")); ++ &set_label("pic_point2"); ++ &blindpop("ebx"); ++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point2") . "]"); ++ &call("$dec_func\@PLT"); + + &mov("eax", &DWP($data_off,"esp","",0)); # get return + &mov("ebx", &DWP($data_off+4,"esp","",0)); # +@@ -261,7 +273,11 @@ + &mov(&DWP($data_off,"esp","",0), "eax"); # put back + &mov(&DWP($data_off+4,"esp","",0), "ebx"); # + +- &call($dec_func); ++ &call (&label("pic_point3")); ++ &set_label("pic_point3"); ++ &blindpop("ebx"); ++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point3") . "]"); ++ &call("$dec_func\@PLT"); + + &mov("eax", &DWP($data_off,"esp","",0)); # get return + &mov("ebx", &DWP($data_off+4,"esp","",0)); # +Index: openssl-1.0.1c/crypto/perlasm/x86gas.pl +=================================================================== +--- openssl-1.0.1c.orig/crypto/perlasm/x86gas.pl 2011-12-09 20:16:35.000000000 +0100 ++++ openssl-1.0.1c/crypto/perlasm/x86gas.pl 2012-07-29 14:15:26.000000000 +0200 +@@ -161,6 +161,7 @@ + if ($::macosx) { push (@out,"$tmp,2\n"); } + elsif ($::elf) { push (@out,"$tmp,4\n"); } + else { push (@out,"$tmp\n"); } ++ if ($::elf) { push (@out,".hidden\tOPENSSL_ia32cap_P\n"); } + } + push(@out,$initseg) if ($initseg); + } +@@ -218,8 +219,23 @@ + elsif ($::elf) + { $initseg.=<<___; + .section .init ++___ ++ if ($::pic) ++ { $initseg.=<<___; ++ pushl %ebx ++ call .pic_point0 ++.pic_point0: ++ popl %ebx ++ addl \$_GLOBAL_OFFSET_TABLE_+[.-.pic_point0],%ebx ++ call $f\@PLT ++ popl %ebx ++___ ++ } ++ else ++ { $initseg.=<<___; + call $f + ___ ++ } + } + elsif ($::coff) + { $initseg.=<<___; # applies to both Cygwin and Mingw +Index: openssl-1.0.1c/crypto/x86cpuid.pl +=================================================================== +--- openssl-1.0.1c.orig/crypto/x86cpuid.pl 2012-02-28 15:20:34.000000000 +0100 ++++ openssl-1.0.1c/crypto/x86cpuid.pl 2012-07-29 14:15:26.000000000 +0200 +@@ -8,6 +8,8 @@ + + for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } + ++push(@out, ".hidden OPENSSL_ia32cap_P\n"); ++ + &function_begin("OPENSSL_ia32_cpuid"); + &xor ("edx","edx"); + &pushf (); +@@ -139,9 +141,7 @@ + &set_label("nocpuid"); + &function_end("OPENSSL_ia32_cpuid"); + +-&external_label("OPENSSL_ia32cap_P"); +- +-&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); ++&function_begin_B("OPENSSL_rdtsc"); + &xor ("eax","eax"); + &xor ("edx","edx"); + &picmeup("ecx","OPENSSL_ia32cap_P"); +@@ -155,7 +155,7 @@ + # This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host], + # but it's safe to call it on any [supported] 32-bit platform... + # Just check for [non-]zero return value... +-&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); ++&function_begin_B("OPENSSL_instrument_halt"); + &picmeup("ecx","OPENSSL_ia32cap_P"); + &bt (&DWP(0,"ecx"),4); + &jnc (&label("nohalt")); # no TSC +@@ -222,7 +222,7 @@ + &ret (); + &function_end_B("OPENSSL_far_spin"); + +-&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); ++&function_begin_B("OPENSSL_wipe_cpu"); + &xor ("eax","eax"); + &xor ("edx","edx"); + &picmeup("ecx","OPENSSL_ia32cap_P"); diff --git a/recipes-connectivity/openssl/openssl/debian/version-script.patch b/recipes-connectivity/openssl/openssl/debian/version-script.patch new file mode 100644 index 00000000..ece8b9b4 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/debian/version-script.patch @@ -0,0 +1,4670 @@ +Upstream-Status: Backport [debian] + +Index: openssl-1.0.1d/Configure +=================================================================== +--- openssl-1.0.1d.orig/Configure 2013-02-06 19:41:43.000000000 +0100 ++++ openssl-1.0.1d/Configure 2013-02-06 19:41:43.000000000 +0100 +@@ -1621,6 +1621,8 @@ + } + } + ++$shared_ldflag .= " -Wl,--version-script=openssl.ld"; ++ + open(IN,'$Makefile.new") || die "unable to create $Makefile.new:$!\n"; +Index: openssl-1.0.1d/openssl.ld +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-1.0.1d/openssl.ld 2013-02-06 19:44:25.000000000 +0100 +@@ -0,0 +1,4620 @@ ++OPENSSL_1.0.0 { ++ global: ++ BIO_f_ssl; ++ BIO_new_buffer_ssl_connect; ++ BIO_new_ssl; ++ BIO_new_ssl_connect; ++ BIO_proxy_ssl_copy_session_id; ++ BIO_ssl_copy_session_id; ++ BIO_ssl_shutdown; ++ d2i_SSL_SESSION; ++ DTLSv1_client_method; ++ DTLSv1_method; ++ DTLSv1_server_method; ++ ERR_load_SSL_strings; ++ i2d_SSL_SESSION; ++ kssl_build_principal_2; ++ kssl_cget_tkt; ++ kssl_check_authent; ++ kssl_ctx_free; ++ kssl_ctx_new; ++ kssl_ctx_setkey; ++ kssl_ctx_setprinc; ++ kssl_ctx_setstring; ++ kssl_ctx_show; ++ kssl_err_set; ++ kssl_krb5_free_data_contents; ++ kssl_sget_tkt; ++ kssl_skip_confound; ++ kssl_validate_times; ++ PEM_read_bio_SSL_SESSION; ++ PEM_read_SSL_SESSION; ++ PEM_write_bio_SSL_SESSION; ++ PEM_write_SSL_SESSION; ++ SSL_accept; ++ SSL_add_client_CA; ++ SSL_add_dir_cert_subjects_to_stack; ++ SSL_add_dir_cert_subjs_to_stk; ++ SSL_add_file_cert_subjects_to_stack; ++ SSL_add_file_cert_subjs_to_stk; ++ SSL_alert_desc_string; ++ SSL_alert_desc_string_long; ++ SSL_alert_type_string; ++ SSL_alert_type_string_long; ++ SSL_callback_ctrl; ++ SSL_check_private_key; ++ SSL_CIPHER_description; ++ SSL_CIPHER_get_bits; ++ SSL_CIPHER_get_name; ++ SSL_CIPHER_get_version; ++ SSL_clear; ++ SSL_COMP_add_compression_method; ++ SSL_COMP_get_compression_methods; ++ SSL_COMP_get_compress_methods; ++ SSL_COMP_get_name; ++ SSL_connect; ++ SSL_copy_session_id; ++ SSL_ctrl; ++ SSL_CTX_add_client_CA; ++ SSL_CTX_add_session; ++ SSL_CTX_callback_ctrl; ++ SSL_CTX_check_private_key; ++ SSL_CTX_ctrl; ++ SSL_CTX_flush_sessions; ++ SSL_CTX_free; ++ SSL_CTX_get_cert_store; ++ SSL_CTX_get_client_CA_list; ++ SSL_CTX_get_client_cert_cb; ++ SSL_CTX_get_ex_data; ++ SSL_CTX_get_ex_new_index; ++ SSL_CTX_get_info_callback; ++ SSL_CTX_get_quiet_shutdown; ++ SSL_CTX_get_timeout; ++ SSL_CTX_get_verify_callback; ++ SSL_CTX_get_verify_depth; ++ SSL_CTX_get_verify_mode; ++ SSL_CTX_load_verify_locations; ++ SSL_CTX_new; ++ SSL_CTX_remove_session; ++ SSL_CTX_sess_get_get_cb; ++ SSL_CTX_sess_get_new_cb; ++ SSL_CTX_sess_get_remove_cb; ++ SSL_CTX_sessions; ++ SSL_CTX_sess_set_get_cb; ++ SSL_CTX_sess_set_new_cb; ++ SSL_CTX_sess_set_remove_cb; ++ SSL_CTX_set1_param; ++ SSL_CTX_set_cert_store; ++ SSL_CTX_set_cert_verify_callback; ++ SSL_CTX_set_cert_verify_cb; ++ SSL_CTX_set_cipher_list; ++ SSL_CTX_set_client_CA_list; ++ SSL_CTX_set_client_cert_cb; ++ SSL_CTX_set_client_cert_engine; ++ SSL_CTX_set_cookie_generate_cb; ++ SSL_CTX_set_cookie_verify_cb; ++ SSL_CTX_set_default_passwd_cb; ++ SSL_CTX_set_default_passwd_cb_userdata; ++ SSL_CTX_set_default_verify_paths; ++ SSL_CTX_set_def_passwd_cb_ud; ++ SSL_CTX_set_def_verify_paths; ++ SSL_CTX_set_ex_data; ++ SSL_CTX_set_generate_session_id; ++ SSL_CTX_set_info_callback; ++ SSL_CTX_set_msg_callback; ++ SSL_CTX_set_psk_client_callback; ++ SSL_CTX_set_psk_server_callback; ++ SSL_CTX_set_purpose; ++ SSL_CTX_set_quiet_shutdown; ++ SSL_CTX_set_session_id_context; ++ SSL_CTX_set_ssl_version; ++ SSL_CTX_set_timeout; ++ SSL_CTX_set_tmp_dh_callback; ++ SSL_CTX_set_tmp_ecdh_callback; ++ SSL_CTX_set_tmp_rsa_callback; ++ SSL_CTX_set_trust; ++ SSL_CTX_set_verify; ++ SSL_CTX_set_verify_depth; ++ SSL_CTX_use_cert_chain_file; ++ SSL_CTX_use_certificate; ++ SSL_CTX_use_certificate_ASN1; ++ SSL_CTX_use_certificate_chain_file; ++ SSL_CTX_use_certificate_file; ++ SSL_CTX_use_PrivateKey; ++ SSL_CTX_use_PrivateKey_ASN1; ++ SSL_CTX_use_PrivateKey_file; ++ SSL_CTX_use_psk_identity_hint; ++ SSL_CTX_use_RSAPrivateKey; ++ SSL_CTX_use_RSAPrivateKey_ASN1; ++ SSL_CTX_use_RSAPrivateKey_file; ++ SSL_do_handshake; ++ SSL_dup; ++ SSL_dup_CA_list; ++ SSLeay_add_ssl_algorithms; ++ SSL_free; ++ SSL_get1_session; ++ SSL_get_certificate; ++ SSL_get_cipher_list; ++ SSL_get_ciphers; ++ SSL_get_client_CA_list; ++ SSL_get_current_cipher; ++ SSL_get_current_compression; ++ SSL_get_current_expansion; ++ SSL_get_default_timeout; ++ SSL_get_error; ++ SSL_get_ex_data; ++ SSL_get_ex_data_X509_STORE_CTX_idx; ++ SSL_get_ex_d_X509_STORE_CTX_idx; ++ SSL_get_ex_new_index; ++ SSL_get_fd; ++ SSL_get_finished; ++ SSL_get_info_callback; ++ SSL_get_peer_cert_chain; ++ SSL_get_peer_certificate; ++ SSL_get_peer_finished; ++ SSL_get_privatekey; ++ SSL_get_psk_identity; ++ SSL_get_psk_identity_hint; ++ SSL_get_quiet_shutdown; ++ SSL_get_rbio; ++ SSL_get_read_ahead; ++ SSL_get_rfd; ++ SSL_get_servername; ++ SSL_get_servername_type; ++ SSL_get_session; ++ SSL_get_shared_ciphers; ++ SSL_get_shutdown; ++ SSL_get_SSL_CTX; ++ SSL_get_ssl_method; ++ SSL_get_verify_callback; ++ SSL_get_verify_depth; ++ SSL_get_verify_mode; ++ SSL_get_verify_result; ++ SSL_get_version; ++ SSL_get_wbio; ++ SSL_get_wfd; ++ SSL_has_matching_session_id; ++ SSL_library_init; ++ SSL_load_client_CA_file; ++ SSL_load_error_strings; ++ SSL_new; ++ SSL_peek; ++ SSL_pending; ++ SSL_read; ++ SSL_renegotiate; ++ SSL_renegotiate_pending; ++ SSL_rstate_string; ++ SSL_rstate_string_long; ++ SSL_SESSION_cmp; ++ SSL_SESSION_free; ++ SSL_SESSION_get_ex_data; ++ SSL_SESSION_get_ex_new_index; ++ SSL_SESSION_get_id; ++ SSL_SESSION_get_time; ++ SSL_SESSION_get_timeout; ++ SSL_SESSION_hash; ++ SSL_SESSION_new; ++ SSL_SESSION_print; ++ SSL_SESSION_print_fp; ++ SSL_SESSION_set_ex_data; ++ SSL_SESSION_set_time; ++ SSL_SESSION_set_timeout; ++ SSL_set1_param; ++ SSL_set_accept_state; ++ SSL_set_bio; ++ SSL_set_cipher_list; ++ SSL_set_client_CA_list; ++ SSL_set_connect_state; ++ SSL_set_ex_data; ++ SSL_set_fd; ++ SSL_set_generate_session_id; ++ SSL_set_info_callback; ++ SSL_set_msg_callback; ++ SSL_set_psk_client_callback; ++ SSL_set_psk_server_callback; ++ SSL_set_purpose; ++ SSL_set_quiet_shutdown; ++ SSL_set_read_ahead; ++ SSL_set_rfd; ++ SSL_set_session; ++ SSL_set_session_id_context; ++ SSL_set_session_secret_cb; ++ SSL_set_session_ticket_ext; ++ SSL_set_session_ticket_ext_cb; ++ SSL_set_shutdown; ++ SSL_set_SSL_CTX; ++ SSL_set_ssl_method; ++ SSL_set_tmp_dh_callback; ++ SSL_set_tmp_ecdh_callback; ++ SSL_set_tmp_rsa_callback; ++ SSL_set_trust; ++ SSL_set_verify; ++ SSL_set_verify_depth; ++ SSL_set_verify_result; ++ SSL_set_wfd; ++ SSL_shutdown; ++ SSL_state; ++ SSL_state_string; ++ SSL_state_string_long; ++ SSL_use_certificate; ++ SSL_use_certificate_ASN1; ++ SSL_use_certificate_file; ++ SSL_use_PrivateKey; ++ SSL_use_PrivateKey_ASN1; ++ SSL_use_PrivateKey_file; ++ SSL_use_psk_identity_hint; ++ SSL_use_RSAPrivateKey; ++ SSL_use_RSAPrivateKey_ASN1; ++ SSL_use_RSAPrivateKey_file; ++ SSLv23_client_method; ++ SSLv23_method; ++ SSLv23_server_method; ++ SSLv2_client_method; ++ SSLv2_method; ++ SSLv2_server_method; ++ SSLv3_client_method; ++ SSLv3_method; ++ SSLv3_server_method; ++ SSL_version; ++ SSL_want; ++ SSL_write; ++ TLSv1_client_method; ++ TLSv1_method; ++ TLSv1_server_method; ++ ++ ++ SSLeay; ++ SSLeay_version; ++ ASN1_BIT_STRING_asn1_meth; ++ ASN1_HEADER_free; ++ ASN1_HEADER_new; ++ ASN1_IA5STRING_asn1_meth; ++ ASN1_INTEGER_get; ++ ASN1_INTEGER_set; ++ ASN1_INTEGER_to_BN; ++ ASN1_OBJECT_create; ++ ASN1_OBJECT_free; ++ ASN1_OBJECT_new; ++ ASN1_PRINTABLE_type; ++ ASN1_STRING_cmp; ++ ASN1_STRING_dup; ++ ASN1_STRING_free; ++ ASN1_STRING_new; ++ ASN1_STRING_print; ++ ASN1_STRING_set; ++ ASN1_STRING_type_new; ++ ASN1_TYPE_free; ++ ASN1_TYPE_new; ++ ASN1_UNIVERSALSTRING_to_string; ++ ASN1_UTCTIME_check; ++ ASN1_UTCTIME_print; ++ ASN1_UTCTIME_set; ++ ASN1_check_infinite_end; ++ ASN1_d2i_bio; ++ ASN1_d2i_fp; ++ ASN1_digest; ++ ASN1_dup; ++ ASN1_get_object; ++ ASN1_i2d_bio; ++ ASN1_i2d_fp; ++ ASN1_object_size; ++ ASN1_parse; ++ ASN1_put_object; ++ ASN1_sign; ++ ASN1_verify; ++ BF_cbc_encrypt; ++ BF_cfb64_encrypt; ++ BF_ecb_encrypt; ++ BF_encrypt; ++ BF_ofb64_encrypt; ++ BF_options; ++ BF_set_key; ++ BIO_CONNECT_free; ++ BIO_CONNECT_new; ++ BIO_accept; ++ BIO_ctrl; ++ BIO_int_ctrl; ++ BIO_debug_callback; ++ BIO_dump; ++ BIO_dup_chain; ++ BIO_f_base64; ++ BIO_f_buffer; ++ BIO_f_cipher; ++ BIO_f_md; ++ BIO_f_null; ++ BIO_f_proxy_server; ++ BIO_fd_non_fatal_error; ++ BIO_fd_should_retry; ++ BIO_find_type; ++ BIO_free; ++ BIO_free_all; ++ BIO_get_accept_socket; ++ BIO_get_filter_bio; ++ BIO_get_host_ip; ++ BIO_get_port; ++ BIO_get_retry_BIO; ++ BIO_get_retry_reason; ++ BIO_gethostbyname; ++ BIO_gets; ++ BIO_new; ++ BIO_new_accept; ++ BIO_new_connect; ++ BIO_new_fd; ++ BIO_new_file; ++ BIO_new_fp; ++ BIO_new_socket; ++ BIO_pop; ++ BIO_printf; ++ BIO_push; ++ BIO_puts; ++ BIO_read; ++ BIO_s_accept; ++ BIO_s_connect; ++ BIO_s_fd; ++ BIO_s_file; ++ BIO_s_mem; ++ BIO_s_null; ++ BIO_s_proxy_client; ++ BIO_s_socket; ++ BIO_set; ++ BIO_set_cipher; ++ BIO_set_tcp_ndelay; ++ BIO_sock_cleanup; ++ BIO_sock_error; ++ BIO_sock_init; ++ BIO_sock_non_fatal_error; ++ BIO_sock_should_retry; ++ BIO_socket_ioctl; ++ BIO_write; ++ BN_CTX_free; ++ BN_CTX_new; ++ BN_MONT_CTX_free; ++ BN_MONT_CTX_new; ++ BN_MONT_CTX_set; ++ BN_add; ++ BN_add_word; ++ BN_hex2bn; ++ BN_bin2bn; ++ BN_bn2hex; ++ BN_bn2bin; ++ BN_clear; ++ BN_clear_bit; ++ BN_clear_free; ++ BN_cmp; ++ BN_copy; ++ BN_div; ++ BN_div_word; ++ BN_dup; ++ BN_free; ++ BN_from_montgomery; ++ BN_gcd; ++ BN_generate_prime; ++ BN_get_word; ++ BN_is_bit_set; ++ BN_is_prime; ++ BN_lshift; ++ BN_lshift1; ++ BN_mask_bits; ++ BN_mod; ++ BN_mod_exp; ++ BN_mod_exp_mont; ++ BN_mod_exp_simple; ++ BN_mod_inverse; ++ BN_mod_mul; ++ BN_mod_mul_montgomery; ++ BN_mod_word; ++ BN_mul; ++ BN_new; ++ BN_num_bits; ++ BN_num_bits_word; ++ BN_options; ++ BN_print; ++ BN_print_fp; ++ BN_rand; ++ BN_reciprocal; ++ BN_rshift; ++ BN_rshift1; ++ BN_set_bit; ++ BN_set_word; ++ BN_sqr; ++ BN_sub; ++ BN_to_ASN1_INTEGER; ++ BN_ucmp; ++ BN_value_one; ++ BUF_MEM_free; ++ BUF_MEM_grow; ++ BUF_MEM_new; ++ BUF_strdup; ++ CONF_free; ++ CONF_get_number; ++ CONF_get_section; ++ CONF_get_string; ++ CONF_load; ++ CRYPTO_add_lock; ++ CRYPTO_dbg_free; ++ CRYPTO_dbg_malloc; ++ CRYPTO_dbg_realloc; ++ CRYPTO_dbg_remalloc; ++ CRYPTO_free; ++ CRYPTO_get_add_lock_callback; ++ CRYPTO_get_id_callback; ++ CRYPTO_get_lock_name; ++ CRYPTO_get_locking_callback; ++ CRYPTO_get_mem_functions; ++ CRYPTO_lock; ++ CRYPTO_malloc; ++ CRYPTO_mem_ctrl; ++ CRYPTO_mem_leaks; ++ CRYPTO_mem_leaks_cb; ++ CRYPTO_mem_leaks_fp; ++ CRYPTO_realloc; ++ CRYPTO_remalloc; ++ CRYPTO_set_add_lock_callback; ++ CRYPTO_set_id_callback; ++ CRYPTO_set_locking_callback; ++ CRYPTO_set_mem_functions; ++ CRYPTO_thread_id; ++ DH_check; ++ DH_compute_key; ++ DH_free; ++ DH_generate_key; ++ DH_generate_parameters; ++ DH_new; ++ DH_size; ++ DHparams_print; ++ DHparams_print_fp; ++ DSA_free; ++ DSA_generate_key; ++ DSA_generate_parameters; ++ DSA_is_prime; ++ DSA_new; ++ DSA_print; ++ DSA_print_fp; ++ DSA_sign; ++ DSA_sign_setup; ++ DSA_size; ++ DSA_verify; ++ DSAparams_print; ++ DSAparams_print_fp; ++ ERR_clear_error; ++ ERR_error_string; ++ ERR_free_strings; ++ ERR_func_error_string; ++ ERR_get_err_state_table; ++ ERR_get_error; ++ ERR_get_error_line; ++ ERR_get_state; ++ ERR_get_string_table; ++ ERR_lib_error_string; ++ ERR_load_ASN1_strings; ++ ERR_load_BIO_strings; ++ ERR_load_BN_strings; ++ ERR_load_BUF_strings; ++ ERR_load_CONF_strings; ++ ERR_load_DH_strings; ++ ERR_load_DSA_strings; ++ ERR_load_ERR_strings; ++ ERR_load_EVP_strings; ++ ERR_load_OBJ_strings; ++ ERR_load_PEM_strings; ++ ERR_load_PROXY_strings; ++ ERR_load_RSA_strings; ++ ERR_load_X509_strings; ++ ERR_load_crypto_strings; ++ ERR_load_strings; ++ ERR_peek_error; ++ ERR_peek_error_line; ++ ERR_print_errors; ++ ERR_print_errors_fp; ++ ERR_put_error; ++ ERR_reason_error_string; ++ ERR_remove_state; ++ EVP_BytesToKey; ++ EVP_CIPHER_CTX_cleanup; ++ EVP_CipherFinal; ++ EVP_CipherInit; ++ EVP_CipherUpdate; ++ EVP_DecodeBlock; ++ EVP_DecodeFinal; ++ EVP_DecodeInit; ++ EVP_DecodeUpdate; ++ EVP_DecryptFinal; ++ EVP_DecryptInit; ++ EVP_DecryptUpdate; ++ EVP_DigestFinal; ++ EVP_DigestInit; ++ EVP_DigestUpdate; ++ EVP_EncodeBlock; ++ EVP_EncodeFinal; ++ EVP_EncodeInit; ++ EVP_EncodeUpdate; ++ EVP_EncryptFinal; ++ EVP_EncryptInit; ++ EVP_EncryptUpdate; ++ EVP_OpenFinal; ++ EVP_OpenInit; ++ EVP_PKEY_assign; ++ EVP_PKEY_copy_parameters; ++ EVP_PKEY_free; ++ EVP_PKEY_missing_parameters; ++ EVP_PKEY_new; ++ EVP_PKEY_save_parameters; ++ EVP_PKEY_size; ++ EVP_PKEY_type; ++ EVP_SealFinal; ++ EVP_SealInit; ++ EVP_SignFinal; ++ EVP_VerifyFinal; ++ EVP_add_alias; ++ EVP_add_cipher; ++ EVP_add_digest; ++ EVP_bf_cbc; ++ EVP_bf_cfb64; ++ EVP_bf_ecb; ++ EVP_bf_ofb; ++ EVP_cleanup; ++ EVP_des_cbc; ++ EVP_des_cfb64; ++ EVP_des_ecb; ++ EVP_des_ede; ++ EVP_des_ede3; ++ EVP_des_ede3_cbc; ++ EVP_des_ede3_cfb64; ++ EVP_des_ede3_ofb; ++ EVP_des_ede_cbc; ++ EVP_des_ede_cfb64; ++ EVP_des_ede_ofb; ++ EVP_des_ofb; ++ EVP_desx_cbc; ++ EVP_dss; ++ EVP_dss1; ++ EVP_enc_null; ++ EVP_get_cipherbyname; ++ EVP_get_digestbyname; ++ EVP_get_pw_prompt; ++ EVP_idea_cbc; ++ EVP_idea_cfb64; ++ EVP_idea_ecb; ++ EVP_idea_ofb; ++ EVP_md2; ++ EVP_md5; ++ EVP_md_null; ++ EVP_rc2_cbc; ++ EVP_rc2_cfb64; ++ EVP_rc2_ecb; ++ EVP_rc2_ofb; ++ EVP_rc4; ++ EVP_read_pw_string; ++ EVP_set_pw_prompt; ++ EVP_sha; ++ EVP_sha1; ++ MD2; ++ MD2_Final; ++ MD2_Init; ++ MD2_Update; ++ MD2_options; ++ MD5; ++ MD5_Final; ++ MD5_Init; ++ MD5_Update; ++ MDC2; ++ MDC2_Final; ++ MDC2_Init; ++ MDC2_Update; ++ NETSCAPE_SPKAC_free; ++ NETSCAPE_SPKAC_new; ++ NETSCAPE_SPKI_free; ++ NETSCAPE_SPKI_new; ++ NETSCAPE_SPKI_sign; ++ NETSCAPE_SPKI_verify; ++ OBJ_add_object; ++ OBJ_bsearch; ++ OBJ_cleanup; ++ OBJ_cmp; ++ OBJ_create; ++ OBJ_dup; ++ OBJ_ln2nid; ++ OBJ_new_nid; ++ OBJ_nid2ln; ++ OBJ_nid2obj; ++ OBJ_nid2sn; ++ OBJ_obj2nid; ++ OBJ_sn2nid; ++ OBJ_txt2nid; ++ PEM_ASN1_read; ++ PEM_ASN1_read_bio; ++ PEM_ASN1_write; ++ PEM_ASN1_write_bio; ++ PEM_SealFinal; ++ PEM_SealInit; ++ PEM_SealUpdate; ++ PEM_SignFinal; ++ PEM_SignInit; ++ PEM_SignUpdate; ++ PEM_X509_INFO_read; ++ PEM_X509_INFO_read_bio; ++ PEM_X509_INFO_write_bio; ++ PEM_dek_info; ++ PEM_do_header; ++ PEM_get_EVP_CIPHER_INFO; ++ PEM_proc_type; ++ PEM_read; ++ PEM_read_DHparams; ++ PEM_read_DSAPrivateKey; ++ PEM_read_DSAparams; ++ PEM_read_PKCS7; ++ PEM_read_PrivateKey; ++ PEM_read_RSAPrivateKey; ++ PEM_read_X509; ++ PEM_read_X509_CRL; ++ PEM_read_X509_REQ; ++ PEM_read_bio; ++ PEM_read_bio_DHparams; ++ PEM_read_bio_DSAPrivateKey; ++ PEM_read_bio_DSAparams; ++ PEM_read_bio_PKCS7; ++ PEM_read_bio_PrivateKey; ++ PEM_read_bio_RSAPrivateKey; ++ PEM_read_bio_X509; ++ PEM_read_bio_X509_CRL; ++ PEM_read_bio_X509_REQ; ++ PEM_write; ++ PEM_write_DHparams; ++ PEM_write_DSAPrivateKey; ++ PEM_write_DSAparams; ++ PEM_write_PKCS7; ++ PEM_write_PrivateKey; ++ PEM_write_RSAPrivateKey; ++ PEM_write_X509; ++ PEM_write_X509_CRL; ++ PEM_write_X509_REQ; ++ PEM_write_bio; ++ PEM_write_bio_DHparams; ++ PEM_write_bio_DSAPrivateKey; ++ PEM_write_bio_DSAparams; ++ PEM_write_bio_PKCS7; ++ PEM_write_bio_PrivateKey; ++ PEM_write_bio_RSAPrivateKey; ++ PEM_write_bio_X509; ++ PEM_write_bio_X509_CRL; ++ PEM_write_bio_X509_REQ; ++ PKCS7_DIGEST_free; ++ PKCS7_DIGEST_new; ++ PKCS7_ENCRYPT_free; ++ PKCS7_ENCRYPT_new; ++ PKCS7_ENC_CONTENT_free; ++ PKCS7_ENC_CONTENT_new; ++ PKCS7_ENVELOPE_free; ++ PKCS7_ENVELOPE_new; ++ PKCS7_ISSUER_AND_SERIAL_digest; ++ PKCS7_ISSUER_AND_SERIAL_free; ++ PKCS7_ISSUER_AND_SERIAL_new; ++ PKCS7_RECIP_INFO_free; ++ PKCS7_RECIP_INFO_new; ++ PKCS7_SIGNED_free; ++ PKCS7_SIGNED_new; ++ PKCS7_SIGNER_INFO_free; ++ PKCS7_SIGNER_INFO_new; ++ PKCS7_SIGN_ENVELOPE_free; ++ PKCS7_SIGN_ENVELOPE_new; ++ PKCS7_dup; ++ PKCS7_free; ++ PKCS7_new; ++ PROXY_ENTRY_add_noproxy; ++ PROXY_ENTRY_clear_noproxy; ++ PROXY_ENTRY_free; ++ PROXY_ENTRY_get_noproxy; ++ PROXY_ENTRY_new; ++ PROXY_ENTRY_set_server; ++ PROXY_add_noproxy; ++ PROXY_add_server; ++ PROXY_check_by_host; ++ PROXY_check_url; ++ PROXY_clear_noproxy; ++ PROXY_free; ++ PROXY_get_noproxy; ++ PROXY_get_proxies; ++ PROXY_get_proxy_entry; ++ PROXY_load_conf; ++ PROXY_new; ++ PROXY_print; ++ RAND_bytes; ++ RAND_cleanup; ++ RAND_file_name; ++ RAND_load_file; ++ RAND_screen; ++ RAND_seed; ++ RAND_write_file; ++ RC2_cbc_encrypt; ++ RC2_cfb64_encrypt; ++ RC2_ecb_encrypt; ++ RC2_encrypt; ++ RC2_ofb64_encrypt; ++ RC2_set_key; ++ RC4; ++ RC4_options; ++ RC4_set_key; ++ RSAPrivateKey_asn1_meth; ++ RSAPrivateKey_dup; ++ RSAPublicKey_dup; ++ RSA_PKCS1_SSLeay; ++ RSA_free; ++ RSA_generate_key; ++ RSA_new; ++ RSA_new_method; ++ RSA_print; ++ RSA_print_fp; ++ RSA_private_decrypt; ++ RSA_private_encrypt; ++ RSA_public_decrypt; ++ RSA_public_encrypt; ++ RSA_set_default_method; ++ RSA_sign; ++ RSA_sign_ASN1_OCTET_STRING; ++ RSA_size; ++ RSA_verify; ++ RSA_verify_ASN1_OCTET_STRING; ++ SHA; ++ SHA1; ++ SHA1_Final; ++ SHA1_Init; ++ SHA1_Update; ++ SHA_Final; ++ SHA_Init; ++ SHA_Update; ++ OpenSSL_add_all_algorithms; ++ OpenSSL_add_all_ciphers; ++ OpenSSL_add_all_digests; ++ TXT_DB_create_index; ++ TXT_DB_free; ++ TXT_DB_get_by_index; ++ TXT_DB_insert; ++ TXT_DB_read; ++ TXT_DB_write; ++ X509_ALGOR_free; ++ X509_ALGOR_new; ++ X509_ATTRIBUTE_free; ++ X509_ATTRIBUTE_new; ++ X509_CINF_free; ++ X509_CINF_new; ++ X509_CRL_INFO_free; ++ X509_CRL_INFO_new; ++ X509_CRL_add_ext; ++ X509_CRL_cmp; ++ X509_CRL_delete_ext; ++ X509_CRL_dup; ++ X509_CRL_free; ++ X509_CRL_get_ext; ++ X509_CRL_get_ext_by_NID; ++ X509_CRL_get_ext_by_OBJ; ++ X509_CRL_get_ext_by_critical; ++ X509_CRL_get_ext_count; ++ X509_CRL_new; ++ X509_CRL_sign; ++ X509_CRL_verify; ++ X509_EXTENSION_create_by_NID; ++ X509_EXTENSION_create_by_OBJ; ++ X509_EXTENSION_dup; ++ X509_EXTENSION_free; ++ X509_EXTENSION_get_critical; ++ X509_EXTENSION_get_data; ++ X509_EXTENSION_get_object; ++ X509_EXTENSION_new; ++ X509_EXTENSION_set_critical; ++ X509_EXTENSION_set_data; ++ X509_EXTENSION_set_object; ++ X509_INFO_free; ++ X509_INFO_new; ++ X509_LOOKUP_by_alias; ++ X509_LOOKUP_by_fingerprint; ++ X509_LOOKUP_by_issuer_serial; ++ X509_LOOKUP_by_subject; ++ X509_LOOKUP_ctrl; ++ X509_LOOKUP_file; ++ X509_LOOKUP_free; ++ X509_LOOKUP_hash_dir; ++ X509_LOOKUP_init; ++ X509_LOOKUP_new; ++ X509_LOOKUP_shutdown; ++ X509_NAME_ENTRY_create_by_NID; ++ X509_NAME_ENTRY_create_by_OBJ; ++ X509_NAME_ENTRY_dup; ++ X509_NAME_ENTRY_free; ++ X509_NAME_ENTRY_get_data; ++ X509_NAME_ENTRY_get_object; ++ X509_NAME_ENTRY_new; ++ X509_NAME_ENTRY_set_data; ++ X509_NAME_ENTRY_set_object; ++ X509_NAME_add_entry; ++ X509_NAME_cmp; ++ X509_NAME_delete_entry; ++ X509_NAME_digest; ++ X509_NAME_dup; ++ X509_NAME_entry_count; ++ X509_NAME_free; ++ X509_NAME_get_entry; ++ X509_NAME_get_index_by_NID; ++ X509_NAME_get_index_by_OBJ; ++ X509_NAME_get_text_by_NID; ++ X509_NAME_get_text_by_OBJ; ++ X509_NAME_hash; ++ X509_NAME_new; ++ X509_NAME_oneline; ++ X509_NAME_print; ++ X509_NAME_set; ++ X509_OBJECT_free_contents; ++ X509_OBJECT_retrieve_by_subject; ++ X509_OBJECT_up_ref_count; ++ X509_PKEY_free; ++ X509_PKEY_new; ++ X509_PUBKEY_free; ++ X509_PUBKEY_get; ++ X509_PUBKEY_new; ++ X509_PUBKEY_set; ++ X509_REQ_INFO_free; ++ X509_REQ_INFO_new; ++ X509_REQ_dup; ++ X509_REQ_free; ++ X509_REQ_get_pubkey; ++ X509_REQ_new; ++ X509_REQ_print; ++ X509_REQ_print_fp; ++ X509_REQ_set_pubkey; ++ X509_REQ_set_subject_name; ++ X509_REQ_set_version; ++ X509_REQ_sign; ++ X509_REQ_to_X509; ++ X509_REQ_verify; ++ X509_REVOKED_add_ext; ++ X509_REVOKED_delete_ext; ++ X509_REVOKED_free; ++ X509_REVOKED_get_ext; ++ X509_REVOKED_get_ext_by_NID; ++ X509_REVOKED_get_ext_by_OBJ; ++ X509_REVOKED_get_ext_by_critical; ++ X509_REVOKED_get_ext_by_critic; ++ X509_REVOKED_get_ext_count; ++ X509_REVOKED_new; ++ X509_SIG_free; ++ X509_SIG_new; ++ X509_STORE_CTX_cleanup; ++ X509_STORE_CTX_init; ++ X509_STORE_add_cert; ++ X509_STORE_add_lookup; ++ X509_STORE_free; ++ X509_STORE_get_by_subject; ++ X509_STORE_load_locations; ++ X509_STORE_new; ++ X509_STORE_set_default_paths; ++ X509_VAL_free; ++ X509_VAL_new; ++ X509_add_ext; ++ X509_asn1_meth; ++ X509_certificate_type; ++ X509_check_private_key; ++ X509_cmp_current_time; ++ X509_delete_ext; ++ X509_digest; ++ X509_dup; ++ X509_free; ++ X509_get_default_cert_area; ++ X509_get_default_cert_dir; ++ X509_get_default_cert_dir_env; ++ X509_get_default_cert_file; ++ X509_get_default_cert_file_env; ++ X509_get_default_private_dir; ++ X509_get_ext; ++ X509_get_ext_by_NID; ++ X509_get_ext_by_OBJ; ++ X509_get_ext_by_critical; ++ X509_get_ext_count; ++ X509_get_issuer_name; ++ X509_get_pubkey; ++ X509_get_pubkey_parameters; ++ X509_get_serialNumber; ++ X509_get_subject_name; ++ X509_gmtime_adj; ++ X509_issuer_and_serial_cmp; ++ X509_issuer_and_serial_hash; ++ X509_issuer_name_cmp; ++ X509_issuer_name_hash; ++ X509_load_cert_file; ++ X509_new; ++ X509_print; ++ X509_print_fp; ++ X509_set_issuer_name; ++ X509_set_notAfter; ++ X509_set_notBefore; ++ X509_set_pubkey; ++ X509_set_serialNumber; ++ X509_set_subject_name; ++ X509_set_version; ++ X509_sign; ++ X509_subject_name_cmp; ++ X509_subject_name_hash; ++ X509_to_X509_REQ; ++ X509_verify; ++ X509_verify_cert; ++ X509_verify_cert_error_string; ++ X509v3_add_ext; ++ X509v3_add_extension; ++ X509v3_add_netscape_extensions; ++ X509v3_add_standard_extensions; ++ X509v3_cleanup_extensions; ++ X509v3_data_type_by_NID; ++ X509v3_data_type_by_OBJ; ++ X509v3_delete_ext; ++ X509v3_get_ext; ++ X509v3_get_ext_by_NID; ++ X509v3_get_ext_by_OBJ; ++ X509v3_get_ext_by_critical; ++ X509v3_get_ext_count; ++ X509v3_pack_string; ++ X509v3_pack_type_by_NID; ++ X509v3_pack_type_by_OBJ; ++ X509v3_unpack_string; ++ _des_crypt; ++ a2d_ASN1_OBJECT; ++ a2i_ASN1_INTEGER; ++ a2i_ASN1_STRING; ++ asn1_Finish; ++ asn1_GetSequence; ++ bn_div_words; ++ bn_expand2; ++ bn_mul_add_words; ++ bn_mul_words; ++ BN_uadd; ++ BN_usub; ++ bn_sqr_words; ++ _ossl_old_crypt; ++ d2i_ASN1_BIT_STRING; ++ d2i_ASN1_BOOLEAN; ++ d2i_ASN1_HEADER; ++ d2i_ASN1_IA5STRING; ++ d2i_ASN1_INTEGER; ++ d2i_ASN1_OBJECT; ++ d2i_ASN1_OCTET_STRING; ++ d2i_ASN1_PRINTABLE; ++ d2i_ASN1_PRINTABLESTRING; ++ d2i_ASN1_SET; ++ d2i_ASN1_T61STRING; ++ d2i_ASN1_TYPE; ++ d2i_ASN1_UTCTIME; ++ d2i_ASN1_bytes; ++ d2i_ASN1_type_bytes; ++ d2i_DHparams; ++ d2i_DSAPrivateKey; ++ d2i_DSAPrivateKey_bio; ++ d2i_DSAPrivateKey_fp; ++ d2i_DSAPublicKey; ++ d2i_DSAparams; ++ d2i_NETSCAPE_SPKAC; ++ d2i_NETSCAPE_SPKI; ++ d2i_Netscape_RSA; ++ d2i_PKCS7; ++ d2i_PKCS7_DIGEST; ++ d2i_PKCS7_ENCRYPT; ++ d2i_PKCS7_ENC_CONTENT; ++ d2i_PKCS7_ENVELOPE; ++ d2i_PKCS7_ISSUER_AND_SERIAL; ++ d2i_PKCS7_RECIP_INFO; ++ d2i_PKCS7_SIGNED; ++ d2i_PKCS7_SIGNER_INFO; ++ d2i_PKCS7_SIGN_ENVELOPE; ++ d2i_PKCS7_bio; ++ d2i_PKCS7_fp; ++ d2i_PrivateKey; ++ d2i_PublicKey; ++ d2i_RSAPrivateKey; ++ d2i_RSAPrivateKey_bio; ++ d2i_RSAPrivateKey_fp; ++ d2i_RSAPublicKey; ++ d2i_X509; ++ d2i_X509_ALGOR; ++ d2i_X509_ATTRIBUTE; ++ d2i_X509_CINF; ++ d2i_X509_CRL; ++ d2i_X509_CRL_INFO; ++ d2i_X509_CRL_bio; ++ d2i_X509_CRL_fp; ++ d2i_X509_EXTENSION; ++ d2i_X509_NAME; ++ d2i_X509_NAME_ENTRY; ++ d2i_X509_PKEY; ++ d2i_X509_PUBKEY; ++ d2i_X509_REQ; ++ d2i_X509_REQ_INFO; ++ d2i_X509_REQ_bio; ++ d2i_X509_REQ_fp; ++ d2i_X509_REVOKED; ++ d2i_X509_SIG; ++ d2i_X509_VAL; ++ d2i_X509_bio; ++ d2i_X509_fp; ++ DES_cbc_cksum; ++ DES_cbc_encrypt; ++ DES_cblock_print_file; ++ DES_cfb64_encrypt; ++ DES_cfb_encrypt; ++ DES_decrypt3; ++ DES_ecb3_encrypt; ++ DES_ecb_encrypt; ++ DES_ede3_cbc_encrypt; ++ DES_ede3_cfb64_encrypt; ++ DES_ede3_ofb64_encrypt; ++ DES_enc_read; ++ DES_enc_write; ++ DES_encrypt1; ++ DES_encrypt2; ++ DES_encrypt3; ++ DES_fcrypt; ++ DES_is_weak_key; ++ DES_key_sched; ++ DES_ncbc_encrypt; ++ DES_ofb64_encrypt; ++ DES_ofb_encrypt; ++ DES_options; ++ DES_pcbc_encrypt; ++ DES_quad_cksum; ++ DES_random_key; ++ _ossl_old_des_random_seed; ++ _ossl_old_des_read_2passwords; ++ _ossl_old_des_read_password; ++ _ossl_old_des_read_pw; ++ _ossl_old_des_read_pw_string; ++ DES_set_key; ++ DES_set_odd_parity; ++ DES_string_to_2keys; ++ DES_string_to_key; ++ DES_xcbc_encrypt; ++ DES_xwhite_in2out; ++ fcrypt_body; ++ i2a_ASN1_INTEGER; ++ i2a_ASN1_OBJECT; ++ i2a_ASN1_STRING; ++ i2d_ASN1_BIT_STRING; ++ i2d_ASN1_BOOLEAN; ++ i2d_ASN1_HEADER; ++ i2d_ASN1_IA5STRING; ++ i2d_ASN1_INTEGER; ++ i2d_ASN1_OBJECT; ++ i2d_ASN1_OCTET_STRING; ++ i2d_ASN1_PRINTABLE; ++ i2d_ASN1_SET; ++ i2d_ASN1_TYPE; ++ i2d_ASN1_UTCTIME; ++ i2d_ASN1_bytes; ++ i2d_DHparams; ++ i2d_DSAPrivateKey; ++ i2d_DSAPrivateKey_bio; ++ i2d_DSAPrivateKey_fp; ++ i2d_DSAPublicKey; ++ i2d_DSAparams; ++ i2d_NETSCAPE_SPKAC; ++ i2d_NETSCAPE_SPKI; ++ i2d_Netscape_RSA; ++ i2d_PKCS7; ++ i2d_PKCS7_DIGEST; ++ i2d_PKCS7_ENCRYPT; ++ i2d_PKCS7_ENC_CONTENT; ++ i2d_PKCS7_ENVELOPE; ++ i2d_PKCS7_ISSUER_AND_SERIAL; ++ i2d_PKCS7_RECIP_INFO; ++ i2d_PKCS7_SIGNED; ++ i2d_PKCS7_SIGNER_INFO; ++ i2d_PKCS7_SIGN_ENVELOPE; ++ i2d_PKCS7_bio; ++ i2d_PKCS7_fp; ++ i2d_PrivateKey; ++ i2d_PublicKey; ++ i2d_RSAPrivateKey; ++ i2d_RSAPrivateKey_bio; ++ i2d_RSAPrivateKey_fp; ++ i2d_RSAPublicKey; ++ i2d_X509; ++ i2d_X509_ALGOR; ++ i2d_X509_ATTRIBUTE; ++ i2d_X509_CINF; ++ i2d_X509_CRL; ++ i2d_X509_CRL_INFO; ++ i2d_X509_CRL_bio; ++ i2d_X509_CRL_fp; ++ i2d_X509_EXTENSION; ++ i2d_X509_NAME; ++ i2d_X509_NAME_ENTRY; ++ i2d_X509_PKEY; ++ i2d_X509_PUBKEY; ++ i2d_X509_REQ; ++ i2d_X509_REQ_INFO; ++ i2d_X509_REQ_bio; ++ i2d_X509_REQ_fp; ++ i2d_X509_REVOKED; ++ i2d_X509_SIG; ++ i2d_X509_VAL; ++ i2d_X509_bio; ++ i2d_X509_fp; ++ idea_cbc_encrypt; ++ idea_cfb64_encrypt; ++ idea_ecb_encrypt; ++ idea_encrypt; ++ idea_ofb64_encrypt; ++ idea_options; ++ idea_set_decrypt_key; ++ idea_set_encrypt_key; ++ lh_delete; ++ lh_doall; ++ lh_doall_arg; ++ lh_free; ++ lh_insert; ++ lh_new; ++ lh_node_stats; ++ lh_node_stats_bio; ++ lh_node_usage_stats; ++ lh_node_usage_stats_bio; ++ lh_retrieve; ++ lh_stats; ++ lh_stats_bio; ++ lh_strhash; ++ sk_delete; ++ sk_delete_ptr; ++ sk_dup; ++ sk_find; ++ sk_free; ++ sk_insert; ++ sk_new; ++ sk_pop; ++ sk_pop_free; ++ sk_push; ++ sk_set_cmp_func; ++ sk_shift; ++ sk_unshift; ++ sk_zero; ++ BIO_f_nbio_test; ++ ASN1_TYPE_get; ++ ASN1_TYPE_set; ++ PKCS7_content_free; ++ ERR_load_PKCS7_strings; ++ X509_find_by_issuer_and_serial; ++ X509_find_by_subject; ++ PKCS7_ctrl; ++ PKCS7_set_type; ++ PKCS7_set_content; ++ PKCS7_SIGNER_INFO_set; ++ PKCS7_add_signer; ++ PKCS7_add_certificate; ++ PKCS7_add_crl; ++ PKCS7_content_new; ++ PKCS7_dataSign; ++ PKCS7_dataVerify; ++ PKCS7_dataInit; ++ PKCS7_add_signature; ++ PKCS7_cert_from_signer_info; ++ PKCS7_get_signer_info; ++ EVP_delete_alias; ++ EVP_mdc2; ++ PEM_read_bio_RSAPublicKey; ++ PEM_write_bio_RSAPublicKey; ++ d2i_RSAPublicKey_bio; ++ i2d_RSAPublicKey_bio; ++ PEM_read_RSAPublicKey; ++ PEM_write_RSAPublicKey; ++ d2i_RSAPublicKey_fp; ++ i2d_RSAPublicKey_fp; ++ BIO_copy_next_retry; ++ RSA_flags; ++ X509_STORE_add_crl; ++ X509_load_crl_file; ++ EVP_rc2_40_cbc; ++ EVP_rc4_40; ++ EVP_CIPHER_CTX_init; ++ HMAC; ++ HMAC_Init; ++ HMAC_Update; ++ HMAC_Final; ++ ERR_get_next_error_library; ++ EVP_PKEY_cmp_parameters; ++ HMAC_cleanup; ++ BIO_ptr_ctrl; ++ BIO_new_file_internal; ++ BIO_new_fp_internal; ++ BIO_s_file_internal; ++ BN_BLINDING_convert; ++ BN_BLINDING_invert; ++ BN_BLINDING_update; ++ RSA_blinding_on; ++ RSA_blinding_off; ++ i2t_ASN1_OBJECT; ++ BN_BLINDING_new; ++ BN_BLINDING_free; ++ EVP_cast5_cbc; ++ EVP_cast5_cfb64; ++ EVP_cast5_ecb; ++ EVP_cast5_ofb; ++ BF_decrypt; ++ CAST_set_key; ++ CAST_encrypt; ++ CAST_decrypt; ++ CAST_ecb_encrypt; ++ CAST_cbc_encrypt; ++ CAST_cfb64_encrypt; ++ CAST_ofb64_encrypt; ++ RC2_decrypt; ++ OBJ_create_objects; ++ BN_exp; ++ BN_mul_word; ++ BN_sub_word; ++ BN_dec2bn; ++ BN_bn2dec; ++ BIO_ghbn_ctrl; ++ CRYPTO_free_ex_data; ++ CRYPTO_get_ex_data; ++ CRYPTO_set_ex_data; ++ ERR_load_CRYPTO_strings; ++ ERR_load_CRYPTOlib_strings; ++ EVP_PKEY_bits; ++ MD5_Transform; ++ SHA1_Transform; ++ SHA_Transform; ++ X509_STORE_CTX_get_chain; ++ X509_STORE_CTX_get_current_cert; ++ X509_STORE_CTX_get_error; ++ X509_STORE_CTX_get_error_depth; ++ X509_STORE_CTX_get_ex_data; ++ X509_STORE_CTX_set_cert; ++ X509_STORE_CTX_set_chain; ++ X509_STORE_CTX_set_error; ++ X509_STORE_CTX_set_ex_data; ++ CRYPTO_dup_ex_data; ++ CRYPTO_get_new_lockid; ++ CRYPTO_new_ex_data; ++ RSA_set_ex_data; ++ RSA_get_ex_data; ++ RSA_get_ex_new_index; ++ RSA_padding_add_PKCS1_type_1; ++ RSA_padding_add_PKCS1_type_2; ++ RSA_padding_add_SSLv23; ++ RSA_padding_add_none; ++ RSA_padding_check_PKCS1_type_1; ++ RSA_padding_check_PKCS1_type_2; ++ RSA_padding_check_SSLv23; ++ RSA_padding_check_none; ++ bn_add_words; ++ d2i_Netscape_RSA_2; ++ CRYPTO_get_ex_new_index; ++ RIPEMD160_Init; ++ RIPEMD160_Update; ++ RIPEMD160_Final; ++ RIPEMD160; ++ RIPEMD160_Transform; ++ RC5_32_set_key; ++ RC5_32_ecb_encrypt; ++ RC5_32_encrypt; ++ RC5_32_decrypt; ++ RC5_32_cbc_encrypt; ++ RC5_32_cfb64_encrypt; ++ RC5_32_ofb64_encrypt; ++ BN_bn2mpi; ++ BN_mpi2bn; ++ ASN1_BIT_STRING_get_bit; ++ ASN1_BIT_STRING_set_bit; ++ BIO_get_ex_data; ++ BIO_get_ex_new_index; ++ BIO_set_ex_data; ++ X509v3_get_key_usage; ++ X509v3_set_key_usage; ++ a2i_X509v3_key_usage; ++ i2a_X509v3_key_usage; ++ EVP_PKEY_decrypt; ++ EVP_PKEY_encrypt; ++ PKCS7_RECIP_INFO_set; ++ PKCS7_add_recipient; ++ PKCS7_add_recipient_info; ++ PKCS7_set_cipher; ++ ASN1_TYPE_get_int_octetstring; ++ ASN1_TYPE_get_octetstring; ++ ASN1_TYPE_set_int_octetstring; ++ ASN1_TYPE_set_octetstring; ++ ASN1_UTCTIME_set_string; ++ ERR_add_error_data; ++ ERR_set_error_data; ++ EVP_CIPHER_asn1_to_param; ++ EVP_CIPHER_param_to_asn1; ++ EVP_CIPHER_get_asn1_iv; ++ EVP_CIPHER_set_asn1_iv; ++ EVP_rc5_32_12_16_cbc; ++ EVP_rc5_32_12_16_cfb64; ++ EVP_rc5_32_12_16_ecb; ++ EVP_rc5_32_12_16_ofb; ++ asn1_add_error; ++ d2i_ASN1_BMPSTRING; ++ i2d_ASN1_BMPSTRING; ++ BIO_f_ber; ++ BN_init; ++ COMP_CTX_new; ++ COMP_CTX_free; ++ COMP_CTX_compress_block; ++ COMP_CTX_expand_block; ++ X509_STORE_CTX_get_ex_new_index; ++ OBJ_NAME_add; ++ BIO_socket_nbio; ++ EVP_rc2_64_cbc; ++ OBJ_NAME_cleanup; ++ OBJ_NAME_get; ++ OBJ_NAME_init; ++ OBJ_NAME_new_index; ++ OBJ_NAME_remove; ++ BN_MONT_CTX_copy; ++ BIO_new_socks4a_connect; ++ BIO_s_socks4a_connect; ++ PROXY_set_connect_mode; ++ RAND_SSLeay; ++ RAND_set_rand_method; ++ RSA_memory_lock; ++ bn_sub_words; ++ bn_mul_normal; ++ bn_mul_comba8; ++ bn_mul_comba4; ++ bn_sqr_normal; ++ bn_sqr_comba8; ++ bn_sqr_comba4; ++ bn_cmp_words; ++ bn_mul_recursive; ++ bn_mul_part_recursive; ++ bn_sqr_recursive; ++ bn_mul_low_normal; ++ BN_RECP_CTX_init; ++ BN_RECP_CTX_new; ++ BN_RECP_CTX_free; ++ BN_RECP_CTX_set; ++ BN_mod_mul_reciprocal; ++ BN_mod_exp_recp; ++ BN_div_recp; ++ BN_CTX_init; ++ BN_MONT_CTX_init; ++ RAND_get_rand_method; ++ PKCS7_add_attribute; ++ PKCS7_add_signed_attribute; ++ PKCS7_digest_from_attributes; ++ PKCS7_get_attribute; ++ PKCS7_get_issuer_and_serial; ++ PKCS7_get_signed_attribute; ++ COMP_compress_block; ++ COMP_expand_block; ++ COMP_rle; ++ COMP_zlib; ++ ms_time_diff; ++ ms_time_new; ++ ms_time_free; ++ ms_time_cmp; ++ ms_time_get; ++ PKCS7_set_attributes; ++ PKCS7_set_signed_attributes; ++ X509_ATTRIBUTE_create; ++ X509_ATTRIBUTE_dup; ++ ASN1_GENERALIZEDTIME_check; ++ ASN1_GENERALIZEDTIME_print; ++ ASN1_GENERALIZEDTIME_set; ++ ASN1_GENERALIZEDTIME_set_string; ++ ASN1_TIME_print; ++ BASIC_CONSTRAINTS_free; ++ BASIC_CONSTRAINTS_new; ++ ERR_load_X509V3_strings; ++ NETSCAPE_CERT_SEQUENCE_free; ++ NETSCAPE_CERT_SEQUENCE_new; ++ OBJ_txt2obj; ++ PEM_read_NETSCAPE_CERT_SEQUENCE; ++ PEM_read_NS_CERT_SEQ; ++ PEM_read_bio_NETSCAPE_CERT_SEQUENCE; ++ PEM_read_bio_NS_CERT_SEQ; ++ PEM_write_NETSCAPE_CERT_SEQUENCE; ++ PEM_write_NS_CERT_SEQ; ++ PEM_write_bio_NETSCAPE_CERT_SEQUENCE; ++ PEM_write_bio_NS_CERT_SEQ; ++ X509V3_EXT_add; ++ X509V3_EXT_add_alias; ++ X509V3_EXT_add_conf; ++ X509V3_EXT_cleanup; ++ X509V3_EXT_conf; ++ X509V3_EXT_conf_nid; ++ X509V3_EXT_get; ++ X509V3_EXT_get_nid; ++ X509V3_EXT_print; ++ X509V3_EXT_print_fp; ++ X509V3_add_standard_extensions; ++ X509V3_add_value; ++ X509V3_add_value_bool; ++ X509V3_add_value_int; ++ X509V3_conf_free; ++ X509V3_get_value_bool; ++ X509V3_get_value_int; ++ X509V3_parse_list; ++ d2i_ASN1_GENERALIZEDTIME; ++ d2i_ASN1_TIME; ++ d2i_BASIC_CONSTRAINTS; ++ d2i_NETSCAPE_CERT_SEQUENCE; ++ d2i_ext_ku; ++ ext_ku_free; ++ ext_ku_new; ++ i2d_ASN1_GENERALIZEDTIME; ++ i2d_ASN1_TIME; ++ i2d_BASIC_CONSTRAINTS; ++ i2d_NETSCAPE_CERT_SEQUENCE; ++ i2d_ext_ku; ++ EVP_MD_CTX_copy; ++ i2d_ASN1_ENUMERATED; ++ d2i_ASN1_ENUMERATED; ++ ASN1_ENUMERATED_set; ++ ASN1_ENUMERATED_get; ++ BN_to_ASN1_ENUMERATED; ++ ASN1_ENUMERATED_to_BN; ++ i2a_ASN1_ENUMERATED; ++ a2i_ASN1_ENUMERATED; ++ i2d_GENERAL_NAME; ++ d2i_GENERAL_NAME; ++ GENERAL_NAME_new; ++ GENERAL_NAME_free; ++ GENERAL_NAMES_new; ++ GENERAL_NAMES_free; ++ d2i_GENERAL_NAMES; ++ i2d_GENERAL_NAMES; ++ i2v_GENERAL_NAMES; ++ i2s_ASN1_OCTET_STRING; ++ s2i_ASN1_OCTET_STRING; ++ X509V3_EXT_check_conf; ++ hex_to_string; ++ string_to_hex; ++ DES_ede3_cbcm_encrypt; ++ RSA_padding_add_PKCS1_OAEP; ++ RSA_padding_check_PKCS1_OAEP; ++ X509_CRL_print_fp; ++ X509_CRL_print; ++ i2v_GENERAL_NAME; ++ v2i_GENERAL_NAME; ++ i2d_PKEY_USAGE_PERIOD; ++ d2i_PKEY_USAGE_PERIOD; ++ PKEY_USAGE_PERIOD_new; ++ PKEY_USAGE_PERIOD_free; ++ v2i_GENERAL_NAMES; ++ i2s_ASN1_INTEGER; ++ X509V3_EXT_d2i; ++ name_cmp; ++ str_dup; ++ i2s_ASN1_ENUMERATED; ++ i2s_ASN1_ENUMERATED_TABLE; ++ BIO_s_log; ++ BIO_f_reliable; ++ PKCS7_dataFinal; ++ PKCS7_dataDecode; ++ X509V3_EXT_CRL_add_conf; ++ BN_set_params; ++ BN_get_params; ++ BIO_get_ex_num; ++ BIO_set_ex_free_func; ++ EVP_ripemd160; ++ ASN1_TIME_set; ++ i2d_AUTHORITY_KEYID; ++ d2i_AUTHORITY_KEYID; ++ AUTHORITY_KEYID_new; ++ AUTHORITY_KEYID_free; ++ ASN1_seq_unpack; ++ ASN1_seq_pack; ++ ASN1_unpack_string; ++ ASN1_pack_string; ++ PKCS12_pack_safebag; ++ PKCS12_MAKE_KEYBAG; ++ PKCS8_encrypt; ++ PKCS12_MAKE_SHKEYBAG; ++ PKCS12_pack_p7data; ++ PKCS12_pack_p7encdata; ++ PKCS12_add_localkeyid; ++ PKCS12_add_friendlyname_asc; ++ PKCS12_add_friendlyname_uni; ++ PKCS12_get_friendlyname; ++ PKCS12_pbe_crypt; ++ PKCS12_decrypt_d2i; ++ PKCS12_i2d_encrypt; ++ PKCS12_init; ++ PKCS12_key_gen_asc; ++ PKCS12_key_gen_uni; ++ PKCS12_gen_mac; ++ PKCS12_verify_mac; ++ PKCS12_set_mac; ++ PKCS12_setup_mac; ++ OPENSSL_asc2uni; ++ OPENSSL_uni2asc; ++ i2d_PKCS12_BAGS; ++ PKCS12_BAGS_new; ++ d2i_PKCS12_BAGS; ++ PKCS12_BAGS_free; ++ i2d_PKCS12; ++ d2i_PKCS12; ++ PKCS12_new; ++ PKCS12_free; ++ i2d_PKCS12_MAC_DATA; ++ PKCS12_MAC_DATA_new; ++ d2i_PKCS12_MAC_DATA; ++ PKCS12_MAC_DATA_free; ++ i2d_PKCS12_SAFEBAG; ++ PKCS12_SAFEBAG_new; ++ d2i_PKCS12_SAFEBAG; ++ PKCS12_SAFEBAG_free; ++ ERR_load_PKCS12_strings; ++ PKCS12_PBE_add; ++ PKCS8_add_keyusage; ++ PKCS12_get_attr_gen; ++ PKCS12_parse; ++ PKCS12_create; ++ i2d_PKCS12_bio; ++ i2d_PKCS12_fp; ++ d2i_PKCS12_bio; ++ d2i_PKCS12_fp; ++ i2d_PBEPARAM; ++ PBEPARAM_new; ++ d2i_PBEPARAM; ++ PBEPARAM_free; ++ i2d_PKCS8_PRIV_KEY_INFO; ++ PKCS8_PRIV_KEY_INFO_new; ++ d2i_PKCS8_PRIV_KEY_INFO; ++ PKCS8_PRIV_KEY_INFO_free; ++ EVP_PKCS82PKEY; ++ EVP_PKEY2PKCS8; ++ PKCS8_set_broken; ++ EVP_PBE_ALGOR_CipherInit; ++ EVP_PBE_alg_add; ++ PKCS5_pbe_set; ++ EVP_PBE_cleanup; ++ i2d_SXNET; ++ d2i_SXNET; ++ SXNET_new; ++ SXNET_free; ++ i2d_SXNETID; ++ d2i_SXNETID; ++ SXNETID_new; ++ SXNETID_free; ++ DSA_SIG_new; ++ DSA_SIG_free; ++ DSA_do_sign; ++ DSA_do_verify; ++ d2i_DSA_SIG; ++ i2d_DSA_SIG; ++ i2d_ASN1_VISIBLESTRING; ++ d2i_ASN1_VISIBLESTRING; ++ i2d_ASN1_UTF8STRING; ++ d2i_ASN1_UTF8STRING; ++ i2d_DIRECTORYSTRING; ++ d2i_DIRECTORYSTRING; ++ i2d_DISPLAYTEXT; ++ d2i_DISPLAYTEXT; ++ d2i_ASN1_SET_OF_X509; ++ i2d_ASN1_SET_OF_X509; ++ i2d_PBKDF2PARAM; ++ PBKDF2PARAM_new; ++ d2i_PBKDF2PARAM; ++ PBKDF2PARAM_free; ++ i2d_PBE2PARAM; ++ PBE2PARAM_new; ++ d2i_PBE2PARAM; ++ PBE2PARAM_free; ++ d2i_ASN1_SET_OF_GENERAL_NAME; ++ i2d_ASN1_SET_OF_GENERAL_NAME; ++ d2i_ASN1_SET_OF_SXNETID; ++ i2d_ASN1_SET_OF_SXNETID; ++ d2i_ASN1_SET_OF_POLICYQUALINFO; ++ i2d_ASN1_SET_OF_POLICYQUALINFO; ++ d2i_ASN1_SET_OF_POLICYINFO; ++ i2d_ASN1_SET_OF_POLICYINFO; ++ SXNET_add_id_asc; ++ SXNET_add_id_ulong; ++ SXNET_add_id_INTEGER; ++ SXNET_get_id_asc; ++ SXNET_get_id_ulong; ++ SXNET_get_id_INTEGER; ++ X509V3_set_conf_lhash; ++ i2d_CERTIFICATEPOLICIES; ++ CERTIFICATEPOLICIES_new; ++ CERTIFICATEPOLICIES_free; ++ d2i_CERTIFICATEPOLICIES; ++ i2d_POLICYINFO; ++ POLICYINFO_new; ++ d2i_POLICYINFO; ++ POLICYINFO_free; ++ i2d_POLICYQUALINFO; ++ POLICYQUALINFO_new; ++ d2i_POLICYQUALINFO; ++ POLICYQUALINFO_free; ++ i2d_USERNOTICE; ++ USERNOTICE_new; ++ d2i_USERNOTICE; ++ USERNOTICE_free; ++ i2d_NOTICEREF; ++ NOTICEREF_new; ++ d2i_NOTICEREF; ++ NOTICEREF_free; ++ X509V3_get_string; ++ X509V3_get_section; ++ X509V3_string_free; ++ X509V3_section_free; ++ X509V3_set_ctx; ++ s2i_ASN1_INTEGER; ++ CRYPTO_set_locked_mem_functions; ++ CRYPTO_get_locked_mem_functions; ++ CRYPTO_malloc_locked; ++ CRYPTO_free_locked; ++ BN_mod_exp2_mont; ++ ERR_get_error_line_data; ++ ERR_peek_error_line_data; ++ PKCS12_PBE_keyivgen; ++ X509_ALGOR_dup; ++ d2i_ASN1_SET_OF_DIST_POINT; ++ i2d_ASN1_SET_OF_DIST_POINT; ++ i2d_CRL_DIST_POINTS; ++ CRL_DIST_POINTS_new; ++ CRL_DIST_POINTS_free; ++ d2i_CRL_DIST_POINTS; ++ i2d_DIST_POINT; ++ DIST_POINT_new; ++ d2i_DIST_POINT; ++ DIST_POINT_free; ++ i2d_DIST_POINT_NAME; ++ DIST_POINT_NAME_new; ++ DIST_POINT_NAME_free; ++ d2i_DIST_POINT_NAME; ++ X509V3_add_value_uchar; ++ d2i_ASN1_SET_OF_X509_ATTRIBUTE; ++ i2d_ASN1_SET_OF_ASN1_TYPE; ++ d2i_ASN1_SET_OF_X509_EXTENSION; ++ d2i_ASN1_SET_OF_X509_NAME_ENTRY; ++ d2i_ASN1_SET_OF_ASN1_TYPE; ++ i2d_ASN1_SET_OF_X509_ATTRIBUTE; ++ i2d_ASN1_SET_OF_X509_EXTENSION; ++ i2d_ASN1_SET_OF_X509_NAME_ENTRY; ++ X509V3_EXT_i2d; ++ X509V3_EXT_val_prn; ++ X509V3_EXT_add_list; ++ EVP_CIPHER_type; ++ EVP_PBE_CipherInit; ++ X509V3_add_value_bool_nf; ++ d2i_ASN1_UINTEGER; ++ sk_value; ++ sk_num; ++ sk_set; ++ i2d_ASN1_SET_OF_X509_REVOKED; ++ sk_sort; ++ d2i_ASN1_SET_OF_X509_REVOKED; ++ i2d_ASN1_SET_OF_X509_ALGOR; ++ i2d_ASN1_SET_OF_X509_CRL; ++ d2i_ASN1_SET_OF_X509_ALGOR; ++ d2i_ASN1_SET_OF_X509_CRL; ++ i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO; ++ i2d_ASN1_SET_OF_PKCS7_RECIP_INFO; ++ d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO; ++ d2i_ASN1_SET_OF_PKCS7_RECIP_INFO; ++ PKCS5_PBE_add; ++ PEM_write_bio_PKCS8; ++ i2d_PKCS8_fp; ++ PEM_read_bio_PKCS8_PRIV_KEY_INFO; ++ PEM_read_bio_P8_PRIV_KEY_INFO; ++ d2i_PKCS8_bio; ++ d2i_PKCS8_PRIV_KEY_INFO_fp; ++ PEM_write_bio_PKCS8_PRIV_KEY_INFO; ++ PEM_write_bio_P8_PRIV_KEY_INFO; ++ PEM_read_PKCS8; ++ d2i_PKCS8_PRIV_KEY_INFO_bio; ++ d2i_PKCS8_fp; ++ PEM_write_PKCS8; ++ PEM_read_PKCS8_PRIV_KEY_INFO; ++ PEM_read_P8_PRIV_KEY_INFO; ++ PEM_read_bio_PKCS8; ++ PEM_write_PKCS8_PRIV_KEY_INFO; ++ PEM_write_P8_PRIV_KEY_INFO; ++ PKCS5_PBE_keyivgen; ++ i2d_PKCS8_bio; ++ i2d_PKCS8_PRIV_KEY_INFO_fp; ++ i2d_PKCS8_PRIV_KEY_INFO_bio; ++ BIO_s_bio; ++ PKCS5_pbe2_set; ++ PKCS5_PBKDF2_HMAC_SHA1; ++ PKCS5_v2_PBE_keyivgen; ++ PEM_write_bio_PKCS8PrivateKey; ++ PEM_write_PKCS8PrivateKey; ++ BIO_ctrl_get_read_request; ++ BIO_ctrl_pending; ++ BIO_ctrl_wpending; ++ BIO_new_bio_pair; ++ BIO_ctrl_get_write_guarantee; ++ CRYPTO_num_locks; ++ CONF_load_bio; ++ CONF_load_fp; ++ i2d_ASN1_SET_OF_ASN1_OBJECT; ++ d2i_ASN1_SET_OF_ASN1_OBJECT; ++ PKCS7_signatureVerify; ++ RSA_set_method; ++ RSA_get_method; ++ RSA_get_default_method; ++ RSA_check_key; ++ OBJ_obj2txt; ++ DSA_dup_DH; ++ X509_REQ_get_extensions; ++ X509_REQ_set_extension_nids; ++ BIO_nwrite; ++ X509_REQ_extension_nid; ++ BIO_nread; ++ X509_REQ_get_extension_nids; ++ BIO_nwrite0; ++ X509_REQ_add_extensions_nid; ++ BIO_nread0; ++ X509_REQ_add_extensions; ++ BIO_new_mem_buf; ++ DH_set_ex_data; ++ DH_set_method; ++ DSA_OpenSSL; ++ DH_get_ex_data; ++ DH_get_ex_new_index; ++ DSA_new_method; ++ DH_new_method; ++ DH_OpenSSL; ++ DSA_get_ex_new_index; ++ DH_get_default_method; ++ DSA_set_ex_data; ++ DH_set_default_method; ++ DSA_get_ex_data; ++ X509V3_EXT_REQ_add_conf; ++ NETSCAPE_SPKI_print; ++ NETSCAPE_SPKI_set_pubkey; ++ NETSCAPE_SPKI_b64_encode; ++ NETSCAPE_SPKI_get_pubkey; ++ NETSCAPE_SPKI_b64_decode; ++ UTF8_putc; ++ UTF8_getc; ++ RSA_null_method; ++ ASN1_tag2str; ++ BIO_ctrl_reset_read_request; ++ DISPLAYTEXT_new; ++ ASN1_GENERALIZEDTIME_free; ++ X509_REVOKED_get_ext_d2i; ++ X509_set_ex_data; ++ X509_reject_set_bit_asc; ++ X509_NAME_add_entry_by_txt; ++ X509_NAME_add_entry_by_NID; ++ X509_PURPOSE_get0; ++ PEM_read_X509_AUX; ++ d2i_AUTHORITY_INFO_ACCESS; ++ PEM_write_PUBKEY; ++ ACCESS_DESCRIPTION_new; ++ X509_CERT_AUX_free; ++ d2i_ACCESS_DESCRIPTION; ++ X509_trust_clear; ++ X509_TRUST_add; ++ ASN1_VISIBLESTRING_new; ++ X509_alias_set1; ++ ASN1_PRINTABLESTRING_free; ++ EVP_PKEY_get1_DSA; ++ ASN1_BMPSTRING_new; ++ ASN1_mbstring_copy; ++ ASN1_UTF8STRING_new; ++ DSA_get_default_method; ++ i2d_ASN1_SET_OF_ACCESS_DESCRIPTION; ++ ASN1_T61STRING_free; ++ DSA_set_method; ++ X509_get_ex_data; ++ ASN1_STRING_type; ++ X509_PURPOSE_get_by_sname; ++ ASN1_TIME_free; ++ ASN1_OCTET_STRING_cmp; ++ ASN1_BIT_STRING_new; ++ X509_get_ext_d2i; ++ PEM_read_bio_X509_AUX; ++ ASN1_STRING_set_default_mask_asc; ++ ASN1_STRING_set_def_mask_asc; ++ PEM_write_bio_RSA_PUBKEY; ++ ASN1_INTEGER_cmp; ++ d2i_RSA_PUBKEY_fp; ++ X509_trust_set_bit_asc; ++ PEM_write_bio_DSA_PUBKEY; ++ X509_STORE_CTX_free; ++ EVP_PKEY_set1_DSA; ++ i2d_DSA_PUBKEY_fp; ++ X509_load_cert_crl_file; ++ ASN1_TIME_new; ++ i2d_RSA_PUBKEY; ++ X509_STORE_CTX_purpose_inherit; ++ PEM_read_RSA_PUBKEY; ++ d2i_X509_AUX; ++ i2d_DSA_PUBKEY; ++ X509_CERT_AUX_print; ++ PEM_read_DSA_PUBKEY; ++ i2d_RSA_PUBKEY_bio; ++ ASN1_BIT_STRING_num_asc; ++ i2d_PUBKEY; ++ ASN1_UTCTIME_free; ++ DSA_set_default_method; ++ X509_PURPOSE_get_by_id; ++ ACCESS_DESCRIPTION_free; ++ PEM_read_bio_PUBKEY; ++ ASN1_STRING_set_by_NID; ++ X509_PURPOSE_get_id; ++ DISPLAYTEXT_free; ++ OTHERNAME_new; ++ X509_CERT_AUX_new; ++ X509_TRUST_cleanup; ++ X509_NAME_add_entry_by_OBJ; ++ X509_CRL_get_ext_d2i; ++ X509_PURPOSE_get0_name; ++ PEM_read_PUBKEY; ++ i2d_DSA_PUBKEY_bio; ++ i2d_OTHERNAME; ++ ASN1_OCTET_STRING_free; ++ ASN1_BIT_STRING_set_asc; ++ X509_get_ex_new_index; ++ ASN1_STRING_TABLE_cleanup; ++ X509_TRUST_get_by_id; ++ X509_PURPOSE_get_trust; ++ ASN1_STRING_length; ++ d2i_ASN1_SET_OF_ACCESS_DESCRIPTION; ++ ASN1_PRINTABLESTRING_new; ++ X509V3_get_d2i; ++ ASN1_ENUMERATED_free; ++ i2d_X509_CERT_AUX; ++ X509_STORE_CTX_set_trust; ++ ASN1_STRING_set_default_mask; ++ X509_STORE_CTX_new; ++ EVP_PKEY_get1_RSA; ++ DIRECTORYSTRING_free; ++ PEM_write_X509_AUX; ++ ASN1_OCTET_STRING_set; ++ d2i_DSA_PUBKEY_fp; ++ d2i_RSA_PUBKEY; ++ X509_TRUST_get0_name; ++ X509_TRUST_get0; ++ AUTHORITY_INFO_ACCESS_free; ++ ASN1_IA5STRING_new; ++ d2i_DSA_PUBKEY; ++ X509_check_purpose; ++ ASN1_ENUMERATED_new; ++ d2i_RSA_PUBKEY_bio; ++ d2i_PUBKEY; ++ X509_TRUST_get_trust; ++ X509_TRUST_get_flags; ++ ASN1_BMPSTRING_free; ++ ASN1_T61STRING_new; ++ ASN1_UTCTIME_new; ++ i2d_AUTHORITY_INFO_ACCESS; ++ EVP_PKEY_set1_RSA; ++ X509_STORE_CTX_set_purpose; ++ ASN1_IA5STRING_free; ++ PEM_write_bio_X509_AUX; ++ X509_PURPOSE_get_count; ++ CRYPTO_add_info; ++ X509_NAME_ENTRY_create_by_txt; ++ ASN1_STRING_get_default_mask; ++ X509_alias_get0; ++ ASN1_STRING_data; ++ i2d_ACCESS_DESCRIPTION; ++ X509_trust_set_bit; ++ ASN1_BIT_STRING_free; ++ PEM_read_bio_RSA_PUBKEY; ++ X509_add1_reject_object; ++ X509_check_trust; ++ PEM_read_bio_DSA_PUBKEY; ++ X509_PURPOSE_add; ++ ASN1_STRING_TABLE_get; ++ ASN1_UTF8STRING_free; ++ d2i_DSA_PUBKEY_bio; ++ PEM_write_RSA_PUBKEY; ++ d2i_OTHERNAME; ++ X509_reject_set_bit; ++ PEM_write_DSA_PUBKEY; ++ X509_PURPOSE_get0_sname; ++ EVP_PKEY_set1_DH; ++ ASN1_OCTET_STRING_dup; ++ ASN1_BIT_STRING_set; ++ X509_TRUST_get_count; ++ ASN1_INTEGER_free; ++ OTHERNAME_free; ++ i2d_RSA_PUBKEY_fp; ++ ASN1_INTEGER_dup; ++ d2i_X509_CERT_AUX; ++ PEM_write_bio_PUBKEY; ++ ASN1_VISIBLESTRING_free; ++ X509_PURPOSE_cleanup; ++ ASN1_mbstring_ncopy; ++ ASN1_GENERALIZEDTIME_new; ++ EVP_PKEY_get1_DH; ++ ASN1_OCTET_STRING_new; ++ ASN1_INTEGER_new; ++ i2d_X509_AUX; ++ ASN1_BIT_STRING_name_print; ++ X509_cmp; ++ ASN1_STRING_length_set; ++ DIRECTORYSTRING_new; ++ X509_add1_trust_object; ++ PKCS12_newpass; ++ SMIME_write_PKCS7; ++ SMIME_read_PKCS7; ++ DES_set_key_checked; ++ PKCS7_verify; ++ PKCS7_encrypt; ++ DES_set_key_unchecked; ++ SMIME_crlf_copy; ++ i2d_ASN1_PRINTABLESTRING; ++ PKCS7_get0_signers; ++ PKCS7_decrypt; ++ SMIME_text; ++ PKCS7_simple_smimecap; ++ PKCS7_get_smimecap; ++ PKCS7_sign; ++ PKCS7_add_attrib_smimecap; ++ CRYPTO_dbg_set_options; ++ CRYPTO_remove_all_info; ++ CRYPTO_get_mem_debug_functions; ++ CRYPTO_is_mem_check_on; ++ CRYPTO_set_mem_debug_functions; ++ CRYPTO_pop_info; ++ CRYPTO_push_info_; ++ CRYPTO_set_mem_debug_options; ++ PEM_write_PKCS8PrivateKey_nid; ++ PEM_write_bio_PKCS8PrivateKey_nid; ++ PEM_write_bio_PKCS8PrivKey_nid; ++ d2i_PKCS8PrivateKey_bio; ++ ASN1_NULL_free; ++ d2i_ASN1_NULL; ++ ASN1_NULL_new; ++ i2d_PKCS8PrivateKey_bio; ++ i2d_PKCS8PrivateKey_fp; ++ i2d_ASN1_NULL; ++ i2d_PKCS8PrivateKey_nid_fp; ++ d2i_PKCS8PrivateKey_fp; ++ i2d_PKCS8PrivateKey_nid_bio; ++ i2d_PKCS8PrivateKeyInfo_fp; ++ i2d_PKCS8PrivateKeyInfo_bio; ++ PEM_cb; ++ i2d_PrivateKey_fp; ++ d2i_PrivateKey_bio; ++ d2i_PrivateKey_fp; ++ i2d_PrivateKey_bio; ++ X509_reject_clear; ++ X509_TRUST_set_default; ++ d2i_AutoPrivateKey; ++ X509_ATTRIBUTE_get0_type; ++ X509_ATTRIBUTE_set1_data; ++ X509at_get_attr; ++ X509at_get_attr_count; ++ X509_ATTRIBUTE_create_by_NID; ++ X509_ATTRIBUTE_set1_object; ++ X509_ATTRIBUTE_count; ++ X509_ATTRIBUTE_create_by_OBJ; ++ X509_ATTRIBUTE_get0_object; ++ X509at_get_attr_by_NID; ++ X509at_add1_attr; ++ X509_ATTRIBUTE_get0_data; ++ X509at_delete_attr; ++ X509at_get_attr_by_OBJ; ++ RAND_add; ++ BIO_number_written; ++ BIO_number_read; ++ X509_STORE_CTX_get1_chain; ++ ERR_load_RAND_strings; ++ RAND_pseudo_bytes; ++ X509_REQ_get_attr_by_NID; ++ X509_REQ_get_attr; ++ X509_REQ_add1_attr_by_NID; ++ X509_REQ_get_attr_by_OBJ; ++ X509at_add1_attr_by_NID; ++ X509_REQ_add1_attr_by_OBJ; ++ X509_REQ_get_attr_count; ++ X509_REQ_add1_attr; ++ X509_REQ_delete_attr; ++ X509at_add1_attr_by_OBJ; ++ X509_REQ_add1_attr_by_txt; ++ X509_ATTRIBUTE_create_by_txt; ++ X509at_add1_attr_by_txt; ++ BN_pseudo_rand; ++ BN_is_prime_fasttest; ++ BN_CTX_end; ++ BN_CTX_start; ++ BN_CTX_get; ++ EVP_PKEY2PKCS8_broken; ++ ASN1_STRING_TABLE_add; ++ CRYPTO_dbg_get_options; ++ AUTHORITY_INFO_ACCESS_new; ++ CRYPTO_get_mem_debug_options; ++ DES_crypt; ++ PEM_write_bio_X509_REQ_NEW; ++ PEM_write_X509_REQ_NEW; ++ BIO_callback_ctrl; ++ RAND_egd; ++ RAND_status; ++ bn_dump1; ++ DES_check_key_parity; ++ lh_num_items; ++ RAND_event; ++ DSO_new; ++ DSO_new_method; ++ DSO_free; ++ DSO_flags; ++ DSO_up; ++ DSO_set_default_method; ++ DSO_get_default_method; ++ DSO_get_method; ++ DSO_set_method; ++ DSO_load; ++ DSO_bind_var; ++ DSO_METHOD_null; ++ DSO_METHOD_openssl; ++ DSO_METHOD_dlfcn; ++ DSO_METHOD_win32; ++ ERR_load_DSO_strings; ++ DSO_METHOD_dl; ++ NCONF_load; ++ NCONF_load_fp; ++ NCONF_new; ++ NCONF_get_string; ++ NCONF_free; ++ NCONF_get_number; ++ CONF_dump_fp; ++ NCONF_load_bio; ++ NCONF_dump_fp; ++ NCONF_get_section; ++ NCONF_dump_bio; ++ CONF_dump_bio; ++ NCONF_free_data; ++ CONF_set_default_method; ++ ERR_error_string_n; ++ BIO_snprintf; ++ DSO_ctrl; ++ i2d_ASN1_SET_OF_ASN1_INTEGER; ++ i2d_ASN1_SET_OF_PKCS12_SAFEBAG; ++ i2d_ASN1_SET_OF_PKCS7; ++ BIO_vfree; ++ d2i_ASN1_SET_OF_ASN1_INTEGER; ++ d2i_ASN1_SET_OF_PKCS12_SAFEBAG; ++ ASN1_UTCTIME_get; ++ X509_REQ_digest; ++ X509_CRL_digest; ++ d2i_ASN1_SET_OF_PKCS7; ++ EVP_CIPHER_CTX_set_key_length; ++ EVP_CIPHER_CTX_ctrl; ++ BN_mod_exp_mont_word; ++ RAND_egd_bytes; ++ X509_REQ_get1_email; ++ X509_get1_email; ++ X509_email_free; ++ i2d_RSA_NET; ++ d2i_RSA_NET_2; ++ d2i_RSA_NET; ++ DSO_bind_func; ++ CRYPTO_get_new_dynlockid; ++ sk_new_null; ++ CRYPTO_set_dynlock_destroy_callback; ++ CRYPTO_set_dynlock_destroy_cb; ++ CRYPTO_destroy_dynlockid; ++ CRYPTO_set_dynlock_size; ++ CRYPTO_set_dynlock_create_callback; ++ CRYPTO_set_dynlock_create_cb; ++ CRYPTO_set_dynlock_lock_callback; ++ CRYPTO_set_dynlock_lock_cb; ++ CRYPTO_get_dynlock_lock_callback; ++ CRYPTO_get_dynlock_lock_cb; ++ CRYPTO_get_dynlock_destroy_callback; ++ CRYPTO_get_dynlock_destroy_cb; ++ CRYPTO_get_dynlock_value; ++ CRYPTO_get_dynlock_create_callback; ++ CRYPTO_get_dynlock_create_cb; ++ c2i_ASN1_BIT_STRING; ++ i2c_ASN1_BIT_STRING; ++ RAND_poll; ++ c2i_ASN1_INTEGER; ++ i2c_ASN1_INTEGER; ++ BIO_dump_indent; ++ ASN1_parse_dump; ++ c2i_ASN1_OBJECT; ++ X509_NAME_print_ex_fp; ++ ASN1_STRING_print_ex_fp; ++ X509_NAME_print_ex; ++ ASN1_STRING_print_ex; ++ MD4; ++ MD4_Transform; ++ MD4_Final; ++ MD4_Update; ++ MD4_Init; ++ EVP_md4; ++ i2d_PUBKEY_bio; ++ i2d_PUBKEY_fp; ++ d2i_PUBKEY_bio; ++ ASN1_STRING_to_UTF8; ++ BIO_vprintf; ++ BIO_vsnprintf; ++ d2i_PUBKEY_fp; ++ X509_cmp_time; ++ X509_STORE_CTX_set_time; ++ X509_STORE_CTX_get1_issuer; ++ X509_OBJECT_retrieve_match; ++ X509_OBJECT_idx_by_subject; ++ X509_STORE_CTX_set_flags; ++ X509_STORE_CTX_trusted_stack; ++ X509_time_adj; ++ X509_check_issued; ++ ASN1_UTCTIME_cmp_time_t; ++ DES_set_weak_key_flag; ++ DES_check_key; ++ DES_rw_mode; ++ RSA_PKCS1_RSAref; ++ X509_keyid_set1; ++ BIO_next; ++ DSO_METHOD_vms; ++ BIO_f_linebuffer; ++ BN_bntest_rand; ++ OPENSSL_issetugid; ++ BN_rand_range; ++ ERR_load_ENGINE_strings; ++ ENGINE_set_DSA; ++ ENGINE_get_finish_function; ++ ENGINE_get_default_RSA; ++ ENGINE_get_BN_mod_exp; ++ DSA_get_default_openssl_method; ++ ENGINE_set_DH; ++ ENGINE_set_def_BN_mod_exp_crt; ++ ENGINE_set_default_BN_mod_exp_crt; ++ ENGINE_init; ++ DH_get_default_openssl_method; ++ RSA_set_default_openssl_method; ++ ENGINE_finish; ++ ENGINE_load_public_key; ++ ENGINE_get_DH; ++ ENGINE_ctrl; ++ ENGINE_get_init_function; ++ ENGINE_set_init_function; ++ ENGINE_set_default_DSA; ++ ENGINE_get_name; ++ ENGINE_get_last; ++ ENGINE_get_prev; ++ ENGINE_get_default_DH; ++ ENGINE_get_RSA; ++ ENGINE_set_default; ++ ENGINE_get_RAND; ++ ENGINE_get_first; ++ ENGINE_by_id; ++ ENGINE_set_finish_function; ++ ENGINE_get_def_BN_mod_exp_crt; ++ ENGINE_get_default_BN_mod_exp_crt; ++ RSA_get_default_openssl_method; ++ ENGINE_set_RSA; ++ ENGINE_load_private_key; ++ ENGINE_set_default_RAND; ++ ENGINE_set_BN_mod_exp; ++ ENGINE_remove; ++ ENGINE_free; ++ ENGINE_get_BN_mod_exp_crt; ++ ENGINE_get_next; ++ ENGINE_set_name; ++ ENGINE_get_default_DSA; ++ ENGINE_set_default_BN_mod_exp; ++ ENGINE_set_default_RSA; ++ ENGINE_get_default_RAND; ++ ENGINE_get_default_BN_mod_exp; ++ ENGINE_set_RAND; ++ ENGINE_set_id; ++ ENGINE_set_BN_mod_exp_crt; ++ ENGINE_set_default_DH; ++ ENGINE_new; ++ ENGINE_get_id; ++ DSA_set_default_openssl_method; ++ ENGINE_add; ++ DH_set_default_openssl_method; ++ ENGINE_get_DSA; ++ ENGINE_get_ctrl_function; ++ ENGINE_set_ctrl_function; ++ BN_pseudo_rand_range; ++ X509_STORE_CTX_set_verify_cb; ++ ERR_load_COMP_strings; ++ PKCS12_item_decrypt_d2i; ++ ASN1_UTF8STRING_it; ++ ASN1_UTF8STRING_it; ++ ENGINE_unregister_ciphers; ++ ENGINE_get_ciphers; ++ d2i_OCSP_BASICRESP; ++ KRB5_CHECKSUM_it; ++ KRB5_CHECKSUM_it; ++ EC_POINT_add; ++ ASN1_item_ex_i2d; ++ OCSP_CERTID_it; ++ OCSP_CERTID_it; ++ d2i_OCSP_RESPBYTES; ++ X509V3_add1_i2d; ++ PKCS7_ENVELOPE_it; ++ PKCS7_ENVELOPE_it; ++ UI_add_input_boolean; ++ ENGINE_unregister_RSA; ++ X509V3_EXT_nconf; ++ ASN1_GENERALSTRING_free; ++ d2i_OCSP_CERTSTATUS; ++ X509_REVOKED_set_serialNumber; ++ X509_print_ex; ++ OCSP_ONEREQ_get1_ext_d2i; ++ ENGINE_register_all_RAND; ++ ENGINE_load_dynamic; ++ PBKDF2PARAM_it; ++ PBKDF2PARAM_it; ++ EXTENDED_KEY_USAGE_new; ++ EC_GROUP_clear_free; ++ OCSP_sendreq_bio; ++ ASN1_item_digest; ++ OCSP_BASICRESP_delete_ext; ++ OCSP_SIGNATURE_it; ++ OCSP_SIGNATURE_it; ++ X509_CRL_it; ++ X509_CRL_it; ++ OCSP_BASICRESP_add_ext; ++ KRB5_ENCKEY_it; ++ KRB5_ENCKEY_it; ++ UI_method_set_closer; ++ X509_STORE_set_purpose; ++ i2d_ASN1_GENERALSTRING; ++ OCSP_response_status; ++ i2d_OCSP_SERVICELOC; ++ ENGINE_get_digest_engine; ++ EC_GROUP_set_curve_GFp; ++ OCSP_REQUEST_get_ext_by_OBJ; ++ _ossl_old_des_random_key; ++ ASN1_T61STRING_it; ++ ASN1_T61STRING_it; ++ EC_GROUP_method_of; ++ i2d_KRB5_APREQ; ++ _ossl_old_des_encrypt; ++ ASN1_PRINTABLE_new; ++ HMAC_Init_ex; ++ d2i_KRB5_AUTHENT; ++ OCSP_archive_cutoff_new; ++ EC_POINT_set_Jprojective_coordinates_GFp; ++ EC_POINT_set_Jproj_coords_GFp; ++ _ossl_old_des_is_weak_key; ++ OCSP_BASICRESP_get_ext_by_OBJ; ++ EC_POINT_oct2point; ++ OCSP_SINGLERESP_get_ext_count; ++ UI_ctrl; ++ _shadow_DES_rw_mode; ++ _shadow_DES_rw_mode; ++ asn1_do_adb; ++ ASN1_template_i2d; ++ ENGINE_register_DH; ++ UI_construct_prompt; ++ X509_STORE_set_trust; ++ UI_dup_input_string; ++ d2i_KRB5_APREQ; ++ EVP_MD_CTX_copy_ex; ++ OCSP_request_is_signed; ++ i2d_OCSP_REQINFO; ++ KRB5_ENCKEY_free; ++ OCSP_resp_get0; ++ GENERAL_NAME_it; ++ GENERAL_NAME_it; ++ ASN1_GENERALIZEDTIME_it; ++ ASN1_GENERALIZEDTIME_it; ++ X509_STORE_set_flags; ++ EC_POINT_set_compressed_coordinates_GFp; ++ EC_POINT_set_compr_coords_GFp; ++ OCSP_response_status_str; ++ d2i_OCSP_REVOKEDINFO; ++ OCSP_basic_add1_cert; ++ ERR_get_implementation; ++ EVP_CipherFinal_ex; ++ OCSP_CERTSTATUS_new; ++ CRYPTO_cleanup_all_ex_data; ++ OCSP_resp_find; ++ BN_nnmod; ++ X509_CRL_sort; ++ X509_REVOKED_set_revocationDate; ++ ENGINE_register_RAND; ++ OCSP_SERVICELOC_new; ++ EC_POINT_set_affine_coordinates_GFp; ++ EC_POINT_set_affine_coords_GFp; ++ _ossl_old_des_options; ++ SXNET_it; ++ SXNET_it; ++ UI_dup_input_boolean; ++ PKCS12_add_CSPName_asc; ++ EC_POINT_is_at_infinity; ++ ENGINE_load_cryptodev; ++ DSO_convert_filename; ++ POLICYQUALINFO_it; ++ POLICYQUALINFO_it; ++ ENGINE_register_ciphers; ++ BN_mod_lshift_quick; ++ DSO_set_filename; ++ ASN1_item_free; ++ KRB5_TKTBODY_free; ++ AUTHORITY_KEYID_it; ++ AUTHORITY_KEYID_it; ++ KRB5_APREQBODY_new; ++ X509V3_EXT_REQ_add_nconf; ++ ENGINE_ctrl_cmd_string; ++ i2d_OCSP_RESPDATA; ++ EVP_MD_CTX_init; ++ EXTENDED_KEY_USAGE_free; ++ PKCS7_ATTR_SIGN_it; ++ PKCS7_ATTR_SIGN_it; ++ UI_add_error_string; ++ KRB5_CHECKSUM_free; ++ OCSP_REQUEST_get_ext; ++ ENGINE_load_ubsec; ++ ENGINE_register_all_digests; ++ PKEY_USAGE_PERIOD_it; ++ PKEY_USAGE_PERIOD_it; ++ PKCS12_unpack_authsafes; ++ ASN1_item_unpack; ++ NETSCAPE_SPKAC_it; ++ NETSCAPE_SPKAC_it; ++ X509_REVOKED_it; ++ X509_REVOKED_it; ++ ASN1_STRING_encode; ++ EVP_aes_128_ecb; ++ KRB5_AUTHENT_free; ++ OCSP_BASICRESP_get_ext_by_critical; ++ OCSP_BASICRESP_get_ext_by_crit; ++ OCSP_cert_status_str; ++ d2i_OCSP_REQUEST; ++ UI_dup_info_string; ++ _ossl_old_des_xwhite_in2out; ++ PKCS12_it; ++ PKCS12_it; ++ OCSP_SINGLERESP_get_ext_by_critical; ++ OCSP_SINGLERESP_get_ext_by_crit; ++ OCSP_CERTSTATUS_free; ++ _ossl_old_des_crypt; ++ ASN1_item_i2d; ++ EVP_DecryptFinal_ex; ++ ENGINE_load_openssl; ++ ENGINE_get_cmd_defns; ++ ENGINE_set_load_privkey_function; ++ ENGINE_set_load_privkey_fn; ++ EVP_EncryptFinal_ex; ++ ENGINE_set_default_digests; ++ X509_get0_pubkey_bitstr; ++ asn1_ex_i2c; ++ ENGINE_register_RSA; ++ ENGINE_unregister_DSA; ++ _ossl_old_des_key_sched; ++ X509_EXTENSION_it; ++ X509_EXTENSION_it; ++ i2d_KRB5_AUTHENT; ++ SXNETID_it; ++ SXNETID_it; ++ d2i_OCSP_SINGLERESP; ++ EDIPARTYNAME_new; ++ PKCS12_certbag2x509; ++ _ossl_old_des_ofb64_encrypt; ++ d2i_EXTENDED_KEY_USAGE; ++ ERR_print_errors_cb; ++ ENGINE_set_ciphers; ++ d2i_KRB5_APREQBODY; ++ UI_method_get_flusher; ++ X509_PUBKEY_it; ++ X509_PUBKEY_it; ++ _ossl_old_des_enc_read; ++ PKCS7_ENCRYPT_it; ++ PKCS7_ENCRYPT_it; ++ i2d_OCSP_RESPONSE; ++ EC_GROUP_get_cofactor; ++ PKCS12_unpack_p7data; ++ d2i_KRB5_AUTHDATA; ++ OCSP_copy_nonce; ++ KRB5_AUTHDATA_new; ++ OCSP_RESPDATA_new; ++ EC_GFp_mont_method; ++ OCSP_REVOKEDINFO_free; ++ UI_get_ex_data; ++ KRB5_APREQBODY_free; ++ EC_GROUP_get0_generator; ++ UI_get_default_method; ++ X509V3_set_nconf; ++ PKCS12_item_i2d_encrypt; ++ X509_add1_ext_i2d; ++ PKCS7_SIGNER_INFO_it; ++ PKCS7_SIGNER_INFO_it; ++ KRB5_PRINCNAME_new; ++ PKCS12_SAFEBAG_it; ++ PKCS12_SAFEBAG_it; ++ EC_GROUP_get_order; ++ d2i_OCSP_RESPID; ++ OCSP_request_verify; ++ NCONF_get_number_e; ++ _ossl_old_des_decrypt3; ++ X509_signature_print; ++ OCSP_SINGLERESP_free; ++ ENGINE_load_builtin_engines; ++ i2d_OCSP_ONEREQ; ++ OCSP_REQUEST_add_ext; ++ OCSP_RESPBYTES_new; ++ EVP_MD_CTX_create; ++ OCSP_resp_find_status; ++ X509_ALGOR_it; ++ X509_ALGOR_it; ++ ASN1_TIME_it; ++ ASN1_TIME_it; ++ OCSP_request_set1_name; ++ OCSP_ONEREQ_get_ext_count; ++ UI_get0_result; ++ PKCS12_AUTHSAFES_it; ++ PKCS12_AUTHSAFES_it; ++ EVP_aes_256_ecb; ++ PKCS12_pack_authsafes; ++ ASN1_IA5STRING_it; ++ ASN1_IA5STRING_it; ++ UI_get_input_flags; ++ EC_GROUP_set_generator; ++ _ossl_old_des_string_to_2keys; ++ OCSP_CERTID_free; ++ X509_CERT_AUX_it; ++ X509_CERT_AUX_it; ++ CERTIFICATEPOLICIES_it; ++ CERTIFICATEPOLICIES_it; ++ _ossl_old_des_ede3_cbc_encrypt; ++ RAND_set_rand_engine; ++ DSO_get_loaded_filename; ++ X509_ATTRIBUTE_it; ++ X509_ATTRIBUTE_it; ++ OCSP_ONEREQ_get_ext_by_NID; ++ PKCS12_decrypt_skey; ++ KRB5_AUTHENT_it; ++ KRB5_AUTHENT_it; ++ UI_dup_error_string; ++ RSAPublicKey_it; ++ RSAPublicKey_it; ++ i2d_OCSP_REQUEST; ++ PKCS12_x509crl2certbag; ++ OCSP_SERVICELOC_it; ++ OCSP_SERVICELOC_it; ++ ASN1_item_sign; ++ X509_CRL_set_issuer_name; ++ OBJ_NAME_do_all_sorted; ++ i2d_OCSP_BASICRESP; ++ i2d_OCSP_RESPBYTES; ++ PKCS12_unpack_p7encdata; ++ HMAC_CTX_init; ++ ENGINE_get_digest; ++ OCSP_RESPONSE_print; ++ KRB5_TKTBODY_it; ++ KRB5_TKTBODY_it; ++ ACCESS_DESCRIPTION_it; ++ ACCESS_DESCRIPTION_it; ++ PKCS7_ISSUER_AND_SERIAL_it; ++ PKCS7_ISSUER_AND_SERIAL_it; ++ PBE2PARAM_it; ++ PBE2PARAM_it; ++ PKCS12_certbag2x509crl; ++ PKCS7_SIGNED_it; ++ PKCS7_SIGNED_it; ++ ENGINE_get_cipher; ++ i2d_OCSP_CRLID; ++ OCSP_SINGLERESP_new; ++ ENGINE_cmd_is_executable; ++ RSA_up_ref; ++ ASN1_GENERALSTRING_it; ++ ASN1_GENERALSTRING_it; ++ ENGINE_register_DSA; ++ X509V3_EXT_add_nconf_sk; ++ ENGINE_set_load_pubkey_function; ++ PKCS8_decrypt; ++ PEM_bytes_read_bio; ++ DIRECTORYSTRING_it; ++ DIRECTORYSTRING_it; ++ d2i_OCSP_CRLID; ++ EC_POINT_is_on_curve; ++ CRYPTO_set_locked_mem_ex_functions; ++ CRYPTO_set_locked_mem_ex_funcs; ++ d2i_KRB5_CHECKSUM; ++ ASN1_item_dup; ++ X509_it; ++ X509_it; ++ BN_mod_add; ++ KRB5_AUTHDATA_free; ++ _ossl_old_des_cbc_cksum; ++ ASN1_item_verify; ++ CRYPTO_set_mem_ex_functions; ++ EC_POINT_get_Jprojective_coordinates_GFp; ++ EC_POINT_get_Jproj_coords_GFp; ++ ZLONG_it; ++ ZLONG_it; ++ CRYPTO_get_locked_mem_ex_functions; ++ CRYPTO_get_locked_mem_ex_funcs; ++ ASN1_TIME_check; ++ UI_get0_user_data; ++ HMAC_CTX_cleanup; ++ DSA_up_ref; ++ _ossl_old_des_ede3_cfb64_encrypt; ++ _ossl_odes_ede3_cfb64_encrypt; ++ ASN1_BMPSTRING_it; ++ ASN1_BMPSTRING_it; ++ ASN1_tag2bit; ++ UI_method_set_flusher; ++ X509_ocspid_print; ++ KRB5_ENCDATA_it; ++ KRB5_ENCDATA_it; ++ ENGINE_get_load_pubkey_function; ++ UI_add_user_data; ++ OCSP_REQUEST_delete_ext; ++ UI_get_method; ++ OCSP_ONEREQ_free; ++ ASN1_PRINTABLESTRING_it; ++ ASN1_PRINTABLESTRING_it; ++ X509_CRL_set_nextUpdate; ++ OCSP_REQUEST_it; ++ OCSP_REQUEST_it; ++ OCSP_BASICRESP_it; ++ OCSP_BASICRESP_it; ++ AES_ecb_encrypt; ++ BN_mod_sqr; ++ NETSCAPE_CERT_SEQUENCE_it; ++ NETSCAPE_CERT_SEQUENCE_it; ++ GENERAL_NAMES_it; ++ GENERAL_NAMES_it; ++ AUTHORITY_INFO_ACCESS_it; ++ AUTHORITY_INFO_ACCESS_it; ++ ASN1_FBOOLEAN_it; ++ ASN1_FBOOLEAN_it; ++ UI_set_ex_data; ++ _ossl_old_des_string_to_key; ++ ENGINE_register_all_RSA; ++ d2i_KRB5_PRINCNAME; ++ OCSP_RESPBYTES_it; ++ OCSP_RESPBYTES_it; ++ X509_CINF_it; ++ X509_CINF_it; ++ ENGINE_unregister_digests; ++ d2i_EDIPARTYNAME; ++ d2i_OCSP_SERVICELOC; ++ ENGINE_get_digests; ++ _ossl_old_des_set_odd_parity; ++ OCSP_RESPDATA_free; ++ d2i_KRB5_TICKET; ++ OTHERNAME_it; ++ OTHERNAME_it; ++ EVP_MD_CTX_cleanup; ++ d2i_ASN1_GENERALSTRING; ++ X509_CRL_set_version; ++ BN_mod_sub; ++ OCSP_SINGLERESP_get_ext_by_NID; ++ ENGINE_get_ex_new_index; ++ OCSP_REQUEST_free; ++ OCSP_REQUEST_add1_ext_i2d; ++ X509_VAL_it; ++ X509_VAL_it; ++ EC_POINTs_make_affine; ++ EC_POINT_mul; ++ X509V3_EXT_add_nconf; ++ X509_TRUST_set; ++ X509_CRL_add1_ext_i2d; ++ _ossl_old_des_fcrypt; ++ DISPLAYTEXT_it; ++ DISPLAYTEXT_it; ++ X509_CRL_set_lastUpdate; ++ OCSP_BASICRESP_free; ++ OCSP_BASICRESP_add1_ext_i2d; ++ d2i_KRB5_AUTHENTBODY; ++ CRYPTO_set_ex_data_implementation; ++ CRYPTO_set_ex_data_impl; ++ KRB5_ENCDATA_new; ++ DSO_up_ref; ++ OCSP_crl_reason_str; ++ UI_get0_result_string; ++ ASN1_GENERALSTRING_new; ++ X509_SIG_it; ++ X509_SIG_it; ++ ERR_set_implementation; ++ ERR_load_EC_strings; ++ UI_get0_action_string; ++ OCSP_ONEREQ_get_ext; ++ EC_POINT_method_of; ++ i2d_KRB5_APREQBODY; ++ _ossl_old_des_ecb3_encrypt; ++ CRYPTO_get_mem_ex_functions; ++ ENGINE_get_ex_data; ++ UI_destroy_method; ++ ASN1_item_i2d_bio; ++ OCSP_ONEREQ_get_ext_by_OBJ; ++ ASN1_primitive_new; ++ ASN1_PRINTABLE_it; ++ ASN1_PRINTABLE_it; ++ EVP_aes_192_ecb; ++ OCSP_SIGNATURE_new; ++ LONG_it; ++ LONG_it; ++ ASN1_VISIBLESTRING_it; ++ ASN1_VISIBLESTRING_it; ++ OCSP_SINGLERESP_add1_ext_i2d; ++ d2i_OCSP_CERTID; ++ ASN1_item_d2i_fp; ++ CRL_DIST_POINTS_it; ++ CRL_DIST_POINTS_it; ++ GENERAL_NAME_print; ++ OCSP_SINGLERESP_delete_ext; ++ PKCS12_SAFEBAGS_it; ++ PKCS12_SAFEBAGS_it; ++ d2i_OCSP_SIGNATURE; ++ OCSP_request_add1_nonce; ++ ENGINE_set_cmd_defns; ++ OCSP_SERVICELOC_free; ++ EC_GROUP_free; ++ ASN1_BIT_STRING_it; ++ ASN1_BIT_STRING_it; ++ X509_REQ_it; ++ X509_REQ_it; ++ _ossl_old_des_cbc_encrypt; ++ ERR_unload_strings; ++ PKCS7_SIGN_ENVELOPE_it; ++ PKCS7_SIGN_ENVELOPE_it; ++ EDIPARTYNAME_free; ++ OCSP_REQINFO_free; ++ EC_GROUP_new_curve_GFp; ++ OCSP_REQUEST_get1_ext_d2i; ++ PKCS12_item_pack_safebag; ++ asn1_ex_c2i; ++ ENGINE_register_digests; ++ i2d_OCSP_REVOKEDINFO; ++ asn1_enc_restore; ++ UI_free; ++ UI_new_method; ++ EVP_EncryptInit_ex; ++ X509_pubkey_digest; ++ EC_POINT_invert; ++ OCSP_basic_sign; ++ i2d_OCSP_RESPID; ++ OCSP_check_nonce; ++ ENGINE_ctrl_cmd; ++ d2i_KRB5_ENCKEY; ++ OCSP_parse_url; ++ OCSP_SINGLERESP_get_ext; ++ OCSP_CRLID_free; ++ OCSP_BASICRESP_get1_ext_d2i; ++ RSAPrivateKey_it; ++ RSAPrivateKey_it; ++ ENGINE_register_all_DH; ++ i2d_EDIPARTYNAME; ++ EC_POINT_get_affine_coordinates_GFp; ++ EC_POINT_get_affine_coords_GFp; ++ OCSP_CRLID_new; ++ ENGINE_get_flags; ++ OCSP_ONEREQ_it; ++ OCSP_ONEREQ_it; ++ UI_process; ++ ASN1_INTEGER_it; ++ ASN1_INTEGER_it; ++ EVP_CipherInit_ex; ++ UI_get_string_type; ++ ENGINE_unregister_DH; ++ ENGINE_register_all_DSA; ++ OCSP_ONEREQ_get_ext_by_critical; ++ bn_dup_expand; ++ OCSP_cert_id_new; ++ BASIC_CONSTRAINTS_it; ++ BASIC_CONSTRAINTS_it; ++ BN_mod_add_quick; ++ EC_POINT_new; ++ EVP_MD_CTX_destroy; ++ OCSP_RESPBYTES_free; ++ EVP_aes_128_cbc; ++ OCSP_SINGLERESP_get1_ext_d2i; ++ EC_POINT_free; ++ DH_up_ref; ++ X509_NAME_ENTRY_it; ++ X509_NAME_ENTRY_it; ++ UI_get_ex_new_index; ++ BN_mod_sub_quick; ++ OCSP_ONEREQ_add_ext; ++ OCSP_request_sign; ++ EVP_DigestFinal_ex; ++ ENGINE_set_digests; ++ OCSP_id_issuer_cmp; ++ OBJ_NAME_do_all; ++ EC_POINTs_mul; ++ ENGINE_register_complete; ++ X509V3_EXT_nconf_nid; ++ ASN1_SEQUENCE_it; ++ ASN1_SEQUENCE_it; ++ UI_set_default_method; ++ RAND_query_egd_bytes; ++ UI_method_get_writer; ++ UI_OpenSSL; ++ PEM_def_callback; ++ ENGINE_cleanup; ++ DIST_POINT_it; ++ DIST_POINT_it; ++ OCSP_SINGLERESP_it; ++ OCSP_SINGLERESP_it; ++ d2i_KRB5_TKTBODY; ++ EC_POINT_cmp; ++ OCSP_REVOKEDINFO_new; ++ i2d_OCSP_CERTSTATUS; ++ OCSP_basic_add1_nonce; ++ ASN1_item_ex_d2i; ++ BN_mod_lshift1_quick; ++ UI_set_method; ++ OCSP_id_get0_info; ++ BN_mod_sqrt; ++ EC_GROUP_copy; ++ KRB5_ENCDATA_free; ++ _ossl_old_des_cfb_encrypt; ++ OCSP_SINGLERESP_get_ext_by_OBJ; ++ OCSP_cert_to_id; ++ OCSP_RESPID_new; ++ OCSP_RESPDATA_it; ++ OCSP_RESPDATA_it; ++ d2i_OCSP_RESPDATA; ++ ENGINE_register_all_complete; ++ OCSP_check_validity; ++ PKCS12_BAGS_it; ++ PKCS12_BAGS_it; ++ OCSP_url_svcloc_new; ++ ASN1_template_free; ++ OCSP_SINGLERESP_add_ext; ++ KRB5_AUTHENTBODY_it; ++ KRB5_AUTHENTBODY_it; ++ X509_supported_extension; ++ i2d_KRB5_AUTHDATA; ++ UI_method_get_opener; ++ ENGINE_set_ex_data; ++ OCSP_REQUEST_print; ++ CBIGNUM_it; ++ CBIGNUM_it; ++ KRB5_TICKET_new; ++ KRB5_APREQ_new; ++ EC_GROUP_get_curve_GFp; ++ KRB5_ENCKEY_new; ++ ASN1_template_d2i; ++ _ossl_old_des_quad_cksum; ++ OCSP_single_get0_status; ++ BN_swap; ++ POLICYINFO_it; ++ POLICYINFO_it; ++ ENGINE_set_destroy_function; ++ asn1_enc_free; ++ OCSP_RESPID_it; ++ OCSP_RESPID_it; ++ EC_GROUP_new; ++ EVP_aes_256_cbc; ++ i2d_KRB5_PRINCNAME; ++ _ossl_old_des_encrypt2; ++ _ossl_old_des_encrypt3; ++ PKCS8_PRIV_KEY_INFO_it; ++ PKCS8_PRIV_KEY_INFO_it; ++ OCSP_REQINFO_it; ++ OCSP_REQINFO_it; ++ PBEPARAM_it; ++ PBEPARAM_it; ++ KRB5_AUTHENTBODY_new; ++ X509_CRL_add0_revoked; ++ EDIPARTYNAME_it; ++ EDIPARTYNAME_it; ++ NETSCAPE_SPKI_it; ++ NETSCAPE_SPKI_it; ++ UI_get0_test_string; ++ ENGINE_get_cipher_engine; ++ ENGINE_register_all_ciphers; ++ EC_POINT_copy; ++ BN_kronecker; ++ _ossl_old_des_ede3_ofb64_encrypt; ++ _ossl_odes_ede3_ofb64_encrypt; ++ UI_method_get_reader; ++ OCSP_BASICRESP_get_ext_count; ++ ASN1_ENUMERATED_it; ++ ASN1_ENUMERATED_it; ++ UI_set_result; ++ i2d_KRB5_TICKET; ++ X509_print_ex_fp; ++ EVP_CIPHER_CTX_set_padding; ++ d2i_OCSP_RESPONSE; ++ ASN1_UTCTIME_it; ++ ASN1_UTCTIME_it; ++ _ossl_old_des_enc_write; ++ OCSP_RESPONSE_new; ++ AES_set_encrypt_key; ++ OCSP_resp_count; ++ KRB5_CHECKSUM_new; ++ ENGINE_load_cswift; ++ OCSP_onereq_get0_id; ++ ENGINE_set_default_ciphers; ++ NOTICEREF_it; ++ NOTICEREF_it; ++ X509V3_EXT_CRL_add_nconf; ++ OCSP_REVOKEDINFO_it; ++ OCSP_REVOKEDINFO_it; ++ AES_encrypt; ++ OCSP_REQUEST_new; ++ ASN1_ANY_it; ++ ASN1_ANY_it; ++ CRYPTO_ex_data_new_class; ++ _ossl_old_des_ncbc_encrypt; ++ i2d_KRB5_TKTBODY; ++ EC_POINT_clear_free; ++ AES_decrypt; ++ asn1_enc_init; ++ UI_get_result_maxsize; ++ OCSP_CERTID_new; ++ ENGINE_unregister_RAND; ++ UI_method_get_closer; ++ d2i_KRB5_ENCDATA; ++ OCSP_request_onereq_count; ++ OCSP_basic_verify; ++ KRB5_AUTHENTBODY_free; ++ ASN1_item_d2i; ++ ASN1_primitive_free; ++ i2d_EXTENDED_KEY_USAGE; ++ i2d_OCSP_SIGNATURE; ++ asn1_enc_save; ++ ENGINE_load_nuron; ++ _ossl_old_des_pcbc_encrypt; ++ PKCS12_MAC_DATA_it; ++ PKCS12_MAC_DATA_it; ++ OCSP_accept_responses_new; ++ asn1_do_lock; ++ PKCS7_ATTR_VERIFY_it; ++ PKCS7_ATTR_VERIFY_it; ++ KRB5_APREQBODY_it; ++ KRB5_APREQBODY_it; ++ i2d_OCSP_SINGLERESP; ++ ASN1_item_ex_new; ++ UI_add_verify_string; ++ _ossl_old_des_set_key; ++ KRB5_PRINCNAME_it; ++ KRB5_PRINCNAME_it; ++ EVP_DecryptInit_ex; ++ i2d_OCSP_CERTID; ++ ASN1_item_d2i_bio; ++ EC_POINT_dbl; ++ asn1_get_choice_selector; ++ i2d_KRB5_CHECKSUM; ++ ENGINE_set_table_flags; ++ AES_options; ++ ENGINE_load_chil; ++ OCSP_id_cmp; ++ OCSP_BASICRESP_new; ++ OCSP_REQUEST_get_ext_by_NID; ++ KRB5_APREQ_it; ++ KRB5_APREQ_it; ++ ENGINE_get_destroy_function; ++ CONF_set_nconf; ++ ASN1_PRINTABLE_free; ++ OCSP_BASICRESP_get_ext_by_NID; ++ DIST_POINT_NAME_it; ++ DIST_POINT_NAME_it; ++ X509V3_extensions_print; ++ _ossl_old_des_cfb64_encrypt; ++ X509_REVOKED_add1_ext_i2d; ++ _ossl_old_des_ofb_encrypt; ++ KRB5_TKTBODY_new; ++ ASN1_OCTET_STRING_it; ++ ASN1_OCTET_STRING_it; ++ ERR_load_UI_strings; ++ i2d_KRB5_ENCKEY; ++ ASN1_template_new; ++ OCSP_SIGNATURE_free; ++ ASN1_item_i2d_fp; ++ KRB5_PRINCNAME_free; ++ PKCS7_RECIP_INFO_it; ++ PKCS7_RECIP_INFO_it; ++ EXTENDED_KEY_USAGE_it; ++ EXTENDED_KEY_USAGE_it; ++ EC_GFp_simple_method; ++ EC_GROUP_precompute_mult; ++ OCSP_request_onereq_get0; ++ UI_method_set_writer; ++ KRB5_AUTHENT_new; ++ X509_CRL_INFO_it; ++ X509_CRL_INFO_it; ++ DSO_set_name_converter; ++ AES_set_decrypt_key; ++ PKCS7_DIGEST_it; ++ PKCS7_DIGEST_it; ++ PKCS12_x5092certbag; ++ EVP_DigestInit_ex; ++ i2a_ACCESS_DESCRIPTION; ++ OCSP_RESPONSE_it; ++ OCSP_RESPONSE_it; ++ PKCS7_ENC_CONTENT_it; ++ PKCS7_ENC_CONTENT_it; ++ OCSP_request_add0_id; ++ EC_POINT_make_affine; ++ DSO_get_filename; ++ OCSP_CERTSTATUS_it; ++ OCSP_CERTSTATUS_it; ++ OCSP_request_add1_cert; ++ UI_get0_output_string; ++ UI_dup_verify_string; ++ BN_mod_lshift; ++ KRB5_AUTHDATA_it; ++ KRB5_AUTHDATA_it; ++ asn1_set_choice_selector; ++ OCSP_basic_add1_status; ++ OCSP_RESPID_free; ++ asn1_get_field_ptr; ++ UI_add_input_string; ++ OCSP_CRLID_it; ++ OCSP_CRLID_it; ++ i2d_KRB5_AUTHENTBODY; ++ OCSP_REQUEST_get_ext_count; ++ ENGINE_load_atalla; ++ X509_NAME_it; ++ X509_NAME_it; ++ USERNOTICE_it; ++ USERNOTICE_it; ++ OCSP_REQINFO_new; ++ OCSP_BASICRESP_get_ext; ++ CRYPTO_get_ex_data_implementation; ++ CRYPTO_get_ex_data_impl; ++ ASN1_item_pack; ++ i2d_KRB5_ENCDATA; ++ X509_PURPOSE_set; ++ X509_REQ_INFO_it; ++ X509_REQ_INFO_it; ++ UI_method_set_opener; ++ ASN1_item_ex_free; ++ ASN1_BOOLEAN_it; ++ ASN1_BOOLEAN_it; ++ ENGINE_get_table_flags; ++ UI_create_method; ++ OCSP_ONEREQ_add1_ext_i2d; ++ _shadow_DES_check_key; ++ _shadow_DES_check_key; ++ d2i_OCSP_REQINFO; ++ UI_add_info_string; ++ UI_get_result_minsize; ++ ASN1_NULL_it; ++ ASN1_NULL_it; ++ BN_mod_lshift1; ++ d2i_OCSP_ONEREQ; ++ OCSP_ONEREQ_new; ++ KRB5_TICKET_it; ++ KRB5_TICKET_it; ++ EVP_aes_192_cbc; ++ KRB5_TICKET_free; ++ UI_new; ++ OCSP_response_create; ++ _ossl_old_des_xcbc_encrypt; ++ PKCS7_it; ++ PKCS7_it; ++ OCSP_REQUEST_get_ext_by_critical; ++ OCSP_REQUEST_get_ext_by_crit; ++ ENGINE_set_flags; ++ _ossl_old_des_ecb_encrypt; ++ OCSP_response_get1_basic; ++ EVP_Digest; ++ OCSP_ONEREQ_delete_ext; ++ ASN1_TBOOLEAN_it; ++ ASN1_TBOOLEAN_it; ++ ASN1_item_new; ++ ASN1_TIME_to_generalizedtime; ++ BIGNUM_it; ++ BIGNUM_it; ++ AES_cbc_encrypt; ++ ENGINE_get_load_privkey_function; ++ ENGINE_get_load_privkey_fn; ++ OCSP_RESPONSE_free; ++ UI_method_set_reader; ++ i2d_ASN1_T61STRING; ++ EC_POINT_set_to_infinity; ++ ERR_load_OCSP_strings; ++ EC_POINT_point2oct; ++ KRB5_APREQ_free; ++ ASN1_OBJECT_it; ++ ASN1_OBJECT_it; ++ OCSP_crlID_new; ++ OCSP_crlID2_new; ++ CONF_modules_load_file; ++ CONF_imodule_set_usr_data; ++ ENGINE_set_default_string; ++ CONF_module_get_usr_data; ++ ASN1_add_oid_module; ++ CONF_modules_finish; ++ OPENSSL_config; ++ CONF_modules_unload; ++ CONF_imodule_get_value; ++ CONF_module_set_usr_data; ++ CONF_parse_list; ++ CONF_module_add; ++ CONF_get1_default_config_file; ++ CONF_imodule_get_flags; ++ CONF_imodule_get_module; ++ CONF_modules_load; ++ CONF_imodule_get_name; ++ ERR_peek_top_error; ++ CONF_imodule_get_usr_data; ++ CONF_imodule_set_flags; ++ ENGINE_add_conf_module; ++ ERR_peek_last_error_line; ++ ERR_peek_last_error_line_data; ++ ERR_peek_last_error; ++ DES_read_2passwords; ++ DES_read_password; ++ UI_UTIL_read_pw; ++ UI_UTIL_read_pw_string; ++ ENGINE_load_aep; ++ ENGINE_load_sureware; ++ OPENSSL_add_all_algorithms_noconf; ++ OPENSSL_add_all_algo_noconf; ++ OPENSSL_add_all_algorithms_conf; ++ OPENSSL_add_all_algo_conf; ++ OPENSSL_load_builtin_modules; ++ AES_ofb128_encrypt; ++ AES_ctr128_encrypt; ++ AES_cfb128_encrypt; ++ ENGINE_load_4758cca; ++ _ossl_096_des_random_seed; ++ EVP_aes_256_ofb; ++ EVP_aes_192_ofb; ++ EVP_aes_128_cfb128; ++ EVP_aes_256_cfb128; ++ EVP_aes_128_ofb; ++ EVP_aes_192_cfb128; ++ CONF_modules_free; ++ NCONF_default; ++ OPENSSL_no_config; ++ NCONF_WIN32; ++ ASN1_UNIVERSALSTRING_new; ++ EVP_des_ede_ecb; ++ i2d_ASN1_UNIVERSALSTRING; ++ ASN1_UNIVERSALSTRING_free; ++ ASN1_UNIVERSALSTRING_it; ++ ASN1_UNIVERSALSTRING_it; ++ d2i_ASN1_UNIVERSALSTRING; ++ EVP_des_ede3_ecb; ++ X509_REQ_print_ex; ++ ENGINE_up_ref; ++ BUF_MEM_grow_clean; ++ CRYPTO_realloc_clean; ++ BUF_strlcat; ++ BIO_indent; ++ BUF_strlcpy; ++ OpenSSLDie; ++ OPENSSL_cleanse; ++ ENGINE_setup_bsd_cryptodev; ++ ERR_release_err_state_table; ++ EVP_aes_128_cfb8; ++ FIPS_corrupt_rsa; ++ FIPS_selftest_des; ++ EVP_aes_128_cfb1; ++ EVP_aes_192_cfb8; ++ FIPS_mode_set; ++ FIPS_selftest_dsa; ++ EVP_aes_256_cfb8; ++ FIPS_allow_md5; ++ DES_ede3_cfb_encrypt; ++ EVP_des_ede3_cfb8; ++ FIPS_rand_seeded; ++ AES_cfbr_encrypt_block; ++ AES_cfb8_encrypt; ++ FIPS_rand_seed; ++ FIPS_corrupt_des; ++ EVP_aes_192_cfb1; ++ FIPS_selftest_aes; ++ FIPS_set_prng_key; ++ EVP_des_cfb8; ++ FIPS_corrupt_dsa; ++ FIPS_test_mode; ++ FIPS_rand_method; ++ EVP_aes_256_cfb1; ++ ERR_load_FIPS_strings; ++ FIPS_corrupt_aes; ++ FIPS_selftest_sha1; ++ FIPS_selftest_rsa; ++ FIPS_corrupt_sha1; ++ EVP_des_cfb1; ++ FIPS_dsa_check; ++ AES_cfb1_encrypt; ++ EVP_des_ede3_cfb1; ++ FIPS_rand_check; ++ FIPS_md5_allowed; ++ FIPS_mode; ++ FIPS_selftest_failed; ++ sk_is_sorted; ++ X509_check_ca; ++ HMAC_CTX_set_flags; ++ d2i_PROXY_CERT_INFO_EXTENSION; ++ PROXY_POLICY_it; ++ PROXY_POLICY_it; ++ i2d_PROXY_POLICY; ++ i2d_PROXY_CERT_INFO_EXTENSION; ++ d2i_PROXY_POLICY; ++ PROXY_CERT_INFO_EXTENSION_new; ++ PROXY_CERT_INFO_EXTENSION_free; ++ PROXY_CERT_INFO_EXTENSION_it; ++ PROXY_CERT_INFO_EXTENSION_it; ++ PROXY_POLICY_free; ++ PROXY_POLICY_new; ++ BN_MONT_CTX_set_locked; ++ FIPS_selftest_rng; ++ EVP_sha384; ++ EVP_sha512; ++ EVP_sha224; ++ EVP_sha256; ++ FIPS_selftest_hmac; ++ FIPS_corrupt_rng; ++ BN_mod_exp_mont_consttime; ++ RSA_X931_hash_id; ++ RSA_padding_check_X931; ++ RSA_verify_PKCS1_PSS; ++ RSA_padding_add_X931; ++ RSA_padding_add_PKCS1_PSS; ++ PKCS1_MGF1; ++ BN_X931_generate_Xpq; ++ RSA_X931_generate_key; ++ BN_X931_derive_prime; ++ BN_X931_generate_prime; ++ RSA_X931_derive; ++ BIO_new_dgram; ++ BN_get0_nist_prime_384; ++ ERR_set_mark; ++ X509_STORE_CTX_set0_crls; ++ ENGINE_set_STORE; ++ ENGINE_register_ECDSA; ++ STORE_meth_set_list_start_fn; ++ STORE_method_set_list_start_function; ++ BN_BLINDING_invert_ex; ++ NAME_CONSTRAINTS_free; ++ STORE_ATTR_INFO_set_number; ++ BN_BLINDING_get_thread_id; ++ X509_STORE_CTX_set0_param; ++ POLICY_MAPPING_it; ++ POLICY_MAPPING_it; ++ STORE_parse_attrs_start; ++ POLICY_CONSTRAINTS_free; ++ EVP_PKEY_add1_attr_by_NID; ++ BN_nist_mod_192; ++ EC_GROUP_get_trinomial_basis; ++ STORE_set_method; ++ GENERAL_SUBTREE_free; ++ NAME_CONSTRAINTS_it; ++ NAME_CONSTRAINTS_it; ++ ECDH_get_default_method; ++ PKCS12_add_safe; ++ EC_KEY_new_by_curve_name; ++ STORE_meth_get_update_store_fn; ++ STORE_method_get_update_store_function; ++ ENGINE_register_ECDH; ++ SHA512_Update; ++ i2d_ECPrivateKey; ++ BN_get0_nist_prime_192; ++ STORE_modify_certificate; ++ EC_POINT_set_affine_coordinates_GF2m; ++ EC_POINT_set_affine_coords_GF2m; ++ BN_GF2m_mod_exp_arr; ++ STORE_ATTR_INFO_modify_number; ++ X509_keyid_get0; ++ ENGINE_load_gmp; ++ pitem_new; ++ BN_GF2m_mod_mul_arr; ++ STORE_list_public_key_endp; ++ o2i_ECPublicKey; ++ EC_KEY_copy; ++ BIO_dump_fp; ++ X509_policy_node_get0_parent; ++ EC_GROUP_check_discriminant; ++ i2o_ECPublicKey; ++ EC_KEY_precompute_mult; ++ a2i_IPADDRESS; ++ STORE_meth_set_initialise_fn; ++ STORE_method_set_initialise_function; ++ X509_STORE_CTX_set_depth; ++ X509_VERIFY_PARAM_inherit; ++ EC_POINT_point2bn; ++ STORE_ATTR_INFO_set_dn; ++ X509_policy_tree_get0_policies; ++ EC_GROUP_new_curve_GF2m; ++ STORE_destroy_method; ++ ENGINE_unregister_STORE; ++ EVP_PKEY_get1_EC_KEY; ++ STORE_ATTR_INFO_get0_number; ++ ENGINE_get_default_ECDH; ++ EC_KEY_get_conv_form; ++ ASN1_OCTET_STRING_NDEF_it; ++ ASN1_OCTET_STRING_NDEF_it; ++ STORE_delete_public_key; ++ STORE_get_public_key; ++ STORE_modify_arbitrary; ++ ENGINE_get_static_state; ++ pqueue_iterator; ++ ECDSA_SIG_new; ++ OPENSSL_DIR_end; ++ BN_GF2m_mod_sqr; ++ EC_POINT_bn2point; ++ X509_VERIFY_PARAM_set_depth; ++ EC_KEY_set_asn1_flag; ++ STORE_get_method; ++ EC_KEY_get_key_method_data; ++ ECDSA_sign_ex; ++ STORE_parse_attrs_end; ++ EC_GROUP_get_point_conversion_form; ++ EC_GROUP_get_point_conv_form; ++ STORE_method_set_store_function; ++ STORE_ATTR_INFO_in; ++ PEM_read_bio_ECPKParameters; ++ EC_GROUP_get_pentanomial_basis; ++ EVP_PKEY_add1_attr_by_txt; ++ BN_BLINDING_set_flags; ++ X509_VERIFY_PARAM_set1_policies; ++ X509_VERIFY_PARAM_set1_name; ++ X509_VERIFY_PARAM_set_purpose; ++ STORE_get_number; ++ ECDSA_sign_setup; ++ BN_GF2m_mod_solve_quad_arr; ++ EC_KEY_up_ref; ++ POLICY_MAPPING_free; ++ BN_GF2m_mod_div; ++ X509_VERIFY_PARAM_set_flags; ++ EC_KEY_free; ++ STORE_meth_set_list_next_fn; ++ STORE_method_set_list_next_function; ++ PEM_write_bio_ECPrivateKey; ++ d2i_EC_PUBKEY; ++ STORE_meth_get_generate_fn; ++ STORE_method_get_generate_function; ++ STORE_meth_set_list_end_fn; ++ STORE_method_set_list_end_function; ++ pqueue_print; ++ EC_GROUP_have_precompute_mult; ++ EC_KEY_print_fp; ++ BN_GF2m_mod_arr; ++ PEM_write_bio_X509_CERT_PAIR; ++ EVP_PKEY_cmp; ++ X509_policy_level_node_count; ++ STORE_new_engine; ++ STORE_list_public_key_start; ++ X509_VERIFY_PARAM_new; ++ ECDH_get_ex_data; ++ EVP_PKEY_get_attr; ++ ECDSA_do_sign; ++ ENGINE_unregister_ECDH; ++ ECDH_OpenSSL; ++ EC_KEY_set_conv_form; ++ EC_POINT_dup; ++ GENERAL_SUBTREE_new; ++ STORE_list_crl_endp; ++ EC_get_builtin_curves; ++ X509_policy_node_get0_qualifiers; ++ X509_pcy_node_get0_qualifiers; ++ STORE_list_crl_end; ++ EVP_PKEY_set1_EC_KEY; ++ BN_GF2m_mod_sqrt_arr; ++ i2d_ECPrivateKey_bio; ++ ECPKParameters_print_fp; ++ pqueue_find; ++ ECDSA_SIG_free; ++ PEM_write_bio_ECPKParameters; ++ STORE_method_set_ctrl_function; ++ STORE_list_public_key_end; ++ EC_KEY_set_private_key; ++ pqueue_peek; ++ STORE_get_arbitrary; ++ STORE_store_crl; ++ X509_policy_node_get0_policy; ++ PKCS12_add_safes; ++ BN_BLINDING_convert_ex; ++ X509_policy_tree_free; ++ OPENSSL_ia32cap_loc; ++ BN_GF2m_poly2arr; ++ STORE_ctrl; ++ STORE_ATTR_INFO_compare; ++ BN_get0_nist_prime_224; ++ i2d_ECParameters; ++ i2d_ECPKParameters; ++ BN_GENCB_call; ++ d2i_ECPKParameters; ++ STORE_meth_set_generate_fn; ++ STORE_method_set_generate_function; ++ ENGINE_set_ECDH; ++ NAME_CONSTRAINTS_new; ++ SHA256_Init; ++ EC_KEY_get0_public_key; ++ PEM_write_bio_EC_PUBKEY; ++ STORE_ATTR_INFO_set_cstr; ++ STORE_list_crl_next; ++ STORE_ATTR_INFO_in_range; ++ ECParameters_print; ++ STORE_meth_set_delete_fn; ++ STORE_method_set_delete_function; ++ STORE_list_certificate_next; ++ ASN1_generate_nconf; ++ BUF_memdup; ++ BN_GF2m_mod_mul; ++ STORE_meth_get_list_next_fn; ++ STORE_method_get_list_next_function; ++ STORE_ATTR_INFO_get0_dn; ++ STORE_list_private_key_next; ++ EC_GROUP_set_seed; ++ X509_VERIFY_PARAM_set_trust; ++ STORE_ATTR_INFO_free; ++ STORE_get_private_key; ++ EVP_PKEY_get_attr_count; ++ STORE_ATTR_INFO_new; ++ EC_GROUP_get_curve_GF2m; ++ STORE_meth_set_revoke_fn; ++ STORE_method_set_revoke_function; ++ STORE_store_number; ++ BN_is_prime_ex; ++ STORE_revoke_public_key; ++ X509_STORE_CTX_get0_param; ++ STORE_delete_arbitrary; ++ PEM_read_X509_CERT_PAIR; ++ X509_STORE_set_depth; ++ ECDSA_get_ex_data; ++ SHA224; ++ BIO_dump_indent_fp; ++ EC_KEY_set_group; ++ BUF_strndup; ++ STORE_list_certificate_start; ++ BN_GF2m_mod; ++ X509_REQ_check_private_key; ++ EC_GROUP_get_seed_len; ++ ERR_load_STORE_strings; ++ PEM_read_bio_EC_PUBKEY; ++ STORE_list_private_key_end; ++ i2d_EC_PUBKEY; ++ ECDSA_get_default_method; ++ ASN1_put_eoc; ++ X509_STORE_CTX_get_explicit_policy; ++ X509_STORE_CTX_get_expl_policy; ++ X509_VERIFY_PARAM_table_cleanup; ++ STORE_modify_private_key; ++ X509_VERIFY_PARAM_free; ++ EC_METHOD_get_field_type; ++ EC_GFp_nist_method; ++ STORE_meth_set_modify_fn; ++ STORE_method_set_modify_function; ++ STORE_parse_attrs_next; ++ ENGINE_load_padlock; ++ EC_GROUP_set_curve_name; ++ X509_CERT_PAIR_it; ++ X509_CERT_PAIR_it; ++ STORE_meth_get_revoke_fn; ++ STORE_method_get_revoke_function; ++ STORE_method_set_get_function; ++ STORE_modify_number; ++ STORE_method_get_store_function; ++ STORE_store_private_key; ++ BN_GF2m_mod_sqr_arr; ++ RSA_setup_blinding; ++ BIO_s_datagram; ++ STORE_Memory; ++ sk_find_ex; ++ EC_GROUP_set_curve_GF2m; ++ ENGINE_set_default_ECDSA; ++ POLICY_CONSTRAINTS_new; ++ BN_GF2m_mod_sqrt; ++ ECDH_set_default_method; ++ EC_KEY_generate_key; ++ SHA384_Update; ++ BN_GF2m_arr2poly; ++ STORE_method_get_get_function; ++ STORE_meth_set_cleanup_fn; ++ STORE_method_set_cleanup_function; ++ EC_GROUP_check; ++ d2i_ECPrivateKey_bio; ++ EC_KEY_insert_key_method_data; ++ STORE_meth_get_lock_store_fn; ++ STORE_method_get_lock_store_function; ++ X509_VERIFY_PARAM_get_depth; ++ SHA224_Final; ++ STORE_meth_set_update_store_fn; ++ STORE_method_set_update_store_function; ++ SHA224_Update; ++ d2i_ECPrivateKey; ++ ASN1_item_ndef_i2d; ++ STORE_delete_private_key; ++ ERR_pop_to_mark; ++ ENGINE_register_all_STORE; ++ X509_policy_level_get0_node; ++ i2d_PKCS7_NDEF; ++ EC_GROUP_get_degree; ++ ASN1_generate_v3; ++ STORE_ATTR_INFO_modify_cstr; ++ X509_policy_tree_level_count; ++ BN_GF2m_add; ++ EC_KEY_get0_group; ++ STORE_generate_crl; ++ STORE_store_public_key; ++ X509_CERT_PAIR_free; ++ STORE_revoke_private_key; ++ BN_nist_mod_224; ++ SHA512_Final; ++ STORE_ATTR_INFO_modify_dn; ++ STORE_meth_get_initialise_fn; ++ STORE_method_get_initialise_function; ++ STORE_delete_number; ++ i2d_EC_PUBKEY_bio; ++ BIO_dgram_non_fatal_error; ++ EC_GROUP_get_asn1_flag; ++ STORE_ATTR_INFO_in_ex; ++ STORE_list_crl_start; ++ ECDH_get_ex_new_index; ++ STORE_meth_get_modify_fn; ++ STORE_method_get_modify_function; ++ v2i_ASN1_BIT_STRING; ++ STORE_store_certificate; ++ OBJ_bsearch_ex; ++ X509_STORE_CTX_set_default; ++ STORE_ATTR_INFO_set_sha1str; ++ BN_GF2m_mod_inv; ++ BN_GF2m_mod_exp; ++ STORE_modify_public_key; ++ STORE_meth_get_list_start_fn; ++ STORE_method_get_list_start_function; ++ EC_GROUP_get0_seed; ++ STORE_store_arbitrary; ++ STORE_meth_set_unlock_store_fn; ++ STORE_method_set_unlock_store_function; ++ BN_GF2m_mod_div_arr; ++ ENGINE_set_ECDSA; ++ STORE_create_method; ++ ECPKParameters_print; ++ EC_KEY_get0_private_key; ++ PEM_write_EC_PUBKEY; ++ X509_VERIFY_PARAM_set1; ++ ECDH_set_method; ++ v2i_GENERAL_NAME_ex; ++ ECDH_set_ex_data; ++ STORE_generate_key; ++ BN_nist_mod_521; ++ X509_policy_tree_get0_level; ++ EC_GROUP_set_point_conversion_form; ++ EC_GROUP_set_point_conv_form; ++ PEM_read_EC_PUBKEY; ++ i2d_ECDSA_SIG; ++ ECDSA_OpenSSL; ++ STORE_delete_crl; ++ EC_KEY_get_enc_flags; ++ ASN1_const_check_infinite_end; ++ EVP_PKEY_delete_attr; ++ ECDSA_set_default_method; ++ EC_POINT_set_compressed_coordinates_GF2m; ++ EC_POINT_set_compr_coords_GF2m; ++ EC_GROUP_cmp; ++ STORE_revoke_certificate; ++ BN_get0_nist_prime_256; ++ STORE_meth_get_delete_fn; ++ STORE_method_get_delete_function; ++ SHA224_Init; ++ PEM_read_ECPrivateKey; ++ SHA512_Init; ++ STORE_parse_attrs_endp; ++ BN_set_negative; ++ ERR_load_ECDSA_strings; ++ EC_GROUP_get_basis_type; ++ STORE_list_public_key_next; ++ i2v_ASN1_BIT_STRING; ++ STORE_OBJECT_free; ++ BN_nist_mod_384; ++ i2d_X509_CERT_PAIR; ++ PEM_write_ECPKParameters; ++ ECDH_compute_key; ++ STORE_ATTR_INFO_get0_sha1str; ++ ENGINE_register_all_ECDH; ++ pqueue_pop; ++ STORE_ATTR_INFO_get0_cstr; ++ POLICY_CONSTRAINTS_it; ++ POLICY_CONSTRAINTS_it; ++ STORE_get_ex_new_index; ++ EVP_PKEY_get_attr_by_OBJ; ++ X509_VERIFY_PARAM_add0_policy; ++ BN_GF2m_mod_solve_quad; ++ SHA256; ++ i2d_ECPrivateKey_fp; ++ X509_policy_tree_get0_user_policies; ++ X509_pcy_tree_get0_usr_policies; ++ OPENSSL_DIR_read; ++ ENGINE_register_all_ECDSA; ++ X509_VERIFY_PARAM_lookup; ++ EC_POINT_get_affine_coordinates_GF2m; ++ EC_POINT_get_affine_coords_GF2m; ++ EC_GROUP_dup; ++ ENGINE_get_default_ECDSA; ++ EC_KEY_new; ++ SHA256_Transform; ++ EC_KEY_set_enc_flags; ++ ECDSA_verify; ++ EC_POINT_point2hex; ++ ENGINE_get_STORE; ++ SHA512; ++ STORE_get_certificate; ++ ECDSA_do_sign_ex; ++ ECDSA_do_verify; ++ d2i_ECPrivateKey_fp; ++ STORE_delete_certificate; ++ SHA512_Transform; ++ X509_STORE_set1_param; ++ STORE_method_get_ctrl_function; ++ STORE_free; ++ PEM_write_ECPrivateKey; ++ STORE_meth_get_unlock_store_fn; ++ STORE_method_get_unlock_store_function; ++ STORE_get_ex_data; ++ EC_KEY_set_public_key; ++ PEM_read_ECPKParameters; ++ X509_CERT_PAIR_new; ++ ENGINE_register_STORE; ++ RSA_generate_key_ex; ++ DSA_generate_parameters_ex; ++ ECParameters_print_fp; ++ X509V3_NAME_from_section; ++ EVP_PKEY_add1_attr; ++ STORE_modify_crl; ++ STORE_list_private_key_start; ++ POLICY_MAPPINGS_it; ++ POLICY_MAPPINGS_it; ++ GENERAL_SUBTREE_it; ++ GENERAL_SUBTREE_it; ++ EC_GROUP_get_curve_name; ++ PEM_write_X509_CERT_PAIR; ++ BIO_dump_indent_cb; ++ d2i_X509_CERT_PAIR; ++ STORE_list_private_key_endp; ++ asn1_const_Finish; ++ i2d_EC_PUBKEY_fp; ++ BN_nist_mod_256; ++ X509_VERIFY_PARAM_add0_table; ++ pqueue_free; ++ BN_BLINDING_create_param; ++ ECDSA_size; ++ d2i_EC_PUBKEY_bio; ++ BN_get0_nist_prime_521; ++ STORE_ATTR_INFO_modify_sha1str; ++ BN_generate_prime_ex; ++ EC_GROUP_new_by_curve_name; ++ SHA256_Final; ++ DH_generate_parameters_ex; ++ PEM_read_bio_ECPrivateKey; ++ STORE_meth_get_cleanup_fn; ++ STORE_method_get_cleanup_function; ++ ENGINE_get_ECDH; ++ d2i_ECDSA_SIG; ++ BN_is_prime_fasttest_ex; ++ ECDSA_sign; ++ X509_policy_check; ++ EVP_PKEY_get_attr_by_NID; ++ STORE_set_ex_data; ++ ENGINE_get_ECDSA; ++ EVP_ecdsa; ++ BN_BLINDING_get_flags; ++ PKCS12_add_cert; ++ STORE_OBJECT_new; ++ ERR_load_ECDH_strings; ++ EC_KEY_dup; ++ EVP_CIPHER_CTX_rand_key; ++ ECDSA_set_method; ++ a2i_IPADDRESS_NC; ++ d2i_ECParameters; ++ STORE_list_certificate_end; ++ STORE_get_crl; ++ X509_POLICY_NODE_print; ++ SHA384_Init; ++ EC_GF2m_simple_method; ++ ECDSA_set_ex_data; ++ SHA384_Final; ++ PKCS7_set_digest; ++ EC_KEY_print; ++ STORE_meth_set_lock_store_fn; ++ STORE_method_set_lock_store_function; ++ ECDSA_get_ex_new_index; ++ SHA384; ++ POLICY_MAPPING_new; ++ STORE_list_certificate_endp; ++ X509_STORE_CTX_get0_policy_tree; ++ EC_GROUP_set_asn1_flag; ++ EC_KEY_check_key; ++ d2i_EC_PUBKEY_fp; ++ PKCS7_set0_type_other; ++ PEM_read_bio_X509_CERT_PAIR; ++ pqueue_next; ++ STORE_meth_get_list_end_fn; ++ STORE_method_get_list_end_function; ++ EVP_PKEY_add1_attr_by_OBJ; ++ X509_VERIFY_PARAM_set_time; ++ pqueue_new; ++ ENGINE_set_default_ECDH; ++ STORE_new_method; ++ PKCS12_add_key; ++ DSO_merge; ++ EC_POINT_hex2point; ++ BIO_dump_cb; ++ SHA256_Update; ++ pqueue_insert; ++ pitem_free; ++ BN_GF2m_mod_inv_arr; ++ ENGINE_unregister_ECDSA; ++ BN_BLINDING_set_thread_id; ++ get_rfc3526_prime_8192; ++ X509_VERIFY_PARAM_clear_flags; ++ get_rfc2409_prime_1024; ++ DH_check_pub_key; ++ get_rfc3526_prime_2048; ++ get_rfc3526_prime_6144; ++ get_rfc3526_prime_1536; ++ get_rfc3526_prime_3072; ++ get_rfc3526_prime_4096; ++ get_rfc2409_prime_768; ++ X509_VERIFY_PARAM_get_flags; ++ EVP_CIPHER_CTX_new; ++ EVP_CIPHER_CTX_free; ++ Camellia_cbc_encrypt; ++ Camellia_cfb128_encrypt; ++ Camellia_cfb1_encrypt; ++ Camellia_cfb8_encrypt; ++ Camellia_ctr128_encrypt; ++ Camellia_cfbr_encrypt_block; ++ Camellia_decrypt; ++ Camellia_ecb_encrypt; ++ Camellia_encrypt; ++ Camellia_ofb128_encrypt; ++ Camellia_set_key; ++ EVP_camellia_128_cbc; ++ EVP_camellia_128_cfb128; ++ EVP_camellia_128_cfb1; ++ EVP_camellia_128_cfb8; ++ EVP_camellia_128_ecb; ++ EVP_camellia_128_ofb; ++ EVP_camellia_192_cbc; ++ EVP_camellia_192_cfb128; ++ EVP_camellia_192_cfb1; ++ EVP_camellia_192_cfb8; ++ EVP_camellia_192_ecb; ++ EVP_camellia_192_ofb; ++ EVP_camellia_256_cbc; ++ EVP_camellia_256_cfb128; ++ EVP_camellia_256_cfb1; ++ EVP_camellia_256_cfb8; ++ EVP_camellia_256_ecb; ++ EVP_camellia_256_ofb; ++ a2i_ipadd; ++ ASIdentifiers_free; ++ i2d_ASIdOrRange; ++ EVP_CIPHER_block_size; ++ v3_asid_is_canonical; ++ IPAddressChoice_free; ++ EVP_CIPHER_CTX_set_app_data; ++ BIO_set_callback_arg; ++ v3_addr_add_prefix; ++ IPAddressOrRange_it; ++ IPAddressOrRange_it; ++ BIO_set_flags; ++ ASIdentifiers_it; ++ ASIdentifiers_it; ++ v3_addr_get_range; ++ BIO_method_type; ++ v3_addr_inherits; ++ IPAddressChoice_it; ++ IPAddressChoice_it; ++ AES_ige_encrypt; ++ v3_addr_add_range; ++ EVP_CIPHER_CTX_nid; ++ d2i_ASRange; ++ v3_addr_add_inherit; ++ v3_asid_add_id_or_range; ++ v3_addr_validate_resource_set; ++ EVP_CIPHER_iv_length; ++ EVP_MD_type; ++ v3_asid_canonize; ++ IPAddressRange_free; ++ v3_asid_add_inherit; ++ EVP_CIPHER_CTX_key_length; ++ IPAddressRange_new; ++ ASIdOrRange_new; ++ EVP_MD_size; ++ EVP_MD_CTX_test_flags; ++ BIO_clear_flags; ++ i2d_ASRange; ++ IPAddressRange_it; ++ IPAddressRange_it; ++ IPAddressChoice_new; ++ ASIdentifierChoice_new; ++ ASRange_free; ++ EVP_MD_pkey_type; ++ EVP_MD_CTX_clear_flags; ++ IPAddressFamily_free; ++ i2d_IPAddressFamily; ++ IPAddressOrRange_new; ++ EVP_CIPHER_flags; ++ v3_asid_validate_resource_set; ++ d2i_IPAddressRange; ++ AES_bi_ige_encrypt; ++ BIO_get_callback; ++ IPAddressOrRange_free; ++ v3_addr_subset; ++ d2i_IPAddressFamily; ++ v3_asid_subset; ++ BIO_test_flags; ++ i2d_ASIdentifierChoice; ++ ASRange_it; ++ ASRange_it; ++ d2i_ASIdentifiers; ++ ASRange_new; ++ d2i_IPAddressChoice; ++ v3_addr_get_afi; ++ EVP_CIPHER_key_length; ++ EVP_Cipher; ++ i2d_IPAddressOrRange; ++ ASIdOrRange_it; ++ ASIdOrRange_it; ++ EVP_CIPHER_nid; ++ i2d_IPAddressChoice; ++ EVP_CIPHER_CTX_block_size; ++ ASIdentifiers_new; ++ v3_addr_validate_path; ++ IPAddressFamily_new; ++ EVP_MD_CTX_set_flags; ++ v3_addr_is_canonical; ++ i2d_IPAddressRange; ++ IPAddressFamily_it; ++ IPAddressFamily_it; ++ v3_asid_inherits; ++ EVP_CIPHER_CTX_cipher; ++ EVP_CIPHER_CTX_get_app_data; ++ EVP_MD_block_size; ++ EVP_CIPHER_CTX_flags; ++ v3_asid_validate_path; ++ d2i_IPAddressOrRange; ++ v3_addr_canonize; ++ ASIdentifierChoice_it; ++ ASIdentifierChoice_it; ++ EVP_MD_CTX_md; ++ d2i_ASIdentifierChoice; ++ BIO_method_name; ++ EVP_CIPHER_CTX_iv_length; ++ ASIdOrRange_free; ++ ASIdentifierChoice_free; ++ BIO_get_callback_arg; ++ BIO_set_callback; ++ d2i_ASIdOrRange; ++ i2d_ASIdentifiers; ++ SEED_decrypt; ++ SEED_encrypt; ++ SEED_cbc_encrypt; ++ EVP_seed_ofb; ++ SEED_cfb128_encrypt; ++ SEED_ofb128_encrypt; ++ EVP_seed_cbc; ++ SEED_ecb_encrypt; ++ EVP_seed_ecb; ++ SEED_set_key; ++ EVP_seed_cfb128; ++ X509_EXTENSIONS_it; ++ X509_EXTENSIONS_it; ++ X509_get1_ocsp; ++ OCSP_REQ_CTX_free; ++ i2d_X509_EXTENSIONS; ++ OCSP_sendreq_nbio; ++ OCSP_sendreq_new; ++ d2i_X509_EXTENSIONS; ++ X509_ALGORS_it; ++ X509_ALGORS_it; ++ X509_ALGOR_get0; ++ X509_ALGOR_set0; ++ AES_unwrap_key; ++ AES_wrap_key; ++ X509at_get0_data_by_OBJ; ++ ASN1_TYPE_set1; ++ ASN1_STRING_set0; ++ i2d_X509_ALGORS; ++ BIO_f_zlib; ++ COMP_zlib_cleanup; ++ d2i_X509_ALGORS; ++ CMS_ReceiptRequest_free; ++ PEM_write_CMS; ++ CMS_add0_CertificateChoices; ++ CMS_unsigned_add1_attr_by_OBJ; ++ ERR_load_CMS_strings; ++ CMS_sign_receipt; ++ i2d_CMS_ContentInfo; ++ CMS_signed_delete_attr; ++ d2i_CMS_bio; ++ CMS_unsigned_get_attr_by_NID; ++ CMS_verify; ++ SMIME_read_CMS; ++ CMS_decrypt_set1_key; ++ CMS_SignerInfo_get0_algs; ++ CMS_add1_cert; ++ CMS_set_detached; ++ CMS_encrypt; ++ CMS_EnvelopedData_create; ++ CMS_uncompress; ++ CMS_add0_crl; ++ CMS_SignerInfo_verify_content; ++ CMS_unsigned_get0_data_by_OBJ; ++ PEM_write_bio_CMS; ++ CMS_unsigned_get_attr; ++ CMS_RecipientInfo_ktri_cert_cmp; ++ CMS_RecipientInfo_ktri_get0_algs; ++ CMS_RecipInfo_ktri_get0_algs; ++ CMS_ContentInfo_free; ++ CMS_final; ++ CMS_add_simple_smimecap; ++ CMS_SignerInfo_verify; ++ CMS_data; ++ CMS_ContentInfo_it; ++ CMS_ContentInfo_it; ++ d2i_CMS_ReceiptRequest; ++ CMS_compress; ++ CMS_digest_create; ++ CMS_SignerInfo_cert_cmp; ++ CMS_SignerInfo_sign; ++ CMS_data_create; ++ i2d_CMS_bio; ++ CMS_EncryptedData_set1_key; ++ CMS_decrypt; ++ int_smime_write_ASN1; ++ CMS_unsigned_delete_attr; ++ CMS_unsigned_get_attr_count; ++ CMS_add_smimecap; ++ PEM_read_CMS; ++ CMS_signed_get_attr_by_OBJ; ++ d2i_CMS_ContentInfo; ++ CMS_add_standard_smimecap; ++ CMS_ContentInfo_new; ++ CMS_RecipientInfo_type; ++ CMS_get0_type; ++ CMS_is_detached; ++ CMS_sign; ++ CMS_signed_add1_attr; ++ CMS_unsigned_get_attr_by_OBJ; ++ SMIME_write_CMS; ++ CMS_EncryptedData_decrypt; ++ CMS_get0_RecipientInfos; ++ CMS_add0_RevocationInfoChoice; ++ CMS_decrypt_set1_pkey; ++ CMS_SignerInfo_set1_signer_cert; ++ CMS_get0_signers; ++ CMS_ReceiptRequest_get0_values; ++ CMS_signed_get0_data_by_OBJ; ++ CMS_get0_SignerInfos; ++ CMS_add0_cert; ++ CMS_EncryptedData_encrypt; ++ CMS_digest_verify; ++ CMS_set1_signers_certs; ++ CMS_signed_get_attr; ++ CMS_RecipientInfo_set0_key; ++ CMS_SignedData_init; ++ CMS_RecipientInfo_kekri_get0_id; ++ CMS_verify_receipt; ++ CMS_ReceiptRequest_it; ++ CMS_ReceiptRequest_it; ++ PEM_read_bio_CMS; ++ CMS_get1_crls; ++ CMS_add0_recipient_key; ++ SMIME_read_ASN1; ++ CMS_ReceiptRequest_new; ++ CMS_get0_content; ++ CMS_get1_ReceiptRequest; ++ CMS_signed_add1_attr_by_OBJ; ++ CMS_RecipientInfo_kekri_id_cmp; ++ CMS_add1_ReceiptRequest; ++ CMS_SignerInfo_get0_signer_id; ++ CMS_unsigned_add1_attr_by_NID; ++ CMS_unsigned_add1_attr; ++ CMS_signed_get_attr_by_NID; ++ CMS_get1_certs; ++ CMS_signed_add1_attr_by_NID; ++ CMS_unsigned_add1_attr_by_txt; ++ CMS_dataFinal; ++ CMS_RecipientInfo_ktri_get0_signer_id; ++ CMS_RecipInfo_ktri_get0_sigr_id; ++ i2d_CMS_ReceiptRequest; ++ CMS_add1_recipient_cert; ++ CMS_dataInit; ++ CMS_signed_add1_attr_by_txt; ++ CMS_RecipientInfo_decrypt; ++ CMS_signed_get_attr_count; ++ CMS_get0_eContentType; ++ CMS_set1_eContentType; ++ CMS_ReceiptRequest_create0; ++ CMS_add1_signer; ++ CMS_RecipientInfo_set0_pkey; ++ ENGINE_set_load_ssl_client_cert_function; ++ ENGINE_set_ld_ssl_clnt_cert_fn; ++ ENGINE_get_ssl_client_cert_function; ++ ENGINE_get_ssl_client_cert_fn; ++ ENGINE_load_ssl_client_cert; ++ ENGINE_load_capi; ++ OPENSSL_isservice; ++ FIPS_dsa_sig_decode; ++ EVP_CIPHER_CTX_clear_flags; ++ FIPS_rand_status; ++ FIPS_rand_set_key; ++ CRYPTO_set_mem_info_functions; ++ RSA_X931_generate_key_ex; ++ int_ERR_set_state_func; ++ int_EVP_MD_set_engine_callbacks; ++ int_CRYPTO_set_do_dynlock_callback; ++ FIPS_rng_stick; ++ EVP_CIPHER_CTX_set_flags; ++ BN_X931_generate_prime_ex; ++ FIPS_selftest_check; ++ FIPS_rand_set_dt; ++ CRYPTO_dbg_pop_info; ++ FIPS_dsa_free; ++ RSA_X931_derive_ex; ++ FIPS_rsa_new; ++ FIPS_rand_bytes; ++ fips_cipher_test; ++ EVP_CIPHER_CTX_test_flags; ++ CRYPTO_malloc_debug_init; ++ CRYPTO_dbg_push_info; ++ FIPS_corrupt_rsa_keygen; ++ FIPS_dh_new; ++ FIPS_corrupt_dsa_keygen; ++ FIPS_dh_free; ++ fips_pkey_signature_test; ++ EVP_add_alg_module; ++ int_RAND_init_engine_callbacks; ++ int_EVP_CIPHER_set_engine_callbacks; ++ int_EVP_MD_init_engine_callbacks; ++ FIPS_rand_test_mode; ++ FIPS_rand_reset; ++ FIPS_dsa_new; ++ int_RAND_set_callbacks; ++ BN_X931_derive_prime_ex; ++ int_ERR_lib_init; ++ int_EVP_CIPHER_init_engine_callbacks; ++ FIPS_rsa_free; ++ FIPS_dsa_sig_encode; ++ CRYPTO_dbg_remove_all_info; ++ OPENSSL_init; ++ CRYPTO_strdup; ++ JPAKE_STEP3A_process; ++ JPAKE_STEP1_release; ++ JPAKE_get_shared_key; ++ JPAKE_STEP3B_init; ++ JPAKE_STEP1_generate; ++ JPAKE_STEP1_init; ++ JPAKE_STEP3B_process; ++ JPAKE_STEP2_generate; ++ JPAKE_CTX_new; ++ JPAKE_CTX_free; ++ JPAKE_STEP3B_release; ++ JPAKE_STEP3A_release; ++ JPAKE_STEP2_process; ++ JPAKE_STEP3B_generate; ++ JPAKE_STEP1_process; ++ JPAKE_STEP3A_generate; ++ JPAKE_STEP2_release; ++ JPAKE_STEP3A_init; ++ ERR_load_JPAKE_strings; ++ JPAKE_STEP2_init; ++ pqueue_size; ++ i2d_TS_ACCURACY; ++ i2d_TS_MSG_IMPRINT_fp; ++ i2d_TS_MSG_IMPRINT; ++ EVP_PKEY_print_public; ++ EVP_PKEY_CTX_new; ++ i2d_TS_TST_INFO; ++ EVP_PKEY_asn1_find; ++ DSO_METHOD_beos; ++ TS_CONF_load_cert; ++ TS_REQ_get_ext; ++ EVP_PKEY_sign_init; ++ ASN1_item_print; ++ TS_TST_INFO_set_nonce; ++ TS_RESP_dup; ++ ENGINE_register_pkey_meths; ++ EVP_PKEY_asn1_add0; ++ PKCS7_add0_attrib_signing_time; ++ i2d_TS_TST_INFO_fp; ++ BIO_asn1_get_prefix; ++ TS_TST_INFO_set_time; ++ EVP_PKEY_meth_set_decrypt; ++ EVP_PKEY_set_type_str; ++ EVP_PKEY_CTX_get_keygen_info; ++ TS_REQ_set_policy_id; ++ d2i_TS_RESP_fp; ++ ENGINE_get_pkey_asn1_meth_engine; ++ ENGINE_get_pkey_asn1_meth_eng; ++ WHIRLPOOL_Init; ++ TS_RESP_set_status_info; ++ EVP_PKEY_keygen; ++ EVP_DigestSignInit; ++ TS_ACCURACY_set_millis; ++ TS_REQ_dup; ++ GENERAL_NAME_dup; ++ ASN1_SEQUENCE_ANY_it; ++ ASN1_SEQUENCE_ANY_it; ++ WHIRLPOOL; ++ X509_STORE_get1_crls; ++ ENGINE_get_pkey_asn1_meth; ++ EVP_PKEY_asn1_new; ++ BIO_new_NDEF; ++ ENGINE_get_pkey_meth; ++ TS_MSG_IMPRINT_set_algo; ++ i2d_TS_TST_INFO_bio; ++ TS_TST_INFO_set_ordering; ++ TS_TST_INFO_get_ext_by_OBJ; ++ CRYPTO_THREADID_set_pointer; ++ TS_CONF_get_tsa_section; ++ SMIME_write_ASN1; ++ TS_RESP_CTX_set_signer_key; ++ EVP_PKEY_encrypt_old; ++ EVP_PKEY_encrypt_init; ++ CRYPTO_THREADID_cpy; ++ ASN1_PCTX_get_cert_flags; ++ i2d_ESS_SIGNING_CERT; ++ TS_CONF_load_key; ++ i2d_ASN1_SEQUENCE_ANY; ++ d2i_TS_MSG_IMPRINT_bio; ++ EVP_PKEY_asn1_set_public; ++ b2i_PublicKey_bio; ++ BIO_asn1_set_prefix; ++ EVP_PKEY_new_mac_key; ++ BIO_new_CMS; ++ CRYPTO_THREADID_cmp; ++ TS_REQ_ext_free; ++ EVP_PKEY_asn1_set_free; ++ EVP_PKEY_get0_asn1; ++ d2i_NETSCAPE_X509; ++ EVP_PKEY_verify_recover_init; ++ EVP_PKEY_CTX_set_data; ++ EVP_PKEY_keygen_init; ++ TS_RESP_CTX_set_status_info; ++ TS_MSG_IMPRINT_get_algo; ++ TS_REQ_print_bio; ++ EVP_PKEY_CTX_ctrl_str; ++ EVP_PKEY_get_default_digest_nid; ++ PEM_write_bio_PKCS7_stream; ++ TS_MSG_IMPRINT_print_bio; ++ BN_asc2bn; ++ TS_REQ_get_policy_id; ++ ENGINE_set_default_pkey_asn1_meths; ++ ENGINE_set_def_pkey_asn1_meths; ++ d2i_TS_ACCURACY; ++ DSO_global_lookup; ++ TS_CONF_set_tsa_name; ++ i2d_ASN1_SET_ANY; ++ ENGINE_load_gost; ++ WHIRLPOOL_BitUpdate; ++ ASN1_PCTX_get_flags; ++ TS_TST_INFO_get_ext_by_NID; ++ TS_RESP_new; ++ ESS_CERT_ID_dup; ++ TS_STATUS_INFO_dup; ++ TS_REQ_delete_ext; ++ EVP_DigestVerifyFinal; ++ EVP_PKEY_print_params; ++ i2d_CMS_bio_stream; ++ TS_REQ_get_msg_imprint; ++ OBJ_find_sigid_by_algs; ++ TS_TST_INFO_get_serial; ++ TS_REQ_get_nonce; ++ X509_PUBKEY_set0_param; ++ EVP_PKEY_CTX_set0_keygen_info; ++ DIST_POINT_set_dpname; ++ i2d_ISSUING_DIST_POINT; ++ ASN1_SET_ANY_it; ++ ASN1_SET_ANY_it; ++ EVP_PKEY_CTX_get_data; ++ TS_STATUS_INFO_print_bio; ++ EVP_PKEY_derive_init; ++ d2i_TS_TST_INFO; ++ EVP_PKEY_asn1_add_alias; ++ d2i_TS_RESP_bio; ++ OTHERNAME_cmp; ++ GENERAL_NAME_set0_value; ++ PKCS7_RECIP_INFO_get0_alg; ++ TS_RESP_CTX_new; ++ TS_RESP_set_tst_info; ++ PKCS7_final; ++ EVP_PKEY_base_id; ++ TS_RESP_CTX_set_signer_cert; ++ TS_REQ_set_msg_imprint; ++ EVP_PKEY_CTX_ctrl; ++ TS_CONF_set_digests; ++ d2i_TS_MSG_IMPRINT; ++ EVP_PKEY_meth_set_ctrl; ++ TS_REQ_get_ext_by_NID; ++ PKCS5_pbe_set0_algor; ++ BN_BLINDING_thread_id; ++ TS_ACCURACY_new; ++ X509_CRL_METHOD_free; ++ ASN1_PCTX_get_nm_flags; ++ EVP_PKEY_meth_set_sign; ++ CRYPTO_THREADID_current; ++ EVP_PKEY_decrypt_init; ++ NETSCAPE_X509_free; ++ i2b_PVK_bio; ++ EVP_PKEY_print_private; ++ GENERAL_NAME_get0_value; ++ b2i_PVK_bio; ++ ASN1_UTCTIME_adj; ++ TS_TST_INFO_new; ++ EVP_MD_do_all_sorted; ++ TS_CONF_set_default_engine; ++ TS_ACCURACY_set_seconds; ++ TS_TST_INFO_get_time; ++ PKCS8_pkey_get0; ++ EVP_PKEY_asn1_get0; ++ OBJ_add_sigid; ++ PKCS7_SIGNER_INFO_sign; ++ EVP_PKEY_paramgen_init; ++ EVP_PKEY_sign; ++ OBJ_sigid_free; ++ EVP_PKEY_meth_set_init; ++ d2i_ESS_ISSUER_SERIAL; ++ ISSUING_DIST_POINT_new; ++ ASN1_TIME_adj; ++ TS_OBJ_print_bio; ++ EVP_PKEY_meth_set_verify_recover; ++ EVP_PKEY_meth_set_vrfy_recover; ++ TS_RESP_get_status_info; ++ CMS_stream; ++ EVP_PKEY_CTX_set_cb; ++ PKCS7_to_TS_TST_INFO; ++ ASN1_PCTX_get_oid_flags; ++ TS_TST_INFO_add_ext; ++ EVP_PKEY_meth_set_derive; ++ i2d_TS_RESP_fp; ++ i2d_TS_MSG_IMPRINT_bio; ++ TS_RESP_CTX_set_accuracy; ++ TS_REQ_set_nonce; ++ ESS_CERT_ID_new; ++ ENGINE_pkey_asn1_find_str; ++ TS_REQ_get_ext_count; ++ BUF_reverse; ++ TS_TST_INFO_print_bio; ++ d2i_ISSUING_DIST_POINT; ++ ENGINE_get_pkey_meths; ++ i2b_PrivateKey_bio; ++ i2d_TS_RESP; ++ b2i_PublicKey; ++ TS_VERIFY_CTX_cleanup; ++ TS_STATUS_INFO_free; ++ TS_RESP_verify_token; ++ OBJ_bsearch_ex_; ++ ASN1_bn_print; ++ EVP_PKEY_asn1_get_count; ++ ENGINE_register_pkey_asn1_meths; ++ ASN1_PCTX_set_nm_flags; ++ EVP_DigestVerifyInit; ++ ENGINE_set_default_pkey_meths; ++ TS_TST_INFO_get_policy_id; ++ TS_REQ_get_cert_req; ++ X509_CRL_set_meth_data; ++ PKCS8_pkey_set0; ++ ASN1_STRING_copy; ++ d2i_TS_TST_INFO_fp; ++ X509_CRL_match; ++ EVP_PKEY_asn1_set_private; ++ TS_TST_INFO_get_ext_d2i; ++ TS_RESP_CTX_add_policy; ++ d2i_TS_RESP; ++ TS_CONF_load_certs; ++ TS_TST_INFO_get_msg_imprint; ++ ERR_load_TS_strings; ++ TS_TST_INFO_get_version; ++ EVP_PKEY_CTX_dup; ++ EVP_PKEY_meth_set_verify; ++ i2b_PublicKey_bio; ++ TS_CONF_set_certs; ++ EVP_PKEY_asn1_get0_info; ++ TS_VERIFY_CTX_free; ++ TS_REQ_get_ext_by_critical; ++ TS_RESP_CTX_set_serial_cb; ++ X509_CRL_get_meth_data; ++ TS_RESP_CTX_set_time_cb; ++ TS_MSG_IMPRINT_get_msg; ++ TS_TST_INFO_ext_free; ++ TS_REQ_get_version; ++ TS_REQ_add_ext; ++ EVP_PKEY_CTX_set_app_data; ++ OBJ_bsearch_; ++ EVP_PKEY_meth_set_verifyctx; ++ i2d_PKCS7_bio_stream; ++ CRYPTO_THREADID_set_numeric; ++ PKCS7_sign_add_signer; ++ d2i_TS_TST_INFO_bio; ++ TS_TST_INFO_get_ordering; ++ TS_RESP_print_bio; ++ TS_TST_INFO_get_exts; ++ HMAC_CTX_copy; ++ PKCS5_pbe2_set_iv; ++ ENGINE_get_pkey_asn1_meths; ++ b2i_PrivateKey; ++ EVP_PKEY_CTX_get_app_data; ++ TS_REQ_set_cert_req; ++ CRYPTO_THREADID_set_callback; ++ TS_CONF_set_serial; ++ TS_TST_INFO_free; ++ d2i_TS_REQ_fp; ++ TS_RESP_verify_response; ++ i2d_ESS_ISSUER_SERIAL; ++ TS_ACCURACY_get_seconds; ++ EVP_CIPHER_do_all; ++ b2i_PrivateKey_bio; ++ OCSP_CERTID_dup; ++ X509_PUBKEY_get0_param; ++ TS_MSG_IMPRINT_dup; ++ PKCS7_print_ctx; ++ i2d_TS_REQ_bio; ++ EVP_whirlpool; ++ EVP_PKEY_asn1_set_param; ++ EVP_PKEY_meth_set_encrypt; ++ ASN1_PCTX_set_flags; ++ i2d_ESS_CERT_ID; ++ TS_VERIFY_CTX_new; ++ TS_RESP_CTX_set_extension_cb; ++ ENGINE_register_all_pkey_meths; ++ TS_RESP_CTX_set_status_info_cond; ++ TS_RESP_CTX_set_stat_info_cond; ++ EVP_PKEY_verify; ++ WHIRLPOOL_Final; ++ X509_CRL_METHOD_new; ++ EVP_DigestSignFinal; ++ TS_RESP_CTX_set_def_policy; ++ NETSCAPE_X509_it; ++ NETSCAPE_X509_it; ++ TS_RESP_create_response; ++ PKCS7_SIGNER_INFO_get0_algs; ++ TS_TST_INFO_get_nonce; ++ EVP_PKEY_decrypt_old; ++ TS_TST_INFO_set_policy_id; ++ TS_CONF_set_ess_cert_id_chain; ++ EVP_PKEY_CTX_get0_pkey; ++ d2i_TS_REQ; ++ EVP_PKEY_asn1_find_str; ++ BIO_f_asn1; ++ ESS_SIGNING_CERT_new; ++ EVP_PBE_find; ++ X509_CRL_get0_by_cert; ++ EVP_PKEY_derive; ++ i2d_TS_REQ; ++ TS_TST_INFO_delete_ext; ++ ESS_ISSUER_SERIAL_free; ++ ASN1_PCTX_set_str_flags; ++ ENGINE_get_pkey_asn1_meth_str; ++ TS_CONF_set_signer_key; ++ TS_ACCURACY_get_millis; ++ TS_RESP_get_token; ++ TS_ACCURACY_dup; ++ ENGINE_register_all_pkey_asn1_meths; ++ ENGINE_reg_all_pkey_asn1_meths; ++ X509_CRL_set_default_method; ++ CRYPTO_THREADID_hash; ++ CMS_ContentInfo_print_ctx; ++ TS_RESP_free; ++ ISSUING_DIST_POINT_free; ++ ESS_ISSUER_SERIAL_new; ++ CMS_add1_crl; ++ PKCS7_add1_attrib_digest; ++ TS_RESP_CTX_add_md; ++ TS_TST_INFO_dup; ++ ENGINE_set_pkey_asn1_meths; ++ PEM_write_bio_Parameters; ++ TS_TST_INFO_get_accuracy; ++ X509_CRL_get0_by_serial; ++ TS_TST_INFO_set_version; ++ TS_RESP_CTX_get_tst_info; ++ TS_RESP_verify_signature; ++ CRYPTO_THREADID_get_callback; ++ TS_TST_INFO_get_tsa; ++ TS_STATUS_INFO_new; ++ EVP_PKEY_CTX_get_cb; ++ TS_REQ_get_ext_d2i; ++ GENERAL_NAME_set0_othername; ++ TS_TST_INFO_get_ext_count; ++ TS_RESP_CTX_get_request; ++ i2d_NETSCAPE_X509; ++ ENGINE_get_pkey_meth_engine; ++ EVP_PKEY_meth_set_signctx; ++ EVP_PKEY_asn1_copy; ++ ASN1_TYPE_cmp; ++ EVP_CIPHER_do_all_sorted; ++ EVP_PKEY_CTX_free; ++ ISSUING_DIST_POINT_it; ++ ISSUING_DIST_POINT_it; ++ d2i_TS_MSG_IMPRINT_fp; ++ X509_STORE_get1_certs; ++ EVP_PKEY_CTX_get_operation; ++ d2i_ESS_SIGNING_CERT; ++ TS_CONF_set_ordering; ++ EVP_PBE_alg_add_type; ++ TS_REQ_set_version; ++ EVP_PKEY_get0; ++ BIO_asn1_set_suffix; ++ i2d_TS_STATUS_INFO; ++ EVP_MD_do_all; ++ TS_TST_INFO_set_accuracy; ++ PKCS7_add_attrib_content_type; ++ ERR_remove_thread_state; ++ EVP_PKEY_meth_add0; ++ TS_TST_INFO_set_tsa; ++ EVP_PKEY_meth_new; ++ WHIRLPOOL_Update; ++ TS_CONF_set_accuracy; ++ ASN1_PCTX_set_oid_flags; ++ ESS_SIGNING_CERT_dup; ++ d2i_TS_REQ_bio; ++ X509_time_adj_ex; ++ TS_RESP_CTX_add_flags; ++ d2i_TS_STATUS_INFO; ++ TS_MSG_IMPRINT_set_msg; ++ BIO_asn1_get_suffix; ++ TS_REQ_free; ++ EVP_PKEY_meth_free; ++ TS_REQ_get_exts; ++ TS_RESP_CTX_set_clock_precision_digits; ++ TS_RESP_CTX_set_clk_prec_digits; ++ TS_RESP_CTX_add_failure_info; ++ i2d_TS_RESP_bio; ++ EVP_PKEY_CTX_get0_peerkey; ++ PEM_write_bio_CMS_stream; ++ TS_REQ_new; ++ TS_MSG_IMPRINT_new; ++ EVP_PKEY_meth_find; ++ EVP_PKEY_id; ++ TS_TST_INFO_set_serial; ++ a2i_GENERAL_NAME; ++ TS_CONF_set_crypto_device; ++ EVP_PKEY_verify_init; ++ TS_CONF_set_policies; ++ ASN1_PCTX_new; ++ ESS_CERT_ID_free; ++ ENGINE_unregister_pkey_meths; ++ TS_MSG_IMPRINT_free; ++ TS_VERIFY_CTX_init; ++ PKCS7_stream; ++ TS_RESP_CTX_set_certs; ++ TS_CONF_set_def_policy; ++ ASN1_GENERALIZEDTIME_adj; ++ NETSCAPE_X509_new; ++ TS_ACCURACY_free; ++ TS_RESP_get_tst_info; ++ EVP_PKEY_derive_set_peer; ++ PEM_read_bio_Parameters; ++ TS_CONF_set_clock_precision_digits; ++ TS_CONF_set_clk_prec_digits; ++ ESS_ISSUER_SERIAL_dup; ++ TS_ACCURACY_get_micros; ++ ASN1_PCTX_get_str_flags; ++ NAME_CONSTRAINTS_check; ++ ASN1_BIT_STRING_check; ++ X509_check_akid; ++ ENGINE_unregister_pkey_asn1_meths; ++ ENGINE_unreg_pkey_asn1_meths; ++ ASN1_PCTX_free; ++ PEM_write_bio_ASN1_stream; ++ i2d_ASN1_bio_stream; ++ TS_X509_ALGOR_print_bio; ++ EVP_PKEY_meth_set_cleanup; ++ EVP_PKEY_asn1_free; ++ ESS_SIGNING_CERT_free; ++ TS_TST_INFO_set_msg_imprint; ++ GENERAL_NAME_cmp; ++ d2i_ASN1_SET_ANY; ++ ENGINE_set_pkey_meths; ++ i2d_TS_REQ_fp; ++ d2i_ASN1_SEQUENCE_ANY; ++ GENERAL_NAME_get0_otherName; ++ d2i_ESS_CERT_ID; ++ OBJ_find_sigid_algs; ++ EVP_PKEY_meth_set_keygen; ++ PKCS5_PBKDF2_HMAC; ++ EVP_PKEY_paramgen; ++ EVP_PKEY_meth_set_paramgen; ++ BIO_new_PKCS7; ++ EVP_PKEY_verify_recover; ++ TS_ext_print_bio; ++ TS_ASN1_INTEGER_print_bio; ++ check_defer; ++ DSO_pathbyaddr; ++ EVP_PKEY_set_type; ++ TS_ACCURACY_set_micros; ++ TS_REQ_to_TS_VERIFY_CTX; ++ EVP_PKEY_meth_set_copy; ++ ASN1_PCTX_set_cert_flags; ++ TS_TST_INFO_get_ext; ++ EVP_PKEY_asn1_set_ctrl; ++ TS_TST_INFO_get_ext_by_critical; ++ EVP_PKEY_CTX_new_id; ++ TS_REQ_get_ext_by_OBJ; ++ TS_CONF_set_signer_cert; ++ X509_NAME_hash_old; ++ ASN1_TIME_set_string; ++ EVP_MD_flags; ++ TS_RESP_CTX_free; ++ DSAparams_dup; ++ DHparams_dup; ++ OCSP_REQ_CTX_add1_header; ++ OCSP_REQ_CTX_set1_req; ++ X509_STORE_set_verify_cb; ++ X509_STORE_CTX_get0_current_crl; ++ X509_STORE_CTX_get0_parent_ctx; ++ X509_STORE_CTX_get0_current_issuer; ++ X509_STORE_CTX_get0_cur_issuer; ++ X509_issuer_name_hash_old; ++ X509_subject_name_hash_old; ++ EVP_CIPHER_CTX_copy; ++ UI_method_get_prompt_constructor; ++ UI_method_get_prompt_constructr; ++ UI_method_set_prompt_constructor; ++ UI_method_set_prompt_constructr; ++ EVP_read_pw_string_min; ++ CRYPTO_cts128_encrypt; ++ CRYPTO_cts128_decrypt_block; ++ CRYPTO_cfb128_1_encrypt; ++ CRYPTO_cbc128_encrypt; ++ CRYPTO_ctr128_encrypt; ++ CRYPTO_ofb128_encrypt; ++ CRYPTO_cts128_decrypt; ++ CRYPTO_cts128_encrypt_block; ++ CRYPTO_cbc128_decrypt; ++ CRYPTO_cfb128_encrypt; ++ CRYPTO_cfb128_8_encrypt; ++ ++ local: ++ *; ++}; ++ ++ ++OPENSSL_1.0.1 { ++ global: ++ SSL_renegotiate_abbreviated; ++ TLSv1_1_method; ++ TLSv1_1_client_method; ++ TLSv1_1_server_method; ++ SSL_CTX_set_srp_client_pwd_callback; ++ SSL_CTX_set_srp_client_pwd_cb; ++ SSL_get_srp_g; ++ SSL_CTX_set_srp_username_callback; ++ SSL_CTX_set_srp_un_cb; ++ SSL_get_srp_userinfo; ++ SSL_set_srp_server_param; ++ SSL_set_srp_server_param_pw; ++ SSL_get_srp_N; ++ SSL_get_srp_username; ++ SSL_CTX_set_srp_password; ++ SSL_CTX_set_srp_strength; ++ SSL_CTX_set_srp_verify_param_callback; ++ SSL_CTX_set_srp_vfy_param_cb; ++ SSL_CTX_set_srp_cb_arg; ++ SSL_CTX_set_srp_username; ++ SSL_CTX_SRP_CTX_init; ++ SSL_SRP_CTX_init; ++ SRP_Calc_A_param; ++ SRP_generate_server_master_secret; ++ SRP_gen_server_master_secret; ++ SSL_CTX_SRP_CTX_free; ++ SRP_generate_client_master_secret; ++ SRP_gen_client_master_secret; ++ SSL_srp_server_param_with_username; ++ SSL_srp_server_param_with_un; ++ SSL_SRP_CTX_free; ++ SSL_set_debug; ++ SSL_SESSION_get0_peer; ++ TLSv1_2_client_method; ++ SSL_SESSION_set1_id_context; ++ TLSv1_2_server_method; ++ SSL_cache_hit; ++ SSL_get0_kssl_ctx; ++ SSL_set0_kssl_ctx; ++ SSL_set_state; ++ SSL_CIPHER_get_id; ++ TLSv1_2_method; ++ kssl_ctx_get0_client_princ; ++ SSL_export_keying_material; ++ SSL_set_tlsext_use_srtp; ++ SSL_CTX_set_next_protos_advertised_cb; ++ SSL_CTX_set_next_protos_adv_cb; ++ SSL_get0_next_proto_negotiated; ++ SSL_get_selected_srtp_profile; ++ SSL_CTX_set_tlsext_use_srtp; ++ SSL_select_next_proto; ++ SSL_get_srtp_profiles; ++ SSL_CTX_set_next_proto_select_cb; ++ SSL_CTX_set_next_proto_sel_cb; ++ SSL_SESSION_get_compress_id; ++ ++ SRP_VBASE_get_by_user; ++ SRP_Calc_server_key; ++ SRP_create_verifier; ++ SRP_create_verifier_BN; ++ SRP_Calc_u; ++ SRP_VBASE_free; ++ SRP_Calc_client_key; ++ SRP_get_default_gN; ++ SRP_Calc_x; ++ SRP_Calc_B; ++ SRP_VBASE_new; ++ SRP_check_known_gN_param; ++ SRP_Calc_A; ++ SRP_Verify_A_mod_N; ++ SRP_VBASE_init; ++ SRP_Verify_B_mod_N; ++ EC_KEY_set_public_key_affine_coordinates; ++ EC_KEY_set_pub_key_aff_coords; ++ EVP_aes_192_ctr; ++ EVP_PKEY_meth_get0_info; ++ EVP_PKEY_meth_copy; ++ ERR_add_error_vdata; ++ EVP_aes_128_ctr; ++ EVP_aes_256_ctr; ++ EC_GFp_nistp224_method; ++ EC_KEY_get_flags; ++ RSA_padding_add_PKCS1_PSS_mgf1; ++ EVP_aes_128_xts; ++ EVP_aes_256_xts; ++ EVP_aes_128_gcm; ++ EC_KEY_clear_flags; ++ EC_KEY_set_flags; ++ EVP_aes_256_ccm; ++ RSA_verify_PKCS1_PSS_mgf1; ++ EVP_aes_128_ccm; ++ EVP_aes_192_gcm; ++ X509_ALGOR_set_md; ++ RAND_init_fips; ++ EVP_aes_256_gcm; ++ EVP_aes_192_ccm; ++ CMAC_CTX_copy; ++ CMAC_CTX_free; ++ CMAC_CTX_get0_cipher_ctx; ++ CMAC_CTX_cleanup; ++ CMAC_Init; ++ CMAC_Update; ++ CMAC_resume; ++ CMAC_CTX_new; ++ CMAC_Final; ++ CRYPTO_ctr128_encrypt_ctr32; ++ CRYPTO_gcm128_release; ++ CRYPTO_ccm128_decrypt_ccm64; ++ CRYPTO_ccm128_encrypt; ++ CRYPTO_gcm128_encrypt; ++ CRYPTO_xts128_encrypt; ++ EVP_rc4_hmac_md5; ++ CRYPTO_nistcts128_decrypt_block; ++ CRYPTO_gcm128_setiv; ++ CRYPTO_nistcts128_encrypt; ++ EVP_aes_128_cbc_hmac_sha1; ++ CRYPTO_gcm128_tag; ++ CRYPTO_ccm128_encrypt_ccm64; ++ ENGINE_load_rdrand; ++ CRYPTO_ccm128_setiv; ++ CRYPTO_nistcts128_encrypt_block; ++ CRYPTO_gcm128_aad; ++ CRYPTO_ccm128_init; ++ CRYPTO_nistcts128_decrypt; ++ CRYPTO_gcm128_new; ++ CRYPTO_ccm128_tag; ++ CRYPTO_ccm128_decrypt; ++ CRYPTO_ccm128_aad; ++ CRYPTO_gcm128_init; ++ CRYPTO_gcm128_decrypt; ++ ENGINE_load_rsax; ++ CRYPTO_gcm128_decrypt_ctr32; ++ CRYPTO_gcm128_encrypt_ctr32; ++ CRYPTO_gcm128_finish; ++ EVP_aes_256_cbc_hmac_sha1; ++ PKCS5_pbkdf2_set; ++ CMS_add0_recipient_password; ++ CMS_decrypt_set1_password; ++ CMS_RecipientInfo_set0_password; ++ RAND_set_fips_drbg_type; ++ X509_REQ_sign_ctx; ++ RSA_PSS_PARAMS_new; ++ X509_CRL_sign_ctx; ++ X509_signature_dump; ++ d2i_RSA_PSS_PARAMS; ++ RSA_PSS_PARAMS_it; ++ RSA_PSS_PARAMS_it; ++ RSA_PSS_PARAMS_free; ++ X509_sign_ctx; ++ i2d_RSA_PSS_PARAMS; ++ ASN1_item_sign_ctx; ++ EC_GFp_nistp521_method; ++ EC_GFp_nistp256_method; ++ OPENSSL_stderr; ++ OPENSSL_cpuid_setup; ++ OPENSSL_showfatal; ++ BIO_new_dgram_sctp; ++ BIO_dgram_sctp_msg_waiting; ++ BIO_dgram_sctp_wait_for_dry; ++ BIO_s_datagram_sctp; ++ BIO_dgram_is_sctp; ++ BIO_dgram_sctp_notification_cb; ++} OPENSSL_1.0.0; ++ ++OPENSSL_1.0.1d { ++ global: ++ CRYPTO_memcmp; ++} OPENSSL_1.0.1; ++ +Index: openssl-1.0.1d/engines/openssl.ld +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-1.0.1d/engines/openssl.ld 2013-02-06 19:41:43.000000000 +0100 +@@ -0,0 +1,10 @@ ++OPENSSL_1.0.0 { ++ global: ++ bind_engine; ++ v_check; ++ OPENSSL_init; ++ OPENSSL_finish; ++ local: ++ *; ++}; ++ +Index: openssl-1.0.1d/engines/ccgost/openssl.ld +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-1.0.1d/engines/ccgost/openssl.ld 2013-02-06 19:41:43.000000000 +0100 +@@ -0,0 +1,10 @@ ++OPENSSL_1.0.0 { ++ global: ++ bind_engine; ++ v_check; ++ OPENSSL_init; ++ OPENSSL_finish; ++ local: ++ *; ++}; ++ diff --git a/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch b/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch new file mode 100644 index 00000000..d8a6f1a2 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch @@ -0,0 +1,56 @@ +Upstream-Status: Inappropriate [configuration] + + +Index: openssl-1.0.0/engines/Makefile +=================================================================== +--- openssl-1.0.0.orig/engines/Makefile ++++ openssl-1.0.0/engines/Makefile +@@ -107,7 +107,7 @@ + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... + @if [ -n "$(SHARED_LIBS)" ]; then \ + set -e; \ +- $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \ ++ $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines; \ + for l in $(LIBNAMES); do \ + ( echo installing $$l; \ + pfx=lib; \ +@@ -119,13 +119,13 @@ + *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ + *) sfx=".bad";; \ + esac; \ +- cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ ++ cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ + else \ + sfx=".so"; \ +- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ ++ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ + fi; \ +- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ +- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ ++ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ ++ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx ); \ + done; \ + fi + @target=install; $(RECURSIVE_MAKE) +Index: openssl-1.0.0/engines/ccgost/Makefile +=================================================================== +--- openssl-1.0.0.orig/engines/ccgost/Makefile ++++ openssl-1.0.0/engines/ccgost/Makefile +@@ -53,13 +53,13 @@ + *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ + *) sfx=".bad";; \ + esac; \ +- cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ ++ cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ + else \ + sfx=".so"; \ +- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ ++ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ + fi; \ +- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ +- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \ ++ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ ++ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx; \ + fi + + links: diff --git a/recipes-connectivity/openssl/openssl/find.pl b/recipes-connectivity/openssl/openssl/find.pl new file mode 100644 index 00000000..8e1b42c8 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/find.pl @@ -0,0 +1,54 @@ +warn "Legacy library @{[(caller(0))[6]]} will be removed from the Perl core distribution in the next major release. Please install it from the CPAN distribution Perl4::CoreLibs. It is being used at @{[(caller)[1]]}, line @{[(caller)[2]]}.\n"; + +# This library is deprecated and unmaintained. It is included for +# compatibility with Perl 4 scripts which may use it, but it will be +# removed in a future version of Perl. Please use the File::Find module +# instead. + +# Usage: +# require "find.pl"; +# +# &find('/foo','/bar'); +# +# sub wanted { ... } +# where wanted does whatever you want. $dir contains the +# current directory name, and $_ the current filename within +# that directory. $name contains "$dir/$_". You are cd'ed +# to $dir when the function is called. The function may +# set $prune to prune the tree. +# +# For example, +# +# find / -name .nfs\* -mtime +7 -exec rm -f {} \; -o -fstype nfs -prune +# +# corresponds to this +# +# sub wanted { +# /^\.nfs.*$/ && +# (($dev,$ino,$mode,$nlink,$uid,$gid) = lstat($_)) && +# int(-M _) > 7 && +# unlink($_) +# || +# ($nlink || (($dev,$ino,$mode,$nlink,$uid,$gid) = lstat($_))) && +# $dev < 0 && +# ($prune = 1); +# } +# +# Set the variable $dont_use_nlink if you're using AFS, since AFS cheats. + +use File::Find (); + +*name = *File::Find::name; +*prune = *File::Find::prune; +*dir = *File::Find::dir; +*topdir = *File::Find::topdir; +*topdev = *File::Find::topdev; +*topino = *File::Find::topino; +*topmode = *File::Find::topmode; +*topnlink = *File::Find::topnlink; + +sub find { + &File::Find::find(\&wanted, @_); +} + +1; diff --git a/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch b/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch new file mode 100644 index 00000000..f0e17784 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch @@ -0,0 +1,22 @@ +Upstream-Status: Submitted + +This patch adds the fix for one of the ciphers used in openssl, namely +the cipher des-ede3-cfb1. Complete bug log and patch is present here: +http://rt.openssl.org/Ticket/Display.html?id=2867 + +Signed-Off-By: Muhammad Shakeel + +diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c +index 3232cfe..df84922 100644 +=================================================================== +--- a/crypto/evp/e_des3.c ++++ b/crypto/evp/e_des3.c +@@ -173,7 +173,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + size_t n; + unsigned char c[1],d[1]; + +- for(n=0 ; n < inl ; ++n) ++ for(n=0 ; n < inl*8 ; ++n) + { + c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0; + DES_ede3_cfb_encrypt(c,d,1,1, diff --git a/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch b/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch new file mode 100644 index 00000000..2185ff8a --- /dev/null +++ b/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch @@ -0,0 +1,119 @@ +From: Andy Polyakov +Date: Sun, 13 Oct 2013 17:15:15 +0000 (+0200) +Subject: Initial aarch64 bits. +X-Git-Url: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=039081b80977e2a5de84e1f88f8b4d025b559956 + +Initial aarch64 bits. +--- + crypto/bn/bn_lcl.h | 9 +++++++++ + crypto/md32_common.h | 18 ++++++++++++++++++ + crypto/modes/modes_lcl.h | 8 ++++++++ + crypto/sha/sha512.c | 13 +++++++++++++ + 4 files changed, 48 insertions(+) + +Index: openssl-1.0.1f/crypto/bn/bn_lcl.h +=================================================================== +--- openssl-1.0.1f.orig/crypto/bn/bn_lcl.h 2014-01-06 15:47:42.000000000 +0200 ++++ openssl-1.0.1f/crypto/bn/bn_lcl.h 2014-02-28 10:37:55.495979037 +0200 +@@ -300,6 +300,15 @@ + : "r"(a), "r"(b)); + # endif + # endif ++# elif defined(__aarch64__) && defined(SIXTY_FOUR_BIT_LONG) ++# if defined(__GNUC__) && __GNUC__>=2 ++# define BN_UMULT_HIGH(a,b) ({ \ ++ register BN_ULONG ret; \ ++ asm ("umulh %0,%1,%2" \ ++ : "=r"(ret) \ ++ : "r"(a), "r"(b)); \ ++ ret; }) ++# endif + # endif /* cpu */ + #endif /* OPENSSL_NO_ASM */ + +Index: openssl-1.0.1f/crypto/md32_common.h +=================================================================== +--- openssl-1.0.1f.orig/crypto/md32_common.h 2014-01-06 15:47:42.000000000 +0200 ++++ openssl-1.0.1f/crypto/md32_common.h 2014-02-28 10:39:21.751979107 +0200 +@@ -213,6 +213,24 @@ + asm ("bswapl %0":"=r"(r):"0"(r)); \ + *((unsigned int *)(c))=r; (c)+=4; r; }) + # endif ++# elif defined(__aarch64__) ++# if defined(__BYTE_ORDER__) ++# if defined(__ORDER_LITTLE_ENDIAN__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__ ++# define HOST_c2l(c,l) ({ unsigned int r; \ ++ asm ("rev %w0,%w1" \ ++ :"=r"(r) \ ++ :"r"(*((const unsigned int *)(c))));\ ++ (c)+=4; (l)=r; }) ++# define HOST_l2c(l,c) ({ unsigned int r; \ ++ asm ("rev %w0,%w1" \ ++ :"=r"(r) \ ++ :"r"((unsigned int)(l)));\ ++ *((unsigned int *)(c))=r; (c)+=4; r; }) ++# elif defined(__ORDER_BIG_ENDIAN__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__ ++# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l)) ++# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l)) ++# endif ++# endif + # endif + # endif + #endif +Index: openssl-1.0.1f/crypto/modes/modes_lcl.h +=================================================================== +--- openssl-1.0.1f.orig/crypto/modes/modes_lcl.h 2014-02-28 10:47:48.731979011 +0200 ++++ openssl-1.0.1f/crypto/modes/modes_lcl.h 2014-02-28 10:48:49.707978919 +0200 +@@ -29,6 +29,7 @@ + #if defined(__i386) || defined(__i386__) || \ + defined(__x86_64) || defined(__x86_64__) || \ + defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \ ++ defined(__aarch64__) || \ + defined(__s390__) || defined(__s390x__) + # undef STRICT_ALIGNMENT + #endif +@@ -50,6 +51,13 @@ + # define BSWAP4(x) ({ u32 ret=(x); \ + asm ("bswapl %0" \ + : "+r"(ret)); ret; }) ++# elif defined(__aarch64__) ++# define BSWAP8(x) ({ u64 ret; \ ++ asm ("rev %0,%1" \ ++ : "=r"(ret) : "r"(x)); ret; }) ++# define BSWAP4(x) ({ u32 ret; \ ++ asm ("rev %w0,%w1" \ ++ : "=r"(ret) : "r"(x)); ret; }) + # elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT) + # define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \ + asm ("rev %0,%0; rev %1,%1" \ +Index: openssl-1.0.1f/crypto/sha/sha512.c +=================================================================== +--- openssl-1.0.1f.orig/crypto/sha/sha512.c 2014-01-06 15:47:42.000000000 +0200 ++++ openssl-1.0.1f/crypto/sha/sha512.c 2014-02-28 10:52:14.579978981 +0200 +@@ -55,6 +55,7 @@ + #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ + defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \ + defined(__s390__) || defined(__s390x__) || \ ++ defined(__aarch64__) || \ + defined(SHA512_ASM) + #define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA + #endif +@@ -347,6 +348,18 @@ + asm ("rotrdi %0,%1,%2" \ + : "=r"(ret) \ + : "r"(a),"K"(n)); ret; }) ++# elif defined(__aarch64__) ++# define ROTR(a,n) ({ SHA_LONG64 ret; \ ++ asm ("ror %0,%1,%2" \ ++ : "=r"(ret) \ ++ : "r"(a),"I"(n)); ret; }) ++# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \ ++ __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__ ++# define PULL64(x) ({ SHA_LONG64 ret; \ ++ asm ("rev %0,%1" \ ++ : "=r"(ret) \ ++ : "r"(*((const SHA_LONG64 *)(&(x))))); ret; }) ++# endif + # endif + # elif defined(_MSC_VER) + # if defined(_WIN64) /* applies to both IA-64 and AMD64 */ diff --git a/recipes-connectivity/openssl/openssl/oe-ldflags.patch b/recipes-connectivity/openssl/openssl/oe-ldflags.patch new file mode 100644 index 00000000..292e13dc --- /dev/null +++ b/recipes-connectivity/openssl/openssl/oe-ldflags.patch @@ -0,0 +1,24 @@ +Upstream-Status: Inappropriate [open-embedded] + +Index: openssl-1.0.0/Makefile.shared +=================================================================== +--- openssl-1.0.0.orig/Makefile.shared ++++ openssl-1.0.0/Makefile.shared +@@ -92,7 +92,7 @@ + LINK_APP= \ + ( $(SET_X); \ + LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \ +- LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \ ++ LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$(OE_LDFLAGS) $${LDFLAGS:-$(CFLAGS)}"; \ + LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ + LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ + LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ +@@ -102,7 +102,7 @@ + ( $(SET_X); \ + LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \ + SHAREDCMD="$${SHAREDCMD:-$(CC)}"; \ +- SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ ++ SHAREDFLAGS="$(OE_LDFLAGS) $${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ + LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ + LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ + LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ diff --git a/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch new file mode 100644 index 00000000..c161e62f --- /dev/null +++ b/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch @@ -0,0 +1,21 @@ +openssl: avoid NULL pointer dereference in EVP_DigestInit_ex() + +We should avoid accessing the type pointer if it's NULL, +this could happen if ctx->digest is not NULL. + +Upstream-Status: Submitted +http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html + +Signed-off-by: Xufeng Zhang +--- +--- a/crypto/evp/digest.c ++++ b/crypto/evp/digest.c +@@ -199,7 +199,7 @@ + return 0; + } + #endif +- if (ctx->digest != type) ++ if (type && (ctx->digest != type)) + { + if (ctx->digest && ctx->digest->ctx_size) + OPENSSL_free(ctx->md_data); diff --git a/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch b/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch new file mode 100644 index 00000000..3e93fe4e --- /dev/null +++ b/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch @@ -0,0 +1,39 @@ +openssl: avoid NULL pointer dereference in dh_pub_encode()/dsa_pub_encode() + +We should avoid accessing the pointer if ASN1_STRING_new() +allocates memory failed. + +Upstream-Status: Submitted +http://www.mail-archive.com/openssl-dev@openssl.org/msg32859.html + +Signed-off-by: Xufeng Zhang +--- +--- a/crypto/dh/dh_ameth.c ++++ b/crypto/dh/dh_ameth.c +@@ -139,6 +139,12 @@ + dh=pkey->pkey.dh; + + str = ASN1_STRING_new(); ++ if (!str) ++ { ++ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ + str->length = i2d_DHparams(dh, &str->data); + if (str->length <= 0) + { +--- a/crypto/dsa/dsa_ameth.c ++++ b/crypto/dsa/dsa_ameth.c +@@ -148,6 +148,11 @@ + { + ASN1_STRING *str; + str = ASN1_STRING_new(); ++ if (!str) ++ { ++ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } + str->length = i2d_DSAparams(dsa, &str->data); + if (str->length <= 0) + { diff --git a/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch b/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch new file mode 100644 index 00000000..de49729e --- /dev/null +++ b/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch @@ -0,0 +1,19 @@ +openssl: Fix pod2man des.pod error on Ubuntu 12.04 + +This is a formatting fix, '=back' is required before +'=head1' on Ubuntu 12.04. + +Upstream-Status: Pending +Signed-off-by: Baogen Shang +diff -urpN a_origin/des.pod b_modify/des.pod +--- a_origin/crypto/des/des.pod 2013-08-15 15:02:56.211674589 +0800 ++++ b_modify/crypto/des/des.pod 2013-08-15 15:04:14.439674580 +0800 +@@ -181,6 +181,8 @@ the uuencoded file to embed in the begin + output. If there is no name specified after the B<-u>, the name text.des + will be embedded in the header. + ++=back ++ + =head1 SEE ALSO + + ps(1), diff --git a/recipes-connectivity/openssl/openssl/openssl-fix-link.patch b/recipes-connectivity/openssl/openssl/openssl-fix-link.patch new file mode 100644 index 00000000..154106cb --- /dev/null +++ b/recipes-connectivity/openssl/openssl/openssl-fix-link.patch @@ -0,0 +1,35 @@ +From aabfb6f78af8e337d3239142117ba303fce55e7e Mon Sep 17 00:00:00 2001 +From: Dmitry Eremin-Solenikov +Date: Thu, 22 Sep 2011 08:55:26 +0200 +Subject: [PATCH] fix the parallel build regarding shared libraries. + +Upstream-Status: Pending +--- + .../openssl-1.0.0e/Makefile.org | 8 ++++---- + 1 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/Makefile.org +index 3c7aea1..6326cd6 100644 +--- a/Makefile.org ++++ b/Makefile.org +@@ -243,13 +243,13 @@ build_libs: build_crypto build_ssl build_engines + + build_crypto: + @dir=crypto; target=all; $(BUILD_ONE_CMD) +-build_ssl: ++build_ssl: build_crypto + @dir=ssl; target=all; $(BUILD_ONE_CMD) +-build_engines: ++build_engines: build_crypto + @dir=engines; target=all; $(BUILD_ONE_CMD) +-build_apps: ++build_apps: build_crypto build_ssl + @dir=apps; target=all; $(BUILD_ONE_CMD) +-build_tests: ++build_tests: build_crypto build_ssl + @dir=test; target=all; $(BUILD_ONE_CMD) + build_tools: + @dir=tools; target=all; $(BUILD_ONE_CMD) +-- +1.6.6.1 + diff --git a/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch b/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch new file mode 100644 index 00000000..93ce0343 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch @@ -0,0 +1,90 @@ +Upstream-Status: Pending + +Received from H J Liu @ Intel +Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors. +Signed-Off-By: Nitin A Kamble 2011/07/13 + +ported the patch to the 1.0.0e version +Signed-Off-By: Nitin A Kamble 2011/12/01 +Index: openssl-1.0.1e/Configure +=================================================================== +--- openssl-1.0.1e.orig/Configure ++++ openssl-1.0.1e/Configure +@@ -402,6 +402,7 @@ my %table=( + "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", ++"linux-x32", "gcc:-mx32 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32", + "linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", + #### So called "highgprs" target for z/Architecture CPUs + # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see +Index: openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c +=================================================================== +--- openssl-1.0.1e.orig/crypto/bn/asm/x86_64-gcc.c ++++ openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c +@@ -55,7 +55,7 @@ + * machine. + */ + +-#ifdef _WIN64 ++#if defined _WIN64 || !defined __LP64__ + #define BN_ULONG unsigned long long + #else + #define BN_ULONG unsigned long +@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con + asm ( + " subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " adcq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " adcq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n" +@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con + asm ( + " subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " sbbq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " sbbq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n" +Index: openssl-1.0.1e/crypto/bn/bn.h +=================================================================== +--- openssl-1.0.1e.orig/crypto/bn/bn.h ++++ openssl-1.0.1e/crypto/bn/bn.h +@@ -172,6 +172,13 @@ extern "C" { + # endif + #endif + ++/* Address type. */ ++#ifdef _WIN64 ++#define BN_ADDR unsigned long long ++#else ++#define BN_ADDR unsigned long ++#endif ++ + /* assuming long is 64bit - this is the DEC Alpha + * unsigned long long is only 64 bits :-(, don't define + * BN_LLONG for the DEC Alpha */ +Index: openssl-1.0.1e/crypto/bn/bn_exp.c +=================================================================== +--- openssl-1.0.1e.orig/crypto/bn/bn_exp.c ++++ openssl-1.0.1e/crypto/bn/bn_exp.c +@@ -567,7 +567,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU + + /* Given a pointer value, compute the next address that is a cache line multiple. */ + #define MOD_EXP_CTIME_ALIGN(x_) \ +- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) ++ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) + + /* This variant of BN_mod_exp_mont() uses fixed windows and the special + * precomputation memory layout to limit data-dependency to a minimum diff --git a/recipes-connectivity/openssl/openssl/shared-libs.patch b/recipes-connectivity/openssl/openssl/shared-libs.patch new file mode 100644 index 00000000..a7ca0a30 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/shared-libs.patch @@ -0,0 +1,41 @@ +Upstream-Status: Inappropriate [configuration] + +Index: openssl-1.0.1e/crypto/Makefile +=================================================================== +--- openssl-1.0.1e.orig/crypto/Makefile ++++ openssl-1.0.1e/crypto/Makefile +@@ -108,7 +108,7 @@ $(LIB): $(LIBOBJ) + + shared: buildinf.h lib subdirs + if [ -n "$(SHARED_LIBS)" ]; then \ +- (cd ..; $(MAKE) $(SHARED_LIB)); \ ++ (cd ..; $(MAKE) -e $(SHARED_LIB)); \ + fi + + libs: +Index: openssl-1.0.1e/Makefile.org +=================================================================== +--- openssl-1.0.1e.orig/Makefile.org ++++ openssl-1.0.1e/Makefile.org +@@ -310,7 +310,7 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_ + + libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a + @if [ "$(SHLIB_TARGET)" != "" ]; then \ +- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ ++ $(MAKE) -e SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ + else \ + echo "There's no support for shared libraries on this platform" >&2; \ + exit 1; \ +Index: openssl-1.0.1e/ssl/Makefile +=================================================================== +--- openssl-1.0.1e.orig/ssl/Makefile ++++ openssl-1.0.1e/ssl/Makefile +@@ -62,7 +62,7 @@ lib: $(LIBOBJ) + + shared: lib + if [ -n "$(SHARED_LIBS)" ]; then \ +- (cd ..; $(MAKE) $(SHARED_LIB)); \ ++ (cd ..; $(MAKE) -e $(SHARED_LIB)); \ + fi + + files: diff --git a/recipes-connectivity/openssl/openssl_1.0.1i.bb b/recipes-connectivity/openssl/openssl_1.0.1i.bb new file mode 100644 index 00000000..9d093efe --- /dev/null +++ b/recipes-connectivity/openssl/openssl_1.0.1i.bb @@ -0,0 +1,53 @@ +require openssl.inc + +# For target side versions of openssl enable support for cryptodev Linux driver +# if they are available. +DEPENDS_class-target += "cryptodev-linux" +CFLAG_class-target += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" + +LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" + +export DIRS = "crypto ssl apps engines" +export OE_LDFLAGS="${LDFLAGS}" + +SRC_URI += "file://configure-targets.patch \ + file://shared-libs.patch \ + file://oe-ldflags.patch \ + file://engines-install-in-libdir-ssl.patch \ + file://openssl-fix-link.patch \ + file://debian/version-script.patch \ + file://debian/pic.patch \ + file://debian/c_rehash-compat.patch \ + file://debian/ca.patch \ + file://debian/make-targets.patch \ + file://debian/no-rpath.patch \ + file://debian/man-dir.patch \ + file://debian/man-section.patch \ + file://debian/no-symbolic.patch \ + file://debian/debian-targets.patch \ + file://openssl_fix_for_x32.patch \ + file://fix-cipher-des-ede3-cfb1.patch \ + file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \ + file://openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch \ + file://initial-aarch64-bits.patch \ + file://find.pl \ + file://openssl-fix-des.pod-error.patch \ + " + +SRC_URI[md5sum] = "c8dc151a671b9b92ff3e4c118b174972" +SRC_URI[sha256sum] = "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7" + +PACKAGES =+ " \ + ${PN}-engines-dbg \ + ${PN}-engines \ +" + +FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines" +FILES_${PN}-engines-dbg = "${libdir}/engines/.debug ${libdir}/ssl/engines/.debug" + +PARALLEL_MAKE = "" +PARALLEL_MAKEINST = "" + +do_configure_prepend() { + cp ${WORKDIR}/find.pl ${S}/util/find.pl +} diff --git a/recipes-connectivity/openssl/openssl_1.0.1i.bbappend b/recipes-connectivity/openssl/openssl_1.0.1i.bbappend new file mode 100644 index 00000000..7b381ffb --- /dev/null +++ b/recipes-connectivity/openssl/openssl_1.0.1i.bbappend @@ -0,0 +1,40 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/openssl-fsl:" + +RDEPENDS_${PN}_class-target += "cryptodev-module" + +SRC_URI_append_class-target = " file://0001-remove-double-initialization-of-cryptodev-engine.patch \ + file://0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch \ + file://0003-cryptodev-fix-algorithm-registration.patch \ + file://0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch \ + file://0005-ECC-Support-header-for-Cryptodev-Engine.patch \ + file://0006-Fixed-private-key-support-for-DH.patch \ + file://0007-Fixed-private-key-support-for-DH.patch \ + file://0008-Initial-support-for-PKC-in-cryptodev-engine.patch \ + file://0009-Added-hwrng-dev-file-as-source-of-RNG.patch \ + file://0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch \ + file://0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch \ + file://0012-RSA-Keygen-Fix.patch \ + file://0013-Removed-local-copy-of-curve_t-type.patch \ + file://0014-Modulus-parameter-is-not-populated-by-dhparams.patch \ + file://0015-SW-Backoff-mechanism-for-dsa-keygen.patch \ + file://0016-Fixed-DH-keygen-pair-generator.patch \ + file://0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch \ + file://0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch \ + file://0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch \ + file://0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch \ + file://0021-cryptodev-drop-redundant-function.patch \ + file://0022-cryptodev-do-not-zero-the-buffer-before-use.patch \ + file://0023-cryptodev-clean-up-code-layout.patch \ + file://0024-cryptodev-do-not-cache-file-descriptor-in-open.patch \ + file://0025-cryptodev-put_dev_crypto-should-be-an-int.patch \ + file://0026-cryptodev-simplify-cryptodev-pkc-support-code.patch \ +" + +# Digest offloading through cryptodev is not recommended because of the +# performance penalty of the Openssl engine interface. Openssl generates a huge +# number of calls to digest functions for even a small amount of work data. +# For example there are 70 calls to cipher code and over 10000 to digest code +# when downloading only 10 files of 700 bytes each. +# Do not build OpenSSL with cryptodev digest support until engine digest +# interface gets some rework: +CFLAG_class-target := "${@'${CFLAG}'.replace('-DUSE_CRYPTODEV_DIGESTS', '')}" diff --git a/recipes-core/init-ifupdown/init-ifupdown/qoriq-ppc/interfaces b/recipes-core/init-ifupdown/init-ifupdown/qoriq-ppc/interfaces new file mode 100644 index 00000000..3737c8b2 --- /dev/null +++ b/recipes-core/init-ifupdown/init-ifupdown/qoriq-ppc/interfaces @@ -0,0 +1,6 @@ +# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8) + +# The loopback interface +auto lo +iface lo inet loopback + diff --git a/recipes-core/init-ifupdown/init-ifupdown_%.bbappend b/recipes-core/init-ifupdown/init-ifupdown_%.bbappend new file mode 100644 index 00000000..00057874 --- /dev/null +++ b/recipes-core/init-ifupdown/init-ifupdown_%.bbappend @@ -0,0 +1,2 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:" + diff --git a/recipes-core/udev/udev-rules-qoriq.bb b/recipes-core/udev/udev-rules-qoriq.bb new file mode 100644 index 00000000..541d88c4 --- /dev/null +++ b/recipes-core/udev/udev-rules-qoriq.bb @@ -0,0 +1,24 @@ +DESCRIPTION = "udev rules for Freescale QorIQ SOCs" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690" + +SRC_URI = "\ + file://71-fsl-dpaa-persistent-networking.rules \ + file://72-fsl-dpaa-persistent-networking.rules \ +" +RULE ?= "71-fsl-dpaa-persistent-networking.rules" +RULE_e6500 = "72-fsl-dpaa-persistent-networking.rules" +RULE_e6500-64b = "72-fsl-dpaa-persistent-networking.rules" +RULE_t1024 = "72-fsl-dpaa-persistent-networking.rules" +RULE_t1023 = "72-fsl-dpaa-persistent-networking.rules" + +do_install () { + install -d ${D}${sysconfdir}/udev/rules.d/ + install -m 0644 ${WORKDIR}/${RULE} ${D}${sysconfdir}/udev/rules.d/ + + # skip mmc rpmb partitions + echo "/dev/mmcblk.*rpmb" >>${D}${sysconfdir}/udev/mount.blacklist + # skip nbd (network block device) + echo "/dev/nbd*" >>${D}${sysconfdir}/udev/mount.blacklist +} + diff --git a/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/71-fsl-dpaa-persistent-networking.rules b/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/71-fsl-dpaa-persistent-networking.rules new file mode 100644 index 00000000..6c6dc354 --- /dev/null +++ b/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/71-fsl-dpaa-persistent-networking.rules @@ -0,0 +1,20 @@ +# Rules for handling naming the DPAA FMan ethernet ports in a consistent way +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e0000", NAME="fm1-gb0" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e2000", NAME="fm1-gb1" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e4000", NAME="fm1-gb2" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e6000", NAME="fm1-gb3" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e8000", NAME="fm1-gb4" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4f0000", NAME="fm1-10g" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e0000", NAME="fm2-gb0" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e2000", NAME="fm2-gb1" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e4000", NAME="fm2-gb2" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e6000", NAME="fm2-gb3" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e8000", NAME="fm2-gb4" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5f0000", NAME="fm2-10g" + +# P1023 has its Fman @ different offsets +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ff7e0000", NAME="fm1-gb0" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ff7e2000", NAME="fm1-gb1" + +# Rename macless0 port to "macless0" +SUBSYSTEM=="net", ATTR{device_type}=="macless0", NAME="macless0" diff --git a/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/72-fsl-dpaa-persistent-networking.rules b/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/72-fsl-dpaa-persistent-networking.rules new file mode 100644 index 00000000..d0eec9ce --- /dev/null +++ b/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/72-fsl-dpaa-persistent-networking.rules @@ -0,0 +1,24 @@ +# Rules for handling naming the DPAA FMan ethernet ports in a consistent way +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e0000", NAME="fm1-mac1" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e2000", NAME="fm1-mac2" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e4000", NAME="fm1-mac3" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e6000", NAME="fm1-mac4" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4e8000", NAME="fm1-mac5" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4ea000", NAME="fm1-mac6" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4ec000", NAME="fm1-mac7" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4ee000", NAME="fm1-mac8" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4f0000", NAME="fm1-mac9" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe4f2000", NAME="fm1-mac10" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e0000", NAME="fm2-mac1" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e2000", NAME="fm2-mac2" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e4000", NAME="fm2-mac3" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e6000", NAME="fm2-mac4" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5e8000", NAME="fm2-mac5" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5ea000", NAME="fm2-mac6" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5ec000", NAME="fm2-mac7" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5ee000", NAME="fm2-mac8" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5f0000", NAME="fm2-mac9" +SUBSYSTEM=="net", DRIVERS=="fsl_dpa*", ATTR{device_addr}=="ffe5f2000", NAME="fm2-mac10" + +# Rename macless0 to "macless0" +SUBSYSTEM=="net", ATTR{device_type}=="macless0", NAME="macless0" diff --git a/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/automount.rules b/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/automount.rules new file mode 100644 index 00000000..a47efdab --- /dev/null +++ b/recipes-core/udev/udev-rules-qoriq/qoriq-ppc/automount.rules @@ -0,0 +1,23 @@ +# There are a number of modifiers that are allowed to be used in some +# of the different fields. They provide the following subsitutions: +# +# %n the "kernel number" of the device. +# For example, 'sda3' has a "kernel number" of '3' +# %e the smallest number for that name which does not matches an existing node +# %k the kernel name for the device +# %M the kernel major number for the device +# %m the kernel minor number for the device +# %b the bus id for the device +# %c the string returned by the PROGRAM +# %s{filename} the content of a sysfs attribute +# %% the '%' char itself +# + +SUBSYSTEM=="block", ENV{DEVTYPE}=="partition", GOTO="automount_end" + +# Media automounting +SUBSYSTEM=="block", ACTION=="add" RUN+="/etc/udev/scripts/mount.sh" +SUBSYSTEM=="block", ACTION=="remove" RUN+="/etc/udev/scripts/mount.sh" + +LABEL="automount_end" + diff --git a/recipes-core/udev/udev/skip-rules-for-mmc-rpmb-partition.patch b/recipes-core/udev/udev/skip-rules-for-mmc-rpmb-partition.patch new file mode 100644 index 00000000..edbc0b3d --- /dev/null +++ b/recipes-core/udev/udev/skip-rules-for-mmc-rpmb-partition.patch @@ -0,0 +1,41 @@ +From 68a780f4cbba18c01d8409faafb1f7904afa86a9 Mon Sep 17 00:00:00 2001 +From: Ting Liu +Date: Thu, 31 Jul 2014 16:12:32 +0800 +Subject: [PATCH] skip rules for mmc rpmb partition + +Upstream-status: Pending + +In FSL SDK 1.6 Kernel, mmc driver has created a new partition +with "mmcblkXrpmb" if device expresses it support of RPMB. + +RPMB (Replay Protected Memory Block), A signed access to a Replay +Protected Memory Block is provided. This function provides means +for the system to store data to the specific memory area in an +authenticated and replay protected manner. + +In that case, any read/write access to this partition device will +report errors which will not impact any fuction. + +add rules to skip it. + +Signed-off-by: Ting Liu +--- + rules/60-persistent-storage.rules | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/rules/60-persistent-storage.rules b/rules/60-persistent-storage.rules +index fa687f2..bb3f8f9 100644 +--- a/rules/60-persistent-storage.rules ++++ b/rules/60-persistent-storage.rules +@@ -14,7 +14,7 @@ ACTION=="add", SUBSYSTEM=="module", KERNEL=="block", ATTR{parameters/events_dfl_ + SUBSYSTEM!="block", GOTO="persistent_storage_end" + + # skip rules for inappropriate block devices +-KERNEL=="fd*|mtd*|nbd*|gnbd*|btibm*|dm-*|md*", GOTO="persistent_storage_end" ++KERNEL=="fd*|mtd*|nbd*|gnbd*|btibm*|dm-*|md*|mmcblk*rpmb", GOTO="persistent_storage_end" + + # ignore partitions that span the entire disk + TEST=="whole_disk", GOTO="persistent_storage_end" +-- +1.8.3.2 + diff --git a/recipes-core/udev/udev_182.bbappend b/recipes-core/udev/udev_182.bbappend new file mode 100644 index 00000000..4eedfd89 --- /dev/null +++ b/recipes-core/udev/udev_182.bbappend @@ -0,0 +1,6 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:" + +SRC_URI_append_qoriq-ppc = " \ + file://skip-rules-for-mmc-rpmb-partition.patch \ +" + diff --git a/recipes-devtools/qemu/qemu_fslgit.bb b/recipes-devtools/qemu/qemu_fslgit.bb new file mode 100644 index 00000000..f977a379 --- /dev/null +++ b/recipes-devtools/qemu/qemu_fslgit.bb @@ -0,0 +1,55 @@ +require recipes-devtools/qemu/qemu.inc + +LIC_FILES_CHKSUM = "file://COPYING;md5=441c28d2cf86e15a37fa47e15a72fbac \ + file://COPYING.LIB;endline=24;md5=c04def7ae38850e7d3ef548588159913" + +# This means QEMU v2.2.0 with FSL specific patches applied +PV = "2.2.0+fsl" + +# NOTE: this recipe requires poky's qemu.inc which assumes version 2.3 +# where glx enable config option changed to --enable-opengl. For now we +# restore it, but we should remove the following lines when upgrading +# to qemu 2.3: +PACKAGECONFIG[glx] = "--enable-glx,--disable-glx,mesa" + +SRC_URI = "git://git.freescale.com/ppc/sdk/qemu.git;branch=master" +SRCREV = "00ac004143e9fe46944a1885b04268fcd3a95a3a" + +S = "${WORKDIR}/git" + +QEMU_TARGETS = "ppc" +PPC_OECONF = '${SDL} --cross-prefix=${TARGET_PREFIX} --disable-werror --disable-vnc --disable-bluez --disable-curl --enable-libusb' +EXTRA_OECONF_e5500-64b = "--target-list=ppc64-softmmu ${PPC_OECONF}" +EXTRA_OECONF_e6500-64b = "--target-list=ppc64-softmmu ${PPC_OECONF}" +EXTRA_OECONF_e6500 = "--target-list=ppc64-softmmu ${PPC_OECONF}" +EXTRA_OECONF_e5500 = "--target-list=ppc64-softmmu ${PPC_OECONF}" +EXTRA_OECONF_e500v2 = "--target-list=ppc-softmmu ${PPC_OECONF}" +EXTRA_OECONF_e500mc = "--target-list=ppc-softmmu ${PPC_OECONF}" + +do_configure_prepend() { + export PKG_CONFIG=${STAGING_DIR_NATIVE}${bindir_native}/pkg-config +} + +do_configure_append () { + grep 'CONFIG_FDT=y' config-host.mak +} + +# gets around qemu.inc trying to install powerpc_rom.bin +do_install_prepend() { + touch ${WORKDIR}/powerpc_rom.bin +} + +do_install_append() { + rm ${WORKDIR}/powerpc_rom.bin + # Prevent QA warnings about installed ${localstatedir}/run + if [ -d ${D}${localstatedir}/run ]; then rmdir ${D}${localstatedir}/run; fi +} + +INSANE_SKIP_${PN} += "dev-deps" + +# This is only meant to be build to run on the target +# for the given arch types listed, otherwise don't let +# the package get built. COMPATIBLE_HOST would not work +# because it was too generic +COMPATIBLE_MACHINE = "a^" +COMPATIBLE_MACHINE_libc-glibc_qoriq-ppc = ".*" diff --git a/recipes-dpaa/dpa-offload/dpa-offload_git.bb b/recipes-dpaa/dpa-offload/dpa-offload_git.bb new file mode 100644 index 00000000..73809e26 --- /dev/null +++ b/recipes-dpaa/dpa-offload/dpa-offload_git.bb @@ -0,0 +1,49 @@ +DESCRIPTION = "Data-Path Acceleration Architecture Offloading User-Space Drivers" +LICENSE = "BSD & GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=c03ebb7a330b209986517466c74da72c" + +inherit pkgconfig + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +DEPENDS = "usdpaa fmlib" +DEPENDS_append_b4860qds = " ipc-ust" +DEPENDS_append_b4420qds = " ipc-ust" + +RDEPENDS_${PN} = "libgcc bash" +RDEPENDS_${PN}_append_b4860qds = " ipc-ust" +RDEPENDS_${PN}_append_b4420qds = " ipc-ust" + +SRC_URI = "git://git.freescale.com/ppc/sdk/usdpaa/dpa-offload.git;nobranch=1" +SRCREV = "ed6191db9439d1aaba27fc01238da770d1d8ef9e" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = 'CC="${CC}" LD="${LD}"' +export ARCH="${TARGET_ARCH}" + +PARALLEL_MAKE_pn-${PN} = "" + +FMAN_VARIANT ?= "P4080" +FMAN_VARIANT_b4 = "FMAN_V3H" +FMAN_VARIANT_t1 = "FMAN_V3L" +FMAN_VARIANT_t2 = "FMAN_V3H" +FMAN_VARIANT_t4 = "FMAN_V3H" +FMAN_VARIANT_p1023rdb = "P1023" + +do_compile_prepend () { + export USDPAA_CFLAGS="-I ${STAGING_INCDIR}/usdpaa" + export FMLIB_CFLAGS="-I ${STAGING_INCDIR}/fmd \ + -I ${STAGING_INCDIR}/fmd/Peripherals \ + -I ${STAGING_INCDIR}/fmd/integrations \ + -D${FMAN_VARIANT} -DNCSW_LINUX" +} + +do_install () { + oe_runmake install DESTDIR=${D} +} + +ALLOW_EMPTY_${PN} = "1" + +COMPATIBLE_HOST_qoriq-ppc = ".*" +COMPATIBLE_HOST ?= "(none)" diff --git a/recipes-dpaa/eth-config/eth-config_git.bb b/recipes-dpaa/eth-config/eth-config_git.bb new file mode 100644 index 00000000..32ef1fa2 --- /dev/null +++ b/recipes-dpaa/eth-config/eth-config_git.bb @@ -0,0 +1,17 @@ +DESCRIPTION = "Ethernet Configuration Files" +SECTION = "eth-config" +LICENSE = "BSD & GPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=8ed5eddbfbb84af5089ea94c382d423c" + +PR = "r2" + +SRC_URI = "git://git.freescale.com/ppc/sdk/eth-config.git;branch=master" +SRCREV = "1d6ad160fda9123e93c65141aa1578b6253ff7bc" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = "D=${D}" + +do_install() { + oe_runmake install +} diff --git a/recipes-dpaa/flib/flib_git.bb b/recipes-dpaa/flib/flib_git.bb new file mode 100644 index 00000000..3818ccf8 --- /dev/null +++ b/recipes-dpaa/flib/flib_git.bb @@ -0,0 +1,15 @@ +DESCRIPTION = "Foundation Library" +SECTION = "flib" +LICENSE = "BSD & GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=75d2f6a74299640c05ae6c69ed7a4ad6" + +SRC_URI = "git://git.freescale.com/ppc/sdk/flib.git;nobranch=1" +SRCREV = "91bbb134df1cd8b65c7c19db9bec9f00d1435377" + +S = "${WORKDIR}/git" + +do_install(){ + oe_runmake install DESTDIR=${D} +} + +ALLOW_EMPTY_${PN} = "1" diff --git a/recipes-dpaa/fm-ucode/fm-ucode_git.bb b/recipes-dpaa/fm-ucode/fm-ucode_git.bb new file mode 100644 index 00000000..52c79db8 --- /dev/null +++ b/recipes-dpaa/fm-ucode/fm-ucode_git.bb @@ -0,0 +1,38 @@ +DESCRIPTION = "Fman microcode binary" +SECTION = "fm-ucode" +LICENSE = "Freescale-EULA" +LIC_FILES_CHKSUM = "file://EULA;md5=60037ccba533a5995e8d1a838d85799c" + +PR = "r1" + +inherit deploy + +SRC_URI = "git://git.freescale.com/ppc/sdk/fm-ucode.git;nobranch=1" +SRCREV = "2827f0054e125b634fb1701719ca31c7d068e335" + +S = "${WORKDIR}/git" + +REGLEX ?= "${MACHINE}" +REGLEX_t1023 = "t1024" +REGLEX_t1040 = "t1040" +REGLEX_t1042 = "t1040" +REGLEX_b4420 = "b4860" +REGLEX_t4160 = "t4240" + +do_install () { + UCODE=`echo ${REGLEX} | sed -e 's,-.*$,,' -e 's,[a-zA-Z]*$,,'` + install -d ${D}/boot + install -m 644 fsl_fman_ucode_${UCODE}*.bin ${D}/boot/ +} + +do_deploy () { + UCODE=`echo ${REGLEX} | sed -e 's,-.*$,,' -e 's,[a-zA-Z]*$,,'` + install -d ${DEPLOYDIR}/ + install -m 644 fsl_fman_ucode_${UCODE}*.bin ${DEPLOYDIR}/ +} +addtask deploy before do_build after do_install + +PACKAGES += "${PN}-image" +FILES_${PN}-image += "/boot" +ALLOW_EMPTY_${PN} = "1" +COMPATIBLE_MACHINE = "(p1023rdb|e500mc|e5500|e5500-64b|e6500|e6500-64b)" diff --git a/recipes-dpaa/fmc/fmc_git.bb b/recipes-dpaa/fmc/fmc_git.bb new file mode 100644 index 00000000..f9bd74f6 --- /dev/null +++ b/recipes-dpaa/fmc/fmc_git.bb @@ -0,0 +1,52 @@ +DESCRIPTION = "Frame Manager Configuration tool" +SECTION = "fmc" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://COPYING;md5=a504ab5a8ff235e67c7301214749346c" + +PR = "r2" + +SRC_URI = "git://git.freescale.com/ppc/sdk/fmc.git;nobranch=1" +SRCREV = "b9e52be1f62a5fcc912d44875bf155ad55650d68" + +DEPENDS = "libxml2 fmlib tclap" + +PACKAGE_ARCH = "${MACHINE_ARCH}" +COMPATIBLE_HOST_qoriq-ppc = ".*" +COMPATIBLE_HOST ?= "(none)" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = 'FMD_USPACE_HEADER_PATH="${STAGING_INCDIR}/fmd" \ + FMD_USPACE_LIB_PATH="${STAGING_LIBDIR}" LIBXML2_HEADER_PATH="${STAGING_INCDIR}/libxml2" \ + TCLAP_HEADER_PATH="${STAGING_INCDIR}" ' +EXTRA_OEMAKE_virtclass-native = 'FMCHOSTMODE=1 FMD_USPACE_HEADER_PATH="${STAGING_INCDIR}/fmd" \ + FMD_USPACE_LIB_PATH="${STAGING_LIBDIR}" LIBXML2_HEADER_PATH="${STAGING_INCDIR}/libxml2" \ + TCLAP_HEADER_PATH="${STAGING_INCDIR}" ' + +PARALLEL_MAKE = "" + +EXTRA_OEMAKE_PLATFORM ?= "" +EXTRA_OEMAKE_PLATFORM_b4 = "b4860qds" +EXTRA_OEMAKE_PLATFORM_t2 = "b4860qds" +EXTRA_OEMAKE_PLATFORM_t4 = "b4860qds" +EXTRA_OEMAKE_PLATFORM_t1 = "t1040qds" + +do_compile () { + oe_runmake MACHINE=${EXTRA_OEMAKE_PLATFORM} -C source +} + +do_install () { + install -d ${D}/${bindir} + install -m 755 ${S}/source/fmc ${D}/${bindir}/fmc + + install -d ${D}/etc/fmc/config + install -m 644 ${S}/etc/fmc/config/hxs_pdl_v3.xml ${D}/etc/fmc/config + + install -d ${D}/${includedir}/fmc + install ${S}/source/fmc.h ${D}/${includedir}/fmc + + install -d ${D}/${libdir} + install ${S}/source/libfmc.a ${D}/${libdir} +} + +BBCLASSEXTEND = "native" diff --git a/recipes-dpaa/fmlib/fmlib_git.bb b/recipes-dpaa/fmlib/fmlib_git.bb new file mode 100644 index 00000000..8993f848 --- /dev/null +++ b/recipes-dpaa/fmlib/fmlib_git.bb @@ -0,0 +1,45 @@ +DESCRIPTION = "Frame Manager User Space Library" +SECTION = "fman" +LICENSE = "BSD & GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=3f16fa8e677e45af3127c5c4bafc3c00" + +PR = "r1" + +DEPENDS += "virtual/kernel" +DEPENDS_virtclass-native = "" + +SRC_URI = "git://git.freescale.com/ppc/sdk/fmlib.git;nobranch=1" +SRCREV = "4938e099561d441c947d4ccdf2e601ab2966d8cc" + +S = "${WORKDIR}/git" + +TARGET_ARCH_FMLIB = "${DEFAULTTUNE}" +TARGET_ARCH_FMLIB_e5500 = "ppc32e5500" +TARGET_ARCH_FMLIB_e6500 = "ppc32e6500" +COMPATIBLE_HOST_qoriq-ppc = ".*" +COMPATIBLE_HOST ?= "(none)" + +EXTRA_OEMAKE = "DESTDIR=${D} PREFIX=${prefix} LIB_DEST_DIR=${libdir} \ + CROSS_COMPILE=${TARGET_PREFIX} KERNEL_SRC=${STAGING_KERNEL_DIR}" + +FMLIB_TARGET = "libfm-${TARGET_ARCH_FMLIB}" +FMLIB_TARGET_t1 = "libfm-${TARGET_ARCH_FMLIB}-fmv3l" +do_compile () { + oe_runmake ${FMLIB_TARGET}.a +} + +do_compile_virtclass-native () { +} + +do_install () { + oe_runmake install-${FMLIB_TARGET} +} + +do_install_virtclass-native () { + install -d ${D}/${includedir} + cp -rf ${S}/include/* ${D}/${includedir} +} + +ALLOW_EMPTY_${PN} = "1" + +BBCLASSEXTEND = "native" diff --git a/recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb b/recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb new file mode 100644 index 00000000..cf7910b8 --- /dev/null +++ b/recipes-dpaa/usdpaa-apps/usdpaa-apps_git.bb @@ -0,0 +1,65 @@ +DESCRIPTION = "User-Space Data-Path Acceleration Architecture Demo Applications" +LICENSE = "BSD & GPLv2" +LIC_FILES_CHKSUM = "file://Makefile;endline=30;md5=d2a5d894118910d49993347f3f6e0f1e" + +inherit pkgconfig + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +DEPENDS = "libxml2 libedit ncurses readline fmc usdpaa dpa-offload libnl" +DEPENDS_append_b4860qds = " ipc-ust" +DEPENDS_append_b4420qds = " ipc-ust" + +RDEPENDS_${PN} = "libgcc bash" +RDEPENDS_${PN}_append_b4860qds = " ipc-ust" +RDEPENDS_${PN}_append_b4420qds = " ipc-ust" + +SRC_URI = "git://git.freescale.com/ppc/sdk/usdpaa/usdpaa-apps;nobranch=1" +SRCREV = "95744440cf214d73884c44c0dbc296e1e4b4c8f4" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = 'CC="${CC}" LD="${LD}" AR="${AR}"' +export ARCH="${TARGET_ARCH}" + +SOC ?= "P4080" +SOC_b4 = "B4860" +SOC_t1 = "T1040" +SOC_t2 = "T2080" +SOC_t4 = "T4240" +SOC_p1023rdb = "P1023" + +FMAN_VARIANT ?= "P4080" +FMAN_VARIANT_b4 = "FMAN_V3H" +FMAN_VARIANT_t1 = "FMAN_V3L" +FMAN_VARIANT_t2 = "FMAN_V3H" +FMAN_VARIANT_t4 = "FMAN_V3H" +FMAN_VARIANT_p1023rdb = "P1023" + +do_compile_prepend () { + export SOC=${SOC} + export FMC_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/fmc" + export FMLIB_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/fmd \ + -I ${STAGING_INCDIR}/fmd/Peripherals \ + -I ${STAGING_INCDIR}/fmd/integrations \ + -D${FMAN_VARIANT}" + export USDPAA_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/usdpaa" + export DPAOFFLOAD_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/dpa-offload" + export LIBNL_EXTRA_CFLAGS="-I ${STAGING_INCDIR}/libnl3" + export LIBNL_EXTRA_LDFLAGS="-lnl-3 -lnl-route-3" + export LIBXML2_CFLAGS="`pkg-config --cflags libxml-2.0`" + export LIBXML2_LDFLAGS="`pkg-config --libs --static libxml-2.0`" + export LIBEDIT_CFLAGS="`pkg-config --cflags libedit`" + export LIBEDIT_LDFLAGS="`pkg-config --libs --static libedit`" +} + +do_install () { + export SOC=${SOC} + oe_runmake install DESTDIR=${D} +} + +PARALLEL_MAKE_pn-${PN} = "" +FILES_${PN} += "/root/SOURCE_THIS /usr/etc/" + +COMPATIBLE_HOST_qoriq-ppc = ".*" +COMPATIBLE_HOST ?= "(none)" diff --git a/recipes-dpaa/usdpaa/usdpaa_git.bb b/recipes-dpaa/usdpaa/usdpaa_git.bb new file mode 100644 index 00000000..32cad124 --- /dev/null +++ b/recipes-dpaa/usdpaa/usdpaa_git.bb @@ -0,0 +1,27 @@ +DESCRIPTION = "User-Space Data-Path Acceleration Architecture Drivers" +LICENSE = "BSD & GPLv2" +LIC_FILES_CHKSUM = "file://Makefile;endline=30;md5=39e58bedc879163c9338596e52df5b1f" +PR = "r4" + +inherit pkgconfig + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +DEPENDS += "flib" + +SRC_URI = "git://git.freescale.com/ppc/sdk/usdpaa.git;nobranch=1" +SRCREV = "3b0717952400577608a548fc4c4858a9efd1bd96" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = 'CC="${CC}" LD="${LD}" AR="${AR}"' +export ARCH="${TARGET_ARCH}" + +do_install () { + oe_runmake install DESTDIR=${D} +} + +PARALLEL_MAKE_pn-${PN} = "" + +COMPATIBLE_HOST_qoriq-ppc = ".*" +COMPATIBLE_HOST ?= "(none)" diff --git a/recipes-extended/cst/cst_git.bb b/recipes-extended/cst/cst_git.bb new file mode 100644 index 00000000..729ee5f8 --- /dev/null +++ b/recipes-extended/cst/cst_git.bb @@ -0,0 +1,26 @@ +SUMMARY = "utility for security boot" +SECTION = "cst" +LICENSE = "BSD" + +# TODO: fix license - this file is not a license +LIC_FILES_CHKSUM = "file://RELEASENOTES;beginline=8;endline=43;md5=5a7b22a2c96b5f94e0498c5f413aa8d3" + +DEPENDS += "openssl" + +inherit kernel-arch + +SRC_URI = "git://git.freescale.com/ppc/sdk/cst.git;branch=master" +SRCREV = "6f57c86c93cab0f4d0a40d83b685afa6932a6301" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = 'CC="${CC}" LD="${CC}"' + +PARALLEL_MAKE = "" + +do_install () { + oe_runmake install DESTDIR=${D} BIN_DEST_DIR=${bindir} +} + +FILES_${PN}-dbg += "${bindir}/cst/.debug" +BBCLASSEXTEND = "native nativesdk" diff --git a/recipes-extended/merge-files/merge-files/merge/README b/recipes-extended/merge-files/merge-files/merge/README new file mode 100644 index 00000000..8f0d85af --- /dev/null +++ b/recipes-extended/merge-files/merge-files/merge/README @@ -0,0 +1,7 @@ +This package is used to merge specified files into rootfs. + +Steps: +1> copy files to recipes-*/merge-files/merge-files/merge/ +2> add 'IMAGE_INSTALL += "merge-files"' into rootfs recipe +3> bitbake + diff --git a/recipes-extended/merge-files/merge-files_1.0.bb b/recipes-extended/merge-files/merge-files_1.0.bb new file mode 100644 index 00000000..f64b909f --- /dev/null +++ b/recipes-extended/merge-files/merge-files_1.0.bb @@ -0,0 +1,25 @@ +DESCRIPTION = "Merge prebuilt/extra files into rootfs" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ + file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +inherit allarch + +SRC_URI = "file://merge" + +MERGED_DST ?= "${ROOT_HOME}" +do_install () { + install -d ${D}/${MERGED_DST} + find ${WORKDIR}/merge/ -maxdepth 1 -mindepth 1 -not -name README \ + -exec cp -fr '{}' ${D}/${MERGED_DST}/ \; + find ${WORKDIR}/merge/ -maxdepth 1 -mindepth 1 -exec rm -fr '{}' \; +} +do_unpack[nostamp] = "1" +do_install[nostamp] = "1" +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +FILES_${PN} = "/*" +ALLOW_EMPTY_${PN} = "1" +INSANE_SKIP_${PN} = "debug-files dev-so" + diff --git a/recipes-extended/procps/procps_%.bbappend b/recipes-extended/procps/procps_%.bbappend new file mode 100644 index 00000000..face0ccc --- /dev/null +++ b/recipes-extended/procps/procps_%.bbappend @@ -0,0 +1,9 @@ +do_install_append_qoriq-ppc() { + for keyword in \ + net.ipv4.conf.default.rp_filter \ + net.ipv4.conf.all.rp_filter \ + ; do + sed -i 's,'"$keyword"'=.*,'"$keyword"'=0,' ${D}${sysconfdir}/sysctl.conf + done +} + diff --git a/recipes-extended/skmm-ep/skmm-ep/add-two-missing-header-files.patch b/recipes-extended/skmm-ep/skmm-ep/add-two-missing-header-files.patch new file mode 100644 index 00000000..2a7bb9f2 --- /dev/null +++ b/recipes-extended/skmm-ep/skmm-ep/add-two-missing-header-files.patch @@ -0,0 +1,660 @@ +add two missing header files + +Upstream-status: Pending + +--- + include/linux/fsl_pci_ep_vfio.h | 79 ++++++ + include/linux/vfio.h | 555 ++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 634 insertions(+) + create mode 100644 include/linux/fsl_pci_ep_vfio.h + create mode 100644 include/linux/vfio.h + +diff --git a/include/linux/fsl_pci_ep_vfio.h b/include/linux/fsl_pci_ep_vfio.h +new file mode 100644 +index 0000000..8960157 +--- /dev/null ++++ b/include/linux/fsl_pci_ep_vfio.h +@@ -0,0 +1,79 @@ ++/* ++ * Copyright 2013 Freescale Semiconductor, Inc. ++ * ++ * Author: Minghuan Lian ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License, version 2, as ++ * published by the Free Software Foundation. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ++ * ++ */ ++ ++#ifndef _FSL_PCI_EP_VFIO_H ++#define _FSL_PCI_EP_VFIO_H ++ ++#include ++ ++enum { ++ PCI_EP_TYPE_PF, ++ PCI_EP_TYPE_VF, ++}; ++ ++enum PCI_EP_REGION_TYPE { ++ PCI_EP_REGION_IBWIN, ++ PCI_EP_REGION_OBWIN, ++ PCI_EP_REGION_VF_IBWIN, ++ PCI_EP_REGION_VF_OBWIN, ++ PCI_EP_REGION_REGS, ++ PCI_EP_REGION_CONFIG, ++ PCI_EP_REGION_MEM, ++ PCI_EP_REGION_MSIX_OBWIN ++}; ++ ++enum PCI_EP_REGION_INDEX { ++ PCI_EP_WIN0_INDEX, ++ PCI_EP_WIN1_INDEX, ++ PCI_EP_WIN2_INDEX, ++ PCI_EP_WIN3_INDEX, ++ PCI_EP_WIN4_INDEX, ++ PCI_EP_WIN5_INDEX, ++}; ++ ++#define PCI_EP_MSI_WIN_INDEX PCI_EP_WIN1_INDEX ++#define PCI_EP_CCSR_WIN_INDEX PCI_EP_WIN0_INDEX ++#define PCI_EP_DEFAULT_OW_INDEX PCI_EP_WIN0_INDEX ++ ++struct pci_ep_win { ++ uint64_t pci_addr; ++ uint64_t cpu_addr; ++ uint64_t size; ++ uint64_t offset; ++ uint32_t attr; ++ uint32_t type; ++ uint32_t idx; ++}; ++ ++#define VFIO_DEVICE_SET_WIN_INFO _IO(VFIO_TYPE, VFIO_BASE + 20) ++#define VFIO_DEVICE_GET_WIN_INFO _IO(VFIO_TYPE, VFIO_BASE + 21) ++ ++struct pci_ep_info { ++ uint32_t type; ++ uint32_t pf_idx; ++ uint32_t vf_idx; ++ uint32_t iw_num; ++ uint32_t ow_num; ++ uint32_t vf_iw_num; ++ uint32_t vf_ow_num; ++ bool msix_enable; ++}; ++ ++#endif +diff --git a/include/linux/vfio.h b/include/linux/vfio.h +new file mode 100644 +index 0000000..44578d2 +--- /dev/null ++++ b/include/linux/vfio.h +@@ -0,0 +1,555 @@ ++/* ++ * VFIO API definition ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All rights reserved. ++ * Author: Alex Williamson ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License version 2 as ++ * published by the Free Software Foundation. ++ */ ++#ifndef _UAPIVFIO_H ++#define _UAPIVFIO_H ++ ++#include ++#include ++ ++#define VFIO_API_VERSION 0 ++ ++ ++/* Kernel & User level defines for VFIO IOCTLs. */ ++ ++/* Extensions */ ++ ++#define VFIO_TYPE1_IOMMU 1 ++#define VFIO_SPAPR_TCE_IOMMU 2 ++#define VFIO_FSL_PAMU_IOMMU 1000 ++#define VFIO_IOMMU_DUMMY 1001 ++ ++/* ++ * The IOCTL interface is designed for extensibility by embedding the ++ * structure length (argsz) and flags into structures passed between ++ * kernel and userspace. We therefore use the _IO() macro for these ++ * defines to avoid implicitly embedding a size into the ioctl request. ++ * As structure fields are added, argsz will increase to match and flag ++ * bits will be defined to indicate additional fields with valid data. ++ * It's *always* the caller's responsibility to indicate the size of ++ * the structure passed by setting argsz appropriately. ++ */ ++ ++#define VFIO_TYPE (';') ++#define VFIO_BASE 100 ++ ++/* -------- IOCTLs for VFIO file descriptor (/dev/vfio/vfio) -------- */ ++ ++/** ++ * VFIO_GET_API_VERSION - _IO(VFIO_TYPE, VFIO_BASE + 0) ++ * ++ * Report the version of the VFIO API. This allows us to bump the entire ++ * API version should we later need to add or change features in incompatible ++ * ways. ++ * Return: VFIO_API_VERSION ++ * Availability: Always ++ */ ++#define VFIO_GET_API_VERSION _IO(VFIO_TYPE, VFIO_BASE + 0) ++ ++/** ++ * VFIO_CHECK_EXTENSION - _IOW(VFIO_TYPE, VFIO_BASE + 1, __u32) ++ * ++ * Check whether an extension is supported. ++ * Return: 0 if not supported, 1 (or some other positive integer) if supported. ++ * Availability: Always ++ */ ++#define VFIO_CHECK_EXTENSION _IO(VFIO_TYPE, VFIO_BASE + 1) ++ ++/** ++ * VFIO_SET_IOMMU - _IOW(VFIO_TYPE, VFIO_BASE + 2, __s32) ++ * ++ * Set the iommu to the given type. The type must be supported by an ++ * iommu driver as verified by calling CHECK_EXTENSION using the same ++ * type. A group must be set to this file descriptor before this ++ * ioctl is available. The IOMMU interfaces enabled by this call are ++ * specific to the value set. ++ * Return: 0 on success, -errno on failure ++ * Availability: When VFIO group attached ++ */ ++#define VFIO_SET_IOMMU _IO(VFIO_TYPE, VFIO_BASE + 2) ++ ++/* -------- IOCTLs for GROUP file descriptors (/dev/vfio/$GROUP) -------- */ ++ ++/** ++ * VFIO_GROUP_GET_STATUS - _IOR(VFIO_TYPE, VFIO_BASE + 3, ++ * struct vfio_group_status) ++ * ++ * Retrieve information about the group. Fills in provided ++ * struct vfio_group_info. Caller sets argsz. ++ * Return: 0 on succes, -errno on failure. ++ * Availability: Always ++ */ ++struct vfio_group_status { ++ __u32 argsz; ++ __u32 flags; ++#define VFIO_GROUP_FLAGS_VIABLE (1 << 0) ++#define VFIO_GROUP_FLAGS_CONTAINER_SET (1 << 1) ++}; ++#define VFIO_GROUP_GET_STATUS _IO(VFIO_TYPE, VFIO_BASE + 3) ++ ++/** ++ * VFIO_GROUP_SET_CONTAINER - _IOW(VFIO_TYPE, VFIO_BASE + 4, __s32) ++ * ++ * Set the container for the VFIO group to the open VFIO file ++ * descriptor provided. Groups may only belong to a single ++ * container. Containers may, at their discretion, support multiple ++ * groups. Only when a container is set are all of the interfaces ++ * of the VFIO file descriptor and the VFIO group file descriptor ++ * available to the user. ++ * Return: 0 on success, -errno on failure. ++ * Availability: Always ++ */ ++#define VFIO_GROUP_SET_CONTAINER _IO(VFIO_TYPE, VFIO_BASE + 4) ++ ++/** ++ * VFIO_GROUP_UNSET_CONTAINER - _IO(VFIO_TYPE, VFIO_BASE + 5) ++ * ++ * Remove the group from the attached container. This is the ++ * opposite of the SET_CONTAINER call and returns the group to ++ * an initial state. All device file descriptors must be released ++ * prior to calling this interface. When removing the last group ++ * from a container, the IOMMU will be disabled and all state lost, ++ * effectively also returning the VFIO file descriptor to an initial ++ * state. ++ * Return: 0 on success, -errno on failure. ++ * Availability: When attached to container ++ */ ++#define VFIO_GROUP_UNSET_CONTAINER _IO(VFIO_TYPE, VFIO_BASE + 5) ++ ++/** ++ * VFIO_GROUP_GET_DEVICE_FD - _IOW(VFIO_TYPE, VFIO_BASE + 6, char) ++ * ++ * Return a new file descriptor for the device object described by ++ * the provided string. The string should match a device listed in ++ * the devices subdirectory of the IOMMU group sysfs entry. The ++ * group containing the device must already be added to this context. ++ * Return: new file descriptor on success, -errno on failure. ++ * Availability: When attached to container ++ */ ++#define VFIO_GROUP_GET_DEVICE_FD _IO(VFIO_TYPE, VFIO_BASE + 6) ++ ++/* --------------- IOCTLs for DEVICE file descriptors --------------- */ ++ ++/** ++ * VFIO_DEVICE_GET_INFO - _IOR(VFIO_TYPE, VFIO_BASE + 7, ++ * struct vfio_device_info) ++ * ++ * Retrieve information about the device. Fills in provided ++ * struct vfio_device_info. Caller sets argsz. ++ * Return: 0 on success, -errno on failure. ++ */ ++struct vfio_device_info { ++ __u32 argsz; ++ __u32 flags; ++#define VFIO_DEVICE_FLAGS_RESET (1 << 0) /* Device supports reset */ ++#define VFIO_DEVICE_FLAGS_PCI (1 << 1) /* vfio-pci device */ ++ __u32 num_regions; /* Max region index + 1 */ ++ __u32 num_irqs; /* Max IRQ index + 1 */ ++}; ++#define VFIO_DEVICE_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 7) ++ ++/** ++ * VFIO_DEVICE_GET_REGION_INFO - _IOWR(VFIO_TYPE, VFIO_BASE + 8, ++ * struct vfio_region_info) ++ * ++ * Retrieve information about a device region. Caller provides ++ * struct vfio_region_info with index value set. Caller sets argsz. ++ * Implementation of region mapping is bus driver specific. This is ++ * intended to describe MMIO, I/O port, as well as bus specific ++ * regions (ex. PCI config space). Zero sized regions may be used ++ * to describe unimplemented regions (ex. unimplemented PCI BARs). ++ * Return: 0 on success, -errno on failure. ++ */ ++struct vfio_region_info { ++ __u32 argsz; ++ __u32 flags; ++#define VFIO_REGION_INFO_FLAG_READ (1 << 0) /* Region supports read */ ++#define VFIO_REGION_INFO_FLAG_WRITE (1 << 1) /* Region supports write */ ++#define VFIO_REGION_INFO_FLAG_MMAP (1 << 2) /* Region supports mmap */ ++ __u32 index; /* Region index */ ++ __u32 resv; /* Reserved for alignment */ ++ __u64 size; /* Region size (bytes) */ ++ __u64 offset; /* Region offset from start of device fd */ ++}; ++#define VFIO_DEVICE_GET_REGION_INFO _IO(VFIO_TYPE, VFIO_BASE + 8) ++ ++/** ++ * VFIO_DEVICE_GET_IRQ_INFO - _IOWR(VFIO_TYPE, VFIO_BASE + 9, ++ * struct vfio_irq_info) ++ * ++ * Retrieve information about a device IRQ. Caller provides ++ * struct vfio_irq_info with index value set. Caller sets argsz. ++ * Implementation of IRQ mapping is bus driver specific. Indexes ++ * using multiple IRQs are primarily intended to support MSI-like ++ * interrupt blocks. Zero count irq blocks may be used to describe ++ * unimplemented interrupt types. ++ * ++ * The EVENTFD flag indicates the interrupt index supports eventfd based ++ * signaling. ++ * ++ * The MASKABLE flags indicates the index supports MASK and UNMASK ++ * actions described below. ++ * ++ * AUTOMASKED indicates that after signaling, the interrupt line is ++ * automatically masked by VFIO and the user needs to unmask the line ++ * to receive new interrupts. This is primarily intended to distinguish ++ * level triggered interrupts. ++ * ++ * The NORESIZE flag indicates that the interrupt lines within the index ++ * are setup as a set and new subindexes cannot be enabled without first ++ * disabling the entire index. This is used for interrupts like PCI MSI ++ * and MSI-X where the driver may only use a subset of the available ++ * indexes, but VFIO needs to enable a specific number of vectors ++ * upfront. In the case of MSI-X, where the user can enable MSI-X and ++ * then add and unmask vectors, it's up to userspace to make the decision ++ * whether to allocate the maximum supported number of vectors or tear ++ * down setup and incrementally increase the vectors as each is enabled. ++ */ ++struct vfio_irq_info { ++ __u32 argsz; ++ __u32 flags; ++#define VFIO_IRQ_INFO_EVENTFD (1 << 0) ++#define VFIO_IRQ_INFO_MASKABLE (1 << 1) ++#define VFIO_IRQ_INFO_AUTOMASKED (1 << 2) ++#define VFIO_IRQ_INFO_NORESIZE (1 << 3) ++ __u32 index; /* IRQ index */ ++ __u32 count; /* Number of IRQs within this index */ ++}; ++#define VFIO_DEVICE_GET_IRQ_INFO _IO(VFIO_TYPE, VFIO_BASE + 9) ++ ++/** ++ * VFIO_DEVICE_SET_IRQS - _IOW(VFIO_TYPE, VFIO_BASE + 10, struct vfio_irq_set) ++ * ++ * Set signaling, masking, and unmasking of interrupts. Caller provides ++ * struct vfio_irq_set with all fields set. 'start' and 'count' indicate ++ * the range of subindexes being specified. ++ * ++ * The DATA flags specify the type of data provided. If DATA_NONE, the ++ * operation performs the specified action immediately on the specified ++ * interrupt(s). For example, to unmask AUTOMASKED interrupt [0,0]: ++ * flags = (DATA_NONE|ACTION_UNMASK), index = 0, start = 0, count = 1. ++ * ++ * DATA_BOOL allows sparse support for the same on arrays of interrupts. ++ * For example, to mask interrupts [0,1] and [0,3] (but not [0,2]): ++ * flags = (DATA_BOOL|ACTION_MASK), index = 0, start = 1, count = 3, ++ * data = {1,0,1} ++ * ++ * DATA_EVENTFD binds the specified ACTION to the provided __s32 eventfd. ++ * A value of -1 can be used to either de-assign interrupts if already ++ * assigned or skip un-assigned interrupts. For example, to set an eventfd ++ * to be trigger for interrupts [0,0] and [0,2]: ++ * flags = (DATA_EVENTFD|ACTION_TRIGGER), index = 0, start = 0, count = 3, ++ * data = {fd1, -1, fd2} ++ * If index [0,1] is previously set, two count = 1 ioctls calls would be ++ * required to set [0,0] and [0,2] without changing [0,1]. ++ * ++ * Once a signaling mechanism is set, DATA_BOOL or DATA_NONE can be used ++ * with ACTION_TRIGGER to perform kernel level interrupt loopback testing ++ * from userspace (ie. simulate hardware triggering). ++ * ++ * Setting of an event triggering mechanism to userspace for ACTION_TRIGGER ++ * enables the interrupt index for the device. Individual subindex interrupts ++ * can be disabled using the -1 value for DATA_EVENTFD or the index can be ++ * disabled as a whole with: flags = (DATA_NONE|ACTION_TRIGGER), count = 0. ++ * ++ * Note that ACTION_[UN]MASK specify user->kernel signaling (irqfds) while ++ * ACTION_TRIGGER specifies kernel->user signaling. ++ */ ++struct vfio_irq_set { ++ __u32 argsz; ++ __u32 flags; ++#define VFIO_IRQ_SET_DATA_NONE (1 << 0) /* Data not present */ ++#define VFIO_IRQ_SET_DATA_BOOL (1 << 1) /* Data is bool (u8) */ ++#define VFIO_IRQ_SET_DATA_EVENTFD (1 << 2) /* Data is eventfd (s32) */ ++#define VFIO_IRQ_SET_ACTION_MASK (1 << 3) /* Mask interrupt */ ++#define VFIO_IRQ_SET_ACTION_UNMASK (1 << 4) /* Unmask interrupt */ ++#define VFIO_IRQ_SET_ACTION_TRIGGER (1 << 5) /* Trigger interrupt */ ++ __u32 index; ++ __u32 start; ++ __u32 count; ++ __u8 data[]; ++}; ++#define VFIO_DEVICE_SET_IRQS _IO(VFIO_TYPE, VFIO_BASE + 10) ++ ++#define VFIO_IRQ_SET_DATA_TYPE_MASK (VFIO_IRQ_SET_DATA_NONE | \ ++ VFIO_IRQ_SET_DATA_BOOL | \ ++ VFIO_IRQ_SET_DATA_EVENTFD) ++#define VFIO_IRQ_SET_ACTION_TYPE_MASK (VFIO_IRQ_SET_ACTION_MASK | \ ++ VFIO_IRQ_SET_ACTION_UNMASK | \ ++ VFIO_IRQ_SET_ACTION_TRIGGER) ++/** ++ * VFIO_DEVICE_RESET - _IO(VFIO_TYPE, VFIO_BASE + 11) ++ * ++ * Reset a device. ++ */ ++#define VFIO_DEVICE_RESET _IO(VFIO_TYPE, VFIO_BASE + 11) ++ ++/* ++ * The VFIO-PCI bus driver makes use of the following fixed region and ++ * IRQ index mapping. Unimplemented regions return a size of zero. ++ * Unimplemented IRQ types return a count of zero. ++ */ ++ ++enum { ++ VFIO_PCI_BAR0_REGION_INDEX, ++ VFIO_PCI_BAR1_REGION_INDEX, ++ VFIO_PCI_BAR2_REGION_INDEX, ++ VFIO_PCI_BAR3_REGION_INDEX, ++ VFIO_PCI_BAR4_REGION_INDEX, ++ VFIO_PCI_BAR5_REGION_INDEX, ++ VFIO_PCI_ROM_REGION_INDEX, ++ VFIO_PCI_CONFIG_REGION_INDEX, ++ /* ++ * Expose VGA regions defined for PCI base class 03, subclass 00. ++ * This includes I/O port ranges 0x3b0 to 0x3bb and 0x3c0 to 0x3df ++ * as well as the MMIO range 0xa0000 to 0xbffff. Each implemented ++ * range is found at it's identity mapped offset from the region ++ * offset, for example 0x3b0 is region_info.offset + 0x3b0. Areas ++ * between described ranges are unimplemented. ++ */ ++ VFIO_PCI_VGA_REGION_INDEX, ++ VFIO_PCI_NUM_REGIONS ++}; ++ ++enum { ++ VFIO_PCI_INTX_IRQ_INDEX, ++ VFIO_PCI_MSI_IRQ_INDEX, ++ VFIO_PCI_MSIX_IRQ_INDEX, ++ VFIO_PCI_ERR_IRQ_INDEX, ++ VFIO_PCI_NUM_IRQS ++}; ++ ++/** ++ * VFIO_DEVICE_GET_PCI_HOT_RESET_INFO - _IORW(VFIO_TYPE, VFIO_BASE + 12, ++ * struct vfio_pci_hot_reset_info) ++ * ++ * Return: 0 on success, -errno on failure: ++ * -enospc = insufficient buffer, -enodev = unsupported for device. ++ */ ++struct vfio_pci_dependent_device { ++ __u32 group_id; ++ __u16 segment; ++ __u8 bus; ++ __u8 devfn; /* Use PCI_SLOT/PCI_FUNC */ ++}; ++ ++struct vfio_pci_hot_reset_info { ++ __u32 argsz; ++ __u32 flags; ++ __u32 count; ++ struct vfio_pci_dependent_device devices[]; ++}; ++ ++#define VFIO_DEVICE_GET_PCI_HOT_RESET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) ++ ++/** ++ * VFIO_DEVICE_PCI_HOT_RESET - _IOW(VFIO_TYPE, VFIO_BASE + 13, ++ * struct vfio_pci_hot_reset) ++ * ++ * Return: 0 on success, -errno on failure. ++ */ ++struct vfio_pci_hot_reset { ++ __u32 argsz; ++ __u32 flags; ++ __u32 count; ++ __s32 group_fds[]; ++}; ++ ++#define VFIO_DEVICE_PCI_HOT_RESET _IO(VFIO_TYPE, VFIO_BASE + 13) ++ ++/* -------- API for Type1 VFIO IOMMU -------- */ ++ ++/** ++ * VFIO_IOMMU_GET_INFO - _IOR(VFIO_TYPE, VFIO_BASE + 12, struct vfio_iommu_info) ++ * ++ * Retrieve information about the IOMMU object. Fills in provided ++ * struct vfio_iommu_info. Caller sets argsz. ++ * ++ * XXX Should we do these by CHECK_EXTENSION too? ++ */ ++struct vfio_iommu_type1_info { ++ __u32 argsz; ++ __u32 flags; ++#define VFIO_IOMMU_INFO_PGSIZES (1 << 0) /* supported page sizes info */ ++ __u64 iova_pgsizes; /* Bitmap of supported page sizes */ ++}; ++ ++#define VFIO_IOMMU_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) ++ ++/** ++ * VFIO_IOMMU_MAP_DMA - _IOW(VFIO_TYPE, VFIO_BASE + 13, struct vfio_dma_map) ++ * ++ * Map process virtual addresses to IO virtual addresses using the ++ * provided struct vfio_dma_map. Caller sets argsz. READ &/ WRITE required. ++ */ ++struct vfio_iommu_type1_dma_map { ++ __u32 argsz; ++ __u32 flags; ++#define VFIO_DMA_MAP_FLAG_READ (1 << 0) /* readable from device */ ++#define VFIO_DMA_MAP_FLAG_WRITE (1 << 1) /* writable from device */ ++ __u64 vaddr; /* Process virtual address */ ++ __u64 iova; /* IO virtual address */ ++ __u64 size; /* Size of mapping (bytes) */ ++}; ++ ++#define VFIO_IOMMU_MAP_DMA _IO(VFIO_TYPE, VFIO_BASE + 13) ++ ++/** ++ * VFIO_IOMMU_UNMAP_DMA - _IOWR(VFIO_TYPE, VFIO_BASE + 14, ++ * struct vfio_dma_unmap) ++ * ++ * Unmap IO virtual addresses using the provided struct vfio_dma_unmap. ++ * Caller sets argsz. The actual unmapped size is returned in the size ++ * field. No guarantee is made to the user that arbitrary unmaps of iova ++ * or size different from those used in the original mapping call will ++ * succeed. ++ */ ++struct vfio_iommu_type1_dma_unmap { ++ __u32 argsz; ++ __u32 flags; ++ __u64 iova; /* IO virtual address */ ++ __u64 size; /* Size of mapping (bytes) */ ++}; ++ ++#define VFIO_IOMMU_UNMAP_DMA _IO(VFIO_TYPE, VFIO_BASE + 14) ++ ++/*********** APIs for VFIO_PAMU type only ****************/ ++/* ++ * VFIO_IOMMU_PAMU_GET_ATTR - _IO(VFIO_TYPE, VFIO_BASE + 15, ++ * struct vfio_pamu_attr) ++ * ++ * Gets the iommu attributes for the current vfio container. ++ * Caller sets argsz and attribute. The ioctl fills in ++ * the provided struct vfio_pamu_attr based on the attribute ++ * value that was set. ++ * Return: 0 on success, -errno on failure ++ */ ++struct vfio_pamu_attr { ++ __u32 argsz; ++ __u32 flags; /* no flags currently */ ++#define VFIO_ATTR_GEOMETRY 0 ++#define VFIO_ATTR_WINDOWS 1 ++#define VFIO_ATTR_PAMU_STASH 2 ++ __u32 attribute; ++ ++ union { ++ /* VFIO_ATTR_GEOMETRY */ ++ struct { ++ /* first addr that can be mapped */ ++ __u64 aperture_start; ++ /* last addr that can be mapped */ ++ __u64 aperture_end; ++ } attr; ++ ++ /* VFIO_ATTR_WINDOWS */ ++ __u32 windows; /* number of windows in the aperture ++ * initially this will be the max number ++ * of windows that can be set ++ */ ++ /* VFIO_ATTR_PAMU_STASH */ ++ struct { ++ __u32 cpu; /* CPU number for stashing */ ++ __u32 cache; /* cache ID for stashing */ ++ } stash; ++ } attr_info; ++}; ++#define VFIO_IOMMU_PAMU_GET_ATTR _IO(VFIO_TYPE, VFIO_BASE + 15) ++ ++/* ++ * VFIO_IOMMU_PAMU_SET_ATTR - _IO(VFIO_TYPE, VFIO_BASE + 16, ++ * struct vfio_pamu_attr) ++ * ++ * Sets the iommu attributes for the current vfio container. ++ * Caller sets struct vfio_pamu attr, including argsz and attribute and ++ * setting any fields that are valid for the attribute. ++ * Return: 0 on success, -errno on failure ++ */ ++#define VFIO_IOMMU_PAMU_SET_ATTR _IO(VFIO_TYPE, VFIO_BASE + 16) ++ ++/* ++ * VFIO_IOMMU_PAMU_GET_MSI_BANK_COUNT - _IO(VFIO_TYPE, VFIO_BASE + 17, __u32) ++ * ++ * Returns the number of MSI banks for this platform. This tells user space ++ * how many aperture windows should be reserved for MSI banks when setting ++ * the PAMU geometry and window count. ++ * Return: __u32 bank count on success, -errno on failure ++ */ ++#define VFIO_IOMMU_PAMU_GET_MSI_BANK_COUNT _IO(VFIO_TYPE, VFIO_BASE + 17) ++ ++/* ++ * VFIO_IOMMU_PAMU_MAP_MSI_BANK - _IO(VFIO_TYPE, VFIO_BASE + 18, ++ * struct vfio_pamu_msi_bank_map) ++ * ++ * Maps the MSI bank at the specified index and iova. User space must ++ * call this ioctl once for each MSI bank (count of banks is returned by ++ * VFIO_IOMMU_PAMU_GET_MSI_BANK_COUNT). ++ * Caller provides struct vfio_pamu_msi_bank_map with all fields set. ++ * Return: 0 on success, -errno on failure ++ */ ++ ++struct vfio_pamu_msi_bank_map { ++ __u32 argsz; ++ __u32 flags; /* no flags currently */ ++ __u32 msi_bank_index; /* the index of the MSI bank */ ++ __u64 iova; /* the iova the bank is to be mapped to */ ++}; ++#define VFIO_IOMMU_PAMU_MAP_MSI_BANK _IO(VFIO_TYPE, VFIO_BASE + 18) ++ ++/* ++ * VFIO_IOMMU_PAMU_UNMAP_MSI_BANK - _IO(VFIO_TYPE, VFIO_BASE + 19, ++ * struct vfio_pamu_msi_bank_unmap) ++ * ++ * Unmaps the MSI bank at the specified iova. ++ * Caller provides struct vfio_pamu_msi_bank_unmap with all fields set. ++ * Operates on VFIO file descriptor (/dev/vfio/vfio). ++ * Return: 0 on success, -errno on failure ++ */ ++ ++struct vfio_pamu_msi_bank_unmap { ++ __u32 argsz; ++ __u32 flags; /* no flags currently */ ++ __u64 iova; /* the iova to be unmapped to */ ++}; ++#define VFIO_IOMMU_PAMU_UNMAP_MSI_BANK _IO(VFIO_TYPE, VFIO_BASE + 19) ++ ++/* ++ * IOCTLs to enable/disable IOMMU container usage. ++ * No parameters are supported. ++ */ ++#define VFIO_IOMMU_ENABLE _IO(VFIO_TYPE, VFIO_BASE + 15) ++#define VFIO_IOMMU_DISABLE _IO(VFIO_TYPE, VFIO_BASE + 16) ++ ++/* -------- Additional API for SPAPR TCE (Server POWERPC) IOMMU -------- */ ++ ++/* ++ * The SPAPR TCE info struct provides the information about the PCI bus ++ * address ranges available for DMA, these values are programmed into ++ * the hardware so the guest has to know that information. ++ * ++ * The DMA 32 bit window start is an absolute PCI bus address. ++ * The IOVA address passed via map/unmap ioctls are absolute PCI bus ++ * addresses too so the window works as a filter rather than an offset ++ * for IOVA addresses. ++ * ++ * A flag will need to be added if other page sizes are supported, ++ * so as defined here, it is always 4k. ++ */ ++struct vfio_iommu_spapr_tce_info { ++ __u32 argsz; ++ __u32 flags; /* reserved for future use */ ++ __u32 dma32_window_start; /* 32 bit window start (bytes) */ ++ __u32 dma32_window_size; /* 32 bit window size (bytes) */ ++}; ++ ++#define VFIO_IOMMU_SPAPR_TCE_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) ++ ++/* ***************************************************************** */ ++ ++#endif /* _UAPIVFIO_H */ +-- +1.8.3.2 + diff --git a/recipes-extended/skmm-ep/skmm-ep_git.bb b/recipes-extended/skmm-ep/skmm-ep_git.bb new file mode 100644 index 00000000..ca5d6734 --- /dev/null +++ b/recipes-extended/skmm-ep/skmm-ep_git.bb @@ -0,0 +1,31 @@ +DESCRIPTION = "SKMM application for PCIe endpoint" +SECTION = "skmm-ep" +LICENSE = "BSD & GPLv2" +LIC_FILES_CHKSUM = "file://Makefile;endline=30;md5=39e58bedc879163c9338596e52df5b1f" + +DEPENDS = "libedit openssl virtual/kernel" + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +SRC_URI = "git://git.freescale.com/ppc/sdk/skmm-ep.git;nobranch=1 \ + file://add-two-missing-header-files.patch \ +" +SRCREV = "27156a6621c8f6d7f98210b1ca5cd97bde926875" + +COMPATIBLE_MACHINE = "(p4080ds|t4240qds|c293pcie)" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = 'MACHINE=${MACHINE}' + +export LIBEDIT_CFLAGS = "`pkg-config --cflags libedit`" +export LIBEDIT_LDFLAGS = "`pkg-config --libs --static libedit`" + +do_compile () { + export ARCH=${TARGET_ARCH} + oe_runmake +} + +do_install () { + oe_runmake ARCH=${TARGET_ARCH} install DESTDIR=${D} +} diff --git a/recipes-extended/testfloat/files/SoftFloat-powerpc-1.patch b/recipes-extended/testfloat/files/SoftFloat-powerpc-1.patch new file mode 100644 index 00000000..b6db2de2 --- /dev/null +++ b/recipes-extended/testfloat/files/SoftFloat-powerpc-1.patch @@ -0,0 +1,1427 @@ +This patch adds PowerPC support in SoftFloat. + +Signed-off-by: Ebony Zhu +Signed-off-by: Liu Yu +--- + SoftFloat-2b/processors/powerpc-GCC.h | 87 ++++ + SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile | 26 ++ + SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h | 55 +++ + .../bits32/powerpc-GCC/softfloat-specialize | 252 ++++++++++++ + .../softfloat/bits32/powerpc-GCC/softfloat.h | 155 +++++++ + SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile | 24 ++ + SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h | 55 +++ + .../bits64/powerpc-GCC/softfloat-specialize | 422 ++++++++++++++++++++ + .../softfloat/bits64/powerpc-GCC/softfloat.h | 269 +++++++++++++ + 9 files changed, 1345 insertions(+), 0 deletions(-) + create mode 100644 SoftFloat-2b/processors/powerpc-GCC.h + create mode 100644 SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile + create mode 100644 SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h + create mode 100644 SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat-specialize + create mode 100644 SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat.h + create mode 100644 SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile + create mode 100644 SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h + create mode 100644 SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat-specialize + create mode 100644 SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat.h + +diff --git a/SoftFloat-2b/processors/powerpc-GCC.h b/SoftFloat-2b/processors/powerpc-GCC.h +new file mode 100644 +index 0000000..002a786 +--- /dev/null ++++ b/SoftFloat-2b/processors/powerpc-GCC.h +@@ -0,0 +1,87 @@ ++/* ++ * This file is derived from processors/386-gcc.h, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ * ++ * THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has ++ * been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES ++ * RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS ++ * AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, ++ * COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE ++ * EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE ++ * INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR ++ * OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. ++ */ ++ ++/*---------------------------------------------------------------------------- ++| One of the macros `BIGENDIAN' or `LITTLEENDIAN' must be defined. ++*----------------------------------------------------------------------------*/ ++#define BIGENDIAN ++ ++/*---------------------------------------------------------------------------- ++| The macro `BITS64' can be defined to indicate that 64-bit integer types are ++| supported by the compiler. ++*----------------------------------------------------------------------------*/ ++#define BITS32 ++ ++/*---------------------------------------------------------------------------- ++| Each of the following `typedef's defines the most convenient type that holds ++| integers of at least as many bits as specified. For example, `uint8' should ++| be the most convenient type that can hold unsigned integers of as many as ++| 8 bits. The `flag' type must be able to hold either a 0 or 1. For most ++| implementations of C, `flag', `uint8', and `int8' should all be `typedef'ed ++| to the same as `int'. ++*----------------------------------------------------------------------------*/ ++typedef int flag; ++typedef int uint8; ++typedef int int8; ++typedef int uint16; ++typedef int int16; ++typedef unsigned int uint32; ++typedef signed int int32; ++#ifdef BITS64 ++typedef unsigned long long int uint64; ++typedef signed long long int int64; ++#endif ++ ++/*---------------------------------------------------------------------------- ++| Each of the following `typedef's defines a type that holds integers ++| of _exactly_ the number of bits specified. For instance, for most ++| implementation of C, `bits16' and `sbits16' should be `typedef'ed to ++| `unsigned short int' and `signed short int' (or `short int'), respectively. ++*----------------------------------------------------------------------------*/ ++typedef unsigned char bits8; ++typedef signed char sbits8; ++typedef unsigned short int bits16; ++typedef signed short int sbits16; ++typedef unsigned int bits32; ++typedef signed int sbits32; ++#ifdef BITS64 ++typedef unsigned long long int bits64; ++typedef signed long long int sbits64; ++#endif ++ ++#ifdef BITS64 ++/*---------------------------------------------------------------------------- ++| The `LIT64' macro takes as its argument a textual integer literal and ++| if necessary ``marks'' the literal as having a 64-bit integer type. ++| For example, the GNU C Compiler (`gcc') requires that 64-bit literals be ++| appended with the letters `LL' standing for `long long', which is `gcc's ++| name for the 64-bit integer type. Some compilers may allow `LIT64' to be ++| defined as the identity macro: `#define LIT64( a ) a'. ++*----------------------------------------------------------------------------*/ ++#define LIT64( a ) a##LL ++#endif ++ ++/*---------------------------------------------------------------------------- ++| The macro `INLINE' can be used before functions that should be inlined. If ++| a compiler does not support explicit inlining, this macro should be defined ++| to be `static'. ++*----------------------------------------------------------------------------*/ ++#define INLINE extern inline ++ +diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile +new file mode 100644 +index 0000000..28f1e33 +--- /dev/null ++++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile +@@ -0,0 +1,26 @@ ++ ++PROCESSOR_H = ../../../processors/powerpc-GCC.h ++SOFTFLOAT_MACROS = ../softfloat-macros ++ ++OBJ = .o ++EXE = ++INCLUDES = -I. -I.. ++COMPILE_C = $(COMPILE_PREFIX)gcc -msoft-float -c -o $@ $(INCLUDES) -I- -O2 ++LINK = $(COMPILE_PREFIX)gcc -o $@ ++ ++ALL: softfloat$(OBJ) timesoftfloat$(EXE) ++ ++milieu.h: $(PROCESSOR_H) ++ touch milieu.h ++ ++softfloat$(OBJ): milieu.h softfloat.h softfloat-specialize $(SOFTFLOAT_MACROS) ../softfloat.c ++ $(COMPILE_C) ../softfloat.c ++ ++timesoftfloat$(OBJ): milieu.h softfloat.h ../timesoftfloat.c ++ $(COMPILE_C) ../timesoftfloat.c ++ ++timesoftfloat$(EXE): softfloat$(OBJ) timesoftfloat$(OBJ) ++ $(LINK) softfloat$(OBJ) timesoftfloat$(OBJ) ++ ++clean: ++ rm -f *.o timesoftfloat$(EXE) +diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h +new file mode 100644 +index 0000000..d8b6012 +--- /dev/null ++++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/milieu.h +@@ -0,0 +1,55 @@ ++/* ++ * This file is derived from softfloat/bits32/386-Win32-GCC/milieu.h, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/*============================================================================ ++ ++This C header file is part of the SoftFloat IEC/IEEE Floating-point Arithmetic ++Package, Release 2b. ++ ++Written by John R. Hauser. This work was made possible in part by the ++International Computer Science Institute, located at Suite 600, 1947 Center ++Street, Berkeley, California 94704. Funding was partially provided by the ++National Science Foundation under grant MIP-9311980. The original version ++of this code was written as part of a project to build a fixed-point vector ++processor in collaboration with the University of California at Berkeley, ++overseen by Profs. Nelson Morgan and John Wawrzynek. More information ++is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ ++arithmetic/SoftFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has ++been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES ++RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS ++AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, ++COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE ++EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE ++INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR ++OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) the source code for the derivative work includes prominent notice that ++the work is derivative, and (2) the source code includes prominent notice with ++these four paragraphs for those parts of this code that are retained. ++ ++=============================================================================*/ ++ ++/*---------------------------------------------------------------------------- ++| Include common integer types and flags. ++*----------------------------------------------------------------------------*/ ++#include "../../../processors/powerpc-GCC.h" ++ ++/*---------------------------------------------------------------------------- ++| Symbolic Boolean literals. ++*----------------------------------------------------------------------------*/ ++enum { ++ FALSE = 0, ++ TRUE = 1 ++}; ++ +diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat-specialize b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat-specialize +new file mode 100644 +index 0000000..fd2caa4 +--- /dev/null ++++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat-specialize +@@ -0,0 +1,252 @@ ++/* ++ * This file is derived from softfloat/bits32/386-Win32-GCC/softfloat-specialize, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/*============================================================================ ++ ++This C source fragment is part of the SoftFloat IEC/IEEE Floating-point ++Arithmetic Package, Release 2b. ++ ++Written by John R. Hauser. This work was made possible in part by the ++International Computer Science Institute, located at Suite 600, 1947 Center ++Street, Berkeley, California 94704. Funding was partially provided by the ++National Science Foundation under grant MIP-9311980. The original version ++of this code was written as part of a project to build a fixed-point vector ++processor in collaboration with the University of California at Berkeley, ++overseen by Profs. Nelson Morgan and John Wawrzynek. More information ++is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ ++arithmetic/SoftFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has ++been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES ++RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS ++AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, ++COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE ++EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE ++INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR ++OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) the source code for the derivative work includes prominent notice that ++the work is derivative, and (2) the source code includes prominent notice with ++these four paragraphs for those parts of this code that are retained. ++ ++=============================================================================*/ ++ ++/*---------------------------------------------------------------------------- ++| Underflow tininess-detection mode, statically initialized to default value. ++| (The declaration in `softfloat.h' must match the `int8' type here.) ++*----------------------------------------------------------------------------*/ ++int8 float_detect_tininess = float_tininess_after_rounding; ++ ++/*---------------------------------------------------------------------------- ++| Raises the exceptions specified by `flags'. Floating-point traps can be ++| defined here if desired. It is currently not possible for such a trap ++| to substitute a result value. If traps are not implemented, this routine ++| should be simply `float_exception_flags |= flags;'. ++*----------------------------------------------------------------------------*/ ++ ++void float_raise( int8 flags ) ++{ ++ ++ float_exception_flags |= flags; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Internal canonical NaN format. ++*----------------------------------------------------------------------------*/ ++typedef struct { ++ flag sign; ++ bits32 high, low; ++} commonNaNT; ++ ++/*---------------------------------------------------------------------------- ++| The pattern for a default generated single-precision NaN. ++*----------------------------------------------------------------------------*/ ++enum { ++ float32_default_nan = 0xFFFFFFFF ++}; ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the single-precision floating-point value `a' is a NaN; ++| otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float32_is_nan( float32 a ) ++{ ++ ++ return ( 0xFF000000 < (bits32) ( a<<1 ) ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the single-precision floating-point value `a' is a signaling ++| NaN; otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float32_is_signaling_nan( float32 a ) ++{ ++ ++ return ( ( ( a>>22 ) & 0x1FF ) == 0x1FE ) && ( a & 0x003FFFFF ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the single-precision floating-point NaN ++| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid ++| exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static commonNaNT float32ToCommonNaN( float32 a ) ++{ ++ commonNaNT z; ++ ++ if ( float32_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); ++ z.sign = a>>31; ++ z.low = 0; ++ z.high = a<<9; ++ return z; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the canonical NaN `a' to the single- ++| precision floating-point format. ++*----------------------------------------------------------------------------*/ ++ ++static float32 commonNaNToFloat32( commonNaNT a ) ++{ ++ ++ return ( ( (bits32) a.sign )<<31 ) | 0x7FC00000 | ( a.high>>9 ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Takes two single-precision floating-point values `a' and `b', one of which ++| is a NaN, and returns the appropriate NaN result. If either `a' or `b' is a ++| signaling NaN, the invalid exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static float32 propagateFloat32NaN( float32 a, float32 b ) ++{ ++ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; ++ ++ aIsNaN = float32_is_nan( a ); ++ aIsSignalingNaN = float32_is_signaling_nan( a ); ++ bIsNaN = float32_is_nan( b ); ++ bIsSignalingNaN = float32_is_signaling_nan( b ); ++ a |= 0x00400000; ++ b |= 0x00400000; ++ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); ++ if ( aIsNaN ) { ++ return ( aIsSignalingNaN & bIsNaN ) ? b : a; ++ } ++ else { ++ return b; ++ } ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| The pattern for a default generated double-precision NaN. The `high' and ++| `low' values hold the most- and least-significant bits, respectively. ++*----------------------------------------------------------------------------*/ ++enum { ++ float64_default_nan_high = 0xFFFFFFFF, ++ float64_default_nan_low = 0xFFFFFFFF ++}; ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the double-precision floating-point value `a' is a NaN; ++| otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float64_is_nan( float64 a ) ++{ ++ ++ return ++ ( 0xFFE00000 <= (bits32) ( a.high<<1 ) ) ++ && ( a.low || ( a.high & 0x000FFFFF ) ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the double-precision floating-point value `a' is a signaling ++| NaN; otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float64_is_signaling_nan( float64 a ) ++{ ++ ++ return ++ ( ( ( a.high>>19 ) & 0xFFF ) == 0xFFE ) ++ && ( a.low || ( a.high & 0x0007FFFF ) ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the double-precision floating-point NaN ++| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid ++| exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static commonNaNT float64ToCommonNaN( float64 a ) ++{ ++ commonNaNT z; ++ ++ if ( float64_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); ++ z.sign = a.high>>31; ++ shortShift64Left( a.high, a.low, 12, &z.high, &z.low ); ++ return z; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the canonical NaN `a' to the double- ++| precision floating-point format. ++*----------------------------------------------------------------------------*/ ++ ++static float64 commonNaNToFloat64( commonNaNT a ) ++{ ++ float64 z; ++ ++ shift64Right( a.high, a.low, 12, &z.high, &z.low ); ++ z.high |= ( ( (bits32) a.sign )<<31 ) | 0x7FF80000; ++ return z; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Takes two double-precision floating-point values `a' and `b', one of which ++| is a NaN, and returns the appropriate NaN result. If either `a' or `b' is a ++| signaling NaN, the invalid exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static float64 propagateFloat64NaN( float64 a, float64 b ) ++{ ++ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; ++ ++ aIsNaN = float64_is_nan( a ); ++ aIsSignalingNaN = float64_is_signaling_nan( a ); ++ bIsNaN = float64_is_nan( b ); ++ bIsSignalingNaN = float64_is_signaling_nan( b ); ++ a.high |= 0x00080000; ++ b.high |= 0x00080000; ++ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); ++ if ( aIsNaN ) { ++ return ( aIsSignalingNaN & bIsNaN ) ? b : a; ++ } ++ else { ++ return b; ++ } ++ ++} ++ +diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat.h b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat.h +new file mode 100644 +index 0000000..0015b8e +--- /dev/null ++++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/softfloat.h +@@ -0,0 +1,155 @@ ++/* ++ * This file is derived from softfloat/bits32/386-Win32-GCC/softfloat.h, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/*============================================================================ ++ ++This C header file is part of the SoftFloat IEC/IEEE Floating-point Arithmetic ++Package, Release 2b. ++ ++Written by John R. Hauser. This work was made possible in part by the ++International Computer Science Institute, located at Suite 600, 1947 Center ++Street, Berkeley, California 94704. Funding was partially provided by the ++National Science Foundation under grant MIP-9311980. The original version ++of this code was written as part of a project to build a fixed-point vector ++processor in collaboration with the University of California at Berkeley, ++overseen by Profs. Nelson Morgan and John Wawrzynek. More information ++is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ ++arithmetic/SoftFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has ++been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES ++RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS ++AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, ++COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE ++EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE ++INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR ++OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) the source code for the derivative work includes prominent notice that ++the work is derivative, and (2) the source code includes prominent notice with ++these four paragraphs for those parts of this code that are retained. ++ ++=============================================================================*/ ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE floating-point types. ++*----------------------------------------------------------------------------*/ ++typedef bits32 float32; ++typedef struct { ++ bits32 high, low; ++} float64; ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE floating-point underflow tininess-detection mode. ++*----------------------------------------------------------------------------*/ ++extern int8 float_detect_tininess; ++enum { ++ float_tininess_after_rounding = 0, ++ float_tininess_before_rounding = 1 ++}; ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE floating-point rounding mode. ++*----------------------------------------------------------------------------*/ ++extern int8 float_rounding_mode; ++enum { ++ float_round_nearest_even = 0, ++ float_round_to_zero = 1, ++ float_round_up = 2, ++ float_round_down = 3 ++}; ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE floating-point exception flags. ++*----------------------------------------------------------------------------*/ ++/* ++extern int8 float_exception_flags; ++enum { ++ float_flag_inexact = 1, ++ float_flag_underflow = 2, ++ float_flag_overflow = 4, ++ float_flag_divbyzero = 8, ++ float_flag_invalid = 16 ++}; ++*/ ++ ++extern int8 float_exception_flags; ++enum { ++ float_flag_inexact = 16, ++ float_flag_underflow = 2, ++ float_flag_overflow = 1, ++ float_flag_divbyzero = 4, ++ float_flag_invalid = 8 ++}; ++ ++/*---------------------------------------------------------------------------- ++| Routine to raise any or all of the software IEC/IEEE floating-point ++| exception flags. ++*----------------------------------------------------------------------------*/ ++void float_raise( int8 ); ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE integer-to-floating-point conversion routines. ++*----------------------------------------------------------------------------*/ ++float32 int32_to_float32( int32 ); ++float64 int32_to_float64( int32 ); ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE single-precision conversion routines. ++*----------------------------------------------------------------------------*/ ++int32 float32_to_int32( float32 ); ++int32 float32_to_int32_round_to_zero( float32 ); ++float64 float32_to_float64( float32 ); ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE single-precision operations. ++*----------------------------------------------------------------------------*/ ++float32 float32_round_to_int( float32 ); ++float32 float32_add( float32, float32 ); ++float32 float32_sub( float32, float32 ); ++float32 float32_mul( float32, float32 ); ++float32 float32_div( float32, float32 ); ++float32 float32_rem( float32, float32 ); ++float32 float32_sqrt( float32 ); ++flag float32_eq( float32, float32 ); ++flag float32_le( float32, float32 ); ++flag float32_lt( float32, float32 ); ++flag float32_eq_signaling( float32, float32 ); ++flag float32_le_quiet( float32, float32 ); ++flag float32_lt_quiet( float32, float32 ); ++flag float32_is_signaling_nan( float32 ); ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE double-precision conversion routines. ++*----------------------------------------------------------------------------*/ ++int32 float64_to_int32( float64 ); ++int32 float64_to_int32_round_to_zero( float64 ); ++float32 float64_to_float32( float64 ); ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE double-precision operations. ++*----------------------------------------------------------------------------*/ ++float64 float64_round_to_int( float64 ); ++float64 float64_add( float64, float64 ); ++float64 float64_sub( float64, float64 ); ++float64 float64_mul( float64, float64 ); ++float64 float64_div( float64, float64 ); ++float64 float64_rem( float64, float64 ); ++float64 float64_sqrt( float64 ); ++flag float64_eq( float64, float64 ); ++flag float64_le( float64, float64 ); ++flag float64_lt( float64, float64 ); ++flag float64_eq_signaling( float64, float64 ); ++flag float64_le_quiet( float64, float64 ); ++flag float64_lt_quiet( float64, float64 ); ++flag float64_is_signaling_nan( float64 ); ++ +diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile +new file mode 100644 +index 0000000..a5e2cc7 +--- /dev/null ++++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile +@@ -0,0 +1,24 @@ ++ ++PROCESSOR_H = ../../../processors/powerpc-GCC.h ++SOFTFLOAT_MACROS = ../softfloat-macros ++ ++OBJ = .o ++EXE = ++INCLUDES = -I. -I.. ++COMPILE_C = $(COMPILE_PREFIX) -mcpu=8548 -mhard-float -mfloat-gprs=double -o $@ $(INCLUDES) -I- -O2 ++LINK = $(COMPILE_PREFIX) -o $@ ++ ++ALL: softfloat$(OBJ) timesoftfloat$(EXE) ++ ++milieu.h: $(PROCESSOR_H) ++ touch milieu.h ++ ++softfloat$(OBJ): milieu.h softfloat.h softfloat-specialize $(SOFTFLOAT_MACROS) ../softfloat.c ++ $(COMPILE_C) ../softfloat.c ++ ++timesoftfloat$(OBJ): milieu.h softfloat.h ../timesoftfloat.c ++ $(COMPILE_C) ../timesoftfloat.c ++ ++timesoftfloat$(EXE): softfloat$(OBJ) timesoftfloat$(OBJ) ++ $(LINK) softfloat$(OBJ) timesoftfloat$(OBJ) ++ +diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h +new file mode 100644 +index 0000000..1b66490 +--- /dev/null ++++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/milieu.h +@@ -0,0 +1,55 @@ ++/* ++ * This file is derived from softfloat/bits64/386-Win32-GCC/milieu.h, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/*============================================================================ ++ ++This C header file is part of the SoftFloat IEC/IEEE Floating-point Arithmetic ++Package, Release 2b. ++ ++Written by John R. Hauser. This work was made possible in part by the ++International Computer Science Institute, located at Suite 600, 1947 Center ++Street, Berkeley, California 94704. Funding was partially provided by the ++National Science Foundation under grant MIP-9311980. The original version ++of this code was written as part of a project to build a fixed-point vector ++processor in collaboration with the University of California at Berkeley, ++overseen by Profs. Nelson Morgan and John Wawrzynek. More information ++is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ ++arithmetic/SoftFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has ++been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES ++RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS ++AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, ++COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE ++EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE ++INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR ++OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) the source code for the derivative work includes prominent notice that ++the work is derivative, and (2) the source code includes prominent notice with ++these four paragraphs for those parts of this code that are retained. ++ ++=============================================================================*/ ++ ++/*---------------------------------------------------------------------------- ++| Include common integer types and flags. ++*----------------------------------------------------------------------------*/ ++#include "../../../processors/SPARC-GCC.h" ++ ++/*---------------------------------------------------------------------------- ++| Symbolic Boolean literals. ++*----------------------------------------------------------------------------*/ ++enum { ++ FALSE = 0, ++ TRUE = 1 ++}; ++ +diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat-specialize b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat-specialize +new file mode 100644 +index 0000000..b1d0bc8 +--- /dev/null ++++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat-specialize +@@ -0,0 +1,422 @@ ++/* ++ * This file is derived from softfloat/bits64/386-Win32-GCC/softfloat-specialize, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/*============================================================================ ++ ++This C source fragment is part of the SoftFloat IEC/IEEE Floating-point ++Arithmetic Package, Release 2b. ++ ++Written by John R. Hauser. This work was made possible in part by the ++International Computer Science Institute, located at Suite 600, 1947 Center ++Street, Berkeley, California 94704. Funding was partially provided by the ++National Science Foundation under grant MIP-9311980. The original version ++of this code was written as part of a project to build a fixed-point vector ++processor in collaboration with the University of California at Berkeley, ++overseen by Profs. Nelson Morgan and John Wawrzynek. More information ++is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ ++arithmetic/SoftFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has ++been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES ++RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS ++AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, ++COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE ++EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE ++INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR ++OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) the source code for the derivative work includes prominent notice that ++the work is derivative, and (2) the source code includes prominent notice with ++these four paragraphs for those parts of this code that are retained. ++ ++=============================================================================*/ ++ ++/*---------------------------------------------------------------------------- ++| Underflow tininess-detection mode, statically initialized to default value. ++| (The declaration in `softfloat.h' must match the `int8' type here.) ++*----------------------------------------------------------------------------*/ ++int8 float_detect_tininess = float_tininess_before_rounding; ++ ++/*---------------------------------------------------------------------------- ++| Raises the exceptions specified by `flags'. Floating-point traps can be ++| defined here if desired. It is currently not possible for such a trap ++| to substitute a result value. If traps are not implemented, this routine ++| should be simply `float_exception_flags |= flags;'. ++*----------------------------------------------------------------------------*/ ++ ++void float_raise( int8 flags ) ++{ ++ ++ float_exception_flags |= flags; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Internal canonical NaN format. ++*----------------------------------------------------------------------------*/ ++typedef struct { ++ flag sign; ++ bits64 high, low; ++} commonNaNT; ++ ++/*---------------------------------------------------------------------------- ++| The pattern for a default generated single-precision NaN. ++*----------------------------------------------------------------------------*/ ++#define float32_default_nan 0x7FFFFFFF ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the single-precision floating-point value `a' is a NaN; ++| otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float32_is_nan( float32 a ) ++{ ++ ++ return ( 0xFF000000 < (bits32) ( a<<1 ) ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the single-precision floating-point value `a' is a signaling ++| NaN; otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float32_is_signaling_nan( float32 a ) ++{ ++ ++ return ( ( ( a>>22 ) & 0x1FF ) == 0x1FE ) && ( a & 0x003FFFFF ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the single-precision floating-point NaN ++| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid ++| exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static commonNaNT float32ToCommonNaN( float32 a ) ++{ ++ commonNaNT z; ++ ++ if ( float32_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); ++ z.sign = a>>31; ++ z.low = 0; ++ z.high = ( (bits64) a )<<41; ++ return z; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the canonical NaN `a' to the single- ++| precision floating-point format. ++*----------------------------------------------------------------------------*/ ++ ++static float32 commonNaNToFloat32( commonNaNT a ) ++{ ++ ++ return ( ( (bits32) a.sign )<<31 ) | 0x7FC00000 | ( a.high>>41 ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Takes two single-precision floating-point values `a' and `b', one of which ++| is a NaN, and returns the appropriate NaN result. If either `a' or `b' is a ++| signaling NaN, the invalid exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static float32 propagateFloat32NaN( float32 a, float32 b ) ++{ ++ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; ++ ++ aIsNaN = float32_is_nan( a ); ++ aIsSignalingNaN = float32_is_signaling_nan( a ); ++ bIsNaN = float32_is_nan( b ); ++ bIsSignalingNaN = float32_is_signaling_nan( b ); ++ a |= 0x00400000; ++ b |= 0x00400000; ++ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); ++ return bIsSignalingNaN ? b : aIsSignalingNaN ? a : bIsNaN ? b : a; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| The pattern for a default generated double-precision NaN. ++*----------------------------------------------------------------------------*/ ++#define float64_default_nan LIT64( 0x7FFFFFFFFFFFFFFF ) ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the double-precision floating-point value `a' is a NaN; ++| otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float64_is_nan( float64 a ) ++{ ++ ++ return ( LIT64( 0xFFE0000000000000 ) < (bits64) ( a<<1 ) ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the double-precision floating-point value `a' is a signaling ++| NaN; otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float64_is_signaling_nan( float64 a ) ++{ ++ ++ return ++ ( ( ( a>>51 ) & 0xFFF ) == 0xFFE ) ++ && ( a & LIT64( 0x0007FFFFFFFFFFFF ) ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the double-precision floating-point NaN ++| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid ++| exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static commonNaNT float64ToCommonNaN( float64 a ) ++{ ++ commonNaNT z; ++ ++ if ( float64_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); ++ z.sign = a>>63; ++ z.low = 0; ++ z.high = a<<12; ++ return z; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the canonical NaN `a' to the double- ++| precision floating-point format. ++*----------------------------------------------------------------------------*/ ++ ++static float64 commonNaNToFloat64( commonNaNT a ) ++{ ++ ++ return ++ ( ( (bits64) a.sign )<<63 ) ++ | LIT64( 0x7FF8000000000000 ) ++ | ( a.high>>12 ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Takes two double-precision floating-point values `a' and `b', one of which ++| is a NaN, and returns the appropriate NaN result. If either `a' or `b' is a ++| signaling NaN, the invalid exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static float64 propagateFloat64NaN( float64 a, float64 b ) ++{ ++ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; ++ ++ aIsNaN = float64_is_nan( a ); ++ aIsSignalingNaN = float64_is_signaling_nan( a ); ++ bIsNaN = float64_is_nan( b ); ++ bIsSignalingNaN = float64_is_signaling_nan( b ); ++ a |= LIT64( 0x0008000000000000 ); ++ b |= LIT64( 0x0008000000000000 ); ++ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); ++ return bIsSignalingNaN ? b : aIsSignalingNaN ? a : bIsNaN ? b : a; ++ ++} ++ ++#ifdef FLOATX80 ++ ++/*---------------------------------------------------------------------------- ++| The pattern for a default generated extended double-precision NaN. The ++| `high' and `low' values hold the most- and least-significant bits, ++| respectively. ++*----------------------------------------------------------------------------*/ ++#define floatx80_default_nan_high 0x7FFF ++#define floatx80_default_nan_low LIT64( 0xFFFFFFFFFFFFFFFF ) ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the extended double-precision floating-point value `a' is a ++| NaN; otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag floatx80_is_nan( floatx80 a ) ++{ ++ ++ return ( ( a.high & 0x7FFF ) == 0x7FFF ) && (bits64) ( a.low<<1 ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the extended double-precision floating-point value `a' is a ++| signaling NaN; otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag floatx80_is_signaling_nan( floatx80 a ) ++{ ++ bits64 aLow; ++ ++ aLow = a.low & ~ LIT64( 0x4000000000000000 ); ++ return ++ ( ( a.high & 0x7FFF ) == 0x7FFF ) ++ && (bits64) ( aLow<<1 ) ++ && ( a.low == aLow ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the extended double-precision floating- ++| point NaN `a' to the canonical NaN format. If `a' is a signaling NaN, the ++| invalid exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static commonNaNT floatx80ToCommonNaN( floatx80 a ) ++{ ++ commonNaNT z; ++ ++ if ( floatx80_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); ++ z.sign = a.high>>15; ++ z.low = 0; ++ z.high = a.low<<1; ++ return z; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the canonical NaN `a' to the extended ++| double-precision floating-point format. ++*----------------------------------------------------------------------------*/ ++ ++static floatx80 commonNaNToFloatx80( commonNaNT a ) ++{ ++ floatx80 z; ++ ++ z.low = LIT64( 0xC000000000000000 ) | ( a.high>>1 ); ++ z.high = ( ( (bits16) a.sign )<<15 ) | 0x7FFF; ++ return z; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Takes two extended double-precision floating-point values `a' and `b', one ++| of which is a NaN, and returns the appropriate NaN result. If either `a' or ++| `b' is a signaling NaN, the invalid exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static floatx80 propagateFloatx80NaN( floatx80 a, floatx80 b ) ++{ ++ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; ++ ++ aIsNaN = floatx80_is_nan( a ); ++ aIsSignalingNaN = floatx80_is_signaling_nan( a ); ++ bIsNaN = floatx80_is_nan( b ); ++ bIsSignalingNaN = floatx80_is_signaling_nan( b ); ++ a.low |= LIT64( 0xC000000000000000 ); ++ b.low |= LIT64( 0xC000000000000000 ); ++ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); ++ return bIsSignalingNaN ? b : aIsSignalingNaN ? a : bIsNaN ? b : a; ++ ++} ++ ++#endif ++ ++#ifdef FLOAT128 ++ ++/*---------------------------------------------------------------------------- ++| The pattern for a default generated quadruple-precision NaN. The `high' and ++| `low' values hold the most- and least-significant bits, respectively. ++*----------------------------------------------------------------------------*/ ++#define float128_default_nan_high LIT64( 0x7FFFFFFFFFFFFFFF ) ++#define float128_default_nan_low LIT64( 0xFFFFFFFFFFFFFFFF ) ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the quadruple-precision floating-point value `a' is a NaN; ++| otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float128_is_nan( float128 a ) ++{ ++ ++ return ++ ( LIT64( 0xFFFE000000000000 ) <= (bits64) ( a.high<<1 ) ) ++ && ( a.low || ( a.high & LIT64( 0x0000FFFFFFFFFFFF ) ) ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns 1 if the quadruple-precision floating-point value `a' is a ++| signaling NaN; otherwise returns 0. ++*----------------------------------------------------------------------------*/ ++ ++flag float128_is_signaling_nan( float128 a ) ++{ ++ ++ return ++ ( ( ( a.high>>47 ) & 0xFFFF ) == 0xFFFE ) ++ && ( a.low || ( a.high & LIT64( 0x00007FFFFFFFFFFF ) ) ); ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the quadruple-precision floating-point NaN ++| `a' to the canonical NaN format. If `a' is a signaling NaN, the invalid ++| exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static commonNaNT float128ToCommonNaN( float128 a ) ++{ ++ commonNaNT z; ++ ++ if ( float128_is_signaling_nan( a ) ) float_raise( float_flag_invalid ); ++ z.sign = a.high>>63; ++ shortShift128Left( a.high, a.low, 16, &z.high, &z.low ); ++ return z; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Returns the result of converting the canonical NaN `a' to the quadruple- ++| precision floating-point format. ++*----------------------------------------------------------------------------*/ ++ ++static float128 commonNaNToFloat128( commonNaNT a ) ++{ ++ float128 z; ++ ++ shift128Right( a.high, a.low, 16, &z.high, &z.low ); ++ z.high |= ( ( (bits64) a.sign )<<63 ) | LIT64( 0x7FFF800000000000 ); ++ return z; ++ ++} ++ ++/*---------------------------------------------------------------------------- ++| Takes two quadruple-precision floating-point values `a' and `b', one of ++| which is a NaN, and returns the appropriate NaN result. If either `a' or ++| `b' is a signaling NaN, the invalid exception is raised. ++*----------------------------------------------------------------------------*/ ++ ++static float128 propagateFloat128NaN( float128 a, float128 b ) ++{ ++ flag aIsNaN, aIsSignalingNaN, bIsNaN, bIsSignalingNaN; ++ ++ aIsNaN = float128_is_nan( a ); ++ aIsSignalingNaN = float128_is_signaling_nan( a ); ++ bIsNaN = float128_is_nan( b ); ++ bIsSignalingNaN = float128_is_signaling_nan( b ); ++ a.high |= LIT64( 0x0000800000000000 ); ++ b.high |= LIT64( 0x0000800000000000 ); ++ if ( aIsSignalingNaN | bIsSignalingNaN ) float_raise( float_flag_invalid ); ++ return bIsSignalingNaN ? b : aIsSignalingNaN ? a : bIsNaN ? b : a; ++ ++} ++ ++#endif ++ +diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat.h b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat.h +new file mode 100644 +index 0000000..5b7cb1c +--- /dev/null ++++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/softfloat.h +@@ -0,0 +1,269 @@ ++/* ++ * This file is derived from softfloat/bits64/386-Win32-GCC/softfloat.h, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/*============================================================================ ++ ++This C header file is part of the SoftFloat IEC/IEEE Floating-point Arithmetic ++Package, Release 2b. ++ ++Written by John R. Hauser. This work was made possible in part by the ++International Computer Science Institute, located at Suite 600, 1947 Center ++Street, Berkeley, California 94704. Funding was partially provided by the ++National Science Foundation under grant MIP-9311980. The original version ++of this code was written as part of a project to build a fixed-point vector ++processor in collaboration with the University of California at Berkeley, ++overseen by Profs. Nelson Morgan and John Wawrzynek. More information ++is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ ++arithmetic/SoftFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has ++been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES ++RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS ++AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, ++COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE ++EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE ++INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR ++OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) the source code for the derivative work includes prominent notice that ++the work is derivative, and (2) the source code includes prominent notice with ++these four paragraphs for those parts of this code that are retained. ++ ++=============================================================================*/ ++ ++/*---------------------------------------------------------------------------- ++| The macro `FLOATX80' must be defined to enable the extended double-precision ++| floating-point format `floatx80'. If this macro is not defined, the ++| `floatx80' type will not be defined, and none of the functions that either ++| input or output the `floatx80' type will be defined. The same applies to ++| the `FLOAT128' macro and the quadruple-precision format `float128'. ++*----------------------------------------------------------------------------*/ ++#define FLOATX80 ++#define FLOAT128 ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE floating-point types. ++*----------------------------------------------------------------------------*/ ++typedef unsigned int float32; ++typedef unsigned long long float64; ++#ifdef FLOATX80 ++typedef struct { ++ unsigned short high; ++ unsigned long long low; ++} floatx80; ++#endif ++#ifdef FLOAT128 ++typedef struct { ++ unsigned long long high, low; ++} float128; ++#endif ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE floating-point underflow tininess-detection mode. ++*----------------------------------------------------------------------------*/ ++extern int float_detect_tininess; ++enum { ++ float_tininess_after_rounding = 0, ++ float_tininess_before_rounding = 1 ++}; ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE floating-point rounding mode. ++*----------------------------------------------------------------------------*/ ++extern int float_rounding_mode; ++enum { ++ float_round_nearest_even = 0, ++ float_round_to_zero = 1, ++ float_round_up = 2, ++ float_round_down = 3 ++}; ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE floating-point exception flags. ++*----------------------------------------------------------------------------*/ ++extern int float_exception_flags; ++enum { ++ float_flag_inexact = 1, ++ float_flag_divbyzero = 2, ++ float_flag_underflow = 4, ++ float_flag_overflow = 8, ++ float_flag_invalid = 16 ++}; ++ ++/*---------------------------------------------------------------------------- ++| Routine to raise any or all of the software IEC/IEEE floating-point ++| exception flags. ++*----------------------------------------------------------------------------*/ ++void float_raise( int ); ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE integer-to-floating-point conversion routines. ++*----------------------------------------------------------------------------*/ ++float32 int32_to_float32( int ); ++float64 int32_to_float64( int ); ++#ifdef FLOATX80 ++floatx80 int32_to_floatx80( int ); ++#endif ++#ifdef FLOAT128 ++float128 int32_to_float128( int ); ++#endif ++float32 int64_to_float32( long long ); ++float64 int64_to_float64( long long ); ++#ifdef FLOATX80 ++floatx80 int64_to_floatx80( long long ); ++#endif ++#ifdef FLOAT128 ++float128 int64_to_float128( long long ); ++#endif ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE single-precision conversion routines. ++*----------------------------------------------------------------------------*/ ++int float32_to_int32( float32 ); ++int float32_to_int32_round_to_zero( float32 ); ++long long float32_to_int64( float32 ); ++long long float32_to_int64_round_to_zero( float32 ); ++float64 float32_to_float64( float32 ); ++#ifdef FLOATX80 ++floatx80 float32_to_floatx80( float32 ); ++#endif ++#ifdef FLOAT128 ++float128 float32_to_float128( float32 ); ++#endif ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE single-precision operations. ++*----------------------------------------------------------------------------*/ ++float32 float32_round_to_int( float32 ); ++float32 float32_add( float32, float32 ); ++float32 float32_sub( float32, float32 ); ++float32 float32_mul( float32, float32 ); ++float32 float32_div( float32, float32 ); ++float32 float32_rem( float32, float32 ); ++float32 float32_sqrt( float32 ); ++int float32_eq( float32, float32 ); ++int float32_le( float32, float32 ); ++int float32_lt( float32, float32 ); ++int float32_eq_signaling( float32, float32 ); ++int float32_le_quiet( float32, float32 ); ++int float32_lt_quiet( float32, float32 ); ++int float32_is_signaling_nan( float32 ); ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE double-precision conversion routines. ++*----------------------------------------------------------------------------*/ ++int float64_to_int32( float64 ); ++int float64_to_int32_round_to_zero( float64 ); ++long long float64_to_int64( float64 ); ++long long float64_to_int64_round_to_zero( float64 ); ++float32 float64_to_float32( float64 ); ++#ifdef FLOATX80 ++floatx80 float64_to_floatx80( float64 ); ++#endif ++#ifdef FLOAT128 ++float128 float64_to_float128( float64 ); ++#endif ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE double-precision operations. ++*----------------------------------------------------------------------------*/ ++float64 float64_round_to_int( float64 ); ++float64 float64_add( float64, float64 ); ++float64 float64_sub( float64, float64 ); ++float64 float64_mul( float64, float64 ); ++float64 float64_div( float64, float64 ); ++float64 float64_rem( float64, float64 ); ++float64 float64_sqrt( float64 ); ++int float64_eq( float64, float64 ); ++int float64_le( float64, float64 ); ++int float64_lt( float64, float64 ); ++int float64_eq_signaling( float64, float64 ); ++int float64_le_quiet( float64, float64 ); ++int float64_lt_quiet( float64, float64 ); ++int float64_is_signaling_nan( float64 ); ++ ++#ifdef FLOATX80 ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE extended double-precision conversion routines. ++*----------------------------------------------------------------------------*/ ++int floatx80_to_int32( floatx80 ); ++int floatx80_to_int32_round_to_zero( floatx80 ); ++long long floatx80_to_int64( floatx80 ); ++long long floatx80_to_int64_round_to_zero( floatx80 ); ++float32 floatx80_to_float32( floatx80 ); ++float64 floatx80_to_float64( floatx80 ); ++#ifdef FLOAT128 ++float128 floatx80_to_float128( floatx80 ); ++#endif ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE extended double-precision rounding precision. Valid ++| values are 32, 64, and 80. ++*----------------------------------------------------------------------------*/ ++extern int floatx80_rounding_precision; ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE extended double-precision operations. ++*----------------------------------------------------------------------------*/ ++floatx80 floatx80_round_to_int( floatx80 ); ++floatx80 floatx80_add( floatx80, floatx80 ); ++floatx80 floatx80_sub( floatx80, floatx80 ); ++floatx80 floatx80_mul( floatx80, floatx80 ); ++floatx80 floatx80_div( floatx80, floatx80 ); ++floatx80 floatx80_rem( floatx80, floatx80 ); ++floatx80 floatx80_sqrt( floatx80 ); ++int floatx80_eq( floatx80, floatx80 ); ++int floatx80_le( floatx80, floatx80 ); ++int floatx80_lt( floatx80, floatx80 ); ++int floatx80_eq_signaling( floatx80, floatx80 ); ++int floatx80_le_quiet( floatx80, floatx80 ); ++int floatx80_lt_quiet( floatx80, floatx80 ); ++int floatx80_is_signaling_nan( floatx80 ); ++ ++#endif ++ ++#ifdef FLOAT128 ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE quadruple-precision conversion routines. ++*----------------------------------------------------------------------------*/ ++int float128_to_int32( float128 ); ++int float128_to_int32_round_to_zero( float128 ); ++long long float128_to_int64( float128 ); ++long long float128_to_int64_round_to_zero( float128 ); ++float32 float128_to_float32( float128 ); ++float64 float128_to_float64( float128 ); ++#ifdef FLOATX80 ++floatx80 float128_to_floatx80( float128 ); ++#endif ++ ++/*---------------------------------------------------------------------------- ++| Software IEC/IEEE quadruple-precision operations. ++*----------------------------------------------------------------------------*/ ++float128 float128_round_to_int( float128 ); ++float128 float128_add( float128, float128 ); ++float128 float128_sub( float128, float128 ); ++float128 float128_mul( float128, float128 ); ++float128 float128_div( float128, float128 ); ++float128 float128_rem( float128, float128 ); ++float128 float128_sqrt( float128 ); ++int float128_eq( float128, float128 ); ++int float128_le( float128, float128 ); ++int float128_lt( float128, float128 ); ++int float128_eq_signaling( float128, float128 ); ++int float128_le_quiet( float128, float128 ); ++int float128_lt_quiet( float128, float128 ); ++int float128_is_signaling_nan( float128 ); ++ ++#endif ++ +-- +1.5.4 + diff --git a/recipes-extended/testfloat/files/TestFloat-powerpc-E500v2-SPE-1.patch b/recipes-extended/testfloat/files/TestFloat-powerpc-E500v2-SPE-1.patch new file mode 100644 index 00000000..c34421cf --- /dev/null +++ b/recipes-extended/testfloat/files/TestFloat-powerpc-E500v2-SPE-1.patch @@ -0,0 +1,1644 @@ +This patch adds PowerPC E500v2 SPE support in TestFloat. +And it disables the testing for hardware that can not trigger SPE interrupt. + +Signed-off-by: Ebony Zhu +Signed-off-by: Liu Yu +--- + processors/POWERPC-gcc.h | 99 +++++ + testfloat/powerpc-linux-gcc/Makefile | 83 +++++ + testfloat/powerpc-linux-gcc/milieu.h | 71 ++++ + testfloat/powerpc-linux-gcc/systflags.c | 107 ++++++ + testfloat/powerpc-linux-gcc/systfloat.c | 595 +++++++++++++++++++++++++++++++ + testfloat/powerpc-linux-gcc/systmodes.c | 67 ++++ + testfloat/templates/Makefile | 18 +- + testfloat/templates/milieu.h | 2 +- + testfloat/testFunction.h | 2 +- + testfloat/testLoops.c | 216 +++++++++++ + 10 files changed, 1252 insertions(+), 8 deletions(-) + create mode 100644 processors/POWERPC-gcc.h + create mode 100644 testfloat/powerpc-linux-gcc/Makefile + create mode 100644 testfloat/powerpc-linux-gcc/milieu.h + create mode 100644 testfloat/powerpc-linux-gcc/systflags.c + create mode 100644 testfloat/powerpc-linux-gcc/systfloat.c + create mode 100644 testfloat/powerpc-linux-gcc/systmodes.c + +diff --git a/processors/POWERPC-gcc.h b/processors/POWERPC-gcc.h +new file mode 100644 +index 0000000..4201faa +--- /dev/null ++++ b/processors/POWERPC-gcc.h +@@ -0,0 +1,99 @@ ++/* ++ * This file is derived from processors/i386-GCC.h, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ * ++ * THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has ++ * been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES ++ * RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS ++ * AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, ++ * COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE ++ * EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE ++ * INSTITUTE (possibly via similar legal warning) AGAINST ALL LOSSES, COSTS, OR ++ * OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. ++ */ ++ ++/* ++------------------------------------------------------------------------------- ++One of the macros `BIGENDIAN' or `LITTLEENDIAN' must be defined. ++------------------------------------------------------------------------------- ++*/ ++#define BIGENDIAN ++ ++/* ++------------------------------------------------------------------------------- ++The macro `BITS64' can be defined to indicate that 64-bit integer types are ++supported by the compiler. ++------------------------------------------------------------------------------- ++*/ ++#undef BITS64 ++ ++/* ++------------------------------------------------------------------------------- ++Each of the following `typedef's defines the most convenient type that holds ++integers of at least as many bits as specified. For example, `uint8' should ++be the most convenient type that can hold unsigned integers of as many as ++8 bits. The `flag' type must be able to hold either a 0 or 1. For most ++implementations of C, `flag', `uint8', and `int8' should all be `typedef'ed ++to the same as `int'. ++------------------------------------------------------------------------------- ++*/ ++typedef int flag; ++typedef int uint8; ++typedef int int8; ++typedef int uint16; ++typedef int int16; ++typedef unsigned int uint32; ++typedef signed int int32; ++#ifdef BITS64 ++typedef unsigned long long int uint64; ++typedef signed long long int int64; ++#endif ++ ++/* ++------------------------------------------------------------------------------- ++Each of the following `typedef's defines a type that holds integers ++of _exactly_ the number of bits specified. For instance, for most ++implementation of C, `bits16' and `sbits16' should be `typedef'ed to ++`unsigned short int' and `signed short int' (or `short int'), respectively. ++------------------------------------------------------------------------------- ++*/ ++typedef unsigned char bits8; ++typedef signed char sbits8; ++typedef unsigned short int bits16; ++typedef signed short int sbits16; ++typedef unsigned int bits32; ++typedef signed int sbits32; ++#ifdef BITS64 ++typedef unsigned long long int bits64; ++typedef signed long long int sbits64; ++#endif ++ ++#ifdef BITS64 ++/* ++------------------------------------------------------------------------------- ++The `LIT64' macro takes as its argument a textual integer literal and ++if necessary ``marks'' the literal as having a 64-bit integer type. ++For example, the GNU C Compiler (`gcc') requires that 64-bit literals be ++appended with the letters `LL' standing for `long long', which is `gcc's ++name for the 64-bit integer type. Some compilers may allow `LIT64' to be ++defined as the identity macro: `#define LIT64( a ) a'. ++------------------------------------------------------------------------------- ++*/ ++#define LIT64( a ) a##LL ++#endif ++ ++/* ++------------------------------------------------------------------------------- ++The macro `INLINE' can be used before functions that should be inlined. If ++a compiler does not support explicit inlining, this macro should be defined ++to be `static'. ++------------------------------------------------------------------------------- ++*/ ++#define INLINE extern inline ++ +diff --git a/testfloat/powerpc-linux-gcc/Makefile b/testfloat/powerpc-linux-gcc/Makefile +new file mode 100644 +index 0000000..de50aad +--- /dev/null ++++ b/testfloat/powerpc-linux-gcc/Makefile +@@ -0,0 +1,83 @@ ++ ++PROCESSOR_H = ../../processors/POWERPC-gcc.h ++SOFTFLOAT_VERSION = bits32 ++TARGET = powerpc-GCC ++SOFTFLOAT_DIR = ../../SoftFloat-2b/softfloat/$(SOFTFLOAT_VERSION)/$(TARGET) ++ ++OBJ = .o ++EXE = ++INCLUDES = -I. -I.. -I$(SOFTFLOAT_DIR) ++ ++COMPILE_C = $(COMPILE_PREFIX)gcc -c -o $@ $(INCLUDES) -I- -O $(EXTRA_CFLAGS) ++ ++COMPILE_C_HARD = $(COMPILE_PREFIX)gcc -c -te500v2 -o $@ $(INCLUDES) ++ ++COMPILE_SLOWFLOAT_C = $(COMPILE_PREFIX)gcc -c -o $@ $(INCLUDES) -I- -O ++ ++LINK = $(COMPILE_PREFIX)gcc -lm -o $@ ++ ++SOFTFLOAT_H = $(SOFTFLOAT_DIR)/softfloat.h ++SOFTFLOAT_OBJ = $(SOFTFLOAT_DIR)/softfloat$(OBJ) ++ ++ALL: testsoftfloat$(EXE) testfloat$(EXE) ++ ++systmodes$(OBJ): milieu.h systmodes.c ++ $(COMPILE_C) systmodes.c ++ ++systflags$(OBJ): milieu.h ../systflags.h systflags.c ++ $(COMPILE_C) systflags.c ++ ++systfloat$(OBJ): milieu.h $(SOFTFLOAT_H) ../systfloat.h systfloat.c ++ $(COMPILE_C_HARD) systfloat.c ++ ++#------------------------------------------------------------------------------ ++# Probably O.K. below here. ++#------------------------------------------------------------------------------ ++ ++milieu.h: $(PROCESSOR_H) ++ touch milieu.h ++ ++fail$(OBJ): milieu.h ../fail.h ++ $(COMPILE_C) ../fail.c ++ ++random$(OBJ): milieu.h ../random.h ++ $(COMPILE_C) ../random.c ++ ++testCases$(OBJ): milieu.h ../fail.h ../random.h $(SOFTFLOAT_H) ../testCases.h ../testCases.c ++ $(COMPILE_C) ../testCases.c ++ ++writeHex$(OBJ): milieu.h $(SOFTFLOAT_H) ../writeHex.h ../writeHex.c ++ $(COMPILE_C) ../writeHex.c ++ ++testLoops$(OBJ): milieu.h $(SOFTFLOAT_H) ../testCases.h ../writeHex.h ../testLoops.h ../testLoops.c ++ $(COMPILE_C) ../testLoops.c ++ ++slowfloat$(OBJ): milieu.h $(SOFTFLOAT_H) ../slowfloat.h ../slowfloat-32.c ../slowfloat-64.c ../slowfloat.c ++ $(COMPILE_SLOWFLOAT_C) ../slowfloat.c ++ ++testsoftfloat$(OBJ): milieu.h ../fail.h $(SOFTFLOAT_H) ../testCases.h ../testLoops.h ../slowfloat.h ../testsoftfloat.c ++ $(COMPILE_C) ../testsoftfloat.c ++ ++testsoftfloat$(EXE): fail$(OBJ) random$(OBJ) $(SOFTFLOAT_OBJ) testCases$(OBJ) writeHex$(OBJ) testLoops$(OBJ) slowfloat$(OBJ) testsoftfloat$(OBJ) systflags$(OBJ) systmodes$(OBJ) ++ $(LINK) fail$(OBJ) random$(OBJ) $(SOFTFLOAT_OBJ) testCases$(OBJ) writeHex$(OBJ) testLoops$(OBJ) slowfloat$(OBJ) testsoftfloat$(OBJ) systflags$(OBJ) systmodes$(OBJ) ++ ++testFunction$(OBJ): milieu.h $(SOFTFLOAT_H) ../testCases.h ../testLoops.h ../systmodes.h ../systflags.h ../systfloat.h ../testFunction.h ../testFunction.c ++ $(COMPILE_C) ../testFunction.c ++ ++testfloat$(OBJ): milieu.h ../fail.h $(SOFTFLOAT_H) ../testCases.h ../testLoops.h ../systflags.h ../testFunction.h ../testfloat.c ++ $(COMPILE_C) ../testfloat.c ++ ++testfloat$(EXE): fail$(OBJ) random$(OBJ) $(SOFTFLOAT_OBJ) testCases$(OBJ) writeHex$(OBJ) testLoops$(OBJ) systmodes$(OBJ) systflags$(OBJ) systfloat$(OBJ) testFunction$(OBJ) testfloat$(OBJ) ++ $(LINK) fail$(OBJ) random$(OBJ) $(SOFTFLOAT_OBJ) testCases$(OBJ) writeHex$(OBJ) testLoops$(OBJ) systmodes$(OBJ) systflags$(OBJ) systfloat$(OBJ) testFunction$(OBJ) testfloat$(OBJ) ++ ++$(SOFTFLOAT_OBJ): ++ make -C $(SOFTFLOAT_DIR) ++ ++cp: ALL ++ cp testsoftfloat$(EXE) ../../test_softfloat$(EXE) ++ cp testfloat$(EXE) ../../test_float$(EXE) ++ ++clean: ++ make -C $(SOFTFLOAT_DIR) clean ++ rm -f *.o testfloat$(EXE) testsoftfloat$(EXE) ++ rm -f ../../test_softfloat$(EXE) ../../test_float$(EXE) +diff --git a/testfloat/powerpc-linux-gcc/milieu.h b/testfloat/powerpc-linux-gcc/milieu.h +new file mode 100644 +index 0000000..29d2b18 +--- /dev/null ++++ b/testfloat/powerpc-linux-gcc/milieu.h +@@ -0,0 +1,71 @@ ++/* ++ * This file is derived from testfloat/386-Win32-gcc/milieu.h, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/* ++=============================================================================== ++ ++This C header file is part of TestFloat, Release 2a, a package of programs ++for testing the correctness of floating-point arithmetic complying to the ++IEC/IEEE Standard for Floating-Point. ++ ++Written by John R. Hauser. More information is available through the Web ++page `http://HTTP.CS.Berkeley.EDU/~jhauser/arithmetic/TestFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort ++has been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT ++TIMES RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO ++PERSONS AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ANY ++AND ALL LOSSES, COSTS, OR OTHER PROBLEMS ARISING FROM ITS USE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) they include prominent notice that the work is derivative, and (2) they ++include prominent notice akin to these four paragraphs for those parts of ++this code that are retained. ++ ++=============================================================================== ++*/ ++ ++/* ++------------------------------------------------------------------------------- ++Include common integer types and flags. ++------------------------------------------------------------------------------- ++*/ ++#include "../../processors/POWERPC-gcc.h" ++/* ++------------------------------------------------------------------------------- ++If the `BITS64' macro is defined by the processor header file but the ++version of SoftFloat being used/tested is the 32-bit one (`bits32'), the ++`BITS64' macro must be undefined here. ++------------------------------------------------------------------------------- ++*/ ++ ++#undef BITS64 ++/* ++------------------------------------------------------------------------------- ++The macro `LONG_DOUBLE_IS_FLOATX80' can be defined to indicate that the ++C compiler supports the type `long double' as an extended double-precision ++format. Alternatively, the macro `LONG_DOUBLE_IS_FLOAT128' can be defined ++to indicate that `long double' is a quadruple-precision format. If neither ++of these macros is defined, `long double' will be ignored. ++------------------------------------------------------------------------------- ++#define LONG_DOUBLE_IS_FLOATX80 ++*/ ++ ++/* ++------------------------------------------------------------------------------- ++Symbolic Boolean literals. ++------------------------------------------------------------------------------- ++*/ ++enum { ++ FALSE = 0, ++ TRUE = 1 ++}; ++ +diff --git a/testfloat/powerpc-linux-gcc/systflags.c b/testfloat/powerpc-linux-gcc/systflags.c +new file mode 100644 +index 0000000..c382442 +--- /dev/null ++++ b/testfloat/powerpc-linux-gcc/systflags.c +@@ -0,0 +1,107 @@ ++/* ++ * This file is derived from testfloat/386-Win32-gcc/systflags.c, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/* ++=============================================================================== ++ ++This C source file is part of TestFloat, Release 2a, a package of programs ++for testing the correctness of floating-point arithmetic complying to the ++IEC/IEEE Standard for Floating-Point. ++ ++Written by John R. Hauser. More information is available through the Web ++page `http://HTTP.CS.Berkeley.EDU/~jhauser/arithmetic/TestFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort ++has been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT ++TIMES RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO ++PERSONS AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ANY ++AND ALL LOSSES, COSTS, OR OTHER PROBLEMS ARISING FROM ITS USE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) they include prominent notice that the work is derivative, and (2) they ++include prominent notice akin to these four paragraphs for those parts of ++this code that are retained. ++ ++=============================================================================== ++*/ ++ ++#include "milieu.h" ++#include "systflags.h" ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef __SPE__ ++ ++#include ++ ++ ++#define SPE_FINV_ENABLE (1UL << 5) ++#define SPE_FDBZ_ENABLE (1UL << 4) ++#define SPE_FUNF_ENABLE (1UL << 3) ++#define SPE_FOVF_ENABLE (1UL << 2) ++ ++#define SPE_FG (1UL << 13) ++#define SPE_FX (1UL << 12) ++#define SPE_FINV (1UL << 11) ++#define SPE_FDBZ (1UL << 10) ++#define SPE_FUNF (1UL << 9) ++#define SPE_FOVF (1UL << 8) ++ ++#define SPE_FG_H (1UL << 29) ++#define SPE_FX_H (1UL << 28) ++#define SPE_FINV_H (1UL << 27) ++#define SPE_FDBZ_H (1UL << 26) ++#define SPE_FUNF_H (1UL << 25) ++#define SPE_FOVF_H (1UL << 24) ++ ++static int is_soft_emu = 0; ++ ++#endif ++/* ++------------------------------------------------------------------------------- ++Clears the system's IEC/IEEE floating-point exception flags. Returns the ++previous value of the flags. ++------------------------------------------------------------------------------- ++*/ ++extern int rounding; ++unsigned int spefscr = 0; ++ ++int8 syst_float_flags_clear( void ) ++{ ++#ifdef TEST_KERNEL_EMU ++ if( (spefscr & (SPE_FINV | SPE_FINV_H)) ++ || (spefscr & (SPE_FDBZ | SPE_FDBZ_H)) ++ || (spefscr & (SPE_FUNF | SPE_FUNF_H)) ++ || (spefscr & (SPE_FOVF | SPE_FOVF_H)) ++ || (spefscr & (SPE_FX | SPE_FG | SPE_FX_H | SPE_FG_H))){ ++ is_soft_emu = 1; ++ } else { ++ is_soft_emu = 0; ++ } ++#endif ++ __builtin_spe_mtspefscr(0x3c|(rounding & 0x3)); ++ ++ return ((spefscr>>17) & 0x1f); ++} ++ ++int syst_float_is_soft_emu(void) ++{ ++ int ret = 0; ++#ifdef TEST_KERNEL_EMU ++ ret = is_soft_emu; ++#endif ++ return ret; ++} ++ ++ +diff --git a/testfloat/powerpc-linux-gcc/systfloat.c b/testfloat/powerpc-linux-gcc/systfloat.c +new file mode 100644 +index 0000000..8d06f9f +--- /dev/null ++++ b/testfloat/powerpc-linux-gcc/systfloat.c +@@ -0,0 +1,595 @@ ++/* ++ * This file is derived from testfloat/systfloat.c, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/* ++=============================================================================== ++ ++This C source file is part of TestFloat, Release 2a, a package of programs ++for testing the correctness of floating-point arithmetic complying to the ++IEC/IEEE Standard for Floating-Point. ++ ++Written by John R. Hauser. More information is available through the Web ++page `http://HTTP.CS.Berkeley.EDU/~jhauser/arithmetic/TestFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort ++has been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT ++TIMES RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO ++PERSONS AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ANY ++AND ALL LOSSES, COSTS, OR OTHER PROBLEMS ARISING FROM ITS USE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) they include prominent notice that the work is derivative, and (2) they ++include prominent notice akin to these four paragraphs for those parts of ++this code that are retained. ++ ++=============================================================================== ++*/ ++ ++#include ++#include "milieu.h" ++#include "softfloat.h" ++#include "systfloat.h" ++ ++extern unsigned int spefscr; ++ ++float32 syst_int32_to_float32( int32 a ) ++{ ++ float32 z; ++ ++ *( (float *) &z ) = a; ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++float64 syst_int32_to_float64( int32 a ) ++{ ++ float64 z; ++ ++ *( (double *) &z ) = a; ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) ++ ++floatx80 syst_int32_to_floatx80( int32 a ) ++{ ++ floatx80 z; ++ ++ *( (long double *) &z ) = a; ++ return z; ++ ++} ++ ++#endif ++ ++#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) ++ ++float128 syst_int32_to_float128( int32 a ) ++{ ++ float128 z; ++ ++ *( (long double *) &z ) = a; ++ return z; ++ ++} ++ ++#endif ++ ++#ifdef BITS64 ++ ++float32 syst_int64_to_float32( int64 a ) ++{ ++ float32 z; ++ ++ *( (float *) &z ) = a; ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++float64 syst_int64_to_float64( int64 a ) ++{ ++ float64 z; ++ ++ *( (double *) &z ) = a; ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) ++ ++floatx80 syst_int64_to_floatx80( int64 a ) ++{ ++ floatx80 z; ++ ++ *( (long double *) &z ) = a; ++ return z; ++ ++} ++ ++#endif ++ ++#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) ++ ++float128 syst_int64_to_float128( int64 a ) ++{ ++ float128 z; ++ ++ *( (long double *) &z ) = a; ++ return z; ++ ++} ++ ++#endif ++ ++#endif ++ ++int32 syst_float32_to_int32_round_to_zero( float32 a ) ++{ ++ int32 z = *( (float *) &a ); ++ spefscr = __builtin_spe_mfspefscr(); ++ ++ return z; ++ ++} ++ ++#ifdef BITS64 ++ ++int64 syst_float32_to_int64_round_to_zero( float32 a ) ++{ ++ int64 z = *( (float *) &a ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++#endif ++ ++float64 syst_float32_to_float64( float32 a ) ++{ ++ float64 z; ++ ++ *( (double *) &z ) = *( (float *) &a ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) ++ ++floatx80 syst_float32_to_floatx80( float32 a ) ++{ ++ floatx80 z; ++ ++ *( (long double *) &z ) = *( (float *) &a ); ++ return z; ++ ++} ++ ++#endif ++ ++#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) ++ ++float128 syst_float32_to_float128( float32 a ) ++{ ++ float128 z; ++ ++ *( (long double *) &z ) = *( (float *) &a ); ++ return z; ++ ++} ++ ++#endif ++ ++float32 syst_float32_add( float32 a, float32 b ) ++{ ++ float32 z; ++ ++ *( (float *) &z ) = *( (float *) &a ) + *( (float *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++float32 syst_float32_sub( float32 a, float32 b ) ++{ ++ float32 z; ++ ++ *( (float *) &z ) = *( (float *) &a ) - *( (float *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++float32 syst_float32_mul( float32 a, float32 b ) ++{ ++ float32 z; ++ ++ *( (float *) &z ) = *( (float *) &a ) * *( (float *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++float32 syst_float32_div( float32 a, float32 b ) ++{ ++ float32 z; ++ ++ *( (float *) &z ) = *( (float *) &a ) / *( (float *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++flag syst_float32_eq( float32 a, float32 b ) ++{ ++ flag f = ( *( (float *) &a ) == *( (float *) &b ) ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return f; ++ ++} ++ ++flag syst_float32_le( float32 a, float32 b ) ++{ ++ flag f = ( *( (float *) &a ) <= *( (float *) &b ) ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return f; ++ ++} ++ ++flag syst_float32_lt( float32 a, float32 b ) ++{ ++ flag f = ( *( (float *) &a ) < *( (float *) &b ) ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return f; ++ ++} ++ ++int32 syst_float64_to_int32_round_to_zero( float64 a ) ++{ ++ int32 z = *( (double *) &a ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++#ifdef BITS64 ++ ++int64 syst_float64_to_int64_round_to_zero( float64 a ) ++{ ++ int64 z = *( (double *) &a ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++#endif ++ ++float32 syst_float64_to_float32( float64 a ) ++{ ++ float32 z; ++ ++ *( (float *) &z ) = *( (double *) &a ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) ++ ++floatx80 syst_float64_to_floatx80( float64 a ) ++{ ++ floatx80 z; ++ ++ *( (long double *) &z ) = *( (double *) &a ); ++ return z; ++ ++} ++ ++#endif ++ ++#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) ++ ++float128 syst_float64_to_float128( float64 a ) ++{ ++ float128 z; ++ ++ *( (long double *) &z ) = *( (double *) &a ); ++ return z; ++ ++} ++ ++#endif ++ ++float64 syst_float64_add( float64 a, float64 b ) ++{ ++ float64 z; ++ ++ *( (double *) &z ) = *( (double *) &a ) + *( (double *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++float64 syst_float64_sub( float64 a, float64 b ) ++{ ++ float64 z; ++ ++ *( (double *) &z ) = *( (double *) &a ) - *( (double *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++float64 syst_float64_mul( float64 a, float64 b ) ++{ ++ float64 z; ++ ++ *( (double *) &z ) = *( (double *) &a ) * *( (double *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++float64 syst_float64_div( float64 a, float64 b ) ++{ ++ float64 z; ++ ++ *( (double *) &z ) = *( (double *) &a ) / *( (double *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++float64 syst_float64_sqrt( float64 a ) ++{ ++ /* Ebony ++ float64 z; ++ ++ *( (double *) &z ) = sqrt( *( (double *) &a ) ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ */ ++ ++} ++ ++flag syst_float64_eq( float64 a, float64 b ) ++{ ++ flag f = ( *( (double *) &a ) == *( (double *) &b ) ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return f; ++ ++} ++ ++flag syst_float64_le( float64 a, float64 b ) ++{ ++ flag f = ( *( (double *) &a ) <= *( (double *) &b ) ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return f; ++ ++} ++ ++flag syst_float64_lt( float64 a, float64 b ) ++{ ++ flag f = ( *( (double *) &a ) < *( (double *) &b ) ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return f; ++ ++} ++ ++#if defined( FLOATX80 ) && defined( LONG_DOUBLE_IS_FLOATX80 ) ++ ++int32 syst_floatx80_to_int32_round_to_zero( floatx80 a ) ++{ ++ ++ return *( (long double *) &a ); ++ ++} ++ ++#ifdef BITS64 ++ ++int64 syst_floatx80_to_int64_round_to_zero( floatx80 a ) ++{ ++ ++ return *( (long double *) &a ); ++ ++} ++ ++#endif ++ ++float32 syst_floatx80_to_float32( floatx80 a ) ++{ ++ float32 z; ++ ++ *( (float *) &z ) = *( (long double *) &a ); ++ return z; ++ ++} ++ ++float64 syst_floatx80_to_float64( floatx80 a ) ++{ ++ float64 z; ++ ++ *( (double *) &z ) = *( (long double *) &a ); ++ return z; ++ ++} ++ ++floatx80 syst_floatx80_add( floatx80 a, floatx80 b ) ++{ ++ floatx80 z; ++ ++ *( (long double *) &z ) = ++ *( (long double *) &a ) + *( (long double *) &b ); ++ return z; ++ ++} ++ ++floatx80 syst_floatx80_sub( floatx80 a, floatx80 b ) ++{ ++ floatx80 z; ++ ++ *( (long double *) &z ) = ++ *( (long double *) &a ) - *( (long double *) &b ); ++ return z; ++ ++} ++ ++floatx80 syst_floatx80_mul( floatx80 a, floatx80 b ) ++{ ++ floatx80 z; ++ ++ *( (long double *) &z ) = ++ *( (long double *) &a ) * *( (long double *) &b ); ++ return z; ++ ++} ++ ++floatx80 syst_floatx80_div( floatx80 a, floatx80 b ) ++{ ++ floatx80 z; ++ ++ *( (long double *) &z ) = ++ *( (long double *) &a ) / *( (long double *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++flag syst_floatx80_eq( floatx80 a, floatx80 b ) ++{ ++ ++ return ( *( (long double *) &a ) == *( (long double *) &b ) ); ++ ++} ++ ++flag syst_floatx80_le( floatx80 a, floatx80 b ) ++{ ++ ++ return ( *( (long double *) &a ) <= *( (long double *) &b ) ); ++ ++} ++ ++flag syst_floatx80_lt( floatx80 a, floatx80 b ) ++{ ++ ++ return ( *( (long double *) &a ) < *( (long double *) &b ) ); ++ ++} ++ ++#endif ++ ++#if defined( FLOAT128 ) && defined( LONG_DOUBLE_IS_FLOAT128 ) ++ ++int32 syst_float128_to_int32_round_to_zero( float128 a ) ++{ ++ ++ return *( (long double *) &a ); ++ ++} ++ ++#ifdef BITS64 ++ ++int64 syst_float128_to_int64_round_to_zero( float128 a ) ++{ ++ ++ return *( (long double *) &a ); ++ ++} ++ ++#endif ++ ++float32 syst_float128_to_float32( float128 a ) ++{ ++ float32 z; ++ ++ *( (float *) &z ) = *( (long double *) &a ); ++ return z; ++ ++} ++ ++float64 syst_float128_to_float64( float128 a ) ++{ ++ float64 z; ++ ++ *( (double *) &z ) = *( (long double *) &a ); ++ return z; ++ ++} ++ ++float128 syst_float128_add( float128 a, float128 b ) ++{ ++ float128 z; ++ ++ *( (long double *) &z ) = ++ *( (long double *) &a ) + *( (long double *) &b ); ++ return z; ++ ++} ++ ++float128 syst_float128_sub( float128 a, float128 b ) ++{ ++ float128 z; ++ ++ *( (long double *) &z ) = ++ *( (long double *) &a ) - *( (long double *) &b ); ++ return z; ++ ++} ++ ++float128 syst_float128_mul( float128 a, float128 b ) ++{ ++ float128 z; ++ ++ *( (long double *) &z ) = ++ *( (long double *) &a ) * *( (long double *) &b ); ++ return z; ++ ++} ++ ++float128 syst_float128_div( float128 a, float128 b ) ++{ ++ float128 z; ++ ++ *( (long double *) &z ) = ++ *( (long double *) &a ) / *( (long double *) &b ); ++ spefscr = __builtin_spe_mfspefscr(); ++ return z; ++ ++} ++ ++flag syst_float128_eq( float128 a, float128 b ) ++{ ++ ++ return ( *( (long double *) &a ) == *( (long double *) &b ) ); ++ ++} ++ ++flag syst_float128_le( float128 a, float128 b ) ++{ ++ ++ return ( *( (long double *) &a ) <= *( (long double *) &b ) ); ++ ++} ++ ++flag syst_float128_lt( float128 a, float128 b ) ++{ ++ ++ return ( *( (long double *) &a ) < *( (long double *) &b ) ); ++ ++} ++ ++#endif ++ +diff --git a/testfloat/powerpc-linux-gcc/systmodes.c b/testfloat/powerpc-linux-gcc/systmodes.c +new file mode 100644 +index 0000000..143cdea +--- /dev/null ++++ b/testfloat/powerpc-linux-gcc/systmodes.c +@@ -0,0 +1,67 @@ ++/* ++ * This file is derived from testfloat/386-Win32-gcc/systmodes.S, ++ * the copyright for that material belongs to the original owners. ++ * ++ * Additional material and changes where applicable is: ++ * Copyright (C) 2008 Freescale Semiconductor, Inc. All rights reserved. ++ * ++ * Author: Ebony Zhu, ++ * Yu Liu, ++ */ ++ ++/* ++=============================================================================== ++ ++This C source file is part of TestFloat, Release 2a, a package of programs ++for testing the correctness of floating-point arithmetic complying to the ++IEC/IEEE Standard for Floating-Point. ++ ++Written by John R. Hauser. More information is available through the Web ++page `http://HTTP.CS.Berkeley.EDU/~jhauser/arithmetic/TestFloat.html'. ++ ++THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort ++has been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT ++TIMES RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO ++PERSONS AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ANY ++AND ALL LOSSES, COSTS, OR OTHER PROBLEMS ARISING FROM ITS USE. ++ ++Derivative works are acceptable, even for commercial purposes, so long as ++(1) they include prominent notice that the work is derivative, and (2) they ++include prominent notice akin to these four paragraphs for those parts of ++this code that are retained. ++ ++=============================================================================== ++*/ ++ ++#include ++#include "milieu.h" ++#include "systmodes.h" ++/* ++------------------------------------------------------------------------------- ++Sets the system's IEC/IEEE floating-point rounding mode. Also disables all ++system exception traps. ++------------------------------------------------------------------------------- ++*/ ++int rounding; ++ ++void syst_float_set_rounding_mode( int8 roundingMode ) ++{ ++ (void) fesetround ( roundingMode ); ++ rounding = roundingMode; ++} ++ ++/* ++------------------------------------------------------------------------------- ++Sets the rounding precision of subsequent extended double-precision ++operations. The `precision' argument should be one of 0, 32, 64, or 80. ++If `precision' is 32, the rounding precision is set equivalent to single ++precision; else if `precision' is 64, the rounding precision is set ++equivalent to double precision; else the rounding precision is set to full ++extended double precision. ++------------------------------------------------------------------------------- ++*/ ++void syst_float_set_rounding_precision( int8 precision ) ++{ ++ ++} ++ +diff --git a/testfloat/templates/Makefile b/testfloat/templates/Makefile +index f5f3cde..18cffe0 100644 +--- a/testfloat/templates/Makefile ++++ b/testfloat/templates/Makefile +@@ -1,15 +1,21 @@ + +-PROCESSOR_H = ../../processors/!!!processor.h ++#PROCESSOR_H = ../../processors/!!!processor.h ++PROCESSOR_H = ../../processors/POWERPC-gcc.h + SOFTFLOAT_VERSION = bits64 +-TARGET = !!!target +-SOFTFLOAT_DIR = ../../softfloat/$(SOFTFLOAT_VERSION)/$(TARGET) ++ ++#TARGET = !!!target ++TARGET = powerpc-GCC ++SOFTFLOAT_DIR = ../../../SoftFloat-2b/softfloat/$(SOFTFLOAT_VERSION)/$(TARGET) + + OBJ = .o + EXE = + INCLUDES = -I. -I.. -I$(SOFTFLOAT_DIR) +-COMPILE_C = gcc -c -o $@ $(INCLUDES) -I- -O2 +-COMPILE_SLOWFLOAT_C = gcc -c -o $@ $(INCLUDES) -I- -O3 +-LINK = gcc -o $@ ++#COMPILE_C = gcc -c -o $@ $(INCLUDES) -I- -O2 ++#COMPILE_SLOWFLOAT_C = gcc -c -o $@ $(INCLUDES) -I- -O3 ++#LINK = gcc -o $@ ++COMPILE_C = /opt/mtwk/usr/local/gcc-3_4-e500-glibc-2.3.4-dp/powerpc-linux-gnuspe/bin/powerpc-linux-gnuspe-gcc -c -o $@ $(INCLUDES) -I- -O2 ++COMPILE_SLOWFLOAT_C = /opt/mtwk/usr/local/gcc-3_4-e500-glibc-2.3.4-dp/powerpc-linux-gnuspe/bin/powerpc-linux-gnuspe-gcc -c -o $@ $(INCLUDES) -I- -O3 ++LINK = /opt/mtwk/usr/local/gcc-3_4-e500-glibc-2.3.4-dp/powerpc-linux-gnuspe/bin/powerpc-linux-gnuspe-gcc -o $@ + + SOFTFLOAT_H = $(SOFTFLOAT_DIR)/softfloat.h + SOFTFLOAT_OBJ = $(SOFTFLOAT_DIR)/softfloat$(OBJ) +diff --git a/testfloat/templates/milieu.h b/testfloat/templates/milieu.h +index 56d3ac4..3214ca8 100644 +--- a/testfloat/templates/milieu.h ++++ b/testfloat/templates/milieu.h +@@ -28,7 +28,7 @@ this code that are retained. + Include common integer types and flags. + ------------------------------------------------------------------------------- + */ +-#include "../../processors/!!!processor.h" ++#include "../../processors/SPARC-gcc.h" + + /* + ------------------------------------------------------------------------------- +diff --git a/testfloat/testFunction.h b/testfloat/testFunction.h +index 04bf856..00139a7 100644 +--- a/testfloat/testFunction.h ++++ b/testfloat/testFunction.h +@@ -126,8 +126,8 @@ extern const flag functionExists[ NUM_FUNCTIONS ]; + enum { + ROUND_NEAREST_EVEN = 1, + ROUND_TO_ZERO, +- ROUND_DOWN, + ROUND_UP, ++ ROUND_DOWN, + NUM_ROUNDINGMODES + }; + +diff --git a/testfloat/testLoops.c b/testfloat/testLoops.c +index 8ba92f3..ba05548 100644 +--- a/testfloat/testLoops.c ++++ b/testfloat/testLoops.c +@@ -488,6 +488,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_int32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -539,6 +544,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_int32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -592,6 +602,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_int32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -647,6 +662,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_int32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -702,6 +722,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_int64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -753,6 +778,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_int64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -806,6 +836,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_int64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -861,6 +896,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_int64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -916,6 +956,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -973,6 +1018,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1030,6 +1080,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1087,6 +1142,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1146,6 +1206,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1203,6 +1268,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1260,6 +1330,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float32, testCases_b_float32 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1312,6 +1387,25 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float32, testCases_b_float32 ); + testFlags = testFlagsFunctionPtr(); ++ ++if(testCases_a_float32 == 0x7ffffe && testCases_b_float32 == 0x3f7ffffe) ++{ ++ ++ writeErrorFound( 10000 - count ); ++ writeInputs_ab_float32(); ++ fputs( " ", stdout ); ++ writeOutputs_z_float32( trueZ, trueFlags, testZ, testFlags ); ++ fflush( stdout ); ++ if (! syst_float_is_soft_emu()){ ++ exit(-1); ++ } ++} ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif ++ + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1370,6 +1464,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1427,6 +1526,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1484,6 +1588,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1541,6 +1650,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1600,6 +1714,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1657,6 +1776,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1714,6 +1838,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float64, testCases_b_float64 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1766,6 +1895,13 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float64, testCases_b_float64 ); + testFlags = testFlagsFunctionPtr(); ++ ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif ++ + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1826,6 +1962,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_floatx80 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1883,6 +2024,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_floatx80 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1940,6 +2086,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_floatx80 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -1995,6 +2146,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_floatx80 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2052,6 +2208,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_floatx80 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2109,6 +2270,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_floatx80 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2166,6 +2332,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_floatx80, testCases_b_floatx80 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2218,6 +2389,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_floatx80, testCases_b_floatx80 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2280,6 +2456,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float128 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2337,6 +2518,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float128 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2394,6 +2580,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float128 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2449,6 +2640,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float128 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2506,6 +2702,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float128 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2563,6 +2764,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float128 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2620,6 +2826,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float128, testCases_b_float128 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +@@ -2672,6 +2883,11 @@ void + (void) testFlagsFunctionPtr(); + testZ = testFunction( testCases_a_float128, testCases_b_float128 ); + testFlags = testFlagsFunctionPtr(); ++#ifdef TEST_KERNEL_EMU ++ if (! syst_float_is_soft_emu()){ ++ continue; ++ } ++#endif + --count; + if ( count == 0 ) { + checkEarlyExit(); +-- +1.5.4 + diff --git a/recipes-extended/testfloat/files/Yocto-replace-COMPILE_PREFIX-gcc.patch b/recipes-extended/testfloat/files/Yocto-replace-COMPILE_PREFIX-gcc.patch new file mode 100644 index 00000000..42de56d3 --- /dev/null +++ b/recipes-extended/testfloat/files/Yocto-replace-COMPILE_PREFIX-gcc.patch @@ -0,0 +1,67 @@ +From 6c7567e05c28b8cb6c7dc68c278950a32feb6f64 Mon Sep 17 00:00:00 2001 +From: Ting Liu +Date: Wed, 9 May 2012 02:42:57 -0500 +Subject: [PATCH] Yocto: replace $(COMPILE_PREFIX)gcc with $(CC) and remove -te500v2 flags + +Signed-off-by: Ting Liu +--- + SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile | 4 ++-- + SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile | 4 ++-- + testfloat/powerpc-linux-gcc/Makefile | 8 ++++---- + 3 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile +index 28f1e33..4098048 100644 +--- a/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile ++++ b/SoftFloat-2b/softfloat/bits32/powerpc-GCC/Makefile +@@ -5,8 +5,8 @@ SOFTFLOAT_MACROS = ../softfloat-macros + OBJ = .o + EXE = + INCLUDES = -I. -I.. +-COMPILE_C = $(COMPILE_PREFIX)gcc -msoft-float -c -o $@ $(INCLUDES) -I- -O2 +-LINK = $(COMPILE_PREFIX)gcc -o $@ ++COMPILE_C = $(CC) -msoft-float -c -o $@ $(INCLUDES) -I- -O2 ++LINK = $(CC) -o $@ + + ALL: softfloat$(OBJ) timesoftfloat$(EXE) + +diff --git a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile +index a5e2cc7..c34e16e 100644 +--- a/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile ++++ b/SoftFloat-2b/softfloat/bits64/powerpc-GCC/Makefile +@@ -5,8 +5,8 @@ SOFTFLOAT_MACROS = ../softfloat-macros + OBJ = .o + EXE = + INCLUDES = -I. -I.. +-COMPILE_C = $(COMPILE_PREFIX) -mcpu=8548 -mhard-float -mfloat-gprs=double -o $@ $(INCLUDES) -I- -O2 +-LINK = $(COMPILE_PREFIX) -o $@ ++COMPILE_C = $(CC) -mcpu=8548 -mhard-float -mfloat-gprs=double -o $@ $(INCLUDES) -I- -O2 ++LINK = $(CC) -o $@ + + ALL: softfloat$(OBJ) timesoftfloat$(EXE) + +diff --git a/testfloat/powerpc-linux-gcc/Makefile b/testfloat/powerpc-linux-gcc/Makefile +index de50aad..1a8b5f7 100644 +--- a/testfloat/powerpc-linux-gcc/Makefile ++++ b/testfloat/powerpc-linux-gcc/Makefile +@@ -8,13 +8,13 @@ OBJ = .o + EXE = + INCLUDES = -I. -I.. -I$(SOFTFLOAT_DIR) + +-COMPILE_C = $(COMPILE_PREFIX)gcc -c -o $@ $(INCLUDES) -I- -O $(EXTRA_CFLAGS) ++COMPILE_C = $(CC) -c -o $@ $(INCLUDES) -I- -O $(EXTRA_CFLAGS) + +-COMPILE_C_HARD = $(COMPILE_PREFIX)gcc -c -te500v2 -o $@ $(INCLUDES) ++COMPILE_C_HARD = $(CC) -c -o $@ $(INCLUDES) + +-COMPILE_SLOWFLOAT_C = $(COMPILE_PREFIX)gcc -c -o $@ $(INCLUDES) -I- -O ++COMPILE_SLOWFLOAT_C = $(CC) -c -o $@ $(INCLUDES) -I- -O + +-LINK = $(COMPILE_PREFIX)gcc -lm -o $@ ++LINK = $(CC) -lm -o $@ + + SOFTFLOAT_H = $(SOFTFLOAT_DIR)/softfloat.h + SOFTFLOAT_OBJ = $(SOFTFLOAT_DIR)/softfloat$(OBJ) +-- +1.7.3.4 + diff --git a/recipes-extended/testfloat/testfloat_2a.bb b/recipes-extended/testfloat/testfloat_2a.bb new file mode 100644 index 00000000..800cef3d --- /dev/null +++ b/recipes-extended/testfloat/testfloat_2a.bb @@ -0,0 +1,45 @@ +DESCRIPTION = "A program for testing floating-point implementation" +LICENSE = "TestFloat" + +LIC_FILES_CHKSUM = "file://testfloat/testfloat.txt;beginline=87;endline=95;md5=bdb2e8111838a48015c29bd97f5b6145" + +SRC_URI = " http://www.jhauser.us/arithmetic/TestFloat-2a.tar.Z;name=TestFloat \ + http://www.jhauser.us/arithmetic/SoftFloat-2b.tar.Z;name=SoftFloat \ + " +SRC_URI_append_qoriq-ppc = " file://SoftFloat-powerpc-1.patch \ + file://TestFloat-powerpc-E500v2-SPE-1.patch \ + file://Yocto-replace-COMPILE_PREFIX-gcc.patch \ + " +SRC_URI[TestFloat.md5sum] = "4dc889319ae1e0c5381ec511f784553a" +SRC_URI[TestFloat.sha256sum] = "84d14aa42adefbda2ec9708b42946f7fa59f93689b042684bd027863481f8e4e" +SRC_URI[SoftFloat.md5sum] = "b4a58b5c941f1a2317e4c2500086e3fa" +SRC_URI[SoftFloat.sha256sum] = "89d14b55113a2ba8cbda7011443ba1d298d381c89d939515d56c5f18f2febf81" + +S = "${WORKDIR}/TestFloat-2a" + +do_unpack2(){ + mv ${WORKDIR}/SoftFloat-2b ${S}/SoftFloat-2b + cd ${S} + if [ -n "$(which fromdos)" ];then + find -type f -exec fromdos {} \; + elif [ -n "$(which dos2unix)" ];then + find -type f -exec dos2unix {} \; + else + echo -e "\nERROR: command dos2unix or fromdos not found\n" && return 1 + fi +} +addtask do_unpack2 after do_unpack before do_patch + +do_compile(){ + oe_runmake -C testfloat/powerpc-linux-gcc/ CC="${CC}" EXTRA_CFLAGS="-DTEST_KERNEL_EMU" +} + +do_install(){ + install -d ${D}/${bindir} + install testfloat/powerpc-linux-gcc/testfloat ${D}/${bindir} + install testfloat/powerpc-linux-gcc/testsoftfloat ${D}/${bindir} +} + +COMPATIBLE_HOST_e500v2 = ".*" +COMPATIBLE_HOST ?= "(none)" + diff --git a/recipes-extended/web-sysmon/web-sysmon_git.bb b/recipes-extended/web-sysmon/web-sysmon_git.bb new file mode 100644 index 00000000..84f60d51 --- /dev/null +++ b/recipes-extended/web-sysmon/web-sysmon_git.bb @@ -0,0 +1,23 @@ +DESCRIPTION = "Web System Monitor Files" +SECTION = "web-sysmon" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e" + +SRC_URI = "git://git.freescale.com/ppc/sdk/web-sysmon-dev.git;nobranch=1" +SRCREV = "8d0c6eca1113832fabe917fd0cb25abe2d4d7157" + +inherit update-rc.d + +S = "${WORKDIR}/git" + +RDEPENDS_${PN} = "lighttpd" + +EXTRA_OEMAKE += "D=${D}" +do_install () { + oe_runmake install +} + +FILES_${PN} += "/" + +INITSCRIPT_NAME = "web-sysmon.sh" +INITSCRIPT_PARAMS = "defaults 99 20" diff --git a/recipes-graphics/xorg-driver/xf86-video-fbdev_0.4.2.bb b/recipes-graphics/xorg-driver/xf86-video-fbdev_0.4.2.bb new file mode 100644 index 00000000..038c421d --- /dev/null +++ b/recipes-graphics/xorg-driver/xf86-video-fbdev_0.4.2.bb @@ -0,0 +1,11 @@ +require xorg-driver-video.inc +LIC_FILES_CHKSUM = "file://COPYING;md5=d8cbd99fff773f92e844948f74ef0df8" + +DESCRIPTION = "X.Org X server -- fbdev display driver" +PE = "1" +PR = "${INC_PR}.1" + +DEPENDS += "virtual/xserver" + +SRC_URI[md5sum] = "53a533d9e0c2da50962282526bace074" +SRC_URI[sha256sum] = "93b271b4b41d7e5ca108849a583b9523e96c51813d046282285355b7001f82d5" diff --git a/recipes-graphics/xorg-driver/xorg-driver-common.inc b/recipes-graphics/xorg-driver/xorg-driver-common.inc new file mode 100644 index 00000000..c0f4a15a --- /dev/null +++ b/recipes-graphics/xorg-driver/xorg-driver-common.inc @@ -0,0 +1,40 @@ +DESCRIPTION = "X driver" +HOMEPAGE = "http://www.x.org" +SECTION = "x11/drivers" +LICENSE = "MIT-X" +INC_PR = "r15" + +DEPENDS = "randrproto virtual/xserver-xf86 xproto" + +SRC_URI = "${XORG_MIRROR}/individual/driver/${BPN}-${PV}.tar.bz2" + +S = "${WORKDIR}/${BPN}-${PV}" + +FILES_${PN} += " ${libdir}/xorg/modules" +FILES_${PN}-dbg += "${libdir}/xorg/modules/*/.debug" + +inherit autotools pkgconfig + +TARGET_CPPFLAGS += "-I${STAGING_DIR_HOST}/usr/include/xorg" + +# Another sucky behavor from Xorg configure scripts. +# They use AC_CHECK_FILE to check for DRI headers. Yuck! +# Of course this will blow up when cross compiling. + +do_configure_prepend() { + incdir=${layout_includedir}/xorg + for f in dri.h sarea.h dristruct.h exa.h damage.h xf86Module.h; do + path="$incdir/$f" + if [ -f "${STAGING_DIR_HOST}/$path" ]; then + p=`echo "$path" | sed 'y%*+%pp%;s%[^_[:alnum:]]%_%g'` + eval "export ac_cv_file_$p=yes" + fi + done +} + +# FIXME: We don't want to include the libtool archives (*.la) from modules +# directory, as they serve no useful purpose. Upstream should fix Makefile.am +do_install_append() { + find ${D}${libdir}/xorg/modules -regex ".*\.la$" | xargs rm -f -- +} + diff --git a/recipes-graphics/xorg-driver/xorg-driver-video.inc b/recipes-graphics/xorg-driver/xorg-driver-video.inc new file mode 100644 index 00000000..bce8c9a7 --- /dev/null +++ b/recipes-graphics/xorg-driver/xorg-driver-video.inc @@ -0,0 +1,4 @@ +include xorg-driver-common.inc + +DEPENDS = "randrproto renderproto videoproto xextproto fontsproto xproto" + diff --git a/recipes-graphics/xorg-xserver/xserver-xf86-config/p1022ds/xorg.conf b/recipes-graphics/xorg-xserver/xserver-xf86-config/p1022ds/xorg.conf new file mode 100644 index 00000000..57f284e8 --- /dev/null +++ b/recipes-graphics/xorg-xserver/xserver-xf86-config/p1022ds/xorg.conf @@ -0,0 +1,27 @@ +Section "Screen" + Identifier "Builtin Default fbdev Screen 0" + Device "Builtin Default fbdev Device 0" +EndSection + +Section "ServerLayout" + Identifier "Builtin Default Layout" + Screen "Builtin Default fbdev Screen 0" +EndSection + +Section "ServerFlags" + Option "DontZap" "0" +EndSection + +Section "InputClass" + Identifier "keyboard-all" + Driver "evdev" + MatchIsKeyboard "on" +EndSection + + +Section "InputClass" + Identifier "mouse-all" + Driver "evdev" + MatchIsPointer "on" +EndSection + diff --git a/recipes-kernel/asf/asf_git.bb b/recipes-kernel/asf/asf_git.bb new file mode 100644 index 00000000..6e25ecf5 --- /dev/null +++ b/recipes-kernel/asf/asf_git.bb @@ -0,0 +1,33 @@ +DESCRIPTION = "Non-DPAA software Application Specific Fast-path" +SECTION = "asf" +LICENSE = "GPLv2 & GPLv2+ & BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=b5881ecf398da8a03a3f4c501e29d287" + +SRC_URI = "git://git.freescale.com/ppc/sdk/asf.git;branch=master" +SRCREV = "62ba10ab6bab8f8f53934e4bb55b5a552bf3fd6b" + +inherit module qoriq_build_64bit_kernel + +S = "${WORKDIR}/git/asfmodule" + +EXTRA_OEMAKE = "CROSS_COMPILE=${TARGET_PREFIX}" +export KERNEL_PATH = "${STAGING_KERNEL_DIR}" + +INHIBIT_PACKAGE_STRIP = "1" + +do_configure[depends] += "virtual/kernel:do_shared_workdir" +do_configure_prepend () { + find ${S} -name Makefile -exec \ + sed -i 's,$(KERNEL_PATH)/.config,$(KBUILD_OUTPUT)/.config,' {} \; +} + +do_install(){ + install -d ${D}/${libexecdir} + install -d ${D}/lib/modules/${KERNEL_VERSION}/asf + cp -rf ${S}/bin/full ${D}/lib/modules/${KERNEL_VERSION}/asf + cp -rf ${S}/bin/min ${D}/lib/modules/${KERNEL_VERSION}/asf + cp -rf ${S}/../scripts ${D}/${libexecdir}/ +} + +FILES_${PN} += "${libexecdir} /lib/modules/${KERNEL_VERSION}/asf" +RDEPENDS_${PN} += "ipsec-tools" diff --git a/recipes-kernel/auto-resp/ar_git.bb b/recipes-kernel/auto-resp/ar_git.bb new file mode 100644 index 00000000..52d9f57d --- /dev/null +++ b/recipes-kernel/auto-resp/ar_git.bb @@ -0,0 +1,29 @@ +SUMMARY = "Auto Response Control Module" +LICENSE = "GPLv2 & BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=b5881ecf398da8a03a3f4c501e29d287" + +inherit module + +SRC_URI = "git://git.freescale.com/ppc/sdk/auto-resp.git;branch=sdk-v1.7.x" +SRCREV = "dbede76fb4020a370baa393f7c53af4c0db8f175" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = "CROSS_COMPILE=${TARGET_PREFIX} SYSROOT=${STAGING_DIR_TARGET}" +export KERNEL_PATH + +INHIBIT_PACKAGE_STRIP = "1" + +do_compile_prepend() { + sed -i -e 's,EXTRA_CFLAGS += -I$(PWD),EXTRA_CFLAGS += -I${S},' ${S}/armodule/source/Makefile +} + +do_install(){ + install -d ${D}/lib/modules/${KERNEL_VERSION} + install -d ${D}${bindir} + install -m 644 ${B}/bin/ar.ko ${D}/lib/modules/${KERNEL_VERSION}/ + cp -f ${S}/bin/ar_* ${D}${bindir}/ +} + +FILES_${PN} += "${bindir}/" + diff --git a/recipes-kernel/ceetm/ceetm_git.bb b/recipes-kernel/ceetm/ceetm_git.bb new file mode 100644 index 00000000..beaed31e --- /dev/null +++ b/recipes-kernel/ceetm/ceetm_git.bb @@ -0,0 +1,30 @@ +DESCRIPTION = "CEETM TC QDISC" +LICENSE = "GPLv2 & BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=b5881ecf398da8a03a3f4c501e29d287" + +DEPENDS="virtual/kernel" + +inherit module qoriq_build_64bit_kernel + +SRC_URI = "git://git.freescale.com/ppc/sdk/ceetm.git;nobranch=1" +SRCREV = "ecf55c9ca0cd42a212653e1f99c19cd611e3a008" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = "CROSS_COMPILE=${TARGET_PREFIX} SYSROOT=${STAGING_DIR_TARGET}" +export KERNEL_PATH = "${STAGING_KERNEL_DIR}" + +do_configure[depends] += "virtual/kernel:do_shared_workdir" +do_configure_prepend () { + sed -i 's,$(KERNEL_PATH)/.config,$(KBUILD_OUTPUT)/.config,' ${S}/ceetm_module/Makefile +} + +do_install(){ + mkdir -p ${D}/usr/driver/ceetm + mkdir -p ${D}/${libdir}/tc + cp ${S}/bin/ceetm.ko ${D}/usr/driver/ceetm + cp ${S}/bin/q_ceetm.so ${D}/${libdir}/tc/. +} + +FILES_${PN} += "/usr/driver/ceetm ${libdir}/tc" +INHIBIT_PACKAGE_STRIP = "1" diff --git a/recipes-kernel/cryptodev/cryptodev-linux_1.7.bb b/recipes-kernel/cryptodev/cryptodev-linux_1.7.bb new file mode 100644 index 00000000..92ccd717 --- /dev/null +++ b/recipes-kernel/cryptodev/cryptodev-linux_1.7.bb @@ -0,0 +1,12 @@ +require cryptodev_${PV}.inc + +SUMMARY = "A /dev/crypto device driver header file" + +do_compile[noexec] = "1" + +# Just install cryptodev.h which is the only header file needed to be exported +do_install() { + install -D ${S}/crypto/cryptodev.h ${D}${includedir}/crypto/cryptodev.h +} + +ALLOW_EMPTY_${PN} = "1" diff --git a/recipes-kernel/cryptodev/cryptodev-module_1.7.bb b/recipes-kernel/cryptodev/cryptodev-module_1.7.bb new file mode 100644 index 00000000..e6b1f27c --- /dev/null +++ b/recipes-kernel/cryptodev/cryptodev-module_1.7.bb @@ -0,0 +1,10 @@ +require cryptodev_${PV}.inc + +SUMMARY = "A /dev/crypto device driver kernel module" + +inherit module qoriq_build_64bit_kernel + +# Header file provided by a separate package +DEPENDS += "cryptodev-linux" + +EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"' diff --git a/recipes-kernel/cryptodev/cryptodev-tests_1.7.bb b/recipes-kernel/cryptodev/cryptodev-tests_1.7.bb new file mode 100644 index 00000000..128ccc99 --- /dev/null +++ b/recipes-kernel/cryptodev/cryptodev-tests_1.7.bb @@ -0,0 +1,17 @@ +require cryptodev_${PV}.inc + +SUMMARY = "A test suite for /dev/crypto device driver" +DEPENDS = "openssl" + +EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"' + +do_compile() { + oe_runmake testprogs +} + +do_install() { + oe_runmake install_tests +} + +FILES_${PN}-dbg += "${bindir}/tests_cryptodev/.debug" +FILES_${PN} = "${bindir}/tests_cryptodev/*" diff --git a/recipes-kernel/cryptodev/cryptodev_1.7.inc b/recipes-kernel/cryptodev/cryptodev_1.7.inc new file mode 100644 index 00000000..6b65f729 --- /dev/null +++ b/recipes-kernel/cryptodev/cryptodev_1.7.inc @@ -0,0 +1,47 @@ +HOMEPAGE = "http://cryptodev-linux.org/" + +RCONFLICTS_${PN} = "ocf-linux" +RREPLACES_${PN} = "ocf-linux" + +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" + +SRC_URI = "http://download.gna.org/cryptodev-linux/cryptodev-linux-${PV}.tar.gz" +SRC_URI[md5sum] = "0b63b3481cf2c90386b35f057481d36b" +SRC_URI[sha256sum] = "41880533b53de4d7b3f054e230f576988dafb8eed7bef5ebcf6422bb2e3a3b25" + +# Upstream hotfixes and yocto specific patches +SRC_URI_append = " \ +file://0001-fix-compilation-against-linux-3.19.patch \ +file://0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch \ +file://0003-Disable-installing-header-file-provided-by-another-p.patch \ +file://0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch \ +" +# SDK patches +SRC_URI_append = " file://0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch \ +file://0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch \ +file://0003-PKC-support-added-in-cryptodev-module.patch \ +file://0004-Compat-versions-of-PKC-IOCTLs.patch \ +file://0005-Asynchronous-interface-changes-in-cryptodev.patch \ +file://0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch \ +file://0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch \ +file://0008-Add-RSA-Key-generation-offloading.patch \ +file://0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch \ +file://0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch \ +file://0011-add-support-for-TLSv1.1-record-offload.patch \ +file://0012-add-support-for-TLSv1.2-record-offload.patch \ +file://0013-clean-up-code-layout.patch \ +file://0014-remove-redundant-data-copy-for-pkc-operations.patch \ +file://0015-fix-pkc-request-deallocation.patch \ +file://0016-add-basic-detection-of-asym-features.patch \ +file://0017-remove-dead-code.patch \ +file://0018-fix-compat-warnings.patch \ +file://0019-fix-size_t-print-format.patch \ +file://0020-fix-uninitialized-variable-compiler-warning.patch \ +" + +# NOTE: remove this patch and all traces of DISTRO_FEATURE c29x_pkc +# if pkc-host does not need customized cryptodev patches anymore +SRC_URI_append = "${@base_contains('DISTRO_FEATURES', 'c29x_pkc', ' file://0001-don-t-advertise-RSA-keygen.patch', '', d)}" + +S = "${WORKDIR}/cryptodev-linux-${PV}" diff --git a/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch b/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch new file mode 100644 index 00000000..7d957ec1 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch @@ -0,0 +1,52 @@ +From c653e3a70499c6bb66b57c1788d2d38ca9b8a07e Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Thu, 29 Aug 2013 16:52:30 +0300 +Subject: [PATCH 01/15] add support for composite TLS10(SHA1,AES) algorithm + offload + +This adds support for composite algorithm offload as a primitive +crypto (cipher + hmac) operation. + +It requires kernel support for tls10(hmac(sha1),cbc(aes)) algorithm +provided either in software or accelerated by hardware such as +Freescale B*, P* and T* platforms. + +Change-Id: Ia1c605da3860e91e681295dfc8df7c09eb4006cf +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/17218 +--- + crypto/cryptodev.h | 1 + + ioctl.c | 5 +++++ + 2 files changed, 6 insertions(+) + +diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h +index 7fb9c7d..c0e8cd4 100644 +--- a/crypto/cryptodev.h ++++ b/crypto/cryptodev.h +@@ -50,6 +50,7 @@ enum cryptodev_crypto_op_t { + CRYPTO_SHA2_384, + CRYPTO_SHA2_512, + CRYPTO_SHA2_224_HMAC, ++ CRYPTO_TLS10_AES_CBC_HMAC_SHA1, + CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ + }; + +diff --git a/ioctl.c b/ioctl.c +index b23f5fd..a3f8379 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -159,6 +159,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) + stream = 1; + aead = 1; + break; ++ case CRYPTO_TLS10_AES_CBC_HMAC_SHA1: ++ alg_name = "tls10(hmac(sha1),cbc(aes))"; ++ stream = 0; ++ aead = 1; ++ break; + case CRYPTO_NULL: + alg_name = "ecb(cipher_null)"; + stream = 1; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch b/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch new file mode 100644 index 00000000..10d6c8b5 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch @@ -0,0 +1,33 @@ +From d30c9c64aca4a7905e1b7eb3e28e1c616191bd34 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Tue, 9 Dec 2014 16:41:25 +0200 +Subject: [PATCH] don't advertise RSA keygen + +Disable RSA keygen operations when they are not available. + +Currently no testing can be done and this patch should be applied +selectively on platforms that have incomplete support for RSA operations +(for example pkc driver on C293) + +Change-Id: Ic8df014623410c3cf4b0b217a246efcea8f2eeef +Signed-off-by: Cristian Stoica +--- + ioctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ioctl.c b/ioctl.c +index 53dbf64..27dc66e 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -979,7 +979,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + case CIOCASYMFEAT: + ses = 0; + if (crypto_has_alg("pkc(rsa)", 0, 0)) +- ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_RSA_GENERATE_KEY; ++ ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP ; + if (crypto_has_alg("pkc(dsa)", 0, 0)) + ses |= CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DSA_GENERATE_KEY; + if (crypto_has_alg("pkc(dh)", 0, 0)) +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch b/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch new file mode 100644 index 00000000..ab276d2d --- /dev/null +++ b/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch @@ -0,0 +1,36 @@ +From 5054d20d45571cc85339351fde52f872eeb82206 Mon Sep 17 00:00:00 2001 +From: Phil Sutter +Date: Tue, 10 Feb 2015 04:57:05 +0100 +Subject: [PATCH 1/4] fix compilation against linux-3.19 + +Commit f938612dd97d481b8b5bf960c992ae577f081c17 in linux.git removes +get_unused_fd() macro. This patch changes the calling code to use it's +content 'get_unused_fd_flags(0)' instead. Checking for when +get_unused_fd_flags was introduced shows it's been there since 2.6.23 at +least, so probably no need to make this change conditional on the target +kernel version. + +Original patch by Ricardo Ribalda Delgado for Open Embedded, reported by +Oleg Rakhmanov. + +Signed-off-by: Phil Sutter +--- + ioctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ioctl.c b/ioctl.c +index 5a55a76..b23f5fd 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -546,7 +546,7 @@ static int + clonefd(struct file *filp) + { + int ret; +- ret = get_unused_fd(); ++ ret = get_unused_fd_flags(0); + if (ret >= 0) { + get_file(filp); + fd_install(ret, filp); +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch b/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch new file mode 100644 index 00000000..f5ab8b4f --- /dev/null +++ b/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch @@ -0,0 +1,29 @@ +From 47ff1eb9bb4f872c1d731b93d334ee5865bf3439 Mon Sep 17 00:00:00 2001 +From: Denys Dmytriyenko +Date: Sun, 6 Apr 2014 22:16:30 -0400 +Subject: [PATCH] Fix tests Makefile usage of LDLIBS vs. LDFLAGS + +Libraries must come after objects, as link order matters, especially +when using linker flags like -Wl,--as-needed. + +Signed-off-by: Denys Dmytriyenko + +Upstream-Status: Pending +--- + tests/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/Makefile b/tests/Makefile +index cd202af..67c3c83 100644 +--- a/tests/Makefile ++++ b/tests/Makefile +@@ -39,5 +39,5 @@ testprogs: $(hostprogs) + clean: + rm -f *.o *~ $(hostprogs) + +-${comp_progs}: LDFLAGS += -lssl -lcrypto ++${comp_progs}: LDLIBS += -lssl -lcrypto + ${comp_progs}: %: %.o openssl_wrapper.o +-- +1.9.1 + diff --git a/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch b/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch new file mode 100644 index 00000000..08d92313 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch @@ -0,0 +1,207 @@ +From 71b317347179225693c6d41b740d387ae2c25061 Mon Sep 17 00:00:00 2001 +From: Horia Geanta +Date: Wed, 4 Dec 2013 15:43:41 +0200 +Subject: [PATCH 02/15] add support for COMPAT_CIOCAUTHCRYPT ioctl() + +Upstream-status: Pending + +Needed for 64b kernel with 32b user space. + +Change-Id: I44a999a4164e7ae7122dee6ed0716b2f25cadbc1 +Signed-off-by: Horia Geanta +Tested-by: Cristian Stoica +--- + authenc.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + cryptodev_int.h | 40 +++++++++++++++++++++++++++++ + ioctl.c | 16 ++++++++++++ + 3 files changed, 134 insertions(+) + +diff --git a/authenc.c b/authenc.c +index 1bd7377..ef0d3db 100644 +--- a/authenc.c ++++ b/authenc.c +@@ -272,6 +272,84 @@ static int fill_caop_from_kcaop(struct kernel_crypt_auth_op *kcaop, struct fcryp + return 0; + } + ++/* compatibility code for 32bit userlands */ ++#ifdef CONFIG_COMPAT ++ ++static inline void ++compat_to_crypt_auth_op(struct compat_crypt_auth_op *compat, ++ struct crypt_auth_op *caop) ++{ ++ caop->ses = compat->ses; ++ caop->op = compat->op; ++ caop->flags = compat->flags; ++ caop->len = compat->len; ++ caop->auth_len = compat->auth_len; ++ caop->tag_len = compat->tag_len; ++ caop->iv_len = compat->iv_len; ++ ++ caop->auth_src = compat_ptr(compat->auth_src); ++ caop->src = compat_ptr(compat->src); ++ caop->dst = compat_ptr(compat->dst); ++ caop->tag = compat_ptr(compat->tag); ++ caop->iv = compat_ptr(compat->iv); ++} ++ ++static inline void ++crypt_auth_op_to_compat(struct crypt_auth_op *caop, ++ struct compat_crypt_auth_op *compat) ++{ ++ compat->ses = caop->ses; ++ compat->op = caop->op; ++ compat->flags = caop->flags; ++ compat->len = caop->len; ++ compat->auth_len = caop->auth_len; ++ compat->tag_len = caop->tag_len; ++ compat->iv_len = caop->iv_len; ++ ++ compat->auth_src = ptr_to_compat(caop->auth_src); ++ compat->src = ptr_to_compat(caop->src); ++ compat->dst = ptr_to_compat(caop->dst); ++ compat->tag = ptr_to_compat(caop->tag); ++ compat->iv = ptr_to_compat(caop->iv); ++} ++ ++int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop, ++ struct fcrypt *fcr, void __user *arg) ++{ ++ struct compat_crypt_auth_op compat_caop; ++ ++ if (unlikely(copy_from_user(&compat_caop, arg, sizeof(compat_caop)))) { ++ dprintk(1, KERN_ERR, "Error in copying from userspace\n"); ++ return -EFAULT; ++ } ++ ++ compat_to_crypt_auth_op(&compat_caop, &kcaop->caop); ++ ++ return fill_kcaop_from_caop(kcaop, fcr); ++} ++ ++int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop, ++ struct fcrypt *fcr, void __user *arg) ++{ ++ int ret; ++ struct compat_crypt_auth_op compat_caop; ++ ++ ret = fill_caop_from_kcaop(kcaop, fcr); ++ if (unlikely(ret)) { ++ dprintk(1, KERN_ERR, "fill_caop_from_kcaop\n"); ++ return ret; ++ } ++ ++ crypt_auth_op_to_compat(&kcaop->caop, &compat_caop); ++ ++ if (unlikely(copy_to_user(arg, &compat_caop, sizeof(compat_caop)))) { ++ dprintk(1, KERN_ERR, "Error in copying to userspace\n"); ++ return -EFAULT; ++ } ++ return 0; ++} ++ ++#endif /* CONFIG_COMPAT */ + + int kcaop_from_user(struct kernel_crypt_auth_op *kcaop, + struct fcrypt *fcr, void __user *arg) +diff --git a/cryptodev_int.h b/cryptodev_int.h +index d7660fa..8e687e7 100644 +--- a/cryptodev_int.h ++++ b/cryptodev_int.h +@@ -73,11 +73,42 @@ struct compat_crypt_op { + compat_uptr_t iv;/* initialization vector for encryption operations */ + }; + ++ /* input of CIOCAUTHCRYPT */ ++struct compat_crypt_auth_op { ++ uint32_t ses; /* session identifier */ ++ uint16_t op; /* COP_ENCRYPT or COP_DECRYPT */ ++ uint16_t flags; /* see COP_FLAG_AEAD_* */ ++ uint32_t len; /* length of source data */ ++ uint32_t auth_len; /* length of auth data */ ++ compat_uptr_t auth_src; /* authenticated-only data */ ++ ++ /* The current implementation is more efficient if data are ++ * encrypted in-place (src==dst). */ ++ compat_uptr_t src; /* data to be encrypted and ++ authenticated */ ++ compat_uptr_t dst; /* pointer to output data. Must have ++ * space for tag. For TLS this should be ++ * at least len + tag_size + block_size ++ * for padding */ ++ ++ compat_uptr_t tag; /* where the tag will be copied to. TLS ++ * mode doesn't use that as tag is ++ * copied to dst. ++ * SRTP mode copies tag there. */ ++ uint32_t tag_len; /* the length of the tag. Use zero for ++ * digest size or max tag. */ ++ ++ /* initialization vector for encryption operations */ ++ compat_uptr_t iv; ++ uint32_t iv_len; ++}; ++ + /* compat ioctls, defined for the above structs */ + #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) + #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) + #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) + #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) ++#define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) + + #endif /* CONFIG_COMPAT */ + +@@ -108,6 +139,15 @@ struct kernel_crypt_auth_op { + + /* auth */ + ++#ifdef CONFIG_COMPAT ++int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop, ++ struct fcrypt *fcr, void __user *arg); ++ ++int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop, ++ struct fcrypt *fcr, void __user *arg); ++#endif /* CONFIG_COMPAT */ ++ ++ + int kcaop_from_user(struct kernel_crypt_auth_op *kcop, + struct fcrypt *fcr, void __user *arg); + int kcaop_to_user(struct kernel_crypt_auth_op *kcaop, +diff --git a/ioctl.c b/ioctl.c +index a3f8379..5a44807 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -998,6 +998,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + struct session_op sop; + struct compat_session_op compat_sop; + struct kernel_crypt_op kcop; ++ struct kernel_crypt_auth_op kcaop; + int ret; + + if (unlikely(!pcr)) +@@ -1040,6 +1041,21 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + return ret; + + return compat_kcop_to_user(&kcop, fcr, arg); ++ ++ case COMPAT_CIOCAUTHCRYPT: ++ if (unlikely(ret = compat_kcaop_from_user(&kcaop, fcr, arg))) { ++ dprintk(1, KERN_WARNING, "Error copying from user\n"); ++ return ret; ++ } ++ ++ ret = crypto_auth_run(fcr, &kcaop); ++ if (unlikely(ret)) { ++ dprintk(1, KERN_WARNING, "Error in crypto_auth_run\n"); ++ return ret; ++ } ++ ++ return compat_kcaop_to_user(&kcaop, fcr, arg); ++ + #ifdef ENABLE_ASYNC + case COMPAT_CIOCASYNCCRYPT: + if (unlikely(ret = compat_kcop_from_user(&kcop, fcr, arg))) +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch b/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch new file mode 100644 index 00000000..68c48e0c --- /dev/null +++ b/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch @@ -0,0 +1,28 @@ +From da730106c2558c8e0c8e1b1b1812d32ef9574ab7 Mon Sep 17 00:00:00 2001 +From: Phil Sutter +Date: Sat, 11 Apr 2015 12:45:05 +0200 +Subject: [PATCH 2/4] tests/Makefile: fix arg passing to CC in implicit rule + +GCC docs suggest passing -lfoo after object files referring to functions +in libfoo. Therefore use LDLIBS to specify libraries, which puts them at +the right place when make calls CC implicitly. + +Signed-off-by: Phil Sutter +--- + tests/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/Makefile b/tests/Makefile +index c9f04e8..20c52ba 100644 +--- a/tests/Makefile ++++ b/tests/Makefile +@@ -31,5 +31,5 @@ check: $(hostprogs) + clean: + rm -f *.o *~ $(hostprogs) + +-${comp_progs}: LDFLAGS += -lssl -lcrypto ++${comp_progs}: LDLIBS += -lssl -lcrypto + ${comp_progs}: %: %.o openssl_wrapper.o +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch b/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch new file mode 100644 index 00000000..e384950c --- /dev/null +++ b/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch @@ -0,0 +1,29 @@ +From c618f882c283511dd4f7547113a1117c4785f56f Mon Sep 17 00:00:00 2001 +From: Denys Dmytriyenko +Date: Sun, 6 Apr 2014 19:51:39 -0400 +Subject: [PATCH 3/4] Disable installing header file provided by another + package + +Signed-off-by: Denys Dmytriyenko + +Upstream-Status: Inappropriate [ OE specific ] +--- + Makefile | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/Makefile b/Makefile +index 31c4b3f..855bb54 100644 +--- a/Makefile ++++ b/Makefile +@@ -31,8 +31,6 @@ install: modules_install + + modules_install: + make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install +- @echo "Installing cryptodev.h in $(PREFIX)/usr/include/crypto ..." +- @install -D crypto/cryptodev.h $(PREFIX)/usr/include/crypto/cryptodev.h + + clean: + make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch b/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch new file mode 100644 index 00000000..46f24320 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch @@ -0,0 +1,898 @@ +From fc9ee6ed33c76372de6e3748d2e951fa10f7c47e Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Fri, 7 Mar 2014 06:16:09 +0545 +Subject: [PATCH 03/15] PKC support added in cryptodev module + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + cryptlib.c | 66 +++++++++- + cryptlib.h | 28 ++++ + crypto/cryptodev.h | 15 ++- + cryptodev_int.h | 20 ++- + ioctl.c | 196 +++++++++++++++++++++++++-- + main.c | 378 +++++++++++++++++++++++++++++++++++++++++++++++++++++ + 6 files changed, 685 insertions(+), 18 deletions(-) + +diff --git a/cryptlib.c b/cryptlib.c +index 44ce763..6900028 100644 +--- a/cryptlib.c ++++ b/cryptlib.c +@@ -5,6 +5,8 @@ + * Portions Copyright (c) 2010 Michael Weiser + * Portions Copyright (c) 2010 Phil Sutter + * ++ * Copyright 2012 Freescale Semiconductor, Inc. ++ * + * This file is part of linux cryptodev. + * + * This program is free software; you can redistribute it and/or +@@ -39,11 +41,6 @@ + #include "cryptodev_int.h" + + +-struct cryptodev_result { +- struct completion completion; +- int err; +-}; +- + static void cryptodev_complete(struct crypto_async_request *req, int err) + { + struct cryptodev_result *res = req->data; +@@ -259,7 +256,6 @@ static inline int waitfor(struct cryptodev_result *cr, ssize_t ret) + case 0: + break; + case -EINPROGRESS: +- case -EBUSY: + wait_for_completion(&cr->completion); + /* At this point we known for sure the request has finished, + * because wait_for_completion above was not interruptible. +@@ -439,3 +435,61 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) + return waitfor(hdata->async.result, ret); + } + ++int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) ++{ ++ int ret = 0; ++ struct pkc_request *pkc_req = &pkc->req, *pkc_requested; ++ ++ switch (pkc_req->type) { ++ case RSA_PUB: ++ case RSA_PRIV_FORM1: ++ case RSA_PRIV_FORM2: ++ case RSA_PRIV_FORM3: ++ pkc->s = crypto_alloc_pkc("pkc(rsa)", ++ CRYPTO_ALG_TYPE_PKC_RSA, 0); ++ break; ++ case DSA_SIGN: ++ case DSA_VERIFY: ++ case ECDSA_SIGN: ++ case ECDSA_VERIFY: ++ pkc->s = crypto_alloc_pkc("pkc(dsa)", ++ CRYPTO_ALG_TYPE_PKC_DSA, 0); ++ break; ++ case DH_COMPUTE_KEY: ++ case ECDH_COMPUTE_KEY: ++ pkc->s = crypto_alloc_pkc("pkc(dh)", ++ CRYPTO_ALG_TYPE_PKC_DH, 0); ++ break; ++ default: ++ return -EINVAL; ++ } ++ ++ if (IS_ERR_OR_NULL(pkc->s)) ++ return -EINVAL; ++ ++ init_completion(&pkc->result.completion); ++ pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL); ++ ++ if (unlikely(IS_ERR_OR_NULL(pkc_requested))) { ++ ret = -ENOMEM; ++ goto error; ++ } ++ pkc_requested->type = pkc_req->type; ++ pkc_requested->curve_type = pkc_req->curve_type; ++ memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u)); ++ pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG, ++ cryptodev_complete_asym, pkc); ++ ret = crypto_pkc_op(pkc_requested); ++ if (ret != -EINPROGRESS && ret != 0) ++ goto error2; ++ ++ if (pkc->type == SYNCHRONOUS) ++ ret = waitfor(&pkc->result, ret); ++ ++ return ret; ++error2: ++ kfree(pkc_requested); ++error: ++ crypto_free_pkc(pkc->s); ++ return ret; ++} +diff --git a/cryptlib.h b/cryptlib.h +index a0a8a63..56d325a 100644 +--- a/cryptlib.h ++++ b/cryptlib.h +@@ -1,3 +1,6 @@ ++/* ++ * Copyright 2012 Freescale Semiconductor, Inc. ++ */ + #ifndef CRYPTLIB_H + # define CRYPTLIB_H + +@@ -89,5 +92,30 @@ void cryptodev_hash_deinit(struct hash_data *hdata); + int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, + int hmac_mode, void *mackey, size_t mackeylen); + ++/* Operation Type */ ++enum offload_type { ++ SYNCHRONOUS, ++ ASYNCHRONOUS ++}; ++ ++struct cryptodev_result { ++ struct completion completion; ++ int err; ++}; ++ ++struct cryptodev_pkc { ++ struct list_head list; /* To maintain the Jobs in completed ++ cryptodev lists */ ++ struct kernel_crypt_kop kop; ++ struct crypto_pkc *s; /* Transform pointer from CryptoAPI */ ++ struct cryptodev_result result; /* Result to be updated by ++ completion handler */ ++ struct pkc_request req; /* PKC request structure allocated ++ from CryptoAPI */ ++ enum offload_type type; /* Synchronous Vs Asynchronous request */ ++ void *cookie; /*Additional opaque cookie to be used in future */ ++ struct crypt_priv *priv; ++}; + ++int cryptodev_pkc_offload(struct cryptodev_pkc *); + #endif +diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h +index c0e8cd4..96675fe 100644 +--- a/crypto/cryptodev.h ++++ b/crypto/cryptodev.h +@@ -1,6 +1,10 @@ +-/* This is a source compatible implementation with the original API of ++/* ++ * Copyright 2012 Freescale Semiconductor, Inc. ++ * ++ * This is a source compatible implementation with the original API of + * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h. +- * Placed under public domain */ ++ * Placed under public domain ++ */ + + #ifndef L_CRYPTODEV_H + #define L_CRYPTODEV_H +@@ -245,6 +249,9 @@ struct crypt_kop { + __u16 crk_oparams; + __u32 crk_pad1; + struct crparam crk_param[CRK_MAXPARAM]; ++ enum curve_t curve_type; /* 0 == Discrete Log, ++ 1 = EC_PRIME, 2 = EC_BINARY */ ++ void *cookie; + }; + + enum cryptodev_crk_op_t { +@@ -289,5 +296,7 @@ enum cryptodev_crk_op_t { + */ + #define CIOCASYNCCRYPT _IOW('c', 110, struct crypt_op) + #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) +- ++/* additional ioctls for asynchronous operation for asymmetric ciphers*/ ++#define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop) ++#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop) + #endif /* L_CRYPTODEV_H */ +diff --git a/cryptodev_int.h b/cryptodev_int.h +index 8e687e7..fdbcc61 100644 +--- a/cryptodev_int.h ++++ b/cryptodev_int.h +@@ -1,4 +1,6 @@ +-/* cipher stuff */ ++/* cipher stuff ++ * Copyright 2012 Freescale Semiconductor, Inc. ++ */ + #ifndef CRYPTODEV_INT_H + # define CRYPTODEV_INT_H + +@@ -112,6 +114,14 @@ struct compat_crypt_auth_op { + + #endif /* CONFIG_COMPAT */ + ++/* kernel-internal extension to struct crypt_kop */ ++struct kernel_crypt_kop { ++ struct crypt_kop kop; ++ ++ struct task_struct *task; ++ struct mm_struct *mm; ++}; ++ + /* kernel-internal extension to struct crypt_op */ + struct kernel_crypt_op { + struct crypt_op cop; +@@ -157,6 +167,14 @@ int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop); + + #include + ++/* Cryptodev Key operation handler */ ++int crypto_bn_modexp(struct cryptodev_pkc *); ++int crypto_modexp_crt(struct cryptodev_pkc *); ++int crypto_kop_dsasign(struct cryptodev_pkc *); ++int crypto_kop_dsaverify(struct cryptodev_pkc *); ++int crypto_run_asym(struct cryptodev_pkc *); ++void cryptodev_complete_asym(struct crypto_async_request *, int); ++ + /* other internal structs */ + struct csession { + struct list_head entry; +diff --git a/ioctl.c b/ioctl.c +index 5a44807..69980e3 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -4,6 +4,7 @@ + * Copyright (c) 2004 Michal Ludvig , SuSE Labs + * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos + * Copyright (c) 2010 Phil Sutter ++ * Copyright 2012 Freescale Semiconductor, Inc. + * + * This file is part of linux cryptodev. + * +@@ -89,8 +90,37 @@ struct crypt_priv { + int itemcount; + struct work_struct cryptask; + wait_queue_head_t user_waiter; ++ /* List of pending cryptodev_pkc asym requests */ ++ struct list_head asym_completed_list; ++ /* For addition/removal of entry in pending list of asymmetric request*/ ++ spinlock_t completion_lock; + }; + ++/* Asymmetric request Completion handler */ ++void cryptodev_complete_asym(struct crypto_async_request *req, int err) ++{ ++ struct cryptodev_pkc *pkc = req->data; ++ struct cryptodev_result *res = &pkc->result; ++ ++ crypto_free_pkc(pkc->s); ++ res->err = err; ++ if (pkc->type == SYNCHRONOUS) { ++ if (err == -EINPROGRESS) ++ return; ++ complete(&res->completion); ++ } else { ++ struct crypt_priv *pcr = pkc->priv; ++ unsigned long flags; ++ spin_lock_irqsave(&pcr->completion_lock, flags); ++ list_add_tail(&pkc->list, &pcr->asym_completed_list); ++ spin_unlock_irqrestore(&pcr->completion_lock, flags); ++ /* wake for POLLIN */ ++ wake_up_interruptible(&pcr->user_waiter); ++ } ++ ++ kfree(req); ++} ++ + #define FILL_SG(sg, ptr, len) \ + do { \ + (sg)->page = virt_to_page(ptr); \ +@@ -472,7 +502,8 @@ cryptodev_open(struct inode *inode, struct file *filp) + INIT_LIST_HEAD(&pcr->free.list); + INIT_LIST_HEAD(&pcr->todo.list); + INIT_LIST_HEAD(&pcr->done.list); +- ++ INIT_LIST_HEAD(&pcr->asym_completed_list); ++ spin_lock_init(&pcr->completion_lock); + INIT_WORK(&pcr->cryptask, cryptask_routine); + + init_waitqueue_head(&pcr->user_waiter); +@@ -639,6 +670,79 @@ static int crypto_async_fetch(struct crypt_priv *pcr, + } + #endif + ++/* get the first asym cipher completed job from the "done" queue ++ * ++ * returns: ++ * -EBUSY if no completed jobs are ready (yet) ++ * the return value otherwise */ ++static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) ++{ ++ int ret = 0; ++ struct kernel_crypt_kop *kop = &pkc->kop; ++ struct crypt_kop *ckop = &kop->kop; ++ struct pkc_request *pkc_req = &pkc->req; ++ ++ switch (ckop->crk_op) { ++ case CRK_MOD_EXP: ++ { ++ struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; ++ copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, ++ rsa_req->g_len); ++ } ++ break; ++ case CRK_MOD_EXP_CRT: ++ { ++ struct rsa_priv_frm3_req_s *rsa_req = ++ &pkc_req->req_u.rsa_priv_f3; ++ copy_to_user(ckop->crk_param[6].crp_p, ++ rsa_req->f, rsa_req->f_len); ++ } ++ break; ++ case CRK_DSA_SIGN: ++ { ++ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; ++ ++ if (pkc_req->type == ECDSA_SIGN) { ++ copy_to_user(ckop->crk_param[6].crp_p, ++ dsa_req->c, dsa_req->d_len); ++ copy_to_user(ckop->crk_param[7].crp_p, ++ dsa_req->d, dsa_req->d_len); ++ } else { ++ copy_to_user(ckop->crk_param[5].crp_p, ++ dsa_req->c, dsa_req->d_len); ++ copy_to_user(ckop->crk_param[6].crp_p, ++ dsa_req->d, dsa_req->d_len); ++ } ++ } ++ break; ++ case CRK_DSA_VERIFY: ++ break; ++ case CRK_DH_COMPUTE_KEY: ++ { ++ struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; ++ if (pkc_req->type == ECDH_COMPUTE_KEY) ++ copy_to_user(ckop->crk_param[4].crp_p, ++ dh_req->z, dh_req->z_len); ++ else ++ copy_to_user(ckop->crk_param[3].crp_p, ++ dh_req->z, dh_req->z_len); ++ } ++ break; ++ default: ++ ret = -EINVAL; ++ } ++ kfree(pkc->cookie); ++ return ret; ++} ++ ++/* this function has to be called from process context */ ++static int fill_kop_from_cop(struct kernel_crypt_kop *kop) ++{ ++ kop->task = current; ++ kop->mm = current->mm; ++ return 0; ++} ++ + /* this function has to be called from process context */ + static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) + { +@@ -662,11 +766,8 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) + + if (cop->iv) { + rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen); +- if (unlikely(rc)) { +- derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p", +- kcop->ivlen, rc, cop->iv); ++ if (unlikely(rc)) + return -EFAULT; +- } + } + + return 0; +@@ -692,6 +793,25 @@ static int fill_cop_from_kcop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) + return 0; + } + ++static int kop_from_user(struct kernel_crypt_kop *kop, ++ void __user *arg) ++{ ++ if (unlikely(copy_from_user(&kop->kop, arg, sizeof(kop->kop)))) ++ return -EFAULT; ++ ++ return fill_kop_from_cop(kop); ++} ++ ++static int kop_to_user(struct kernel_crypt_kop *kop, ++ void __user *arg) ++{ ++ if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) { ++ dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); ++ return -EFAULT; ++ } ++ return 0; ++} ++ + static int kcop_from_user(struct kernel_crypt_op *kcop, + struct fcrypt *fcr, void __user *arg) + { +@@ -821,7 +941,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + + switch (cmd) { + case CIOCASYMFEAT: +- return put_user(0, p); ++ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | ++ CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p); + case CRIOGET: + fd = clonefd(filp); + ret = put_user(fd, p); +@@ -857,6 +978,24 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + if (unlikely(ret)) + return ret; + return copy_to_user(arg, &siop, sizeof(siop)); ++ case CIOCKEY: ++ { ++ struct cryptodev_pkc *pkc = ++ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); ++ ++ if (!pkc) ++ return -ENOMEM; ++ ++ ret = kop_from_user(&pkc->kop, arg); ++ if (unlikely(ret)) { ++ kfree(pkc); ++ return ret; ++ } ++ pkc->type = SYNCHRONOUS; ++ ret = crypto_run_asym(pkc); ++ kfree(pkc); ++ } ++ return ret; + case CIOCCRYPT: + if (unlikely(ret = kcop_from_user(&kcop, fcr, arg))) { + dwarning(1, "Error copying from user"); +@@ -895,6 +1034,45 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + + return kcop_to_user(&kcop, fcr, arg); + #endif ++ case CIOCASYMASYNCRYPT: ++ { ++ struct cryptodev_pkc *pkc = ++ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); ++ ret = kop_from_user(&pkc->kop, arg); ++ ++ if (unlikely(ret)) ++ return -EINVAL; ++ ++ /* Store associated FD priv data with asymmetric request */ ++ pkc->priv = pcr; ++ pkc->type = ASYNCHRONOUS; ++ ret = crypto_run_asym(pkc); ++ if (ret == -EINPROGRESS) ++ ret = 0; ++ } ++ return ret; ++ case CIOCASYMASYNFETCH: ++ { ++ struct cryptodev_pkc *pkc; ++ unsigned long flags; ++ ++ spin_lock_irqsave(&pcr->completion_lock, flags); ++ if (list_empty(&pcr->asym_completed_list)) { ++ spin_unlock_irqrestore(&pcr->completion_lock, flags); ++ return -ENOMEM; ++ } ++ pkc = list_first_entry(&pcr->asym_completed_list, ++ struct cryptodev_pkc, list); ++ list_del(&pkc->list); ++ spin_unlock_irqrestore(&pcr->completion_lock, flags); ++ ret = crypto_async_fetch_asym(pkc); ++ ++ /* Reflect the updated request to user-space */ ++ if (!ret) ++ kop_to_user(&pkc->kop, arg); ++ kfree(pkc); ++ } ++ return ret; + default: + return -EINVAL; + } +@@ -1083,9 +1261,11 @@ static unsigned int cryptodev_poll(struct file *file, poll_table *wait) + + poll_wait(file, &pcr->user_waiter, wait); + +- if (!list_empty_careful(&pcr->done.list)) ++ if (!list_empty_careful(&pcr->done.list) || ++ !list_empty_careful(&pcr->asym_completed_list)) + ret |= POLLIN | POLLRDNORM; +- if (!list_empty_careful(&pcr->free.list) || pcr->itemcount < MAX_COP_RINGSIZE) ++ if (!list_empty_careful(&pcr->free.list) || ++ pcr->itemcount < MAX_COP_RINGSIZE) + ret |= POLLOUT | POLLWRNORM; + + return ret; +diff --git a/main.c b/main.c +index 57e5c38..0b7951e 100644 +--- a/main.c ++++ b/main.c +@@ -181,6 +181,384 @@ __crypto_run_zc(struct csession *ses_ptr, struct kernel_crypt_op *kcop) + return ret; + } + ++int crypto_kop_dsasign(struct cryptodev_pkc *pkc) ++{ ++ struct kernel_crypt_kop *kop = &pkc->kop; ++ struct crypt_kop *cop = &kop->kop; ++ struct pkc_request *pkc_req = &pkc->req; ++ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; ++ int rc, buf_size; ++ uint8_t *buf; ++ ++ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || ++ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || ++ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || ++ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 6 && ++ !cop->crk_param[7].crp_nbits)) ++ return -EINVAL; ++ ++ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; ++ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; ++ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; ++ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; ++ dsa_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; ++ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8; ++ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len + ++ dsa_req->g_len + dsa_req->priv_key_len + dsa_req->d_len + ++ dsa_req->d_len; ++ if (cop->crk_iparams == 6) { ++ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; ++ buf_size += dsa_req->ab_len; ++ pkc_req->type = ECDSA_SIGN; ++ pkc_req->curve_type = cop->curve_type; ++ } else { ++ pkc_req->type = DSA_SIGN; ++ } ++ ++ buf = kzalloc(buf_size, GFP_DMA); ++ ++ dsa_req->q = buf; ++ dsa_req->r = dsa_req->q + dsa_req->q_len; ++ dsa_req->g = dsa_req->r + dsa_req->r_len; ++ dsa_req->priv_key = dsa_req->g + dsa_req->g_len; ++ dsa_req->m = dsa_req->priv_key + dsa_req->priv_key_len; ++ dsa_req->c = dsa_req->m + dsa_req->m_len; ++ dsa_req->d = dsa_req->c + dsa_req->d_len; ++ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); ++ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); ++ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); ++ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); ++ copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p, ++ dsa_req->priv_key_len); ++ if (cop->crk_iparams == 6) { ++ dsa_req->ab = dsa_req->d + dsa_req->d_len; ++ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, ++ dsa_req->ab_len); ++ } ++ rc = cryptodev_pkc_offload(pkc); ++ if (pkc->type == SYNCHRONOUS) { ++ if (rc) ++ goto err; ++ if (cop->crk_iparams == 6) { ++ copy_to_user(cop->crk_param[6].crp_p, dsa_req->c, ++ dsa_req->d_len); ++ copy_to_user(cop->crk_param[7].crp_p, dsa_req->d, ++ dsa_req->d_len); ++ } else { ++ copy_to_user(cop->crk_param[5].crp_p, dsa_req->c, ++ dsa_req->d_len); ++ copy_to_user(cop->crk_param[6].crp_p, dsa_req->d, ++ dsa_req->d_len); ++ } ++ } else { ++ if (rc != -EINPROGRESS && rc != 0) ++ goto err; ++ ++ pkc->cookie = buf; ++ return rc; ++ } ++err: ++ kfree(buf); ++ return rc; ++} ++ ++int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) ++{ ++ struct kernel_crypt_kop *kop = &pkc->kop; ++ struct crypt_kop *cop = &kop->kop; ++ struct pkc_request *pkc_req; ++ struct dsa_verify_req_s *dsa_req; ++ int rc, buf_size; ++ uint8_t *buf; ++ ++ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || ++ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || ++ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || ++ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 8 && ++ !cop->crk_param[7].crp_nbits)) ++ return -EINVAL; ++ ++ pkc_req = &pkc->req; ++ dsa_req = &pkc_req->req_u.dsa_verify; ++ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; ++ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; ++ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; ++ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; ++ dsa_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; ++ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8; ++ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len + ++ dsa_req->g_len + dsa_req->pub_key_len + dsa_req->d_len + ++ dsa_req->d_len; ++ if (cop->crk_iparams == 8) { ++ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; ++ buf_size += dsa_req->ab_len; ++ pkc_req->type = ECDSA_VERIFY; ++ pkc_req->curve_type = cop->curve_type; ++ } else { ++ pkc_req->type = DSA_VERIFY; ++ } ++ ++ buf = kzalloc(buf_size, GFP_DMA); ++ ++ dsa_req->q = buf; ++ dsa_req->r = dsa_req->q + dsa_req->q_len; ++ dsa_req->g = dsa_req->r + dsa_req->r_len; ++ dsa_req->pub_key = dsa_req->g + dsa_req->g_len; ++ dsa_req->m = dsa_req->pub_key + dsa_req->pub_key_len; ++ dsa_req->c = dsa_req->m + dsa_req->m_len; ++ dsa_req->d = dsa_req->c + dsa_req->d_len; ++ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); ++ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); ++ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); ++ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); ++ copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p, ++ dsa_req->pub_key_len); ++ if (cop->crk_iparams == 8) { ++ dsa_req->ab = dsa_req->d + dsa_req->d_len; ++ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, ++ dsa_req->ab_len); ++ copy_from_user(dsa_req->c, cop->crk_param[6].crp_p, ++ dsa_req->d_len); ++ copy_from_user(dsa_req->d, cop->crk_param[7].crp_p, ++ dsa_req->d_len); ++ } else { ++ copy_from_user(dsa_req->c, cop->crk_param[5].crp_p, ++ dsa_req->d_len); ++ copy_from_user(dsa_req->d, cop->crk_param[6].crp_p, ++ dsa_req->d_len); ++ } ++ rc = cryptodev_pkc_offload(pkc); ++ if (pkc->type == SYNCHRONOUS) { ++ if (rc) ++ goto err; ++ } else { ++ if (rc != -EINPROGRESS && !rc) ++ goto err; ++ pkc->cookie = buf; ++ return rc; ++ } ++err: ++ kfree(buf); ++ return rc; ++} ++ ++int crypto_kop_dh_key(struct cryptodev_pkc *pkc) ++{ ++ struct kernel_crypt_kop *kop = &pkc->kop; ++ struct crypt_kop *cop = &kop->kop; ++ struct pkc_request *pkc_req; ++ struct dh_key_req_s *dh_req; ++ int buf_size; ++ uint8_t *buf; ++ int rc = -EINVAL; ++ ++ pkc_req = &pkc->req; ++ dh_req = &pkc_req->req_u.dh_req; ++ dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; ++ dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8; ++ dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8; ++ buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len; ++ if (cop->crk_iparams == 4) { ++ pkc_req->type = ECDH_COMPUTE_KEY; ++ dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; ++ dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8; ++ buf_size += dh_req->ab_len; ++ } else { ++ dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8; ++ pkc_req->type = DH_COMPUTE_KEY; ++ } ++ buf_size += dh_req->z_len; ++ buf = kzalloc(buf_size, GFP_DMA); ++ dh_req->q = buf; ++ dh_req->s = dh_req->q + dh_req->q_len; ++ dh_req->pub_key = dh_req->s + dh_req->s_len; ++ dh_req->z = dh_req->pub_key + dh_req->pub_key_len; ++ if (cop->crk_iparams == 4) { ++ dh_req->ab = dh_req->z + dh_req->z_len; ++ pkc_req->curve_type = cop->curve_type; ++ copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, ++ dh_req->ab_len); ++ } ++ copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len); ++ copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p, ++ dh_req->pub_key_len); ++ copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len); ++ rc = cryptodev_pkc_offload(pkc); ++ if (pkc->type == SYNCHRONOUS) { ++ if (rc) ++ goto err; ++ if (cop->crk_iparams == 4) ++ copy_to_user(cop->crk_param[4].crp_p, dh_req->z, ++ dh_req->z_len); ++ else ++ copy_to_user(cop->crk_param[3].crp_p, dh_req->z, ++ dh_req->z_len); ++ } else { ++ if (rc != -EINPROGRESS && rc != 0) ++ goto err; ++ ++ pkc->cookie = buf; ++ return rc; ++ } ++err: ++ kfree(buf); ++ return rc; ++} ++ ++int crypto_modexp_crt(struct cryptodev_pkc *pkc) ++{ ++ struct kernel_crypt_kop *kop = &pkc->kop; ++ struct crypt_kop *cop = &kop->kop; ++ struct pkc_request *pkc_req; ++ struct rsa_priv_frm3_req_s *rsa_req; ++ int rc; ++ uint8_t *buf; ++ ++ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || ++ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || ++ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits) ++ return -EINVAL; ++ ++ pkc_req = &pkc->req; ++ pkc_req->type = RSA_PRIV_FORM3; ++ rsa_req = &pkc_req->req_u.rsa_priv_f3; ++ rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8; ++ rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; ++ rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; ++ rsa_req->dp_len = (cop->crk_param[3].crp_nbits + 7)/8; ++ rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8; ++ rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8; ++ rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8; ++ buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + ++ rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len + ++ rsa_req->g_len, GFP_DMA); ++ rsa_req->p = buf; ++ rsa_req->q = rsa_req->p + rsa_req->p_len; ++ rsa_req->g = rsa_req->q + rsa_req->q_len; ++ rsa_req->dp = rsa_req->g + rsa_req->g_len; ++ rsa_req->dq = rsa_req->dp + rsa_req->dp_len; ++ rsa_req->c = rsa_req->dq + rsa_req->dq_len; ++ rsa_req->f = rsa_req->c + rsa_req->c_len; ++ copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len); ++ copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len); ++ copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len); ++ copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len); ++ copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len); ++ copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len); ++ rc = cryptodev_pkc_offload(pkc); ++ ++ if (pkc->type == SYNCHRONOUS) { ++ if (rc) ++ goto err; ++ copy_to_user(cop->crk_param[6].crp_p, rsa_req->f, ++ rsa_req->f_len); ++ } else { ++ if (rc != -EINPROGRESS && rc != 0) ++ goto err; ++ ++ pkc->cookie = buf; ++ return rc; ++ } ++err: ++ kfree(buf); ++ return rc; ++} ++ ++int crypto_bn_modexp(struct cryptodev_pkc *pkc) ++{ ++ struct pkc_request *pkc_req; ++ struct rsa_pub_req_s *rsa_req; ++ int rc; ++ struct kernel_crypt_kop *kop = &pkc->kop; ++ struct crypt_kop *cop = &kop->kop; ++ uint8_t *buf; ++ ++ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || ++ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits) ++ return -EINVAL; ++ ++ pkc_req = &pkc->req; ++ pkc_req->type = RSA_PUB; ++ rsa_req = &pkc_req->req_u.rsa_pub_req; ++ rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8; ++ rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; ++ rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; ++ rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; ++ buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len ++ + rsa_req->g_len, GFP_DMA); ++ if (!buf) ++ return -ENOMEM; ++ ++ rsa_req->e = buf; ++ rsa_req->f = rsa_req->e + rsa_req->e_len; ++ rsa_req->g = rsa_req->f + rsa_req->f_len; ++ rsa_req->n = rsa_req->g + rsa_req->g_len; ++ copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len); ++ copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len); ++ copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len); ++ rc = cryptodev_pkc_offload(pkc); ++ if (pkc->type == SYNCHRONOUS) { ++ if (rc) ++ goto err; ++ ++ copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, ++ rsa_req->g_len); ++ } else { ++ if (rc != -EINPROGRESS && rc != 0) ++ goto err; ++ ++ /* This one will be freed later in fetch handler */ ++ pkc->cookie = buf; ++ return rc; ++ } ++err: ++ kfree(buf); ++ return rc; ++} ++ ++int crypto_run_asym(struct cryptodev_pkc *pkc) ++{ ++ int ret = -EINVAL; ++ struct kernel_crypt_kop *kop = &pkc->kop; ++ ++ switch (kop->kop.crk_op) { ++ case CRK_MOD_EXP: ++ if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1) ++ goto err; ++ ++ ret = crypto_bn_modexp(pkc); ++ break; ++ case CRK_MOD_EXP_CRT: ++ if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1) ++ goto err; ++ ++ ret = crypto_modexp_crt(pkc); ++ break; ++ case CRK_DSA_SIGN: ++ if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) || ++ kop->kop.crk_oparams != 2) ++ goto err; ++ ++ ret = crypto_kop_dsasign(pkc); ++ break; ++ case CRK_DSA_VERIFY: ++ if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) || ++ kop->kop.crk_oparams != 0) ++ goto err; ++ ++ ret = crypto_kop_dsaverify(pkc); ++ break; ++ case CRK_DH_COMPUTE_KEY: ++ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) || ++ kop->kop.crk_oparams != 1) ++ goto err; ++ ret = crypto_kop_dh_key(pkc); ++ break; ++ } ++err: ++ return ret; ++} ++ + int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop) + { + struct csession *ses_ptr; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch b/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch new file mode 100644 index 00000000..25a52a9c --- /dev/null +++ b/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch @@ -0,0 +1,65 @@ +From 188f30f6233d05eb62b58bf6d94a16bcbeeae0ee Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Mon, 27 Apr 2015 15:26:14 +0300 +Subject: [PATCH 4/4] Add the compile and install rules for cryptodev tests + +Change-Id: Ica10dc563c77220dcf0e0993515230df8a86c34d +Signed-off-by: Yu Zongchun +--- + Makefile | 6 ++++++ + tests/Makefile | 8 ++++++++ + 2 files changed, 14 insertions(+) + +diff --git a/Makefile b/Makefile +index 855bb54..5497037 100644 +--- a/Makefile ++++ b/Makefile +@@ -32,6 +32,9 @@ install: modules_install + modules_install: + make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install + ++install_tests: ++ make -C tests install DESTDIR=$(PREFIX) ++ + clean: + make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean + rm -f $(hostprogs) *~ +@@ -40,6 +43,9 @@ clean: + check: + CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) make -C tests check + ++testprogs: ++ KERNEL_DIR=$(KERNEL_DIR) make -C tests testprogs ++ + CPOPTS = + ifneq (${SHOW_TYPES},) + CPOPTS += --show-types +diff --git a/tests/Makefile b/tests/Makefile +index 20c52ba..67c3c83 100644 +--- a/tests/Makefile ++++ b/tests/Makefile +@@ -19,6 +19,12 @@ example-async-hmac-objs := async_hmac.o + example-async-speed-objs := async_speed.o + example-hashcrypt-speed-objs := hashcrypt_speed.c + ++install: ++ install -d $(DESTDIR)/usr/bin/tests_cryptodev ++ for bin in $(hostprogs); do \ ++ install -m 755 $${bin} $(DESTDIR)/usr/bin/tests_cryptodev/; \ ++ done ++ + check: $(hostprogs) + ./cipher + ./hmac +@@ -28,6 +34,8 @@ check: $(hostprogs) + ./cipher-gcm + ./cipher-aead + ++testprogs: $(hostprogs) ++ + clean: + rm -f *.o *~ $(hostprogs) + +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch b/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch new file mode 100644 index 00000000..2f35768b --- /dev/null +++ b/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch @@ -0,0 +1,200 @@ +From b109fbdb64de6be0dc2f0d2ef108cead34652495 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Fri, 7 Mar 2014 06:52:13 +0545 +Subject: [PATCH 04/15] Compat versions of PKC IOCTLs + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + cryptodev_int.h | 20 ++++++++++ + ioctl.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 140 insertions(+) + +diff --git a/cryptodev_int.h b/cryptodev_int.h +index fdbcc61..cf54dac 100644 +--- a/cryptodev_int.h ++++ b/cryptodev_int.h +@@ -75,6 +75,24 @@ struct compat_crypt_op { + compat_uptr_t iv;/* initialization vector for encryption operations */ + }; + ++/* input of CIOCKEY */ ++struct compat_crparam { ++ compat_uptr_t crp_p; ++ uint32_t crp_nbits; ++}; ++ ++struct compat_crypt_kop { ++ uint32_t crk_op; /* cryptodev_crk_ot_t */ ++ uint32_t crk_status; ++ uint16_t crk_iparams; ++ uint16_t crk_oparams; ++ uint32_t crk_pad1; ++ struct compat_crparam crk_param[CRK_MAXPARAM]; ++ enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, ++ 2 = EC_BINARY */ ++ compat_uptr_t cookie; ++}; ++ + /* input of CIOCAUTHCRYPT */ + struct compat_crypt_auth_op { + uint32_t ses; /* session identifier */ +@@ -111,6 +129,8 @@ struct compat_crypt_auth_op { + #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) + #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) + #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) ++#define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop) ++#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop) + + #endif /* CONFIG_COMPAT */ + +diff --git a/ioctl.c b/ioctl.c +index 69980e3..9431025 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -1081,6 +1081,68 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + /* compatibility code for 32bit userlands */ + #ifdef CONFIG_COMPAT + ++static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat, ++ struct crypt_kop *kop) ++{ ++ int i; ++ kop->crk_op = compat->crk_op; ++ kop->crk_status = compat->crk_status; ++ kop->crk_iparams = compat->crk_iparams; ++ kop->crk_oparams = compat->crk_oparams; ++ ++ for (i = 0; i < CRK_MAXPARAM; i++) { ++ kop->crk_param[i].crp_p = ++ compat_ptr(compat->crk_param[i].crp_p); ++ kop->crk_param[i].crp_nbits = compat->crk_param[i].crp_nbits; ++ } ++ ++ kop->curve_type = compat->curve_type; ++ kop->cookie = compat->cookie; ++} ++ ++static int compat_kop_from_user(struct kernel_crypt_kop *kop, ++ void __user *arg) ++{ ++ struct compat_crypt_kop compat_kop; ++ ++ if (unlikely(copy_from_user(&compat_kop, arg, sizeof(compat_kop)))) ++ return -EFAULT; ++ ++ compat_to_crypt_kop(&compat_kop, &kop->kop); ++ return fill_kop_from_cop(kop); ++} ++ ++static inline void crypt_kop_to_compat(struct crypt_kop *kop, ++ struct compat_crypt_kop *compat) ++{ ++ int i; ++ ++ compat->crk_op = kop->crk_op; ++ compat->crk_status = kop->crk_status; ++ compat->crk_iparams = kop->crk_iparams; ++ compat->crk_oparams = kop->crk_oparams; ++ ++ for (i = 0; i < CRK_MAXPARAM; i++) { ++ compat->crk_param[i].crp_p = ++ ptr_to_compat(kop->crk_param[i].crp_p); ++ compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits; ++ } ++ compat->cookie = kop->cookie; ++ compat->curve_type = kop->curve_type; ++} ++ ++static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) ++{ ++ struct compat_crypt_kop compat_kop; ++ ++ crypt_kop_to_compat(&kop->kop, &compat_kop); ++ if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) { ++ dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); ++ return -EFAULT; ++ } ++ return 0; ++} ++ + static inline void + compat_to_session_op(struct compat_session_op *compat, struct session_op *sop) + { +@@ -1208,7 +1270,26 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + return -EFAULT; + } + return ret; ++ case COMPAT_CIOCKEY: ++ { ++ struct cryptodev_pkc *pkc = ++ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); ++ ++ if (!pkc) ++ return -ENOMEM; ++ ++ ret = compat_kop_from_user(&pkc->kop, arg); ++ ++ if (unlikely(ret)) { ++ kfree(pkc); ++ return ret; ++ } + ++ pkc->type = SYNCHRONOUS; ++ ret = crypto_run_asym(pkc); ++ kfree(pkc); ++ } ++ return ret; + case COMPAT_CIOCCRYPT: + ret = compat_kcop_from_user(&kcop, fcr, arg); + if (unlikely(ret)) +@@ -1247,6 +1328,45 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + + return compat_kcop_to_user(&kcop, fcr, arg); + #endif ++ case COMPAT_CIOCASYMASYNCRYPT: ++ { ++ struct cryptodev_pkc *pkc = ++ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); ++ ++ ret = compat_kop_from_user(&pkc->kop, arg); ++ if (unlikely(ret)) ++ return -EINVAL; ++ ++ /* Store associated FD priv data with asymmetric request */ ++ pkc->priv = pcr; ++ pkc->type = ASYNCHRONOUS; ++ ret = crypto_run_asym(pkc); ++ if (ret == -EINPROGRESS) ++ ret = 0; ++ } ++ return ret; ++ case COMPAT_CIOCASYMASYNFETCH: ++ { ++ struct cryptodev_pkc *pkc; ++ unsigned long flags; ++ ++ spin_lock_irqsave(&pcr->completion_lock, flags); ++ if (list_empty(&pcr->asym_completed_list)) { ++ spin_unlock_irqrestore(&pcr->completion_lock, flags); ++ return -ENOMEM; ++ } ++ pkc = list_first_entry(&pcr->asym_completed_list, ++ struct cryptodev_pkc, list); ++ list_del(&pkc->list); ++ spin_unlock_irqrestore(&pcr->completion_lock, flags); ++ ret = crypto_async_fetch_asym(pkc); ++ ++ /* Reflect the updated request to user-space */ ++ if (!ret) ++ compat_kop_to_user(&pkc->kop, arg); ++ kfree(pkc); ++ } ++ return ret; + default: + return -EINVAL; + } +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch b/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch new file mode 100644 index 00000000..8827fb0f --- /dev/null +++ b/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch @@ -0,0 +1,213 @@ +From 7594d5375d998eb25241750b623661ff021697d3 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Fri, 7 Mar 2014 07:24:00 +0545 +Subject: [PATCH 05/15] Asynchronous interface changes in cryptodev + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + cryptlib.h | 7 ++++- + crypto/cryptodev.h | 10 ++++++- + cryptodev_int.h | 10 ++++++- + ioctl.c | 76 +++++++++++++++++++++++++++++++++++++----------------- + 4 files changed, 76 insertions(+), 27 deletions(-) + +diff --git a/cryptlib.h b/cryptlib.h +index 56d325a..7ffa54c 100644 +--- a/cryptlib.h ++++ b/cryptlib.h +@@ -113,7 +113,12 @@ struct cryptodev_pkc { + struct pkc_request req; /* PKC request structure allocated + from CryptoAPI */ + enum offload_type type; /* Synchronous Vs Asynchronous request */ +- void *cookie; /*Additional opaque cookie to be used in future */ ++ /* ++ * cookie used for transfering tranparent information from async ++ * submission to async fetch. Currently some dynamic allocated ++ * buffers are maintained which will be freed later during fetch ++ */ ++ void *cookie; + struct crypt_priv *priv; + }; + +diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h +index 96675fe..4436fbf 100644 +--- a/crypto/cryptodev.h ++++ b/crypto/cryptodev.h +@@ -254,6 +254,14 @@ struct crypt_kop { + void *cookie; + }; + ++#define MAX_COOKIES 4 ++ ++struct pkc_cookie_list_s { ++ int cookie_available; ++ void *cookie[MAX_COOKIES]; ++ int status[MAX_COOKIES]; ++}; ++ + enum cryptodev_crk_op_t { + CRK_MOD_EXP = 0, + CRK_MOD_EXP_CRT = 1, +@@ -298,5 +306,5 @@ enum cryptodev_crk_op_t { + #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) + /* additional ioctls for asynchronous operation for asymmetric ciphers*/ + #define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop) +-#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop) ++#define CIOCASYMFETCHCOOKIE _IOR('c', 113, struct pkc_cookie_list_s) + #endif /* L_CRYPTODEV_H */ +diff --git a/cryptodev_int.h b/cryptodev_int.h +index cf54dac..5347cae 100644 +--- a/cryptodev_int.h ++++ b/cryptodev_int.h +@@ -93,6 +93,12 @@ struct compat_crypt_kop { + compat_uptr_t cookie; + }; + ++struct compat_pkc_cookie_list_s { ++ int cookie_available; ++ compat_uptr_t cookie[MAX_COOKIES]; ++ int status[MAX_COOKIES]; ++}; ++ + /* input of CIOCAUTHCRYPT */ + struct compat_crypt_auth_op { + uint32_t ses; /* session identifier */ +@@ -126,11 +132,13 @@ struct compat_crypt_auth_op { + /* compat ioctls, defined for the above structs */ + #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) + #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) ++#define COMPAT_CIOCKEY _IOW('c', 105, struct compat_crypt_kop) + #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) + #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) + #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) + #define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop) +-#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop) ++#define COMPAT_CIOCASYMFETCHCOOKIE _IOR('c', 111, \ ++ struct compat_pkc_cookie_list_s) + + #endif /* CONFIG_COMPAT */ + +diff --git a/ioctl.c b/ioctl.c +index 9431025..e2f407f 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -105,8 +105,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) + crypto_free_pkc(pkc->s); + res->err = err; + if (pkc->type == SYNCHRONOUS) { +- if (err == -EINPROGRESS) +- return; + complete(&res->completion); + } else { + struct crypt_priv *pcr = pkc->priv; +@@ -1051,26 +1049,41 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + ret = 0; + } + return ret; +- case CIOCASYMASYNFETCH: ++ case CIOCASYMFETCHCOOKIE: + { + struct cryptodev_pkc *pkc; + unsigned long flags; ++ int i; ++ struct pkc_cookie_list_s cookie_list; + + spin_lock_irqsave(&pcr->completion_lock, flags); +- if (list_empty(&pcr->asym_completed_list)) { +- spin_unlock_irqrestore(&pcr->completion_lock, flags); +- return -ENOMEM; ++ cookie_list.cookie_available = 0; ++ for (i = 0; i < MAX_COOKIES; i++) { ++ if (!list_empty(&pcr->asym_completed_list)) { ++ /* Run a loop in the list for upto elements ++ and copy their response back */ ++ pkc = ++ list_first_entry(&pcr->asym_completed_list, ++ struct cryptodev_pkc, list); ++ list_del(&pkc->list); ++ ret = crypto_async_fetch_asym(pkc); ++ if (!ret) { ++ cookie_list.cookie_available++; ++ cookie_list.cookie[i] = ++ pkc->kop.kop.cookie; ++ cookie_list.status[i] = pkc->result.err; ++ } ++ kfree(pkc); ++ } else { ++ break; ++ } + } +- pkc = list_first_entry(&pcr->asym_completed_list, +- struct cryptodev_pkc, list); +- list_del(&pkc->list); + spin_unlock_irqrestore(&pcr->completion_lock, flags); +- ret = crypto_async_fetch_asym(pkc); + + /* Reflect the updated request to user-space */ +- if (!ret) +- kop_to_user(&pkc->kop, arg); +- kfree(pkc); ++ if (cookie_list.cookie_available) ++ copy_to_user(arg, &cookie_list, ++ sizeof(struct pkc_cookie_list_s)); + } + return ret; + default: +@@ -1345,26 +1358,41 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + ret = 0; + } + return ret; +- case COMPAT_CIOCASYMASYNFETCH: ++ case COMPAT_CIOCASYMFETCHCOOKIE: + { + struct cryptodev_pkc *pkc; + unsigned long flags; ++ int i = 0; ++ struct compat_pkc_cookie_list_s cookie_list; + + spin_lock_irqsave(&pcr->completion_lock, flags); +- if (list_empty(&pcr->asym_completed_list)) { +- spin_unlock_irqrestore(&pcr->completion_lock, flags); +- return -ENOMEM; ++ cookie_list.cookie_available = 0; ++ ++ for (i = 0; i < MAX_COOKIES; i++) { ++ if (!list_empty(&pcr->asym_completed_list)) { ++ /* Run a loop in the list for upto elements ++ and copy their response back */ ++ pkc = ++ list_first_entry(&pcr->asym_completed_list, ++ struct cryptodev_pkc, list); ++ list_del(&pkc->list); ++ ret = crypto_async_fetch_asym(pkc); ++ if (!ret) { ++ cookie_list.cookie_available++; ++ cookie_list.cookie[i] = ++ pkc->kop.kop.cookie; ++ } ++ kfree(pkc); ++ } else { ++ break; ++ } + } +- pkc = list_first_entry(&pcr->asym_completed_list, +- struct cryptodev_pkc, list); +- list_del(&pkc->list); + spin_unlock_irqrestore(&pcr->completion_lock, flags); +- ret = crypto_async_fetch_asym(pkc); + + /* Reflect the updated request to user-space */ +- if (!ret) +- compat_kop_to_user(&pkc->kop, arg); +- kfree(pkc); ++ if (cookie_list.cookie_available) ++ copy_to_user(arg, &cookie_list, ++ sizeof(struct compat_pkc_cookie_list_s)); + } + return ret; + default: +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch b/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch new file mode 100644 index 00000000..89cace37 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch @@ -0,0 +1,212 @@ +From eccd6277b067cd85094eb057225cc0a983300b9f Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Fri, 7 Mar 2014 07:53:53 +0545 +Subject: [PATCH 06/15] ECC_KEYGEN and DLC_KEYGEN supported in cryptodev module + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + cryptlib.c | 2 ++ + crypto/cryptodev.h | 5 +++- + ioctl.c | 29 +++++++++++++++++-- + main.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ + 4 files changed, 118 insertions(+), 3 deletions(-) + +diff --git a/cryptlib.c b/cryptlib.c +index 6900028..47cd568 100644 +--- a/cryptlib.c ++++ b/cryptlib.c +@@ -452,6 +452,8 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) + case DSA_VERIFY: + case ECDSA_SIGN: + case ECDSA_VERIFY: ++ case DLC_KEYGEN: ++ case ECC_KEYGEN: + pkc->s = crypto_alloc_pkc("pkc(dsa)", + CRYPTO_ALG_TYPE_PKC_DSA, 0); + break; +diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h +index 4436fbf..275a55c 100644 +--- a/crypto/cryptodev.h ++++ b/crypto/cryptodev.h +@@ -268,6 +268,8 @@ enum cryptodev_crk_op_t { + CRK_DSA_SIGN = 2, + CRK_DSA_VERIFY = 3, + CRK_DH_COMPUTE_KEY = 4, ++ CRK_DSA_GENERATE_KEY = 5, ++ CRK_DH_GENERATE_KEY = 6, + CRK_ALGORITHM_ALL + }; + +@@ -280,7 +282,8 @@ enum cryptodev_crk_op_t { + #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) + #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) + #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) +- ++#define CRF_DSA_GENERATE_KEY (1 << CRK_DSA_GENERATE_KEY) ++#define CRF_DH_GENERATE_KEY (1 << CRK_DH_GENERATE_KEY) + + /* ioctl's. Compatible with old linux cryptodev.h + */ +diff --git a/ioctl.c b/ioctl.c +index e2f407f..1f0741a 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -726,6 +726,23 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) + dh_req->z, dh_req->z_len); + } + break; ++ case CRK_DSA_GENERATE_KEY: ++ case CRK_DH_GENERATE_KEY: ++ { ++ struct keygen_req_s *key_req = &pkc_req->req_u.keygen; ++ ++ if (pkc_req->type == ECC_KEYGEN) { ++ copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, ++ key_req->pub_key_len); ++ copy_to_user(ckop->crk_param[5].crp_p, ++ key_req->priv_key, key_req->priv_key_len); ++ } else { ++ copy_to_user(ckop->crk_param[3].crp_p, ++ key_req->pub_key, key_req->pub_key_len); ++ copy_to_user(ckop->crk_param[4].crp_p, ++ key_req->priv_key, key_req->priv_key_len); ++ } ++ } + default: + ret = -EINVAL; + } +@@ -939,8 +956,9 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + + switch (cmd) { + case CIOCASYMFEAT: +- return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | +- CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p); ++ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | ++ CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | ++ CRF_DSA_GENERATE_KEY, p); + case CRIOGET: + fd = clonefd(filp); + ret = put_user(fd, p); +@@ -1084,7 +1102,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + if (cookie_list.cookie_available) + copy_to_user(arg, &cookie_list, + sizeof(struct pkc_cookie_list_s)); ++ else { ++ struct pkc_cookie_list_s *user_ck_list = (void *)arg; ++ ++ put_user(0, &(user_ck_list->cookie_available)); ++ } ++ ret = cookie_list.cookie_available; + } ++ + return ret; + default: + return -EINVAL; +diff --git a/main.c b/main.c +index 0b7951e..c901bc7 100644 +--- a/main.c ++++ b/main.c +@@ -342,6 +342,85 @@ err: + return rc; + } + ++int crypto_kop_keygen(struct cryptodev_pkc *pkc) ++{ ++ struct kernel_crypt_kop *kop = &pkc->kop; ++ struct crypt_kop *cop = &kop->kop; ++ struct pkc_request *pkc_req; ++ struct keygen_req_s *key_req; ++ int rc, buf_size; ++ uint8_t *buf; ++ ++ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || ++ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || ++ !cop->crk_param[4].crp_nbits) ++ return -EINVAL; ++ ++ pkc_req = &pkc->req; ++ key_req = &pkc_req->req_u.keygen; ++ key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8; ++ key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8; ++ key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; ++ if (cop->crk_iparams == 3) { ++ key_req->pub_key_len = (cop->crk_param[3].crp_nbits + 7)/8; ++ key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; ++ buf_size = key_req->q_len + key_req->r_len + key_req->g_len + ++ key_req->pub_key_len + key_req->priv_key_len; ++ pkc_req->type = DLC_KEYGEN; ++ } else { ++ key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; ++ key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; ++ key_req->priv_key_len = (cop->crk_param[5].crp_nbits + 7)/8; ++ buf_size = key_req->q_len + key_req->r_len + key_req->g_len + ++ key_req->pub_key_len + key_req->priv_key_len + ++ key_req->ab_len; ++ pkc_req->type = ECC_KEYGEN; ++ pkc_req->curve_type = cop->curve_type; ++ } ++ ++ buf = kzalloc(buf_size, GFP_DMA); ++ if (!buf) ++ return -ENOMEM; ++ ++ key_req->q = buf; ++ key_req->r = key_req->q + key_req->q_len; ++ key_req->g = key_req->r + key_req->r_len; ++ key_req->pub_key = key_req->g + key_req->g_len; ++ key_req->priv_key = key_req->pub_key + key_req->pub_key_len; ++ copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); ++ copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); ++ copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); ++ if (cop->crk_iparams == 3) { ++ copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p, ++ key_req->pub_key_len); ++ copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p, ++ key_req->priv_key_len); ++ } else { ++ key_req->ab = key_req->priv_key + key_req->priv_key_len; ++ copy_from_user(key_req->ab, cop->crk_param[3].crp_p, ++ key_req->ab_len); ++ copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p, ++ key_req->pub_key_len); ++ copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p, ++ key_req->priv_key_len); ++ } ++ ++ rc = cryptodev_pkc_offload(pkc); ++ if (pkc->type == SYNCHRONOUS) { ++ if (rc) ++ goto err; ++ } else { ++ if (rc != -EINPROGRESS && !rc) ++ goto err; ++ ++ pkc->cookie = buf; ++ return rc; ++ } ++err: ++ kfree(buf); ++ return rc; ++} ++ + int crypto_kop_dh_key(struct cryptodev_pkc *pkc) + { + struct kernel_crypt_kop *kop = &pkc->kop; +@@ -554,6 +633,12 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) + goto err; + ret = crypto_kop_dh_key(pkc); + break; ++ case CRK_DH_GENERATE_KEY: ++ case CRK_DSA_GENERATE_KEY: ++ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4)) ++ goto err; ++ ret = crypto_kop_keygen(pkc); ++ break; + } + err: + return ret; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch b/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch new file mode 100644 index 00000000..a76aca47 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch @@ -0,0 +1,238 @@ +From 78c01e1882def52c72966c0e86913950ec201af9 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Fri, 7 Mar 2014 08:49:15 +0545 +Subject: [PATCH 07/15] RCU stall fixed in PKC asynchronous interface + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +--- + ioctl.c | 23 +++++++++++------------ + main.c | 43 +++++++++++++++++++++++++++---------------- + 2 files changed, 38 insertions(+), 28 deletions(-) + +diff --git a/ioctl.c b/ioctl.c +index 1f0741a..e4e16a8 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -108,10 +108,9 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) + complete(&res->completion); + } else { + struct crypt_priv *pcr = pkc->priv; +- unsigned long flags; +- spin_lock_irqsave(&pcr->completion_lock, flags); ++ spin_lock_bh(&pcr->completion_lock); + list_add_tail(&pkc->list, &pcr->asym_completed_list); +- spin_unlock_irqrestore(&pcr->completion_lock, flags); ++ spin_unlock_bh(&pcr->completion_lock); + /* wake for POLLIN */ + wake_up_interruptible(&pcr->user_waiter); + } +@@ -958,7 +957,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + case CIOCASYMFEAT: + return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | + CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | +- CRF_DSA_GENERATE_KEY, p); ++ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p); + case CRIOGET: + fd = clonefd(filp); + ret = put_user(fd, p); +@@ -997,7 +996,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + case CIOCKEY: + { + struct cryptodev_pkc *pkc = +- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); ++ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); + + if (!pkc) + return -ENOMEM; +@@ -1053,7 +1052,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + case CIOCASYMASYNCRYPT: + { + struct cryptodev_pkc *pkc = +- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); ++ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); + ret = kop_from_user(&pkc->kop, arg); + + if (unlikely(ret)) +@@ -1070,13 +1069,12 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + case CIOCASYMFETCHCOOKIE: + { + struct cryptodev_pkc *pkc; +- unsigned long flags; + int i; + struct pkc_cookie_list_s cookie_list; + +- spin_lock_irqsave(&pcr->completion_lock, flags); + cookie_list.cookie_available = 0; + for (i = 0; i < MAX_COOKIES; i++) { ++ spin_lock_bh(&pcr->completion_lock); + if (!list_empty(&pcr->asym_completed_list)) { + /* Run a loop in the list for upto elements + and copy their response back */ +@@ -1084,6 +1082,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + list_first_entry(&pcr->asym_completed_list, + struct cryptodev_pkc, list); + list_del(&pkc->list); ++ spin_unlock_bh(&pcr->completion_lock); + ret = crypto_async_fetch_asym(pkc); + if (!ret) { + cookie_list.cookie_available++; +@@ -1093,10 +1092,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + } + kfree(pkc); + } else { ++ spin_unlock_bh(&pcr->completion_lock); + break; + } + } +- spin_unlock_irqrestore(&pcr->completion_lock, flags); + + /* Reflect the updated request to user-space */ + if (cookie_list.cookie_available) +@@ -1386,14 +1385,13 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + case COMPAT_CIOCASYMFETCHCOOKIE: + { + struct cryptodev_pkc *pkc; +- unsigned long flags; + int i = 0; + struct compat_pkc_cookie_list_s cookie_list; + +- spin_lock_irqsave(&pcr->completion_lock, flags); + cookie_list.cookie_available = 0; + + for (i = 0; i < MAX_COOKIES; i++) { ++ spin_lock_bh(&pcr->completion_lock); + if (!list_empty(&pcr->asym_completed_list)) { + /* Run a loop in the list for upto elements + and copy their response back */ +@@ -1401,6 +1399,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + list_first_entry(&pcr->asym_completed_list, + struct cryptodev_pkc, list); + list_del(&pkc->list); ++ spin_unlock_bh(&pcr->completion_lock); + ret = crypto_async_fetch_asym(pkc); + if (!ret) { + cookie_list.cookie_available++; +@@ -1409,10 +1408,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + } + kfree(pkc); + } else { ++ spin_unlock_bh(&pcr->completion_lock); + break; + } + } +- spin_unlock_irqrestore(&pcr->completion_lock, flags); + + /* Reflect the updated request to user-space */ + if (cookie_list.cookie_available) +diff --git a/main.c b/main.c +index c901bc7..2747706 100644 +--- a/main.c ++++ b/main.c +@@ -215,7 +215,9 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) + pkc_req->type = DSA_SIGN; + } + +- buf = kzalloc(buf_size, GFP_DMA); ++ buf = kmalloc(buf_size, GFP_DMA); ++ if (!buf) ++ return -ENOMEM; + + dsa_req->q = buf; + dsa_req->r = dsa_req->q + dsa_req->q_len; +@@ -298,7 +300,9 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) + pkc_req->type = DSA_VERIFY; + } + +- buf = kzalloc(buf_size, GFP_DMA); ++ buf = kmalloc(buf_size, GFP_DMA); ++ if (!buf) ++ return -ENOMEM; + + dsa_req->q = buf; + dsa_req->r = dsa_req->q + dsa_req->q_len; +@@ -378,7 +382,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) + pkc_req->curve_type = cop->curve_type; + } + +- buf = kzalloc(buf_size, GFP_DMA); ++ buf = kmalloc(buf_size, GFP_DMA); + if (!buf) + return -ENOMEM; + +@@ -390,25 +394,28 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) + copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); + copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); + copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); +- if (cop->crk_iparams == 3) { +- copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p, +- key_req->pub_key_len); +- copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p, +- key_req->priv_key_len); +- } else { ++ if (cop->crk_iparams == 4) { + key_req->ab = key_req->priv_key + key_req->priv_key_len; + copy_from_user(key_req->ab, cop->crk_param[3].crp_p, + key_req->ab_len); +- copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p, +- key_req->pub_key_len); +- copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p, +- key_req->priv_key_len); + } + + rc = cryptodev_pkc_offload(pkc); + if (pkc->type == SYNCHRONOUS) { + if (rc) + goto err; ++ ++ if (cop->crk_iparams == 4) { ++ copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key, ++ key_req->pub_key_len); ++ copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key, ++ key_req->priv_key_len); ++ } else { ++ copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key, ++ key_req->pub_key_len); ++ copy_to_user(cop->crk_param[4].crp_p, ++ key_req->priv_key, key_req->priv_key_len); ++ } + } else { + if (rc != -EINPROGRESS && !rc) + goto err; +@@ -447,7 +454,9 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) + pkc_req->type = DH_COMPUTE_KEY; + } + buf_size += dh_req->z_len; +- buf = kzalloc(buf_size, GFP_DMA); ++ buf = kmalloc(buf_size, GFP_DMA); ++ if (!buf) ++ return -ENOMEM; + dh_req->q = buf; + dh_req->s = dh_req->q + dh_req->q_len; + dh_req->pub_key = dh_req->s + dh_req->s_len; +@@ -508,9 +517,11 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) + rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8; + rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8; + rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8; +- buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + ++ buf = kmalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + + rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len + + rsa_req->g_len, GFP_DMA); ++ if (!buf) ++ return -ENOMEM; + rsa_req->p = buf; + rsa_req->q = rsa_req->p + rsa_req->p_len; + rsa_req->g = rsa_req->q + rsa_req->q_len; +@@ -563,7 +574,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) + rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; + rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; + rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; +- buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len ++ buf = kmalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len + + rsa_req->g_len, GFP_DMA); + if (!buf) + return -ENOMEM; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch b/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch new file mode 100644 index 00000000..d251c660 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch @@ -0,0 +1,170 @@ +From 5127db3483a2e4f6dc13330bea7237931c5f15a0 Mon Sep 17 00:00:00 2001 +From: Hou Zhiqiang +Date: Wed, 19 Mar 2014 14:02:46 +0800 +Subject: [PATCH 08/15] Add RSA Key generation offloading + +Upstream-status: Pending + +Signed-off-by: Hou Zhiqiang +Tested-by: Cristian Stoica +--- + cryptlib.c | 1 + + crypto/cryptodev.h | 2 ++ + ioctl.c | 3 +- + main.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++- + 4 files changed, 84 insertions(+), 2 deletions(-) + +diff --git a/cryptlib.c b/cryptlib.c +index 47cd568..4dd1847 100644 +--- a/cryptlib.c ++++ b/cryptlib.c +@@ -441,6 +441,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) + struct pkc_request *pkc_req = &pkc->req, *pkc_requested; + + switch (pkc_req->type) { ++ case RSA_KEYGEN: + case RSA_PUB: + case RSA_PRIV_FORM1: + case RSA_PRIV_FORM2: +diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h +index 275a55c..d0cc542 100644 +--- a/crypto/cryptodev.h ++++ b/crypto/cryptodev.h +@@ -270,6 +270,7 @@ enum cryptodev_crk_op_t { + CRK_DH_COMPUTE_KEY = 4, + CRK_DSA_GENERATE_KEY = 5, + CRK_DH_GENERATE_KEY = 6, ++ CRK_RSA_GENERATE_KEY = 7, + CRK_ALGORITHM_ALL + }; + +@@ -279,6 +280,7 @@ enum cryptodev_crk_op_t { + */ + #define CRF_MOD_EXP (1 << CRK_MOD_EXP) + #define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT) ++#define CRF_RSA_GENERATE_KEY (1 << CRK_RSA_GENERATE_KEY) + #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) + #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) + #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) +diff --git a/ioctl.c b/ioctl.c +index e4e16a8..3762a47 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -957,7 +957,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + case CIOCASYMFEAT: + return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | + CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | +- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p); ++ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY | ++ CRF_RSA_GENERATE_KEY, p); + case CRIOGET: + fd = clonefd(filp); + ret = put_user(fd, p); +diff --git a/main.c b/main.c +index 2747706..14dcf40 100644 +--- a/main.c ++++ b/main.c +@@ -346,6 +346,82 @@ err: + return rc; + } + ++int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) ++{ ++ struct kernel_crypt_kop *kop = &pkc->kop; ++ struct crypt_kop *cop = &kop->kop; ++ struct pkc_request *pkc_req; ++ struct rsa_keygen_req_s *key_req; ++ int rc, buf_size; ++ uint8_t *buf; ++ ++ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || ++ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || ++ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || ++ !cop->crk_param[6].crp_nbits) ++ return -EINVAL; ++ ++ pkc_req = &pkc->req; ++ pkc_req->type = RSA_KEYGEN; ++ key_req = &pkc_req->req_u.rsa_keygen; ++ key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; ++ key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8; ++ key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8; ++ key_req->n_len = (cop->crk_param[2].crp_nbits + 7) / 8; ++ key_req->d_len = (cop->crk_param[3].crp_nbits + 7) / 8; ++ key_req->dp_len = (cop->crk_param[4].crp_nbits + 7) / 8; ++ key_req->dq_len = (cop->crk_param[5].crp_nbits + 7) / 8; ++ key_req->c_len = (cop->crk_param[6].crp_nbits + 7) / 8; ++ ++ buf_size = key_req->p_len + key_req->q_len + key_req->n_len + ++ key_req->d_len + key_req->dp_len + ++ key_req->dq_len + key_req->c_len; ++ ++ buf = kmalloc(buf_size, GFP_DMA); ++ if (!buf) ++ return -ENOMEM; ++ key_req->p = buf; ++ key_req->q = key_req->p + key_req->p_len; ++ key_req->n = key_req->q + key_req->q_len; ++ key_req->d = key_req->n + key_req->n_len; ++ key_req->dp = key_req->d + key_req->d_len; ++ key_req->dq = key_req->dp + key_req->dp_len; ++ key_req->c = key_req->dq + key_req->dq_len; ++ ++ rc = cryptodev_pkc_offload(pkc); ++ ++ if (pkc->type == SYNCHRONOUS) { ++ if (rc) ++ goto err; ++ ++ copy_to_user(cop->crk_param[0].crp_p, ++ key_req->p, key_req->p_len); ++ copy_to_user(cop->crk_param[1].crp_p, ++ key_req->q, key_req->q_len); ++ copy_to_user(cop->crk_param[2].crp_p, ++ key_req->n, key_req->n_len); ++ copy_to_user(cop->crk_param[3].crp_p, ++ key_req->d, key_req->d_len); ++ copy_to_user(cop->crk_param[4].crp_p, ++ key_req->dp, key_req->dp_len); ++ copy_to_user(cop->crk_param[5].crp_p, ++ key_req->dq, key_req->dq_len); ++ copy_to_user(cop->crk_param[6].crp_p, ++ key_req->c, key_req->c_len); ++ } else { ++ if (rc != -EINPROGRESS && !rc) { ++ printk("%s: Failed\n", __func__); ++ goto err; ++ } ++ pkc->cookie = buf; ++ return rc; ++ } ++err: ++ kfree(buf); ++ return rc; ++ ++} ++ + int crypto_kop_keygen(struct cryptodev_pkc *pkc) + { + struct kernel_crypt_kop *kop = &pkc->kop; +@@ -385,7 +461,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) + buf = kmalloc(buf_size, GFP_DMA); + if (!buf) + return -ENOMEM; +- + key_req->q = buf; + key_req->r = key_req->q + key_req->q_len; + key_req->g = key_req->r + key_req->r_len; +@@ -650,6 +725,9 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) + goto err; + ret = crypto_kop_keygen(pkc); + break; ++ case CRK_RSA_GENERATE_KEY: ++ ret = crypto_kop_rsa_keygen(pkc); ++ break; + } + err: + return ret; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch b/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch new file mode 100644 index 00000000..2213faec --- /dev/null +++ b/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch @@ -0,0 +1,160 @@ +From 800af48d0c26830943ca2308dd426b5b09811750 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta +Date: Thu, 17 Apr 2014 07:08:47 +0545 +Subject: [PATCH 09/15] Fixed compilation error of openssl with fsl cryptodev + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta +Tested-by: Cristian Stoica +--- + authenc.c | 1 + + cryptlib.c | 9 ++++----- + crypto/cryptodev.h | 9 ++++++++- + cryptodev_int.h | 2 +- + ioctl.c | 8 ++++++-- + main.c | 1 + + 6 files changed, 21 insertions(+), 9 deletions(-) + +diff --git a/authenc.c b/authenc.c +index ef0d3db..2aa4d38 100644 +--- a/authenc.c ++++ b/authenc.c +@@ -2,6 +2,7 @@ + * Driver for /dev/crypto device (aka CryptoDev) + * + * Copyright (c) 2011, 2012 OpenSSL Software Foundation, Inc. ++ * Copyright (c) 2014 Freescale Semiconductor, Inc. + * + * Author: Nikos Mavrogiannopoulos + * +diff --git a/cryptlib.c b/cryptlib.c +index 4dd1847..ec6693e 100644 +--- a/cryptlib.c ++++ b/cryptlib.c +@@ -4,8 +4,7 @@ + * Copyright (c) 2010,2011 Nikos Mavrogiannopoulos + * Portions Copyright (c) 2010 Michael Weiser + * Portions Copyright (c) 2010 Phil Sutter +- * +- * Copyright 2012 Freescale Semiconductor, Inc. ++ * Copyright 2012-2014 Freescale Semiconductor, Inc. + * + * This file is part of linux cryptodev. + * +@@ -144,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, + if (alg->max_keysize > 0 && + unlikely((keylen < alg->min_keysize) || + (keylen > alg->max_keysize))) { +- ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.", ++ ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", + keylen, alg_name, alg->min_keysize, alg->max_keysize); + ret = -EINVAL; + goto error; +@@ -171,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, + } + + if (unlikely(ret)) { +- ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8); ++ ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); + ret = -EINVAL; + goto error; + } +@@ -338,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, + if (hmac_mode != 0) { + ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen); + if (unlikely(ret)) { +- ddebug(1, "Setting hmac key failed for %s-%zu.", ++ ddebug(1, "Setting hmac key failed for %s-%u.", + alg_name, mackeylen*8); + ret = -EINVAL; + goto error; +diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h +index d0cc542..e7edd97 100644 +--- a/crypto/cryptodev.h ++++ b/crypto/cryptodev.h +@@ -234,6 +234,13 @@ struct crypt_auth_op { + #define CRYPTO_ALG_FLAG_RNG_ENABLE 2 + #define CRYPTO_ALG_FLAG_DSA_SHA 4 + ++enum ec_curve_t { ++ EC_DISCRETE_LOG, ++ EC_PRIME, ++ EC_BINARY, ++ MAX_EC_TYPE ++}; ++ + struct crparam { + __u8 *crp_p; + __u32 crp_nbits; +@@ -249,7 +256,7 @@ struct crypt_kop { + __u16 crk_oparams; + __u32 crk_pad1; + struct crparam crk_param[CRK_MAXPARAM]; +- enum curve_t curve_type; /* 0 == Discrete Log, ++ enum ec_curve_t curve_type; /* 0 == Discrete Log, + 1 = EC_PRIME, 2 = EC_BINARY */ + void *cookie; + }; +diff --git a/cryptodev_int.h b/cryptodev_int.h +index 5347cae..c83c885 100644 +--- a/cryptodev_int.h ++++ b/cryptodev_int.h +@@ -88,7 +88,7 @@ struct compat_crypt_kop { + uint16_t crk_oparams; + uint32_t crk_pad1; + struct compat_crparam crk_param[CRK_MAXPARAM]; +- enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, ++ enum ec_curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, + 2 = EC_BINARY */ + compat_uptr_t cookie; + }; +diff --git a/ioctl.c b/ioctl.c +index 3762a47..c97320b 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -4,7 +4,7 @@ + * Copyright (c) 2004 Michal Ludvig , SuSE Labs + * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos + * Copyright (c) 2010 Phil Sutter +- * Copyright 2012 Freescale Semiconductor, Inc. ++ * Copyright 2012-2014 Freescale Semiconductor, Inc. + * + * This file is part of linux cryptodev. + * +@@ -501,6 +501,7 @@ cryptodev_open(struct inode *inode, struct file *filp) + INIT_LIST_HEAD(&pcr->done.list); + INIT_LIST_HEAD(&pcr->asym_completed_list); + spin_lock_init(&pcr->completion_lock); ++ + INIT_WORK(&pcr->cryptask, cryptask_routine); + + init_waitqueue_head(&pcr->user_waiter); +@@ -780,8 +781,11 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) + + if (cop->iv) { + rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen); +- if (unlikely(rc)) ++ if (unlikely(rc)) { ++ derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p", ++ kcop->ivlen, rc, cop->iv); + return -EFAULT; ++ } + } + + return 0; +diff --git a/main.c b/main.c +index 14dcf40..6365911 100644 +--- a/main.c ++++ b/main.c +@@ -3,6 +3,7 @@ + * + * Copyright (c) 2004 Michal Ludvig , SuSE Labs + * Copyright (c) 2009-2013 Nikos Mavrogiannopoulos ++ * Copyright (c) 2014 Freescale Semiconductor, Inc. + * + * This file is part of linux cryptodev. + * +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch b/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch new file mode 100644 index 00000000..20321595 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch @@ -0,0 +1,54 @@ +From 55ee0ae703a68db74a492f5910937260502b9602 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Tue, 10 Jun 2014 08:27:59 +0300 +Subject: [PATCH 10/15] add support for composite TLS10(SHA1,3DES) algorithm + offload + +This adds support for composite algorithm offload in a single crypto +(cipher + hmac) operation. + +It requires either software or hardware TLS support in the Linux kernel +and can be used with Freescale B*, P* and T* platforms that have support +for hardware TLS acceleration. + +Change-Id: Ibce0ceb4174809c9c96b453cd3202bc5220ff084 +Signed-off-by: Tudor Ambarus +Reviewed-on: http://git.am.freescale.net:8181/34000 +Reviewed-by: Cristian Stoica +Tested-by: Cristian Stoica +--- + crypto/cryptodev.h | 1 + + ioctl.c | 5 +++++ + 2 files changed, 6 insertions(+) + +diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h +index e7edd97..07f40b2 100644 +--- a/crypto/cryptodev.h ++++ b/crypto/cryptodev.h +@@ -55,6 +55,7 @@ enum cryptodev_crypto_op_t { + CRYPTO_SHA2_512, + CRYPTO_SHA2_224_HMAC, + CRYPTO_TLS10_AES_CBC_HMAC_SHA1, ++ CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, + CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ + }; + +diff --git a/ioctl.c b/ioctl.c +index c97320b..574e913 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -191,6 +191,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) + stream = 0; + aead = 1; + break; ++ case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: ++ alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; ++ stream = 0; ++ aead = 1; ++ break; + case CRYPTO_NULL: + alg_name = "ecb(cipher_null)"; + stream = 1; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch b/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch new file mode 100644 index 00000000..37862b55 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch @@ -0,0 +1,76 @@ +From 06cca15fd0412ae872c2b2c5d50216e1eb34fc50 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Tue, 31 Mar 2015 16:15:47 +0300 +Subject: [PATCH 11/15] add support for TLSv1.1 record offload + +This adds support for composite algorithm offload in a single crypto +(cipher + hmac) operation. + +Supported cipher suites: +- 3des-ede-cbc-sha +- aes-128-cbc-hmac-sha +- aes-256-cbc-hmac-sha + +It requires either software or hardware TLS support in the Linux kernel +and can be used with Freescale B*, P* and T* platforms that have support +for hardware TLS acceleration. + +Signed-off-by: Tudor Ambarus +Change-Id: Ia5f3fa7ec090d5643d71b0f608c68a274ec6b51f +Reviewed-on: http://git.am.freescale.net:8181/33998 +Reviewed-by: Cristian Stoica +Tested-by: Cristian Stoica +--- + crypto/cryptodev.h | 4 +++- + ioctl.c | 14 ++++++++++++-- + 2 files changed, 15 insertions(+), 3 deletions(-) + +diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h +index 07f40b2..61e8599 100644 +--- a/crypto/cryptodev.h ++++ b/crypto/cryptodev.h +@@ -54,8 +54,10 @@ enum cryptodev_crypto_op_t { + CRYPTO_SHA2_384, + CRYPTO_SHA2_512, + CRYPTO_SHA2_224_HMAC, +- CRYPTO_TLS10_AES_CBC_HMAC_SHA1, + CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, ++ CRYPTO_TLS10_AES_CBC_HMAC_SHA1, ++ CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, ++ CRYPTO_TLS11_AES_CBC_HMAC_SHA1, + CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ + }; + +diff --git a/ioctl.c b/ioctl.c +index 574e913..ba82387 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -186,13 +186,23 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) + stream = 1; + aead = 1; + break; ++ case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: ++ alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; ++ stream = 0; ++ aead = 1; ++ break; + case CRYPTO_TLS10_AES_CBC_HMAC_SHA1: + alg_name = "tls10(hmac(sha1),cbc(aes))"; + stream = 0; + aead = 1; + break; +- case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: +- alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; ++ case CRYPTO_TLS11_3DES_CBC_HMAC_SHA1: ++ alg_name = "tls11(hmac(sha1),cbc(des3_ede))"; ++ stream = 0; ++ aead = 1; ++ break; ++ case CRYPTO_TLS11_AES_CBC_HMAC_SHA1: ++ alg_name = "tls11(hmac(sha1),cbc(aes))"; + stream = 0; + aead = 1; + break; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch b/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch new file mode 100644 index 00000000..6aa672a7 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch @@ -0,0 +1,72 @@ +From 15999e402dd7472cafe51be3fd0ce66433ca924b Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Tue, 31 Mar 2015 16:16:28 +0300 +Subject: [PATCH 12/15] add support for TLSv1.2 record offload + +This adds support for composite algorithm offload in a single crypto +(cipher + hmac) operation. + +Supported cipher suites: +- 3des-ede-cbc-sha +- aes-128-cbc-hmac-sha +- aes-256-cbc-hmac-sha +- aes-128-cbc-hmac-sha256 +- aes-256-cbc-hmac-sha256 + +It requires either software or hardware TLS support in the Linux kernel +and can be used with Freescale B*, P* and T* platforms that have support +for hardware TLS acceleration. + +Signed-off-by: Tudor Ambarus +Change-Id: I21f45993505fc3dad09848a13aa20f778a7c2de0 +Reviewed-on: http://git.am.freescale.net:8181/33999 +Reviewed-by: Cristian Stoica +Tested-by: Cristian Stoica +--- + crypto/cryptodev.h | 3 +++ + ioctl.c | 15 +++++++++++++++ + 2 files changed, 18 insertions(+) + +diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h +index 61e8599..f6058ca 100644 +--- a/crypto/cryptodev.h ++++ b/crypto/cryptodev.h +@@ -58,6 +58,9 @@ enum cryptodev_crypto_op_t { + CRYPTO_TLS10_AES_CBC_HMAC_SHA1, + CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, + CRYPTO_TLS11_AES_CBC_HMAC_SHA1, ++ CRYPTO_TLS12_3DES_CBC_HMAC_SHA1, ++ CRYPTO_TLS12_AES_CBC_HMAC_SHA1, ++ CRYPTO_TLS12_AES_CBC_HMAC_SHA256, + CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ + }; + +diff --git a/ioctl.c b/ioctl.c +index ba82387..fb4c4e3 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -206,6 +206,21 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) + stream = 0; + aead = 1; + break; ++ case CRYPTO_TLS12_3DES_CBC_HMAC_SHA1: ++ alg_name = "tls12(hmac(sha1),cbc(des3_ede))"; ++ stream = 0; ++ aead = 1; ++ break; ++ case CRYPTO_TLS12_AES_CBC_HMAC_SHA1: ++ alg_name = "tls12(hmac(sha1),cbc(aes))"; ++ stream = 0; ++ aead = 1; ++ break; ++ case CRYPTO_TLS12_AES_CBC_HMAC_SHA256: ++ alg_name = "tls12(hmac(sha256),cbc(aes))"; ++ stream = 0; ++ aead = 1; ++ break; + case CRYPTO_NULL: + alg_name = "ecb(cipher_null)"; + stream = 1; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch b/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch new file mode 100644 index 00000000..86cf6a2b --- /dev/null +++ b/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch @@ -0,0 +1,186 @@ +From 39abcb9cea60540528e848d6c66169c36d666861 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Fri, 20 Feb 2015 12:46:58 +0200 +Subject: [PATCH 13/15] clean-up code layout + +Signed-off-by: Cristian Stoica +Change-Id: I92c2f4baeed9470a2c3c42b592d878e65918b0af +Reviewed-on: http://git.am.freescale.net:8181/34222 +--- + cryptlib.c | 11 ++++------- + ioctl.c | 55 +++++++++++++++++++++---------------------------------- + main.c | 4 +--- + 3 files changed, 26 insertions(+), 44 deletions(-) + +diff --git a/cryptlib.c b/cryptlib.c +index ec6693e..21e691b 100644 +--- a/cryptlib.c ++++ b/cryptlib.c +@@ -434,7 +434,7 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) + return waitfor(hdata->async.result, ret); + } + +-int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) ++int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) + { + int ret = 0; + struct pkc_request *pkc_req = &pkc->req, *pkc_requested; +@@ -445,8 +445,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) + case RSA_PRIV_FORM1: + case RSA_PRIV_FORM2: + case RSA_PRIV_FORM3: +- pkc->s = crypto_alloc_pkc("pkc(rsa)", +- CRYPTO_ALG_TYPE_PKC_RSA, 0); ++ pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0); + break; + case DSA_SIGN: + case DSA_VERIFY: +@@ -454,13 +453,11 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) + case ECDSA_VERIFY: + case DLC_KEYGEN: + case ECC_KEYGEN: +- pkc->s = crypto_alloc_pkc("pkc(dsa)", +- CRYPTO_ALG_TYPE_PKC_DSA, 0); ++ pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0); + break; + case DH_COMPUTE_KEY: + case ECDH_COMPUTE_KEY: +- pkc->s = crypto_alloc_pkc("pkc(dh)", +- CRYPTO_ALG_TYPE_PKC_DH, 0); ++ pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0); + break; + default: + return -EINVAL; +diff --git a/ioctl.c b/ioctl.c +index fb4c4e3..ee0486c 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -714,16 +714,13 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) + case CRK_MOD_EXP: + { + struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; +- copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, +- rsa_req->g_len); ++ copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); + } + break; + case CRK_MOD_EXP_CRT: + { +- struct rsa_priv_frm3_req_s *rsa_req = +- &pkc_req->req_u.rsa_priv_f3; +- copy_to_user(ckop->crk_param[6].crp_p, +- rsa_req->f, rsa_req->f_len); ++ struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3; ++ copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); + } + break; + case CRK_DSA_SIGN: +@@ -731,15 +728,11 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) + struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; + + if (pkc_req->type == ECDSA_SIGN) { +- copy_to_user(ckop->crk_param[6].crp_p, +- dsa_req->c, dsa_req->d_len); +- copy_to_user(ckop->crk_param[7].crp_p, +- dsa_req->d, dsa_req->d_len); ++ copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); ++ copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); + } else { +- copy_to_user(ckop->crk_param[5].crp_p, +- dsa_req->c, dsa_req->d_len); +- copy_to_user(ckop->crk_param[6].crp_p, +- dsa_req->d, dsa_req->d_len); ++ copy_to_user(ckop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len); ++ copy_to_user(ckop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); + } + } + break; +@@ -749,11 +742,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) + { + struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; + if (pkc_req->type == ECDH_COMPUTE_KEY) +- copy_to_user(ckop->crk_param[4].crp_p, +- dh_req->z, dh_req->z_len); ++ copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); + else +- copy_to_user(ckop->crk_param[3].crp_p, +- dh_req->z, dh_req->z_len); ++ copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); + } + break; + case CRK_DSA_GENERATE_KEY: +@@ -763,14 +754,14 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) + + if (pkc_req->type == ECC_KEYGEN) { + copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, +- key_req->pub_key_len); +- copy_to_user(ckop->crk_param[5].crp_p, +- key_req->priv_key, key_req->priv_key_len); ++ key_req->pub_key_len); ++ copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, ++ key_req->priv_key_len); + } else { +- copy_to_user(ckop->crk_param[3].crp_p, +- key_req->pub_key, key_req->pub_key_len); +- copy_to_user(ckop->crk_param[4].crp_p, +- key_req->priv_key, key_req->priv_key_len); ++ copy_to_user(ckop->crk_param[3].crp_p, key_req->pub_key, ++ key_req->pub_key_len); ++ copy_to_user(ckop->crk_param[4].crp_p, key_req->priv_key, ++ key_req->priv_key_len); + } + } + default: +@@ -1113,16 +1104,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + if (!list_empty(&pcr->asym_completed_list)) { + /* Run a loop in the list for upto elements + and copy their response back */ +- pkc = +- list_first_entry(&pcr->asym_completed_list, ++ pkc = list_first_entry(&pcr->asym_completed_list, + struct cryptodev_pkc, list); + list_del(&pkc->list); + spin_unlock_bh(&pcr->completion_lock); + ret = crypto_async_fetch_asym(pkc); + if (!ret) { + cookie_list.cookie_available++; +- cookie_list.cookie[i] = +- pkc->kop.kop.cookie; ++ cookie_list.cookie[i] = pkc->kop.kop.cookie; + cookie_list.status[i] = pkc->result.err; + } + kfree(pkc); +@@ -1133,12 +1122,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + } + + /* Reflect the updated request to user-space */ +- if (cookie_list.cookie_available) +- copy_to_user(arg, &cookie_list, +- sizeof(struct pkc_cookie_list_s)); +- else { ++ if (cookie_list.cookie_available) { ++ copy_to_user(arg, &cookie_list, sizeof(struct pkc_cookie_list_s)); ++ } else { + struct pkc_cookie_list_s *user_ck_list = (void *)arg; +- + put_user(0, &(user_ck_list->cookie_available)); + } + ret = cookie_list.cookie_available; +diff --git a/main.c b/main.c +index 6365911..af66553 100644 +--- a/main.c ++++ b/main.c +@@ -666,9 +666,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) + if (pkc->type == SYNCHRONOUS) { + if (rc) + goto err; +- +- copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, +- rsa_req->g_len); ++ copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); + } else { + if (rc != -EINPROGRESS && rc != 0) + goto err; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch b/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch new file mode 100644 index 00000000..b9e9d2bd --- /dev/null +++ b/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch @@ -0,0 +1,494 @@ +From 34e765977633b5f81845c0183af6d388d8225f00 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Mon, 23 Feb 2015 12:14:07 +0200 +Subject: [PATCH 14/15] remove redundant data copy for pkc operations + +This patch removes a copy of a pkc request that was +allocated on the hot-path. The copy was not necessary +and was just slowing things down. + +Change-Id: I3ad85f78c188f100ab9fc03a5777bb704a9dcb63 +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/34223 +--- + cryptlib.c | 49 +++---------------- + cryptlib.h | 3 +- + ioctl.c | 17 +++---- + main.c | 162 +++++++++++++++++++++++++++++++++++++------------------------ + 4 files changed, 113 insertions(+), 118 deletions(-) + +diff --git a/cryptlib.c b/cryptlib.c +index 21e691b..5882a30 100644 +--- a/cryptlib.c ++++ b/cryptlib.c +@@ -436,59 +436,22 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) + + int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) + { +- int ret = 0; +- struct pkc_request *pkc_req = &pkc->req, *pkc_requested; +- +- switch (pkc_req->type) { +- case RSA_KEYGEN: +- case RSA_PUB: +- case RSA_PRIV_FORM1: +- case RSA_PRIV_FORM2: +- case RSA_PRIV_FORM3: +- pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0); +- break; +- case DSA_SIGN: +- case DSA_VERIFY: +- case ECDSA_SIGN: +- case ECDSA_VERIFY: +- case DLC_KEYGEN: +- case ECC_KEYGEN: +- pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0); +- break; +- case DH_COMPUTE_KEY: +- case ECDH_COMPUTE_KEY: +- pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0); +- break; +- default: +- return -EINVAL; +- } +- +- if (IS_ERR_OR_NULL(pkc->s)) +- return -EINVAL; ++ int ret; + + init_completion(&pkc->result.completion); +- pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL); +- +- if (unlikely(IS_ERR_OR_NULL(pkc_requested))) { +- ret = -ENOMEM; +- goto error; +- } +- pkc_requested->type = pkc_req->type; +- pkc_requested->curve_type = pkc_req->curve_type; +- memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u)); +- pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG, ++ pkc_request_set_callback(pkc->req, CRYPTO_TFM_REQ_MAY_BACKLOG, + cryptodev_complete_asym, pkc); +- ret = crypto_pkc_op(pkc_requested); ++ ret = crypto_pkc_op(pkc->req); + if (ret != -EINPROGRESS && ret != 0) +- goto error2; ++ goto error; + + if (pkc->type == SYNCHRONOUS) + ret = waitfor(&pkc->result, ret); + + return ret; +-error2: +- kfree(pkc_requested); ++ + error: ++ kfree(pkc->req); + crypto_free_pkc(pkc->s); + return ret; + } +diff --git a/cryptlib.h b/cryptlib.h +index 7ffa54c..4fac0c8 100644 +--- a/cryptlib.h ++++ b/cryptlib.h +@@ -110,8 +110,7 @@ struct cryptodev_pkc { + struct crypto_pkc *s; /* Transform pointer from CryptoAPI */ + struct cryptodev_result result; /* Result to be updated by + completion handler */ +- struct pkc_request req; /* PKC request structure allocated +- from CryptoAPI */ ++ struct pkc_request *req; /* PKC request allocated from CryptoAPI */ + enum offload_type type; /* Synchronous Vs Asynchronous request */ + /* + * cookie used for transfering tranparent information from async +diff --git a/ioctl.c b/ioctl.c +index ee0486c..797b73c 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -708,26 +708,25 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) + int ret = 0; + struct kernel_crypt_kop *kop = &pkc->kop; + struct crypt_kop *ckop = &kop->kop; +- struct pkc_request *pkc_req = &pkc->req; + + switch (ckop->crk_op) { + case CRK_MOD_EXP: + { +- struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; ++ struct rsa_pub_req_s *rsa_req = &pkc->req->req_u.rsa_pub_req; + copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); + } + break; + case CRK_MOD_EXP_CRT: + { +- struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3; ++ struct rsa_priv_frm3_req_s *rsa_req = &pkc->req->req_u.rsa_priv_f3; + copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); + } + break; + case CRK_DSA_SIGN: + { +- struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; ++ struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; + +- if (pkc_req->type == ECDSA_SIGN) { ++ if (pkc->req->type == ECDSA_SIGN) { + copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); + copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); + } else { +@@ -740,8 +739,8 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) + break; + case CRK_DH_COMPUTE_KEY: + { +- struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; +- if (pkc_req->type == ECDH_COMPUTE_KEY) ++ struct dh_key_req_s *dh_req = &pkc->req->req_u.dh_req; ++ if (pkc->req->type == ECDH_COMPUTE_KEY) + copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); + else + copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); +@@ -750,9 +749,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) + case CRK_DSA_GENERATE_KEY: + case CRK_DH_GENERATE_KEY: + { +- struct keygen_req_s *key_req = &pkc_req->req_u.keygen; ++ struct keygen_req_s *key_req = &pkc->req->req_u.keygen; + +- if (pkc_req->type == ECC_KEYGEN) { ++ if (pkc->req->type == ECC_KEYGEN) { + copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, + key_req->pub_key_len); + copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, +diff --git a/main.c b/main.c +index af66553..ed1c69a 100644 +--- a/main.c ++++ b/main.c +@@ -186,8 +186,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) + { + struct kernel_crypt_kop *kop = &pkc->kop; + struct crypt_kop *cop = &kop->kop; +- struct pkc_request *pkc_req = &pkc->req; +- struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; ++ struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; + int rc, buf_size; + uint8_t *buf; + +@@ -210,10 +209,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) + if (cop->crk_iparams == 6) { + dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; + buf_size += dsa_req->ab_len; +- pkc_req->type = ECDSA_SIGN; +- pkc_req->curve_type = cop->curve_type; +- } else { +- pkc_req->type = DSA_SIGN; ++ pkc->req->curve_type = cop->curve_type; + } + + buf = kmalloc(buf_size, GFP_DMA); +@@ -269,7 +265,6 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) + { + struct kernel_crypt_kop *kop = &pkc->kop; + struct crypt_kop *cop = &kop->kop; +- struct pkc_request *pkc_req; + struct dsa_verify_req_s *dsa_req; + int rc, buf_size; + uint8_t *buf; +@@ -281,8 +276,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) + !cop->crk_param[7].crp_nbits)) + return -EINVAL; + +- pkc_req = &pkc->req; +- dsa_req = &pkc_req->req_u.dsa_verify; ++ dsa_req = &pkc->req->req_u.dsa_verify; + dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; + dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; + dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; +@@ -295,10 +289,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) + if (cop->crk_iparams == 8) { + dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; + buf_size += dsa_req->ab_len; +- pkc_req->type = ECDSA_VERIFY; +- pkc_req->curve_type = cop->curve_type; +- } else { +- pkc_req->type = DSA_VERIFY; ++ pkc->req->curve_type = cop->curve_type; + } + + buf = kmalloc(buf_size, GFP_DMA); +@@ -351,7 +342,6 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) + { + struct kernel_crypt_kop *kop = &pkc->kop; + struct crypt_kop *cop = &kop->kop; +- struct pkc_request *pkc_req; + struct rsa_keygen_req_s *key_req; + int rc, buf_size; + uint8_t *buf; +@@ -362,9 +352,7 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) + !cop->crk_param[6].crp_nbits) + return -EINVAL; + +- pkc_req = &pkc->req; +- pkc_req->type = RSA_KEYGEN; +- key_req = &pkc_req->req_u.rsa_keygen; ++ key_req = &pkc->req->req_u.rsa_keygen; + key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; + key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8; + key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8; +@@ -427,7 +415,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) + { + struct kernel_crypt_kop *kop = &pkc->kop; + struct crypt_kop *cop = &kop->kop; +- struct pkc_request *pkc_req; + struct keygen_req_s *key_req; + int rc, buf_size; + uint8_t *buf; +@@ -437,8 +424,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) + !cop->crk_param[4].crp_nbits) + return -EINVAL; + +- pkc_req = &pkc->req; +- key_req = &pkc_req->req_u.keygen; ++ key_req = &pkc->req->req_u.keygen; + key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8; + key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8; + key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; +@@ -447,7 +433,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) + key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; + buf_size = key_req->q_len + key_req->r_len + key_req->g_len + + key_req->pub_key_len + key_req->priv_key_len; +- pkc_req->type = DLC_KEYGEN; + } else { + key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; + key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; +@@ -455,8 +440,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) + buf_size = key_req->q_len + key_req->r_len + key_req->g_len + + key_req->pub_key_len + key_req->priv_key_len + + key_req->ab_len; +- pkc_req->type = ECC_KEYGEN; +- pkc_req->curve_type = cop->curve_type; ++ pkc->req->curve_type = cop->curve_type; + } + + buf = kmalloc(buf_size, GFP_DMA); +@@ -508,26 +492,22 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) + { + struct kernel_crypt_kop *kop = &pkc->kop; + struct crypt_kop *cop = &kop->kop; +- struct pkc_request *pkc_req; + struct dh_key_req_s *dh_req; + int buf_size; + uint8_t *buf; + int rc = -EINVAL; + +- pkc_req = &pkc->req; +- dh_req = &pkc_req->req_u.dh_req; ++ dh_req = &pkc->req->req_u.dh_req; + dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; + dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8; + dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8; + buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len; + if (cop->crk_iparams == 4) { +- pkc_req->type = ECDH_COMPUTE_KEY; + dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; + dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8; + buf_size += dh_req->ab_len; + } else { + dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8; +- pkc_req->type = DH_COMPUTE_KEY; + } + buf_size += dh_req->z_len; + buf = kmalloc(buf_size, GFP_DMA); +@@ -539,7 +519,7 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) + dh_req->z = dh_req->pub_key + dh_req->pub_key_len; + if (cop->crk_iparams == 4) { + dh_req->ab = dh_req->z + dh_req->z_len; +- pkc_req->curve_type = cop->curve_type; ++ pkc->req->curve_type = cop->curve_type; + copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, + dh_req->ab_len); + } +@@ -573,7 +553,6 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) + { + struct kernel_crypt_kop *kop = &pkc->kop; + struct crypt_kop *cop = &kop->kop; +- struct pkc_request *pkc_req; + struct rsa_priv_frm3_req_s *rsa_req; + int rc; + uint8_t *buf; +@@ -583,9 +562,7 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) + !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits) + return -EINVAL; + +- pkc_req = &pkc->req; +- pkc_req->type = RSA_PRIV_FORM3; +- rsa_req = &pkc_req->req_u.rsa_priv_f3; ++ rsa_req = &pkc->req->req_u.rsa_priv_f3; + rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8; + rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; + rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; +@@ -632,7 +609,6 @@ err: + + int crypto_bn_modexp(struct cryptodev_pkc *pkc) + { +- struct pkc_request *pkc_req; + struct rsa_pub_req_s *rsa_req; + int rc; + struct kernel_crypt_kop *kop = &pkc->kop; +@@ -643,9 +619,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) + !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits) + return -EINVAL; + +- pkc_req = &pkc->req; +- pkc_req->type = RSA_PUB; +- rsa_req = &pkc_req->req_u.rsa_pub_req; ++ rsa_req = &pkc->req->req_u.rsa_pub_req; + rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8; + rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; + rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; +@@ -680,56 +654,116 @@ err: + return rc; + } + ++static struct { ++ char *alg_name; ++ u32 type; ++ u32 mask; ++} pkc_alg_list[] = { ++ {"pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0}, ++ {"pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0}, ++ {"pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0}, ++}; ++ + int crypto_run_asym(struct cryptodev_pkc *pkc) + { +- int ret = -EINVAL; ++ int err = -EINVAL; ++ int id; + struct kernel_crypt_kop *kop = &pkc->kop; ++ enum pkc_req_type pkc_req_type; ++ int (*call_next_action)(struct cryptodev_pkc *pkc); + + switch (kop->kop.crk_op) { + case CRK_MOD_EXP: + if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1) +- goto err; +- +- ret = crypto_bn_modexp(pkc); ++ return err; ++ pkc_req_type = RSA_PUB; ++ id = 0; ++ call_next_action = crypto_bn_modexp; + break; + case CRK_MOD_EXP_CRT: + if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1) +- goto err; +- +- ret = crypto_modexp_crt(pkc); ++ return err; ++ pkc_req_type = RSA_PRIV_FORM3; ++ id = 0; ++ call_next_action = crypto_modexp_crt; + break; + case CRK_DSA_SIGN: +- if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) || +- kop->kop.crk_oparams != 2) +- goto err; +- +- ret = crypto_kop_dsasign(pkc); ++ if (kop->kop.crk_oparams != 2) ++ return err; ++ else if (kop->kop.crk_iparams == 5) ++ pkc_req_type = DSA_SIGN; ++ else if (kop->kop.crk_iparams == 6) ++ pkc_req_type = ECDSA_SIGN; ++ else ++ return err; ++ id = 1; ++ call_next_action = crypto_kop_dsasign; + break; + case CRK_DSA_VERIFY: +- if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) || +- kop->kop.crk_oparams != 0) +- goto err; +- +- ret = crypto_kop_dsaverify(pkc); ++ if (kop->kop.crk_oparams != 0) ++ return err; ++ else if (kop->kop.crk_iparams == 7) ++ pkc_req_type = DSA_VERIFY; ++ else if (kop->kop.crk_iparams == 8) ++ pkc_req_type = ECDSA_VERIFY; ++ else ++ return err; ++ id = 1; ++ call_next_action = crypto_kop_dsaverify; + break; + case CRK_DH_COMPUTE_KEY: +- if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) || +- kop->kop.crk_oparams != 1) +- goto err; +- ret = crypto_kop_dh_key(pkc); ++ if (kop->kop.crk_oparams != 1) ++ return err; ++ else if (kop->kop.crk_iparams == 3) ++ pkc_req_type = DH_COMPUTE_KEY; ++ else if (kop->kop.crk_iparams == 4) ++ pkc_req_type = ECDH_COMPUTE_KEY; ++ else ++ return err; ++ id = 2; ++ call_next_action = crypto_kop_dh_key; + break; + case CRK_DH_GENERATE_KEY: + case CRK_DSA_GENERATE_KEY: +- if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4)) +- goto err; +- ret = crypto_kop_keygen(pkc); ++ if (kop->kop.crk_iparams == 3) ++ pkc_req_type = DLC_KEYGEN; ++ else if (kop->kop.crk_iparams == 4) ++ pkc_req_type = ECC_KEYGEN; ++ else ++ return err; ++ id = 1; ++ call_next_action = crypto_kop_keygen; + break; + case CRK_RSA_GENERATE_KEY: +- ret = crypto_kop_rsa_keygen(pkc); ++ pkc_req_type = RSA_KEYGEN; ++ id = 0; ++ call_next_action = crypto_kop_rsa_keygen; + break; ++ default: ++ return err; + } +-err: +- return ret; ++ err = -ENOMEM; ++ pkc->s = crypto_alloc_pkc(pkc_alg_list[id].alg_name, ++ pkc_alg_list[id].type, ++ pkc_alg_list[id].mask); ++ if (IS_ERR_OR_NULL(pkc->s)) ++ return err; ++ ++ pkc->req = pkc_request_alloc(pkc->s, GFP_KERNEL); ++ if (IS_ERR_OR_NULL(pkc->req)) ++ goto out_free_tfm; ++ ++ /* todo - fix alloc-free on error path */ ++ pkc->req->type = pkc_req_type; ++ err = call_next_action(pkc); ++ if (pkc->type == SYNCHRONOUS) ++ kfree(pkc->req); ++ ++ return err; ++ ++out_free_tfm: ++ crypto_free_pkc(pkc->s); ++ return err; + } + + int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop) +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch b/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch new file mode 100644 index 00000000..949fe121 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch @@ -0,0 +1,40 @@ +From 8361f99c940fbe270fca2112dae3d97c9a5776d6 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Mon, 23 Feb 2015 15:28:22 +0200 +Subject: [PATCH 15/15] fix pkc request deallocation + +The request to be freed is actually pkc->req, and should be done inside +the fetch ioctl for ASYNC (this patch) and in crypt ioctl for SYNC +operations. + +Change-Id: I6f046f2ebeae4cb513a419996ca96b52e37468ed +Signed-off-by: Cristian Stoica +Reviewed-on: http://git.am.freescale.net:8181/34224 +--- + ioctl.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/ioctl.c b/ioctl.c +index 797b73c..da3a842 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -114,8 +114,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) + /* wake for POLLIN */ + wake_up_interruptible(&pcr->user_waiter); + } +- +- kfree(req); + } + + #define FILL_SG(sg, ptr, len) \ +@@ -1113,6 +1111,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + cookie_list.cookie[i] = pkc->kop.kop.cookie; + cookie_list.status[i] = pkc->result.err; + } ++ kfree(pkc->req); + kfree(pkc); + } else { + spin_unlock_bh(&pcr->completion_lock); +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch b/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch new file mode 100644 index 00000000..cefb6dcc --- /dev/null +++ b/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch @@ -0,0 +1,37 @@ +From 586bc4a6cd1014c57364020013062f07a8861e38 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica +Date: Mon, 20 Apr 2015 13:18:47 +0300 +Subject: [PATCH] add basic detection of asym features + +Change-Id: I3b3ba8664bf631a63be1f11e715024509e20f841 +Signed-off-by: Cristian Stoica +--- + ioctl.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/ioctl.c b/ioctl.c +index da3a842..53dbf64 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -977,10 +977,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + + switch (cmd) { + case CIOCASYMFEAT: +- return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | +- CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | +- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY | +- CRF_RSA_GENERATE_KEY, p); ++ ses = 0; ++ if (crypto_has_alg("pkc(rsa)", 0, 0)) ++ ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_RSA_GENERATE_KEY; ++ if (crypto_has_alg("pkc(dsa)", 0, 0)) ++ ses |= CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DSA_GENERATE_KEY; ++ if (crypto_has_alg("pkc(dh)", 0, 0)) ++ ses |= CRF_DH_COMPUTE_KEY |CRF_DH_GENERATE_KEY; ++ return put_user(ses, p); + case CRIOGET: + fd = clonefd(filp); + ret = put_user(fd, p); +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch b/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch new file mode 100644 index 00000000..b3c36b3d --- /dev/null +++ b/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch @@ -0,0 +1,67 @@ +From 0ca641091b4113d73e75d30ef530c88836849308 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Fri, 29 May 2015 15:28:47 +0300 +Subject: [PATCH 17/20] remove dead code + +Functions kop_to_user and compat_kop_to_user are never used. Delete them +to avoid compiler warnings. + + +crypto/../../cryptodev-linux/ioctl.c:841:12: warning: 'kop_to_user' defined but not used [-Wunused-function] + static int kop_to_user(struct kernel_crypt_kop *kop, + ^ +crypto/../../cryptodev-linux/ioctl.c: At top level: +crypto/../../cryptodev-linux/ioctl.c:1195:12: warning: 'compat_kop_to_user' defined but not used [-Wunused-function] + static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) + ^ +Signed-off-by: Tudor Ambarus +Signed-off-by: Cristian Stoica +Change-Id: I6bd8a7eb6144224a20cd400813ab15a7a192dbb1 +Reviewed-on: http://git.am.freescale.net:8181/37440 +--- + ioctl.c | 22 ---------------------- + 1 file changed, 22 deletions(-) + +diff --git a/ioctl.c b/ioctl.c +index 53dbf64..39635a4 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -838,16 +838,6 @@ static int kop_from_user(struct kernel_crypt_kop *kop, + return fill_kop_from_cop(kop); + } + +-static int kop_to_user(struct kernel_crypt_kop *kop, +- void __user *arg) +-{ +- if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) { +- dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); +- return -EFAULT; +- } +- return 0; +-} +- + static int kcop_from_user(struct kernel_crypt_op *kcop, + struct fcrypt *fcr, void __user *arg) + { +@@ -1192,18 +1182,6 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop, + compat->curve_type = kop->curve_type; + } + +-static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) +-{ +- struct compat_crypt_kop compat_kop; +- +- crypt_kop_to_compat(&kop->kop, &compat_kop); +- if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) { +- dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); +- return -EFAULT; +- } +- return 0; +-} +- + static inline void + compat_to_session_op(struct compat_session_op *compat, struct session_op *sop) + { +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch b/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch new file mode 100644 index 00000000..bf93f5b1 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch @@ -0,0 +1,64 @@ +From 596378a22532908487f2c5e4d717c5ae618c4c7d Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Tue, 2 Jun 2015 10:44:12 +0300 +Subject: [PATCH 18/20] fix compat warnings + + CC [M] crypto/../../cryptodev-linux/ioctl.o +crypto/../../cryptodev-linux/ioctl.c: In function 'compat_to_crypt_kop': +crypto/../../cryptodev-linux/ioctl.c:1161:14: warning: assignment makes pointer from integer without a cast + kop->cookie = compat->cookie; + ^ +crypto/../../cryptodev-linux/ioctl.c: In function 'crypt_kop_to_compat': +crypto/../../cryptodev-linux/ioctl.c:1191:17: warning: assignment makes integer from pointer without a cast + compat->cookie = kop->cookie; + ^ +crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl': +crypto/../../cryptodev-linux/ioctl.c:1430:28: warning: assignment makes integer from pointer without a cast + cookie_list.cookie[i] = + ^ + +Signed-off-by: Tudor Ambarus +Change-Id: Id851408c0c743c01447f3b0ced38fbc1ae94d4db +Reviewed-on: http://git.am.freescale.net:8181/37442 +Reviewed-by: Cristian Stoica +Tested-by: Cristian Stoica +--- + ioctl.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/ioctl.c b/ioctl.c +index 39635a4..f3ce2f6 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -1148,7 +1148,7 @@ static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat, + } + + kop->curve_type = compat->curve_type; +- kop->cookie = compat->cookie; ++ kop->cookie = compat_ptr(compat->cookie); + } + + static int compat_kop_from_user(struct kernel_crypt_kop *kop, +@@ -1178,7 +1178,7 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop, + ptr_to_compat(kop->crk_param[i].crp_p); + compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits; + } +- compat->cookie = kop->cookie; ++ compat->cookie = ptr_to_compat(kop->cookie); + compat->curve_type = kop->curve_type; + } + +@@ -1405,8 +1405,8 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + ret = crypto_async_fetch_asym(pkc); + if (!ret) { + cookie_list.cookie_available++; +- cookie_list.cookie[i] = +- pkc->kop.kop.cookie; ++ cookie_list.cookie[i] = ptr_to_compat( ++ pkc->kop.kop.cookie); + } + kfree(pkc); + } else { +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch b/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch new file mode 100644 index 00000000..a71cff49 --- /dev/null +++ b/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch @@ -0,0 +1,61 @@ +From 1d10f06bef0f07980a08b387850c1daf1d3a8e87 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Tue, 2 Jun 2015 12:11:12 +0300 +Subject: [PATCH 19/20] fix size_t print format + + CC [M] crypto/../../cryptodev-linux/cryptlib.o +crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_cipher_init': +crypto/../../cryptodev-linux/cryptlib.c:146:5: warning: format '%u' expects argument of type 'unsigned int', but argument 6 has type 'size_t' [-Wformat=] + ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", + ^ +crypto/../../cryptodev-linux/cryptlib.c:173:3: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=] + ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); + ^ +crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_hash_init': +crypto/../../cryptodev-linux/cryptlib.c:340:4: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=] + ddebug(1, "Setting hmac key failed for %s-%u.", + ^ + +Signed-off-by: Tudor Ambarus +Change-Id: I67f2d79f68b4d62b598073c6a918a110523fadfd +Reviewed-on: http://git.am.freescale.net:8181/37443 +Reviewed-by: Cristian Stoica +Tested-by: Cristian Stoica +--- + cryptlib.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/cryptlib.c b/cryptlib.c +index 5882a30..10f5e1a 100644 +--- a/cryptlib.c ++++ b/cryptlib.c +@@ -143,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, + if (alg->max_keysize > 0 && + unlikely((keylen < alg->min_keysize) || + (keylen > alg->max_keysize))) { +- ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", ++ ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.", + keylen, alg_name, alg->min_keysize, alg->max_keysize); + ret = -EINVAL; + goto error; +@@ -170,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, + } + + if (unlikely(ret)) { +- ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); ++ ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8); + ret = -EINVAL; + goto error; + } +@@ -337,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, + if (hmac_mode != 0) { + ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen); + if (unlikely(ret)) { +- ddebug(1, "Setting hmac key failed for %s-%u.", ++ ddebug(1, "Setting hmac key failed for %s-%zu.", + alg_name, mackeylen*8); + ret = -EINVAL; + goto error; +-- +2.3.5 + diff --git a/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch b/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch new file mode 100644 index 00000000..a97a2d4e --- /dev/null +++ b/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch @@ -0,0 +1,38 @@ +From be9f6a0dc90847dbb00307d23f47b8b3fc3ff130 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Fri, 29 May 2015 15:49:22 +0300 +Subject: [PATCH 20/20] fix uninitialized variable compiler warning + +crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl': +crypto/../../cryptodev-linux/ioctl.c:1445:2: warning: 'ret' may be used uninitialized in this function [-Wmaybe-uninitialized] + return ret; + ^ + +Signed-off-by: Tudor Ambarus +Change-Id: Id5226fc97a3bb880ca6db86df58957122bbaa428 +Reviewed-on: http://git.am.freescale.net:8181/37441 +Reviewed-by: Cristian Stoica +Tested-by: Cristian Stoica +--- + ioctl.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/ioctl.c b/ioctl.c +index f3ce2f6..7cd3c56 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -1387,9 +1387,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) + case COMPAT_CIOCASYMFETCHCOOKIE: + { + struct cryptodev_pkc *pkc; +- int i = 0; ++ int i; + struct compat_pkc_cookie_list_s cookie_list; + ++ ret = 0; + cookie_list.cookie_available = 0; + + for (i = 0; i < MAX_COOKIES; i++) { +-- +2.3.5 + diff --git a/recipes-kernel/ipc/ipc-modules-multi_git.bb b/recipes-kernel/ipc/ipc-modules-multi_git.bb new file mode 100644 index 00000000..e5dc1151 --- /dev/null +++ b/recipes-kernel/ipc/ipc-modules-multi_git.bb @@ -0,0 +1,11 @@ +require ipc-modules.inc + +EXTRA_OEMAKE ="KERNEL_DIR=${STAGING_KERNEL_DIR} ${SOC}=1 CONFIG_MULTI_RAT=1" + +do_install(){ + install -d ${D}/usr/driver/IPC/multi_rat + install -m 755 ${S}/kernel/*.ko ${D}/usr/driver/IPC/multi_rat +} + +FILES_${PN} += "/usr/driver/IPC/multi_rat/*.ko" +FILES_${PN}-dbg += "/usr/driver/IPC/multi_rat/.debug" diff --git a/recipes-kernel/ipc/ipc-modules-single_git.bb b/recipes-kernel/ipc/ipc-modules-single_git.bb new file mode 100644 index 00000000..03817e0e --- /dev/null +++ b/recipes-kernel/ipc/ipc-modules-single_git.bb @@ -0,0 +1,11 @@ +require ipc-modules.inc + +EXTRA_OEMAKE ="KERNEL_DIR=${STAGING_KERNEL_DIR} ${SOC}=1" + +do_install(){ + install -d ${D}/usr/driver/IPC/single_rat + install -m 755 ${S}/kernel/*.ko ${D}/usr/driver/IPC/single_rat +} + +FILES_${PN} += "/usr/driver/IPC/single_rat/*.ko" +FILES_${PN}-dbg += "/usr/driver/IPC/single_rat/.debug" diff --git a/recipes-kernel/ipc/ipc-modules.inc b/recipes-kernel/ipc/ipc-modules.inc new file mode 100644 index 00000000..79ba7ef1 --- /dev/null +++ b/recipes-kernel/ipc/ipc-modules.inc @@ -0,0 +1,26 @@ +SUMMARY = "Linux IPC KERNEL MODULE " +DESCRIPTION = "DSP boot application and ipc test application" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=fa38cd73d71527dc6efb546474f64d10" + +require recipes-bsp/ipc/ipc.inc + +inherit module qoriq_build_64bit_kernel + +S = "${WORKDIR}/git" + +do_configure[depends] += "virtual/kernel:do_shared_workdir" +do_configure_prepend() { + sed -i 's,$(KERNEL_DIR)/.config,$(KBUILD_OUTPUT)/.config,' ${S}/kernel/Makefile +} + +do_compile_prepend () { + cd ${S}/kernel + case ${MACHINE} in + bsc9132qds|bsc9131rdb) SOC=B913x;; + b4860qds|b4420qds) SOC=B4860;; + esac +} + +INHIBIT_PACKAGE_STRIP = "1" + diff --git a/recipes-kernel/linux/files/modify-defconfig-t1040-nr-cpus.patch b/recipes-kernel/linux/files/modify-defconfig-t1040-nr-cpus.patch new file mode 100644 index 00000000..7d109edb --- /dev/null +++ b/recipes-kernel/linux/files/modify-defconfig-t1040-nr-cpus.patch @@ -0,0 +1,33 @@ +From 8545129540a5862b22aad03badb2a9f93bf29117 Mon Sep 17 00:00:00 2001 +From: Bob Cochran +Date: Mon, 3 Nov 2014 22:45:35 -0500 +Subject: [meta-fsl-ppc][PATCH] linux-qoriq: Change defconfig for T1040 to + match number of CPUS + +Having a number higher than necessary for NR_CPUS wastes memory by +instantiating unnecessary structures in RAM. An example is in the DPAA where +DPAA_ETH_TX_QUEUES is defined based on NR_CPUS and used to create +dozens of extra qman_fq structures. Using the prior value of 24, which was +left over from the T4240 created an additonal 60 frame queue structures alone. + +This has been tested on t1040rdb-64b. . + +Signed-off-by: Bob Cochran +--- + arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig b/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig +index a401e7c..5542248 100644 +--- a/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig ++++ b/arch/powerpc/configs/corenet32_fmanv3l_smp_defconfig +@@ -1,6 +1,6 @@ + CONFIG_PPC_85xx=y + CONFIG_SMP=y +-CONFIG_NR_CPUS=8 ++CONFIG_NR_CPUS=4 + CONFIG_EXPERIMENTAL=y + CONFIG_SYSVIPC=y + CONFIG_POSIX_MQUEUE=y +-- +1.7.9.5 diff --git a/recipes-kernel/linux/files/net-sctp-CVE-2014-0101.patch b/recipes-kernel/linux/files/net-sctp-CVE-2014-0101.patch new file mode 100644 index 00000000..ddcb6c5d --- /dev/null +++ b/recipes-kernel/linux/files/net-sctp-CVE-2014-0101.patch @@ -0,0 +1,145 @@ +From 00c53b02cb01976b35d37670a4b5c5d7a6ad3c62 Mon Sep 17 00:00:00 2001 +From: Daniel Borkmann +Date: Mon, 3 Mar 2014 17:23:04 +0100 +Subject: [PATCH] net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is + AUTH capable + +[ Upstream commit ec0223ec48a90cb605244b45f7c62de856403729 ] + +RFC4895 introduced AUTH chunks for SCTP; during the SCTP +handshake RANDOM; CHUNKS; HMAC-ALGO are negotiated (CHUNKS +being optional though): + + ---------- INIT[RANDOM; CHUNKS; HMAC-ALGO] ----------> + <------- INIT-ACK[RANDOM; CHUNKS; HMAC-ALGO] --------- + -------------------- COOKIE-ECHO --------------------> + <-------------------- COOKIE-ACK --------------------- + +A special case is when an endpoint requires COOKIE-ECHO +chunks to be authenticated: + + ---------- INIT[RANDOM; CHUNKS; HMAC-ALGO] ----------> + <------- INIT-ACK[RANDOM; CHUNKS; HMAC-ALGO] --------- + ------------------ AUTH; COOKIE-ECHO ----------------> + <-------------------- COOKIE-ACK --------------------- + +RFC4895, section 6.3. Receiving Authenticated Chunks says: + + The receiver MUST use the HMAC algorithm indicated in + the HMAC Identifier field. If this algorithm was not + specified by the receiver in the HMAC-ALGO parameter in + the INIT or INIT-ACK chunk during association setup, the + AUTH chunk and all the chunks after it MUST be discarded + and an ERROR chunk SHOULD be sent with the error cause + defined in Section 4.1. [...] If no endpoint pair shared + key has been configured for that Shared Key Identifier, + all authenticated chunks MUST be silently discarded. [...] + + When an endpoint requires COOKIE-ECHO chunks to be + authenticated, some special procedures have to be followed + because the reception of a COOKIE-ECHO chunk might result + in the creation of an SCTP association. If a packet arrives + containing an AUTH chunk as a first chunk, a COOKIE-ECHO + chunk as the second chunk, and possibly more chunks after + them, and the receiver does not have an STCB for that + packet, then authentication is based on the contents of + the COOKIE-ECHO chunk. In this situation, the receiver MUST + authenticate the chunks in the packet by using the RANDOM + parameters, CHUNKS parameters and HMAC_ALGO parameters + obtained from the COOKIE-ECHO chunk, and possibly a local + shared secret as inputs to the authentication procedure + specified in Section 6.3. If authentication fails, then + the packet is discarded. If the authentication is successful, + the COOKIE-ECHO and all the chunks after the COOKIE-ECHO + MUST be processed. If the receiver has an STCB, it MUST + process the AUTH chunk as described above using the STCB + from the existing association to authenticate the + COOKIE-ECHO chunk and all the chunks after it. [...] + +Commit bbd0d59809f9 introduced the possibility to receive +and verification of AUTH chunk, including the edge case for +authenticated COOKIE-ECHO. On reception of COOKIE-ECHO, +the function sctp_sf_do_5_1D_ce() handles processing, +unpacks and creates a new association if it passed sanity +checks and also tests for authentication chunks being +present. After a new association has been processed, it +invokes sctp_process_init() on the new association and +walks through the parameter list it received from the INIT +chunk. It checks SCTP_PARAM_RANDOM, SCTP_PARAM_HMAC_ALGO +and SCTP_PARAM_CHUNKS, and copies them into asoc->peer +meta data (peer_random, peer_hmacs, peer_chunks) in case +sysctl -w net.sctp.auth_enable=1 is set. If in INIT's +SCTP_PARAM_SUPPORTED_EXT parameter SCTP_CID_AUTH is set, +peer_random != NULL and peer_hmacs != NULL the peer is to be +assumed asoc->peer.auth_capable=1, in any other case +asoc->peer.auth_capable=0. + +Now, if in sctp_sf_do_5_1D_ce() chunk->auth_chunk is +available, we set up a fake auth chunk and pass that on to +sctp_sf_authenticate(), which at latest in +sctp_auth_calculate_hmac() reliably dereferences a NULL pointer +at position 0..0008 when setting up the crypto key in +crypto_hash_setkey() by using asoc->asoc_shared_key that is +NULL as condition key_id == asoc->active_key_id is true if +the AUTH chunk was injected correctly from remote. This +happens no matter what net.sctp.auth_enable sysctl says. + +The fix is to check for net->sctp.auth_enable and for +asoc->peer.auth_capable before doing any operations like +sctp_sf_authenticate() as no key is activated in +sctp_auth_asoc_init_active_key() for each case. + +Now as RFC4895 section 6.3 states that if the used HMAC-ALGO +passed from the INIT chunk was not used in the AUTH chunk, we +SHOULD send an error; however in this case it would be better +to just silently discard such a maliciously prepared handshake +as we didn't even receive a parameter at all. Also, as our +endpoint has no shared key configured, section 6.3 says that +MUST silently discard, which we are doing from now onwards. + +Before calling sctp_sf_pdiscard(), we need not only to free +the association, but also the chunk->auth_chunk skb, as +commit bbd0d59809f9 created a skb clone in that case. + +I have tested this locally by using netfilter's nfqueue and +re-injecting packets into the local stack after maliciously +modifying the INIT chunk (removing RANDOM; HMAC-ALGO param) +and the SCTP packet containing the COOKIE_ECHO (injecting +AUTH chunk before COOKIE_ECHO). Fixed with this patch applied. + +This fixes CVE-2014-0101 +Upstream-Status: Backport + +Fixes: bbd0d59809f9 ("[SCTP]: Implement the receive and verification of AUTH chunk") +Signed-off-by: Daniel Borkmann +Cc: Vlad Yasevich +Cc: Neil Horman +Acked-by: Vlad Yasevich +Signed-off-by: David S. Miller +Signed-off-by: Jiri Slaby +Signed-off-by: Sona Sarmadi +--- + net/sctp/sm_statefuns.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c +index dfe3f36..56ebe71 100644 +--- a/net/sctp/sm_statefuns.c ++++ b/net/sctp/sm_statefuns.c +@@ -768,6 +768,13 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(struct net *net, + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + } + ++ /* Make sure that we and the peer are AUTH capable */ ++ if (!net->sctp.auth_enable || !new_asoc->peer.auth_capable) { ++ kfree_skb(chunk->auth_chunk); ++ sctp_association_free(new_asoc); ++ return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); ++ } ++ + /* set-up our fake chunk so that we can process it */ + auth.skb = chunk->auth_chunk; + auth.asoc = chunk->asoc; +-- +1.9.1 + diff --git a/recipes-kernel/linux/linux-qoriq.inc b/recipes-kernel/linux/linux-qoriq.inc new file mode 100644 index 00000000..a832b46a --- /dev/null +++ b/recipes-kernel/linux/linux-qoriq.inc @@ -0,0 +1,46 @@ +inherit kernel qoriq_build_64bit_kernel +require recipes-kernel/linux/linux-dtb.inc + +DESCRIPTION = "Linux kernel for Freescale platforms" +SECTION = "kernel" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=d7810fab7487fb0aad327b76f1be7cd7" + +KSRC ?= "" +S = '${@base_conditional("KSRC", "", "${WORKDIR}/git", "${KSRC}", d)}' + +DEPENDS_append = " libgcc" +KERNEL_CC_append = " ${TOOLCHAIN_OPTIONS}" +KERNEL_LD_append = " ${TOOLCHAIN_OPTIONS}" + +SCMVERSION ?= "y" +DELTA_KERNEL_DEFCONFIG ?= "" +do_configure_prepend() { + # copy desired defconfig so we pick it up for the real kernel_do_configure + cp ${KERNEL_DEFCONFIG} ${B}/.config + + # add config fragments + for deltacfg in ${DELTA_KERNEL_DEFCONFIG}; do + if [ -f "${deltacfg}" ]; then + ${S}/scripts/kconfig/merge_config.sh -m .config ${deltacfg} + elif [ -f "${S}/arch/powerpc/configs/${deltacfg}" ]; then + ${S}/scripts/kconfig/merge_config.sh -m .config \ + ${S}/arch/powerpc/configs/${deltacfg} + fi + done + + #add git revision to the local version + if [ "${SCMVERSION}" = "y" ]; then + # append sdk version if SDK_VERSION is defined + sdkversion='' + if [ -n "${SDK_VERSION}" ]; then + sdkversion="-${SDK_VERSION}" + fi + head=`git --git-dir=${S}/.git rev-parse --verify --short HEAD 2> /dev/null` + printf "%s%s%s" $sdkversion +g $head > ${B}/.scmversion + fi +} + +# make everything compatible for the time being +COMPATIBLE_MACHINE_$MACHINE = "$MACHINE" + diff --git a/recipes-kernel/linux/linux-qoriq_3.12.bb b/recipes-kernel/linux/linux-qoriq_3.12.bb new file mode 100644 index 00000000..3e0ab954 --- /dev/null +++ b/recipes-kernel/linux/linux-qoriq_3.12.bb @@ -0,0 +1,7 @@ +require recipes-kernel/linux/linux-qoriq.inc + +SRC_URI = "git://git.freescale.com/ppc/sdk/linux.git;nobranch=1 \ + file://modify-defconfig-t1040-nr-cpus.patch \ + file://net-sctp-CVE-2014-0101.patch \ +" +SRCREV = "f488de6741d5ba805b9fe813d2ddf32368d3a888" diff --git a/recipes-kernel/lttng/lttng-modules_%.bbappend b/recipes-kernel/lttng/lttng-modules_%.bbappend new file mode 100644 index 00000000..5ff765d4 --- /dev/null +++ b/recipes-kernel/lttng/lttng-modules_%.bbappend @@ -0,0 +1,2 @@ +inherit qoriq_build_64bit_kernel + diff --git a/recipes-kernel/pkc-host/pkc-host_git.bb b/recipes-kernel/pkc-host/pkc-host_git.bb new file mode 100644 index 00000000..2609adb7 --- /dev/null +++ b/recipes-kernel/pkc-host/pkc-host_git.bb @@ -0,0 +1,35 @@ +DESCRIPTION = "pkc host driver" +SECTION = "pkc-host" +LICENSE = "BSD & GPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=99803d8e9a595c0bdb45ca710f353813" + +inherit module qoriq_build_64bit_kernel +RDEPENDS_${PN} += "cryptodev-module bc" + +# Currently pkc-host does not support RSA_KEYGEN, remove this +# if it is fixed. +REQUIRED_DISTRO_FEATURES = "c29x_pkc" + +SRC_URI = "git://git.freescale.com/ppc/sdk/pkc-host.git;nobranch=1" +SRCREV = "564f535d596f43eb2901a7ff77bbe529a118c16e" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"' + +do_install() { + oe_runmake INSTALL_MOD_PATH="${D}" modules_install + install -d ${D}/etc/crypto + install -d ${D}/${bindir} + cp ${S}/crypto.cfg ${D}/etc/crypto + cp ${S}/images/pkc-firmware.bin ${D}/etc/crypto + cp ${S}/apps/cli/cli ${D}/${bindir} + cp ${S}/perf/c29x_driver_perf_profile.sh ${D}/${bindir} +} + + +FILES_${PN} = "${bindir}/cli \ + ${bindir}/c29x_driver_perf_profile.sh \ + /etc/crypto/crypto.cfg \ + /etc/crypto/pkc-firmware.bin \ +" diff --git a/recipes-kernel/qoriq-debug/qoriq-debug_git.bb b/recipes-kernel/qoriq-debug/qoriq-debug_git.bb new file mode 100644 index 00000000..c08f057f --- /dev/null +++ b/recipes-kernel/qoriq-debug/qoriq-debug_git.bb @@ -0,0 +1,15 @@ +DESCRIPTION = "QorIQ Debug File System Module" +SECTION = "qoriq-debug" +LICENSE = "GPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=e29234dd5d40dc352cc60cc0c93437ba" + +inherit module autotools-brokensep qoriq_build_64bit_kernel + +SRC_URI = "git://git.freescale.com/ppc/sdk/qoriq-debug.git;nobranch=1" +SRCREV = "20615c1ea332102635f8314cee5787c48c1a4254" + +S = "${WORKDIR}/git" + +EXTRA_OECONF += "--with-linux=${STAGING_KERNEL_DIR}" +EXTRA_OEMAKE += 'SYSROOT="${D}"' + diff --git a/recipes-kernel/skmm-host/skmm-host_git.bb b/recipes-kernel/skmm-host/skmm-host_git.bb new file mode 100644 index 00000000..e3d6dbee --- /dev/null +++ b/recipes-kernel/skmm-host/skmm-host_git.bb @@ -0,0 +1,15 @@ +DESCRIPTION = "skmm host driver offload data to PCIe EP and push the data en-decrypted back to application" +SECTION = "c293-skmm-host" +LICENSE = "BSD & GPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=99803d8e9a595c0bdb45ca710f353813" + +inherit module qoriq_build_64bit_kernel + +SRC_URI = "git://git.freescale.com/ppc/sdk/skmm-host.git;nobranch=1" +SRCREV = "a655c571a92f4a5d6ced09869c2f17609ee47361" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"' + +FILES_${PN} += "/etc/skmm/ /usr/bin/" diff --git a/recipes-kernel/uio-seville/uio-seville_0.1.bb b/recipes-kernel/uio-seville/uio-seville_0.1.bb new file mode 100755 index 00000000..7ca4c8fd --- /dev/null +++ b/recipes-kernel/uio-seville/uio-seville_0.1.bb @@ -0,0 +1,14 @@ +DESCRIPTION = "UIO driver for T1040 L2 Switch" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e" + +SRC_URI = "git://git.freescale.com/ppc/sdk/l2switch-uio.git;branch=master" +SRCREV = "80de8322d0ab8c28f5dfbe3cde8759a1efbe06c9" + +inherit module + +S = "${WORKDIR}/git/uio-driver" + +COMPATIBLE_MACHINE ?= "(none)" +COMPATIBLE_MACHINE_t1040 = ".*" +COMPATIBLE_MACHINE_t1042 = ".*" diff --git a/recipes-virtualization/hv-cfg/hv-cfg_git.bb b/recipes-virtualization/hv-cfg/hv-cfg_git.bb new file mode 100644 index 00000000..e4f18e07 --- /dev/null +++ b/recipes-virtualization/hv-cfg/hv-cfg_git.bb @@ -0,0 +1,52 @@ +DESCRIPTION = "Hypervisor Config" +SECTION = "hv-cfg" +LICENSE = "BSD" +PR = "r6" + +LIC_FILES_CHKSUM = " \ + file://p2041rdb/LICENSE;md5=96dd72f26e9bb861de5c76c60e35e1bc \ + file://p3041ds/LICENSE;md5=96dd72f26e9bb861de5c76c60e35e1bc \ + file://p4080ds/LICENSE;md5=96dd72f26e9bb861de5c76c60e35e1bc \ + file://p5020ds/LICENSE;md5=96dd72f26e9bb861de5c76c60e35e1bc \ +" + +DEPENDS += "dtc-native" + +# this package is specific to the machine itself +INHIBIT_DEFAULT_DEPS = "1" +PACKAGE_ARCH = "${MACHINE_ARCH}" + +inherit deploy + +SRC_URI = "git://git.freescale.com/ppc/sdk/hv-cfg.git;nobranch=1" +SRCREV = "b9287b07390d17bfba936a806a72b91b89507c22" + +S = "${WORKDIR}/git" + +do_install () { + make install + + M=`echo ${MACHINE} | sed s/-64b//g` + if [ "t1042d4rdb" = "${M}" ] || [ "t1040d4rdb" = "${M}" ];then + M=t1040rdb + fi + install -d ${D}/boot/hv-cfg + cp -r ${S}/${M}/${M}/* ${D}/boot/hv-cfg +} + +do_deploy () { + M=`echo ${MACHINE} | sed s/-64b//g` + if [ "t1042d4rdb" = "${M}" ] || [ "t1040d4rdb" = "${M}" ];then + M=t1040rdb + fi + install -d ${DEPLOYDIR}/hv-cfg + cp -r ${S}/${M}/${M}/* ${DEPLOYDIR}/hv-cfg +} +addtask deploy after do_install + +PACKAGES += "${PN}-image" +FILES_${PN}-image += "/boot" + +COMPATIBLE_HOST_qoriq-ppc = ".*" +COMPATIBLE_HOST ?= "(none)" +ALLOW_EMPTY_${PN} = "1" diff --git a/recipes-virtualization/hypervisor/files/81-fsl-embedded-hv.rules b/recipes-virtualization/hypervisor/files/81-fsl-embedded-hv.rules new file mode 100644 index 00000000..5edfa113 --- /dev/null +++ b/recipes-virtualization/hypervisor/files/81-fsl-embedded-hv.rules @@ -0,0 +1,2 @@ +# Add rule to handle setting up device node for FSL HV mgmt driver +SUBSYSTEM=="misc", KERNEL=="fsl-hv", NAME="fsl-hv" diff --git a/recipes-virtualization/hypervisor/hypervisor_git.bb b/recipes-virtualization/hypervisor/hypervisor_git.bb new file mode 100644 index 00000000..80ba635f --- /dev/null +++ b/recipes-virtualization/hypervisor/hypervisor_git.bb @@ -0,0 +1,94 @@ +DESCRIPTION = "Freescale embedded hypervisor" +SECTION = "embedded-hv" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://README;endline=22;md5=0655bbc3b7d7166c30c87208b4e23cf0" + +PR = "r3" + +DEPENDS = "u-boot-mkimage-native" + +inherit deploy + +# TODO: fix dtc to use the already built package +SRC_URI = " \ + git://git.freescale.com/ppc/sdk/hypervisor/hypervisor.git;name=hypervisor;nobranch=1 \ + git://git.freescale.com/ppc/sdk/hypervisor/kconfig.git;name=kconfig;destsuffix=git/kconfig;nobranch=1 \ + git://git.freescale.com/ppc/sdk/hypervisor/libos.git;name=libos;destsuffix=git/libos;nobranch=1 \ + git://git.kernel.org/pub/scm/utils/dtc/dtc.git;name=dtc;destsuffix=dtc \ + git://git.freescale.com/ppc/sdk/hypertrk.git;name=hypertrk;destsuffix=git/hypertrk;nobranch=1 \ + file://81-fsl-embedded-hv.rules \ + " + +SRCREV_FORMAT="hypervisor" +SRCREV = "e17b3ecbbdadebf7e31ba21134b689334da74e10" +SRCREV_kconfig = "a56025d4da992b856796b0eccac2e410d751dbac" +SRCREV_libos = "2ff7649c8047dd0d2143acb4743c53e6e6ba4878" +SRCREV_dtc = "a6d55e039fd22048687fe061b4609e2807efe764" +SRCREV_hypertrk = "975c98b562186afbd3bbf103ae54b96cf9b3e533" + +S = "${WORKDIR}/git" + +OUTPUT ?= "output32" +OUTPUT_powerpc64 = "output64" + +EXTRA_OEMAKE = 'CROSS_COMPILE=${TARGET_PREFIX} CC="${TARGET_PREFIX}gcc ${TOOLCHAIN_OPTIONS}" O="${OUTPUT}"' + +DEFCONFIG = "defconfig" +DEFCONFIG_powerpc64 = "64bit_defconfig" + +COMPATIBLE_HOST_qoriq-ppc = ".*" +COMPATIBLE_HOST ?= "(none)" + +inherit cml1 +do_configure () { + oe_runmake ${DEFCONFIG} +} + +PKG_HV_HYPERTRK_SUPPORT = "n" +do_compile () { + if [ "${PKG_HV_HYPERTRK_SUPPORT}" = "y" ] + then + oe_runmake silentoldconfig + export HV_DIR=$PWD + cd hypertrk + oe_runmake deploy + cd .. + fi + + oe_runmake + oe_runmake partman +} + +do_install () { + install -d ${D}/${bindir} + install ${B}/${OUTPUT}/bin/linux/partman ${D}/${bindir}/partman + + install -d ${D}${sysconfdir}/udev/rules.d + install -m 0644 ${WORKDIR}/81-fsl-embedded-hv.rules ${D}${sysconfdir}/udev/rules.d + + install -d ${D}/boot/hv + install ${B}/${OUTPUT}/.config ${D}/boot/hv/hypervisor.config + install -m 644 ${B}/${OUTPUT}/bin/hv ${B}/${OUTPUT}/bin/hv.map \ + ${B}/${OUTPUT}/bin/hv.uImage ${B}/${OUTPUT}/bin/hv.bin \ + ${D}/boot/hv/ +} + +do_deploy () { + install -d ${DEPLOYDIR}/hv/ + install ${B}/${OUTPUT}/.config ${DEPLOYDIR}/hv/hypervisor.config + install -m 644 ${B}/${OUTPUT}/bin/hv ${B}/${OUTPUT}/bin/hv.map \ + ${B}/${OUTPUT}/bin/hv.uImage ${B}/${OUTPUT}/bin/hv.bin \ + ${DEPLOYDIR}/hv/ +} +addtask deploy before do_build after do_install + +do_deploy_append() { + rm -f ${B}/../hv +} + +INSANE_SKIP_${PN} = 'already-stripped' +INHIBIT_PACKAGE_DEBUG_SPLIT = "1" +ALLOW_EMPTY_${PN} = "1" +PACKAGES_prepend = "${PN}-image ${PN}-partman " +FILES_${PN}-image = "/boot/" +FILES_${PN}-partman = "${bindir}/partman" diff --git a/recipes-virtualization/mux-server/mux-server_1.02.bb b/recipes-virtualization/mux-server/mux-server_1.02.bb new file mode 100644 index 00000000..744a84c2 --- /dev/null +++ b/recipes-virtualization/mux-server/mux-server_1.02.bb @@ -0,0 +1,27 @@ +DESCRIPTION = "A Linux-based utility supporting console multiplexing and demultiplexing" +SECTION = "mux-server" +LICENSE = "LGPL-2.1" +LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" + +SRC_URI = "git://git.freescale.com/ppc/sdk/hypervisor/mux_server.git;branch=master" +SRCREV = "3e4c6a44a81bb5cf2996830e8034d26850f80efc" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE='HOSTCC="${CC}"' + +inherit deploy + +do_install () { + install -d ${D}${bindir} + install -m 755 mux_server ${D}${bindir} +} + +do_deploy() { + install -d ${DEPLOYDIR}/hv + install -m 755 mux_server ${DEPLOYDIR}/hv/mux_server-${PKGV}-${PKGR} + ln -sf mux_server-${PKGV}-${PKGR} ${DEPLOYDIR}/hv/mux_server +} +addtask deploy after do_install + +BBCLASSEXTEND = "native nativesdk" -- cgit v1.2.3-54-g00ecf