summaryrefslogtreecommitdiffstats
path: root/recipes-kernel
diff options
context:
space:
mode:
authorZhenhua Luo <zhenhua.luo@freescale.com>2014-06-14 14:38:18 +0800
committerZhenhua Luo <zhenhua.luo@freescale.com>2014-07-11 13:35:10 +0800
commit639cc0b816cb2fe8941879bf311699e5febe6f77 (patch)
treef390906896f46b059704d2d12ab365565266cb17 /recipes-kernel
parentb145a013cbbcdc11832d0d9c6a3a71a52d91a5c3 (diff)
downloadmeta-fsl-ppc-639cc0b816cb2fe8941879bf311699e5febe6f77.tar.gz
cryptodev-linux/module: use fsl maintained source
FSL SDK released its own cryptodev based on 1.6, but not all the codes was upstreamed, add bbappend to use fsl maintained source. This change only be applied for fsl machines Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com> Signed-off-by: Ting Liu <b28495@freescale.com>
Diffstat (limited to 'recipes-kernel')
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl.inc24
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0001-add-support-for-composite-TLS-SHA1-AES-algorithm-off.patch53
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0002-use-function-local-storage-for-cipher-and-hmac-keys.patch87
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0003-Add-support-for-aead-keys-for-composite-algorithms.patch170
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0004-fix-scatterlist-size-for-in-place-operations.patch39
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0005-add-dst_len-parameter-to-be-provided-by-the-user.patch70
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0006-fix-build-error-on-some-targets.patch64
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0007-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch209
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0008-fix-cipher-algorithm-memleaks.patch53
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0009-PKC-support-added-in-cryptodev-module.patch898
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0010-Compat-versions-of-PKC-IOCTLs.patch200
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0011-Asynchronous-interface-changes-in-cryptodev.patch213
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0012-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch213
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0013-RCU-stall-fixed-in-PKC-asynchronous-interface.patch238
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0014-use-static-allocation-for-keys-copied-from-userspace.patch131
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0015-Add-RSA-Key-generation-offloading.patch170
-rw-r--r--recipes-kernel/cryptodev/cryptodev-fsl/0016-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch116
-rw-r--r--recipes-kernel/cryptodev/cryptodev-linux_1.6.bbappend2
-rw-r--r--recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend8
-rw-r--r--recipes-kernel/cryptodev/cryptodev_1.5.bb51
-rw-r--r--recipes-kernel/cryptodev/files/Add-the-compile-and-install-rules-for-cryptodev-test.patch69
-rw-r--r--recipes-kernel/cryptodev/files/makefile_fixup.patch26
22 files changed, 2958 insertions, 146 deletions
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl.inc b/recipes-kernel/cryptodev/cryptodev-fsl.inc
new file mode 100644
index 0000000..774ef10
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl.inc
@@ -0,0 +1,24 @@
1FILESEXTRAPATHS_prepend := "${THISDIR}/cryptodev-fsl"
2
3SRC_URI_fslmachine = "git://github.com/nmav/cryptodev-linux.git \
4 file://0001-add-support-for-composite-TLS-SHA1-AES-algorithm-off.patch \
5 file://0002-use-function-local-storage-for-cipher-and-hmac-keys.patch \
6 file://0003-Add-support-for-aead-keys-for-composite-algorithms.patch \
7 file://0004-fix-scatterlist-size-for-in-place-operations.patch \
8 file://0005-add-dst_len-parameter-to-be-provided-by-the-user.patch \
9 file://0006-fix-build-error-on-some-targets.patch \
10 file://0007-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch \
11 file://0008-fix-cipher-algorithm-memleaks.patch \
12 file://0009-PKC-support-added-in-cryptodev-module.patch \
13 file://0010-Compat-versions-of-PKC-IOCTLs.patch \
14 file://0011-Asynchronous-interface-changes-in-cryptodev.patch \
15 file://0012-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch \
16 file://0013-RCU-stall-fixed-in-PKC-asynchronous-interface.patch \
17 file://0014-use-static-allocation-for-keys-copied-from-userspace.patch \
18 file://0015-Add-RSA-Key-generation-offloading.patch \
19 file://0016-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch \
20"
21SRCREV_fslmachine = "e8609a408d40c83ae8fc11bbe9a7b3847612669b"
22
23S_fslmachine = "${WORKDIR}/git"
24
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0001-add-support-for-composite-TLS-SHA1-AES-algorithm-off.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0001-add-support-for-composite-TLS-SHA1-AES-algorithm-off.patch
new file mode 100644
index 0000000..094fb0b
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0001-add-support-for-composite-TLS-SHA1-AES-algorithm-off.patch
@@ -0,0 +1,53 @@
1From 434790a1bbafa371c0c6647238234573db98d017 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Thu, 29 Aug 2013 16:52:30 +0300
4Subject: [[Patch][fsl 01/16] add support for composite TLS(SHA1,AES)
5 algorithm offload
6
7Upstream-status: Pending
8
9This adds support for composite algorithm offload in a single crypto
10(cipher + hmac) operation.
11
12It requires either software or hardware TLS support in the Linux kernel
13and can be used with Freescale B*, P* and T* platforms that have support
14for hardware TLS acceleration.
15
16Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
17Tested-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
18---
19 crypto/cryptodev.h | 1 +
20 ioctl.c | 5 +++++
21 2 files changed, 6 insertions(+)
22
23diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
24index 7fb9c7d..c0e8cd4 100644
25--- a/crypto/cryptodev.h
26+++ b/crypto/cryptodev.h
27@@ -50,6 +50,7 @@ enum cryptodev_crypto_op_t {
28 CRYPTO_SHA2_384,
29 CRYPTO_SHA2_512,
30 CRYPTO_SHA2_224_HMAC,
31+ CRYPTO_TLS10_AES_CBC_HMAC_SHA1,
32 CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */
33 };
34
35diff --git a/ioctl.c b/ioctl.c
36index d4e83f4..a0f1db1 100644
37--- a/ioctl.c
38+++ b/ioctl.c
39@@ -146,6 +146,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
40 stream = 1;
41 aead = 1;
42 break;
43+ case CRYPTO_TLS10_AES_CBC_HMAC_SHA1:
44+ alg_name = "tls10(hmac(sha1),cbc(aes))";
45+ stream = 0;
46+ aead = 1;
47+ break;
48 case CRYPTO_NULL:
49 alg_name = "ecb(cipher_null)";
50 stream = 1;
51--
521.7.9.7
53
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0002-use-function-local-storage-for-cipher-and-hmac-keys.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0002-use-function-local-storage-for-cipher-and-hmac-keys.patch
new file mode 100644
index 0000000..4702fd4
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0002-use-function-local-storage-for-cipher-and-hmac-keys.patch
@@ -0,0 +1,87 @@
1From cc65307405a21c3b709ca6f2a6f64ff0c67c0eed Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Wed, 18 Sep 2013 13:42:31 +0300
4Subject: [[Patch][fsl 02/16] use function-local storage for cipher and hmac
5 keys
6
7Upstream-status: Pending
8
9This refactorization is necessary for next patches that add support for
10aead composite ciphers where the aead key is the sum of cipher and hmac
11keys.
12
13Without this patch, the hmac and cipher keys can't be combined in the
14same ioctl.
15
16Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
17Tested-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
18---
19 ioctl.c | 14 ++++++--------
20 1 file changed, 6 insertions(+), 8 deletions(-)
21
22diff --git a/ioctl.c b/ioctl.c
23index a0f1db1..c614373 100644
24--- a/ioctl.c
25+++ b/ioctl.c
26@@ -109,6 +109,8 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
27 const char *alg_name = NULL;
28 const char *hash_name = NULL;
29 int hmac_mode = 1, stream = 0, aead = 0;
30+ uint8_t enckey[CRYPTO_CIPHER_MAX_KEY_LEN];
31+ uint8_t mackey[CRYPTO_HMAC_MAX_KEY_LEN];
32
33 /* Does the request make sense? */
34 if (unlikely(!sop->cipher && !sop->mac)) {
35@@ -227,8 +229,6 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
36
37 /* Set-up crypto transform. */
38 if (alg_name) {
39- uint8_t keyp[CRYPTO_CIPHER_MAX_KEY_LEN];
40-
41 if (unlikely(sop->keylen > CRYPTO_CIPHER_MAX_KEY_LEN)) {
42 ddebug(1, "Setting key failed for %s-%zu.",
43 alg_name, (size_t)sop->keylen*8);
44@@ -236,12 +236,12 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
45 goto error_cipher;
46 }
47
48- if (unlikely(copy_from_user(keyp, sop->key, sop->keylen))) {
49+ if (unlikely(copy_from_user(enckey, sop->key, sop->keylen))) {
50 ret = -EFAULT;
51 goto error_cipher;
52 }
53
54- ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, keyp,
55+ ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, enckey,
56 sop->keylen, stream, aead);
57 if (ret < 0) {
58 ddebug(1, "Failed to load cipher for %s", alg_name);
59@@ -251,8 +251,6 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
60 }
61
62 if (hash_name && aead == 0) {
63- uint8_t keyp[CRYPTO_HMAC_MAX_KEY_LEN];
64-
65 if (unlikely(sop->mackeylen > CRYPTO_HMAC_MAX_KEY_LEN)) {
66 ddebug(1, "Setting key failed for %s-%zu.",
67 hash_name, (size_t)sop->mackeylen*8);
68@@ -260,14 +258,14 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
69 goto error_hash;
70 }
71
72- if (sop->mackey && unlikely(copy_from_user(keyp, sop->mackey,
73+ if (sop->mackey && unlikely(copy_from_user(mackey, sop->mackey,
74 sop->mackeylen))) {
75 ret = -EFAULT;
76 goto error_hash;
77 }
78
79 ret = cryptodev_hash_init(&ses_new->hdata, hash_name, hmac_mode,
80- keyp, sop->mackeylen);
81+ mackey, sop->mackeylen);
82 if (ret != 0) {
83 ddebug(1, "Failed to load hash for %s", hash_name);
84 ret = -EINVAL;
85--
861.7.9.7
87
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0003-Add-support-for-aead-keys-for-composite-algorithms.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0003-Add-support-for-aead-keys-for-composite-algorithms.patch
new file mode 100644
index 0000000..033552a
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0003-Add-support-for-aead-keys-for-composite-algorithms.patch
@@ -0,0 +1,170 @@
1From 8cabaedb69acc5b44c7a9cf058045908130a6af7 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Wed, 23 Oct 2013 16:57:22 +0300
4Subject: [[Patch][fsl 03/16] Add support for aead keys for composite
5 algorithms
6
7Upstream-status: Pending
8
9Composite aead algorithms (e.g. AES-CBC + HMAC-SHA1) need two keys to
10operate. The two keys are wrapped in a single buffer in the form
11used also by crypto/authenc.c
12Blockcipher and non-composite aead algorithms (e.g. AES-GCM) use a
13single key which is simply copied from user-space.
14
15Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
16Tested-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
17---
18 cryptlib.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
19 cryptlib.h | 3 +++
20 ioctl.c | 24 ++++++++++++++----------
21 3 files changed, 76 insertions(+), 10 deletions(-)
22
23diff --git a/cryptlib.c b/cryptlib.c
24index a7fbff4..2986d09 100644
25--- a/cryptlib.c
26+++ b/cryptlib.c
27@@ -34,6 +34,8 @@
28 #include <crypto/hash.h>
29 #include <crypto/cryptodev.h>
30 #include <crypto/aead.h>
31+#include <linux/rtnetlink.h>
32+#include <crypto/authenc.h>
33 #include "cryptodev_int.h"
34
35
36@@ -53,6 +55,63 @@ static void cryptodev_complete(struct crypto_async_request *req, int err)
37 complete(&res->completion);
38 }
39
40+int cryptodev_get_cipher_keylen(unsigned int *keylen, struct session_op *sop,
41+ int aead)
42+{
43+ unsigned int klen = sop->keylen;
44+
45+ if (unlikely(sop->keylen > CRYPTO_CIPHER_MAX_KEY_LEN))
46+ return -EINVAL;
47+
48+ if (aead && sop->mackeylen) {
49+ if (unlikely(sop->mackeylen > CRYPTO_HMAC_MAX_KEY_LEN))
50+ return -EINVAL;
51+ klen += sop->mackeylen;
52+ klen += RTA_SPACE(sizeof(struct crypto_authenc_key_param));
53+ }
54+
55+ *keylen = klen;
56+ return 0;
57+}
58+
59+int cryptodev_get_cipher_key(uint8_t *key, struct session_op *sop, int aead)
60+{
61+ /* Get algorithm key from user-space. For composite aead algorithms,
62+ * the key representation is in the format used by linux kernel in
63+ * crypto/authenc.c
64+ */
65+ struct crypto_authenc_key_param *param;
66+ struct rtattr *rta;
67+ int ret = 0;
68+
69+ if (aead && sop->mackeylen) {
70+ /* the key header type and header length */
71+ rta = (void *)key;
72+ rta->rta_type = CRYPTO_AUTHENC_KEYA_PARAM;
73+ rta->rta_len = RTA_LENGTH(sizeof(*param));
74+
75+ /* the key parameter is the length of the encryption key */
76+ param = RTA_DATA(rta);
77+ param->enckeylen = cpu_to_be32(sop->keylen);
78+
79+ /* copy the hash key */
80+ key += RTA_SPACE(sizeof(*param));
81+ if (unlikely(copy_from_user(key, sop->mackey, sop->mackeylen))) {
82+ ret = -EFAULT;
83+ goto error;
84+ }
85+ /* get the pointer ready for the encryption key */
86+ key += sop->mackeylen;
87+ }
88+ /* blockcipher algorithms have the key ready to use */
89+ if (unlikely(copy_from_user(key, sop->key, sop->keylen)))
90+ ret = -EFAULT;
91+
92+error:
93+ return ret;
94+}
95+
96+
97 int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
98 uint8_t *keyp, size_t keylen, int stream, int aead)
99 {
100diff --git a/cryptlib.h b/cryptlib.h
101index 0744284..a0a8a63 100644
102--- a/cryptlib.h
103+++ b/cryptlib.h
104@@ -25,6 +25,9 @@ struct cipher_data {
105 int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
106 uint8_t *key, size_t keylen, int stream, int aead);
107 void cryptodev_cipher_deinit(struct cipher_data *cdata);
108+int cryptodev_get_cipher_key(uint8_t *key, struct session_op *sop, int aead);
109+int cryptodev_get_cipher_keylen(unsigned int *keylen, struct session_op *sop,
110+ int aead);
111 ssize_t cryptodev_cipher_decrypt(struct cipher_data *cdata,
112 const struct scatterlist *sg1,
113 struct scatterlist *sg2, size_t len);
114diff --git a/ioctl.c b/ioctl.c
115index c614373..3baf195 100644
116--- a/ioctl.c
117+++ b/ioctl.c
118@@ -109,7 +109,8 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
119 const char *alg_name = NULL;
120 const char *hash_name = NULL;
121 int hmac_mode = 1, stream = 0, aead = 0;
122- uint8_t enckey[CRYPTO_CIPHER_MAX_KEY_LEN];
123+ uint8_t *key = NULL;
124+ unsigned int keylen;
125 uint8_t mackey[CRYPTO_HMAC_MAX_KEY_LEN];
126
127 /* Does the request make sense? */
128@@ -229,20 +230,22 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
129
130 /* Set-up crypto transform. */
131 if (alg_name) {
132- if (unlikely(sop->keylen > CRYPTO_CIPHER_MAX_KEY_LEN)) {
133- ddebug(1, "Setting key failed for %s-%zu.",
134- alg_name, (size_t)sop->keylen*8);
135- ret = -EINVAL;
136+ ret = cryptodev_get_cipher_keylen(&keylen, sop, aead);
137+ if (unlikely(ret < 0))
138 goto error_cipher;
139- }
140
141- if (unlikely(copy_from_user(enckey, sop->key, sop->keylen))) {
142- ret = -EFAULT;
143+ key = kmalloc(keylen, GFP_KERNEL);
144+ if (unlikely(!key)) {
145+ ret = -ENOMEM;
146 goto error_cipher;
147 }
148
149- ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, enckey,
150- sop->keylen, stream, aead);
151+ ret = cryptodev_get_cipher_key(key, sop, aead);
152+ if (unlikely(ret < 0))
153+ goto error_cipher;
154+
155+ ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, key, keylen,
156+ stream, aead);
157 if (ret < 0) {
158 ddebug(1, "Failed to load cipher for %s", alg_name);
159 ret = -EINVAL;
160@@ -318,6 +321,7 @@ error_hash:
161 kfree(ses_new->sg);
162 kfree(ses_new->pages);
163 error_cipher:
164+ kfree(key);
165 kfree(ses_new);
166
167 return ret;
168--
1691.7.9.7
170
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0004-fix-scatterlist-size-for-in-place-operations.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0004-fix-scatterlist-size-for-in-place-operations.patch
new file mode 100644
index 0000000..c808606
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0004-fix-scatterlist-size-for-in-place-operations.patch
@@ -0,0 +1,39 @@
1From 5a6cd042d3cee9e3bbf3b0125a89e64d75dffdc7 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Thu, 31 Oct 2013 13:13:51 +0200
4Subject: [[Patch][fsl 04/16] fix scatterlist size for in-place operations
5
6Upstream-status: Pending
7
8For in-place operations, the scatterlist must be big enough to allow for
9either the source or destination data:
10 - for block ciphers, the destination will be bigger than the source if
11 the source is not multiple of blocksize
12 - for aead ciphers, the additional data and padding guarantees the
13 destination to be bigger than the source.
14
15Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
16Tested-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
17---
18 zc.c | 5 +++--
19 1 file changed, 3 insertions(+), 2 deletions(-)
20
21diff --git a/zc.c b/zc.c
22index 809a36d..8855083 100644
23--- a/zc.c
24+++ b/zc.c
25@@ -162,8 +162,9 @@ int get_userbuf(struct csession *ses,
26 }
27
28 if (src == dst) { /* inplace operation */
29- rc = __get_userbuf(src, src_len, 1, ses->used_pages,
30- ses->pages, ses->sg, task, mm);
31+ rc = __get_userbuf(src, max(src_len, dst_len), 1, ses->used_pages,
32+ ses->pages, ses->sg, task, mm);
33+
34 if (unlikely(rc)) {
35 derr(1, "failed to get user pages for data IO");
36 return rc;
37--
381.7.9.7
39
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0005-add-dst_len-parameter-to-be-provided-by-the-user.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0005-add-dst_len-parameter-to-be-provided-by-the-user.patch
new file mode 100644
index 0000000..480d2a9
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0005-add-dst_len-parameter-to-be-provided-by-the-user.patch
@@ -0,0 +1,70 @@
1From e673e6ec09770b624d524bcd82f911e4fe2e2075 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Thu, 31 Oct 2013 13:27:28 +0200
4Subject: [[Patch][fsl 05/16] add dst_len parameter to be provided by the user
5
6Upstream-status: Pending
7
8This allows the user to set the result length and relieves cryptodev
9from making assumptions about it.
10
11Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
12Tested-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
13---
14 authenc.c | 13 +++----------
15 crypto/cryptodev.h | 1 +
16 2 files changed, 4 insertions(+), 10 deletions(-)
17
18diff --git a/authenc.c b/authenc.c
19index a183820..5235973 100644
20--- a/authenc.c
21+++ b/authenc.c
22@@ -199,7 +199,7 @@ static int fill_kcaop_from_caop(struct kernel_crypt_auth_op *kcaop, struct fcryp
23 kcaop->ivlen = caop->iv ? ses_ptr->cdata.ivsize : 0;
24
25 if (caop->flags & COP_FLAG_AEAD_TLS_TYPE)
26- kcaop->dst_len = caop->len + ses_ptr->cdata.blocksize /* pad */ + caop->tag_len;
27+ kcaop->dst_len = caop->dst_len;
28 else
29 kcaop->dst_len = caop->len;
30
31@@ -645,8 +645,6 @@ __crypto_auth_run_zc(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcao
32 ret = tls_auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
33 dst_sg, caop->len);
34 } else {
35- int dst_len;
36-
37 if (unlikely(ses_ptr->cdata.init == 0 ||
38 (ses_ptr->cdata.stream == 0 &&
39 ses_ptr->cdata.aead == 0))) {
40@@ -655,13 +653,8 @@ __crypto_auth_run_zc(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcao
41 goto free_auth_buf;
42 }
43
44- if (caop->op == COP_ENCRYPT)
45- dst_len = caop->len + cryptodev_cipher_get_tag_size(&ses_ptr->cdata);
46- else
47- dst_len = caop->len;
48-
49- ret = get_userbuf(ses_ptr, caop->src, caop->len, caop->dst, dst_len,
50- kcaop->task, kcaop->mm, &src_sg, &dst_sg);
51+ ret = get_userbuf(ses_ptr, caop->src, caop->len, caop->dst,
52+ caop->dst_len, kcaop->task, kcaop->mm, &src_sg, &dst_sg);
53 if (unlikely(ret)) {
54 derr(1, "get_userbuf(): Error getting user pages.");
55 goto free_auth_buf;
56diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
57index c0e8cd4..3ea3d35 100644
58--- a/crypto/cryptodev.h
59+++ b/crypto/cryptodev.h
60@@ -137,6 +137,7 @@ struct crypt_auth_op {
61 __u16 op; /* COP_ENCRYPT or COP_DECRYPT */
62 __u16 flags; /* see COP_FLAG_AEAD_* */
63 __u32 len; /* length of source data */
64+ __u32 dst_len; /* length of result data */
65 __u32 auth_len; /* length of auth data */
66 __u8 __user *auth_src; /* authenticated-only data */
67
68--
691.7.9.7
70
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0006-fix-build-error-on-some-targets.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0006-fix-build-error-on-some-targets.patch
new file mode 100644
index 0000000..510dee0
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0006-fix-build-error-on-some-targets.patch
@@ -0,0 +1,64 @@
1From 69e00f8c1633dfe6da20ccd0cf363a481c99fc97 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Wed, 20 Nov 2013 11:29:50 +0200
4Subject: [[Patch][fsl 06/16] fix build error on some targets
5
6Upstream-status: Pending
7
8This updates incomplete patch f681e2e5fd1088bfe0aafd1ae2560c1dc9d04778
9and allows building main.o
10
11Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
12Tested-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
13---
14 cryptlib.c | 4 ++--
15 cryptlib.h | 4 ++--
16 2 files changed, 4 insertions(+), 4 deletions(-)
17
18diff --git a/cryptlib.c b/cryptlib.c
19index 2986d09..3576f39 100644
20--- a/cryptlib.c
21+++ b/cryptlib.c
22@@ -113,7 +113,7 @@ error:
23
24
25 int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
26- uint8_t *keyp, size_t keylen, int stream, int aead)
27+ uint8_t *keyp, unsigned int keylen, int stream, int aead)
28 {
29 int ret;
30
31@@ -313,7 +313,7 @@ ssize_t cryptodev_cipher_decrypt(struct cipher_data *cdata,
32 /* Hash functions */
33
34 int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name,
35- int hmac_mode, void *mackey, size_t mackeylen)
36+ int hmac_mode, void *mackey, unsigned int mackeylen)
37 {
38 int ret;
39
40diff --git a/cryptlib.h b/cryptlib.h
41index a0a8a63..4cb66ad 100644
42--- a/cryptlib.h
43+++ b/cryptlib.h
44@@ -23,7 +23,7 @@ struct cipher_data {
45 };
46
47 int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
48- uint8_t *key, size_t keylen, int stream, int aead);
49+ uint8_t *key, unsigned int keylen, int stream, int aead);
50 void cryptodev_cipher_deinit(struct cipher_data *cdata);
51 int cryptodev_get_cipher_key(uint8_t *key, struct session_op *sop, int aead);
52 int cryptodev_get_cipher_keylen(unsigned int *keylen, struct session_op *sop,
53@@ -87,7 +87,7 @@ ssize_t cryptodev_hash_update(struct hash_data *hdata,
54 int cryptodev_hash_reset(struct hash_data *hdata);
55 void cryptodev_hash_deinit(struct hash_data *hdata);
56 int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name,
57- int hmac_mode, void *mackey, size_t mackeylen);
58+ int hmac_mode, void *mackey, unsigned int mackeylen);
59
60
61 #endif
62--
631.7.9.7
64
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0007-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0007-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch
new file mode 100644
index 0000000..b796f16
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0007-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch
@@ -0,0 +1,209 @@
1From 75e26bf18997488518228cb851585bf8e4c3120f Mon Sep 17 00:00:00 2001
2From: Horia Geanta <horia.geanta@freescale.com>
3Date: Wed, 4 Dec 2013 15:43:41 +0200
4Subject: [[Patch][fsl 07/16] add support for COMPAT_CIOCAUTHCRYPT ioctl()
5
6Upstream-status: Pending
7
8Needed for 64b kernel with 32b user space.
9
10Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
11Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
12---
13 authenc.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
14 cryptodev_int.h | 41 ++++++++++++++++++++++++++++
15 ioctl.c | 16 +++++++++++
16 3 files changed, 137 insertions(+)
17
18diff --git a/authenc.c b/authenc.c
19index 5235973..259a225 100644
20--- a/authenc.c
21+++ b/authenc.c
22@@ -241,6 +241,86 @@ static int fill_caop_from_kcaop(struct kernel_crypt_auth_op *kcaop, struct fcryp
23 return 0;
24 }
25
26+/* compatibility code for 32bit userlands */
27+#ifdef CONFIG_COMPAT
28+
29+static inline void
30+compat_to_crypt_auth_op(struct compat_crypt_auth_op *compat,
31+ struct crypt_auth_op *caop)
32+{
33+ caop->ses = compat->ses;
34+ caop->op = compat->op;
35+ caop->flags = compat->flags;
36+ caop->len = compat->len;
37+ caop->dst_len = compat->dst_len;
38+ caop->auth_len = compat->auth_len;
39+ caop->tag_len = compat->tag_len;
40+ caop->iv_len = compat->iv_len;
41+
42+ caop->auth_src = compat_ptr(compat->auth_src);
43+ caop->src = compat_ptr(compat->src);
44+ caop->dst = compat_ptr(compat->dst);
45+ caop->tag = compat_ptr(compat->tag);
46+ caop->iv = compat_ptr(compat->iv);
47+}
48+
49+static inline void
50+crypt_auth_op_to_compat(struct crypt_auth_op *caop,
51+ struct compat_crypt_auth_op *compat)
52+{
53+ compat->ses = caop->ses;
54+ compat->op = caop->op;
55+ compat->flags = caop->flags;
56+ compat->len = caop->len;
57+ compat->dst_len = caop->dst_len;
58+ compat->auth_len = caop->auth_len;
59+ compat->tag_len = caop->tag_len;
60+ compat->iv_len = caop->iv_len;
61+
62+ compat->auth_src = ptr_to_compat(caop->auth_src);
63+ compat->src = ptr_to_compat(caop->src);
64+ compat->dst = ptr_to_compat(caop->dst);
65+ compat->tag = ptr_to_compat(caop->tag);
66+ compat->iv = ptr_to_compat(caop->iv);
67+}
68+
69+int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop,
70+ struct fcrypt *fcr, void __user *arg)
71+{
72+ struct compat_crypt_auth_op compat_caop;
73+
74+ if (unlikely(copy_from_user(&compat_caop, arg, sizeof(compat_caop)))) {
75+ dprintk(1, KERN_ERR, "Error in copying from userspace\n");
76+ return -EFAULT;
77+ }
78+
79+ compat_to_crypt_auth_op(&compat_caop, &kcaop->caop);
80+
81+ return fill_kcaop_from_caop(kcaop, fcr);
82+}
83+
84+int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop,
85+ struct fcrypt *fcr, void __user *arg)
86+{
87+ int ret;
88+ struct compat_crypt_auth_op compat_caop;
89+
90+ ret = fill_caop_from_kcaop(kcaop, fcr);
91+ if (unlikely(ret)) {
92+ dprintk(1, KERN_ERR, "fill_caop_from_kcaop\n");
93+ return ret;
94+ }
95+
96+ crypt_auth_op_to_compat(&kcaop->caop, &compat_caop);
97+
98+ if (unlikely(copy_to_user(arg, &compat_caop, sizeof(compat_caop)))) {
99+ dprintk(1, KERN_ERR, "Error in copying to userspace\n");
100+ return -EFAULT;
101+ }
102+ return 0;
103+}
104+
105+#endif /* CONFIG_COMPAT */
106
107 int kcaop_from_user(struct kernel_crypt_auth_op *kcaop,
108 struct fcrypt *fcr, void __user *arg)
109diff --git a/cryptodev_int.h b/cryptodev_int.h
110index d7660fa..8d206c9 100644
111--- a/cryptodev_int.h
112+++ b/cryptodev_int.h
113@@ -73,11 +73,43 @@ struct compat_crypt_op {
114 compat_uptr_t iv;/* initialization vector for encryption operations */
115 };
116
117+ /* input of CIOCAUTHCRYPT */
118+struct compat_crypt_auth_op {
119+ uint32_t ses; /* session identifier */
120+ uint16_t op; /* COP_ENCRYPT or COP_DECRYPT */
121+ uint16_t flags; /* see COP_FLAG_AEAD_* */
122+ uint32_t len; /* length of source data */
123+ uint32_t dst_len; /* length of result data */
124+ uint32_t auth_len; /* length of auth data */
125+ compat_uptr_t auth_src; /* authenticated-only data */
126+
127+ /* The current implementation is more efficient if data are
128+ * encrypted in-place (src==dst). */
129+ compat_uptr_t src; /* data to be encrypted and
130+ authenticated */
131+ compat_uptr_t dst; /* pointer to output data. Must have
132+ * space for tag. For TLS this should be
133+ * at least len + tag_size + block_size
134+ * for padding */
135+
136+ compat_uptr_t tag; /* where the tag will be copied to. TLS
137+ * mode doesn't use that as tag is
138+ * copied to dst.
139+ * SRTP mode copies tag there. */
140+ uint32_t tag_len; /* the length of the tag. Use zero for
141+ * digest size or max tag. */
142+
143+ /* initialization vector for encryption operations */
144+ compat_uptr_t iv;
145+ uint32_t iv_len;
146+};
147+
148 /* compat ioctls, defined for the above structs */
149 #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op)
150 #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op)
151 #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op)
152 #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op)
153+#define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op)
154
155 #endif /* CONFIG_COMPAT */
156
157@@ -108,6 +140,15 @@ struct kernel_crypt_auth_op {
158
159 /* auth */
160
161+#ifdef CONFIG_COMPAT
162+int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop,
163+ struct fcrypt *fcr, void __user *arg);
164+
165+int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop,
166+ struct fcrypt *fcr, void __user *arg);
167+#endif /* CONFIG_COMPAT */
168+
169+
170 int kcaop_from_user(struct kernel_crypt_auth_op *kcop,
171 struct fcrypt *fcr, void __user *arg);
172 int kcaop_to_user(struct kernel_crypt_auth_op *kcaop,
173diff --git a/ioctl.c b/ioctl.c
174index 3baf195..18874d3 100644
175--- a/ioctl.c
176+++ b/ioctl.c
177@@ -991,6 +991,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
178 struct session_op sop;
179 struct compat_session_op compat_sop;
180 struct kernel_crypt_op kcop;
181+ struct kernel_crypt_auth_op kcaop;
182 int ret;
183
184 if (unlikely(!pcr))
185@@ -1033,6 +1034,21 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
186 return ret;
187
188 return compat_kcop_to_user(&kcop, fcr, arg);
189+
190+ case COMPAT_CIOCAUTHCRYPT:
191+ if (unlikely(ret = compat_kcaop_from_user(&kcaop, fcr, arg))) {
192+ dprintk(1, KERN_WARNING, "Error copying from user\n");
193+ return ret;
194+ }
195+
196+ ret = crypto_auth_run(fcr, &kcaop);
197+ if (unlikely(ret)) {
198+ dprintk(1, KERN_WARNING, "Error in crypto_auth_run\n");
199+ return ret;
200+ }
201+
202+ return compat_kcaop_to_user(&kcaop, fcr, arg);
203+
204 #ifdef ENABLE_ASYNC
205 case COMPAT_CIOCASYNCCRYPT:
206 if (unlikely(ret = compat_kcop_from_user(&kcop, fcr, arg)))
207--
2081.7.9.7
209
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0008-fix-cipher-algorithm-memleaks.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0008-fix-cipher-algorithm-memleaks.patch
new file mode 100644
index 0000000..995fbed
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0008-fix-cipher-algorithm-memleaks.patch
@@ -0,0 +1,53 @@
1From 9675e358fe73b33029a470aa5cf47527848f4054 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Tue, 26 Nov 2013 16:36:37 +0200
4Subject: [[Patch][fsl 08/16] fix cipher algorithm memleaks
5
6Upstream-status: Pending
7
8Patch 67e743aef130d107c1b41e0aace7677f9ff53bd1 allocates memory for
9cipher algorithm key without freeing it when session terminates. This
10patch addresses the deallocation issue.
11
12Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
13Tested-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
14---
15 cryptodev_int.h | 1 +
16 ioctl.c | 2 ++
17 2 files changed, 3 insertions(+)
18
19diff --git a/cryptodev_int.h b/cryptodev_int.h
20index 8d206c9..8891837 100644
21--- a/cryptodev_int.h
22+++ b/cryptodev_int.h
23@@ -166,6 +166,7 @@ struct csession {
24 struct hash_data hdata;
25 uint32_t sid;
26 uint32_t alignmask;
27+ uint8_t *key;
28
29 unsigned int array_size;
30 unsigned int used_pages; /* the number of pages that are used */
31diff --git a/ioctl.c b/ioctl.c
32index 18874d3..63467e0 100644
33--- a/ioctl.c
34+++ b/ioctl.c
35@@ -235,6 +235,7 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
36 goto error_cipher;
37
38 key = kmalloc(keylen, GFP_KERNEL);
39+ ses_new->key = key;
40 if (unlikely(!key)) {
41 ret = -ENOMEM;
42 goto error_cipher;
43@@ -342,6 +343,7 @@ crypto_destroy_session(struct csession *ses_ptr)
44 ddebug(2, "freeing space for %d user pages", ses_ptr->array_size);
45 kfree(ses_ptr->pages);
46 kfree(ses_ptr->sg);
47+ kfree(ses_ptr->key);
48 mutex_unlock(&ses_ptr->sem);
49 mutex_destroy(&ses_ptr->sem);
50 kfree(ses_ptr);
51--
521.7.9.7
53
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0009-PKC-support-added-in-cryptodev-module.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0009-PKC-support-added-in-cryptodev-module.patch
new file mode 100644
index 0000000..b403731
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0009-PKC-support-added-in-cryptodev-module.patch
@@ -0,0 +1,898 @@
1From 55be37e9e308990b2eeeef7f974dfbfbb1120266 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 06:16:09 +0545
4Subject: [[Patch][fsl 09/16] PKC support added in cryptodev module
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 cryptlib.c | 66 ++++++++-
11 cryptlib.h | 28 ++++
12 crypto/cryptodev.h | 15 ++-
13 cryptodev_int.h | 20 ++-
14 ioctl.c | 196 +++++++++++++++++++++++++--
15 main.c | 378 ++++++++++++++++++++++++++++++++++++++++++++++++++++
16 6 files changed, 685 insertions(+), 18 deletions(-)
17
18diff --git a/cryptlib.c b/cryptlib.c
19index 3576f39..fa0b63f 100644
20--- a/cryptlib.c
21+++ b/cryptlib.c
22@@ -5,6 +5,8 @@
23 * Portions Copyright (c) 2010 Michael Weiser
24 * Portions Copyright (c) 2010 Phil Sutter
25 *
26+ * Copyright 2012 Freescale Semiconductor, Inc.
27+ *
28 * This file is part of linux cryptodev.
29 *
30 * This program is free software; you can redistribute it and/or
31@@ -39,11 +41,6 @@
32 #include "cryptodev_int.h"
33
34
35-struct cryptodev_result {
36- struct completion completion;
37- int err;
38-};
39-
40 static void cryptodev_complete(struct crypto_async_request *req, int err)
41 {
42 struct cryptodev_result *res = req->data;
43@@ -244,7 +241,6 @@ static inline int waitfor(struct cryptodev_result *cr, ssize_t ret)
44 case 0:
45 break;
46 case -EINPROGRESS:
47- case -EBUSY:
48 wait_for_completion(&cr->completion);
49 /* At this point we known for sure the request has finished,
50 * because wait_for_completion above was not interruptible.
51@@ -424,3 +420,61 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output)
52 return waitfor(hdata->async.result, ret);
53 }
54
55+int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
56+{
57+ int ret = 0;
58+ struct pkc_request *pkc_req = &pkc->req, *pkc_requested;
59+
60+ switch (pkc_req->type) {
61+ case RSA_PUB:
62+ case RSA_PRIV_FORM1:
63+ case RSA_PRIV_FORM2:
64+ case RSA_PRIV_FORM3:
65+ pkc->s = crypto_alloc_pkc("pkc(rsa)",
66+ CRYPTO_ALG_TYPE_PKC_RSA, 0);
67+ break;
68+ case DSA_SIGN:
69+ case DSA_VERIFY:
70+ case ECDSA_SIGN:
71+ case ECDSA_VERIFY:
72+ pkc->s = crypto_alloc_pkc("pkc(dsa)",
73+ CRYPTO_ALG_TYPE_PKC_DSA, 0);
74+ break;
75+ case DH_COMPUTE_KEY:
76+ case ECDH_COMPUTE_KEY:
77+ pkc->s = crypto_alloc_pkc("pkc(dh)",
78+ CRYPTO_ALG_TYPE_PKC_DH, 0);
79+ break;
80+ default:
81+ return -EINVAL;
82+ }
83+
84+ if (IS_ERR_OR_NULL(pkc->s))
85+ return -EINVAL;
86+
87+ init_completion(&pkc->result.completion);
88+ pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL);
89+
90+ if (unlikely(IS_ERR_OR_NULL(pkc_requested))) {
91+ ret = -ENOMEM;
92+ goto error;
93+ }
94+ pkc_requested->type = pkc_req->type;
95+ pkc_requested->curve_type = pkc_req->curve_type;
96+ memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u));
97+ pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG,
98+ cryptodev_complete_asym, pkc);
99+ ret = crypto_pkc_op(pkc_requested);
100+ if (ret != -EINPROGRESS && ret != 0)
101+ goto error2;
102+
103+ if (pkc->type == SYNCHRONOUS)
104+ ret = waitfor(&pkc->result, ret);
105+
106+ return ret;
107+error2:
108+ kfree(pkc_requested);
109+error:
110+ crypto_free_pkc(pkc->s);
111+ return ret;
112+}
113diff --git a/cryptlib.h b/cryptlib.h
114index 4cb66ad..e77edc5 100644
115--- a/cryptlib.h
116+++ b/cryptlib.h
117@@ -1,3 +1,6 @@
118+/*
119+ * Copyright 2012 Freescale Semiconductor, Inc.
120+ */
121 #ifndef CRYPTLIB_H
122 # define CRYPTLIB_H
123
124@@ -89,5 +92,30 @@ void cryptodev_hash_deinit(struct hash_data *hdata);
125 int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name,
126 int hmac_mode, void *mackey, unsigned int mackeylen);
127
128+/* Operation Type */
129+enum offload_type {
130+ SYNCHRONOUS,
131+ ASYNCHRONOUS
132+};
133+
134+struct cryptodev_result {
135+ struct completion completion;
136+ int err;
137+};
138+
139+struct cryptodev_pkc {
140+ struct list_head list; /* To maintain the Jobs in completed
141+ cryptodev lists */
142+ struct kernel_crypt_kop kop;
143+ struct crypto_pkc *s; /* Transform pointer from CryptoAPI */
144+ struct cryptodev_result result; /* Result to be updated by
145+ completion handler */
146+ struct pkc_request req; /* PKC request structure allocated
147+ from CryptoAPI */
148+ enum offload_type type; /* Synchronous Vs Asynchronous request */
149+ void *cookie; /*Additional opaque cookie to be used in future */
150+ struct crypt_priv *priv;
151+};
152
153+int cryptodev_pkc_offload(struct cryptodev_pkc *);
154 #endif
155diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
156index 3ea3d35..575ce63 100644
157--- a/crypto/cryptodev.h
158+++ b/crypto/cryptodev.h
159@@ -1,6 +1,10 @@
160-/* This is a source compatible implementation with the original API of
161+/*
162+ * Copyright 2012 Freescale Semiconductor, Inc.
163+ *
164+ * This is a source compatible implementation with the original API of
165 * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h.
166- * Placed under public domain */
167+ * Placed under public domain
168+ */
169
170 #ifndef L_CRYPTODEV_H
171 #define L_CRYPTODEV_H
172@@ -246,6 +250,9 @@ struct crypt_kop {
173 __u16 crk_oparams;
174 __u32 crk_pad1;
175 struct crparam crk_param[CRK_MAXPARAM];
176+ enum curve_t curve_type; /* 0 == Discrete Log,
177+ 1 = EC_PRIME, 2 = EC_BINARY */
178+ void *cookie;
179 };
180
181 enum cryptodev_crk_op_t {
182@@ -290,5 +297,7 @@ enum cryptodev_crk_op_t {
183 */
184 #define CIOCASYNCCRYPT _IOW('c', 110, struct crypt_op)
185 #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op)
186-
187+/* additional ioctls for asynchronous operation for asymmetric ciphers*/
188+#define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop)
189+#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop)
190 #endif /* L_CRYPTODEV_H */
191diff --git a/cryptodev_int.h b/cryptodev_int.h
192index 8891837..b08c253 100644
193--- a/cryptodev_int.h
194+++ b/cryptodev_int.h
195@@ -1,4 +1,6 @@
196-/* cipher stuff */
197+/* cipher stuff
198+ * Copyright 2012 Freescale Semiconductor, Inc.
199+ */
200 #ifndef CRYPTODEV_INT_H
201 # define CRYPTODEV_INT_H
202
203@@ -113,6 +115,14 @@ struct compat_crypt_auth_op {
204
205 #endif /* CONFIG_COMPAT */
206
207+/* kernel-internal extension to struct crypt_kop */
208+struct kernel_crypt_kop {
209+ struct crypt_kop kop;
210+
211+ struct task_struct *task;
212+ struct mm_struct *mm;
213+};
214+
215 /* kernel-internal extension to struct crypt_op */
216 struct kernel_crypt_op {
217 struct crypt_op cop;
218@@ -158,6 +168,14 @@ int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop);
219
220 #include <cryptlib.h>
221
222+/* Cryptodev Key operation handler */
223+int crypto_bn_modexp(struct cryptodev_pkc *);
224+int crypto_modexp_crt(struct cryptodev_pkc *);
225+int crypto_kop_dsasign(struct cryptodev_pkc *);
226+int crypto_kop_dsaverify(struct cryptodev_pkc *);
227+int crypto_run_asym(struct cryptodev_pkc *);
228+void cryptodev_complete_asym(struct crypto_async_request *, int);
229+
230 /* other internal structs */
231 struct csession {
232 struct list_head entry;
233diff --git a/ioctl.c b/ioctl.c
234index 63467e0..44070e1 100644
235--- a/ioctl.c
236+++ b/ioctl.c
237@@ -4,6 +4,7 @@
238 * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs
239 * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org>
240 * Copyright (c) 2010 Phil Sutter
241+ * Copyright 2012 Freescale Semiconductor, Inc.
242 *
243 * This file is part of linux cryptodev.
244 *
245@@ -87,8 +88,37 @@ struct crypt_priv {
246 int itemcount;
247 struct work_struct cryptask;
248 wait_queue_head_t user_waiter;
249+ /* List of pending cryptodev_pkc asym requests */
250+ struct list_head asym_completed_list;
251+ /* For addition/removal of entry in pending list of asymmetric request*/
252+ spinlock_t completion_lock;
253 };
254
255+/* Asymmetric request Completion handler */
256+void cryptodev_complete_asym(struct crypto_async_request *req, int err)
257+{
258+ struct cryptodev_pkc *pkc = req->data;
259+ struct cryptodev_result *res = &pkc->result;
260+
261+ crypto_free_pkc(pkc->s);
262+ res->err = err;
263+ if (pkc->type == SYNCHRONOUS) {
264+ if (err == -EINPROGRESS)
265+ return;
266+ complete(&res->completion);
267+ } else {
268+ struct crypt_priv *pcr = pkc->priv;
269+ unsigned long flags;
270+ spin_lock_irqsave(&pcr->completion_lock, flags);
271+ list_add_tail(&pkc->list, &pcr->asym_completed_list);
272+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
273+ /* wake for POLLIN */
274+ wake_up_interruptible(&pcr->user_waiter);
275+ }
276+
277+ kfree(req);
278+}
279+
280 #define FILL_SG(sg, ptr, len) \
281 do { \
282 (sg)->page = virt_to_page(ptr); \
283@@ -467,7 +497,8 @@ cryptodev_open(struct inode *inode, struct file *filp)
284 INIT_LIST_HEAD(&pcr->free.list);
285 INIT_LIST_HEAD(&pcr->todo.list);
286 INIT_LIST_HEAD(&pcr->done.list);
287-
288+ INIT_LIST_HEAD(&pcr->asym_completed_list);
289+ spin_lock_init(&pcr->completion_lock);
290 INIT_WORK(&pcr->cryptask, cryptask_routine);
291
292 init_waitqueue_head(&pcr->user_waiter);
293@@ -634,6 +665,79 @@ static int crypto_async_fetch(struct crypt_priv *pcr,
294 }
295 #endif
296
297+/* get the first asym cipher completed job from the "done" queue
298+ *
299+ * returns:
300+ * -EBUSY if no completed jobs are ready (yet)
301+ * the return value otherwise */
302+static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
303+{
304+ int ret = 0;
305+ struct kernel_crypt_kop *kop = &pkc->kop;
306+ struct crypt_kop *ckop = &kop->kop;
307+ struct pkc_request *pkc_req = &pkc->req;
308+
309+ switch (ckop->crk_op) {
310+ case CRK_MOD_EXP:
311+ {
312+ struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req;
313+ copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g,
314+ rsa_req->g_len);
315+ }
316+ break;
317+ case CRK_MOD_EXP_CRT:
318+ {
319+ struct rsa_priv_frm3_req_s *rsa_req =
320+ &pkc_req->req_u.rsa_priv_f3;
321+ copy_to_user(ckop->crk_param[6].crp_p,
322+ rsa_req->f, rsa_req->f_len);
323+ }
324+ break;
325+ case CRK_DSA_SIGN:
326+ {
327+ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign;
328+
329+ if (pkc_req->type == ECDSA_SIGN) {
330+ copy_to_user(ckop->crk_param[6].crp_p,
331+ dsa_req->c, dsa_req->d_len);
332+ copy_to_user(ckop->crk_param[7].crp_p,
333+ dsa_req->d, dsa_req->d_len);
334+ } else {
335+ copy_to_user(ckop->crk_param[5].crp_p,
336+ dsa_req->c, dsa_req->d_len);
337+ copy_to_user(ckop->crk_param[6].crp_p,
338+ dsa_req->d, dsa_req->d_len);
339+ }
340+ }
341+ break;
342+ case CRK_DSA_VERIFY:
343+ break;
344+ case CRK_DH_COMPUTE_KEY:
345+ {
346+ struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req;
347+ if (pkc_req->type == ECDH_COMPUTE_KEY)
348+ copy_to_user(ckop->crk_param[4].crp_p,
349+ dh_req->z, dh_req->z_len);
350+ else
351+ copy_to_user(ckop->crk_param[3].crp_p,
352+ dh_req->z, dh_req->z_len);
353+ }
354+ break;
355+ default:
356+ ret = -EINVAL;
357+ }
358+ kfree(pkc->cookie);
359+ return ret;
360+}
361+
362+/* this function has to be called from process context */
363+static int fill_kop_from_cop(struct kernel_crypt_kop *kop)
364+{
365+ kop->task = current;
366+ kop->mm = current->mm;
367+ return 0;
368+}
369+
370 /* this function has to be called from process context */
371 static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr)
372 {
373@@ -657,11 +761,8 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr)
374
375 if (cop->iv) {
376 rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen);
377- if (unlikely(rc)) {
378- derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p",
379- kcop->ivlen, rc, cop->iv);
380+ if (unlikely(rc))
381 return -EFAULT;
382- }
383 }
384
385 return 0;
386@@ -687,6 +788,25 @@ static int fill_cop_from_kcop(struct kernel_crypt_op *kcop, struct fcrypt *fcr)
387 return 0;
388 }
389
390+static int kop_from_user(struct kernel_crypt_kop *kop,
391+ void __user *arg)
392+{
393+ if (unlikely(copy_from_user(&kop->kop, arg, sizeof(kop->kop))))
394+ return -EFAULT;
395+
396+ return fill_kop_from_cop(kop);
397+}
398+
399+static int kop_to_user(struct kernel_crypt_kop *kop,
400+ void __user *arg)
401+{
402+ if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) {
403+ dprintk(1, KERN_ERR, "Cannot copy to userspace\n");
404+ return -EFAULT;
405+ }
406+ return 0;
407+}
408+
409 static int kcop_from_user(struct kernel_crypt_op *kcop,
410 struct fcrypt *fcr, void __user *arg)
411 {
412@@ -816,7 +936,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
413
414 switch (cmd) {
415 case CIOCASYMFEAT:
416- return put_user(0, p);
417+ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP |
418+ CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p);
419 case CRIOGET:
420 fd = clonefd(filp);
421 ret = put_user(fd, p);
422@@ -852,6 +973,24 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
423 if (unlikely(ret))
424 return ret;
425 return copy_to_user(arg, &siop, sizeof(siop));
426+ case CIOCKEY:
427+ {
428+ struct cryptodev_pkc *pkc =
429+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
430+
431+ if (!pkc)
432+ return -ENOMEM;
433+
434+ ret = kop_from_user(&pkc->kop, arg);
435+ if (unlikely(ret)) {
436+ kfree(pkc);
437+ return ret;
438+ }
439+ pkc->type = SYNCHRONOUS;
440+ ret = crypto_run_asym(pkc);
441+ kfree(pkc);
442+ }
443+ return ret;
444 case CIOCCRYPT:
445 if (unlikely(ret = kcop_from_user(&kcop, fcr, arg))) {
446 dwarning(1, "Error copying from user");
447@@ -890,6 +1029,45 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
448
449 return kcop_to_user(&kcop, fcr, arg);
450 #endif
451+ case CIOCASYMASYNCRYPT:
452+ {
453+ struct cryptodev_pkc *pkc =
454+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
455+ ret = kop_from_user(&pkc->kop, arg);
456+
457+ if (unlikely(ret))
458+ return -EINVAL;
459+
460+ /* Store associated FD priv data with asymmetric request */
461+ pkc->priv = pcr;
462+ pkc->type = ASYNCHRONOUS;
463+ ret = crypto_run_asym(pkc);
464+ if (ret == -EINPROGRESS)
465+ ret = 0;
466+ }
467+ return ret;
468+ case CIOCASYMASYNFETCH:
469+ {
470+ struct cryptodev_pkc *pkc;
471+ unsigned long flags;
472+
473+ spin_lock_irqsave(&pcr->completion_lock, flags);
474+ if (list_empty(&pcr->asym_completed_list)) {
475+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
476+ return -ENOMEM;
477+ }
478+ pkc = list_first_entry(&pcr->asym_completed_list,
479+ struct cryptodev_pkc, list);
480+ list_del(&pkc->list);
481+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
482+ ret = crypto_async_fetch_asym(pkc);
483+
484+ /* Reflect the updated request to user-space */
485+ if (!ret)
486+ kop_to_user(&pkc->kop, arg);
487+ kfree(pkc);
488+ }
489+ return ret;
490 default:
491 return -EINVAL;
492 }
493@@ -1078,9 +1256,11 @@ static unsigned int cryptodev_poll(struct file *file, poll_table *wait)
494
495 poll_wait(file, &pcr->user_waiter, wait);
496
497- if (!list_empty_careful(&pcr->done.list))
498+ if (!list_empty_careful(&pcr->done.list) ||
499+ !list_empty_careful(&pcr->asym_completed_list))
500 ret |= POLLIN | POLLRDNORM;
501- if (!list_empty_careful(&pcr->free.list) || pcr->itemcount < MAX_COP_RINGSIZE)
502+ if (!list_empty_careful(&pcr->free.list) ||
503+ pcr->itemcount < MAX_COP_RINGSIZE)
504 ret |= POLLOUT | POLLWRNORM;
505
506 return ret;
507diff --git a/main.c b/main.c
508index 57e5c38..0b7951e 100644
509--- a/main.c
510+++ b/main.c
511@@ -181,6 +181,384 @@ __crypto_run_zc(struct csession *ses_ptr, struct kernel_crypt_op *kcop)
512 return ret;
513 }
514
515+int crypto_kop_dsasign(struct cryptodev_pkc *pkc)
516+{
517+ struct kernel_crypt_kop *kop = &pkc->kop;
518+ struct crypt_kop *cop = &kop->kop;
519+ struct pkc_request *pkc_req = &pkc->req;
520+ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign;
521+ int rc, buf_size;
522+ uint8_t *buf;
523+
524+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
525+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
526+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits ||
527+ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 6 &&
528+ !cop->crk_param[7].crp_nbits))
529+ return -EINVAL;
530+
531+ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8;
532+ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8;
533+ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8;
534+ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8;
535+ dsa_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
536+ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8;
537+ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len +
538+ dsa_req->g_len + dsa_req->priv_key_len + dsa_req->d_len +
539+ dsa_req->d_len;
540+ if (cop->crk_iparams == 6) {
541+ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8;
542+ buf_size += dsa_req->ab_len;
543+ pkc_req->type = ECDSA_SIGN;
544+ pkc_req->curve_type = cop->curve_type;
545+ } else {
546+ pkc_req->type = DSA_SIGN;
547+ }
548+
549+ buf = kzalloc(buf_size, GFP_DMA);
550+
551+ dsa_req->q = buf;
552+ dsa_req->r = dsa_req->q + dsa_req->q_len;
553+ dsa_req->g = dsa_req->r + dsa_req->r_len;
554+ dsa_req->priv_key = dsa_req->g + dsa_req->g_len;
555+ dsa_req->m = dsa_req->priv_key + dsa_req->priv_key_len;
556+ dsa_req->c = dsa_req->m + dsa_req->m_len;
557+ dsa_req->d = dsa_req->c + dsa_req->d_len;
558+ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len);
559+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len);
560+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len);
561+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len);
562+ copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p,
563+ dsa_req->priv_key_len);
564+ if (cop->crk_iparams == 6) {
565+ dsa_req->ab = dsa_req->d + dsa_req->d_len;
566+ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p,
567+ dsa_req->ab_len);
568+ }
569+ rc = cryptodev_pkc_offload(pkc);
570+ if (pkc->type == SYNCHRONOUS) {
571+ if (rc)
572+ goto err;
573+ if (cop->crk_iparams == 6) {
574+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->c,
575+ dsa_req->d_len);
576+ copy_to_user(cop->crk_param[7].crp_p, dsa_req->d,
577+ dsa_req->d_len);
578+ } else {
579+ copy_to_user(cop->crk_param[5].crp_p, dsa_req->c,
580+ dsa_req->d_len);
581+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->d,
582+ dsa_req->d_len);
583+ }
584+ } else {
585+ if (rc != -EINPROGRESS && rc != 0)
586+ goto err;
587+
588+ pkc->cookie = buf;
589+ return rc;
590+ }
591+err:
592+ kfree(buf);
593+ return rc;
594+}
595+
596+int crypto_kop_dsaverify(struct cryptodev_pkc *pkc)
597+{
598+ struct kernel_crypt_kop *kop = &pkc->kop;
599+ struct crypt_kop *cop = &kop->kop;
600+ struct pkc_request *pkc_req;
601+ struct dsa_verify_req_s *dsa_req;
602+ int rc, buf_size;
603+ uint8_t *buf;
604+
605+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
606+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
607+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits ||
608+ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 8 &&
609+ !cop->crk_param[7].crp_nbits))
610+ return -EINVAL;
611+
612+ pkc_req = &pkc->req;
613+ dsa_req = &pkc_req->req_u.dsa_verify;
614+ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8;
615+ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8;
616+ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8;
617+ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8;
618+ dsa_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
619+ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8;
620+ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len +
621+ dsa_req->g_len + dsa_req->pub_key_len + dsa_req->d_len +
622+ dsa_req->d_len;
623+ if (cop->crk_iparams == 8) {
624+ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8;
625+ buf_size += dsa_req->ab_len;
626+ pkc_req->type = ECDSA_VERIFY;
627+ pkc_req->curve_type = cop->curve_type;
628+ } else {
629+ pkc_req->type = DSA_VERIFY;
630+ }
631+
632+ buf = kzalloc(buf_size, GFP_DMA);
633+
634+ dsa_req->q = buf;
635+ dsa_req->r = dsa_req->q + dsa_req->q_len;
636+ dsa_req->g = dsa_req->r + dsa_req->r_len;
637+ dsa_req->pub_key = dsa_req->g + dsa_req->g_len;
638+ dsa_req->m = dsa_req->pub_key + dsa_req->pub_key_len;
639+ dsa_req->c = dsa_req->m + dsa_req->m_len;
640+ dsa_req->d = dsa_req->c + dsa_req->d_len;
641+ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len);
642+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len);
643+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len);
644+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len);
645+ copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p,
646+ dsa_req->pub_key_len);
647+ if (cop->crk_iparams == 8) {
648+ dsa_req->ab = dsa_req->d + dsa_req->d_len;
649+ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p,
650+ dsa_req->ab_len);
651+ copy_from_user(dsa_req->c, cop->crk_param[6].crp_p,
652+ dsa_req->d_len);
653+ copy_from_user(dsa_req->d, cop->crk_param[7].crp_p,
654+ dsa_req->d_len);
655+ } else {
656+ copy_from_user(dsa_req->c, cop->crk_param[5].crp_p,
657+ dsa_req->d_len);
658+ copy_from_user(dsa_req->d, cop->crk_param[6].crp_p,
659+ dsa_req->d_len);
660+ }
661+ rc = cryptodev_pkc_offload(pkc);
662+ if (pkc->type == SYNCHRONOUS) {
663+ if (rc)
664+ goto err;
665+ } else {
666+ if (rc != -EINPROGRESS && !rc)
667+ goto err;
668+ pkc->cookie = buf;
669+ return rc;
670+ }
671+err:
672+ kfree(buf);
673+ return rc;
674+}
675+
676+int crypto_kop_dh_key(struct cryptodev_pkc *pkc)
677+{
678+ struct kernel_crypt_kop *kop = &pkc->kop;
679+ struct crypt_kop *cop = &kop->kop;
680+ struct pkc_request *pkc_req;
681+ struct dh_key_req_s *dh_req;
682+ int buf_size;
683+ uint8_t *buf;
684+ int rc = -EINVAL;
685+
686+ pkc_req = &pkc->req;
687+ dh_req = &pkc_req->req_u.dh_req;
688+ dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8;
689+ dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8;
690+ dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8;
691+ buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len;
692+ if (cop->crk_iparams == 4) {
693+ pkc_req->type = ECDH_COMPUTE_KEY;
694+ dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8;
695+ dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8;
696+ buf_size += dh_req->ab_len;
697+ } else {
698+ dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8;
699+ pkc_req->type = DH_COMPUTE_KEY;
700+ }
701+ buf_size += dh_req->z_len;
702+ buf = kzalloc(buf_size, GFP_DMA);
703+ dh_req->q = buf;
704+ dh_req->s = dh_req->q + dh_req->q_len;
705+ dh_req->pub_key = dh_req->s + dh_req->s_len;
706+ dh_req->z = dh_req->pub_key + dh_req->pub_key_len;
707+ if (cop->crk_iparams == 4) {
708+ dh_req->ab = dh_req->z + dh_req->z_len;
709+ pkc_req->curve_type = cop->curve_type;
710+ copy_from_user(dh_req->ab, cop->crk_param[3].crp_p,
711+ dh_req->ab_len);
712+ }
713+ copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len);
714+ copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p,
715+ dh_req->pub_key_len);
716+ copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len);
717+ rc = cryptodev_pkc_offload(pkc);
718+ if (pkc->type == SYNCHRONOUS) {
719+ if (rc)
720+ goto err;
721+ if (cop->crk_iparams == 4)
722+ copy_to_user(cop->crk_param[4].crp_p, dh_req->z,
723+ dh_req->z_len);
724+ else
725+ copy_to_user(cop->crk_param[3].crp_p, dh_req->z,
726+ dh_req->z_len);
727+ } else {
728+ if (rc != -EINPROGRESS && rc != 0)
729+ goto err;
730+
731+ pkc->cookie = buf;
732+ return rc;
733+ }
734+err:
735+ kfree(buf);
736+ return rc;
737+}
738+
739+int crypto_modexp_crt(struct cryptodev_pkc *pkc)
740+{
741+ struct kernel_crypt_kop *kop = &pkc->kop;
742+ struct crypt_kop *cop = &kop->kop;
743+ struct pkc_request *pkc_req;
744+ struct rsa_priv_frm3_req_s *rsa_req;
745+ int rc;
746+ uint8_t *buf;
747+
748+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
749+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
750+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits)
751+ return -EINVAL;
752+
753+ pkc_req = &pkc->req;
754+ pkc_req->type = RSA_PRIV_FORM3;
755+ rsa_req = &pkc_req->req_u.rsa_priv_f3;
756+ rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8;
757+ rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8;
758+ rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8;
759+ rsa_req->dp_len = (cop->crk_param[3].crp_nbits + 7)/8;
760+ rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8;
761+ rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8;
762+ rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8;
763+ buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len +
764+ rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len +
765+ rsa_req->g_len, GFP_DMA);
766+ rsa_req->p = buf;
767+ rsa_req->q = rsa_req->p + rsa_req->p_len;
768+ rsa_req->g = rsa_req->q + rsa_req->q_len;
769+ rsa_req->dp = rsa_req->g + rsa_req->g_len;
770+ rsa_req->dq = rsa_req->dp + rsa_req->dp_len;
771+ rsa_req->c = rsa_req->dq + rsa_req->dq_len;
772+ rsa_req->f = rsa_req->c + rsa_req->c_len;
773+ copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len);
774+ copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len);
775+ copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len);
776+ copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len);
777+ copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len);
778+ copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len);
779+ rc = cryptodev_pkc_offload(pkc);
780+
781+ if (pkc->type == SYNCHRONOUS) {
782+ if (rc)
783+ goto err;
784+ copy_to_user(cop->crk_param[6].crp_p, rsa_req->f,
785+ rsa_req->f_len);
786+ } else {
787+ if (rc != -EINPROGRESS && rc != 0)
788+ goto err;
789+
790+ pkc->cookie = buf;
791+ return rc;
792+ }
793+err:
794+ kfree(buf);
795+ return rc;
796+}
797+
798+int crypto_bn_modexp(struct cryptodev_pkc *pkc)
799+{
800+ struct pkc_request *pkc_req;
801+ struct rsa_pub_req_s *rsa_req;
802+ int rc;
803+ struct kernel_crypt_kop *kop = &pkc->kop;
804+ struct crypt_kop *cop = &kop->kop;
805+ uint8_t *buf;
806+
807+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
808+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits)
809+ return -EINVAL;
810+
811+ pkc_req = &pkc->req;
812+ pkc_req->type = RSA_PUB;
813+ rsa_req = &pkc_req->req_u.rsa_pub_req;
814+ rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8;
815+ rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8;
816+ rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8;
817+ rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8;
818+ buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len
819+ + rsa_req->g_len, GFP_DMA);
820+ if (!buf)
821+ return -ENOMEM;
822+
823+ rsa_req->e = buf;
824+ rsa_req->f = rsa_req->e + rsa_req->e_len;
825+ rsa_req->g = rsa_req->f + rsa_req->f_len;
826+ rsa_req->n = rsa_req->g + rsa_req->g_len;
827+ copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len);
828+ copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len);
829+ copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len);
830+ rc = cryptodev_pkc_offload(pkc);
831+ if (pkc->type == SYNCHRONOUS) {
832+ if (rc)
833+ goto err;
834+
835+ copy_to_user(cop->crk_param[3].crp_p, rsa_req->g,
836+ rsa_req->g_len);
837+ } else {
838+ if (rc != -EINPROGRESS && rc != 0)
839+ goto err;
840+
841+ /* This one will be freed later in fetch handler */
842+ pkc->cookie = buf;
843+ return rc;
844+ }
845+err:
846+ kfree(buf);
847+ return rc;
848+}
849+
850+int crypto_run_asym(struct cryptodev_pkc *pkc)
851+{
852+ int ret = -EINVAL;
853+ struct kernel_crypt_kop *kop = &pkc->kop;
854+
855+ switch (kop->kop.crk_op) {
856+ case CRK_MOD_EXP:
857+ if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1)
858+ goto err;
859+
860+ ret = crypto_bn_modexp(pkc);
861+ break;
862+ case CRK_MOD_EXP_CRT:
863+ if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1)
864+ goto err;
865+
866+ ret = crypto_modexp_crt(pkc);
867+ break;
868+ case CRK_DSA_SIGN:
869+ if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) ||
870+ kop->kop.crk_oparams != 2)
871+ goto err;
872+
873+ ret = crypto_kop_dsasign(pkc);
874+ break;
875+ case CRK_DSA_VERIFY:
876+ if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) ||
877+ kop->kop.crk_oparams != 0)
878+ goto err;
879+
880+ ret = crypto_kop_dsaverify(pkc);
881+ break;
882+ case CRK_DH_COMPUTE_KEY:
883+ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) ||
884+ kop->kop.crk_oparams != 1)
885+ goto err;
886+ ret = crypto_kop_dh_key(pkc);
887+ break;
888+ }
889+err:
890+ return ret;
891+}
892+
893 int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop)
894 {
895 struct csession *ses_ptr;
896--
8971.7.9.7
898
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0010-Compat-versions-of-PKC-IOCTLs.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0010-Compat-versions-of-PKC-IOCTLs.patch
new file mode 100644
index 0000000..0320462
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0010-Compat-versions-of-PKC-IOCTLs.patch
@@ -0,0 +1,200 @@
1From f6550035fe2c0e66798ace17d31d1d880beacc14 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 06:52:13 +0545
4Subject: [[Patch][fsl 10/16] Compat versions of PKC IOCTLs
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 cryptodev_int.h | 20 ++++++++++
11 ioctl.c | 120 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
12 2 files changed, 140 insertions(+)
13
14diff --git a/cryptodev_int.h b/cryptodev_int.h
15index b08c253..229fcd0 100644
16--- a/cryptodev_int.h
17+++ b/cryptodev_int.h
18@@ -75,6 +75,24 @@ struct compat_crypt_op {
19 compat_uptr_t iv;/* initialization vector for encryption operations */
20 };
21
22+/* input of CIOCKEY */
23+struct compat_crparam {
24+ compat_uptr_t crp_p;
25+ uint32_t crp_nbits;
26+};
27+
28+struct compat_crypt_kop {
29+ uint32_t crk_op; /* cryptodev_crk_ot_t */
30+ uint32_t crk_status;
31+ uint16_t crk_iparams;
32+ uint16_t crk_oparams;
33+ uint32_t crk_pad1;
34+ struct compat_crparam crk_param[CRK_MAXPARAM];
35+ enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME,
36+ 2 = EC_BINARY */
37+ compat_uptr_t cookie;
38+};
39+
40 /* input of CIOCAUTHCRYPT */
41 struct compat_crypt_auth_op {
42 uint32_t ses; /* session identifier */
43@@ -112,6 +130,8 @@ struct compat_crypt_auth_op {
44 #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op)
45 #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op)
46 #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op)
47+#define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop)
48+#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop)
49
50 #endif /* CONFIG_COMPAT */
51
52diff --git a/ioctl.c b/ioctl.c
53index 44070e1..ec82c69 100644
54--- a/ioctl.c
55+++ b/ioctl.c
56@@ -1076,6 +1076,68 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
57 /* compatibility code for 32bit userlands */
58 #ifdef CONFIG_COMPAT
59
60+static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat,
61+ struct crypt_kop *kop)
62+{
63+ int i;
64+ kop->crk_op = compat->crk_op;
65+ kop->crk_status = compat->crk_status;
66+ kop->crk_iparams = compat->crk_iparams;
67+ kop->crk_oparams = compat->crk_oparams;
68+
69+ for (i = 0; i < CRK_MAXPARAM; i++) {
70+ kop->crk_param[i].crp_p =
71+ compat_ptr(compat->crk_param[i].crp_p);
72+ kop->crk_param[i].crp_nbits = compat->crk_param[i].crp_nbits;
73+ }
74+
75+ kop->curve_type = compat->curve_type;
76+ kop->cookie = compat->cookie;
77+}
78+
79+static int compat_kop_from_user(struct kernel_crypt_kop *kop,
80+ void __user *arg)
81+{
82+ struct compat_crypt_kop compat_kop;
83+
84+ if (unlikely(copy_from_user(&compat_kop, arg, sizeof(compat_kop))))
85+ return -EFAULT;
86+
87+ compat_to_crypt_kop(&compat_kop, &kop->kop);
88+ return fill_kop_from_cop(kop);
89+}
90+
91+static inline void crypt_kop_to_compat(struct crypt_kop *kop,
92+ struct compat_crypt_kop *compat)
93+{
94+ int i;
95+
96+ compat->crk_op = kop->crk_op;
97+ compat->crk_status = kop->crk_status;
98+ compat->crk_iparams = kop->crk_iparams;
99+ compat->crk_oparams = kop->crk_oparams;
100+
101+ for (i = 0; i < CRK_MAXPARAM; i++) {
102+ compat->crk_param[i].crp_p =
103+ ptr_to_compat(kop->crk_param[i].crp_p);
104+ compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits;
105+ }
106+ compat->cookie = kop->cookie;
107+ compat->curve_type = kop->curve_type;
108+}
109+
110+static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg)
111+{
112+ struct compat_crypt_kop compat_kop;
113+
114+ crypt_kop_to_compat(&kop->kop, &compat_kop);
115+ if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) {
116+ dprintk(1, KERN_ERR, "Cannot copy to userspace\n");
117+ return -EFAULT;
118+ }
119+ return 0;
120+}
121+
122 static inline void
123 compat_to_session_op(struct compat_session_op *compat, struct session_op *sop)
124 {
125@@ -1203,7 +1265,26 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
126 return -EFAULT;
127 }
128 return ret;
129+ case COMPAT_CIOCKEY:
130+ {
131+ struct cryptodev_pkc *pkc =
132+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
133+
134+ if (!pkc)
135+ return -ENOMEM;
136+
137+ ret = compat_kop_from_user(&pkc->kop, arg);
138+
139+ if (unlikely(ret)) {
140+ kfree(pkc);
141+ return ret;
142+ }
143
144+ pkc->type = SYNCHRONOUS;
145+ ret = crypto_run_asym(pkc);
146+ kfree(pkc);
147+ }
148+ return ret;
149 case COMPAT_CIOCCRYPT:
150 ret = compat_kcop_from_user(&kcop, fcr, arg);
151 if (unlikely(ret))
152@@ -1242,6 +1323,45 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
153
154 return compat_kcop_to_user(&kcop, fcr, arg);
155 #endif
156+ case COMPAT_CIOCASYMASYNCRYPT:
157+ {
158+ struct cryptodev_pkc *pkc =
159+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
160+
161+ ret = compat_kop_from_user(&pkc->kop, arg);
162+ if (unlikely(ret))
163+ return -EINVAL;
164+
165+ /* Store associated FD priv data with asymmetric request */
166+ pkc->priv = pcr;
167+ pkc->type = ASYNCHRONOUS;
168+ ret = crypto_run_asym(pkc);
169+ if (ret == -EINPROGRESS)
170+ ret = 0;
171+ }
172+ return ret;
173+ case COMPAT_CIOCASYMASYNFETCH:
174+ {
175+ struct cryptodev_pkc *pkc;
176+ unsigned long flags;
177+
178+ spin_lock_irqsave(&pcr->completion_lock, flags);
179+ if (list_empty(&pcr->asym_completed_list)) {
180+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
181+ return -ENOMEM;
182+ }
183+ pkc = list_first_entry(&pcr->asym_completed_list,
184+ struct cryptodev_pkc, list);
185+ list_del(&pkc->list);
186+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
187+ ret = crypto_async_fetch_asym(pkc);
188+
189+ /* Reflect the updated request to user-space */
190+ if (!ret)
191+ compat_kop_to_user(&pkc->kop, arg);
192+ kfree(pkc);
193+ }
194+ return ret;
195 default:
196 return -EINVAL;
197 }
198--
1991.7.9.7
200
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0011-Asynchronous-interface-changes-in-cryptodev.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0011-Asynchronous-interface-changes-in-cryptodev.patch
new file mode 100644
index 0000000..5331abc
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0011-Asynchronous-interface-changes-in-cryptodev.patch
@@ -0,0 +1,213 @@
1From ffa8fd090afaf3631e6abd0ab8daa6780be7c31c Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 07:24:00 +0545
4Subject: [[Patch][fsl 11/16] Asynchronous interface changes in cryptodev
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 cryptlib.h | 7 ++++-
11 crypto/cryptodev.h | 10 ++++++-
12 cryptodev_int.h | 10 ++++++-
13 ioctl.c | 76 +++++++++++++++++++++++++++++++++++-----------------
14 4 files changed, 76 insertions(+), 27 deletions(-)
15
16diff --git a/cryptlib.h b/cryptlib.h
17index e77edc5..947d845 100644
18--- a/cryptlib.h
19+++ b/cryptlib.h
20@@ -113,7 +113,12 @@ struct cryptodev_pkc {
21 struct pkc_request req; /* PKC request structure allocated
22 from CryptoAPI */
23 enum offload_type type; /* Synchronous Vs Asynchronous request */
24- void *cookie; /*Additional opaque cookie to be used in future */
25+ /*
26+ * cookie used for transfering tranparent information from async
27+ * submission to async fetch. Currently some dynamic allocated
28+ * buffers are maintained which will be freed later during fetch
29+ */
30+ void *cookie;
31 struct crypt_priv *priv;
32 };
33
34diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
35index 575ce63..0d65899 100644
36--- a/crypto/cryptodev.h
37+++ b/crypto/cryptodev.h
38@@ -255,6 +255,14 @@ struct crypt_kop {
39 void *cookie;
40 };
41
42+#define MAX_COOKIES 4
43+
44+struct pkc_cookie_list_s {
45+ int cookie_available;
46+ void *cookie[MAX_COOKIES];
47+ int status[MAX_COOKIES];
48+};
49+
50 enum cryptodev_crk_op_t {
51 CRK_MOD_EXP = 0,
52 CRK_MOD_EXP_CRT = 1,
53@@ -299,5 +307,5 @@ enum cryptodev_crk_op_t {
54 #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op)
55 /* additional ioctls for asynchronous operation for asymmetric ciphers*/
56 #define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop)
57-#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop)
58+#define CIOCASYMFETCHCOOKIE _IOR('c', 113, struct pkc_cookie_list_s)
59 #endif /* L_CRYPTODEV_H */
60diff --git a/cryptodev_int.h b/cryptodev_int.h
61index 229fcd0..8beeef0 100644
62--- a/cryptodev_int.h
63+++ b/cryptodev_int.h
64@@ -93,6 +93,12 @@ struct compat_crypt_kop {
65 compat_uptr_t cookie;
66 };
67
68+struct compat_pkc_cookie_list_s {
69+ int cookie_available;
70+ compat_uptr_t cookie[MAX_COOKIES];
71+ int status[MAX_COOKIES];
72+};
73+
74 /* input of CIOCAUTHCRYPT */
75 struct compat_crypt_auth_op {
76 uint32_t ses; /* session identifier */
77@@ -127,11 +133,13 @@ struct compat_crypt_auth_op {
78 /* compat ioctls, defined for the above structs */
79 #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op)
80 #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op)
81+#define COMPAT_CIOCKEY _IOW('c', 105, struct compat_crypt_kop)
82 #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op)
83 #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op)
84 #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op)
85 #define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop)
86-#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop)
87+#define COMPAT_CIOCASYMFETCHCOOKIE _IOR('c', 111, \
88+ struct compat_pkc_cookie_list_s)
89
90 #endif /* CONFIG_COMPAT */
91
92diff --git a/ioctl.c b/ioctl.c
93index ec82c69..9f57d46 100644
94--- a/ioctl.c
95+++ b/ioctl.c
96@@ -103,8 +103,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err)
97 crypto_free_pkc(pkc->s);
98 res->err = err;
99 if (pkc->type == SYNCHRONOUS) {
100- if (err == -EINPROGRESS)
101- return;
102 complete(&res->completion);
103 } else {
104 struct crypt_priv *pcr = pkc->priv;
105@@ -1046,26 +1044,41 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
106 ret = 0;
107 }
108 return ret;
109- case CIOCASYMASYNFETCH:
110+ case CIOCASYMFETCHCOOKIE:
111 {
112 struct cryptodev_pkc *pkc;
113 unsigned long flags;
114+ int i;
115+ struct pkc_cookie_list_s cookie_list;
116
117 spin_lock_irqsave(&pcr->completion_lock, flags);
118- if (list_empty(&pcr->asym_completed_list)) {
119- spin_unlock_irqrestore(&pcr->completion_lock, flags);
120- return -ENOMEM;
121+ cookie_list.cookie_available = 0;
122+ for (i = 0; i < MAX_COOKIES; i++) {
123+ if (!list_empty(&pcr->asym_completed_list)) {
124+ /* Run a loop in the list for upto elements
125+ and copy their response back */
126+ pkc =
127+ list_first_entry(&pcr->asym_completed_list,
128+ struct cryptodev_pkc, list);
129+ list_del(&pkc->list);
130+ ret = crypto_async_fetch_asym(pkc);
131+ if (!ret) {
132+ cookie_list.cookie_available++;
133+ cookie_list.cookie[i] =
134+ pkc->kop.kop.cookie;
135+ cookie_list.status[i] = pkc->result.err;
136+ }
137+ kfree(pkc);
138+ } else {
139+ break;
140+ }
141 }
142- pkc = list_first_entry(&pcr->asym_completed_list,
143- struct cryptodev_pkc, list);
144- list_del(&pkc->list);
145 spin_unlock_irqrestore(&pcr->completion_lock, flags);
146- ret = crypto_async_fetch_asym(pkc);
147
148 /* Reflect the updated request to user-space */
149- if (!ret)
150- kop_to_user(&pkc->kop, arg);
151- kfree(pkc);
152+ if (cookie_list.cookie_available)
153+ copy_to_user(arg, &cookie_list,
154+ sizeof(struct pkc_cookie_list_s));
155 }
156 return ret;
157 default:
158@@ -1340,26 +1353,41 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
159 ret = 0;
160 }
161 return ret;
162- case COMPAT_CIOCASYMASYNFETCH:
163+ case COMPAT_CIOCASYMFETCHCOOKIE:
164 {
165 struct cryptodev_pkc *pkc;
166 unsigned long flags;
167+ int i = 0;
168+ struct compat_pkc_cookie_list_s cookie_list;
169
170 spin_lock_irqsave(&pcr->completion_lock, flags);
171- if (list_empty(&pcr->asym_completed_list)) {
172- spin_unlock_irqrestore(&pcr->completion_lock, flags);
173- return -ENOMEM;
174+ cookie_list.cookie_available = 0;
175+
176+ for (i = 0; i < MAX_COOKIES; i++) {
177+ if (!list_empty(&pcr->asym_completed_list)) {
178+ /* Run a loop in the list for upto elements
179+ and copy their response back */
180+ pkc =
181+ list_first_entry(&pcr->asym_completed_list,
182+ struct cryptodev_pkc, list);
183+ list_del(&pkc->list);
184+ ret = crypto_async_fetch_asym(pkc);
185+ if (!ret) {
186+ cookie_list.cookie_available++;
187+ cookie_list.cookie[i] =
188+ pkc->kop.kop.cookie;
189+ }
190+ kfree(pkc);
191+ } else {
192+ break;
193+ }
194 }
195- pkc = list_first_entry(&pcr->asym_completed_list,
196- struct cryptodev_pkc, list);
197- list_del(&pkc->list);
198 spin_unlock_irqrestore(&pcr->completion_lock, flags);
199- ret = crypto_async_fetch_asym(pkc);
200
201 /* Reflect the updated request to user-space */
202- if (!ret)
203- compat_kop_to_user(&pkc->kop, arg);
204- kfree(pkc);
205+ if (cookie_list.cookie_available)
206+ copy_to_user(arg, &cookie_list,
207+ sizeof(struct compat_pkc_cookie_list_s));
208 }
209 return ret;
210 default:
211--
2121.7.9.7
213
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0012-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0012-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch
new file mode 100644
index 0000000..acb5bea
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0012-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch
@@ -0,0 +1,213 @@
1From bda8dd5839da7a8e731b60b64b9fcb531c334b99 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 07:53:53 +0545
4Subject: [[Patch][fsl 12/16] ECC_KEYGEN and DLC_KEYGEN supported in cryptodev
5 module
6
7Upstream-status: Pending
8
9Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
10---
11 cryptlib.c | 2 ++
12 crypto/cryptodev.h | 5 +++-
13 ioctl.c | 29 ++++++++++++++++--
14 main.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++
15 4 files changed, 118 insertions(+), 3 deletions(-)
16
17diff --git a/cryptlib.c b/cryptlib.c
18index fa0b63f..41acb2c 100644
19--- a/cryptlib.c
20+++ b/cryptlib.c
21@@ -437,6 +437,8 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
22 case DSA_VERIFY:
23 case ECDSA_SIGN:
24 case ECDSA_VERIFY:
25+ case DLC_KEYGEN:
26+ case ECC_KEYGEN:
27 pkc->s = crypto_alloc_pkc("pkc(dsa)",
28 CRYPTO_ALG_TYPE_PKC_DSA, 0);
29 break;
30diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
31index 0d65899..33cca2e 100644
32--- a/crypto/cryptodev.h
33+++ b/crypto/cryptodev.h
34@@ -269,6 +269,8 @@ enum cryptodev_crk_op_t {
35 CRK_DSA_SIGN = 2,
36 CRK_DSA_VERIFY = 3,
37 CRK_DH_COMPUTE_KEY = 4,
38+ CRK_DSA_GENERATE_KEY = 5,
39+ CRK_DH_GENERATE_KEY = 6,
40 CRK_ALGORITHM_ALL
41 };
42
43@@ -281,7 +283,8 @@ enum cryptodev_crk_op_t {
44 #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN)
45 #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY)
46 #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY)
47-
48+#define CRF_DSA_GENERATE_KEY (1 << CRK_DSA_GENERATE_KEY)
49+#define CRF_DH_GENERATE_KEY (1 << CRK_DH_GENERATE_KEY)
50
51 /* ioctl's. Compatible with old linux cryptodev.h
52 */
53diff --git a/ioctl.c b/ioctl.c
54index 9f57d46..cc1a2a9 100644
55--- a/ioctl.c
56+++ b/ioctl.c
57@@ -721,6 +721,23 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
58 dh_req->z, dh_req->z_len);
59 }
60 break;
61+ case CRK_DSA_GENERATE_KEY:
62+ case CRK_DH_GENERATE_KEY:
63+ {
64+ struct keygen_req_s *key_req = &pkc_req->req_u.keygen;
65+
66+ if (pkc_req->type == ECC_KEYGEN) {
67+ copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key,
68+ key_req->pub_key_len);
69+ copy_to_user(ckop->crk_param[5].crp_p,
70+ key_req->priv_key, key_req->priv_key_len);
71+ } else {
72+ copy_to_user(ckop->crk_param[3].crp_p,
73+ key_req->pub_key, key_req->pub_key_len);
74+ copy_to_user(ckop->crk_param[4].crp_p,
75+ key_req->priv_key, key_req->priv_key_len);
76+ }
77+ }
78 default:
79 ret = -EINVAL;
80 }
81@@ -934,8 +951,9 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
82
83 switch (cmd) {
84 case CIOCASYMFEAT:
85- return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP |
86- CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p);
87+ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN |
88+ CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY |
89+ CRF_DSA_GENERATE_KEY, p);
90 case CRIOGET:
91 fd = clonefd(filp);
92 ret = put_user(fd, p);
93@@ -1079,7 +1097,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
94 if (cookie_list.cookie_available)
95 copy_to_user(arg, &cookie_list,
96 sizeof(struct pkc_cookie_list_s));
97+ else {
98+ struct pkc_cookie_list_s *user_ck_list = (void *)arg;
99+
100+ put_user(0, &(user_ck_list->cookie_available));
101+ }
102+ ret = cookie_list.cookie_available;
103 }
104+
105 return ret;
106 default:
107 return -EINVAL;
108diff --git a/main.c b/main.c
109index 0b7951e..c901bc7 100644
110--- a/main.c
111+++ b/main.c
112@@ -342,6 +342,85 @@ err:
113 return rc;
114 }
115
116+int crypto_kop_keygen(struct cryptodev_pkc *pkc)
117+{
118+ struct kernel_crypt_kop *kop = &pkc->kop;
119+ struct crypt_kop *cop = &kop->kop;
120+ struct pkc_request *pkc_req;
121+ struct keygen_req_s *key_req;
122+ int rc, buf_size;
123+ uint8_t *buf;
124+
125+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
126+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
127+ !cop->crk_param[4].crp_nbits)
128+ return -EINVAL;
129+
130+ pkc_req = &pkc->req;
131+ key_req = &pkc_req->req_u.keygen;
132+ key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8;
133+ key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8;
134+ key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8;
135+ if (cop->crk_iparams == 3) {
136+ key_req->pub_key_len = (cop->crk_param[3].crp_nbits + 7)/8;
137+ key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
138+ buf_size = key_req->q_len + key_req->r_len + key_req->g_len +
139+ key_req->pub_key_len + key_req->priv_key_len;
140+ pkc_req->type = DLC_KEYGEN;
141+ } else {
142+ key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8;
143+ key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
144+ key_req->priv_key_len = (cop->crk_param[5].crp_nbits + 7)/8;
145+ buf_size = key_req->q_len + key_req->r_len + key_req->g_len +
146+ key_req->pub_key_len + key_req->priv_key_len +
147+ key_req->ab_len;
148+ pkc_req->type = ECC_KEYGEN;
149+ pkc_req->curve_type = cop->curve_type;
150+ }
151+
152+ buf = kzalloc(buf_size, GFP_DMA);
153+ if (!buf)
154+ return -ENOMEM;
155+
156+ key_req->q = buf;
157+ key_req->r = key_req->q + key_req->q_len;
158+ key_req->g = key_req->r + key_req->r_len;
159+ key_req->pub_key = key_req->g + key_req->g_len;
160+ key_req->priv_key = key_req->pub_key + key_req->pub_key_len;
161+ copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len);
162+ copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len);
163+ copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len);
164+ if (cop->crk_iparams == 3) {
165+ copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p,
166+ key_req->pub_key_len);
167+ copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p,
168+ key_req->priv_key_len);
169+ } else {
170+ key_req->ab = key_req->priv_key + key_req->priv_key_len;
171+ copy_from_user(key_req->ab, cop->crk_param[3].crp_p,
172+ key_req->ab_len);
173+ copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p,
174+ key_req->pub_key_len);
175+ copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p,
176+ key_req->priv_key_len);
177+ }
178+
179+ rc = cryptodev_pkc_offload(pkc);
180+ if (pkc->type == SYNCHRONOUS) {
181+ if (rc)
182+ goto err;
183+ } else {
184+ if (rc != -EINPROGRESS && !rc)
185+ goto err;
186+
187+ pkc->cookie = buf;
188+ return rc;
189+ }
190+err:
191+ kfree(buf);
192+ return rc;
193+}
194+
195 int crypto_kop_dh_key(struct cryptodev_pkc *pkc)
196 {
197 struct kernel_crypt_kop *kop = &pkc->kop;
198@@ -554,6 +633,12 @@ int crypto_run_asym(struct cryptodev_pkc *pkc)
199 goto err;
200 ret = crypto_kop_dh_key(pkc);
201 break;
202+ case CRK_DH_GENERATE_KEY:
203+ case CRK_DSA_GENERATE_KEY:
204+ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4))
205+ goto err;
206+ ret = crypto_kop_keygen(pkc);
207+ break;
208 }
209 err:
210 return ret;
211--
2121.7.9.7
213
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0013-RCU-stall-fixed-in-PKC-asynchronous-interface.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0013-RCU-stall-fixed-in-PKC-asynchronous-interface.patch
new file mode 100644
index 0000000..26c0168
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0013-RCU-stall-fixed-in-PKC-asynchronous-interface.patch
@@ -0,0 +1,238 @@
1From 211a494a4f8ee6d5d31a1db938b771958ea32c6b Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 08:49:15 +0545
4Subject: [[Patch][fsl 13/16] RCU stall fixed in PKC asynchronous interface
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 ioctl.c | 23 +++++++++++------------
11 main.c | 43 +++++++++++++++++++++++++++----------------
12 2 files changed, 38 insertions(+), 28 deletions(-)
13
14diff --git a/ioctl.c b/ioctl.c
15index cc1a2a9..1752880 100644
16--- a/ioctl.c
17+++ b/ioctl.c
18@@ -106,10 +106,9 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err)
19 complete(&res->completion);
20 } else {
21 struct crypt_priv *pcr = pkc->priv;
22- unsigned long flags;
23- spin_lock_irqsave(&pcr->completion_lock, flags);
24+ spin_lock_bh(&pcr->completion_lock);
25 list_add_tail(&pkc->list, &pcr->asym_completed_list);
26- spin_unlock_irqrestore(&pcr->completion_lock, flags);
27+ spin_unlock_bh(&pcr->completion_lock);
28 /* wake for POLLIN */
29 wake_up_interruptible(&pcr->user_waiter);
30 }
31@@ -953,7 +952,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
32 case CIOCASYMFEAT:
33 return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN |
34 CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY |
35- CRF_DSA_GENERATE_KEY, p);
36+ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p);
37 case CRIOGET:
38 fd = clonefd(filp);
39 ret = put_user(fd, p);
40@@ -992,7 +991,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
41 case CIOCKEY:
42 {
43 struct cryptodev_pkc *pkc =
44- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
45+ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
46
47 if (!pkc)
48 return -ENOMEM;
49@@ -1048,7 +1047,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
50 case CIOCASYMASYNCRYPT:
51 {
52 struct cryptodev_pkc *pkc =
53- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
54+ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
55 ret = kop_from_user(&pkc->kop, arg);
56
57 if (unlikely(ret))
58@@ -1065,13 +1064,12 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
59 case CIOCASYMFETCHCOOKIE:
60 {
61 struct cryptodev_pkc *pkc;
62- unsigned long flags;
63 int i;
64 struct pkc_cookie_list_s cookie_list;
65
66- spin_lock_irqsave(&pcr->completion_lock, flags);
67 cookie_list.cookie_available = 0;
68 for (i = 0; i < MAX_COOKIES; i++) {
69+ spin_lock_bh(&pcr->completion_lock);
70 if (!list_empty(&pcr->asym_completed_list)) {
71 /* Run a loop in the list for upto elements
72 and copy their response back */
73@@ -1079,6 +1077,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
74 list_first_entry(&pcr->asym_completed_list,
75 struct cryptodev_pkc, list);
76 list_del(&pkc->list);
77+ spin_unlock_bh(&pcr->completion_lock);
78 ret = crypto_async_fetch_asym(pkc);
79 if (!ret) {
80 cookie_list.cookie_available++;
81@@ -1088,10 +1087,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
82 }
83 kfree(pkc);
84 } else {
85+ spin_unlock_bh(&pcr->completion_lock);
86 break;
87 }
88 }
89- spin_unlock_irqrestore(&pcr->completion_lock, flags);
90
91 /* Reflect the updated request to user-space */
92 if (cookie_list.cookie_available)
93@@ -1381,14 +1380,13 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
94 case COMPAT_CIOCASYMFETCHCOOKIE:
95 {
96 struct cryptodev_pkc *pkc;
97- unsigned long flags;
98 int i = 0;
99 struct compat_pkc_cookie_list_s cookie_list;
100
101- spin_lock_irqsave(&pcr->completion_lock, flags);
102 cookie_list.cookie_available = 0;
103
104 for (i = 0; i < MAX_COOKIES; i++) {
105+ spin_lock_bh(&pcr->completion_lock);
106 if (!list_empty(&pcr->asym_completed_list)) {
107 /* Run a loop in the list for upto elements
108 and copy their response back */
109@@ -1396,6 +1394,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
110 list_first_entry(&pcr->asym_completed_list,
111 struct cryptodev_pkc, list);
112 list_del(&pkc->list);
113+ spin_unlock_bh(&pcr->completion_lock);
114 ret = crypto_async_fetch_asym(pkc);
115 if (!ret) {
116 cookie_list.cookie_available++;
117@@ -1404,10 +1403,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
118 }
119 kfree(pkc);
120 } else {
121+ spin_unlock_bh(&pcr->completion_lock);
122 break;
123 }
124 }
125- spin_unlock_irqrestore(&pcr->completion_lock, flags);
126
127 /* Reflect the updated request to user-space */
128 if (cookie_list.cookie_available)
129diff --git a/main.c b/main.c
130index c901bc7..2747706 100644
131--- a/main.c
132+++ b/main.c
133@@ -215,7 +215,9 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc)
134 pkc_req->type = DSA_SIGN;
135 }
136
137- buf = kzalloc(buf_size, GFP_DMA);
138+ buf = kmalloc(buf_size, GFP_DMA);
139+ if (!buf)
140+ return -ENOMEM;
141
142 dsa_req->q = buf;
143 dsa_req->r = dsa_req->q + dsa_req->q_len;
144@@ -298,7 +300,9 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc)
145 pkc_req->type = DSA_VERIFY;
146 }
147
148- buf = kzalloc(buf_size, GFP_DMA);
149+ buf = kmalloc(buf_size, GFP_DMA);
150+ if (!buf)
151+ return -ENOMEM;
152
153 dsa_req->q = buf;
154 dsa_req->r = dsa_req->q + dsa_req->q_len;
155@@ -378,7 +382,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
156 pkc_req->curve_type = cop->curve_type;
157 }
158
159- buf = kzalloc(buf_size, GFP_DMA);
160+ buf = kmalloc(buf_size, GFP_DMA);
161 if (!buf)
162 return -ENOMEM;
163
164@@ -390,25 +394,28 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
165 copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len);
166 copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len);
167 copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len);
168- if (cop->crk_iparams == 3) {
169- copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p,
170- key_req->pub_key_len);
171- copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p,
172- key_req->priv_key_len);
173- } else {
174+ if (cop->crk_iparams == 4) {
175 key_req->ab = key_req->priv_key + key_req->priv_key_len;
176 copy_from_user(key_req->ab, cop->crk_param[3].crp_p,
177 key_req->ab_len);
178- copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p,
179- key_req->pub_key_len);
180- copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p,
181- key_req->priv_key_len);
182 }
183
184 rc = cryptodev_pkc_offload(pkc);
185 if (pkc->type == SYNCHRONOUS) {
186 if (rc)
187 goto err;
188+
189+ if (cop->crk_iparams == 4) {
190+ copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key,
191+ key_req->pub_key_len);
192+ copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key,
193+ key_req->priv_key_len);
194+ } else {
195+ copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key,
196+ key_req->pub_key_len);
197+ copy_to_user(cop->crk_param[4].crp_p,
198+ key_req->priv_key, key_req->priv_key_len);
199+ }
200 } else {
201 if (rc != -EINPROGRESS && !rc)
202 goto err;
203@@ -447,7 +454,9 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc)
204 pkc_req->type = DH_COMPUTE_KEY;
205 }
206 buf_size += dh_req->z_len;
207- buf = kzalloc(buf_size, GFP_DMA);
208+ buf = kmalloc(buf_size, GFP_DMA);
209+ if (!buf)
210+ return -ENOMEM;
211 dh_req->q = buf;
212 dh_req->s = dh_req->q + dh_req->q_len;
213 dh_req->pub_key = dh_req->s + dh_req->s_len;
214@@ -508,9 +517,11 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc)
215 rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8;
216 rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8;
217 rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8;
218- buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len +
219+ buf = kmalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len +
220 rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len +
221 rsa_req->g_len, GFP_DMA);
222+ if (!buf)
223+ return -ENOMEM;
224 rsa_req->p = buf;
225 rsa_req->q = rsa_req->p + rsa_req->p_len;
226 rsa_req->g = rsa_req->q + rsa_req->q_len;
227@@ -563,7 +574,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc)
228 rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8;
229 rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8;
230 rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8;
231- buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len
232+ buf = kmalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len
233 + rsa_req->g_len, GFP_DMA);
234 if (!buf)
235 return -ENOMEM;
236--
2371.7.9.7
238
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0014-use-static-allocation-for-keys-copied-from-userspace.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0014-use-static-allocation-for-keys-copied-from-userspace.patch
new file mode 100644
index 0000000..c68f3d7
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0014-use-static-allocation-for-keys-copied-from-userspace.patch
@@ -0,0 +1,131 @@
1From 50c116780f736b3e6a11389c9d9b3f4a1d5cab90 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Wed, 19 Mar 2014 17:59:17 +0200
4Subject: [[Patch][fsl 14/16] use static allocation for keys copied from
5 userspace
6
7Upstream-status: Pending
8
9There is no need to keep keys around for the entire duration of the
10session. The keys are copied from user-space and then used to initialize
11the ciphers. After this, the original keys can be discarded.
12The total required space for keys is small and known in advance. This
13patch uses this information to allocate required space on stack.
14
15Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
16---
17 cryptodev_int.h | 1 -
18 ioctl.c | 38 ++++++++++++++++++++------------------
19 2 files changed, 20 insertions(+), 19 deletions(-)
20
21diff --git a/cryptodev_int.h b/cryptodev_int.h
22index 8beeef0..7ea6976 100644
23--- a/cryptodev_int.h
24+++ b/cryptodev_int.h
25@@ -212,7 +212,6 @@ struct csession {
26 struct hash_data hdata;
27 uint32_t sid;
28 uint32_t alignmask;
29- uint8_t *key;
30
31 unsigned int array_size;
32 unsigned int used_pages; /* the number of pages that are used */
33diff --git a/ioctl.c b/ioctl.c
34index 1752880..16ce72c 100644
35--- a/ioctl.c
36+++ b/ioctl.c
37@@ -46,6 +46,8 @@
38 #include <linux/uaccess.h>
39 #include <crypto/cryptodev.h>
40 #include <linux/scatterlist.h>
41+#include <linux/rtnetlink.h>
42+#include <crypto/authenc.h>
43
44 #include <linux/sysctl.h>
45
46@@ -136,9 +138,17 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
47 const char *alg_name = NULL;
48 const char *hash_name = NULL;
49 int hmac_mode = 1, stream = 0, aead = 0;
50- uint8_t *key = NULL;
51- unsigned int keylen;
52- uint8_t mackey[CRYPTO_HMAC_MAX_KEY_LEN];
53+ /*
54+ * With aead, only ckey is used and it can cover all the struct space;
55+ * otherwise both keys may be used simultaneously but they are confined
56+ * to their spaces
57+ */
58+ struct {
59+ uint8_t ckey[CRYPTO_CIPHER_MAX_KEY_LEN];
60+ uint8_t mkey[CRYPTO_HMAC_MAX_KEY_LEN];
61+ /* padding space for aead keys */
62+ uint8_t pad[RTA_SPACE(sizeof(struct crypto_authenc_key_param))];
63+ } keys;
64
65 /* Does the request make sense? */
66 if (unlikely(!sop->cipher && !sop->mac)) {
67@@ -257,23 +267,17 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
68
69 /* Set-up crypto transform. */
70 if (alg_name) {
71+ unsigned int keylen;
72 ret = cryptodev_get_cipher_keylen(&keylen, sop, aead);
73 if (unlikely(ret < 0))
74 goto error_cipher;
75
76- key = kmalloc(keylen, GFP_KERNEL);
77- ses_new->key = key;
78- if (unlikely(!key)) {
79- ret = -ENOMEM;
80- goto error_cipher;
81- }
82-
83- ret = cryptodev_get_cipher_key(key, sop, aead);
84+ ret = cryptodev_get_cipher_key(keys.ckey, sop, aead);
85 if (unlikely(ret < 0))
86 goto error_cipher;
87
88- ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, key, keylen,
89- stream, aead);
90+ ret = cryptodev_cipher_init(&ses_new->cdata, alg_name,
91+ keys.ckey, keylen, stream, aead);
92 if (ret < 0) {
93 ddebug(1, "Failed to load cipher for %s", alg_name);
94 ret = -EINVAL;
95@@ -289,14 +293,14 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
96 goto error_hash;
97 }
98
99- if (sop->mackey && unlikely(copy_from_user(mackey, sop->mackey,
100- sop->mackeylen))) {
101+ if (sop->mackey && unlikely(copy_from_user(keys.mkey,
102+ sop->mackey, sop->mackeylen))) {
103 ret = -EFAULT;
104 goto error_hash;
105 }
106
107 ret = cryptodev_hash_init(&ses_new->hdata, hash_name, hmac_mode,
108- mackey, sop->mackeylen);
109+ keys.mkey, sop->mackeylen);
110 if (ret != 0) {
111 ddebug(1, "Failed to load hash for %s", hash_name);
112 ret = -EINVAL;
113@@ -349,7 +353,6 @@ error_hash:
114 kfree(ses_new->sg);
115 kfree(ses_new->pages);
116 error_cipher:
117- kfree(key);
118 kfree(ses_new);
119
120 return ret;
121@@ -370,7 +373,6 @@ crypto_destroy_session(struct csession *ses_ptr)
122 ddebug(2, "freeing space for %d user pages", ses_ptr->array_size);
123 kfree(ses_ptr->pages);
124 kfree(ses_ptr->sg);
125- kfree(ses_ptr->key);
126 mutex_unlock(&ses_ptr->sem);
127 mutex_destroy(&ses_ptr->sem);
128 kfree(ses_ptr);
129--
1301.7.9.7
131
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0015-Add-RSA-Key-generation-offloading.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0015-Add-RSA-Key-generation-offloading.patch
new file mode 100644
index 0000000..a419b58
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0015-Add-RSA-Key-generation-offloading.patch
@@ -0,0 +1,170 @@
1From 1d9c8084a9addaa071ca3e6c14167ebdb2673725 Mon Sep 17 00:00:00 2001
2From: Hou Zhiqiang <B48286@freescale.com>
3Date: Wed, 19 Mar 2014 14:02:46 +0800
4Subject: [[Patch][fsl 15/16] Add RSA Key generation offloading
5
6Upstream-status: Pending
7
8Signed-off-by: Hou Zhiqiang <B48286@freescale.com>
9Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
10---
11 cryptlib.c | 1 +
12 crypto/cryptodev.h | 2 ++
13 ioctl.c | 3 +-
14 main.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++-
15 4 files changed, 84 insertions(+), 2 deletions(-)
16
17diff --git a/cryptlib.c b/cryptlib.c
18index 41acb2c..89af77a 100644
19--- a/cryptlib.c
20+++ b/cryptlib.c
21@@ -426,6 +426,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
22 struct pkc_request *pkc_req = &pkc->req, *pkc_requested;
23
24 switch (pkc_req->type) {
25+ case RSA_KEYGEN:
26 case RSA_PUB:
27 case RSA_PRIV_FORM1:
28 case RSA_PRIV_FORM2:
29diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
30index 33cca2e..7990f27 100644
31--- a/crypto/cryptodev.h
32+++ b/crypto/cryptodev.h
33@@ -271,6 +271,7 @@ enum cryptodev_crk_op_t {
34 CRK_DH_COMPUTE_KEY = 4,
35 CRK_DSA_GENERATE_KEY = 5,
36 CRK_DH_GENERATE_KEY = 6,
37+ CRK_RSA_GENERATE_KEY = 7,
38 CRK_ALGORITHM_ALL
39 };
40
41@@ -280,6 +281,7 @@ enum cryptodev_crk_op_t {
42 */
43 #define CRF_MOD_EXP (1 << CRK_MOD_EXP)
44 #define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT)
45+#define CRF_RSA_GENERATE_KEY (1 << CRK_RSA_GENERATE_KEY)
46 #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN)
47 #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY)
48 #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY)
49diff --git a/ioctl.c b/ioctl.c
50index 16ce72c..0344c0c 100644
51--- a/ioctl.c
52+++ b/ioctl.c
53@@ -954,7 +954,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
54 case CIOCASYMFEAT:
55 return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN |
56 CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY |
57- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p);
58+ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY |
59+ CRF_RSA_GENERATE_KEY, p);
60 case CRIOGET:
61 fd = clonefd(filp);
62 ret = put_user(fd, p);
63diff --git a/main.c b/main.c
64index 2747706..14dcf40 100644
65--- a/main.c
66+++ b/main.c
67@@ -346,6 +346,82 @@ err:
68 return rc;
69 }
70
71+int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc)
72+{
73+ struct kernel_crypt_kop *kop = &pkc->kop;
74+ struct crypt_kop *cop = &kop->kop;
75+ struct pkc_request *pkc_req;
76+ struct rsa_keygen_req_s *key_req;
77+ int rc, buf_size;
78+ uint8_t *buf;
79+
80+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
81+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
82+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits ||
83+ !cop->crk_param[6].crp_nbits)
84+ return -EINVAL;
85+
86+ pkc_req = &pkc->req;
87+ pkc_req->type = RSA_KEYGEN;
88+ key_req = &pkc_req->req_u.rsa_keygen;
89+ key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8;
90+ key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8;
91+ key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8;
92+ key_req->n_len = (cop->crk_param[2].crp_nbits + 7) / 8;
93+ key_req->d_len = (cop->crk_param[3].crp_nbits + 7) / 8;
94+ key_req->dp_len = (cop->crk_param[4].crp_nbits + 7) / 8;
95+ key_req->dq_len = (cop->crk_param[5].crp_nbits + 7) / 8;
96+ key_req->c_len = (cop->crk_param[6].crp_nbits + 7) / 8;
97+
98+ buf_size = key_req->p_len + key_req->q_len + key_req->n_len +
99+ key_req->d_len + key_req->dp_len +
100+ key_req->dq_len + key_req->c_len;
101+
102+ buf = kmalloc(buf_size, GFP_DMA);
103+ if (!buf)
104+ return -ENOMEM;
105+ key_req->p = buf;
106+ key_req->q = key_req->p + key_req->p_len;
107+ key_req->n = key_req->q + key_req->q_len;
108+ key_req->d = key_req->n + key_req->n_len;
109+ key_req->dp = key_req->d + key_req->d_len;
110+ key_req->dq = key_req->dp + key_req->dp_len;
111+ key_req->c = key_req->dq + key_req->dq_len;
112+
113+ rc = cryptodev_pkc_offload(pkc);
114+
115+ if (pkc->type == SYNCHRONOUS) {
116+ if (rc)
117+ goto err;
118+
119+ copy_to_user(cop->crk_param[0].crp_p,
120+ key_req->p, key_req->p_len);
121+ copy_to_user(cop->crk_param[1].crp_p,
122+ key_req->q, key_req->q_len);
123+ copy_to_user(cop->crk_param[2].crp_p,
124+ key_req->n, key_req->n_len);
125+ copy_to_user(cop->crk_param[3].crp_p,
126+ key_req->d, key_req->d_len);
127+ copy_to_user(cop->crk_param[4].crp_p,
128+ key_req->dp, key_req->dp_len);
129+ copy_to_user(cop->crk_param[5].crp_p,
130+ key_req->dq, key_req->dq_len);
131+ copy_to_user(cop->crk_param[6].crp_p,
132+ key_req->c, key_req->c_len);
133+ } else {
134+ if (rc != -EINPROGRESS && !rc) {
135+ printk("%s: Failed\n", __func__);
136+ goto err;
137+ }
138+ pkc->cookie = buf;
139+ return rc;
140+ }
141+err:
142+ kfree(buf);
143+ return rc;
144+
145+}
146+
147 int crypto_kop_keygen(struct cryptodev_pkc *pkc)
148 {
149 struct kernel_crypt_kop *kop = &pkc->kop;
150@@ -385,7 +461,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
151 buf = kmalloc(buf_size, GFP_DMA);
152 if (!buf)
153 return -ENOMEM;
154-
155 key_req->q = buf;
156 key_req->r = key_req->q + key_req->q_len;
157 key_req->g = key_req->r + key_req->r_len;
158@@ -650,6 +725,9 @@ int crypto_run_asym(struct cryptodev_pkc *pkc)
159 goto err;
160 ret = crypto_kop_keygen(pkc);
161 break;
162+ case CRK_RSA_GENERATE_KEY:
163+ ret = crypto_kop_rsa_keygen(pkc);
164+ break;
165 }
166 err:
167 return ret;
168--
1691.7.9.7
170
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0016-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0016-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch
new file mode 100644
index 0000000..d5cc7f0
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0016-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch
@@ -0,0 +1,116 @@
1From 2215332bff6034d0e22e92e8fda0993f2579a740 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Thu, 17 Apr 2014 07:08:47 +0545
4Subject: [[Patch][fsl 16/16] Fixed compilation error of openssl with fsl
5 cryptodev
6
7Upstream-status: Pending
8
9Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
10Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
11---
12 cryptlib.c | 6 +++---
13 crypto/cryptodev.h | 9 ++++++++-
14 cryptodev_int.h | 2 +-
15 ioctl.c | 6 +++++-
16 4 files changed, 17 insertions(+), 6 deletions(-)
17
18diff --git a/cryptlib.c b/cryptlib.c
19index 89af77a..1fc03e5 100644
20--- a/cryptlib.c
21+++ b/cryptlib.c
22@@ -129,7 +129,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
23 if (alg->max_keysize > 0 &&
24 unlikely((keylen < alg->min_keysize) ||
25 (keylen > alg->max_keysize))) {
26- ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.",
27+ ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.",
28 keylen, alg_name, alg->min_keysize, alg->max_keysize);
29 ret = -EINVAL;
30 goto error;
31@@ -156,7 +156,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
32 }
33
34 if (unlikely(ret)) {
35- ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8);
36+ ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8);
37 ret = -EINVAL;
38 goto error;
39 }
40@@ -323,7 +323,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name,
41 if (hmac_mode != 0) {
42 ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen);
43 if (unlikely(ret)) {
44- ddebug(1, "Setting hmac key failed for %s-%zu.",
45+ ddebug(1, "Setting hmac key failed for %s-%u.",
46 alg_name, mackeylen*8);
47 ret = -EINVAL;
48 goto error;
49diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
50index 7990f27..77bffc9 100644
51--- a/crypto/cryptodev.h
52+++ b/crypto/cryptodev.h
53@@ -235,6 +235,13 @@ struct crypt_auth_op {
54 #define CRYPTO_ALG_FLAG_RNG_ENABLE 2
55 #define CRYPTO_ALG_FLAG_DSA_SHA 4
56
57+enum ec_curve_t {
58+ EC_DISCRETE_LOG,
59+ EC_PRIME,
60+ EC_BINARY,
61+ MAX_EC_TYPE
62+};
63+
64 struct crparam {
65 __u8 *crp_p;
66 __u32 crp_nbits;
67@@ -250,7 +257,7 @@ struct crypt_kop {
68 __u16 crk_oparams;
69 __u32 crk_pad1;
70 struct crparam crk_param[CRK_MAXPARAM];
71- enum curve_t curve_type; /* 0 == Discrete Log,
72+ enum ec_curve_t curve_type; /* 0 == Discrete Log,
73 1 = EC_PRIME, 2 = EC_BINARY */
74 void *cookie;
75 };
76diff --git a/cryptodev_int.h b/cryptodev_int.h
77index 7ea6976..e379eaf 100644
78--- a/cryptodev_int.h
79+++ b/cryptodev_int.h
80@@ -88,7 +88,7 @@ struct compat_crypt_kop {
81 uint16_t crk_oparams;
82 uint32_t crk_pad1;
83 struct compat_crparam crk_param[CRK_MAXPARAM];
84- enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME,
85+ enum ec_curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME,
86 2 = EC_BINARY */
87 compat_uptr_t cookie;
88 };
89diff --git a/ioctl.c b/ioctl.c
90index 0344c0c..66cb05a 100644
91--- a/ioctl.c
92+++ b/ioctl.c
93@@ -498,6 +498,7 @@ cryptodev_open(struct inode *inode, struct file *filp)
94 INIT_LIST_HEAD(&pcr->done.list);
95 INIT_LIST_HEAD(&pcr->asym_completed_list);
96 spin_lock_init(&pcr->completion_lock);
97+
98 INIT_WORK(&pcr->cryptask, cryptask_routine);
99
100 init_waitqueue_head(&pcr->user_waiter);
101@@ -777,8 +778,11 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr)
102
103 if (cop->iv) {
104 rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen);
105- if (unlikely(rc))
106+ if (unlikely(rc)) {
107+ derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p",
108+ kcop->ivlen, rc, cop->iv);
109 return -EFAULT;
110+ }
111 }
112
113 return 0;
114--
1151.7.9.7
116
diff --git a/recipes-kernel/cryptodev/cryptodev-linux_1.6.bbappend b/recipes-kernel/cryptodev/cryptodev-linux_1.6.bbappend
new file mode 100644
index 0000000..3cbbb3d
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-linux_1.6.bbappend
@@ -0,0 +1,2 @@
1require recipes-kernel/cryptodev/cryptodev-fsl.inc
2
diff --git a/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend b/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend
new file mode 100644
index 0000000..1dbf3b6
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend
@@ -0,0 +1,8 @@
1require recipes-kernel/cryptodev/cryptodev-fsl.inc
2
3inherit qoriq_build_64bit_kernel
4
5do_install_append_fslmachine () {
6 rm -fr ${D}/usr
7}
8
diff --git a/recipes-kernel/cryptodev/cryptodev_1.5.bb b/recipes-kernel/cryptodev/cryptodev_1.5.bb
deleted file mode 100644
index 4c1dade..0000000
--- a/recipes-kernel/cryptodev/cryptodev_1.5.bb
+++ /dev/null
@@ -1,51 +0,0 @@
1SECTION = "devel"
2SUMMARY = "Linux Cryptodev KERNEL MODULE"
3DESCRIPTION = "The Cryptodev package contains the kernel /dev/crypto module"
4LICENSE = "GPLv2"
5LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
6RCONFLICTS_${PN} = "ocf-linux"
7
8inherit module
9
10PR = "r1"
11DEPENDS += "openssl"
12
13SRCREV = "1c24a0aa996630518d47826a2e3fea129ea094c7"
14
15SRC_URI = "git://repo.or.cz/cryptodev-linux.git;protocol=git \
16 file://makefile_fixup.patch \
17 file://Add-the-compile-and-install-rules-for-cryptodev-test.patch"
18
19EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"'
20
21S = "${WORKDIR}/git"
22python () {
23 ma = d.getVar("DISTRO_FEATURES", True)
24 arch = d.getVar("OVERRIDES", True)
25
26 # the : after the arch is to skip the message on 64b
27 if not "multiarch" in ma and ("e5500:" in arch or "e6500:" in arch):
28 raise bb.parse.SkipPackage("Building the kernel for this arch requires multiarch to be in DISTRO_FEATURES")
29
30 promote_kernel = d.getVar('BUILD_64BIT_KERNEL')
31
32 if promote_kernel == "1":
33 d.setVar('KERNEL_CC_append', ' -m64')
34 d.setVar('KERNEL_LD_append', ' -melf64ppc')
35
36 error_qa = d.getVar('ERROR_QA', True)
37 if 'arch' in error_qa:
38 d.setVar('ERROR_QA', error_qa.replace(' arch', ''))
39}
40
41do_compile_append() {
42 oe_runmake testprogs
43}
44
45do_install_append() {
46 oe_runmake install_tests
47}
48
49PACKAGES += "${PN}-tests"
50FILES_${PN}-dbg += "${bindir}/tests_cryptodev/.debug"
51FILES_${PN}-tests = "${bindir}/tests_cryptodev/*"
diff --git a/recipes-kernel/cryptodev/files/Add-the-compile-and-install-rules-for-cryptodev-test.patch b/recipes-kernel/cryptodev/files/Add-the-compile-and-install-rules-for-cryptodev-test.patch
deleted file mode 100644
index cb871f6..0000000
--- a/recipes-kernel/cryptodev/files/Add-the-compile-and-install-rules-for-cryptodev-test.patch
+++ /dev/null
@@ -1,69 +0,0 @@
1From 1980a8f4779a955e73285e7a0d86549b69bea5c8 Mon Sep 17 00:00:00 2001
2From: Yu Zongchun <b40527@freescale.com>
3Date: Sun, 28 Apr 2013 14:39:22 +0800
4Subject: [PATCH] Add the compile and install rules for cryptodev tests folder
5
6This is required to install the cryptodev tests folder to rootfs
7
8Signed-off-by: Yu Zongchun <b40527@freescale.com>
9
10Upstream-Status: Pending
11
12---
13 Makefile | 6 ++++++
14 tests/Makefile | 8 ++++++++
15 2 files changed, 14 insertions(+), 0 deletions(-)
16
17diff --git a/Makefile b/Makefile
18index 2be8825..4cbb865 100644
19--- a/Makefile
20+++ b/Makefile
21@@ -17,6 +17,9 @@ install:
22 @echo "Installing cryptodev.h in /usr/include/crypto ..."
23 @install -D crypto/cryptodev.h /usr/include/crypto/cryptodev.h
24
25+install_tests:
26+ make -C tests install DESTDIR=$(PREFIX)
27+
28 clean:
29 make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean
30 rm -f $(hostprogs) *~
31@@ -25,6 +28,9 @@ clean:
32 check:
33 KERNEL_DIR=$(KERNEL_DIR) make -C tests check
34
35+testprogs:
36+ KERNEL_DIR=$(KERNEL_DIR) make -C tests testprogs
37+
38 FILEBASE = cryptodev-linux-$(VERSION)
39 TMPDIR ?= /tmp
40 OUTPUT = $(FILEBASE).tar.gz
41diff --git a/tests/Makefile b/tests/Makefile
42index 87ca3c7..0488cf6 100644
43--- a/tests/Makefile
44+++ b/tests/Makefile
45@@ -19,6 +19,12 @@ example-async-hmac-objs := async_hmac.o
46 example-async-speed-objs := async_speed.o
47 example-hashcrypt-speed-objs := hashcrypt_speed.c
48
49+install:
50+ install -d $(DESTDIR)/usr/bin/tests_cryptodev
51+ for bin in $(hostprogs); do \
52+ install -m 755 $${bin} $(DESTDIR)/usr/bin/tests_cryptodev/; \
53+ done
54+
55 check: $(hostprogs)
56 ./cipher
57 ./hmac
58@@ -28,6 +34,8 @@ check: $(hostprogs)
59 ./cipher-gcm
60 ./cipher-aead
61
62+testprogs: $(hostprogs)
63+
64 clean:
65 rm -f *.o *~ $(hostprogs)
66
67--
681.7.5.4
69
diff --git a/recipes-kernel/cryptodev/files/makefile_fixup.patch b/recipes-kernel/cryptodev/files/makefile_fixup.patch
deleted file mode 100644
index 323aacd..0000000
--- a/recipes-kernel/cryptodev/files/makefile_fixup.patch
+++ /dev/null
@@ -1,26 +0,0 @@
1diff --git a/Makefile b/Makefile
2index 2be8825..b36d68c 100644
3--- a/Makefile
4+++ b/Makefile
5@@ -1,6 +1,7 @@
6 KBUILD_CFLAGS += -I$(src)
7 KERNEL_DIR = /lib/modules/$(shell uname -r)/build
8 VERSION = 1.5
9+PREFIX =
10
11 cryptodev-objs = ioctl.o main.o cryptlib.o authenc.o zc.o util.o
12
13@@ -12,10 +13,10 @@ build: version.h
14 version.h: Makefile
15 @echo "#define VERSION \"$(VERSION)\"" > version.h
16
17-install:
18+modules_install:
19 make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install
20- @echo "Installing cryptodev.h in /usr/include/crypto ..."
21- @install -D crypto/cryptodev.h /usr/include/crypto/cryptodev.h
22+ @echo "Installing cryptodev.h in $(PREFIX)/usr/include/crypto ..."
23+ @install -D crypto/cryptodev.h $(PREFIX)/usr/include/crypto/cryptodev.h
24
25 clean:
26 make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-09 21:23:45 +0000