summaryrefslogtreecommitdiffstats
path: root/recipes-kernel/cryptodev/files
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-kernel/cryptodev/files')
-rw-r--r--recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch52
-rw-r--r--recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch33
-rw-r--r--recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch36
-rw-r--r--recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch29
-rw-r--r--recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch207
-rw-r--r--recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch28
-rw-r--r--recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch29
-rw-r--r--recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch898
-rw-r--r--recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch65
-rw-r--r--recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch200
-rw-r--r--recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch213
-rw-r--r--recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch212
-rw-r--r--recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch238
-rw-r--r--recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch170
-rw-r--r--recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch160
-rw-r--r--recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch54
-rw-r--r--recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch76
-rw-r--r--recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch72
-rw-r--r--recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch186
-rw-r--r--recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch494
-rw-r--r--recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch40
-rw-r--r--recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch37
-rw-r--r--recipes-kernel/cryptodev/files/0017-remove-dead-code.patch67
-rw-r--r--recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch64
-rw-r--r--recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch61
-rw-r--r--recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch38
26 files changed, 3759 insertions, 0 deletions
diff --git a/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch b/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch
new file mode 100644
index 0000000..7d957ec
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch
@@ -0,0 +1,52 @@
1From c653e3a70499c6bb66b57c1788d2d38ca9b8a07e Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Thu, 29 Aug 2013 16:52:30 +0300
4Subject: [PATCH 01/15] add support for composite TLS10(SHA1,AES) algorithm
5 offload
6
7This adds support for composite algorithm offload as a primitive
8crypto (cipher + hmac) operation.
9
10It requires kernel support for tls10(hmac(sha1),cbc(aes)) algorithm
11provided either in software or accelerated by hardware such as
12Freescale B*, P* and T* platforms.
13
14Change-Id: Ia1c605da3860e91e681295dfc8df7c09eb4006cf
15Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
16Reviewed-on: http://git.am.freescale.net:8181/17218
17---
18 crypto/cryptodev.h | 1 +
19 ioctl.c | 5 +++++
20 2 files changed, 6 insertions(+)
21
22diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
23index 7fb9c7d..c0e8cd4 100644
24--- a/crypto/cryptodev.h
25+++ b/crypto/cryptodev.h
26@@ -50,6 +50,7 @@ enum cryptodev_crypto_op_t {
27 CRYPTO_SHA2_384,
28 CRYPTO_SHA2_512,
29 CRYPTO_SHA2_224_HMAC,
30+ CRYPTO_TLS10_AES_CBC_HMAC_SHA1,
31 CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */
32 };
33
34diff --git a/ioctl.c b/ioctl.c
35index b23f5fd..a3f8379 100644
36--- a/ioctl.c
37+++ b/ioctl.c
38@@ -159,6 +159,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
39 stream = 1;
40 aead = 1;
41 break;
42+ case CRYPTO_TLS10_AES_CBC_HMAC_SHA1:
43+ alg_name = "tls10(hmac(sha1),cbc(aes))";
44+ stream = 0;
45+ aead = 1;
46+ break;
47 case CRYPTO_NULL:
48 alg_name = "ecb(cipher_null)";
49 stream = 1;
50--
512.3.5
52
diff --git a/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch b/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch
new file mode 100644
index 0000000..10d6c8b
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch
@@ -0,0 +1,33 @@
1From d30c9c64aca4a7905e1b7eb3e28e1c616191bd34 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Tue, 9 Dec 2014 16:41:25 +0200
4Subject: [PATCH] don't advertise RSA keygen
5
6Disable RSA keygen operations when they are not available.
7
8Currently no testing can be done and this patch should be applied
9selectively on platforms that have incomplete support for RSA operations
10(for example pkc driver on C293)
11
12Change-Id: Ic8df014623410c3cf4b0b217a246efcea8f2eeef
13Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
14---
15 ioctl.c | 2 +-
16 1 file changed, 1 insertion(+), 1 deletion(-)
17
18diff --git a/ioctl.c b/ioctl.c
19index 53dbf64..27dc66e 100644
20--- a/ioctl.c
21+++ b/ioctl.c
22@@ -979,7 +979,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
23 case CIOCASYMFEAT:
24 ses = 0;
25 if (crypto_has_alg("pkc(rsa)", 0, 0))
26- ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_RSA_GENERATE_KEY;
27+ ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP ;
28 if (crypto_has_alg("pkc(dsa)", 0, 0))
29 ses |= CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DSA_GENERATE_KEY;
30 if (crypto_has_alg("pkc(dh)", 0, 0))
31--
322.3.5
33
diff --git a/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch b/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch
new file mode 100644
index 0000000..ab276d2
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch
@@ -0,0 +1,36 @@
1From 5054d20d45571cc85339351fde52f872eeb82206 Mon Sep 17 00:00:00 2001
2From: Phil Sutter <phil@nwl.cc>
3Date: Tue, 10 Feb 2015 04:57:05 +0100
4Subject: [PATCH 1/4] fix compilation against linux-3.19
5
6Commit f938612dd97d481b8b5bf960c992ae577f081c17 in linux.git removes
7get_unused_fd() macro. This patch changes the calling code to use it's
8content 'get_unused_fd_flags(0)' instead. Checking for when
9get_unused_fd_flags was introduced shows it's been there since 2.6.23 at
10least, so probably no need to make this change conditional on the target
11kernel version.
12
13Original patch by Ricardo Ribalda Delgado for Open Embedded, reported by
14Oleg Rakhmanov.
15
16Signed-off-by: Phil Sutter <phil@nwl.cc>
17---
18 ioctl.c | 2 +-
19 1 file changed, 1 insertion(+), 1 deletion(-)
20
21diff --git a/ioctl.c b/ioctl.c
22index 5a55a76..b23f5fd 100644
23--- a/ioctl.c
24+++ b/ioctl.c
25@@ -546,7 +546,7 @@ static int
26 clonefd(struct file *filp)
27 {
28 int ret;
29- ret = get_unused_fd();
30+ ret = get_unused_fd_flags(0);
31 if (ret >= 0) {
32 get_file(filp);
33 fd_install(ret, filp);
34--
352.3.5
36
diff --git a/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch b/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch
new file mode 100644
index 0000000..f5ab8b4
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch
@@ -0,0 +1,29 @@
1From 47ff1eb9bb4f872c1d731b93d334ee5865bf3439 Mon Sep 17 00:00:00 2001
2From: Denys Dmytriyenko <denys@ti.com>
3Date: Sun, 6 Apr 2014 22:16:30 -0400
4Subject: [PATCH] Fix tests Makefile usage of LDLIBS vs. LDFLAGS
5
6Libraries must come after objects, as link order matters, especially
7when using linker flags like -Wl,--as-needed.
8
9Signed-off-by: Denys Dmytriyenko <denys@ti.com>
10
11Upstream-Status: Pending
12---
13 tests/Makefile | 2 +-
14 1 file changed, 1 insertion(+), 1 deletion(-)
15
16diff --git a/tests/Makefile b/tests/Makefile
17index cd202af..67c3c83 100644
18--- a/tests/Makefile
19+++ b/tests/Makefile
20@@ -39,5 +39,5 @@ testprogs: $(hostprogs)
21 clean:
22 rm -f *.o *~ $(hostprogs)
23
24-${comp_progs}: LDFLAGS += -lssl -lcrypto
25+${comp_progs}: LDLIBS += -lssl -lcrypto
26 ${comp_progs}: %: %.o openssl_wrapper.o
27--
281.9.1
29
diff --git a/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch b/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch
new file mode 100644
index 0000000..08d9231
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch
@@ -0,0 +1,207 @@
1From 71b317347179225693c6d41b740d387ae2c25061 Mon Sep 17 00:00:00 2001
2From: Horia Geanta <horia.geanta@freescale.com>
3Date: Wed, 4 Dec 2013 15:43:41 +0200
4Subject: [PATCH 02/15] add support for COMPAT_CIOCAUTHCRYPT ioctl()
5
6Upstream-status: Pending
7
8Needed for 64b kernel with 32b user space.
9
10Change-Id: I44a999a4164e7ae7122dee6ed0716b2f25cadbc1
11Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
12Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
13---
14 authenc.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
15 cryptodev_int.h | 40 +++++++++++++++++++++++++++++
16 ioctl.c | 16 ++++++++++++
17 3 files changed, 134 insertions(+)
18
19diff --git a/authenc.c b/authenc.c
20index 1bd7377..ef0d3db 100644
21--- a/authenc.c
22+++ b/authenc.c
23@@ -272,6 +272,84 @@ static int fill_caop_from_kcaop(struct kernel_crypt_auth_op *kcaop, struct fcryp
24 return 0;
25 }
26
27+/* compatibility code for 32bit userlands */
28+#ifdef CONFIG_COMPAT
29+
30+static inline void
31+compat_to_crypt_auth_op(struct compat_crypt_auth_op *compat,
32+ struct crypt_auth_op *caop)
33+{
34+ caop->ses = compat->ses;
35+ caop->op = compat->op;
36+ caop->flags = compat->flags;
37+ caop->len = compat->len;
38+ caop->auth_len = compat->auth_len;
39+ caop->tag_len = compat->tag_len;
40+ caop->iv_len = compat->iv_len;
41+
42+ caop->auth_src = compat_ptr(compat->auth_src);
43+ caop->src = compat_ptr(compat->src);
44+ caop->dst = compat_ptr(compat->dst);
45+ caop->tag = compat_ptr(compat->tag);
46+ caop->iv = compat_ptr(compat->iv);
47+}
48+
49+static inline void
50+crypt_auth_op_to_compat(struct crypt_auth_op *caop,
51+ struct compat_crypt_auth_op *compat)
52+{
53+ compat->ses = caop->ses;
54+ compat->op = caop->op;
55+ compat->flags = caop->flags;
56+ compat->len = caop->len;
57+ compat->auth_len = caop->auth_len;
58+ compat->tag_len = caop->tag_len;
59+ compat->iv_len = caop->iv_len;
60+
61+ compat->auth_src = ptr_to_compat(caop->auth_src);
62+ compat->src = ptr_to_compat(caop->src);
63+ compat->dst = ptr_to_compat(caop->dst);
64+ compat->tag = ptr_to_compat(caop->tag);
65+ compat->iv = ptr_to_compat(caop->iv);
66+}
67+
68+int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop,
69+ struct fcrypt *fcr, void __user *arg)
70+{
71+ struct compat_crypt_auth_op compat_caop;
72+
73+ if (unlikely(copy_from_user(&compat_caop, arg, sizeof(compat_caop)))) {
74+ dprintk(1, KERN_ERR, "Error in copying from userspace\n");
75+ return -EFAULT;
76+ }
77+
78+ compat_to_crypt_auth_op(&compat_caop, &kcaop->caop);
79+
80+ return fill_kcaop_from_caop(kcaop, fcr);
81+}
82+
83+int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop,
84+ struct fcrypt *fcr, void __user *arg)
85+{
86+ int ret;
87+ struct compat_crypt_auth_op compat_caop;
88+
89+ ret = fill_caop_from_kcaop(kcaop, fcr);
90+ if (unlikely(ret)) {
91+ dprintk(1, KERN_ERR, "fill_caop_from_kcaop\n");
92+ return ret;
93+ }
94+
95+ crypt_auth_op_to_compat(&kcaop->caop, &compat_caop);
96+
97+ if (unlikely(copy_to_user(arg, &compat_caop, sizeof(compat_caop)))) {
98+ dprintk(1, KERN_ERR, "Error in copying to userspace\n");
99+ return -EFAULT;
100+ }
101+ return 0;
102+}
103+
104+#endif /* CONFIG_COMPAT */
105
106 int kcaop_from_user(struct kernel_crypt_auth_op *kcaop,
107 struct fcrypt *fcr, void __user *arg)
108diff --git a/cryptodev_int.h b/cryptodev_int.h
109index d7660fa..8e687e7 100644
110--- a/cryptodev_int.h
111+++ b/cryptodev_int.h
112@@ -73,11 +73,42 @@ struct compat_crypt_op {
113 compat_uptr_t iv;/* initialization vector for encryption operations */
114 };
115
116+ /* input of CIOCAUTHCRYPT */
117+struct compat_crypt_auth_op {
118+ uint32_t ses; /* session identifier */
119+ uint16_t op; /* COP_ENCRYPT or COP_DECRYPT */
120+ uint16_t flags; /* see COP_FLAG_AEAD_* */
121+ uint32_t len; /* length of source data */
122+ uint32_t auth_len; /* length of auth data */
123+ compat_uptr_t auth_src; /* authenticated-only data */
124+
125+ /* The current implementation is more efficient if data are
126+ * encrypted in-place (src==dst). */
127+ compat_uptr_t src; /* data to be encrypted and
128+ authenticated */
129+ compat_uptr_t dst; /* pointer to output data. Must have
130+ * space for tag. For TLS this should be
131+ * at least len + tag_size + block_size
132+ * for padding */
133+
134+ compat_uptr_t tag; /* where the tag will be copied to. TLS
135+ * mode doesn't use that as tag is
136+ * copied to dst.
137+ * SRTP mode copies tag there. */
138+ uint32_t tag_len; /* the length of the tag. Use zero for
139+ * digest size or max tag. */
140+
141+ /* initialization vector for encryption operations */
142+ compat_uptr_t iv;
143+ uint32_t iv_len;
144+};
145+
146 /* compat ioctls, defined for the above structs */
147 #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op)
148 #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op)
149 #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op)
150 #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op)
151+#define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op)
152
153 #endif /* CONFIG_COMPAT */
154
155@@ -108,6 +139,15 @@ struct kernel_crypt_auth_op {
156
157 /* auth */
158
159+#ifdef CONFIG_COMPAT
160+int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop,
161+ struct fcrypt *fcr, void __user *arg);
162+
163+int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop,
164+ struct fcrypt *fcr, void __user *arg);
165+#endif /* CONFIG_COMPAT */
166+
167+
168 int kcaop_from_user(struct kernel_crypt_auth_op *kcop,
169 struct fcrypt *fcr, void __user *arg);
170 int kcaop_to_user(struct kernel_crypt_auth_op *kcaop,
171diff --git a/ioctl.c b/ioctl.c
172index a3f8379..5a44807 100644
173--- a/ioctl.c
174+++ b/ioctl.c
175@@ -998,6 +998,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
176 struct session_op sop;
177 struct compat_session_op compat_sop;
178 struct kernel_crypt_op kcop;
179+ struct kernel_crypt_auth_op kcaop;
180 int ret;
181
182 if (unlikely(!pcr))
183@@ -1040,6 +1041,21 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
184 return ret;
185
186 return compat_kcop_to_user(&kcop, fcr, arg);
187+
188+ case COMPAT_CIOCAUTHCRYPT:
189+ if (unlikely(ret = compat_kcaop_from_user(&kcaop, fcr, arg))) {
190+ dprintk(1, KERN_WARNING, "Error copying from user\n");
191+ return ret;
192+ }
193+
194+ ret = crypto_auth_run(fcr, &kcaop);
195+ if (unlikely(ret)) {
196+ dprintk(1, KERN_WARNING, "Error in crypto_auth_run\n");
197+ return ret;
198+ }
199+
200+ return compat_kcaop_to_user(&kcaop, fcr, arg);
201+
202 #ifdef ENABLE_ASYNC
203 case COMPAT_CIOCASYNCCRYPT:
204 if (unlikely(ret = compat_kcop_from_user(&kcop, fcr, arg)))
205--
2062.3.5
207
diff --git a/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch b/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch
new file mode 100644
index 0000000..68c48e0
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch
@@ -0,0 +1,28 @@
1From da730106c2558c8e0c8e1b1b1812d32ef9574ab7 Mon Sep 17 00:00:00 2001
2From: Phil Sutter <phil@nwl.cc>
3Date: Sat, 11 Apr 2015 12:45:05 +0200
4Subject: [PATCH 2/4] tests/Makefile: fix arg passing to CC in implicit rule
5
6GCC docs suggest passing -lfoo after object files referring to functions
7in libfoo. Therefore use LDLIBS to specify libraries, which puts them at
8the right place when make calls CC implicitly.
9
10Signed-off-by: Phil Sutter <phil@nwl.cc>
11---
12 tests/Makefile | 2 +-
13 1 file changed, 1 insertion(+), 1 deletion(-)
14
15diff --git a/tests/Makefile b/tests/Makefile
16index c9f04e8..20c52ba 100644
17--- a/tests/Makefile
18+++ b/tests/Makefile
19@@ -31,5 +31,5 @@ check: $(hostprogs)
20 clean:
21 rm -f *.o *~ $(hostprogs)
22
23-${comp_progs}: LDFLAGS += -lssl -lcrypto
24+${comp_progs}: LDLIBS += -lssl -lcrypto
25 ${comp_progs}: %: %.o openssl_wrapper.o
26--
272.3.5
28
diff --git a/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch b/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch
new file mode 100644
index 0000000..e384950
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch
@@ -0,0 +1,29 @@
1From c618f882c283511dd4f7547113a1117c4785f56f Mon Sep 17 00:00:00 2001
2From: Denys Dmytriyenko <denys@ti.com>
3Date: Sun, 6 Apr 2014 19:51:39 -0400
4Subject: [PATCH 3/4] Disable installing header file provided by another
5 package
6
7Signed-off-by: Denys Dmytriyenko <denys@ti.com>
8
9Upstream-Status: Inappropriate [ OE specific ]
10---
11 Makefile | 2 --
12 1 file changed, 2 deletions(-)
13
14diff --git a/Makefile b/Makefile
15index 31c4b3f..855bb54 100644
16--- a/Makefile
17+++ b/Makefile
18@@ -31,8 +31,6 @@ install: modules_install
19
20 modules_install:
21 make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install
22- @echo "Installing cryptodev.h in $(PREFIX)/usr/include/crypto ..."
23- @install -D crypto/cryptodev.h $(PREFIX)/usr/include/crypto/cryptodev.h
24
25 clean:
26 make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean
27--
282.3.5
29
diff --git a/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch b/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch
new file mode 100644
index 0000000..46f2432
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch
@@ -0,0 +1,898 @@
1From fc9ee6ed33c76372de6e3748d2e951fa10f7c47e Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 06:16:09 +0545
4Subject: [PATCH 03/15] PKC support added in cryptodev module
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 cryptlib.c | 66 +++++++++-
11 cryptlib.h | 28 ++++
12 crypto/cryptodev.h | 15 ++-
13 cryptodev_int.h | 20 ++-
14 ioctl.c | 196 +++++++++++++++++++++++++--
15 main.c | 378 +++++++++++++++++++++++++++++++++++++++++++++++++++++
16 6 files changed, 685 insertions(+), 18 deletions(-)
17
18diff --git a/cryptlib.c b/cryptlib.c
19index 44ce763..6900028 100644
20--- a/cryptlib.c
21+++ b/cryptlib.c
22@@ -5,6 +5,8 @@
23 * Portions Copyright (c) 2010 Michael Weiser
24 * Portions Copyright (c) 2010 Phil Sutter
25 *
26+ * Copyright 2012 Freescale Semiconductor, Inc.
27+ *
28 * This file is part of linux cryptodev.
29 *
30 * This program is free software; you can redistribute it and/or
31@@ -39,11 +41,6 @@
32 #include "cryptodev_int.h"
33
34
35-struct cryptodev_result {
36- struct completion completion;
37- int err;
38-};
39-
40 static void cryptodev_complete(struct crypto_async_request *req, int err)
41 {
42 struct cryptodev_result *res = req->data;
43@@ -259,7 +256,6 @@ static inline int waitfor(struct cryptodev_result *cr, ssize_t ret)
44 case 0:
45 break;
46 case -EINPROGRESS:
47- case -EBUSY:
48 wait_for_completion(&cr->completion);
49 /* At this point we known for sure the request has finished,
50 * because wait_for_completion above was not interruptible.
51@@ -439,3 +435,61 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output)
52 return waitfor(hdata->async.result, ret);
53 }
54
55+int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
56+{
57+ int ret = 0;
58+ struct pkc_request *pkc_req = &pkc->req, *pkc_requested;
59+
60+ switch (pkc_req->type) {
61+ case RSA_PUB:
62+ case RSA_PRIV_FORM1:
63+ case RSA_PRIV_FORM2:
64+ case RSA_PRIV_FORM3:
65+ pkc->s = crypto_alloc_pkc("pkc(rsa)",
66+ CRYPTO_ALG_TYPE_PKC_RSA, 0);
67+ break;
68+ case DSA_SIGN:
69+ case DSA_VERIFY:
70+ case ECDSA_SIGN:
71+ case ECDSA_VERIFY:
72+ pkc->s = crypto_alloc_pkc("pkc(dsa)",
73+ CRYPTO_ALG_TYPE_PKC_DSA, 0);
74+ break;
75+ case DH_COMPUTE_KEY:
76+ case ECDH_COMPUTE_KEY:
77+ pkc->s = crypto_alloc_pkc("pkc(dh)",
78+ CRYPTO_ALG_TYPE_PKC_DH, 0);
79+ break;
80+ default:
81+ return -EINVAL;
82+ }
83+
84+ if (IS_ERR_OR_NULL(pkc->s))
85+ return -EINVAL;
86+
87+ init_completion(&pkc->result.completion);
88+ pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL);
89+
90+ if (unlikely(IS_ERR_OR_NULL(pkc_requested))) {
91+ ret = -ENOMEM;
92+ goto error;
93+ }
94+ pkc_requested->type = pkc_req->type;
95+ pkc_requested->curve_type = pkc_req->curve_type;
96+ memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u));
97+ pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG,
98+ cryptodev_complete_asym, pkc);
99+ ret = crypto_pkc_op(pkc_requested);
100+ if (ret != -EINPROGRESS && ret != 0)
101+ goto error2;
102+
103+ if (pkc->type == SYNCHRONOUS)
104+ ret = waitfor(&pkc->result, ret);
105+
106+ return ret;
107+error2:
108+ kfree(pkc_requested);
109+error:
110+ crypto_free_pkc(pkc->s);
111+ return ret;
112+}
113diff --git a/cryptlib.h b/cryptlib.h
114index a0a8a63..56d325a 100644
115--- a/cryptlib.h
116+++ b/cryptlib.h
117@@ -1,3 +1,6 @@
118+/*
119+ * Copyright 2012 Freescale Semiconductor, Inc.
120+ */
121 #ifndef CRYPTLIB_H
122 # define CRYPTLIB_H
123
124@@ -89,5 +92,30 @@ void cryptodev_hash_deinit(struct hash_data *hdata);
125 int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name,
126 int hmac_mode, void *mackey, size_t mackeylen);
127
128+/* Operation Type */
129+enum offload_type {
130+ SYNCHRONOUS,
131+ ASYNCHRONOUS
132+};
133+
134+struct cryptodev_result {
135+ struct completion completion;
136+ int err;
137+};
138+
139+struct cryptodev_pkc {
140+ struct list_head list; /* To maintain the Jobs in completed
141+ cryptodev lists */
142+ struct kernel_crypt_kop kop;
143+ struct crypto_pkc *s; /* Transform pointer from CryptoAPI */
144+ struct cryptodev_result result; /* Result to be updated by
145+ completion handler */
146+ struct pkc_request req; /* PKC request structure allocated
147+ from CryptoAPI */
148+ enum offload_type type; /* Synchronous Vs Asynchronous request */
149+ void *cookie; /*Additional opaque cookie to be used in future */
150+ struct crypt_priv *priv;
151+};
152
153+int cryptodev_pkc_offload(struct cryptodev_pkc *);
154 #endif
155diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
156index c0e8cd4..96675fe 100644
157--- a/crypto/cryptodev.h
158+++ b/crypto/cryptodev.h
159@@ -1,6 +1,10 @@
160-/* This is a source compatible implementation with the original API of
161+/*
162+ * Copyright 2012 Freescale Semiconductor, Inc.
163+ *
164+ * This is a source compatible implementation with the original API of
165 * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h.
166- * Placed under public domain */
167+ * Placed under public domain
168+ */
169
170 #ifndef L_CRYPTODEV_H
171 #define L_CRYPTODEV_H
172@@ -245,6 +249,9 @@ struct crypt_kop {
173 __u16 crk_oparams;
174 __u32 crk_pad1;
175 struct crparam crk_param[CRK_MAXPARAM];
176+ enum curve_t curve_type; /* 0 == Discrete Log,
177+ 1 = EC_PRIME, 2 = EC_BINARY */
178+ void *cookie;
179 };
180
181 enum cryptodev_crk_op_t {
182@@ -289,5 +296,7 @@ enum cryptodev_crk_op_t {
183 */
184 #define CIOCASYNCCRYPT _IOW('c', 110, struct crypt_op)
185 #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op)
186-
187+/* additional ioctls for asynchronous operation for asymmetric ciphers*/
188+#define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop)
189+#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop)
190 #endif /* L_CRYPTODEV_H */
191diff --git a/cryptodev_int.h b/cryptodev_int.h
192index 8e687e7..fdbcc61 100644
193--- a/cryptodev_int.h
194+++ b/cryptodev_int.h
195@@ -1,4 +1,6 @@
196-/* cipher stuff */
197+/* cipher stuff
198+ * Copyright 2012 Freescale Semiconductor, Inc.
199+ */
200 #ifndef CRYPTODEV_INT_H
201 # define CRYPTODEV_INT_H
202
203@@ -112,6 +114,14 @@ struct compat_crypt_auth_op {
204
205 #endif /* CONFIG_COMPAT */
206
207+/* kernel-internal extension to struct crypt_kop */
208+struct kernel_crypt_kop {
209+ struct crypt_kop kop;
210+
211+ struct task_struct *task;
212+ struct mm_struct *mm;
213+};
214+
215 /* kernel-internal extension to struct crypt_op */
216 struct kernel_crypt_op {
217 struct crypt_op cop;
218@@ -157,6 +167,14 @@ int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop);
219
220 #include <cryptlib.h>
221
222+/* Cryptodev Key operation handler */
223+int crypto_bn_modexp(struct cryptodev_pkc *);
224+int crypto_modexp_crt(struct cryptodev_pkc *);
225+int crypto_kop_dsasign(struct cryptodev_pkc *);
226+int crypto_kop_dsaverify(struct cryptodev_pkc *);
227+int crypto_run_asym(struct cryptodev_pkc *);
228+void cryptodev_complete_asym(struct crypto_async_request *, int);
229+
230 /* other internal structs */
231 struct csession {
232 struct list_head entry;
233diff --git a/ioctl.c b/ioctl.c
234index 5a44807..69980e3 100644
235--- a/ioctl.c
236+++ b/ioctl.c
237@@ -4,6 +4,7 @@
238 * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs
239 * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org>
240 * Copyright (c) 2010 Phil Sutter
241+ * Copyright 2012 Freescale Semiconductor, Inc.
242 *
243 * This file is part of linux cryptodev.
244 *
245@@ -89,8 +90,37 @@ struct crypt_priv {
246 int itemcount;
247 struct work_struct cryptask;
248 wait_queue_head_t user_waiter;
249+ /* List of pending cryptodev_pkc asym requests */
250+ struct list_head asym_completed_list;
251+ /* For addition/removal of entry in pending list of asymmetric request*/
252+ spinlock_t completion_lock;
253 };
254
255+/* Asymmetric request Completion handler */
256+void cryptodev_complete_asym(struct crypto_async_request *req, int err)
257+{
258+ struct cryptodev_pkc *pkc = req->data;
259+ struct cryptodev_result *res = &pkc->result;
260+
261+ crypto_free_pkc(pkc->s);
262+ res->err = err;
263+ if (pkc->type == SYNCHRONOUS) {
264+ if (err == -EINPROGRESS)
265+ return;
266+ complete(&res->completion);
267+ } else {
268+ struct crypt_priv *pcr = pkc->priv;
269+ unsigned long flags;
270+ spin_lock_irqsave(&pcr->completion_lock, flags);
271+ list_add_tail(&pkc->list, &pcr->asym_completed_list);
272+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
273+ /* wake for POLLIN */
274+ wake_up_interruptible(&pcr->user_waiter);
275+ }
276+
277+ kfree(req);
278+}
279+
280 #define FILL_SG(sg, ptr, len) \
281 do { \
282 (sg)->page = virt_to_page(ptr); \
283@@ -472,7 +502,8 @@ cryptodev_open(struct inode *inode, struct file *filp)
284 INIT_LIST_HEAD(&pcr->free.list);
285 INIT_LIST_HEAD(&pcr->todo.list);
286 INIT_LIST_HEAD(&pcr->done.list);
287-
288+ INIT_LIST_HEAD(&pcr->asym_completed_list);
289+ spin_lock_init(&pcr->completion_lock);
290 INIT_WORK(&pcr->cryptask, cryptask_routine);
291
292 init_waitqueue_head(&pcr->user_waiter);
293@@ -639,6 +670,79 @@ static int crypto_async_fetch(struct crypt_priv *pcr,
294 }
295 #endif
296
297+/* get the first asym cipher completed job from the "done" queue
298+ *
299+ * returns:
300+ * -EBUSY if no completed jobs are ready (yet)
301+ * the return value otherwise */
302+static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
303+{
304+ int ret = 0;
305+ struct kernel_crypt_kop *kop = &pkc->kop;
306+ struct crypt_kop *ckop = &kop->kop;
307+ struct pkc_request *pkc_req = &pkc->req;
308+
309+ switch (ckop->crk_op) {
310+ case CRK_MOD_EXP:
311+ {
312+ struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req;
313+ copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g,
314+ rsa_req->g_len);
315+ }
316+ break;
317+ case CRK_MOD_EXP_CRT:
318+ {
319+ struct rsa_priv_frm3_req_s *rsa_req =
320+ &pkc_req->req_u.rsa_priv_f3;
321+ copy_to_user(ckop->crk_param[6].crp_p,
322+ rsa_req->f, rsa_req->f_len);
323+ }
324+ break;
325+ case CRK_DSA_SIGN:
326+ {
327+ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign;
328+
329+ if (pkc_req->type == ECDSA_SIGN) {
330+ copy_to_user(ckop->crk_param[6].crp_p,
331+ dsa_req->c, dsa_req->d_len);
332+ copy_to_user(ckop->crk_param[7].crp_p,
333+ dsa_req->d, dsa_req->d_len);
334+ } else {
335+ copy_to_user(ckop->crk_param[5].crp_p,
336+ dsa_req->c, dsa_req->d_len);
337+ copy_to_user(ckop->crk_param[6].crp_p,
338+ dsa_req->d, dsa_req->d_len);
339+ }
340+ }
341+ break;
342+ case CRK_DSA_VERIFY:
343+ break;
344+ case CRK_DH_COMPUTE_KEY:
345+ {
346+ struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req;
347+ if (pkc_req->type == ECDH_COMPUTE_KEY)
348+ copy_to_user(ckop->crk_param[4].crp_p,
349+ dh_req->z, dh_req->z_len);
350+ else
351+ copy_to_user(ckop->crk_param[3].crp_p,
352+ dh_req->z, dh_req->z_len);
353+ }
354+ break;
355+ default:
356+ ret = -EINVAL;
357+ }
358+ kfree(pkc->cookie);
359+ return ret;
360+}
361+
362+/* this function has to be called from process context */
363+static int fill_kop_from_cop(struct kernel_crypt_kop *kop)
364+{
365+ kop->task = current;
366+ kop->mm = current->mm;
367+ return 0;
368+}
369+
370 /* this function has to be called from process context */
371 static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr)
372 {
373@@ -662,11 +766,8 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr)
374
375 if (cop->iv) {
376 rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen);
377- if (unlikely(rc)) {
378- derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p",
379- kcop->ivlen, rc, cop->iv);
380+ if (unlikely(rc))
381 return -EFAULT;
382- }
383 }
384
385 return 0;
386@@ -692,6 +793,25 @@ static int fill_cop_from_kcop(struct kernel_crypt_op *kcop, struct fcrypt *fcr)
387 return 0;
388 }
389
390+static int kop_from_user(struct kernel_crypt_kop *kop,
391+ void __user *arg)
392+{
393+ if (unlikely(copy_from_user(&kop->kop, arg, sizeof(kop->kop))))
394+ return -EFAULT;
395+
396+ return fill_kop_from_cop(kop);
397+}
398+
399+static int kop_to_user(struct kernel_crypt_kop *kop,
400+ void __user *arg)
401+{
402+ if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) {
403+ dprintk(1, KERN_ERR, "Cannot copy to userspace\n");
404+ return -EFAULT;
405+ }
406+ return 0;
407+}
408+
409 static int kcop_from_user(struct kernel_crypt_op *kcop,
410 struct fcrypt *fcr, void __user *arg)
411 {
412@@ -821,7 +941,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
413
414 switch (cmd) {
415 case CIOCASYMFEAT:
416- return put_user(0, p);
417+ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP |
418+ CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p);
419 case CRIOGET:
420 fd = clonefd(filp);
421 ret = put_user(fd, p);
422@@ -857,6 +978,24 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
423 if (unlikely(ret))
424 return ret;
425 return copy_to_user(arg, &siop, sizeof(siop));
426+ case CIOCKEY:
427+ {
428+ struct cryptodev_pkc *pkc =
429+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
430+
431+ if (!pkc)
432+ return -ENOMEM;
433+
434+ ret = kop_from_user(&pkc->kop, arg);
435+ if (unlikely(ret)) {
436+ kfree(pkc);
437+ return ret;
438+ }
439+ pkc->type = SYNCHRONOUS;
440+ ret = crypto_run_asym(pkc);
441+ kfree(pkc);
442+ }
443+ return ret;
444 case CIOCCRYPT:
445 if (unlikely(ret = kcop_from_user(&kcop, fcr, arg))) {
446 dwarning(1, "Error copying from user");
447@@ -895,6 +1034,45 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
448
449 return kcop_to_user(&kcop, fcr, arg);
450 #endif
451+ case CIOCASYMASYNCRYPT:
452+ {
453+ struct cryptodev_pkc *pkc =
454+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
455+ ret = kop_from_user(&pkc->kop, arg);
456+
457+ if (unlikely(ret))
458+ return -EINVAL;
459+
460+ /* Store associated FD priv data with asymmetric request */
461+ pkc->priv = pcr;
462+ pkc->type = ASYNCHRONOUS;
463+ ret = crypto_run_asym(pkc);
464+ if (ret == -EINPROGRESS)
465+ ret = 0;
466+ }
467+ return ret;
468+ case CIOCASYMASYNFETCH:
469+ {
470+ struct cryptodev_pkc *pkc;
471+ unsigned long flags;
472+
473+ spin_lock_irqsave(&pcr->completion_lock, flags);
474+ if (list_empty(&pcr->asym_completed_list)) {
475+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
476+ return -ENOMEM;
477+ }
478+ pkc = list_first_entry(&pcr->asym_completed_list,
479+ struct cryptodev_pkc, list);
480+ list_del(&pkc->list);
481+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
482+ ret = crypto_async_fetch_asym(pkc);
483+
484+ /* Reflect the updated request to user-space */
485+ if (!ret)
486+ kop_to_user(&pkc->kop, arg);
487+ kfree(pkc);
488+ }
489+ return ret;
490 default:
491 return -EINVAL;
492 }
493@@ -1083,9 +1261,11 @@ static unsigned int cryptodev_poll(struct file *file, poll_table *wait)
494
495 poll_wait(file, &pcr->user_waiter, wait);
496
497- if (!list_empty_careful(&pcr->done.list))
498+ if (!list_empty_careful(&pcr->done.list) ||
499+ !list_empty_careful(&pcr->asym_completed_list))
500 ret |= POLLIN | POLLRDNORM;
501- if (!list_empty_careful(&pcr->free.list) || pcr->itemcount < MAX_COP_RINGSIZE)
502+ if (!list_empty_careful(&pcr->free.list) ||
503+ pcr->itemcount < MAX_COP_RINGSIZE)
504 ret |= POLLOUT | POLLWRNORM;
505
506 return ret;
507diff --git a/main.c b/main.c
508index 57e5c38..0b7951e 100644
509--- a/main.c
510+++ b/main.c
511@@ -181,6 +181,384 @@ __crypto_run_zc(struct csession *ses_ptr, struct kernel_crypt_op *kcop)
512 return ret;
513 }
514
515+int crypto_kop_dsasign(struct cryptodev_pkc *pkc)
516+{
517+ struct kernel_crypt_kop *kop = &pkc->kop;
518+ struct crypt_kop *cop = &kop->kop;
519+ struct pkc_request *pkc_req = &pkc->req;
520+ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign;
521+ int rc, buf_size;
522+ uint8_t *buf;
523+
524+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
525+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
526+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits ||
527+ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 6 &&
528+ !cop->crk_param[7].crp_nbits))
529+ return -EINVAL;
530+
531+ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8;
532+ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8;
533+ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8;
534+ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8;
535+ dsa_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
536+ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8;
537+ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len +
538+ dsa_req->g_len + dsa_req->priv_key_len + dsa_req->d_len +
539+ dsa_req->d_len;
540+ if (cop->crk_iparams == 6) {
541+ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8;
542+ buf_size += dsa_req->ab_len;
543+ pkc_req->type = ECDSA_SIGN;
544+ pkc_req->curve_type = cop->curve_type;
545+ } else {
546+ pkc_req->type = DSA_SIGN;
547+ }
548+
549+ buf = kzalloc(buf_size, GFP_DMA);
550+
551+ dsa_req->q = buf;
552+ dsa_req->r = dsa_req->q + dsa_req->q_len;
553+ dsa_req->g = dsa_req->r + dsa_req->r_len;
554+ dsa_req->priv_key = dsa_req->g + dsa_req->g_len;
555+ dsa_req->m = dsa_req->priv_key + dsa_req->priv_key_len;
556+ dsa_req->c = dsa_req->m + dsa_req->m_len;
557+ dsa_req->d = dsa_req->c + dsa_req->d_len;
558+ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len);
559+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len);
560+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len);
561+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len);
562+ copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p,
563+ dsa_req->priv_key_len);
564+ if (cop->crk_iparams == 6) {
565+ dsa_req->ab = dsa_req->d + dsa_req->d_len;
566+ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p,
567+ dsa_req->ab_len);
568+ }
569+ rc = cryptodev_pkc_offload(pkc);
570+ if (pkc->type == SYNCHRONOUS) {
571+ if (rc)
572+ goto err;
573+ if (cop->crk_iparams == 6) {
574+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->c,
575+ dsa_req->d_len);
576+ copy_to_user(cop->crk_param[7].crp_p, dsa_req->d,
577+ dsa_req->d_len);
578+ } else {
579+ copy_to_user(cop->crk_param[5].crp_p, dsa_req->c,
580+ dsa_req->d_len);
581+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->d,
582+ dsa_req->d_len);
583+ }
584+ } else {
585+ if (rc != -EINPROGRESS && rc != 0)
586+ goto err;
587+
588+ pkc->cookie = buf;
589+ return rc;
590+ }
591+err:
592+ kfree(buf);
593+ return rc;
594+}
595+
596+int crypto_kop_dsaverify(struct cryptodev_pkc *pkc)
597+{
598+ struct kernel_crypt_kop *kop = &pkc->kop;
599+ struct crypt_kop *cop = &kop->kop;
600+ struct pkc_request *pkc_req;
601+ struct dsa_verify_req_s *dsa_req;
602+ int rc, buf_size;
603+ uint8_t *buf;
604+
605+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
606+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
607+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits ||
608+ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 8 &&
609+ !cop->crk_param[7].crp_nbits))
610+ return -EINVAL;
611+
612+ pkc_req = &pkc->req;
613+ dsa_req = &pkc_req->req_u.dsa_verify;
614+ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8;
615+ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8;
616+ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8;
617+ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8;
618+ dsa_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
619+ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8;
620+ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len +
621+ dsa_req->g_len + dsa_req->pub_key_len + dsa_req->d_len +
622+ dsa_req->d_len;
623+ if (cop->crk_iparams == 8) {
624+ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8;
625+ buf_size += dsa_req->ab_len;
626+ pkc_req->type = ECDSA_VERIFY;
627+ pkc_req->curve_type = cop->curve_type;
628+ } else {
629+ pkc_req->type = DSA_VERIFY;
630+ }
631+
632+ buf = kzalloc(buf_size, GFP_DMA);
633+
634+ dsa_req->q = buf;
635+ dsa_req->r = dsa_req->q + dsa_req->q_len;
636+ dsa_req->g = dsa_req->r + dsa_req->r_len;
637+ dsa_req->pub_key = dsa_req->g + dsa_req->g_len;
638+ dsa_req->m = dsa_req->pub_key + dsa_req->pub_key_len;
639+ dsa_req->c = dsa_req->m + dsa_req->m_len;
640+ dsa_req->d = dsa_req->c + dsa_req->d_len;
641+ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len);
642+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len);
643+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len);
644+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len);
645+ copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p,
646+ dsa_req->pub_key_len);
647+ if (cop->crk_iparams == 8) {
648+ dsa_req->ab = dsa_req->d + dsa_req->d_len;
649+ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p,
650+ dsa_req->ab_len);
651+ copy_from_user(dsa_req->c, cop->crk_param[6].crp_p,
652+ dsa_req->d_len);
653+ copy_from_user(dsa_req->d, cop->crk_param[7].crp_p,
654+ dsa_req->d_len);
655+ } else {
656+ copy_from_user(dsa_req->c, cop->crk_param[5].crp_p,
657+ dsa_req->d_len);
658+ copy_from_user(dsa_req->d, cop->crk_param[6].crp_p,
659+ dsa_req->d_len);
660+ }
661+ rc = cryptodev_pkc_offload(pkc);
662+ if (pkc->type == SYNCHRONOUS) {
663+ if (rc)
664+ goto err;
665+ } else {
666+ if (rc != -EINPROGRESS && !rc)
667+ goto err;
668+ pkc->cookie = buf;
669+ return rc;
670+ }
671+err:
672+ kfree(buf);
673+ return rc;
674+}
675+
676+int crypto_kop_dh_key(struct cryptodev_pkc *pkc)
677+{
678+ struct kernel_crypt_kop *kop = &pkc->kop;
679+ struct crypt_kop *cop = &kop->kop;
680+ struct pkc_request *pkc_req;
681+ struct dh_key_req_s *dh_req;
682+ int buf_size;
683+ uint8_t *buf;
684+ int rc = -EINVAL;
685+
686+ pkc_req = &pkc->req;
687+ dh_req = &pkc_req->req_u.dh_req;
688+ dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8;
689+ dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8;
690+ dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8;
691+ buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len;
692+ if (cop->crk_iparams == 4) {
693+ pkc_req->type = ECDH_COMPUTE_KEY;
694+ dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8;
695+ dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8;
696+ buf_size += dh_req->ab_len;
697+ } else {
698+ dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8;
699+ pkc_req->type = DH_COMPUTE_KEY;
700+ }
701+ buf_size += dh_req->z_len;
702+ buf = kzalloc(buf_size, GFP_DMA);
703+ dh_req->q = buf;
704+ dh_req->s = dh_req->q + dh_req->q_len;
705+ dh_req->pub_key = dh_req->s + dh_req->s_len;
706+ dh_req->z = dh_req->pub_key + dh_req->pub_key_len;
707+ if (cop->crk_iparams == 4) {
708+ dh_req->ab = dh_req->z + dh_req->z_len;
709+ pkc_req->curve_type = cop->curve_type;
710+ copy_from_user(dh_req->ab, cop->crk_param[3].crp_p,
711+ dh_req->ab_len);
712+ }
713+ copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len);
714+ copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p,
715+ dh_req->pub_key_len);
716+ copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len);
717+ rc = cryptodev_pkc_offload(pkc);
718+ if (pkc->type == SYNCHRONOUS) {
719+ if (rc)
720+ goto err;
721+ if (cop->crk_iparams == 4)
722+ copy_to_user(cop->crk_param[4].crp_p, dh_req->z,
723+ dh_req->z_len);
724+ else
725+ copy_to_user(cop->crk_param[3].crp_p, dh_req->z,
726+ dh_req->z_len);
727+ } else {
728+ if (rc != -EINPROGRESS && rc != 0)
729+ goto err;
730+
731+ pkc->cookie = buf;
732+ return rc;
733+ }
734+err:
735+ kfree(buf);
736+ return rc;
737+}
738+
739+int crypto_modexp_crt(struct cryptodev_pkc *pkc)
740+{
741+ struct kernel_crypt_kop *kop = &pkc->kop;
742+ struct crypt_kop *cop = &kop->kop;
743+ struct pkc_request *pkc_req;
744+ struct rsa_priv_frm3_req_s *rsa_req;
745+ int rc;
746+ uint8_t *buf;
747+
748+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
749+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
750+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits)
751+ return -EINVAL;
752+
753+ pkc_req = &pkc->req;
754+ pkc_req->type = RSA_PRIV_FORM3;
755+ rsa_req = &pkc_req->req_u.rsa_priv_f3;
756+ rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8;
757+ rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8;
758+ rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8;
759+ rsa_req->dp_len = (cop->crk_param[3].crp_nbits + 7)/8;
760+ rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8;
761+ rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8;
762+ rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8;
763+ buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len +
764+ rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len +
765+ rsa_req->g_len, GFP_DMA);
766+ rsa_req->p = buf;
767+ rsa_req->q = rsa_req->p + rsa_req->p_len;
768+ rsa_req->g = rsa_req->q + rsa_req->q_len;
769+ rsa_req->dp = rsa_req->g + rsa_req->g_len;
770+ rsa_req->dq = rsa_req->dp + rsa_req->dp_len;
771+ rsa_req->c = rsa_req->dq + rsa_req->dq_len;
772+ rsa_req->f = rsa_req->c + rsa_req->c_len;
773+ copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len);
774+ copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len);
775+ copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len);
776+ copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len);
777+ copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len);
778+ copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len);
779+ rc = cryptodev_pkc_offload(pkc);
780+
781+ if (pkc->type == SYNCHRONOUS) {
782+ if (rc)
783+ goto err;
784+ copy_to_user(cop->crk_param[6].crp_p, rsa_req->f,
785+ rsa_req->f_len);
786+ } else {
787+ if (rc != -EINPROGRESS && rc != 0)
788+ goto err;
789+
790+ pkc->cookie = buf;
791+ return rc;
792+ }
793+err:
794+ kfree(buf);
795+ return rc;
796+}
797+
798+int crypto_bn_modexp(struct cryptodev_pkc *pkc)
799+{
800+ struct pkc_request *pkc_req;
801+ struct rsa_pub_req_s *rsa_req;
802+ int rc;
803+ struct kernel_crypt_kop *kop = &pkc->kop;
804+ struct crypt_kop *cop = &kop->kop;
805+ uint8_t *buf;
806+
807+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
808+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits)
809+ return -EINVAL;
810+
811+ pkc_req = &pkc->req;
812+ pkc_req->type = RSA_PUB;
813+ rsa_req = &pkc_req->req_u.rsa_pub_req;
814+ rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8;
815+ rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8;
816+ rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8;
817+ rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8;
818+ buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len
819+ + rsa_req->g_len, GFP_DMA);
820+ if (!buf)
821+ return -ENOMEM;
822+
823+ rsa_req->e = buf;
824+ rsa_req->f = rsa_req->e + rsa_req->e_len;
825+ rsa_req->g = rsa_req->f + rsa_req->f_len;
826+ rsa_req->n = rsa_req->g + rsa_req->g_len;
827+ copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len);
828+ copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len);
829+ copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len);
830+ rc = cryptodev_pkc_offload(pkc);
831+ if (pkc->type == SYNCHRONOUS) {
832+ if (rc)
833+ goto err;
834+
835+ copy_to_user(cop->crk_param[3].crp_p, rsa_req->g,
836+ rsa_req->g_len);
837+ } else {
838+ if (rc != -EINPROGRESS && rc != 0)
839+ goto err;
840+
841+ /* This one will be freed later in fetch handler */
842+ pkc->cookie = buf;
843+ return rc;
844+ }
845+err:
846+ kfree(buf);
847+ return rc;
848+}
849+
850+int crypto_run_asym(struct cryptodev_pkc *pkc)
851+{
852+ int ret = -EINVAL;
853+ struct kernel_crypt_kop *kop = &pkc->kop;
854+
855+ switch (kop->kop.crk_op) {
856+ case CRK_MOD_EXP:
857+ if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1)
858+ goto err;
859+
860+ ret = crypto_bn_modexp(pkc);
861+ break;
862+ case CRK_MOD_EXP_CRT:
863+ if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1)
864+ goto err;
865+
866+ ret = crypto_modexp_crt(pkc);
867+ break;
868+ case CRK_DSA_SIGN:
869+ if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) ||
870+ kop->kop.crk_oparams != 2)
871+ goto err;
872+
873+ ret = crypto_kop_dsasign(pkc);
874+ break;
875+ case CRK_DSA_VERIFY:
876+ if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) ||
877+ kop->kop.crk_oparams != 0)
878+ goto err;
879+
880+ ret = crypto_kop_dsaverify(pkc);
881+ break;
882+ case CRK_DH_COMPUTE_KEY:
883+ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) ||
884+ kop->kop.crk_oparams != 1)
885+ goto err;
886+ ret = crypto_kop_dh_key(pkc);
887+ break;
888+ }
889+err:
890+ return ret;
891+}
892+
893 int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop)
894 {
895 struct csession *ses_ptr;
896--
8972.3.5
898
diff --git a/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch b/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch
new file mode 100644
index 0000000..25a52a9
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch
@@ -0,0 +1,65 @@
1From 188f30f6233d05eb62b58bf6d94a16bcbeeae0ee Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Mon, 27 Apr 2015 15:26:14 +0300
4Subject: [PATCH 4/4] Add the compile and install rules for cryptodev tests
5
6Change-Id: Ica10dc563c77220dcf0e0993515230df8a86c34d
7Signed-off-by: Yu Zongchun <b40527@freescale.com>
8---
9 Makefile | 6 ++++++
10 tests/Makefile | 8 ++++++++
11 2 files changed, 14 insertions(+)
12
13diff --git a/Makefile b/Makefile
14index 855bb54..5497037 100644
15--- a/Makefile
16+++ b/Makefile
17@@ -32,6 +32,9 @@ install: modules_install
18 modules_install:
19 make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install
20
21+install_tests:
22+ make -C tests install DESTDIR=$(PREFIX)
23+
24 clean:
25 make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean
26 rm -f $(hostprogs) *~
27@@ -40,6 +43,9 @@ clean:
28 check:
29 CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) make -C tests check
30
31+testprogs:
32+ KERNEL_DIR=$(KERNEL_DIR) make -C tests testprogs
33+
34 CPOPTS =
35 ifneq (${SHOW_TYPES},)
36 CPOPTS += --show-types
37diff --git a/tests/Makefile b/tests/Makefile
38index 20c52ba..67c3c83 100644
39--- a/tests/Makefile
40+++ b/tests/Makefile
41@@ -19,6 +19,12 @@ example-async-hmac-objs := async_hmac.o
42 example-async-speed-objs := async_speed.o
43 example-hashcrypt-speed-objs := hashcrypt_speed.c
44
45+install:
46+ install -d $(DESTDIR)/usr/bin/tests_cryptodev
47+ for bin in $(hostprogs); do \
48+ install -m 755 $${bin} $(DESTDIR)/usr/bin/tests_cryptodev/; \
49+ done
50+
51 check: $(hostprogs)
52 ./cipher
53 ./hmac
54@@ -28,6 +34,8 @@ check: $(hostprogs)
55 ./cipher-gcm
56 ./cipher-aead
57
58+testprogs: $(hostprogs)
59+
60 clean:
61 rm -f *.o *~ $(hostprogs)
62
63--
642.3.5
65
diff --git a/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch b/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch
new file mode 100644
index 0000000..2f35768
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch
@@ -0,0 +1,200 @@
1From b109fbdb64de6be0dc2f0d2ef108cead34652495 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 06:52:13 +0545
4Subject: [PATCH 04/15] Compat versions of PKC IOCTLs
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 cryptodev_int.h | 20 ++++++++++
11 ioctl.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
12 2 files changed, 140 insertions(+)
13
14diff --git a/cryptodev_int.h b/cryptodev_int.h
15index fdbcc61..cf54dac 100644
16--- a/cryptodev_int.h
17+++ b/cryptodev_int.h
18@@ -75,6 +75,24 @@ struct compat_crypt_op {
19 compat_uptr_t iv;/* initialization vector for encryption operations */
20 };
21
22+/* input of CIOCKEY */
23+struct compat_crparam {
24+ compat_uptr_t crp_p;
25+ uint32_t crp_nbits;
26+};
27+
28+struct compat_crypt_kop {
29+ uint32_t crk_op; /* cryptodev_crk_ot_t */
30+ uint32_t crk_status;
31+ uint16_t crk_iparams;
32+ uint16_t crk_oparams;
33+ uint32_t crk_pad1;
34+ struct compat_crparam crk_param[CRK_MAXPARAM];
35+ enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME,
36+ 2 = EC_BINARY */
37+ compat_uptr_t cookie;
38+};
39+
40 /* input of CIOCAUTHCRYPT */
41 struct compat_crypt_auth_op {
42 uint32_t ses; /* session identifier */
43@@ -111,6 +129,8 @@ struct compat_crypt_auth_op {
44 #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op)
45 #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op)
46 #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op)
47+#define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop)
48+#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop)
49
50 #endif /* CONFIG_COMPAT */
51
52diff --git a/ioctl.c b/ioctl.c
53index 69980e3..9431025 100644
54--- a/ioctl.c
55+++ b/ioctl.c
56@@ -1081,6 +1081,68 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
57 /* compatibility code for 32bit userlands */
58 #ifdef CONFIG_COMPAT
59
60+static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat,
61+ struct crypt_kop *kop)
62+{
63+ int i;
64+ kop->crk_op = compat->crk_op;
65+ kop->crk_status = compat->crk_status;
66+ kop->crk_iparams = compat->crk_iparams;
67+ kop->crk_oparams = compat->crk_oparams;
68+
69+ for (i = 0; i < CRK_MAXPARAM; i++) {
70+ kop->crk_param[i].crp_p =
71+ compat_ptr(compat->crk_param[i].crp_p);
72+ kop->crk_param[i].crp_nbits = compat->crk_param[i].crp_nbits;
73+ }
74+
75+ kop->curve_type = compat->curve_type;
76+ kop->cookie = compat->cookie;
77+}
78+
79+static int compat_kop_from_user(struct kernel_crypt_kop *kop,
80+ void __user *arg)
81+{
82+ struct compat_crypt_kop compat_kop;
83+
84+ if (unlikely(copy_from_user(&compat_kop, arg, sizeof(compat_kop))))
85+ return -EFAULT;
86+
87+ compat_to_crypt_kop(&compat_kop, &kop->kop);
88+ return fill_kop_from_cop(kop);
89+}
90+
91+static inline void crypt_kop_to_compat(struct crypt_kop *kop,
92+ struct compat_crypt_kop *compat)
93+{
94+ int i;
95+
96+ compat->crk_op = kop->crk_op;
97+ compat->crk_status = kop->crk_status;
98+ compat->crk_iparams = kop->crk_iparams;
99+ compat->crk_oparams = kop->crk_oparams;
100+
101+ for (i = 0; i < CRK_MAXPARAM; i++) {
102+ compat->crk_param[i].crp_p =
103+ ptr_to_compat(kop->crk_param[i].crp_p);
104+ compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits;
105+ }
106+ compat->cookie = kop->cookie;
107+ compat->curve_type = kop->curve_type;
108+}
109+
110+static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg)
111+{
112+ struct compat_crypt_kop compat_kop;
113+
114+ crypt_kop_to_compat(&kop->kop, &compat_kop);
115+ if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) {
116+ dprintk(1, KERN_ERR, "Cannot copy to userspace\n");
117+ return -EFAULT;
118+ }
119+ return 0;
120+}
121+
122 static inline void
123 compat_to_session_op(struct compat_session_op *compat, struct session_op *sop)
124 {
125@@ -1208,7 +1270,26 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
126 return -EFAULT;
127 }
128 return ret;
129+ case COMPAT_CIOCKEY:
130+ {
131+ struct cryptodev_pkc *pkc =
132+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
133+
134+ if (!pkc)
135+ return -ENOMEM;
136+
137+ ret = compat_kop_from_user(&pkc->kop, arg);
138+
139+ if (unlikely(ret)) {
140+ kfree(pkc);
141+ return ret;
142+ }
143
144+ pkc->type = SYNCHRONOUS;
145+ ret = crypto_run_asym(pkc);
146+ kfree(pkc);
147+ }
148+ return ret;
149 case COMPAT_CIOCCRYPT:
150 ret = compat_kcop_from_user(&kcop, fcr, arg);
151 if (unlikely(ret))
152@@ -1247,6 +1328,45 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
153
154 return compat_kcop_to_user(&kcop, fcr, arg);
155 #endif
156+ case COMPAT_CIOCASYMASYNCRYPT:
157+ {
158+ struct cryptodev_pkc *pkc =
159+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
160+
161+ ret = compat_kop_from_user(&pkc->kop, arg);
162+ if (unlikely(ret))
163+ return -EINVAL;
164+
165+ /* Store associated FD priv data with asymmetric request */
166+ pkc->priv = pcr;
167+ pkc->type = ASYNCHRONOUS;
168+ ret = crypto_run_asym(pkc);
169+ if (ret == -EINPROGRESS)
170+ ret = 0;
171+ }
172+ return ret;
173+ case COMPAT_CIOCASYMASYNFETCH:
174+ {
175+ struct cryptodev_pkc *pkc;
176+ unsigned long flags;
177+
178+ spin_lock_irqsave(&pcr->completion_lock, flags);
179+ if (list_empty(&pcr->asym_completed_list)) {
180+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
181+ return -ENOMEM;
182+ }
183+ pkc = list_first_entry(&pcr->asym_completed_list,
184+ struct cryptodev_pkc, list);
185+ list_del(&pkc->list);
186+ spin_unlock_irqrestore(&pcr->completion_lock, flags);
187+ ret = crypto_async_fetch_asym(pkc);
188+
189+ /* Reflect the updated request to user-space */
190+ if (!ret)
191+ compat_kop_to_user(&pkc->kop, arg);
192+ kfree(pkc);
193+ }
194+ return ret;
195 default:
196 return -EINVAL;
197 }
198--
1992.3.5
200
diff --git a/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch b/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch
new file mode 100644
index 0000000..8827fb0
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch
@@ -0,0 +1,213 @@
1From 7594d5375d998eb25241750b623661ff021697d3 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 07:24:00 +0545
4Subject: [PATCH 05/15] Asynchronous interface changes in cryptodev
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 cryptlib.h | 7 ++++-
11 crypto/cryptodev.h | 10 ++++++-
12 cryptodev_int.h | 10 ++++++-
13 ioctl.c | 76 +++++++++++++++++++++++++++++++++++++-----------------
14 4 files changed, 76 insertions(+), 27 deletions(-)
15
16diff --git a/cryptlib.h b/cryptlib.h
17index 56d325a..7ffa54c 100644
18--- a/cryptlib.h
19+++ b/cryptlib.h
20@@ -113,7 +113,12 @@ struct cryptodev_pkc {
21 struct pkc_request req; /* PKC request structure allocated
22 from CryptoAPI */
23 enum offload_type type; /* Synchronous Vs Asynchronous request */
24- void *cookie; /*Additional opaque cookie to be used in future */
25+ /*
26+ * cookie used for transfering tranparent information from async
27+ * submission to async fetch. Currently some dynamic allocated
28+ * buffers are maintained which will be freed later during fetch
29+ */
30+ void *cookie;
31 struct crypt_priv *priv;
32 };
33
34diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
35index 96675fe..4436fbf 100644
36--- a/crypto/cryptodev.h
37+++ b/crypto/cryptodev.h
38@@ -254,6 +254,14 @@ struct crypt_kop {
39 void *cookie;
40 };
41
42+#define MAX_COOKIES 4
43+
44+struct pkc_cookie_list_s {
45+ int cookie_available;
46+ void *cookie[MAX_COOKIES];
47+ int status[MAX_COOKIES];
48+};
49+
50 enum cryptodev_crk_op_t {
51 CRK_MOD_EXP = 0,
52 CRK_MOD_EXP_CRT = 1,
53@@ -298,5 +306,5 @@ enum cryptodev_crk_op_t {
54 #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op)
55 /* additional ioctls for asynchronous operation for asymmetric ciphers*/
56 #define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop)
57-#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop)
58+#define CIOCASYMFETCHCOOKIE _IOR('c', 113, struct pkc_cookie_list_s)
59 #endif /* L_CRYPTODEV_H */
60diff --git a/cryptodev_int.h b/cryptodev_int.h
61index cf54dac..5347cae 100644
62--- a/cryptodev_int.h
63+++ b/cryptodev_int.h
64@@ -93,6 +93,12 @@ struct compat_crypt_kop {
65 compat_uptr_t cookie;
66 };
67
68+struct compat_pkc_cookie_list_s {
69+ int cookie_available;
70+ compat_uptr_t cookie[MAX_COOKIES];
71+ int status[MAX_COOKIES];
72+};
73+
74 /* input of CIOCAUTHCRYPT */
75 struct compat_crypt_auth_op {
76 uint32_t ses; /* session identifier */
77@@ -126,11 +132,13 @@ struct compat_crypt_auth_op {
78 /* compat ioctls, defined for the above structs */
79 #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op)
80 #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op)
81+#define COMPAT_CIOCKEY _IOW('c', 105, struct compat_crypt_kop)
82 #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op)
83 #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op)
84 #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op)
85 #define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop)
86-#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop)
87+#define COMPAT_CIOCASYMFETCHCOOKIE _IOR('c', 111, \
88+ struct compat_pkc_cookie_list_s)
89
90 #endif /* CONFIG_COMPAT */
91
92diff --git a/ioctl.c b/ioctl.c
93index 9431025..e2f407f 100644
94--- a/ioctl.c
95+++ b/ioctl.c
96@@ -105,8 +105,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err)
97 crypto_free_pkc(pkc->s);
98 res->err = err;
99 if (pkc->type == SYNCHRONOUS) {
100- if (err == -EINPROGRESS)
101- return;
102 complete(&res->completion);
103 } else {
104 struct crypt_priv *pcr = pkc->priv;
105@@ -1051,26 +1049,41 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
106 ret = 0;
107 }
108 return ret;
109- case CIOCASYMASYNFETCH:
110+ case CIOCASYMFETCHCOOKIE:
111 {
112 struct cryptodev_pkc *pkc;
113 unsigned long flags;
114+ int i;
115+ struct pkc_cookie_list_s cookie_list;
116
117 spin_lock_irqsave(&pcr->completion_lock, flags);
118- if (list_empty(&pcr->asym_completed_list)) {
119- spin_unlock_irqrestore(&pcr->completion_lock, flags);
120- return -ENOMEM;
121+ cookie_list.cookie_available = 0;
122+ for (i = 0; i < MAX_COOKIES; i++) {
123+ if (!list_empty(&pcr->asym_completed_list)) {
124+ /* Run a loop in the list for upto elements
125+ and copy their response back */
126+ pkc =
127+ list_first_entry(&pcr->asym_completed_list,
128+ struct cryptodev_pkc, list);
129+ list_del(&pkc->list);
130+ ret = crypto_async_fetch_asym(pkc);
131+ if (!ret) {
132+ cookie_list.cookie_available++;
133+ cookie_list.cookie[i] =
134+ pkc->kop.kop.cookie;
135+ cookie_list.status[i] = pkc->result.err;
136+ }
137+ kfree(pkc);
138+ } else {
139+ break;
140+ }
141 }
142- pkc = list_first_entry(&pcr->asym_completed_list,
143- struct cryptodev_pkc, list);
144- list_del(&pkc->list);
145 spin_unlock_irqrestore(&pcr->completion_lock, flags);
146- ret = crypto_async_fetch_asym(pkc);
147
148 /* Reflect the updated request to user-space */
149- if (!ret)
150- kop_to_user(&pkc->kop, arg);
151- kfree(pkc);
152+ if (cookie_list.cookie_available)
153+ copy_to_user(arg, &cookie_list,
154+ sizeof(struct pkc_cookie_list_s));
155 }
156 return ret;
157 default:
158@@ -1345,26 +1358,41 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
159 ret = 0;
160 }
161 return ret;
162- case COMPAT_CIOCASYMASYNFETCH:
163+ case COMPAT_CIOCASYMFETCHCOOKIE:
164 {
165 struct cryptodev_pkc *pkc;
166 unsigned long flags;
167+ int i = 0;
168+ struct compat_pkc_cookie_list_s cookie_list;
169
170 spin_lock_irqsave(&pcr->completion_lock, flags);
171- if (list_empty(&pcr->asym_completed_list)) {
172- spin_unlock_irqrestore(&pcr->completion_lock, flags);
173- return -ENOMEM;
174+ cookie_list.cookie_available = 0;
175+
176+ for (i = 0; i < MAX_COOKIES; i++) {
177+ if (!list_empty(&pcr->asym_completed_list)) {
178+ /* Run a loop in the list for upto elements
179+ and copy their response back */
180+ pkc =
181+ list_first_entry(&pcr->asym_completed_list,
182+ struct cryptodev_pkc, list);
183+ list_del(&pkc->list);
184+ ret = crypto_async_fetch_asym(pkc);
185+ if (!ret) {
186+ cookie_list.cookie_available++;
187+ cookie_list.cookie[i] =
188+ pkc->kop.kop.cookie;
189+ }
190+ kfree(pkc);
191+ } else {
192+ break;
193+ }
194 }
195- pkc = list_first_entry(&pcr->asym_completed_list,
196- struct cryptodev_pkc, list);
197- list_del(&pkc->list);
198 spin_unlock_irqrestore(&pcr->completion_lock, flags);
199- ret = crypto_async_fetch_asym(pkc);
200
201 /* Reflect the updated request to user-space */
202- if (!ret)
203- compat_kop_to_user(&pkc->kop, arg);
204- kfree(pkc);
205+ if (cookie_list.cookie_available)
206+ copy_to_user(arg, &cookie_list,
207+ sizeof(struct compat_pkc_cookie_list_s));
208 }
209 return ret;
210 default:
211--
2122.3.5
213
diff --git a/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch b/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch
new file mode 100644
index 0000000..89cace3
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch
@@ -0,0 +1,212 @@
1From eccd6277b067cd85094eb057225cc0a983300b9f Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 07:53:53 +0545
4Subject: [PATCH 06/15] ECC_KEYGEN and DLC_KEYGEN supported in cryptodev module
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 cryptlib.c | 2 ++
11 crypto/cryptodev.h | 5 +++-
12 ioctl.c | 29 +++++++++++++++++--
13 main.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
14 4 files changed, 118 insertions(+), 3 deletions(-)
15
16diff --git a/cryptlib.c b/cryptlib.c
17index 6900028..47cd568 100644
18--- a/cryptlib.c
19+++ b/cryptlib.c
20@@ -452,6 +452,8 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
21 case DSA_VERIFY:
22 case ECDSA_SIGN:
23 case ECDSA_VERIFY:
24+ case DLC_KEYGEN:
25+ case ECC_KEYGEN:
26 pkc->s = crypto_alloc_pkc("pkc(dsa)",
27 CRYPTO_ALG_TYPE_PKC_DSA, 0);
28 break;
29diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
30index 4436fbf..275a55c 100644
31--- a/crypto/cryptodev.h
32+++ b/crypto/cryptodev.h
33@@ -268,6 +268,8 @@ enum cryptodev_crk_op_t {
34 CRK_DSA_SIGN = 2,
35 CRK_DSA_VERIFY = 3,
36 CRK_DH_COMPUTE_KEY = 4,
37+ CRK_DSA_GENERATE_KEY = 5,
38+ CRK_DH_GENERATE_KEY = 6,
39 CRK_ALGORITHM_ALL
40 };
41
42@@ -280,7 +282,8 @@ enum cryptodev_crk_op_t {
43 #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN)
44 #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY)
45 #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY)
46-
47+#define CRF_DSA_GENERATE_KEY (1 << CRK_DSA_GENERATE_KEY)
48+#define CRF_DH_GENERATE_KEY (1 << CRK_DH_GENERATE_KEY)
49
50 /* ioctl's. Compatible with old linux cryptodev.h
51 */
52diff --git a/ioctl.c b/ioctl.c
53index e2f407f..1f0741a 100644
54--- a/ioctl.c
55+++ b/ioctl.c
56@@ -726,6 +726,23 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
57 dh_req->z, dh_req->z_len);
58 }
59 break;
60+ case CRK_DSA_GENERATE_KEY:
61+ case CRK_DH_GENERATE_KEY:
62+ {
63+ struct keygen_req_s *key_req = &pkc_req->req_u.keygen;
64+
65+ if (pkc_req->type == ECC_KEYGEN) {
66+ copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key,
67+ key_req->pub_key_len);
68+ copy_to_user(ckop->crk_param[5].crp_p,
69+ key_req->priv_key, key_req->priv_key_len);
70+ } else {
71+ copy_to_user(ckop->crk_param[3].crp_p,
72+ key_req->pub_key, key_req->pub_key_len);
73+ copy_to_user(ckop->crk_param[4].crp_p,
74+ key_req->priv_key, key_req->priv_key_len);
75+ }
76+ }
77 default:
78 ret = -EINVAL;
79 }
80@@ -939,8 +956,9 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
81
82 switch (cmd) {
83 case CIOCASYMFEAT:
84- return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP |
85- CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p);
86+ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN |
87+ CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY |
88+ CRF_DSA_GENERATE_KEY, p);
89 case CRIOGET:
90 fd = clonefd(filp);
91 ret = put_user(fd, p);
92@@ -1084,7 +1102,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
93 if (cookie_list.cookie_available)
94 copy_to_user(arg, &cookie_list,
95 sizeof(struct pkc_cookie_list_s));
96+ else {
97+ struct pkc_cookie_list_s *user_ck_list = (void *)arg;
98+
99+ put_user(0, &(user_ck_list->cookie_available));
100+ }
101+ ret = cookie_list.cookie_available;
102 }
103+
104 return ret;
105 default:
106 return -EINVAL;
107diff --git a/main.c b/main.c
108index 0b7951e..c901bc7 100644
109--- a/main.c
110+++ b/main.c
111@@ -342,6 +342,85 @@ err:
112 return rc;
113 }
114
115+int crypto_kop_keygen(struct cryptodev_pkc *pkc)
116+{
117+ struct kernel_crypt_kop *kop = &pkc->kop;
118+ struct crypt_kop *cop = &kop->kop;
119+ struct pkc_request *pkc_req;
120+ struct keygen_req_s *key_req;
121+ int rc, buf_size;
122+ uint8_t *buf;
123+
124+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
125+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
126+ !cop->crk_param[4].crp_nbits)
127+ return -EINVAL;
128+
129+ pkc_req = &pkc->req;
130+ key_req = &pkc_req->req_u.keygen;
131+ key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8;
132+ key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8;
133+ key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8;
134+ if (cop->crk_iparams == 3) {
135+ key_req->pub_key_len = (cop->crk_param[3].crp_nbits + 7)/8;
136+ key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
137+ buf_size = key_req->q_len + key_req->r_len + key_req->g_len +
138+ key_req->pub_key_len + key_req->priv_key_len;
139+ pkc_req->type = DLC_KEYGEN;
140+ } else {
141+ key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8;
142+ key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
143+ key_req->priv_key_len = (cop->crk_param[5].crp_nbits + 7)/8;
144+ buf_size = key_req->q_len + key_req->r_len + key_req->g_len +
145+ key_req->pub_key_len + key_req->priv_key_len +
146+ key_req->ab_len;
147+ pkc_req->type = ECC_KEYGEN;
148+ pkc_req->curve_type = cop->curve_type;
149+ }
150+
151+ buf = kzalloc(buf_size, GFP_DMA);
152+ if (!buf)
153+ return -ENOMEM;
154+
155+ key_req->q = buf;
156+ key_req->r = key_req->q + key_req->q_len;
157+ key_req->g = key_req->r + key_req->r_len;
158+ key_req->pub_key = key_req->g + key_req->g_len;
159+ key_req->priv_key = key_req->pub_key + key_req->pub_key_len;
160+ copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len);
161+ copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len);
162+ copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len);
163+ if (cop->crk_iparams == 3) {
164+ copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p,
165+ key_req->pub_key_len);
166+ copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p,
167+ key_req->priv_key_len);
168+ } else {
169+ key_req->ab = key_req->priv_key + key_req->priv_key_len;
170+ copy_from_user(key_req->ab, cop->crk_param[3].crp_p,
171+ key_req->ab_len);
172+ copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p,
173+ key_req->pub_key_len);
174+ copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p,
175+ key_req->priv_key_len);
176+ }
177+
178+ rc = cryptodev_pkc_offload(pkc);
179+ if (pkc->type == SYNCHRONOUS) {
180+ if (rc)
181+ goto err;
182+ } else {
183+ if (rc != -EINPROGRESS && !rc)
184+ goto err;
185+
186+ pkc->cookie = buf;
187+ return rc;
188+ }
189+err:
190+ kfree(buf);
191+ return rc;
192+}
193+
194 int crypto_kop_dh_key(struct cryptodev_pkc *pkc)
195 {
196 struct kernel_crypt_kop *kop = &pkc->kop;
197@@ -554,6 +633,12 @@ int crypto_run_asym(struct cryptodev_pkc *pkc)
198 goto err;
199 ret = crypto_kop_dh_key(pkc);
200 break;
201+ case CRK_DH_GENERATE_KEY:
202+ case CRK_DSA_GENERATE_KEY:
203+ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4))
204+ goto err;
205+ ret = crypto_kop_keygen(pkc);
206+ break;
207 }
208 err:
209 return ret;
210--
2112.3.5
212
diff --git a/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch b/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch
new file mode 100644
index 0000000..a76aca4
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch
@@ -0,0 +1,238 @@
1From 78c01e1882def52c72966c0e86913950ec201af9 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Fri, 7 Mar 2014 08:49:15 +0545
4Subject: [PATCH 07/15] RCU stall fixed in PKC asynchronous interface
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 ioctl.c | 23 +++++++++++------------
11 main.c | 43 +++++++++++++++++++++++++++----------------
12 2 files changed, 38 insertions(+), 28 deletions(-)
13
14diff --git a/ioctl.c b/ioctl.c
15index 1f0741a..e4e16a8 100644
16--- a/ioctl.c
17+++ b/ioctl.c
18@@ -108,10 +108,9 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err)
19 complete(&res->completion);
20 } else {
21 struct crypt_priv *pcr = pkc->priv;
22- unsigned long flags;
23- spin_lock_irqsave(&pcr->completion_lock, flags);
24+ spin_lock_bh(&pcr->completion_lock);
25 list_add_tail(&pkc->list, &pcr->asym_completed_list);
26- spin_unlock_irqrestore(&pcr->completion_lock, flags);
27+ spin_unlock_bh(&pcr->completion_lock);
28 /* wake for POLLIN */
29 wake_up_interruptible(&pcr->user_waiter);
30 }
31@@ -958,7 +957,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
32 case CIOCASYMFEAT:
33 return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN |
34 CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY |
35- CRF_DSA_GENERATE_KEY, p);
36+ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p);
37 case CRIOGET:
38 fd = clonefd(filp);
39 ret = put_user(fd, p);
40@@ -997,7 +996,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
41 case CIOCKEY:
42 {
43 struct cryptodev_pkc *pkc =
44- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
45+ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
46
47 if (!pkc)
48 return -ENOMEM;
49@@ -1053,7 +1052,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
50 case CIOCASYMASYNCRYPT:
51 {
52 struct cryptodev_pkc *pkc =
53- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
54+ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL);
55 ret = kop_from_user(&pkc->kop, arg);
56
57 if (unlikely(ret))
58@@ -1070,13 +1069,12 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
59 case CIOCASYMFETCHCOOKIE:
60 {
61 struct cryptodev_pkc *pkc;
62- unsigned long flags;
63 int i;
64 struct pkc_cookie_list_s cookie_list;
65
66- spin_lock_irqsave(&pcr->completion_lock, flags);
67 cookie_list.cookie_available = 0;
68 for (i = 0; i < MAX_COOKIES; i++) {
69+ spin_lock_bh(&pcr->completion_lock);
70 if (!list_empty(&pcr->asym_completed_list)) {
71 /* Run a loop in the list for upto elements
72 and copy their response back */
73@@ -1084,6 +1082,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
74 list_first_entry(&pcr->asym_completed_list,
75 struct cryptodev_pkc, list);
76 list_del(&pkc->list);
77+ spin_unlock_bh(&pcr->completion_lock);
78 ret = crypto_async_fetch_asym(pkc);
79 if (!ret) {
80 cookie_list.cookie_available++;
81@@ -1093,10 +1092,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
82 }
83 kfree(pkc);
84 } else {
85+ spin_unlock_bh(&pcr->completion_lock);
86 break;
87 }
88 }
89- spin_unlock_irqrestore(&pcr->completion_lock, flags);
90
91 /* Reflect the updated request to user-space */
92 if (cookie_list.cookie_available)
93@@ -1386,14 +1385,13 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
94 case COMPAT_CIOCASYMFETCHCOOKIE:
95 {
96 struct cryptodev_pkc *pkc;
97- unsigned long flags;
98 int i = 0;
99 struct compat_pkc_cookie_list_s cookie_list;
100
101- spin_lock_irqsave(&pcr->completion_lock, flags);
102 cookie_list.cookie_available = 0;
103
104 for (i = 0; i < MAX_COOKIES; i++) {
105+ spin_lock_bh(&pcr->completion_lock);
106 if (!list_empty(&pcr->asym_completed_list)) {
107 /* Run a loop in the list for upto elements
108 and copy their response back */
109@@ -1401,6 +1399,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
110 list_first_entry(&pcr->asym_completed_list,
111 struct cryptodev_pkc, list);
112 list_del(&pkc->list);
113+ spin_unlock_bh(&pcr->completion_lock);
114 ret = crypto_async_fetch_asym(pkc);
115 if (!ret) {
116 cookie_list.cookie_available++;
117@@ -1409,10 +1408,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
118 }
119 kfree(pkc);
120 } else {
121+ spin_unlock_bh(&pcr->completion_lock);
122 break;
123 }
124 }
125- spin_unlock_irqrestore(&pcr->completion_lock, flags);
126
127 /* Reflect the updated request to user-space */
128 if (cookie_list.cookie_available)
129diff --git a/main.c b/main.c
130index c901bc7..2747706 100644
131--- a/main.c
132+++ b/main.c
133@@ -215,7 +215,9 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc)
134 pkc_req->type = DSA_SIGN;
135 }
136
137- buf = kzalloc(buf_size, GFP_DMA);
138+ buf = kmalloc(buf_size, GFP_DMA);
139+ if (!buf)
140+ return -ENOMEM;
141
142 dsa_req->q = buf;
143 dsa_req->r = dsa_req->q + dsa_req->q_len;
144@@ -298,7 +300,9 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc)
145 pkc_req->type = DSA_VERIFY;
146 }
147
148- buf = kzalloc(buf_size, GFP_DMA);
149+ buf = kmalloc(buf_size, GFP_DMA);
150+ if (!buf)
151+ return -ENOMEM;
152
153 dsa_req->q = buf;
154 dsa_req->r = dsa_req->q + dsa_req->q_len;
155@@ -378,7 +382,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
156 pkc_req->curve_type = cop->curve_type;
157 }
158
159- buf = kzalloc(buf_size, GFP_DMA);
160+ buf = kmalloc(buf_size, GFP_DMA);
161 if (!buf)
162 return -ENOMEM;
163
164@@ -390,25 +394,28 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
165 copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len);
166 copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len);
167 copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len);
168- if (cop->crk_iparams == 3) {
169- copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p,
170- key_req->pub_key_len);
171- copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p,
172- key_req->priv_key_len);
173- } else {
174+ if (cop->crk_iparams == 4) {
175 key_req->ab = key_req->priv_key + key_req->priv_key_len;
176 copy_from_user(key_req->ab, cop->crk_param[3].crp_p,
177 key_req->ab_len);
178- copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p,
179- key_req->pub_key_len);
180- copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p,
181- key_req->priv_key_len);
182 }
183
184 rc = cryptodev_pkc_offload(pkc);
185 if (pkc->type == SYNCHRONOUS) {
186 if (rc)
187 goto err;
188+
189+ if (cop->crk_iparams == 4) {
190+ copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key,
191+ key_req->pub_key_len);
192+ copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key,
193+ key_req->priv_key_len);
194+ } else {
195+ copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key,
196+ key_req->pub_key_len);
197+ copy_to_user(cop->crk_param[4].crp_p,
198+ key_req->priv_key, key_req->priv_key_len);
199+ }
200 } else {
201 if (rc != -EINPROGRESS && !rc)
202 goto err;
203@@ -447,7 +454,9 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc)
204 pkc_req->type = DH_COMPUTE_KEY;
205 }
206 buf_size += dh_req->z_len;
207- buf = kzalloc(buf_size, GFP_DMA);
208+ buf = kmalloc(buf_size, GFP_DMA);
209+ if (!buf)
210+ return -ENOMEM;
211 dh_req->q = buf;
212 dh_req->s = dh_req->q + dh_req->q_len;
213 dh_req->pub_key = dh_req->s + dh_req->s_len;
214@@ -508,9 +517,11 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc)
215 rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8;
216 rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8;
217 rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8;
218- buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len +
219+ buf = kmalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len +
220 rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len +
221 rsa_req->g_len, GFP_DMA);
222+ if (!buf)
223+ return -ENOMEM;
224 rsa_req->p = buf;
225 rsa_req->q = rsa_req->p + rsa_req->p_len;
226 rsa_req->g = rsa_req->q + rsa_req->q_len;
227@@ -563,7 +574,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc)
228 rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8;
229 rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8;
230 rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8;
231- buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len
232+ buf = kmalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len
233 + rsa_req->g_len, GFP_DMA);
234 if (!buf)
235 return -ENOMEM;
236--
2372.3.5
238
diff --git a/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch b/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch
new file mode 100644
index 0000000..d251c66
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch
@@ -0,0 +1,170 @@
1From 5127db3483a2e4f6dc13330bea7237931c5f15a0 Mon Sep 17 00:00:00 2001
2From: Hou Zhiqiang <B48286@freescale.com>
3Date: Wed, 19 Mar 2014 14:02:46 +0800
4Subject: [PATCH 08/15] Add RSA Key generation offloading
5
6Upstream-status: Pending
7
8Signed-off-by: Hou Zhiqiang <B48286@freescale.com>
9Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
10---
11 cryptlib.c | 1 +
12 crypto/cryptodev.h | 2 ++
13 ioctl.c | 3 +-
14 main.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
15 4 files changed, 84 insertions(+), 2 deletions(-)
16
17diff --git a/cryptlib.c b/cryptlib.c
18index 47cd568..4dd1847 100644
19--- a/cryptlib.c
20+++ b/cryptlib.c
21@@ -441,6 +441,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
22 struct pkc_request *pkc_req = &pkc->req, *pkc_requested;
23
24 switch (pkc_req->type) {
25+ case RSA_KEYGEN:
26 case RSA_PUB:
27 case RSA_PRIV_FORM1:
28 case RSA_PRIV_FORM2:
29diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
30index 275a55c..d0cc542 100644
31--- a/crypto/cryptodev.h
32+++ b/crypto/cryptodev.h
33@@ -270,6 +270,7 @@ enum cryptodev_crk_op_t {
34 CRK_DH_COMPUTE_KEY = 4,
35 CRK_DSA_GENERATE_KEY = 5,
36 CRK_DH_GENERATE_KEY = 6,
37+ CRK_RSA_GENERATE_KEY = 7,
38 CRK_ALGORITHM_ALL
39 };
40
41@@ -279,6 +280,7 @@ enum cryptodev_crk_op_t {
42 */
43 #define CRF_MOD_EXP (1 << CRK_MOD_EXP)
44 #define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT)
45+#define CRF_RSA_GENERATE_KEY (1 << CRK_RSA_GENERATE_KEY)
46 #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN)
47 #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY)
48 #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY)
49diff --git a/ioctl.c b/ioctl.c
50index e4e16a8..3762a47 100644
51--- a/ioctl.c
52+++ b/ioctl.c
53@@ -957,7 +957,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
54 case CIOCASYMFEAT:
55 return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN |
56 CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY |
57- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p);
58+ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY |
59+ CRF_RSA_GENERATE_KEY, p);
60 case CRIOGET:
61 fd = clonefd(filp);
62 ret = put_user(fd, p);
63diff --git a/main.c b/main.c
64index 2747706..14dcf40 100644
65--- a/main.c
66+++ b/main.c
67@@ -346,6 +346,82 @@ err:
68 return rc;
69 }
70
71+int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc)
72+{
73+ struct kernel_crypt_kop *kop = &pkc->kop;
74+ struct crypt_kop *cop = &kop->kop;
75+ struct pkc_request *pkc_req;
76+ struct rsa_keygen_req_s *key_req;
77+ int rc, buf_size;
78+ uint8_t *buf;
79+
80+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits ||
81+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits ||
82+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits ||
83+ !cop->crk_param[6].crp_nbits)
84+ return -EINVAL;
85+
86+ pkc_req = &pkc->req;
87+ pkc_req->type = RSA_KEYGEN;
88+ key_req = &pkc_req->req_u.rsa_keygen;
89+ key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8;
90+ key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8;
91+ key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8;
92+ key_req->n_len = (cop->crk_param[2].crp_nbits + 7) / 8;
93+ key_req->d_len = (cop->crk_param[3].crp_nbits + 7) / 8;
94+ key_req->dp_len = (cop->crk_param[4].crp_nbits + 7) / 8;
95+ key_req->dq_len = (cop->crk_param[5].crp_nbits + 7) / 8;
96+ key_req->c_len = (cop->crk_param[6].crp_nbits + 7) / 8;
97+
98+ buf_size = key_req->p_len + key_req->q_len + key_req->n_len +
99+ key_req->d_len + key_req->dp_len +
100+ key_req->dq_len + key_req->c_len;
101+
102+ buf = kmalloc(buf_size, GFP_DMA);
103+ if (!buf)
104+ return -ENOMEM;
105+ key_req->p = buf;
106+ key_req->q = key_req->p + key_req->p_len;
107+ key_req->n = key_req->q + key_req->q_len;
108+ key_req->d = key_req->n + key_req->n_len;
109+ key_req->dp = key_req->d + key_req->d_len;
110+ key_req->dq = key_req->dp + key_req->dp_len;
111+ key_req->c = key_req->dq + key_req->dq_len;
112+
113+ rc = cryptodev_pkc_offload(pkc);
114+
115+ if (pkc->type == SYNCHRONOUS) {
116+ if (rc)
117+ goto err;
118+
119+ copy_to_user(cop->crk_param[0].crp_p,
120+ key_req->p, key_req->p_len);
121+ copy_to_user(cop->crk_param[1].crp_p,
122+ key_req->q, key_req->q_len);
123+ copy_to_user(cop->crk_param[2].crp_p,
124+ key_req->n, key_req->n_len);
125+ copy_to_user(cop->crk_param[3].crp_p,
126+ key_req->d, key_req->d_len);
127+ copy_to_user(cop->crk_param[4].crp_p,
128+ key_req->dp, key_req->dp_len);
129+ copy_to_user(cop->crk_param[5].crp_p,
130+ key_req->dq, key_req->dq_len);
131+ copy_to_user(cop->crk_param[6].crp_p,
132+ key_req->c, key_req->c_len);
133+ } else {
134+ if (rc != -EINPROGRESS && !rc) {
135+ printk("%s: Failed\n", __func__);
136+ goto err;
137+ }
138+ pkc->cookie = buf;
139+ return rc;
140+ }
141+err:
142+ kfree(buf);
143+ return rc;
144+
145+}
146+
147 int crypto_kop_keygen(struct cryptodev_pkc *pkc)
148 {
149 struct kernel_crypt_kop *kop = &pkc->kop;
150@@ -385,7 +461,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
151 buf = kmalloc(buf_size, GFP_DMA);
152 if (!buf)
153 return -ENOMEM;
154-
155 key_req->q = buf;
156 key_req->r = key_req->q + key_req->q_len;
157 key_req->g = key_req->r + key_req->r_len;
158@@ -650,6 +725,9 @@ int crypto_run_asym(struct cryptodev_pkc *pkc)
159 goto err;
160 ret = crypto_kop_keygen(pkc);
161 break;
162+ case CRK_RSA_GENERATE_KEY:
163+ ret = crypto_kop_rsa_keygen(pkc);
164+ break;
165 }
166 err:
167 return ret;
168--
1692.3.5
170
diff --git a/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch b/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch
new file mode 100644
index 0000000..2213fae
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch
@@ -0,0 +1,160 @@
1From 800af48d0c26830943ca2308dd426b5b09811750 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Thu, 17 Apr 2014 07:08:47 +0545
4Subject: [PATCH 09/15] Fixed compilation error of openssl with fsl cryptodev
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
10---
11 authenc.c | 1 +
12 cryptlib.c | 9 ++++-----
13 crypto/cryptodev.h | 9 ++++++++-
14 cryptodev_int.h | 2 +-
15 ioctl.c | 8 ++++++--
16 main.c | 1 +
17 6 files changed, 21 insertions(+), 9 deletions(-)
18
19diff --git a/authenc.c b/authenc.c
20index ef0d3db..2aa4d38 100644
21--- a/authenc.c
22+++ b/authenc.c
23@@ -2,6 +2,7 @@
24 * Driver for /dev/crypto device (aka CryptoDev)
25 *
26 * Copyright (c) 2011, 2012 OpenSSL Software Foundation, Inc.
27+ * Copyright (c) 2014 Freescale Semiconductor, Inc.
28 *
29 * Author: Nikos Mavrogiannopoulos
30 *
31diff --git a/cryptlib.c b/cryptlib.c
32index 4dd1847..ec6693e 100644
33--- a/cryptlib.c
34+++ b/cryptlib.c
35@@ -4,8 +4,7 @@
36 * Copyright (c) 2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org>
37 * Portions Copyright (c) 2010 Michael Weiser
38 * Portions Copyright (c) 2010 Phil Sutter
39- *
40- * Copyright 2012 Freescale Semiconductor, Inc.
41+ * Copyright 2012-2014 Freescale Semiconductor, Inc.
42 *
43 * This file is part of linux cryptodev.
44 *
45@@ -144,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
46 if (alg->max_keysize > 0 &&
47 unlikely((keylen < alg->min_keysize) ||
48 (keylen > alg->max_keysize))) {
49- ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.",
50+ ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.",
51 keylen, alg_name, alg->min_keysize, alg->max_keysize);
52 ret = -EINVAL;
53 goto error;
54@@ -171,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
55 }
56
57 if (unlikely(ret)) {
58- ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8);
59+ ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8);
60 ret = -EINVAL;
61 goto error;
62 }
63@@ -338,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name,
64 if (hmac_mode != 0) {
65 ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen);
66 if (unlikely(ret)) {
67- ddebug(1, "Setting hmac key failed for %s-%zu.",
68+ ddebug(1, "Setting hmac key failed for %s-%u.",
69 alg_name, mackeylen*8);
70 ret = -EINVAL;
71 goto error;
72diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
73index d0cc542..e7edd97 100644
74--- a/crypto/cryptodev.h
75+++ b/crypto/cryptodev.h
76@@ -234,6 +234,13 @@ struct crypt_auth_op {
77 #define CRYPTO_ALG_FLAG_RNG_ENABLE 2
78 #define CRYPTO_ALG_FLAG_DSA_SHA 4
79
80+enum ec_curve_t {
81+ EC_DISCRETE_LOG,
82+ EC_PRIME,
83+ EC_BINARY,
84+ MAX_EC_TYPE
85+};
86+
87 struct crparam {
88 __u8 *crp_p;
89 __u32 crp_nbits;
90@@ -249,7 +256,7 @@ struct crypt_kop {
91 __u16 crk_oparams;
92 __u32 crk_pad1;
93 struct crparam crk_param[CRK_MAXPARAM];
94- enum curve_t curve_type; /* 0 == Discrete Log,
95+ enum ec_curve_t curve_type; /* 0 == Discrete Log,
96 1 = EC_PRIME, 2 = EC_BINARY */
97 void *cookie;
98 };
99diff --git a/cryptodev_int.h b/cryptodev_int.h
100index 5347cae..c83c885 100644
101--- a/cryptodev_int.h
102+++ b/cryptodev_int.h
103@@ -88,7 +88,7 @@ struct compat_crypt_kop {
104 uint16_t crk_oparams;
105 uint32_t crk_pad1;
106 struct compat_crparam crk_param[CRK_MAXPARAM];
107- enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME,
108+ enum ec_curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME,
109 2 = EC_BINARY */
110 compat_uptr_t cookie;
111 };
112diff --git a/ioctl.c b/ioctl.c
113index 3762a47..c97320b 100644
114--- a/ioctl.c
115+++ b/ioctl.c
116@@ -4,7 +4,7 @@
117 * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs
118 * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org>
119 * Copyright (c) 2010 Phil Sutter
120- * Copyright 2012 Freescale Semiconductor, Inc.
121+ * Copyright 2012-2014 Freescale Semiconductor, Inc.
122 *
123 * This file is part of linux cryptodev.
124 *
125@@ -501,6 +501,7 @@ cryptodev_open(struct inode *inode, struct file *filp)
126 INIT_LIST_HEAD(&pcr->done.list);
127 INIT_LIST_HEAD(&pcr->asym_completed_list);
128 spin_lock_init(&pcr->completion_lock);
129+
130 INIT_WORK(&pcr->cryptask, cryptask_routine);
131
132 init_waitqueue_head(&pcr->user_waiter);
133@@ -780,8 +781,11 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr)
134
135 if (cop->iv) {
136 rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen);
137- if (unlikely(rc))
138+ if (unlikely(rc)) {
139+ derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p",
140+ kcop->ivlen, rc, cop->iv);
141 return -EFAULT;
142+ }
143 }
144
145 return 0;
146diff --git a/main.c b/main.c
147index 14dcf40..6365911 100644
148--- a/main.c
149+++ b/main.c
150@@ -3,6 +3,7 @@
151 *
152 * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs
153 * Copyright (c) 2009-2013 Nikos Mavrogiannopoulos <nmav@gnutls.org>
154+ * Copyright (c) 2014 Freescale Semiconductor, Inc.
155 *
156 * This file is part of linux cryptodev.
157 *
158--
1592.3.5
160
diff --git a/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch b/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch
new file mode 100644
index 0000000..2032159
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch
@@ -0,0 +1,54 @@
1From 55ee0ae703a68db74a492f5910937260502b9602 Mon Sep 17 00:00:00 2001
2From: Tudor Ambarus <tudor.ambarus@freescale.com>
3Date: Tue, 10 Jun 2014 08:27:59 +0300
4Subject: [PATCH 10/15] add support for composite TLS10(SHA1,3DES) algorithm
5 offload
6
7This adds support for composite algorithm offload in a single crypto
8(cipher + hmac) operation.
9
10It requires either software or hardware TLS support in the Linux kernel
11and can be used with Freescale B*, P* and T* platforms that have support
12for hardware TLS acceleration.
13
14Change-Id: Ibce0ceb4174809c9c96b453cd3202bc5220ff084
15Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
16Reviewed-on: http://git.am.freescale.net:8181/34000
17Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
18Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
19---
20 crypto/cryptodev.h | 1 +
21 ioctl.c | 5 +++++
22 2 files changed, 6 insertions(+)
23
24diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
25index e7edd97..07f40b2 100644
26--- a/crypto/cryptodev.h
27+++ b/crypto/cryptodev.h
28@@ -55,6 +55,7 @@ enum cryptodev_crypto_op_t {
29 CRYPTO_SHA2_512,
30 CRYPTO_SHA2_224_HMAC,
31 CRYPTO_TLS10_AES_CBC_HMAC_SHA1,
32+ CRYPTO_TLS10_3DES_CBC_HMAC_SHA1,
33 CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */
34 };
35
36diff --git a/ioctl.c b/ioctl.c
37index c97320b..574e913 100644
38--- a/ioctl.c
39+++ b/ioctl.c
40@@ -191,6 +191,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
41 stream = 0;
42 aead = 1;
43 break;
44+ case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1:
45+ alg_name = "tls10(hmac(sha1),cbc(des3_ede))";
46+ stream = 0;
47+ aead = 1;
48+ break;
49 case CRYPTO_NULL:
50 alg_name = "ecb(cipher_null)";
51 stream = 1;
52--
532.3.5
54
diff --git a/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch b/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch
new file mode 100644
index 0000000..37862b5
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch
@@ -0,0 +1,76 @@
1From 06cca15fd0412ae872c2b2c5d50216e1eb34fc50 Mon Sep 17 00:00:00 2001
2From: Tudor Ambarus <tudor.ambarus@freescale.com>
3Date: Tue, 31 Mar 2015 16:15:47 +0300
4Subject: [PATCH 11/15] add support for TLSv1.1 record offload
5
6This adds support for composite algorithm offload in a single crypto
7(cipher + hmac) operation.
8
9Supported cipher suites:
10- 3des-ede-cbc-sha
11- aes-128-cbc-hmac-sha
12- aes-256-cbc-hmac-sha
13
14It requires either software or hardware TLS support in the Linux kernel
15and can be used with Freescale B*, P* and T* platforms that have support
16for hardware TLS acceleration.
17
18Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
19Change-Id: Ia5f3fa7ec090d5643d71b0f608c68a274ec6b51f
20Reviewed-on: http://git.am.freescale.net:8181/33998
21Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
22Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
23---
24 crypto/cryptodev.h | 4 +++-
25 ioctl.c | 14 ++++++++++++--
26 2 files changed, 15 insertions(+), 3 deletions(-)
27
28diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
29index 07f40b2..61e8599 100644
30--- a/crypto/cryptodev.h
31+++ b/crypto/cryptodev.h
32@@ -54,8 +54,10 @@ enum cryptodev_crypto_op_t {
33 CRYPTO_SHA2_384,
34 CRYPTO_SHA2_512,
35 CRYPTO_SHA2_224_HMAC,
36- CRYPTO_TLS10_AES_CBC_HMAC_SHA1,
37 CRYPTO_TLS10_3DES_CBC_HMAC_SHA1,
38+ CRYPTO_TLS10_AES_CBC_HMAC_SHA1,
39+ CRYPTO_TLS11_3DES_CBC_HMAC_SHA1,
40+ CRYPTO_TLS11_AES_CBC_HMAC_SHA1,
41 CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */
42 };
43
44diff --git a/ioctl.c b/ioctl.c
45index 574e913..ba82387 100644
46--- a/ioctl.c
47+++ b/ioctl.c
48@@ -186,13 +186,23 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
49 stream = 1;
50 aead = 1;
51 break;
52+ case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1:
53+ alg_name = "tls10(hmac(sha1),cbc(des3_ede))";
54+ stream = 0;
55+ aead = 1;
56+ break;
57 case CRYPTO_TLS10_AES_CBC_HMAC_SHA1:
58 alg_name = "tls10(hmac(sha1),cbc(aes))";
59 stream = 0;
60 aead = 1;
61 break;
62- case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1:
63- alg_name = "tls10(hmac(sha1),cbc(des3_ede))";
64+ case CRYPTO_TLS11_3DES_CBC_HMAC_SHA1:
65+ alg_name = "tls11(hmac(sha1),cbc(des3_ede))";
66+ stream = 0;
67+ aead = 1;
68+ break;
69+ case CRYPTO_TLS11_AES_CBC_HMAC_SHA1:
70+ alg_name = "tls11(hmac(sha1),cbc(aes))";
71 stream = 0;
72 aead = 1;
73 break;
74--
752.3.5
76
diff --git a/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch b/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch
new file mode 100644
index 0000000..6aa672a
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch
@@ -0,0 +1,72 @@
1From 15999e402dd7472cafe51be3fd0ce66433ca924b Mon Sep 17 00:00:00 2001
2From: Tudor Ambarus <tudor.ambarus@freescale.com>
3Date: Tue, 31 Mar 2015 16:16:28 +0300
4Subject: [PATCH 12/15] add support for TLSv1.2 record offload
5
6This adds support for composite algorithm offload in a single crypto
7(cipher + hmac) operation.
8
9Supported cipher suites:
10- 3des-ede-cbc-sha
11- aes-128-cbc-hmac-sha
12- aes-256-cbc-hmac-sha
13- aes-128-cbc-hmac-sha256
14- aes-256-cbc-hmac-sha256
15
16It requires either software or hardware TLS support in the Linux kernel
17and can be used with Freescale B*, P* and T* platforms that have support
18for hardware TLS acceleration.
19
20Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
21Change-Id: I21f45993505fc3dad09848a13aa20f778a7c2de0
22Reviewed-on: http://git.am.freescale.net:8181/33999
23Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
24Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
25---
26 crypto/cryptodev.h | 3 +++
27 ioctl.c | 15 +++++++++++++++
28 2 files changed, 18 insertions(+)
29
30diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h
31index 61e8599..f6058ca 100644
32--- a/crypto/cryptodev.h
33+++ b/crypto/cryptodev.h
34@@ -58,6 +58,9 @@ enum cryptodev_crypto_op_t {
35 CRYPTO_TLS10_AES_CBC_HMAC_SHA1,
36 CRYPTO_TLS11_3DES_CBC_HMAC_SHA1,
37 CRYPTO_TLS11_AES_CBC_HMAC_SHA1,
38+ CRYPTO_TLS12_3DES_CBC_HMAC_SHA1,
39+ CRYPTO_TLS12_AES_CBC_HMAC_SHA1,
40+ CRYPTO_TLS12_AES_CBC_HMAC_SHA256,
41 CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */
42 };
43
44diff --git a/ioctl.c b/ioctl.c
45index ba82387..fb4c4e3 100644
46--- a/ioctl.c
47+++ b/ioctl.c
48@@ -206,6 +206,21 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
49 stream = 0;
50 aead = 1;
51 break;
52+ case CRYPTO_TLS12_3DES_CBC_HMAC_SHA1:
53+ alg_name = "tls12(hmac(sha1),cbc(des3_ede))";
54+ stream = 0;
55+ aead = 1;
56+ break;
57+ case CRYPTO_TLS12_AES_CBC_HMAC_SHA1:
58+ alg_name = "tls12(hmac(sha1),cbc(aes))";
59+ stream = 0;
60+ aead = 1;
61+ break;
62+ case CRYPTO_TLS12_AES_CBC_HMAC_SHA256:
63+ alg_name = "tls12(hmac(sha256),cbc(aes))";
64+ stream = 0;
65+ aead = 1;
66+ break;
67 case CRYPTO_NULL:
68 alg_name = "ecb(cipher_null)";
69 stream = 1;
70--
712.3.5
72
diff --git a/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch b/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch
new file mode 100644
index 0000000..86cf6a2
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch
@@ -0,0 +1,186 @@
1From 39abcb9cea60540528e848d6c66169c36d666861 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Fri, 20 Feb 2015 12:46:58 +0200
4Subject: [PATCH 13/15] clean-up code layout
5
6Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
7Change-Id: I92c2f4baeed9470a2c3c42b592d878e65918b0af
8Reviewed-on: http://git.am.freescale.net:8181/34222
9---
10 cryptlib.c | 11 ++++-------
11 ioctl.c | 55 +++++++++++++++++++++----------------------------------
12 main.c | 4 +---
13 3 files changed, 26 insertions(+), 44 deletions(-)
14
15diff --git a/cryptlib.c b/cryptlib.c
16index ec6693e..21e691b 100644
17--- a/cryptlib.c
18+++ b/cryptlib.c
19@@ -434,7 +434,7 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output)
20 return waitfor(hdata->async.result, ret);
21 }
22
23-int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
24+int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
25 {
26 int ret = 0;
27 struct pkc_request *pkc_req = &pkc->req, *pkc_requested;
28@@ -445,8 +445,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
29 case RSA_PRIV_FORM1:
30 case RSA_PRIV_FORM2:
31 case RSA_PRIV_FORM3:
32- pkc->s = crypto_alloc_pkc("pkc(rsa)",
33- CRYPTO_ALG_TYPE_PKC_RSA, 0);
34+ pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0);
35 break;
36 case DSA_SIGN:
37 case DSA_VERIFY:
38@@ -454,13 +453,11 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
39 case ECDSA_VERIFY:
40 case DLC_KEYGEN:
41 case ECC_KEYGEN:
42- pkc->s = crypto_alloc_pkc("pkc(dsa)",
43- CRYPTO_ALG_TYPE_PKC_DSA, 0);
44+ pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0);
45 break;
46 case DH_COMPUTE_KEY:
47 case ECDH_COMPUTE_KEY:
48- pkc->s = crypto_alloc_pkc("pkc(dh)",
49- CRYPTO_ALG_TYPE_PKC_DH, 0);
50+ pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0);
51 break;
52 default:
53 return -EINVAL;
54diff --git a/ioctl.c b/ioctl.c
55index fb4c4e3..ee0486c 100644
56--- a/ioctl.c
57+++ b/ioctl.c
58@@ -714,16 +714,13 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
59 case CRK_MOD_EXP:
60 {
61 struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req;
62- copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g,
63- rsa_req->g_len);
64+ copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len);
65 }
66 break;
67 case CRK_MOD_EXP_CRT:
68 {
69- struct rsa_priv_frm3_req_s *rsa_req =
70- &pkc_req->req_u.rsa_priv_f3;
71- copy_to_user(ckop->crk_param[6].crp_p,
72- rsa_req->f, rsa_req->f_len);
73+ struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3;
74+ copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len);
75 }
76 break;
77 case CRK_DSA_SIGN:
78@@ -731,15 +728,11 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
79 struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign;
80
81 if (pkc_req->type == ECDSA_SIGN) {
82- copy_to_user(ckop->crk_param[6].crp_p,
83- dsa_req->c, dsa_req->d_len);
84- copy_to_user(ckop->crk_param[7].crp_p,
85- dsa_req->d, dsa_req->d_len);
86+ copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len);
87+ copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len);
88 } else {
89- copy_to_user(ckop->crk_param[5].crp_p,
90- dsa_req->c, dsa_req->d_len);
91- copy_to_user(ckop->crk_param[6].crp_p,
92- dsa_req->d, dsa_req->d_len);
93+ copy_to_user(ckop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len);
94+ copy_to_user(ckop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len);
95 }
96 }
97 break;
98@@ -749,11 +742,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
99 {
100 struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req;
101 if (pkc_req->type == ECDH_COMPUTE_KEY)
102- copy_to_user(ckop->crk_param[4].crp_p,
103- dh_req->z, dh_req->z_len);
104+ copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len);
105 else
106- copy_to_user(ckop->crk_param[3].crp_p,
107- dh_req->z, dh_req->z_len);
108+ copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len);
109 }
110 break;
111 case CRK_DSA_GENERATE_KEY:
112@@ -763,14 +754,14 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
113
114 if (pkc_req->type == ECC_KEYGEN) {
115 copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key,
116- key_req->pub_key_len);
117- copy_to_user(ckop->crk_param[5].crp_p,
118- key_req->priv_key, key_req->priv_key_len);
119+ key_req->pub_key_len);
120+ copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key,
121+ key_req->priv_key_len);
122 } else {
123- copy_to_user(ckop->crk_param[3].crp_p,
124- key_req->pub_key, key_req->pub_key_len);
125- copy_to_user(ckop->crk_param[4].crp_p,
126- key_req->priv_key, key_req->priv_key_len);
127+ copy_to_user(ckop->crk_param[3].crp_p, key_req->pub_key,
128+ key_req->pub_key_len);
129+ copy_to_user(ckop->crk_param[4].crp_p, key_req->priv_key,
130+ key_req->priv_key_len);
131 }
132 }
133 default:
134@@ -1113,16 +1104,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
135 if (!list_empty(&pcr->asym_completed_list)) {
136 /* Run a loop in the list for upto elements
137 and copy their response back */
138- pkc =
139- list_first_entry(&pcr->asym_completed_list,
140+ pkc = list_first_entry(&pcr->asym_completed_list,
141 struct cryptodev_pkc, list);
142 list_del(&pkc->list);
143 spin_unlock_bh(&pcr->completion_lock);
144 ret = crypto_async_fetch_asym(pkc);
145 if (!ret) {
146 cookie_list.cookie_available++;
147- cookie_list.cookie[i] =
148- pkc->kop.kop.cookie;
149+ cookie_list.cookie[i] = pkc->kop.kop.cookie;
150 cookie_list.status[i] = pkc->result.err;
151 }
152 kfree(pkc);
153@@ -1133,12 +1122,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
154 }
155
156 /* Reflect the updated request to user-space */
157- if (cookie_list.cookie_available)
158- copy_to_user(arg, &cookie_list,
159- sizeof(struct pkc_cookie_list_s));
160- else {
161+ if (cookie_list.cookie_available) {
162+ copy_to_user(arg, &cookie_list, sizeof(struct pkc_cookie_list_s));
163+ } else {
164 struct pkc_cookie_list_s *user_ck_list = (void *)arg;
165-
166 put_user(0, &(user_ck_list->cookie_available));
167 }
168 ret = cookie_list.cookie_available;
169diff --git a/main.c b/main.c
170index 6365911..af66553 100644
171--- a/main.c
172+++ b/main.c
173@@ -666,9 +666,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc)
174 if (pkc->type == SYNCHRONOUS) {
175 if (rc)
176 goto err;
177-
178- copy_to_user(cop->crk_param[3].crp_p, rsa_req->g,
179- rsa_req->g_len);
180+ copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len);
181 } else {
182 if (rc != -EINPROGRESS && rc != 0)
183 goto err;
184--
1852.3.5
186
diff --git a/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch b/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch
new file mode 100644
index 0000000..b9e9d2b
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch
@@ -0,0 +1,494 @@
1From 34e765977633b5f81845c0183af6d388d8225f00 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Mon, 23 Feb 2015 12:14:07 +0200
4Subject: [PATCH 14/15] remove redundant data copy for pkc operations
5
6This patch removes a copy of a pkc request that was
7allocated on the hot-path. The copy was not necessary
8and was just slowing things down.
9
10Change-Id: I3ad85f78c188f100ab9fc03a5777bb704a9dcb63
11Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
12Reviewed-on: http://git.am.freescale.net:8181/34223
13---
14 cryptlib.c | 49 +++----------------
15 cryptlib.h | 3 +-
16 ioctl.c | 17 +++----
17 main.c | 162 +++++++++++++++++++++++++++++++++++++------------------------
18 4 files changed, 113 insertions(+), 118 deletions(-)
19
20diff --git a/cryptlib.c b/cryptlib.c
21index 21e691b..5882a30 100644
22--- a/cryptlib.c
23+++ b/cryptlib.c
24@@ -436,59 +436,22 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output)
25
26 int cryptodev_pkc_offload(struct cryptodev_pkc *pkc)
27 {
28- int ret = 0;
29- struct pkc_request *pkc_req = &pkc->req, *pkc_requested;
30-
31- switch (pkc_req->type) {
32- case RSA_KEYGEN:
33- case RSA_PUB:
34- case RSA_PRIV_FORM1:
35- case RSA_PRIV_FORM2:
36- case RSA_PRIV_FORM3:
37- pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0);
38- break;
39- case DSA_SIGN:
40- case DSA_VERIFY:
41- case ECDSA_SIGN:
42- case ECDSA_VERIFY:
43- case DLC_KEYGEN:
44- case ECC_KEYGEN:
45- pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0);
46- break;
47- case DH_COMPUTE_KEY:
48- case ECDH_COMPUTE_KEY:
49- pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0);
50- break;
51- default:
52- return -EINVAL;
53- }
54-
55- if (IS_ERR_OR_NULL(pkc->s))
56- return -EINVAL;
57+ int ret;
58
59 init_completion(&pkc->result.completion);
60- pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL);
61-
62- if (unlikely(IS_ERR_OR_NULL(pkc_requested))) {
63- ret = -ENOMEM;
64- goto error;
65- }
66- pkc_requested->type = pkc_req->type;
67- pkc_requested->curve_type = pkc_req->curve_type;
68- memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u));
69- pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG,
70+ pkc_request_set_callback(pkc->req, CRYPTO_TFM_REQ_MAY_BACKLOG,
71 cryptodev_complete_asym, pkc);
72- ret = crypto_pkc_op(pkc_requested);
73+ ret = crypto_pkc_op(pkc->req);
74 if (ret != -EINPROGRESS && ret != 0)
75- goto error2;
76+ goto error;
77
78 if (pkc->type == SYNCHRONOUS)
79 ret = waitfor(&pkc->result, ret);
80
81 return ret;
82-error2:
83- kfree(pkc_requested);
84+
85 error:
86+ kfree(pkc->req);
87 crypto_free_pkc(pkc->s);
88 return ret;
89 }
90diff --git a/cryptlib.h b/cryptlib.h
91index 7ffa54c..4fac0c8 100644
92--- a/cryptlib.h
93+++ b/cryptlib.h
94@@ -110,8 +110,7 @@ struct cryptodev_pkc {
95 struct crypto_pkc *s; /* Transform pointer from CryptoAPI */
96 struct cryptodev_result result; /* Result to be updated by
97 completion handler */
98- struct pkc_request req; /* PKC request structure allocated
99- from CryptoAPI */
100+ struct pkc_request *req; /* PKC request allocated from CryptoAPI */
101 enum offload_type type; /* Synchronous Vs Asynchronous request */
102 /*
103 * cookie used for transfering tranparent information from async
104diff --git a/ioctl.c b/ioctl.c
105index ee0486c..797b73c 100644
106--- a/ioctl.c
107+++ b/ioctl.c
108@@ -708,26 +708,25 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
109 int ret = 0;
110 struct kernel_crypt_kop *kop = &pkc->kop;
111 struct crypt_kop *ckop = &kop->kop;
112- struct pkc_request *pkc_req = &pkc->req;
113
114 switch (ckop->crk_op) {
115 case CRK_MOD_EXP:
116 {
117- struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req;
118+ struct rsa_pub_req_s *rsa_req = &pkc->req->req_u.rsa_pub_req;
119 copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len);
120 }
121 break;
122 case CRK_MOD_EXP_CRT:
123 {
124- struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3;
125+ struct rsa_priv_frm3_req_s *rsa_req = &pkc->req->req_u.rsa_priv_f3;
126 copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len);
127 }
128 break;
129 case CRK_DSA_SIGN:
130 {
131- struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign;
132+ struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign;
133
134- if (pkc_req->type == ECDSA_SIGN) {
135+ if (pkc->req->type == ECDSA_SIGN) {
136 copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len);
137 copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len);
138 } else {
139@@ -740,8 +739,8 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
140 break;
141 case CRK_DH_COMPUTE_KEY:
142 {
143- struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req;
144- if (pkc_req->type == ECDH_COMPUTE_KEY)
145+ struct dh_key_req_s *dh_req = &pkc->req->req_u.dh_req;
146+ if (pkc->req->type == ECDH_COMPUTE_KEY)
147 copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len);
148 else
149 copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len);
150@@ -750,9 +749,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc)
151 case CRK_DSA_GENERATE_KEY:
152 case CRK_DH_GENERATE_KEY:
153 {
154- struct keygen_req_s *key_req = &pkc_req->req_u.keygen;
155+ struct keygen_req_s *key_req = &pkc->req->req_u.keygen;
156
157- if (pkc_req->type == ECC_KEYGEN) {
158+ if (pkc->req->type == ECC_KEYGEN) {
159 copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key,
160 key_req->pub_key_len);
161 copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key,
162diff --git a/main.c b/main.c
163index af66553..ed1c69a 100644
164--- a/main.c
165+++ b/main.c
166@@ -186,8 +186,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc)
167 {
168 struct kernel_crypt_kop *kop = &pkc->kop;
169 struct crypt_kop *cop = &kop->kop;
170- struct pkc_request *pkc_req = &pkc->req;
171- struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign;
172+ struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign;
173 int rc, buf_size;
174 uint8_t *buf;
175
176@@ -210,10 +209,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc)
177 if (cop->crk_iparams == 6) {
178 dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8;
179 buf_size += dsa_req->ab_len;
180- pkc_req->type = ECDSA_SIGN;
181- pkc_req->curve_type = cop->curve_type;
182- } else {
183- pkc_req->type = DSA_SIGN;
184+ pkc->req->curve_type = cop->curve_type;
185 }
186
187 buf = kmalloc(buf_size, GFP_DMA);
188@@ -269,7 +265,6 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc)
189 {
190 struct kernel_crypt_kop *kop = &pkc->kop;
191 struct crypt_kop *cop = &kop->kop;
192- struct pkc_request *pkc_req;
193 struct dsa_verify_req_s *dsa_req;
194 int rc, buf_size;
195 uint8_t *buf;
196@@ -281,8 +276,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc)
197 !cop->crk_param[7].crp_nbits))
198 return -EINVAL;
199
200- pkc_req = &pkc->req;
201- dsa_req = &pkc_req->req_u.dsa_verify;
202+ dsa_req = &pkc->req->req_u.dsa_verify;
203 dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8;
204 dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8;
205 dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8;
206@@ -295,10 +289,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc)
207 if (cop->crk_iparams == 8) {
208 dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8;
209 buf_size += dsa_req->ab_len;
210- pkc_req->type = ECDSA_VERIFY;
211- pkc_req->curve_type = cop->curve_type;
212- } else {
213- pkc_req->type = DSA_VERIFY;
214+ pkc->req->curve_type = cop->curve_type;
215 }
216
217 buf = kmalloc(buf_size, GFP_DMA);
218@@ -351,7 +342,6 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc)
219 {
220 struct kernel_crypt_kop *kop = &pkc->kop;
221 struct crypt_kop *cop = &kop->kop;
222- struct pkc_request *pkc_req;
223 struct rsa_keygen_req_s *key_req;
224 int rc, buf_size;
225 uint8_t *buf;
226@@ -362,9 +352,7 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc)
227 !cop->crk_param[6].crp_nbits)
228 return -EINVAL;
229
230- pkc_req = &pkc->req;
231- pkc_req->type = RSA_KEYGEN;
232- key_req = &pkc_req->req_u.rsa_keygen;
233+ key_req = &pkc->req->req_u.rsa_keygen;
234 key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8;
235 key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8;
236 key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8;
237@@ -427,7 +415,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
238 {
239 struct kernel_crypt_kop *kop = &pkc->kop;
240 struct crypt_kop *cop = &kop->kop;
241- struct pkc_request *pkc_req;
242 struct keygen_req_s *key_req;
243 int rc, buf_size;
244 uint8_t *buf;
245@@ -437,8 +424,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
246 !cop->crk_param[4].crp_nbits)
247 return -EINVAL;
248
249- pkc_req = &pkc->req;
250- key_req = &pkc_req->req_u.keygen;
251+ key_req = &pkc->req->req_u.keygen;
252 key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8;
253 key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8;
254 key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8;
255@@ -447,7 +433,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
256 key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
257 buf_size = key_req->q_len + key_req->r_len + key_req->g_len +
258 key_req->pub_key_len + key_req->priv_key_len;
259- pkc_req->type = DLC_KEYGEN;
260 } else {
261 key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8;
262 key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8;
263@@ -455,8 +440,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc)
264 buf_size = key_req->q_len + key_req->r_len + key_req->g_len +
265 key_req->pub_key_len + key_req->priv_key_len +
266 key_req->ab_len;
267- pkc_req->type = ECC_KEYGEN;
268- pkc_req->curve_type = cop->curve_type;
269+ pkc->req->curve_type = cop->curve_type;
270 }
271
272 buf = kmalloc(buf_size, GFP_DMA);
273@@ -508,26 +492,22 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc)
274 {
275 struct kernel_crypt_kop *kop = &pkc->kop;
276 struct crypt_kop *cop = &kop->kop;
277- struct pkc_request *pkc_req;
278 struct dh_key_req_s *dh_req;
279 int buf_size;
280 uint8_t *buf;
281 int rc = -EINVAL;
282
283- pkc_req = &pkc->req;
284- dh_req = &pkc_req->req_u.dh_req;
285+ dh_req = &pkc->req->req_u.dh_req;
286 dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8;
287 dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8;
288 dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8;
289 buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len;
290 if (cop->crk_iparams == 4) {
291- pkc_req->type = ECDH_COMPUTE_KEY;
292 dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8;
293 dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8;
294 buf_size += dh_req->ab_len;
295 } else {
296 dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8;
297- pkc_req->type = DH_COMPUTE_KEY;
298 }
299 buf_size += dh_req->z_len;
300 buf = kmalloc(buf_size, GFP_DMA);
301@@ -539,7 +519,7 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc)
302 dh_req->z = dh_req->pub_key + dh_req->pub_key_len;
303 if (cop->crk_iparams == 4) {
304 dh_req->ab = dh_req->z + dh_req->z_len;
305- pkc_req->curve_type = cop->curve_type;
306+ pkc->req->curve_type = cop->curve_type;
307 copy_from_user(dh_req->ab, cop->crk_param[3].crp_p,
308 dh_req->ab_len);
309 }
310@@ -573,7 +553,6 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc)
311 {
312 struct kernel_crypt_kop *kop = &pkc->kop;
313 struct crypt_kop *cop = &kop->kop;
314- struct pkc_request *pkc_req;
315 struct rsa_priv_frm3_req_s *rsa_req;
316 int rc;
317 uint8_t *buf;
318@@ -583,9 +562,7 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc)
319 !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits)
320 return -EINVAL;
321
322- pkc_req = &pkc->req;
323- pkc_req->type = RSA_PRIV_FORM3;
324- rsa_req = &pkc_req->req_u.rsa_priv_f3;
325+ rsa_req = &pkc->req->req_u.rsa_priv_f3;
326 rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8;
327 rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8;
328 rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8;
329@@ -632,7 +609,6 @@ err:
330
331 int crypto_bn_modexp(struct cryptodev_pkc *pkc)
332 {
333- struct pkc_request *pkc_req;
334 struct rsa_pub_req_s *rsa_req;
335 int rc;
336 struct kernel_crypt_kop *kop = &pkc->kop;
337@@ -643,9 +619,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc)
338 !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits)
339 return -EINVAL;
340
341- pkc_req = &pkc->req;
342- pkc_req->type = RSA_PUB;
343- rsa_req = &pkc_req->req_u.rsa_pub_req;
344+ rsa_req = &pkc->req->req_u.rsa_pub_req;
345 rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8;
346 rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8;
347 rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8;
348@@ -680,56 +654,116 @@ err:
349 return rc;
350 }
351
352+static struct {
353+ char *alg_name;
354+ u32 type;
355+ u32 mask;
356+} pkc_alg_list[] = {
357+ {"pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0},
358+ {"pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0},
359+ {"pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0},
360+};
361+
362 int crypto_run_asym(struct cryptodev_pkc *pkc)
363 {
364- int ret = -EINVAL;
365+ int err = -EINVAL;
366+ int id;
367 struct kernel_crypt_kop *kop = &pkc->kop;
368+ enum pkc_req_type pkc_req_type;
369+ int (*call_next_action)(struct cryptodev_pkc *pkc);
370
371 switch (kop->kop.crk_op) {
372 case CRK_MOD_EXP:
373 if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1)
374- goto err;
375-
376- ret = crypto_bn_modexp(pkc);
377+ return err;
378+ pkc_req_type = RSA_PUB;
379+ id = 0;
380+ call_next_action = crypto_bn_modexp;
381 break;
382 case CRK_MOD_EXP_CRT:
383 if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1)
384- goto err;
385-
386- ret = crypto_modexp_crt(pkc);
387+ return err;
388+ pkc_req_type = RSA_PRIV_FORM3;
389+ id = 0;
390+ call_next_action = crypto_modexp_crt;
391 break;
392 case CRK_DSA_SIGN:
393- if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) ||
394- kop->kop.crk_oparams != 2)
395- goto err;
396-
397- ret = crypto_kop_dsasign(pkc);
398+ if (kop->kop.crk_oparams != 2)
399+ return err;
400+ else if (kop->kop.crk_iparams == 5)
401+ pkc_req_type = DSA_SIGN;
402+ else if (kop->kop.crk_iparams == 6)
403+ pkc_req_type = ECDSA_SIGN;
404+ else
405+ return err;
406+ id = 1;
407+ call_next_action = crypto_kop_dsasign;
408 break;
409 case CRK_DSA_VERIFY:
410- if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) ||
411- kop->kop.crk_oparams != 0)
412- goto err;
413-
414- ret = crypto_kop_dsaverify(pkc);
415+ if (kop->kop.crk_oparams != 0)
416+ return err;
417+ else if (kop->kop.crk_iparams == 7)
418+ pkc_req_type = DSA_VERIFY;
419+ else if (kop->kop.crk_iparams == 8)
420+ pkc_req_type = ECDSA_VERIFY;
421+ else
422+ return err;
423+ id = 1;
424+ call_next_action = crypto_kop_dsaverify;
425 break;
426 case CRK_DH_COMPUTE_KEY:
427- if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) ||
428- kop->kop.crk_oparams != 1)
429- goto err;
430- ret = crypto_kop_dh_key(pkc);
431+ if (kop->kop.crk_oparams != 1)
432+ return err;
433+ else if (kop->kop.crk_iparams == 3)
434+ pkc_req_type = DH_COMPUTE_KEY;
435+ else if (kop->kop.crk_iparams == 4)
436+ pkc_req_type = ECDH_COMPUTE_KEY;
437+ else
438+ return err;
439+ id = 2;
440+ call_next_action = crypto_kop_dh_key;
441 break;
442 case CRK_DH_GENERATE_KEY:
443 case CRK_DSA_GENERATE_KEY:
444- if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4))
445- goto err;
446- ret = crypto_kop_keygen(pkc);
447+ if (kop->kop.crk_iparams == 3)
448+ pkc_req_type = DLC_KEYGEN;
449+ else if (kop->kop.crk_iparams == 4)
450+ pkc_req_type = ECC_KEYGEN;
451+ else
452+ return err;
453+ id = 1;
454+ call_next_action = crypto_kop_keygen;
455 break;
456 case CRK_RSA_GENERATE_KEY:
457- ret = crypto_kop_rsa_keygen(pkc);
458+ pkc_req_type = RSA_KEYGEN;
459+ id = 0;
460+ call_next_action = crypto_kop_rsa_keygen;
461 break;
462+ default:
463+ return err;
464 }
465-err:
466- return ret;
467+ err = -ENOMEM;
468+ pkc->s = crypto_alloc_pkc(pkc_alg_list[id].alg_name,
469+ pkc_alg_list[id].type,
470+ pkc_alg_list[id].mask);
471+ if (IS_ERR_OR_NULL(pkc->s))
472+ return err;
473+
474+ pkc->req = pkc_request_alloc(pkc->s, GFP_KERNEL);
475+ if (IS_ERR_OR_NULL(pkc->req))
476+ goto out_free_tfm;
477+
478+ /* todo - fix alloc-free on error path */
479+ pkc->req->type = pkc_req_type;
480+ err = call_next_action(pkc);
481+ if (pkc->type == SYNCHRONOUS)
482+ kfree(pkc->req);
483+
484+ return err;
485+
486+out_free_tfm:
487+ crypto_free_pkc(pkc->s);
488+ return err;
489 }
490
491 int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop)
492--
4932.3.5
494
diff --git a/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch b/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch
new file mode 100644
index 0000000..949fe12
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch
@@ -0,0 +1,40 @@
1From 8361f99c940fbe270fca2112dae3d97c9a5776d6 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Mon, 23 Feb 2015 15:28:22 +0200
4Subject: [PATCH 15/15] fix pkc request deallocation
5
6The request to be freed is actually pkc->req, and should be done inside
7the fetch ioctl for ASYNC (this patch) and in crypt ioctl for SYNC
8operations.
9
10Change-Id: I6f046f2ebeae4cb513a419996ca96b52e37468ed
11Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
12Reviewed-on: http://git.am.freescale.net:8181/34224
13---
14 ioctl.c | 3 +--
15 1 file changed, 1 insertion(+), 2 deletions(-)
16
17diff --git a/ioctl.c b/ioctl.c
18index 797b73c..da3a842 100644
19--- a/ioctl.c
20+++ b/ioctl.c
21@@ -114,8 +114,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err)
22 /* wake for POLLIN */
23 wake_up_interruptible(&pcr->user_waiter);
24 }
25-
26- kfree(req);
27 }
28
29 #define FILL_SG(sg, ptr, len) \
30@@ -1113,6 +1111,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
31 cookie_list.cookie[i] = pkc->kop.kop.cookie;
32 cookie_list.status[i] = pkc->result.err;
33 }
34+ kfree(pkc->req);
35 kfree(pkc);
36 } else {
37 spin_unlock_bh(&pcr->completion_lock);
38--
392.3.5
40
diff --git a/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch b/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch
new file mode 100644
index 0000000..cefb6dc
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch
@@ -0,0 +1,37 @@
1From 586bc4a6cd1014c57364020013062f07a8861e38 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Mon, 20 Apr 2015 13:18:47 +0300
4Subject: [PATCH] add basic detection of asym features
5
6Change-Id: I3b3ba8664bf631a63be1f11e715024509e20f841
7Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
8---
9 ioctl.c | 12 ++++++++----
10 1 file changed, 8 insertions(+), 4 deletions(-)
11
12diff --git a/ioctl.c b/ioctl.c
13index da3a842..53dbf64 100644
14--- a/ioctl.c
15+++ b/ioctl.c
16@@ -977,10 +977,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
17
18 switch (cmd) {
19 case CIOCASYMFEAT:
20- return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN |
21- CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY |
22- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY |
23- CRF_RSA_GENERATE_KEY, p);
24+ ses = 0;
25+ if (crypto_has_alg("pkc(rsa)", 0, 0))
26+ ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_RSA_GENERATE_KEY;
27+ if (crypto_has_alg("pkc(dsa)", 0, 0))
28+ ses |= CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DSA_GENERATE_KEY;
29+ if (crypto_has_alg("pkc(dh)", 0, 0))
30+ ses |= CRF_DH_COMPUTE_KEY |CRF_DH_GENERATE_KEY;
31+ return put_user(ses, p);
32 case CRIOGET:
33 fd = clonefd(filp);
34 ret = put_user(fd, p);
35--
362.3.5
37
diff --git a/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch b/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch
new file mode 100644
index 0000000..b3c36b3
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch
@@ -0,0 +1,67 @@
1From 0ca641091b4113d73e75d30ef530c88836849308 Mon Sep 17 00:00:00 2001
2From: Tudor Ambarus <tudor.ambarus@freescale.com>
3Date: Fri, 29 May 2015 15:28:47 +0300
4Subject: [PATCH 17/20] remove dead code
5
6Functions kop_to_user and compat_kop_to_user are never used. Delete them
7to avoid compiler warnings.
8
9
10crypto/../../cryptodev-linux/ioctl.c:841:12: warning: 'kop_to_user' defined but not used [-Wunused-function]
11 static int kop_to_user(struct kernel_crypt_kop *kop,
12 ^
13crypto/../../cryptodev-linux/ioctl.c: At top level:
14crypto/../../cryptodev-linux/ioctl.c:1195:12: warning: 'compat_kop_to_user' defined but not used [-Wunused-function]
15 static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg)
16 ^
17Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
18Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
19Change-Id: I6bd8a7eb6144224a20cd400813ab15a7a192dbb1
20Reviewed-on: http://git.am.freescale.net:8181/37440
21---
22 ioctl.c | 22 ----------------------
23 1 file changed, 22 deletions(-)
24
25diff --git a/ioctl.c b/ioctl.c
26index 53dbf64..39635a4 100644
27--- a/ioctl.c
28+++ b/ioctl.c
29@@ -838,16 +838,6 @@ static int kop_from_user(struct kernel_crypt_kop *kop,
30 return fill_kop_from_cop(kop);
31 }
32
33-static int kop_to_user(struct kernel_crypt_kop *kop,
34- void __user *arg)
35-{
36- if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) {
37- dprintk(1, KERN_ERR, "Cannot copy to userspace\n");
38- return -EFAULT;
39- }
40- return 0;
41-}
42-
43 static int kcop_from_user(struct kernel_crypt_op *kcop,
44 struct fcrypt *fcr, void __user *arg)
45 {
46@@ -1192,18 +1182,6 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop,
47 compat->curve_type = kop->curve_type;
48 }
49
50-static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg)
51-{
52- struct compat_crypt_kop compat_kop;
53-
54- crypt_kop_to_compat(&kop->kop, &compat_kop);
55- if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) {
56- dprintk(1, KERN_ERR, "Cannot copy to userspace\n");
57- return -EFAULT;
58- }
59- return 0;
60-}
61-
62 static inline void
63 compat_to_session_op(struct compat_session_op *compat, struct session_op *sop)
64 {
65--
662.3.5
67
diff --git a/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch b/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch
new file mode 100644
index 0000000..bf93f5b
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch
@@ -0,0 +1,64 @@
1From 596378a22532908487f2c5e4d717c5ae618c4c7d Mon Sep 17 00:00:00 2001
2From: Tudor Ambarus <tudor.ambarus@freescale.com>
3Date: Tue, 2 Jun 2015 10:44:12 +0300
4Subject: [PATCH 18/20] fix compat warnings
5
6 CC [M] crypto/../../cryptodev-linux/ioctl.o
7crypto/../../cryptodev-linux/ioctl.c: In function 'compat_to_crypt_kop':
8crypto/../../cryptodev-linux/ioctl.c:1161:14: warning: assignment makes pointer from integer without a cast
9 kop->cookie = compat->cookie;
10 ^
11crypto/../../cryptodev-linux/ioctl.c: In function 'crypt_kop_to_compat':
12crypto/../../cryptodev-linux/ioctl.c:1191:17: warning: assignment makes integer from pointer without a cast
13 compat->cookie = kop->cookie;
14 ^
15crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl':
16crypto/../../cryptodev-linux/ioctl.c:1430:28: warning: assignment makes integer from pointer without a cast
17 cookie_list.cookie[i] =
18 ^
19
20Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
21Change-Id: Id851408c0c743c01447f3b0ced38fbc1ae94d4db
22Reviewed-on: http://git.am.freescale.net:8181/37442
23Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
24Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
25---
26 ioctl.c | 8 ++++----
27 1 file changed, 4 insertions(+), 4 deletions(-)
28
29diff --git a/ioctl.c b/ioctl.c
30index 39635a4..f3ce2f6 100644
31--- a/ioctl.c
32+++ b/ioctl.c
33@@ -1148,7 +1148,7 @@ static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat,
34 }
35
36 kop->curve_type = compat->curve_type;
37- kop->cookie = compat->cookie;
38+ kop->cookie = compat_ptr(compat->cookie);
39 }
40
41 static int compat_kop_from_user(struct kernel_crypt_kop *kop,
42@@ -1178,7 +1178,7 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop,
43 ptr_to_compat(kop->crk_param[i].crp_p);
44 compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits;
45 }
46- compat->cookie = kop->cookie;
47+ compat->cookie = ptr_to_compat(kop->cookie);
48 compat->curve_type = kop->curve_type;
49 }
50
51@@ -1405,8 +1405,8 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
52 ret = crypto_async_fetch_asym(pkc);
53 if (!ret) {
54 cookie_list.cookie_available++;
55- cookie_list.cookie[i] =
56- pkc->kop.kop.cookie;
57+ cookie_list.cookie[i] = ptr_to_compat(
58+ pkc->kop.kop.cookie);
59 }
60 kfree(pkc);
61 } else {
62--
632.3.5
64
diff --git a/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch b/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch
new file mode 100644
index 0000000..a71cff4
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch
@@ -0,0 +1,61 @@
1From 1d10f06bef0f07980a08b387850c1daf1d3a8e87 Mon Sep 17 00:00:00 2001
2From: Tudor Ambarus <tudor.ambarus@freescale.com>
3Date: Tue, 2 Jun 2015 12:11:12 +0300
4Subject: [PATCH 19/20] fix size_t print format
5
6 CC [M] crypto/../../cryptodev-linux/cryptlib.o
7crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_cipher_init':
8crypto/../../cryptodev-linux/cryptlib.c:146:5: warning: format '%u' expects argument of type 'unsigned int', but argument 6 has type 'size_t' [-Wformat=]
9 ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.",
10 ^
11crypto/../../cryptodev-linux/cryptlib.c:173:3: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=]
12 ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8);
13 ^
14crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_hash_init':
15crypto/../../cryptodev-linux/cryptlib.c:340:4: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=]
16 ddebug(1, "Setting hmac key failed for %s-%u.",
17 ^
18
19Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
20Change-Id: I67f2d79f68b4d62b598073c6a918a110523fadfd
21Reviewed-on: http://git.am.freescale.net:8181/37443
22Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
23Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
24---
25 cryptlib.c | 6 +++---
26 1 file changed, 3 insertions(+), 3 deletions(-)
27
28diff --git a/cryptlib.c b/cryptlib.c
29index 5882a30..10f5e1a 100644
30--- a/cryptlib.c
31+++ b/cryptlib.c
32@@ -143,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
33 if (alg->max_keysize > 0 &&
34 unlikely((keylen < alg->min_keysize) ||
35 (keylen > alg->max_keysize))) {
36- ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.",
37+ ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.",
38 keylen, alg_name, alg->min_keysize, alg->max_keysize);
39 ret = -EINVAL;
40 goto error;
41@@ -170,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name,
42 }
43
44 if (unlikely(ret)) {
45- ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8);
46+ ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8);
47 ret = -EINVAL;
48 goto error;
49 }
50@@ -337,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name,
51 if (hmac_mode != 0) {
52 ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen);
53 if (unlikely(ret)) {
54- ddebug(1, "Setting hmac key failed for %s-%u.",
55+ ddebug(1, "Setting hmac key failed for %s-%zu.",
56 alg_name, mackeylen*8);
57 ret = -EINVAL;
58 goto error;
59--
602.3.5
61
diff --git a/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch b/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch
new file mode 100644
index 0000000..a97a2d4
--- /dev/null
+++ b/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch
@@ -0,0 +1,38 @@
1From be9f6a0dc90847dbb00307d23f47b8b3fc3ff130 Mon Sep 17 00:00:00 2001
2From: Tudor Ambarus <tudor.ambarus@freescale.com>
3Date: Fri, 29 May 2015 15:49:22 +0300
4Subject: [PATCH 20/20] fix uninitialized variable compiler warning
5
6crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl':
7crypto/../../cryptodev-linux/ioctl.c:1445:2: warning: 'ret' may be used uninitialized in this function [-Wmaybe-uninitialized]
8 return ret;
9 ^
10
11Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
12Change-Id: Id5226fc97a3bb880ca6db86df58957122bbaa428
13Reviewed-on: http://git.am.freescale.net:8181/37441
14Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
15Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
16---
17 ioctl.c | 3 ++-
18 1 file changed, 2 insertions(+), 1 deletion(-)
19
20diff --git a/ioctl.c b/ioctl.c
21index f3ce2f6..7cd3c56 100644
22--- a/ioctl.c
23+++ b/ioctl.c
24@@ -1387,9 +1387,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_)
25 case COMPAT_CIOCASYMFETCHCOOKIE:
26 {
27 struct cryptodev_pkc *pkc;
28- int i = 0;
29+ int i;
30 struct compat_pkc_cookie_list_s cookie_list;
31
32+ ret = 0;
33 cookie_list.cookie_available = 0;
34
35 for (i = 0; i < MAX_COOKIES; i++) {
36--
372.3.5
38
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-07 01:49:07 +0000