diff options
Diffstat (limited to 'recipes-kernel/cryptodev/sdk_patches')
43 files changed, 5861 insertions, 0 deletions
diff --git a/recipes-kernel/cryptodev/sdk_patches/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch b/recipes-kernel/cryptodev/sdk_patches/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch new file mode 100644 index 0000000..b8d2a00 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch | |||
@@ -0,0 +1,52 @@ | |||
1 | From 25a68839e3aab5acebcbe51f7fbe9d2d26216bc0 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Thu, 29 Aug 2013 16:52:30 +0300 | ||
4 | Subject: [PATCH 01/38] add support for composite TLS10(SHA1,AES) algorithm | ||
5 | offload | ||
6 | |||
7 | This adds support for composite algorithm offload as a primitive | ||
8 | crypto (cipher + hmac) operation. | ||
9 | |||
10 | It requires kernel support for tls10(hmac(sha1),cbc(aes)) algorithm | ||
11 | provided either in software or accelerated by hardware such as | ||
12 | Freescale B*, P* and T* platforms. | ||
13 | |||
14 | Change-Id: Ia1c605da3860e91e681295dfc8df7c09eb4006cf | ||
15 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
16 | Reviewed-on: http://git.am.freescale.net:8181/17218 | ||
17 | --- | ||
18 | crypto/cryptodev.h | 1 + | ||
19 | ioctl.c | 5 +++++ | ||
20 | 2 files changed, 6 insertions(+) | ||
21 | |||
22 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
23 | index 7fb9c7d..c0e8cd4 100644 | ||
24 | --- a/crypto/cryptodev.h | ||
25 | +++ b/crypto/cryptodev.h | ||
26 | @@ -50,6 +50,7 @@ enum cryptodev_crypto_op_t { | ||
27 | CRYPTO_SHA2_384, | ||
28 | CRYPTO_SHA2_512, | ||
29 | CRYPTO_SHA2_224_HMAC, | ||
30 | + CRYPTO_TLS10_AES_CBC_HMAC_SHA1, | ||
31 | CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ | ||
32 | }; | ||
33 | |||
34 | diff --git a/ioctl.c b/ioctl.c | ||
35 | index b23f5fd..a3f8379 100644 | ||
36 | --- a/ioctl.c | ||
37 | +++ b/ioctl.c | ||
38 | @@ -159,6 +159,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
39 | stream = 1; | ||
40 | aead = 1; | ||
41 | break; | ||
42 | + case CRYPTO_TLS10_AES_CBC_HMAC_SHA1: | ||
43 | + alg_name = "tls10(hmac(sha1),cbc(aes))"; | ||
44 | + stream = 0; | ||
45 | + aead = 1; | ||
46 | + break; | ||
47 | case CRYPTO_NULL: | ||
48 | alg_name = "ecb(cipher_null)"; | ||
49 | stream = 1; | ||
50 | -- | ||
51 | 2.7.0 | ||
52 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch b/recipes-kernel/cryptodev/sdk_patches/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch new file mode 100644 index 0000000..d83da97 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch | |||
@@ -0,0 +1,207 @@ | |||
1 | From d9f27d08708556e22e1b1dc87b0495896879ca66 Mon Sep 17 00:00:00 2001 | ||
2 | From: Horia Geanta <horia.geanta@freescale.com> | ||
3 | Date: Wed, 4 Dec 2013 15:43:41 +0200 | ||
4 | Subject: [PATCH 02/38] add support for COMPAT_CIOCAUTHCRYPT ioctl() | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Needed for 64b kernel with 32b user space. | ||
9 | |||
10 | Change-Id: I44a999a4164e7ae7122dee6ed0716b2f25cadbc1 | ||
11 | Signed-off-by: Horia Geanta <horia.geanta@freescale.com> | ||
12 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
13 | --- | ||
14 | authenc.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ | ||
15 | cryptodev_int.h | 40 +++++++++++++++++++++++++++++ | ||
16 | ioctl.c | 16 ++++++++++++ | ||
17 | 3 files changed, 134 insertions(+) | ||
18 | |||
19 | diff --git a/authenc.c b/authenc.c | ||
20 | index 1bd7377..ef0d3db 100644 | ||
21 | --- a/authenc.c | ||
22 | +++ b/authenc.c | ||
23 | @@ -272,6 +272,84 @@ static int fill_caop_from_kcaop(struct kernel_crypt_auth_op *kcaop, struct fcryp | ||
24 | return 0; | ||
25 | } | ||
26 | |||
27 | +/* compatibility code for 32bit userlands */ | ||
28 | +#ifdef CONFIG_COMPAT | ||
29 | + | ||
30 | +static inline void | ||
31 | +compat_to_crypt_auth_op(struct compat_crypt_auth_op *compat, | ||
32 | + struct crypt_auth_op *caop) | ||
33 | +{ | ||
34 | + caop->ses = compat->ses; | ||
35 | + caop->op = compat->op; | ||
36 | + caop->flags = compat->flags; | ||
37 | + caop->len = compat->len; | ||
38 | + caop->auth_len = compat->auth_len; | ||
39 | + caop->tag_len = compat->tag_len; | ||
40 | + caop->iv_len = compat->iv_len; | ||
41 | + | ||
42 | + caop->auth_src = compat_ptr(compat->auth_src); | ||
43 | + caop->src = compat_ptr(compat->src); | ||
44 | + caop->dst = compat_ptr(compat->dst); | ||
45 | + caop->tag = compat_ptr(compat->tag); | ||
46 | + caop->iv = compat_ptr(compat->iv); | ||
47 | +} | ||
48 | + | ||
49 | +static inline void | ||
50 | +crypt_auth_op_to_compat(struct crypt_auth_op *caop, | ||
51 | + struct compat_crypt_auth_op *compat) | ||
52 | +{ | ||
53 | + compat->ses = caop->ses; | ||
54 | + compat->op = caop->op; | ||
55 | + compat->flags = caop->flags; | ||
56 | + compat->len = caop->len; | ||
57 | + compat->auth_len = caop->auth_len; | ||
58 | + compat->tag_len = caop->tag_len; | ||
59 | + compat->iv_len = caop->iv_len; | ||
60 | + | ||
61 | + compat->auth_src = ptr_to_compat(caop->auth_src); | ||
62 | + compat->src = ptr_to_compat(caop->src); | ||
63 | + compat->dst = ptr_to_compat(caop->dst); | ||
64 | + compat->tag = ptr_to_compat(caop->tag); | ||
65 | + compat->iv = ptr_to_compat(caop->iv); | ||
66 | +} | ||
67 | + | ||
68 | +int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop, | ||
69 | + struct fcrypt *fcr, void __user *arg) | ||
70 | +{ | ||
71 | + struct compat_crypt_auth_op compat_caop; | ||
72 | + | ||
73 | + if (unlikely(copy_from_user(&compat_caop, arg, sizeof(compat_caop)))) { | ||
74 | + dprintk(1, KERN_ERR, "Error in copying from userspace\n"); | ||
75 | + return -EFAULT; | ||
76 | + } | ||
77 | + | ||
78 | + compat_to_crypt_auth_op(&compat_caop, &kcaop->caop); | ||
79 | + | ||
80 | + return fill_kcaop_from_caop(kcaop, fcr); | ||
81 | +} | ||
82 | + | ||
83 | +int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop, | ||
84 | + struct fcrypt *fcr, void __user *arg) | ||
85 | +{ | ||
86 | + int ret; | ||
87 | + struct compat_crypt_auth_op compat_caop; | ||
88 | + | ||
89 | + ret = fill_caop_from_kcaop(kcaop, fcr); | ||
90 | + if (unlikely(ret)) { | ||
91 | + dprintk(1, KERN_ERR, "fill_caop_from_kcaop\n"); | ||
92 | + return ret; | ||
93 | + } | ||
94 | + | ||
95 | + crypt_auth_op_to_compat(&kcaop->caop, &compat_caop); | ||
96 | + | ||
97 | + if (unlikely(copy_to_user(arg, &compat_caop, sizeof(compat_caop)))) { | ||
98 | + dprintk(1, KERN_ERR, "Error in copying to userspace\n"); | ||
99 | + return -EFAULT; | ||
100 | + } | ||
101 | + return 0; | ||
102 | +} | ||
103 | + | ||
104 | +#endif /* CONFIG_COMPAT */ | ||
105 | |||
106 | int kcaop_from_user(struct kernel_crypt_auth_op *kcaop, | ||
107 | struct fcrypt *fcr, void __user *arg) | ||
108 | diff --git a/cryptodev_int.h b/cryptodev_int.h | ||
109 | index d7660fa..8e687e7 100644 | ||
110 | --- a/cryptodev_int.h | ||
111 | +++ b/cryptodev_int.h | ||
112 | @@ -73,11 +73,42 @@ struct compat_crypt_op { | ||
113 | compat_uptr_t iv;/* initialization vector for encryption operations */ | ||
114 | }; | ||
115 | |||
116 | + /* input of CIOCAUTHCRYPT */ | ||
117 | +struct compat_crypt_auth_op { | ||
118 | + uint32_t ses; /* session identifier */ | ||
119 | + uint16_t op; /* COP_ENCRYPT or COP_DECRYPT */ | ||
120 | + uint16_t flags; /* see COP_FLAG_AEAD_* */ | ||
121 | + uint32_t len; /* length of source data */ | ||
122 | + uint32_t auth_len; /* length of auth data */ | ||
123 | + compat_uptr_t auth_src; /* authenticated-only data */ | ||
124 | + | ||
125 | + /* The current implementation is more efficient if data are | ||
126 | + * encrypted in-place (src==dst). */ | ||
127 | + compat_uptr_t src; /* data to be encrypted and | ||
128 | + authenticated */ | ||
129 | + compat_uptr_t dst; /* pointer to output data. Must have | ||
130 | + * space for tag. For TLS this should be | ||
131 | + * at least len + tag_size + block_size | ||
132 | + * for padding */ | ||
133 | + | ||
134 | + compat_uptr_t tag; /* where the tag will be copied to. TLS | ||
135 | + * mode doesn't use that as tag is | ||
136 | + * copied to dst. | ||
137 | + * SRTP mode copies tag there. */ | ||
138 | + uint32_t tag_len; /* the length of the tag. Use zero for | ||
139 | + * digest size or max tag. */ | ||
140 | + | ||
141 | + /* initialization vector for encryption operations */ | ||
142 | + compat_uptr_t iv; | ||
143 | + uint32_t iv_len; | ||
144 | +}; | ||
145 | + | ||
146 | /* compat ioctls, defined for the above structs */ | ||
147 | #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) | ||
148 | #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) | ||
149 | #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) | ||
150 | #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) | ||
151 | +#define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) | ||
152 | |||
153 | #endif /* CONFIG_COMPAT */ | ||
154 | |||
155 | @@ -108,6 +139,15 @@ struct kernel_crypt_auth_op { | ||
156 | |||
157 | /* auth */ | ||
158 | |||
159 | +#ifdef CONFIG_COMPAT | ||
160 | +int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop, | ||
161 | + struct fcrypt *fcr, void __user *arg); | ||
162 | + | ||
163 | +int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop, | ||
164 | + struct fcrypt *fcr, void __user *arg); | ||
165 | +#endif /* CONFIG_COMPAT */ | ||
166 | + | ||
167 | + | ||
168 | int kcaop_from_user(struct kernel_crypt_auth_op *kcop, | ||
169 | struct fcrypt *fcr, void __user *arg); | ||
170 | int kcaop_to_user(struct kernel_crypt_auth_op *kcaop, | ||
171 | diff --git a/ioctl.c b/ioctl.c | ||
172 | index a3f8379..5a44807 100644 | ||
173 | --- a/ioctl.c | ||
174 | +++ b/ioctl.c | ||
175 | @@ -998,6 +998,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
176 | struct session_op sop; | ||
177 | struct compat_session_op compat_sop; | ||
178 | struct kernel_crypt_op kcop; | ||
179 | + struct kernel_crypt_auth_op kcaop; | ||
180 | int ret; | ||
181 | |||
182 | if (unlikely(!pcr)) | ||
183 | @@ -1040,6 +1041,21 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
184 | return ret; | ||
185 | |||
186 | return compat_kcop_to_user(&kcop, fcr, arg); | ||
187 | + | ||
188 | + case COMPAT_CIOCAUTHCRYPT: | ||
189 | + if (unlikely(ret = compat_kcaop_from_user(&kcaop, fcr, arg))) { | ||
190 | + dprintk(1, KERN_WARNING, "Error copying from user\n"); | ||
191 | + return ret; | ||
192 | + } | ||
193 | + | ||
194 | + ret = crypto_auth_run(fcr, &kcaop); | ||
195 | + if (unlikely(ret)) { | ||
196 | + dprintk(1, KERN_WARNING, "Error in crypto_auth_run\n"); | ||
197 | + return ret; | ||
198 | + } | ||
199 | + | ||
200 | + return compat_kcaop_to_user(&kcaop, fcr, arg); | ||
201 | + | ||
202 | #ifdef ENABLE_ASYNC | ||
203 | case COMPAT_CIOCASYNCCRYPT: | ||
204 | if (unlikely(ret = compat_kcop_from_user(&kcop, fcr, arg))) | ||
205 | -- | ||
206 | 2.7.0 | ||
207 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0003-PKC-support-added-in-cryptodev-module.patch b/recipes-kernel/cryptodev/sdk_patches/0003-PKC-support-added-in-cryptodev-module.patch new file mode 100644 index 0000000..ffa0b45 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0003-PKC-support-added-in-cryptodev-module.patch | |||
@@ -0,0 +1,898 @@ | |||
1 | From 2bda43095b511e0052b3bc27b216ff9909cc03d2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Fri, 7 Mar 2014 06:16:09 +0545 | ||
4 | Subject: [PATCH 03/38] PKC support added in cryptodev module | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | cryptlib.c | 66 +++++++++- | ||
11 | cryptlib.h | 28 ++++ | ||
12 | crypto/cryptodev.h | 15 ++- | ||
13 | cryptodev_int.h | 20 ++- | ||
14 | ioctl.c | 196 +++++++++++++++++++++++++-- | ||
15 | main.c | 378 +++++++++++++++++++++++++++++++++++++++++++++++++++++ | ||
16 | 6 files changed, 685 insertions(+), 18 deletions(-) | ||
17 | |||
18 | diff --git a/cryptlib.c b/cryptlib.c | ||
19 | index 44ce763..6900028 100644 | ||
20 | --- a/cryptlib.c | ||
21 | +++ b/cryptlib.c | ||
22 | @@ -5,6 +5,8 @@ | ||
23 | * Portions Copyright (c) 2010 Michael Weiser | ||
24 | * Portions Copyright (c) 2010 Phil Sutter | ||
25 | * | ||
26 | + * Copyright 2012 Freescale Semiconductor, Inc. | ||
27 | + * | ||
28 | * This file is part of linux cryptodev. | ||
29 | * | ||
30 | * This program is free software; you can redistribute it and/or | ||
31 | @@ -39,11 +41,6 @@ | ||
32 | #include "cryptodev_int.h" | ||
33 | |||
34 | |||
35 | -struct cryptodev_result { | ||
36 | - struct completion completion; | ||
37 | - int err; | ||
38 | -}; | ||
39 | - | ||
40 | static void cryptodev_complete(struct crypto_async_request *req, int err) | ||
41 | { | ||
42 | struct cryptodev_result *res = req->data; | ||
43 | @@ -259,7 +256,6 @@ static inline int waitfor(struct cryptodev_result *cr, ssize_t ret) | ||
44 | case 0: | ||
45 | break; | ||
46 | case -EINPROGRESS: | ||
47 | - case -EBUSY: | ||
48 | wait_for_completion(&cr->completion); | ||
49 | /* At this point we known for sure the request has finished, | ||
50 | * because wait_for_completion above was not interruptible. | ||
51 | @@ -439,3 +435,61 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) | ||
52 | return waitfor(hdata->async.result, ret); | ||
53 | } | ||
54 | |||
55 | +int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
56 | +{ | ||
57 | + int ret = 0; | ||
58 | + struct pkc_request *pkc_req = &pkc->req, *pkc_requested; | ||
59 | + | ||
60 | + switch (pkc_req->type) { | ||
61 | + case RSA_PUB: | ||
62 | + case RSA_PRIV_FORM1: | ||
63 | + case RSA_PRIV_FORM2: | ||
64 | + case RSA_PRIV_FORM3: | ||
65 | + pkc->s = crypto_alloc_pkc("pkc(rsa)", | ||
66 | + CRYPTO_ALG_TYPE_PKC_RSA, 0); | ||
67 | + break; | ||
68 | + case DSA_SIGN: | ||
69 | + case DSA_VERIFY: | ||
70 | + case ECDSA_SIGN: | ||
71 | + case ECDSA_VERIFY: | ||
72 | + pkc->s = crypto_alloc_pkc("pkc(dsa)", | ||
73 | + CRYPTO_ALG_TYPE_PKC_DSA, 0); | ||
74 | + break; | ||
75 | + case DH_COMPUTE_KEY: | ||
76 | + case ECDH_COMPUTE_KEY: | ||
77 | + pkc->s = crypto_alloc_pkc("pkc(dh)", | ||
78 | + CRYPTO_ALG_TYPE_PKC_DH, 0); | ||
79 | + break; | ||
80 | + default: | ||
81 | + return -EINVAL; | ||
82 | + } | ||
83 | + | ||
84 | + if (IS_ERR_OR_NULL(pkc->s)) | ||
85 | + return -EINVAL; | ||
86 | + | ||
87 | + init_completion(&pkc->result.completion); | ||
88 | + pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL); | ||
89 | + | ||
90 | + if (unlikely(IS_ERR_OR_NULL(pkc_requested))) { | ||
91 | + ret = -ENOMEM; | ||
92 | + goto error; | ||
93 | + } | ||
94 | + pkc_requested->type = pkc_req->type; | ||
95 | + pkc_requested->curve_type = pkc_req->curve_type; | ||
96 | + memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u)); | ||
97 | + pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG, | ||
98 | + cryptodev_complete_asym, pkc); | ||
99 | + ret = crypto_pkc_op(pkc_requested); | ||
100 | + if (ret != -EINPROGRESS && ret != 0) | ||
101 | + goto error2; | ||
102 | + | ||
103 | + if (pkc->type == SYNCHRONOUS) | ||
104 | + ret = waitfor(&pkc->result, ret); | ||
105 | + | ||
106 | + return ret; | ||
107 | +error2: | ||
108 | + kfree(pkc_requested); | ||
109 | +error: | ||
110 | + crypto_free_pkc(pkc->s); | ||
111 | + return ret; | ||
112 | +} | ||
113 | diff --git a/cryptlib.h b/cryptlib.h | ||
114 | index a0a8a63..56d325a 100644 | ||
115 | --- a/cryptlib.h | ||
116 | +++ b/cryptlib.h | ||
117 | @@ -1,3 +1,6 @@ | ||
118 | +/* | ||
119 | + * Copyright 2012 Freescale Semiconductor, Inc. | ||
120 | + */ | ||
121 | #ifndef CRYPTLIB_H | ||
122 | # define CRYPTLIB_H | ||
123 | |||
124 | @@ -89,5 +92,30 @@ void cryptodev_hash_deinit(struct hash_data *hdata); | ||
125 | int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, | ||
126 | int hmac_mode, void *mackey, size_t mackeylen); | ||
127 | |||
128 | +/* Operation Type */ | ||
129 | +enum offload_type { | ||
130 | + SYNCHRONOUS, | ||
131 | + ASYNCHRONOUS | ||
132 | +}; | ||
133 | + | ||
134 | +struct cryptodev_result { | ||
135 | + struct completion completion; | ||
136 | + int err; | ||
137 | +}; | ||
138 | + | ||
139 | +struct cryptodev_pkc { | ||
140 | + struct list_head list; /* To maintain the Jobs in completed | ||
141 | + cryptodev lists */ | ||
142 | + struct kernel_crypt_kop kop; | ||
143 | + struct crypto_pkc *s; /* Transform pointer from CryptoAPI */ | ||
144 | + struct cryptodev_result result; /* Result to be updated by | ||
145 | + completion handler */ | ||
146 | + struct pkc_request req; /* PKC request structure allocated | ||
147 | + from CryptoAPI */ | ||
148 | + enum offload_type type; /* Synchronous Vs Asynchronous request */ | ||
149 | + void *cookie; /*Additional opaque cookie to be used in future */ | ||
150 | + struct crypt_priv *priv; | ||
151 | +}; | ||
152 | |||
153 | +int cryptodev_pkc_offload(struct cryptodev_pkc *); | ||
154 | #endif | ||
155 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
156 | index c0e8cd4..96675fe 100644 | ||
157 | --- a/crypto/cryptodev.h | ||
158 | +++ b/crypto/cryptodev.h | ||
159 | @@ -1,6 +1,10 @@ | ||
160 | -/* This is a source compatible implementation with the original API of | ||
161 | +/* | ||
162 | + * Copyright 2012 Freescale Semiconductor, Inc. | ||
163 | + * | ||
164 | + * This is a source compatible implementation with the original API of | ||
165 | * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h. | ||
166 | - * Placed under public domain */ | ||
167 | + * Placed under public domain | ||
168 | + */ | ||
169 | |||
170 | #ifndef L_CRYPTODEV_H | ||
171 | #define L_CRYPTODEV_H | ||
172 | @@ -245,6 +249,9 @@ struct crypt_kop { | ||
173 | __u16 crk_oparams; | ||
174 | __u32 crk_pad1; | ||
175 | struct crparam crk_param[CRK_MAXPARAM]; | ||
176 | + enum curve_t curve_type; /* 0 == Discrete Log, | ||
177 | + 1 = EC_PRIME, 2 = EC_BINARY */ | ||
178 | + void *cookie; | ||
179 | }; | ||
180 | |||
181 | enum cryptodev_crk_op_t { | ||
182 | @@ -289,5 +296,7 @@ enum cryptodev_crk_op_t { | ||
183 | */ | ||
184 | #define CIOCASYNCCRYPT _IOW('c', 110, struct crypt_op) | ||
185 | #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) | ||
186 | - | ||
187 | +/* additional ioctls for asynchronous operation for asymmetric ciphers*/ | ||
188 | +#define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop) | ||
189 | +#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop) | ||
190 | #endif /* L_CRYPTODEV_H */ | ||
191 | diff --git a/cryptodev_int.h b/cryptodev_int.h | ||
192 | index 8e687e7..fdbcc61 100644 | ||
193 | --- a/cryptodev_int.h | ||
194 | +++ b/cryptodev_int.h | ||
195 | @@ -1,4 +1,6 @@ | ||
196 | -/* cipher stuff */ | ||
197 | +/* cipher stuff | ||
198 | + * Copyright 2012 Freescale Semiconductor, Inc. | ||
199 | + */ | ||
200 | #ifndef CRYPTODEV_INT_H | ||
201 | # define CRYPTODEV_INT_H | ||
202 | |||
203 | @@ -112,6 +114,14 @@ struct compat_crypt_auth_op { | ||
204 | |||
205 | #endif /* CONFIG_COMPAT */ | ||
206 | |||
207 | +/* kernel-internal extension to struct crypt_kop */ | ||
208 | +struct kernel_crypt_kop { | ||
209 | + struct crypt_kop kop; | ||
210 | + | ||
211 | + struct task_struct *task; | ||
212 | + struct mm_struct *mm; | ||
213 | +}; | ||
214 | + | ||
215 | /* kernel-internal extension to struct crypt_op */ | ||
216 | struct kernel_crypt_op { | ||
217 | struct crypt_op cop; | ||
218 | @@ -157,6 +167,14 @@ int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop); | ||
219 | |||
220 | #include <cryptlib.h> | ||
221 | |||
222 | +/* Cryptodev Key operation handler */ | ||
223 | +int crypto_bn_modexp(struct cryptodev_pkc *); | ||
224 | +int crypto_modexp_crt(struct cryptodev_pkc *); | ||
225 | +int crypto_kop_dsasign(struct cryptodev_pkc *); | ||
226 | +int crypto_kop_dsaverify(struct cryptodev_pkc *); | ||
227 | +int crypto_run_asym(struct cryptodev_pkc *); | ||
228 | +void cryptodev_complete_asym(struct crypto_async_request *, int); | ||
229 | + | ||
230 | /* other internal structs */ | ||
231 | struct csession { | ||
232 | struct list_head entry; | ||
233 | diff --git a/ioctl.c b/ioctl.c | ||
234 | index 5a44807..69980e3 100644 | ||
235 | --- a/ioctl.c | ||
236 | +++ b/ioctl.c | ||
237 | @@ -4,6 +4,7 @@ | ||
238 | * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs | ||
239 | * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||
240 | * Copyright (c) 2010 Phil Sutter | ||
241 | + * Copyright 2012 Freescale Semiconductor, Inc. | ||
242 | * | ||
243 | * This file is part of linux cryptodev. | ||
244 | * | ||
245 | @@ -89,8 +90,37 @@ struct crypt_priv { | ||
246 | int itemcount; | ||
247 | struct work_struct cryptask; | ||
248 | wait_queue_head_t user_waiter; | ||
249 | + /* List of pending cryptodev_pkc asym requests */ | ||
250 | + struct list_head asym_completed_list; | ||
251 | + /* For addition/removal of entry in pending list of asymmetric request*/ | ||
252 | + spinlock_t completion_lock; | ||
253 | }; | ||
254 | |||
255 | +/* Asymmetric request Completion handler */ | ||
256 | +void cryptodev_complete_asym(struct crypto_async_request *req, int err) | ||
257 | +{ | ||
258 | + struct cryptodev_pkc *pkc = req->data; | ||
259 | + struct cryptodev_result *res = &pkc->result; | ||
260 | + | ||
261 | + crypto_free_pkc(pkc->s); | ||
262 | + res->err = err; | ||
263 | + if (pkc->type == SYNCHRONOUS) { | ||
264 | + if (err == -EINPROGRESS) | ||
265 | + return; | ||
266 | + complete(&res->completion); | ||
267 | + } else { | ||
268 | + struct crypt_priv *pcr = pkc->priv; | ||
269 | + unsigned long flags; | ||
270 | + spin_lock_irqsave(&pcr->completion_lock, flags); | ||
271 | + list_add_tail(&pkc->list, &pcr->asym_completed_list); | ||
272 | + spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
273 | + /* wake for POLLIN */ | ||
274 | + wake_up_interruptible(&pcr->user_waiter); | ||
275 | + } | ||
276 | + | ||
277 | + kfree(req); | ||
278 | +} | ||
279 | + | ||
280 | #define FILL_SG(sg, ptr, len) \ | ||
281 | do { \ | ||
282 | (sg)->page = virt_to_page(ptr); \ | ||
283 | @@ -472,7 +502,8 @@ cryptodev_open(struct inode *inode, struct file *filp) | ||
284 | INIT_LIST_HEAD(&pcr->free.list); | ||
285 | INIT_LIST_HEAD(&pcr->todo.list); | ||
286 | INIT_LIST_HEAD(&pcr->done.list); | ||
287 | - | ||
288 | + INIT_LIST_HEAD(&pcr->asym_completed_list); | ||
289 | + spin_lock_init(&pcr->completion_lock); | ||
290 | INIT_WORK(&pcr->cryptask, cryptask_routine); | ||
291 | |||
292 | init_waitqueue_head(&pcr->user_waiter); | ||
293 | @@ -639,6 +670,79 @@ static int crypto_async_fetch(struct crypt_priv *pcr, | ||
294 | } | ||
295 | #endif | ||
296 | |||
297 | +/* get the first asym cipher completed job from the "done" queue | ||
298 | + * | ||
299 | + * returns: | ||
300 | + * -EBUSY if no completed jobs are ready (yet) | ||
301 | + * the return value otherwise */ | ||
302 | +static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
303 | +{ | ||
304 | + int ret = 0; | ||
305 | + struct kernel_crypt_kop *kop = &pkc->kop; | ||
306 | + struct crypt_kop *ckop = &kop->kop; | ||
307 | + struct pkc_request *pkc_req = &pkc->req; | ||
308 | + | ||
309 | + switch (ckop->crk_op) { | ||
310 | + case CRK_MOD_EXP: | ||
311 | + { | ||
312 | + struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; | ||
313 | + copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, | ||
314 | + rsa_req->g_len); | ||
315 | + } | ||
316 | + break; | ||
317 | + case CRK_MOD_EXP_CRT: | ||
318 | + { | ||
319 | + struct rsa_priv_frm3_req_s *rsa_req = | ||
320 | + &pkc_req->req_u.rsa_priv_f3; | ||
321 | + copy_to_user(ckop->crk_param[6].crp_p, | ||
322 | + rsa_req->f, rsa_req->f_len); | ||
323 | + } | ||
324 | + break; | ||
325 | + case CRK_DSA_SIGN: | ||
326 | + { | ||
327 | + struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; | ||
328 | + | ||
329 | + if (pkc_req->type == ECDSA_SIGN) { | ||
330 | + copy_to_user(ckop->crk_param[6].crp_p, | ||
331 | + dsa_req->c, dsa_req->d_len); | ||
332 | + copy_to_user(ckop->crk_param[7].crp_p, | ||
333 | + dsa_req->d, dsa_req->d_len); | ||
334 | + } else { | ||
335 | + copy_to_user(ckop->crk_param[5].crp_p, | ||
336 | + dsa_req->c, dsa_req->d_len); | ||
337 | + copy_to_user(ckop->crk_param[6].crp_p, | ||
338 | + dsa_req->d, dsa_req->d_len); | ||
339 | + } | ||
340 | + } | ||
341 | + break; | ||
342 | + case CRK_DSA_VERIFY: | ||
343 | + break; | ||
344 | + case CRK_DH_COMPUTE_KEY: | ||
345 | + { | ||
346 | + struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; | ||
347 | + if (pkc_req->type == ECDH_COMPUTE_KEY) | ||
348 | + copy_to_user(ckop->crk_param[4].crp_p, | ||
349 | + dh_req->z, dh_req->z_len); | ||
350 | + else | ||
351 | + copy_to_user(ckop->crk_param[3].crp_p, | ||
352 | + dh_req->z, dh_req->z_len); | ||
353 | + } | ||
354 | + break; | ||
355 | + default: | ||
356 | + ret = -EINVAL; | ||
357 | + } | ||
358 | + kfree(pkc->cookie); | ||
359 | + return ret; | ||
360 | +} | ||
361 | + | ||
362 | +/* this function has to be called from process context */ | ||
363 | +static int fill_kop_from_cop(struct kernel_crypt_kop *kop) | ||
364 | +{ | ||
365 | + kop->task = current; | ||
366 | + kop->mm = current->mm; | ||
367 | + return 0; | ||
368 | +} | ||
369 | + | ||
370 | /* this function has to be called from process context */ | ||
371 | static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) | ||
372 | { | ||
373 | @@ -662,11 +766,8 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) | ||
374 | |||
375 | if (cop->iv) { | ||
376 | rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen); | ||
377 | - if (unlikely(rc)) { | ||
378 | - derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p", | ||
379 | - kcop->ivlen, rc, cop->iv); | ||
380 | + if (unlikely(rc)) | ||
381 | return -EFAULT; | ||
382 | - } | ||
383 | } | ||
384 | |||
385 | return 0; | ||
386 | @@ -692,6 +793,25 @@ static int fill_cop_from_kcop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) | ||
387 | return 0; | ||
388 | } | ||
389 | |||
390 | +static int kop_from_user(struct kernel_crypt_kop *kop, | ||
391 | + void __user *arg) | ||
392 | +{ | ||
393 | + if (unlikely(copy_from_user(&kop->kop, arg, sizeof(kop->kop)))) | ||
394 | + return -EFAULT; | ||
395 | + | ||
396 | + return fill_kop_from_cop(kop); | ||
397 | +} | ||
398 | + | ||
399 | +static int kop_to_user(struct kernel_crypt_kop *kop, | ||
400 | + void __user *arg) | ||
401 | +{ | ||
402 | + if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) { | ||
403 | + dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); | ||
404 | + return -EFAULT; | ||
405 | + } | ||
406 | + return 0; | ||
407 | +} | ||
408 | + | ||
409 | static int kcop_from_user(struct kernel_crypt_op *kcop, | ||
410 | struct fcrypt *fcr, void __user *arg) | ||
411 | { | ||
412 | @@ -821,7 +941,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
413 | |||
414 | switch (cmd) { | ||
415 | case CIOCASYMFEAT: | ||
416 | - return put_user(0, p); | ||
417 | + return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | | ||
418 | + CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p); | ||
419 | case CRIOGET: | ||
420 | fd = clonefd(filp); | ||
421 | ret = put_user(fd, p); | ||
422 | @@ -857,6 +978,24 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
423 | if (unlikely(ret)) | ||
424 | return ret; | ||
425 | return copy_to_user(arg, &siop, sizeof(siop)); | ||
426 | + case CIOCKEY: | ||
427 | + { | ||
428 | + struct cryptodev_pkc *pkc = | ||
429 | + kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); | ||
430 | + | ||
431 | + if (!pkc) | ||
432 | + return -ENOMEM; | ||
433 | + | ||
434 | + ret = kop_from_user(&pkc->kop, arg); | ||
435 | + if (unlikely(ret)) { | ||
436 | + kfree(pkc); | ||
437 | + return ret; | ||
438 | + } | ||
439 | + pkc->type = SYNCHRONOUS; | ||
440 | + ret = crypto_run_asym(pkc); | ||
441 | + kfree(pkc); | ||
442 | + } | ||
443 | + return ret; | ||
444 | case CIOCCRYPT: | ||
445 | if (unlikely(ret = kcop_from_user(&kcop, fcr, arg))) { | ||
446 | dwarning(1, "Error copying from user"); | ||
447 | @@ -895,6 +1034,45 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
448 | |||
449 | return kcop_to_user(&kcop, fcr, arg); | ||
450 | #endif | ||
451 | + case CIOCASYMASYNCRYPT: | ||
452 | + { | ||
453 | + struct cryptodev_pkc *pkc = | ||
454 | + kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); | ||
455 | + ret = kop_from_user(&pkc->kop, arg); | ||
456 | + | ||
457 | + if (unlikely(ret)) | ||
458 | + return -EINVAL; | ||
459 | + | ||
460 | + /* Store associated FD priv data with asymmetric request */ | ||
461 | + pkc->priv = pcr; | ||
462 | + pkc->type = ASYNCHRONOUS; | ||
463 | + ret = crypto_run_asym(pkc); | ||
464 | + if (ret == -EINPROGRESS) | ||
465 | + ret = 0; | ||
466 | + } | ||
467 | + return ret; | ||
468 | + case CIOCASYMASYNFETCH: | ||
469 | + { | ||
470 | + struct cryptodev_pkc *pkc; | ||
471 | + unsigned long flags; | ||
472 | + | ||
473 | + spin_lock_irqsave(&pcr->completion_lock, flags); | ||
474 | + if (list_empty(&pcr->asym_completed_list)) { | ||
475 | + spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
476 | + return -ENOMEM; | ||
477 | + } | ||
478 | + pkc = list_first_entry(&pcr->asym_completed_list, | ||
479 | + struct cryptodev_pkc, list); | ||
480 | + list_del(&pkc->list); | ||
481 | + spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
482 | + ret = crypto_async_fetch_asym(pkc); | ||
483 | + | ||
484 | + /* Reflect the updated request to user-space */ | ||
485 | + if (!ret) | ||
486 | + kop_to_user(&pkc->kop, arg); | ||
487 | + kfree(pkc); | ||
488 | + } | ||
489 | + return ret; | ||
490 | default: | ||
491 | return -EINVAL; | ||
492 | } | ||
493 | @@ -1083,9 +1261,11 @@ static unsigned int cryptodev_poll(struct file *file, poll_table *wait) | ||
494 | |||
495 | poll_wait(file, &pcr->user_waiter, wait); | ||
496 | |||
497 | - if (!list_empty_careful(&pcr->done.list)) | ||
498 | + if (!list_empty_careful(&pcr->done.list) || | ||
499 | + !list_empty_careful(&pcr->asym_completed_list)) | ||
500 | ret |= POLLIN | POLLRDNORM; | ||
501 | - if (!list_empty_careful(&pcr->free.list) || pcr->itemcount < MAX_COP_RINGSIZE) | ||
502 | + if (!list_empty_careful(&pcr->free.list) || | ||
503 | + pcr->itemcount < MAX_COP_RINGSIZE) | ||
504 | ret |= POLLOUT | POLLWRNORM; | ||
505 | |||
506 | return ret; | ||
507 | diff --git a/main.c b/main.c | ||
508 | index 57e5c38..0b7951e 100644 | ||
509 | --- a/main.c | ||
510 | +++ b/main.c | ||
511 | @@ -181,6 +181,384 @@ __crypto_run_zc(struct csession *ses_ptr, struct kernel_crypt_op *kcop) | ||
512 | return ret; | ||
513 | } | ||
514 | |||
515 | +int crypto_kop_dsasign(struct cryptodev_pkc *pkc) | ||
516 | +{ | ||
517 | + struct kernel_crypt_kop *kop = &pkc->kop; | ||
518 | + struct crypt_kop *cop = &kop->kop; | ||
519 | + struct pkc_request *pkc_req = &pkc->req; | ||
520 | + struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; | ||
521 | + int rc, buf_size; | ||
522 | + uint8_t *buf; | ||
523 | + | ||
524 | + if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || | ||
525 | + !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || | ||
526 | + !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || | ||
527 | + !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 6 && | ||
528 | + !cop->crk_param[7].crp_nbits)) | ||
529 | + return -EINVAL; | ||
530 | + | ||
531 | + dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
532 | + dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
533 | + dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
534 | + dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
535 | + dsa_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
536 | + dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8; | ||
537 | + buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len + | ||
538 | + dsa_req->g_len + dsa_req->priv_key_len + dsa_req->d_len + | ||
539 | + dsa_req->d_len; | ||
540 | + if (cop->crk_iparams == 6) { | ||
541 | + dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; | ||
542 | + buf_size += dsa_req->ab_len; | ||
543 | + pkc_req->type = ECDSA_SIGN; | ||
544 | + pkc_req->curve_type = cop->curve_type; | ||
545 | + } else { | ||
546 | + pkc_req->type = DSA_SIGN; | ||
547 | + } | ||
548 | + | ||
549 | + buf = kzalloc(buf_size, GFP_DMA); | ||
550 | + | ||
551 | + dsa_req->q = buf; | ||
552 | + dsa_req->r = dsa_req->q + dsa_req->q_len; | ||
553 | + dsa_req->g = dsa_req->r + dsa_req->r_len; | ||
554 | + dsa_req->priv_key = dsa_req->g + dsa_req->g_len; | ||
555 | + dsa_req->m = dsa_req->priv_key + dsa_req->priv_key_len; | ||
556 | + dsa_req->c = dsa_req->m + dsa_req->m_len; | ||
557 | + dsa_req->d = dsa_req->c + dsa_req->d_len; | ||
558 | + copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); | ||
559 | + copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); | ||
560 | + copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); | ||
561 | + copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); | ||
562 | + copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p, | ||
563 | + dsa_req->priv_key_len); | ||
564 | + if (cop->crk_iparams == 6) { | ||
565 | + dsa_req->ab = dsa_req->d + dsa_req->d_len; | ||
566 | + copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, | ||
567 | + dsa_req->ab_len); | ||
568 | + } | ||
569 | + rc = cryptodev_pkc_offload(pkc); | ||
570 | + if (pkc->type == SYNCHRONOUS) { | ||
571 | + if (rc) | ||
572 | + goto err; | ||
573 | + if (cop->crk_iparams == 6) { | ||
574 | + copy_to_user(cop->crk_param[6].crp_p, dsa_req->c, | ||
575 | + dsa_req->d_len); | ||
576 | + copy_to_user(cop->crk_param[7].crp_p, dsa_req->d, | ||
577 | + dsa_req->d_len); | ||
578 | + } else { | ||
579 | + copy_to_user(cop->crk_param[5].crp_p, dsa_req->c, | ||
580 | + dsa_req->d_len); | ||
581 | + copy_to_user(cop->crk_param[6].crp_p, dsa_req->d, | ||
582 | + dsa_req->d_len); | ||
583 | + } | ||
584 | + } else { | ||
585 | + if (rc != -EINPROGRESS && rc != 0) | ||
586 | + goto err; | ||
587 | + | ||
588 | + pkc->cookie = buf; | ||
589 | + return rc; | ||
590 | + } | ||
591 | +err: | ||
592 | + kfree(buf); | ||
593 | + return rc; | ||
594 | +} | ||
595 | + | ||
596 | +int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) | ||
597 | +{ | ||
598 | + struct kernel_crypt_kop *kop = &pkc->kop; | ||
599 | + struct crypt_kop *cop = &kop->kop; | ||
600 | + struct pkc_request *pkc_req; | ||
601 | + struct dsa_verify_req_s *dsa_req; | ||
602 | + int rc, buf_size; | ||
603 | + uint8_t *buf; | ||
604 | + | ||
605 | + if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || | ||
606 | + !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || | ||
607 | + !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || | ||
608 | + !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 8 && | ||
609 | + !cop->crk_param[7].crp_nbits)) | ||
610 | + return -EINVAL; | ||
611 | + | ||
612 | + pkc_req = &pkc->req; | ||
613 | + dsa_req = &pkc_req->req_u.dsa_verify; | ||
614 | + dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
615 | + dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
616 | + dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
617 | + dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
618 | + dsa_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
619 | + dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8; | ||
620 | + buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len + | ||
621 | + dsa_req->g_len + dsa_req->pub_key_len + dsa_req->d_len + | ||
622 | + dsa_req->d_len; | ||
623 | + if (cop->crk_iparams == 8) { | ||
624 | + dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; | ||
625 | + buf_size += dsa_req->ab_len; | ||
626 | + pkc_req->type = ECDSA_VERIFY; | ||
627 | + pkc_req->curve_type = cop->curve_type; | ||
628 | + } else { | ||
629 | + pkc_req->type = DSA_VERIFY; | ||
630 | + } | ||
631 | + | ||
632 | + buf = kzalloc(buf_size, GFP_DMA); | ||
633 | + | ||
634 | + dsa_req->q = buf; | ||
635 | + dsa_req->r = dsa_req->q + dsa_req->q_len; | ||
636 | + dsa_req->g = dsa_req->r + dsa_req->r_len; | ||
637 | + dsa_req->pub_key = dsa_req->g + dsa_req->g_len; | ||
638 | + dsa_req->m = dsa_req->pub_key + dsa_req->pub_key_len; | ||
639 | + dsa_req->c = dsa_req->m + dsa_req->m_len; | ||
640 | + dsa_req->d = dsa_req->c + dsa_req->d_len; | ||
641 | + copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); | ||
642 | + copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); | ||
643 | + copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); | ||
644 | + copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); | ||
645 | + copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p, | ||
646 | + dsa_req->pub_key_len); | ||
647 | + if (cop->crk_iparams == 8) { | ||
648 | + dsa_req->ab = dsa_req->d + dsa_req->d_len; | ||
649 | + copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, | ||
650 | + dsa_req->ab_len); | ||
651 | + copy_from_user(dsa_req->c, cop->crk_param[6].crp_p, | ||
652 | + dsa_req->d_len); | ||
653 | + copy_from_user(dsa_req->d, cop->crk_param[7].crp_p, | ||
654 | + dsa_req->d_len); | ||
655 | + } else { | ||
656 | + copy_from_user(dsa_req->c, cop->crk_param[5].crp_p, | ||
657 | + dsa_req->d_len); | ||
658 | + copy_from_user(dsa_req->d, cop->crk_param[6].crp_p, | ||
659 | + dsa_req->d_len); | ||
660 | + } | ||
661 | + rc = cryptodev_pkc_offload(pkc); | ||
662 | + if (pkc->type == SYNCHRONOUS) { | ||
663 | + if (rc) | ||
664 | + goto err; | ||
665 | + } else { | ||
666 | + if (rc != -EINPROGRESS && !rc) | ||
667 | + goto err; | ||
668 | + pkc->cookie = buf; | ||
669 | + return rc; | ||
670 | + } | ||
671 | +err: | ||
672 | + kfree(buf); | ||
673 | + return rc; | ||
674 | +} | ||
675 | + | ||
676 | +int crypto_kop_dh_key(struct cryptodev_pkc *pkc) | ||
677 | +{ | ||
678 | + struct kernel_crypt_kop *kop = &pkc->kop; | ||
679 | + struct crypt_kop *cop = &kop->kop; | ||
680 | + struct pkc_request *pkc_req; | ||
681 | + struct dh_key_req_s *dh_req; | ||
682 | + int buf_size; | ||
683 | + uint8_t *buf; | ||
684 | + int rc = -EINVAL; | ||
685 | + | ||
686 | + pkc_req = &pkc->req; | ||
687 | + dh_req = &pkc_req->req_u.dh_req; | ||
688 | + dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
689 | + dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
690 | + dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
691 | + buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len; | ||
692 | + if (cop->crk_iparams == 4) { | ||
693 | + pkc_req->type = ECDH_COMPUTE_KEY; | ||
694 | + dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
695 | + dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
696 | + buf_size += dh_req->ab_len; | ||
697 | + } else { | ||
698 | + dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
699 | + pkc_req->type = DH_COMPUTE_KEY; | ||
700 | + } | ||
701 | + buf_size += dh_req->z_len; | ||
702 | + buf = kzalloc(buf_size, GFP_DMA); | ||
703 | + dh_req->q = buf; | ||
704 | + dh_req->s = dh_req->q + dh_req->q_len; | ||
705 | + dh_req->pub_key = dh_req->s + dh_req->s_len; | ||
706 | + dh_req->z = dh_req->pub_key + dh_req->pub_key_len; | ||
707 | + if (cop->crk_iparams == 4) { | ||
708 | + dh_req->ab = dh_req->z + dh_req->z_len; | ||
709 | + pkc_req->curve_type = cop->curve_type; | ||
710 | + copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, | ||
711 | + dh_req->ab_len); | ||
712 | + } | ||
713 | + copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len); | ||
714 | + copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p, | ||
715 | + dh_req->pub_key_len); | ||
716 | + copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len); | ||
717 | + rc = cryptodev_pkc_offload(pkc); | ||
718 | + if (pkc->type == SYNCHRONOUS) { | ||
719 | + if (rc) | ||
720 | + goto err; | ||
721 | + if (cop->crk_iparams == 4) | ||
722 | + copy_to_user(cop->crk_param[4].crp_p, dh_req->z, | ||
723 | + dh_req->z_len); | ||
724 | + else | ||
725 | + copy_to_user(cop->crk_param[3].crp_p, dh_req->z, | ||
726 | + dh_req->z_len); | ||
727 | + } else { | ||
728 | + if (rc != -EINPROGRESS && rc != 0) | ||
729 | + goto err; | ||
730 | + | ||
731 | + pkc->cookie = buf; | ||
732 | + return rc; | ||
733 | + } | ||
734 | +err: | ||
735 | + kfree(buf); | ||
736 | + return rc; | ||
737 | +} | ||
738 | + | ||
739 | +int crypto_modexp_crt(struct cryptodev_pkc *pkc) | ||
740 | +{ | ||
741 | + struct kernel_crypt_kop *kop = &pkc->kop; | ||
742 | + struct crypt_kop *cop = &kop->kop; | ||
743 | + struct pkc_request *pkc_req; | ||
744 | + struct rsa_priv_frm3_req_s *rsa_req; | ||
745 | + int rc; | ||
746 | + uint8_t *buf; | ||
747 | + | ||
748 | + if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || | ||
749 | + !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || | ||
750 | + !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits) | ||
751 | + return -EINVAL; | ||
752 | + | ||
753 | + pkc_req = &pkc->req; | ||
754 | + pkc_req->type = RSA_PRIV_FORM3; | ||
755 | + rsa_req = &pkc_req->req_u.rsa_priv_f3; | ||
756 | + rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
757 | + rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
758 | + rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
759 | + rsa_req->dp_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
760 | + rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
761 | + rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8; | ||
762 | + rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8; | ||
763 | + buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + | ||
764 | + rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len + | ||
765 | + rsa_req->g_len, GFP_DMA); | ||
766 | + rsa_req->p = buf; | ||
767 | + rsa_req->q = rsa_req->p + rsa_req->p_len; | ||
768 | + rsa_req->g = rsa_req->q + rsa_req->q_len; | ||
769 | + rsa_req->dp = rsa_req->g + rsa_req->g_len; | ||
770 | + rsa_req->dq = rsa_req->dp + rsa_req->dp_len; | ||
771 | + rsa_req->c = rsa_req->dq + rsa_req->dq_len; | ||
772 | + rsa_req->f = rsa_req->c + rsa_req->c_len; | ||
773 | + copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len); | ||
774 | + copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len); | ||
775 | + copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len); | ||
776 | + copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len); | ||
777 | + copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len); | ||
778 | + copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len); | ||
779 | + rc = cryptodev_pkc_offload(pkc); | ||
780 | + | ||
781 | + if (pkc->type == SYNCHRONOUS) { | ||
782 | + if (rc) | ||
783 | + goto err; | ||
784 | + copy_to_user(cop->crk_param[6].crp_p, rsa_req->f, | ||
785 | + rsa_req->f_len); | ||
786 | + } else { | ||
787 | + if (rc != -EINPROGRESS && rc != 0) | ||
788 | + goto err; | ||
789 | + | ||
790 | + pkc->cookie = buf; | ||
791 | + return rc; | ||
792 | + } | ||
793 | +err: | ||
794 | + kfree(buf); | ||
795 | + return rc; | ||
796 | +} | ||
797 | + | ||
798 | +int crypto_bn_modexp(struct cryptodev_pkc *pkc) | ||
799 | +{ | ||
800 | + struct pkc_request *pkc_req; | ||
801 | + struct rsa_pub_req_s *rsa_req; | ||
802 | + int rc; | ||
803 | + struct kernel_crypt_kop *kop = &pkc->kop; | ||
804 | + struct crypt_kop *cop = &kop->kop; | ||
805 | + uint8_t *buf; | ||
806 | + | ||
807 | + if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || | ||
808 | + !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits) | ||
809 | + return -EINVAL; | ||
810 | + | ||
811 | + pkc_req = &pkc->req; | ||
812 | + pkc_req->type = RSA_PUB; | ||
813 | + rsa_req = &pkc_req->req_u.rsa_pub_req; | ||
814 | + rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
815 | + rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
816 | + rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
817 | + rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
818 | + buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len | ||
819 | + + rsa_req->g_len, GFP_DMA); | ||
820 | + if (!buf) | ||
821 | + return -ENOMEM; | ||
822 | + | ||
823 | + rsa_req->e = buf; | ||
824 | + rsa_req->f = rsa_req->e + rsa_req->e_len; | ||
825 | + rsa_req->g = rsa_req->f + rsa_req->f_len; | ||
826 | + rsa_req->n = rsa_req->g + rsa_req->g_len; | ||
827 | + copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len); | ||
828 | + copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len); | ||
829 | + copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len); | ||
830 | + rc = cryptodev_pkc_offload(pkc); | ||
831 | + if (pkc->type == SYNCHRONOUS) { | ||
832 | + if (rc) | ||
833 | + goto err; | ||
834 | + | ||
835 | + copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, | ||
836 | + rsa_req->g_len); | ||
837 | + } else { | ||
838 | + if (rc != -EINPROGRESS && rc != 0) | ||
839 | + goto err; | ||
840 | + | ||
841 | + /* This one will be freed later in fetch handler */ | ||
842 | + pkc->cookie = buf; | ||
843 | + return rc; | ||
844 | + } | ||
845 | +err: | ||
846 | + kfree(buf); | ||
847 | + return rc; | ||
848 | +} | ||
849 | + | ||
850 | +int crypto_run_asym(struct cryptodev_pkc *pkc) | ||
851 | +{ | ||
852 | + int ret = -EINVAL; | ||
853 | + struct kernel_crypt_kop *kop = &pkc->kop; | ||
854 | + | ||
855 | + switch (kop->kop.crk_op) { | ||
856 | + case CRK_MOD_EXP: | ||
857 | + if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1) | ||
858 | + goto err; | ||
859 | + | ||
860 | + ret = crypto_bn_modexp(pkc); | ||
861 | + break; | ||
862 | + case CRK_MOD_EXP_CRT: | ||
863 | + if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1) | ||
864 | + goto err; | ||
865 | + | ||
866 | + ret = crypto_modexp_crt(pkc); | ||
867 | + break; | ||
868 | + case CRK_DSA_SIGN: | ||
869 | + if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) || | ||
870 | + kop->kop.crk_oparams != 2) | ||
871 | + goto err; | ||
872 | + | ||
873 | + ret = crypto_kop_dsasign(pkc); | ||
874 | + break; | ||
875 | + case CRK_DSA_VERIFY: | ||
876 | + if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) || | ||
877 | + kop->kop.crk_oparams != 0) | ||
878 | + goto err; | ||
879 | + | ||
880 | + ret = crypto_kop_dsaverify(pkc); | ||
881 | + break; | ||
882 | + case CRK_DH_COMPUTE_KEY: | ||
883 | + if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) || | ||
884 | + kop->kop.crk_oparams != 1) | ||
885 | + goto err; | ||
886 | + ret = crypto_kop_dh_key(pkc); | ||
887 | + break; | ||
888 | + } | ||
889 | +err: | ||
890 | + return ret; | ||
891 | +} | ||
892 | + | ||
893 | int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop) | ||
894 | { | ||
895 | struct csession *ses_ptr; | ||
896 | -- | ||
897 | 2.7.0 | ||
898 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0004-Compat-versions-of-PKC-IOCTLs.patch b/recipes-kernel/cryptodev/sdk_patches/0004-Compat-versions-of-PKC-IOCTLs.patch new file mode 100644 index 0000000..e963f58 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0004-Compat-versions-of-PKC-IOCTLs.patch | |||
@@ -0,0 +1,200 @@ | |||
1 | From e0e5c1bfb21888bf9f87f72ac8cdf7eee951f619 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Fri, 7 Mar 2014 06:52:13 +0545 | ||
4 | Subject: [PATCH 04/38] Compat versions of PKC IOCTLs | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | cryptodev_int.h | 20 ++++++++++ | ||
11 | ioctl.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ | ||
12 | 2 files changed, 140 insertions(+) | ||
13 | |||
14 | diff --git a/cryptodev_int.h b/cryptodev_int.h | ||
15 | index fdbcc61..cf54dac 100644 | ||
16 | --- a/cryptodev_int.h | ||
17 | +++ b/cryptodev_int.h | ||
18 | @@ -75,6 +75,24 @@ struct compat_crypt_op { | ||
19 | compat_uptr_t iv;/* initialization vector for encryption operations */ | ||
20 | }; | ||
21 | |||
22 | +/* input of CIOCKEY */ | ||
23 | +struct compat_crparam { | ||
24 | + compat_uptr_t crp_p; | ||
25 | + uint32_t crp_nbits; | ||
26 | +}; | ||
27 | + | ||
28 | +struct compat_crypt_kop { | ||
29 | + uint32_t crk_op; /* cryptodev_crk_ot_t */ | ||
30 | + uint32_t crk_status; | ||
31 | + uint16_t crk_iparams; | ||
32 | + uint16_t crk_oparams; | ||
33 | + uint32_t crk_pad1; | ||
34 | + struct compat_crparam crk_param[CRK_MAXPARAM]; | ||
35 | + enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, | ||
36 | + 2 = EC_BINARY */ | ||
37 | + compat_uptr_t cookie; | ||
38 | +}; | ||
39 | + | ||
40 | /* input of CIOCAUTHCRYPT */ | ||
41 | struct compat_crypt_auth_op { | ||
42 | uint32_t ses; /* session identifier */ | ||
43 | @@ -111,6 +129,8 @@ struct compat_crypt_auth_op { | ||
44 | #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) | ||
45 | #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) | ||
46 | #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) | ||
47 | +#define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop) | ||
48 | +#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop) | ||
49 | |||
50 | #endif /* CONFIG_COMPAT */ | ||
51 | |||
52 | diff --git a/ioctl.c b/ioctl.c | ||
53 | index 69980e3..9431025 100644 | ||
54 | --- a/ioctl.c | ||
55 | +++ b/ioctl.c | ||
56 | @@ -1081,6 +1081,68 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
57 | /* compatibility code for 32bit userlands */ | ||
58 | #ifdef CONFIG_COMPAT | ||
59 | |||
60 | +static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat, | ||
61 | + struct crypt_kop *kop) | ||
62 | +{ | ||
63 | + int i; | ||
64 | + kop->crk_op = compat->crk_op; | ||
65 | + kop->crk_status = compat->crk_status; | ||
66 | + kop->crk_iparams = compat->crk_iparams; | ||
67 | + kop->crk_oparams = compat->crk_oparams; | ||
68 | + | ||
69 | + for (i = 0; i < CRK_MAXPARAM; i++) { | ||
70 | + kop->crk_param[i].crp_p = | ||
71 | + compat_ptr(compat->crk_param[i].crp_p); | ||
72 | + kop->crk_param[i].crp_nbits = compat->crk_param[i].crp_nbits; | ||
73 | + } | ||
74 | + | ||
75 | + kop->curve_type = compat->curve_type; | ||
76 | + kop->cookie = compat->cookie; | ||
77 | +} | ||
78 | + | ||
79 | +static int compat_kop_from_user(struct kernel_crypt_kop *kop, | ||
80 | + void __user *arg) | ||
81 | +{ | ||
82 | + struct compat_crypt_kop compat_kop; | ||
83 | + | ||
84 | + if (unlikely(copy_from_user(&compat_kop, arg, sizeof(compat_kop)))) | ||
85 | + return -EFAULT; | ||
86 | + | ||
87 | + compat_to_crypt_kop(&compat_kop, &kop->kop); | ||
88 | + return fill_kop_from_cop(kop); | ||
89 | +} | ||
90 | + | ||
91 | +static inline void crypt_kop_to_compat(struct crypt_kop *kop, | ||
92 | + struct compat_crypt_kop *compat) | ||
93 | +{ | ||
94 | + int i; | ||
95 | + | ||
96 | + compat->crk_op = kop->crk_op; | ||
97 | + compat->crk_status = kop->crk_status; | ||
98 | + compat->crk_iparams = kop->crk_iparams; | ||
99 | + compat->crk_oparams = kop->crk_oparams; | ||
100 | + | ||
101 | + for (i = 0; i < CRK_MAXPARAM; i++) { | ||
102 | + compat->crk_param[i].crp_p = | ||
103 | + ptr_to_compat(kop->crk_param[i].crp_p); | ||
104 | + compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits; | ||
105 | + } | ||
106 | + compat->cookie = kop->cookie; | ||
107 | + compat->curve_type = kop->curve_type; | ||
108 | +} | ||
109 | + | ||
110 | +static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) | ||
111 | +{ | ||
112 | + struct compat_crypt_kop compat_kop; | ||
113 | + | ||
114 | + crypt_kop_to_compat(&kop->kop, &compat_kop); | ||
115 | + if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) { | ||
116 | + dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); | ||
117 | + return -EFAULT; | ||
118 | + } | ||
119 | + return 0; | ||
120 | +} | ||
121 | + | ||
122 | static inline void | ||
123 | compat_to_session_op(struct compat_session_op *compat, struct session_op *sop) | ||
124 | { | ||
125 | @@ -1208,7 +1270,26 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
126 | return -EFAULT; | ||
127 | } | ||
128 | return ret; | ||
129 | + case COMPAT_CIOCKEY: | ||
130 | + { | ||
131 | + struct cryptodev_pkc *pkc = | ||
132 | + kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); | ||
133 | + | ||
134 | + if (!pkc) | ||
135 | + return -ENOMEM; | ||
136 | + | ||
137 | + ret = compat_kop_from_user(&pkc->kop, arg); | ||
138 | + | ||
139 | + if (unlikely(ret)) { | ||
140 | + kfree(pkc); | ||
141 | + return ret; | ||
142 | + } | ||
143 | |||
144 | + pkc->type = SYNCHRONOUS; | ||
145 | + ret = crypto_run_asym(pkc); | ||
146 | + kfree(pkc); | ||
147 | + } | ||
148 | + return ret; | ||
149 | case COMPAT_CIOCCRYPT: | ||
150 | ret = compat_kcop_from_user(&kcop, fcr, arg); | ||
151 | if (unlikely(ret)) | ||
152 | @@ -1247,6 +1328,45 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
153 | |||
154 | return compat_kcop_to_user(&kcop, fcr, arg); | ||
155 | #endif | ||
156 | + case COMPAT_CIOCASYMASYNCRYPT: | ||
157 | + { | ||
158 | + struct cryptodev_pkc *pkc = | ||
159 | + kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); | ||
160 | + | ||
161 | + ret = compat_kop_from_user(&pkc->kop, arg); | ||
162 | + if (unlikely(ret)) | ||
163 | + return -EINVAL; | ||
164 | + | ||
165 | + /* Store associated FD priv data with asymmetric request */ | ||
166 | + pkc->priv = pcr; | ||
167 | + pkc->type = ASYNCHRONOUS; | ||
168 | + ret = crypto_run_asym(pkc); | ||
169 | + if (ret == -EINPROGRESS) | ||
170 | + ret = 0; | ||
171 | + } | ||
172 | + return ret; | ||
173 | + case COMPAT_CIOCASYMASYNFETCH: | ||
174 | + { | ||
175 | + struct cryptodev_pkc *pkc; | ||
176 | + unsigned long flags; | ||
177 | + | ||
178 | + spin_lock_irqsave(&pcr->completion_lock, flags); | ||
179 | + if (list_empty(&pcr->asym_completed_list)) { | ||
180 | + spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
181 | + return -ENOMEM; | ||
182 | + } | ||
183 | + pkc = list_first_entry(&pcr->asym_completed_list, | ||
184 | + struct cryptodev_pkc, list); | ||
185 | + list_del(&pkc->list); | ||
186 | + spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
187 | + ret = crypto_async_fetch_asym(pkc); | ||
188 | + | ||
189 | + /* Reflect the updated request to user-space */ | ||
190 | + if (!ret) | ||
191 | + compat_kop_to_user(&pkc->kop, arg); | ||
192 | + kfree(pkc); | ||
193 | + } | ||
194 | + return ret; | ||
195 | default: | ||
196 | return -EINVAL; | ||
197 | } | ||
198 | -- | ||
199 | 2.7.0 | ||
200 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0005-Asynchronous-interface-changes-in-cryptodev.patch b/recipes-kernel/cryptodev/sdk_patches/0005-Asynchronous-interface-changes-in-cryptodev.patch new file mode 100644 index 0000000..5b96e84 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0005-Asynchronous-interface-changes-in-cryptodev.patch | |||
@@ -0,0 +1,213 @@ | |||
1 | From d98f979d76c30058da24e62220f19c5b8c627819 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Fri, 7 Mar 2014 07:24:00 +0545 | ||
4 | Subject: [PATCH 05/38] Asynchronous interface changes in cryptodev | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | cryptlib.h | 7 ++++- | ||
11 | crypto/cryptodev.h | 10 ++++++- | ||
12 | cryptodev_int.h | 10 ++++++- | ||
13 | ioctl.c | 76 +++++++++++++++++++++++++++++++++++++----------------- | ||
14 | 4 files changed, 76 insertions(+), 27 deletions(-) | ||
15 | |||
16 | diff --git a/cryptlib.h b/cryptlib.h | ||
17 | index 56d325a..7ffa54c 100644 | ||
18 | --- a/cryptlib.h | ||
19 | +++ b/cryptlib.h | ||
20 | @@ -113,7 +113,12 @@ struct cryptodev_pkc { | ||
21 | struct pkc_request req; /* PKC request structure allocated | ||
22 | from CryptoAPI */ | ||
23 | enum offload_type type; /* Synchronous Vs Asynchronous request */ | ||
24 | - void *cookie; /*Additional opaque cookie to be used in future */ | ||
25 | + /* | ||
26 | + * cookie used for transfering tranparent information from async | ||
27 | + * submission to async fetch. Currently some dynamic allocated | ||
28 | + * buffers are maintained which will be freed later during fetch | ||
29 | + */ | ||
30 | + void *cookie; | ||
31 | struct crypt_priv *priv; | ||
32 | }; | ||
33 | |||
34 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
35 | index 96675fe..4436fbf 100644 | ||
36 | --- a/crypto/cryptodev.h | ||
37 | +++ b/crypto/cryptodev.h | ||
38 | @@ -254,6 +254,14 @@ struct crypt_kop { | ||
39 | void *cookie; | ||
40 | }; | ||
41 | |||
42 | +#define MAX_COOKIES 4 | ||
43 | + | ||
44 | +struct pkc_cookie_list_s { | ||
45 | + int cookie_available; | ||
46 | + void *cookie[MAX_COOKIES]; | ||
47 | + int status[MAX_COOKIES]; | ||
48 | +}; | ||
49 | + | ||
50 | enum cryptodev_crk_op_t { | ||
51 | CRK_MOD_EXP = 0, | ||
52 | CRK_MOD_EXP_CRT = 1, | ||
53 | @@ -298,5 +306,5 @@ enum cryptodev_crk_op_t { | ||
54 | #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) | ||
55 | /* additional ioctls for asynchronous operation for asymmetric ciphers*/ | ||
56 | #define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop) | ||
57 | -#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop) | ||
58 | +#define CIOCASYMFETCHCOOKIE _IOR('c', 113, struct pkc_cookie_list_s) | ||
59 | #endif /* L_CRYPTODEV_H */ | ||
60 | diff --git a/cryptodev_int.h b/cryptodev_int.h | ||
61 | index cf54dac..5347cae 100644 | ||
62 | --- a/cryptodev_int.h | ||
63 | +++ b/cryptodev_int.h | ||
64 | @@ -93,6 +93,12 @@ struct compat_crypt_kop { | ||
65 | compat_uptr_t cookie; | ||
66 | }; | ||
67 | |||
68 | +struct compat_pkc_cookie_list_s { | ||
69 | + int cookie_available; | ||
70 | + compat_uptr_t cookie[MAX_COOKIES]; | ||
71 | + int status[MAX_COOKIES]; | ||
72 | +}; | ||
73 | + | ||
74 | /* input of CIOCAUTHCRYPT */ | ||
75 | struct compat_crypt_auth_op { | ||
76 | uint32_t ses; /* session identifier */ | ||
77 | @@ -126,11 +132,13 @@ struct compat_crypt_auth_op { | ||
78 | /* compat ioctls, defined for the above structs */ | ||
79 | #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) | ||
80 | #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) | ||
81 | +#define COMPAT_CIOCKEY _IOW('c', 105, struct compat_crypt_kop) | ||
82 | #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) | ||
83 | #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) | ||
84 | #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) | ||
85 | #define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop) | ||
86 | -#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop) | ||
87 | +#define COMPAT_CIOCASYMFETCHCOOKIE _IOR('c', 111, \ | ||
88 | + struct compat_pkc_cookie_list_s) | ||
89 | |||
90 | #endif /* CONFIG_COMPAT */ | ||
91 | |||
92 | diff --git a/ioctl.c b/ioctl.c | ||
93 | index 9431025..e2f407f 100644 | ||
94 | --- a/ioctl.c | ||
95 | +++ b/ioctl.c | ||
96 | @@ -105,8 +105,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) | ||
97 | crypto_free_pkc(pkc->s); | ||
98 | res->err = err; | ||
99 | if (pkc->type == SYNCHRONOUS) { | ||
100 | - if (err == -EINPROGRESS) | ||
101 | - return; | ||
102 | complete(&res->completion); | ||
103 | } else { | ||
104 | struct crypt_priv *pcr = pkc->priv; | ||
105 | @@ -1051,26 +1049,41 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
106 | ret = 0; | ||
107 | } | ||
108 | return ret; | ||
109 | - case CIOCASYMASYNFETCH: | ||
110 | + case CIOCASYMFETCHCOOKIE: | ||
111 | { | ||
112 | struct cryptodev_pkc *pkc; | ||
113 | unsigned long flags; | ||
114 | + int i; | ||
115 | + struct pkc_cookie_list_s cookie_list; | ||
116 | |||
117 | spin_lock_irqsave(&pcr->completion_lock, flags); | ||
118 | - if (list_empty(&pcr->asym_completed_list)) { | ||
119 | - spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
120 | - return -ENOMEM; | ||
121 | + cookie_list.cookie_available = 0; | ||
122 | + for (i = 0; i < MAX_COOKIES; i++) { | ||
123 | + if (!list_empty(&pcr->asym_completed_list)) { | ||
124 | + /* Run a loop in the list for upto elements | ||
125 | + and copy their response back */ | ||
126 | + pkc = | ||
127 | + list_first_entry(&pcr->asym_completed_list, | ||
128 | + struct cryptodev_pkc, list); | ||
129 | + list_del(&pkc->list); | ||
130 | + ret = crypto_async_fetch_asym(pkc); | ||
131 | + if (!ret) { | ||
132 | + cookie_list.cookie_available++; | ||
133 | + cookie_list.cookie[i] = | ||
134 | + pkc->kop.kop.cookie; | ||
135 | + cookie_list.status[i] = pkc->result.err; | ||
136 | + } | ||
137 | + kfree(pkc); | ||
138 | + } else { | ||
139 | + break; | ||
140 | + } | ||
141 | } | ||
142 | - pkc = list_first_entry(&pcr->asym_completed_list, | ||
143 | - struct cryptodev_pkc, list); | ||
144 | - list_del(&pkc->list); | ||
145 | spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
146 | - ret = crypto_async_fetch_asym(pkc); | ||
147 | |||
148 | /* Reflect the updated request to user-space */ | ||
149 | - if (!ret) | ||
150 | - kop_to_user(&pkc->kop, arg); | ||
151 | - kfree(pkc); | ||
152 | + if (cookie_list.cookie_available) | ||
153 | + copy_to_user(arg, &cookie_list, | ||
154 | + sizeof(struct pkc_cookie_list_s)); | ||
155 | } | ||
156 | return ret; | ||
157 | default: | ||
158 | @@ -1345,26 +1358,41 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
159 | ret = 0; | ||
160 | } | ||
161 | return ret; | ||
162 | - case COMPAT_CIOCASYMASYNFETCH: | ||
163 | + case COMPAT_CIOCASYMFETCHCOOKIE: | ||
164 | { | ||
165 | struct cryptodev_pkc *pkc; | ||
166 | unsigned long flags; | ||
167 | + int i = 0; | ||
168 | + struct compat_pkc_cookie_list_s cookie_list; | ||
169 | |||
170 | spin_lock_irqsave(&pcr->completion_lock, flags); | ||
171 | - if (list_empty(&pcr->asym_completed_list)) { | ||
172 | - spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
173 | - return -ENOMEM; | ||
174 | + cookie_list.cookie_available = 0; | ||
175 | + | ||
176 | + for (i = 0; i < MAX_COOKIES; i++) { | ||
177 | + if (!list_empty(&pcr->asym_completed_list)) { | ||
178 | + /* Run a loop in the list for upto elements | ||
179 | + and copy their response back */ | ||
180 | + pkc = | ||
181 | + list_first_entry(&pcr->asym_completed_list, | ||
182 | + struct cryptodev_pkc, list); | ||
183 | + list_del(&pkc->list); | ||
184 | + ret = crypto_async_fetch_asym(pkc); | ||
185 | + if (!ret) { | ||
186 | + cookie_list.cookie_available++; | ||
187 | + cookie_list.cookie[i] = | ||
188 | + pkc->kop.kop.cookie; | ||
189 | + } | ||
190 | + kfree(pkc); | ||
191 | + } else { | ||
192 | + break; | ||
193 | + } | ||
194 | } | ||
195 | - pkc = list_first_entry(&pcr->asym_completed_list, | ||
196 | - struct cryptodev_pkc, list); | ||
197 | - list_del(&pkc->list); | ||
198 | spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
199 | - ret = crypto_async_fetch_asym(pkc); | ||
200 | |||
201 | /* Reflect the updated request to user-space */ | ||
202 | - if (!ret) | ||
203 | - compat_kop_to_user(&pkc->kop, arg); | ||
204 | - kfree(pkc); | ||
205 | + if (cookie_list.cookie_available) | ||
206 | + copy_to_user(arg, &cookie_list, | ||
207 | + sizeof(struct compat_pkc_cookie_list_s)); | ||
208 | } | ||
209 | return ret; | ||
210 | default: | ||
211 | -- | ||
212 | 2.7.0 | ||
213 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch b/recipes-kernel/cryptodev/sdk_patches/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch new file mode 100644 index 0000000..978efd1 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch | |||
@@ -0,0 +1,212 @@ | |||
1 | From b92d23a790d9634d52db3b9a5e1882fde620b073 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Fri, 7 Mar 2014 07:53:53 +0545 | ||
4 | Subject: [PATCH 06/38] ECC_KEYGEN and DLC_KEYGEN supported in cryptodev module | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | cryptlib.c | 2 ++ | ||
11 | crypto/cryptodev.h | 5 +++- | ||
12 | ioctl.c | 29 +++++++++++++++++-- | ||
13 | main.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ | ||
14 | 4 files changed, 118 insertions(+), 3 deletions(-) | ||
15 | |||
16 | diff --git a/cryptlib.c b/cryptlib.c | ||
17 | index 6900028..47cd568 100644 | ||
18 | --- a/cryptlib.c | ||
19 | +++ b/cryptlib.c | ||
20 | @@ -452,6 +452,8 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
21 | case DSA_VERIFY: | ||
22 | case ECDSA_SIGN: | ||
23 | case ECDSA_VERIFY: | ||
24 | + case DLC_KEYGEN: | ||
25 | + case ECC_KEYGEN: | ||
26 | pkc->s = crypto_alloc_pkc("pkc(dsa)", | ||
27 | CRYPTO_ALG_TYPE_PKC_DSA, 0); | ||
28 | break; | ||
29 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
30 | index 4436fbf..275a55c 100644 | ||
31 | --- a/crypto/cryptodev.h | ||
32 | +++ b/crypto/cryptodev.h | ||
33 | @@ -268,6 +268,8 @@ enum cryptodev_crk_op_t { | ||
34 | CRK_DSA_SIGN = 2, | ||
35 | CRK_DSA_VERIFY = 3, | ||
36 | CRK_DH_COMPUTE_KEY = 4, | ||
37 | + CRK_DSA_GENERATE_KEY = 5, | ||
38 | + CRK_DH_GENERATE_KEY = 6, | ||
39 | CRK_ALGORITHM_ALL | ||
40 | }; | ||
41 | |||
42 | @@ -280,7 +282,8 @@ enum cryptodev_crk_op_t { | ||
43 | #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) | ||
44 | #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) | ||
45 | #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) | ||
46 | - | ||
47 | +#define CRF_DSA_GENERATE_KEY (1 << CRK_DSA_GENERATE_KEY) | ||
48 | +#define CRF_DH_GENERATE_KEY (1 << CRK_DH_GENERATE_KEY) | ||
49 | |||
50 | /* ioctl's. Compatible with old linux cryptodev.h | ||
51 | */ | ||
52 | diff --git a/ioctl.c b/ioctl.c | ||
53 | index e2f407f..1f0741a 100644 | ||
54 | --- a/ioctl.c | ||
55 | +++ b/ioctl.c | ||
56 | @@ -726,6 +726,23 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
57 | dh_req->z, dh_req->z_len); | ||
58 | } | ||
59 | break; | ||
60 | + case CRK_DSA_GENERATE_KEY: | ||
61 | + case CRK_DH_GENERATE_KEY: | ||
62 | + { | ||
63 | + struct keygen_req_s *key_req = &pkc_req->req_u.keygen; | ||
64 | + | ||
65 | + if (pkc_req->type == ECC_KEYGEN) { | ||
66 | + copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, | ||
67 | + key_req->pub_key_len); | ||
68 | + copy_to_user(ckop->crk_param[5].crp_p, | ||
69 | + key_req->priv_key, key_req->priv_key_len); | ||
70 | + } else { | ||
71 | + copy_to_user(ckop->crk_param[3].crp_p, | ||
72 | + key_req->pub_key, key_req->pub_key_len); | ||
73 | + copy_to_user(ckop->crk_param[4].crp_p, | ||
74 | + key_req->priv_key, key_req->priv_key_len); | ||
75 | + } | ||
76 | + } | ||
77 | default: | ||
78 | ret = -EINVAL; | ||
79 | } | ||
80 | @@ -939,8 +956,9 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
81 | |||
82 | switch (cmd) { | ||
83 | case CIOCASYMFEAT: | ||
84 | - return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | | ||
85 | - CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p); | ||
86 | + return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | | ||
87 | + CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | | ||
88 | + CRF_DSA_GENERATE_KEY, p); | ||
89 | case CRIOGET: | ||
90 | fd = clonefd(filp); | ||
91 | ret = put_user(fd, p); | ||
92 | @@ -1084,7 +1102,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
93 | if (cookie_list.cookie_available) | ||
94 | copy_to_user(arg, &cookie_list, | ||
95 | sizeof(struct pkc_cookie_list_s)); | ||
96 | + else { | ||
97 | + struct pkc_cookie_list_s *user_ck_list = (void *)arg; | ||
98 | + | ||
99 | + put_user(0, &(user_ck_list->cookie_available)); | ||
100 | + } | ||
101 | + ret = cookie_list.cookie_available; | ||
102 | } | ||
103 | + | ||
104 | return ret; | ||
105 | default: | ||
106 | return -EINVAL; | ||
107 | diff --git a/main.c b/main.c | ||
108 | index 0b7951e..c901bc7 100644 | ||
109 | --- a/main.c | ||
110 | +++ b/main.c | ||
111 | @@ -342,6 +342,85 @@ err: | ||
112 | return rc; | ||
113 | } | ||
114 | |||
115 | +int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
116 | +{ | ||
117 | + struct kernel_crypt_kop *kop = &pkc->kop; | ||
118 | + struct crypt_kop *cop = &kop->kop; | ||
119 | + struct pkc_request *pkc_req; | ||
120 | + struct keygen_req_s *key_req; | ||
121 | + int rc, buf_size; | ||
122 | + uint8_t *buf; | ||
123 | + | ||
124 | + if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || | ||
125 | + !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || | ||
126 | + !cop->crk_param[4].crp_nbits) | ||
127 | + return -EINVAL; | ||
128 | + | ||
129 | + pkc_req = &pkc->req; | ||
130 | + key_req = &pkc_req->req_u.keygen; | ||
131 | + key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
132 | + key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
133 | + key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
134 | + if (cop->crk_iparams == 3) { | ||
135 | + key_req->pub_key_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
136 | + key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
137 | + buf_size = key_req->q_len + key_req->r_len + key_req->g_len + | ||
138 | + key_req->pub_key_len + key_req->priv_key_len; | ||
139 | + pkc_req->type = DLC_KEYGEN; | ||
140 | + } else { | ||
141 | + key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
142 | + key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
143 | + key_req->priv_key_len = (cop->crk_param[5].crp_nbits + 7)/8; | ||
144 | + buf_size = key_req->q_len + key_req->r_len + key_req->g_len + | ||
145 | + key_req->pub_key_len + key_req->priv_key_len + | ||
146 | + key_req->ab_len; | ||
147 | + pkc_req->type = ECC_KEYGEN; | ||
148 | + pkc_req->curve_type = cop->curve_type; | ||
149 | + } | ||
150 | + | ||
151 | + buf = kzalloc(buf_size, GFP_DMA); | ||
152 | + if (!buf) | ||
153 | + return -ENOMEM; | ||
154 | + | ||
155 | + key_req->q = buf; | ||
156 | + key_req->r = key_req->q + key_req->q_len; | ||
157 | + key_req->g = key_req->r + key_req->r_len; | ||
158 | + key_req->pub_key = key_req->g + key_req->g_len; | ||
159 | + key_req->priv_key = key_req->pub_key + key_req->pub_key_len; | ||
160 | + copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); | ||
161 | + copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); | ||
162 | + copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); | ||
163 | + if (cop->crk_iparams == 3) { | ||
164 | + copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p, | ||
165 | + key_req->pub_key_len); | ||
166 | + copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p, | ||
167 | + key_req->priv_key_len); | ||
168 | + } else { | ||
169 | + key_req->ab = key_req->priv_key + key_req->priv_key_len; | ||
170 | + copy_from_user(key_req->ab, cop->crk_param[3].crp_p, | ||
171 | + key_req->ab_len); | ||
172 | + copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p, | ||
173 | + key_req->pub_key_len); | ||
174 | + copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p, | ||
175 | + key_req->priv_key_len); | ||
176 | + } | ||
177 | + | ||
178 | + rc = cryptodev_pkc_offload(pkc); | ||
179 | + if (pkc->type == SYNCHRONOUS) { | ||
180 | + if (rc) | ||
181 | + goto err; | ||
182 | + } else { | ||
183 | + if (rc != -EINPROGRESS && !rc) | ||
184 | + goto err; | ||
185 | + | ||
186 | + pkc->cookie = buf; | ||
187 | + return rc; | ||
188 | + } | ||
189 | +err: | ||
190 | + kfree(buf); | ||
191 | + return rc; | ||
192 | +} | ||
193 | + | ||
194 | int crypto_kop_dh_key(struct cryptodev_pkc *pkc) | ||
195 | { | ||
196 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
197 | @@ -554,6 +633,12 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) | ||
198 | goto err; | ||
199 | ret = crypto_kop_dh_key(pkc); | ||
200 | break; | ||
201 | + case CRK_DH_GENERATE_KEY: | ||
202 | + case CRK_DSA_GENERATE_KEY: | ||
203 | + if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4)) | ||
204 | + goto err; | ||
205 | + ret = crypto_kop_keygen(pkc); | ||
206 | + break; | ||
207 | } | ||
208 | err: | ||
209 | return ret; | ||
210 | -- | ||
211 | 2.7.0 | ||
212 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch b/recipes-kernel/cryptodev/sdk_patches/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch new file mode 100644 index 0000000..cfaabae --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch | |||
@@ -0,0 +1,238 @@ | |||
1 | From 00a8ac310a33767eac0a07e32597c1a6f467315f Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Fri, 7 Mar 2014 08:49:15 +0545 | ||
4 | Subject: [PATCH 07/38] RCU stall fixed in PKC asynchronous interface | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | ioctl.c | 23 +++++++++++------------ | ||
11 | main.c | 43 +++++++++++++++++++++++++++---------------- | ||
12 | 2 files changed, 38 insertions(+), 28 deletions(-) | ||
13 | |||
14 | diff --git a/ioctl.c b/ioctl.c | ||
15 | index 1f0741a..e4e16a8 100644 | ||
16 | --- a/ioctl.c | ||
17 | +++ b/ioctl.c | ||
18 | @@ -108,10 +108,9 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) | ||
19 | complete(&res->completion); | ||
20 | } else { | ||
21 | struct crypt_priv *pcr = pkc->priv; | ||
22 | - unsigned long flags; | ||
23 | - spin_lock_irqsave(&pcr->completion_lock, flags); | ||
24 | + spin_lock_bh(&pcr->completion_lock); | ||
25 | list_add_tail(&pkc->list, &pcr->asym_completed_list); | ||
26 | - spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
27 | + spin_unlock_bh(&pcr->completion_lock); | ||
28 | /* wake for POLLIN */ | ||
29 | wake_up_interruptible(&pcr->user_waiter); | ||
30 | } | ||
31 | @@ -958,7 +957,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
32 | case CIOCASYMFEAT: | ||
33 | return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | | ||
34 | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | | ||
35 | - CRF_DSA_GENERATE_KEY, p); | ||
36 | + CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p); | ||
37 | case CRIOGET: | ||
38 | fd = clonefd(filp); | ||
39 | ret = put_user(fd, p); | ||
40 | @@ -997,7 +996,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
41 | case CIOCKEY: | ||
42 | { | ||
43 | struct cryptodev_pkc *pkc = | ||
44 | - kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); | ||
45 | + kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); | ||
46 | |||
47 | if (!pkc) | ||
48 | return -ENOMEM; | ||
49 | @@ -1053,7 +1052,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
50 | case CIOCASYMASYNCRYPT: | ||
51 | { | ||
52 | struct cryptodev_pkc *pkc = | ||
53 | - kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); | ||
54 | + kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); | ||
55 | ret = kop_from_user(&pkc->kop, arg); | ||
56 | |||
57 | if (unlikely(ret)) | ||
58 | @@ -1070,13 +1069,12 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
59 | case CIOCASYMFETCHCOOKIE: | ||
60 | { | ||
61 | struct cryptodev_pkc *pkc; | ||
62 | - unsigned long flags; | ||
63 | int i; | ||
64 | struct pkc_cookie_list_s cookie_list; | ||
65 | |||
66 | - spin_lock_irqsave(&pcr->completion_lock, flags); | ||
67 | cookie_list.cookie_available = 0; | ||
68 | for (i = 0; i < MAX_COOKIES; i++) { | ||
69 | + spin_lock_bh(&pcr->completion_lock); | ||
70 | if (!list_empty(&pcr->asym_completed_list)) { | ||
71 | /* Run a loop in the list for upto elements | ||
72 | and copy their response back */ | ||
73 | @@ -1084,6 +1082,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
74 | list_first_entry(&pcr->asym_completed_list, | ||
75 | struct cryptodev_pkc, list); | ||
76 | list_del(&pkc->list); | ||
77 | + spin_unlock_bh(&pcr->completion_lock); | ||
78 | ret = crypto_async_fetch_asym(pkc); | ||
79 | if (!ret) { | ||
80 | cookie_list.cookie_available++; | ||
81 | @@ -1093,10 +1092,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
82 | } | ||
83 | kfree(pkc); | ||
84 | } else { | ||
85 | + spin_unlock_bh(&pcr->completion_lock); | ||
86 | break; | ||
87 | } | ||
88 | } | ||
89 | - spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
90 | |||
91 | /* Reflect the updated request to user-space */ | ||
92 | if (cookie_list.cookie_available) | ||
93 | @@ -1386,14 +1385,13 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
94 | case COMPAT_CIOCASYMFETCHCOOKIE: | ||
95 | { | ||
96 | struct cryptodev_pkc *pkc; | ||
97 | - unsigned long flags; | ||
98 | int i = 0; | ||
99 | struct compat_pkc_cookie_list_s cookie_list; | ||
100 | |||
101 | - spin_lock_irqsave(&pcr->completion_lock, flags); | ||
102 | cookie_list.cookie_available = 0; | ||
103 | |||
104 | for (i = 0; i < MAX_COOKIES; i++) { | ||
105 | + spin_lock_bh(&pcr->completion_lock); | ||
106 | if (!list_empty(&pcr->asym_completed_list)) { | ||
107 | /* Run a loop in the list for upto elements | ||
108 | and copy their response back */ | ||
109 | @@ -1401,6 +1399,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
110 | list_first_entry(&pcr->asym_completed_list, | ||
111 | struct cryptodev_pkc, list); | ||
112 | list_del(&pkc->list); | ||
113 | + spin_unlock_bh(&pcr->completion_lock); | ||
114 | ret = crypto_async_fetch_asym(pkc); | ||
115 | if (!ret) { | ||
116 | cookie_list.cookie_available++; | ||
117 | @@ -1409,10 +1408,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
118 | } | ||
119 | kfree(pkc); | ||
120 | } else { | ||
121 | + spin_unlock_bh(&pcr->completion_lock); | ||
122 | break; | ||
123 | } | ||
124 | } | ||
125 | - spin_unlock_irqrestore(&pcr->completion_lock, flags); | ||
126 | |||
127 | /* Reflect the updated request to user-space */ | ||
128 | if (cookie_list.cookie_available) | ||
129 | diff --git a/main.c b/main.c | ||
130 | index c901bc7..2747706 100644 | ||
131 | --- a/main.c | ||
132 | +++ b/main.c | ||
133 | @@ -215,7 +215,9 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) | ||
134 | pkc_req->type = DSA_SIGN; | ||
135 | } | ||
136 | |||
137 | - buf = kzalloc(buf_size, GFP_DMA); | ||
138 | + buf = kmalloc(buf_size, GFP_DMA); | ||
139 | + if (!buf) | ||
140 | + return -ENOMEM; | ||
141 | |||
142 | dsa_req->q = buf; | ||
143 | dsa_req->r = dsa_req->q + dsa_req->q_len; | ||
144 | @@ -298,7 +300,9 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) | ||
145 | pkc_req->type = DSA_VERIFY; | ||
146 | } | ||
147 | |||
148 | - buf = kzalloc(buf_size, GFP_DMA); | ||
149 | + buf = kmalloc(buf_size, GFP_DMA); | ||
150 | + if (!buf) | ||
151 | + return -ENOMEM; | ||
152 | |||
153 | dsa_req->q = buf; | ||
154 | dsa_req->r = dsa_req->q + dsa_req->q_len; | ||
155 | @@ -378,7 +382,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
156 | pkc_req->curve_type = cop->curve_type; | ||
157 | } | ||
158 | |||
159 | - buf = kzalloc(buf_size, GFP_DMA); | ||
160 | + buf = kmalloc(buf_size, GFP_DMA); | ||
161 | if (!buf) | ||
162 | return -ENOMEM; | ||
163 | |||
164 | @@ -390,25 +394,28 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
165 | copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); | ||
166 | copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); | ||
167 | copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); | ||
168 | - if (cop->crk_iparams == 3) { | ||
169 | - copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p, | ||
170 | - key_req->pub_key_len); | ||
171 | - copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p, | ||
172 | - key_req->priv_key_len); | ||
173 | - } else { | ||
174 | + if (cop->crk_iparams == 4) { | ||
175 | key_req->ab = key_req->priv_key + key_req->priv_key_len; | ||
176 | copy_from_user(key_req->ab, cop->crk_param[3].crp_p, | ||
177 | key_req->ab_len); | ||
178 | - copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p, | ||
179 | - key_req->pub_key_len); | ||
180 | - copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p, | ||
181 | - key_req->priv_key_len); | ||
182 | } | ||
183 | |||
184 | rc = cryptodev_pkc_offload(pkc); | ||
185 | if (pkc->type == SYNCHRONOUS) { | ||
186 | if (rc) | ||
187 | goto err; | ||
188 | + | ||
189 | + if (cop->crk_iparams == 4) { | ||
190 | + copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key, | ||
191 | + key_req->pub_key_len); | ||
192 | + copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key, | ||
193 | + key_req->priv_key_len); | ||
194 | + } else { | ||
195 | + copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key, | ||
196 | + key_req->pub_key_len); | ||
197 | + copy_to_user(cop->crk_param[4].crp_p, | ||
198 | + key_req->priv_key, key_req->priv_key_len); | ||
199 | + } | ||
200 | } else { | ||
201 | if (rc != -EINPROGRESS && !rc) | ||
202 | goto err; | ||
203 | @@ -447,7 +454,9 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) | ||
204 | pkc_req->type = DH_COMPUTE_KEY; | ||
205 | } | ||
206 | buf_size += dh_req->z_len; | ||
207 | - buf = kzalloc(buf_size, GFP_DMA); | ||
208 | + buf = kmalloc(buf_size, GFP_DMA); | ||
209 | + if (!buf) | ||
210 | + return -ENOMEM; | ||
211 | dh_req->q = buf; | ||
212 | dh_req->s = dh_req->q + dh_req->q_len; | ||
213 | dh_req->pub_key = dh_req->s + dh_req->s_len; | ||
214 | @@ -508,9 +517,11 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) | ||
215 | rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
216 | rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8; | ||
217 | rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8; | ||
218 | - buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + | ||
219 | + buf = kmalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + | ||
220 | rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len + | ||
221 | rsa_req->g_len, GFP_DMA); | ||
222 | + if (!buf) | ||
223 | + return -ENOMEM; | ||
224 | rsa_req->p = buf; | ||
225 | rsa_req->q = rsa_req->p + rsa_req->p_len; | ||
226 | rsa_req->g = rsa_req->q + rsa_req->q_len; | ||
227 | @@ -563,7 +574,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) | ||
228 | rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
229 | rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
230 | rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
231 | - buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len | ||
232 | + buf = kmalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len | ||
233 | + rsa_req->g_len, GFP_DMA); | ||
234 | if (!buf) | ||
235 | return -ENOMEM; | ||
236 | -- | ||
237 | 2.7.0 | ||
238 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0008-Add-RSA-Key-generation-offloading.patch b/recipes-kernel/cryptodev/sdk_patches/0008-Add-RSA-Key-generation-offloading.patch new file mode 100644 index 0000000..ef4ea09 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0008-Add-RSA-Key-generation-offloading.patch | |||
@@ -0,0 +1,170 @@ | |||
1 | From a2cbb5fcc2d6f3734b5ed2826e828d852cfdf8ba Mon Sep 17 00:00:00 2001 | ||
2 | From: Hou Zhiqiang <B48286@freescale.com> | ||
3 | Date: Wed, 19 Mar 2014 14:02:46 +0800 | ||
4 | Subject: [PATCH 08/38] Add RSA Key generation offloading | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Hou Zhiqiang <B48286@freescale.com> | ||
9 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
10 | --- | ||
11 | cryptlib.c | 1 + | ||
12 | crypto/cryptodev.h | 2 ++ | ||
13 | ioctl.c | 3 +- | ||
14 | main.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++- | ||
15 | 4 files changed, 84 insertions(+), 2 deletions(-) | ||
16 | |||
17 | diff --git a/cryptlib.c b/cryptlib.c | ||
18 | index 47cd568..4dd1847 100644 | ||
19 | --- a/cryptlib.c | ||
20 | +++ b/cryptlib.c | ||
21 | @@ -441,6 +441,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
22 | struct pkc_request *pkc_req = &pkc->req, *pkc_requested; | ||
23 | |||
24 | switch (pkc_req->type) { | ||
25 | + case RSA_KEYGEN: | ||
26 | case RSA_PUB: | ||
27 | case RSA_PRIV_FORM1: | ||
28 | case RSA_PRIV_FORM2: | ||
29 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
30 | index 275a55c..d0cc542 100644 | ||
31 | --- a/crypto/cryptodev.h | ||
32 | +++ b/crypto/cryptodev.h | ||
33 | @@ -270,6 +270,7 @@ enum cryptodev_crk_op_t { | ||
34 | CRK_DH_COMPUTE_KEY = 4, | ||
35 | CRK_DSA_GENERATE_KEY = 5, | ||
36 | CRK_DH_GENERATE_KEY = 6, | ||
37 | + CRK_RSA_GENERATE_KEY = 7, | ||
38 | CRK_ALGORITHM_ALL | ||
39 | }; | ||
40 | |||
41 | @@ -279,6 +280,7 @@ enum cryptodev_crk_op_t { | ||
42 | */ | ||
43 | #define CRF_MOD_EXP (1 << CRK_MOD_EXP) | ||
44 | #define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT) | ||
45 | +#define CRF_RSA_GENERATE_KEY (1 << CRK_RSA_GENERATE_KEY) | ||
46 | #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) | ||
47 | #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) | ||
48 | #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) | ||
49 | diff --git a/ioctl.c b/ioctl.c | ||
50 | index e4e16a8..3762a47 100644 | ||
51 | --- a/ioctl.c | ||
52 | +++ b/ioctl.c | ||
53 | @@ -957,7 +957,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
54 | case CIOCASYMFEAT: | ||
55 | return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | | ||
56 | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | | ||
57 | - CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p); | ||
58 | + CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY | | ||
59 | + CRF_RSA_GENERATE_KEY, p); | ||
60 | case CRIOGET: | ||
61 | fd = clonefd(filp); | ||
62 | ret = put_user(fd, p); | ||
63 | diff --git a/main.c b/main.c | ||
64 | index 2747706..14dcf40 100644 | ||
65 | --- a/main.c | ||
66 | +++ b/main.c | ||
67 | @@ -346,6 +346,82 @@ err: | ||
68 | return rc; | ||
69 | } | ||
70 | |||
71 | +int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) | ||
72 | +{ | ||
73 | + struct kernel_crypt_kop *kop = &pkc->kop; | ||
74 | + struct crypt_kop *cop = &kop->kop; | ||
75 | + struct pkc_request *pkc_req; | ||
76 | + struct rsa_keygen_req_s *key_req; | ||
77 | + int rc, buf_size; | ||
78 | + uint8_t *buf; | ||
79 | + | ||
80 | + if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || | ||
81 | + !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || | ||
82 | + !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || | ||
83 | + !cop->crk_param[6].crp_nbits) | ||
84 | + return -EINVAL; | ||
85 | + | ||
86 | + pkc_req = &pkc->req; | ||
87 | + pkc_req->type = RSA_KEYGEN; | ||
88 | + key_req = &pkc_req->req_u.rsa_keygen; | ||
89 | + key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
90 | + key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8; | ||
91 | + key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8; | ||
92 | + key_req->n_len = (cop->crk_param[2].crp_nbits + 7) / 8; | ||
93 | + key_req->d_len = (cop->crk_param[3].crp_nbits + 7) / 8; | ||
94 | + key_req->dp_len = (cop->crk_param[4].crp_nbits + 7) / 8; | ||
95 | + key_req->dq_len = (cop->crk_param[5].crp_nbits + 7) / 8; | ||
96 | + key_req->c_len = (cop->crk_param[6].crp_nbits + 7) / 8; | ||
97 | + | ||
98 | + buf_size = key_req->p_len + key_req->q_len + key_req->n_len + | ||
99 | + key_req->d_len + key_req->dp_len + | ||
100 | + key_req->dq_len + key_req->c_len; | ||
101 | + | ||
102 | + buf = kmalloc(buf_size, GFP_DMA); | ||
103 | + if (!buf) | ||
104 | + return -ENOMEM; | ||
105 | + key_req->p = buf; | ||
106 | + key_req->q = key_req->p + key_req->p_len; | ||
107 | + key_req->n = key_req->q + key_req->q_len; | ||
108 | + key_req->d = key_req->n + key_req->n_len; | ||
109 | + key_req->dp = key_req->d + key_req->d_len; | ||
110 | + key_req->dq = key_req->dp + key_req->dp_len; | ||
111 | + key_req->c = key_req->dq + key_req->dq_len; | ||
112 | + | ||
113 | + rc = cryptodev_pkc_offload(pkc); | ||
114 | + | ||
115 | + if (pkc->type == SYNCHRONOUS) { | ||
116 | + if (rc) | ||
117 | + goto err; | ||
118 | + | ||
119 | + copy_to_user(cop->crk_param[0].crp_p, | ||
120 | + key_req->p, key_req->p_len); | ||
121 | + copy_to_user(cop->crk_param[1].crp_p, | ||
122 | + key_req->q, key_req->q_len); | ||
123 | + copy_to_user(cop->crk_param[2].crp_p, | ||
124 | + key_req->n, key_req->n_len); | ||
125 | + copy_to_user(cop->crk_param[3].crp_p, | ||
126 | + key_req->d, key_req->d_len); | ||
127 | + copy_to_user(cop->crk_param[4].crp_p, | ||
128 | + key_req->dp, key_req->dp_len); | ||
129 | + copy_to_user(cop->crk_param[5].crp_p, | ||
130 | + key_req->dq, key_req->dq_len); | ||
131 | + copy_to_user(cop->crk_param[6].crp_p, | ||
132 | + key_req->c, key_req->c_len); | ||
133 | + } else { | ||
134 | + if (rc != -EINPROGRESS && !rc) { | ||
135 | + printk("%s: Failed\n", __func__); | ||
136 | + goto err; | ||
137 | + } | ||
138 | + pkc->cookie = buf; | ||
139 | + return rc; | ||
140 | + } | ||
141 | +err: | ||
142 | + kfree(buf); | ||
143 | + return rc; | ||
144 | + | ||
145 | +} | ||
146 | + | ||
147 | int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
148 | { | ||
149 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
150 | @@ -385,7 +461,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
151 | buf = kmalloc(buf_size, GFP_DMA); | ||
152 | if (!buf) | ||
153 | return -ENOMEM; | ||
154 | - | ||
155 | key_req->q = buf; | ||
156 | key_req->r = key_req->q + key_req->q_len; | ||
157 | key_req->g = key_req->r + key_req->r_len; | ||
158 | @@ -650,6 +725,9 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) | ||
159 | goto err; | ||
160 | ret = crypto_kop_keygen(pkc); | ||
161 | break; | ||
162 | + case CRK_RSA_GENERATE_KEY: | ||
163 | + ret = crypto_kop_rsa_keygen(pkc); | ||
164 | + break; | ||
165 | } | ||
166 | err: | ||
167 | return ret; | ||
168 | -- | ||
169 | 2.7.0 | ||
170 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch b/recipes-kernel/cryptodev/sdk_patches/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch new file mode 100644 index 0000000..47fd2e1 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch | |||
@@ -0,0 +1,160 @@ | |||
1 | From 263483d1023f6c1c35b5488b9b79796ee2605e9b Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 17 Apr 2014 07:08:47 +0545 | ||
4 | Subject: [PATCH 09/38] Fixed compilation error of openssl with fsl cryptodev | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
10 | --- | ||
11 | authenc.c | 1 + | ||
12 | cryptlib.c | 9 ++++----- | ||
13 | crypto/cryptodev.h | 9 ++++++++- | ||
14 | cryptodev_int.h | 2 +- | ||
15 | ioctl.c | 8 ++++++-- | ||
16 | main.c | 1 + | ||
17 | 6 files changed, 21 insertions(+), 9 deletions(-) | ||
18 | |||
19 | diff --git a/authenc.c b/authenc.c | ||
20 | index ef0d3db..2aa4d38 100644 | ||
21 | --- a/authenc.c | ||
22 | +++ b/authenc.c | ||
23 | @@ -2,6 +2,7 @@ | ||
24 | * Driver for /dev/crypto device (aka CryptoDev) | ||
25 | * | ||
26 | * Copyright (c) 2011, 2012 OpenSSL Software Foundation, Inc. | ||
27 | + * Copyright (c) 2014 Freescale Semiconductor, Inc. | ||
28 | * | ||
29 | * Author: Nikos Mavrogiannopoulos | ||
30 | * | ||
31 | diff --git a/cryptlib.c b/cryptlib.c | ||
32 | index 4dd1847..ec6693e 100644 | ||
33 | --- a/cryptlib.c | ||
34 | +++ b/cryptlib.c | ||
35 | @@ -4,8 +4,7 @@ | ||
36 | * Copyright (c) 2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||
37 | * Portions Copyright (c) 2010 Michael Weiser | ||
38 | * Portions Copyright (c) 2010 Phil Sutter | ||
39 | - * | ||
40 | - * Copyright 2012 Freescale Semiconductor, Inc. | ||
41 | + * Copyright 2012-2014 Freescale Semiconductor, Inc. | ||
42 | * | ||
43 | * This file is part of linux cryptodev. | ||
44 | * | ||
45 | @@ -144,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, | ||
46 | if (alg->max_keysize > 0 && | ||
47 | unlikely((keylen < alg->min_keysize) || | ||
48 | (keylen > alg->max_keysize))) { | ||
49 | - ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.", | ||
50 | + ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", | ||
51 | keylen, alg_name, alg->min_keysize, alg->max_keysize); | ||
52 | ret = -EINVAL; | ||
53 | goto error; | ||
54 | @@ -171,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, | ||
55 | } | ||
56 | |||
57 | if (unlikely(ret)) { | ||
58 | - ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8); | ||
59 | + ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); | ||
60 | ret = -EINVAL; | ||
61 | goto error; | ||
62 | } | ||
63 | @@ -338,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, | ||
64 | if (hmac_mode != 0) { | ||
65 | ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen); | ||
66 | if (unlikely(ret)) { | ||
67 | - ddebug(1, "Setting hmac key failed for %s-%zu.", | ||
68 | + ddebug(1, "Setting hmac key failed for %s-%u.", | ||
69 | alg_name, mackeylen*8); | ||
70 | ret = -EINVAL; | ||
71 | goto error; | ||
72 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
73 | index d0cc542..e7edd97 100644 | ||
74 | --- a/crypto/cryptodev.h | ||
75 | +++ b/crypto/cryptodev.h | ||
76 | @@ -234,6 +234,13 @@ struct crypt_auth_op { | ||
77 | #define CRYPTO_ALG_FLAG_RNG_ENABLE 2 | ||
78 | #define CRYPTO_ALG_FLAG_DSA_SHA 4 | ||
79 | |||
80 | +enum ec_curve_t { | ||
81 | + EC_DISCRETE_LOG, | ||
82 | + EC_PRIME, | ||
83 | + EC_BINARY, | ||
84 | + MAX_EC_TYPE | ||
85 | +}; | ||
86 | + | ||
87 | struct crparam { | ||
88 | __u8 *crp_p; | ||
89 | __u32 crp_nbits; | ||
90 | @@ -249,7 +256,7 @@ struct crypt_kop { | ||
91 | __u16 crk_oparams; | ||
92 | __u32 crk_pad1; | ||
93 | struct crparam crk_param[CRK_MAXPARAM]; | ||
94 | - enum curve_t curve_type; /* 0 == Discrete Log, | ||
95 | + enum ec_curve_t curve_type; /* 0 == Discrete Log, | ||
96 | 1 = EC_PRIME, 2 = EC_BINARY */ | ||
97 | void *cookie; | ||
98 | }; | ||
99 | diff --git a/cryptodev_int.h b/cryptodev_int.h | ||
100 | index 5347cae..c83c885 100644 | ||
101 | --- a/cryptodev_int.h | ||
102 | +++ b/cryptodev_int.h | ||
103 | @@ -88,7 +88,7 @@ struct compat_crypt_kop { | ||
104 | uint16_t crk_oparams; | ||
105 | uint32_t crk_pad1; | ||
106 | struct compat_crparam crk_param[CRK_MAXPARAM]; | ||
107 | - enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, | ||
108 | + enum ec_curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, | ||
109 | 2 = EC_BINARY */ | ||
110 | compat_uptr_t cookie; | ||
111 | }; | ||
112 | diff --git a/ioctl.c b/ioctl.c | ||
113 | index 3762a47..c97320b 100644 | ||
114 | --- a/ioctl.c | ||
115 | +++ b/ioctl.c | ||
116 | @@ -4,7 +4,7 @@ | ||
117 | * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs | ||
118 | * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||
119 | * Copyright (c) 2010 Phil Sutter | ||
120 | - * Copyright 2012 Freescale Semiconductor, Inc. | ||
121 | + * Copyright 2012-2014 Freescale Semiconductor, Inc. | ||
122 | * | ||
123 | * This file is part of linux cryptodev. | ||
124 | * | ||
125 | @@ -501,6 +501,7 @@ cryptodev_open(struct inode *inode, struct file *filp) | ||
126 | INIT_LIST_HEAD(&pcr->done.list); | ||
127 | INIT_LIST_HEAD(&pcr->asym_completed_list); | ||
128 | spin_lock_init(&pcr->completion_lock); | ||
129 | + | ||
130 | INIT_WORK(&pcr->cryptask, cryptask_routine); | ||
131 | |||
132 | init_waitqueue_head(&pcr->user_waiter); | ||
133 | @@ -780,8 +781,11 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) | ||
134 | |||
135 | if (cop->iv) { | ||
136 | rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen); | ||
137 | - if (unlikely(rc)) | ||
138 | + if (unlikely(rc)) { | ||
139 | + derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p", | ||
140 | + kcop->ivlen, rc, cop->iv); | ||
141 | return -EFAULT; | ||
142 | + } | ||
143 | } | ||
144 | |||
145 | return 0; | ||
146 | diff --git a/main.c b/main.c | ||
147 | index 14dcf40..6365911 100644 | ||
148 | --- a/main.c | ||
149 | +++ b/main.c | ||
150 | @@ -3,6 +3,7 @@ | ||
151 | * | ||
152 | * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs | ||
153 | * Copyright (c) 2009-2013 Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||
154 | + * Copyright (c) 2014 Freescale Semiconductor, Inc. | ||
155 | * | ||
156 | * This file is part of linux cryptodev. | ||
157 | * | ||
158 | -- | ||
159 | 2.7.0 | ||
160 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch b/recipes-kernel/cryptodev/sdk_patches/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch new file mode 100644 index 0000000..352a45d --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch | |||
@@ -0,0 +1,54 @@ | |||
1 | From 269564f4e00fa907388ccfa046b930b3c4eef4dc Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Tue, 10 Jun 2014 08:27:59 +0300 | ||
4 | Subject: [PATCH 10/38] add support for composite TLS10(SHA1,3DES) algorithm | ||
5 | offload | ||
6 | |||
7 | This adds support for composite algorithm offload in a single crypto | ||
8 | (cipher + hmac) operation. | ||
9 | |||
10 | It requires either software or hardware TLS support in the Linux kernel | ||
11 | and can be used with Freescale B*, P* and T* platforms that have support | ||
12 | for hardware TLS acceleration. | ||
13 | |||
14 | Change-Id: Ibce0ceb4174809c9c96b453cd3202bc5220ff084 | ||
15 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
16 | Reviewed-on: http://git.am.freescale.net:8181/34000 | ||
17 | Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
18 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
19 | --- | ||
20 | crypto/cryptodev.h | 1 + | ||
21 | ioctl.c | 5 +++++ | ||
22 | 2 files changed, 6 insertions(+) | ||
23 | |||
24 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
25 | index e7edd97..07f40b2 100644 | ||
26 | --- a/crypto/cryptodev.h | ||
27 | +++ b/crypto/cryptodev.h | ||
28 | @@ -55,6 +55,7 @@ enum cryptodev_crypto_op_t { | ||
29 | CRYPTO_SHA2_512, | ||
30 | CRYPTO_SHA2_224_HMAC, | ||
31 | CRYPTO_TLS10_AES_CBC_HMAC_SHA1, | ||
32 | + CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, | ||
33 | CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ | ||
34 | }; | ||
35 | |||
36 | diff --git a/ioctl.c b/ioctl.c | ||
37 | index c97320b..574e913 100644 | ||
38 | --- a/ioctl.c | ||
39 | +++ b/ioctl.c | ||
40 | @@ -191,6 +191,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
41 | stream = 0; | ||
42 | aead = 1; | ||
43 | break; | ||
44 | + case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: | ||
45 | + alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; | ||
46 | + stream = 0; | ||
47 | + aead = 1; | ||
48 | + break; | ||
49 | case CRYPTO_NULL: | ||
50 | alg_name = "ecb(cipher_null)"; | ||
51 | stream = 1; | ||
52 | -- | ||
53 | 2.7.0 | ||
54 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0011-add-support-for-TLSv1.1-record-offload.patch b/recipes-kernel/cryptodev/sdk_patches/0011-add-support-for-TLSv1.1-record-offload.patch new file mode 100644 index 0000000..34d6ade --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0011-add-support-for-TLSv1.1-record-offload.patch | |||
@@ -0,0 +1,76 @@ | |||
1 | From 73c20be9ae1ed57d8c428c86471f42d953e79fba Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Tue, 31 Mar 2015 16:15:47 +0300 | ||
4 | Subject: [PATCH 11/38] add support for TLSv1.1 record offload | ||
5 | |||
6 | This adds support for composite algorithm offload in a single crypto | ||
7 | (cipher + hmac) operation. | ||
8 | |||
9 | Supported cipher suites: | ||
10 | - 3des-ede-cbc-sha | ||
11 | - aes-128-cbc-hmac-sha | ||
12 | - aes-256-cbc-hmac-sha | ||
13 | |||
14 | It requires either software or hardware TLS support in the Linux kernel | ||
15 | and can be used with Freescale B*, P* and T* platforms that have support | ||
16 | for hardware TLS acceleration. | ||
17 | |||
18 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
19 | Change-Id: Ia5f3fa7ec090d5643d71b0f608c68a274ec6b51f | ||
20 | Reviewed-on: http://git.am.freescale.net:8181/33998 | ||
21 | Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
22 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
23 | --- | ||
24 | crypto/cryptodev.h | 4 +++- | ||
25 | ioctl.c | 14 ++++++++++++-- | ||
26 | 2 files changed, 15 insertions(+), 3 deletions(-) | ||
27 | |||
28 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
29 | index 07f40b2..61e8599 100644 | ||
30 | --- a/crypto/cryptodev.h | ||
31 | +++ b/crypto/cryptodev.h | ||
32 | @@ -54,8 +54,10 @@ enum cryptodev_crypto_op_t { | ||
33 | CRYPTO_SHA2_384, | ||
34 | CRYPTO_SHA2_512, | ||
35 | CRYPTO_SHA2_224_HMAC, | ||
36 | - CRYPTO_TLS10_AES_CBC_HMAC_SHA1, | ||
37 | CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, | ||
38 | + CRYPTO_TLS10_AES_CBC_HMAC_SHA1, | ||
39 | + CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, | ||
40 | + CRYPTO_TLS11_AES_CBC_HMAC_SHA1, | ||
41 | CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ | ||
42 | }; | ||
43 | |||
44 | diff --git a/ioctl.c b/ioctl.c | ||
45 | index 574e913..ba82387 100644 | ||
46 | --- a/ioctl.c | ||
47 | +++ b/ioctl.c | ||
48 | @@ -186,13 +186,23 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
49 | stream = 1; | ||
50 | aead = 1; | ||
51 | break; | ||
52 | + case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: | ||
53 | + alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; | ||
54 | + stream = 0; | ||
55 | + aead = 1; | ||
56 | + break; | ||
57 | case CRYPTO_TLS10_AES_CBC_HMAC_SHA1: | ||
58 | alg_name = "tls10(hmac(sha1),cbc(aes))"; | ||
59 | stream = 0; | ||
60 | aead = 1; | ||
61 | break; | ||
62 | - case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: | ||
63 | - alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; | ||
64 | + case CRYPTO_TLS11_3DES_CBC_HMAC_SHA1: | ||
65 | + alg_name = "tls11(hmac(sha1),cbc(des3_ede))"; | ||
66 | + stream = 0; | ||
67 | + aead = 1; | ||
68 | + break; | ||
69 | + case CRYPTO_TLS11_AES_CBC_HMAC_SHA1: | ||
70 | + alg_name = "tls11(hmac(sha1),cbc(aes))"; | ||
71 | stream = 0; | ||
72 | aead = 1; | ||
73 | break; | ||
74 | -- | ||
75 | 2.7.0 | ||
76 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0012-add-support-for-TLSv1.2-record-offload.patch b/recipes-kernel/cryptodev/sdk_patches/0012-add-support-for-TLSv1.2-record-offload.patch new file mode 100644 index 0000000..b7a7268 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0012-add-support-for-TLSv1.2-record-offload.patch | |||
@@ -0,0 +1,72 @@ | |||
1 | From f1a519d9eed072bd45a45d251603c64f942814fb Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Tue, 31 Mar 2015 16:16:28 +0300 | ||
4 | Subject: [PATCH 12/38] add support for TLSv1.2 record offload | ||
5 | |||
6 | This adds support for composite algorithm offload in a single crypto | ||
7 | (cipher + hmac) operation. | ||
8 | |||
9 | Supported cipher suites: | ||
10 | - 3des-ede-cbc-sha | ||
11 | - aes-128-cbc-hmac-sha | ||
12 | - aes-256-cbc-hmac-sha | ||
13 | - aes-128-cbc-hmac-sha256 | ||
14 | - aes-256-cbc-hmac-sha256 | ||
15 | |||
16 | It requires either software or hardware TLS support in the Linux kernel | ||
17 | and can be used with Freescale B*, P* and T* platforms that have support | ||
18 | for hardware TLS acceleration. | ||
19 | |||
20 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
21 | Change-Id: I21f45993505fc3dad09848a13aa20f778a7c2de0 | ||
22 | Reviewed-on: http://git.am.freescale.net:8181/33999 | ||
23 | Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
24 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
25 | --- | ||
26 | crypto/cryptodev.h | 3 +++ | ||
27 | ioctl.c | 15 +++++++++++++++ | ||
28 | 2 files changed, 18 insertions(+) | ||
29 | |||
30 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
31 | index 61e8599..f6058ca 100644 | ||
32 | --- a/crypto/cryptodev.h | ||
33 | +++ b/crypto/cryptodev.h | ||
34 | @@ -58,6 +58,9 @@ enum cryptodev_crypto_op_t { | ||
35 | CRYPTO_TLS10_AES_CBC_HMAC_SHA1, | ||
36 | CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, | ||
37 | CRYPTO_TLS11_AES_CBC_HMAC_SHA1, | ||
38 | + CRYPTO_TLS12_3DES_CBC_HMAC_SHA1, | ||
39 | + CRYPTO_TLS12_AES_CBC_HMAC_SHA1, | ||
40 | + CRYPTO_TLS12_AES_CBC_HMAC_SHA256, | ||
41 | CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ | ||
42 | }; | ||
43 | |||
44 | diff --git a/ioctl.c b/ioctl.c | ||
45 | index ba82387..fb4c4e3 100644 | ||
46 | --- a/ioctl.c | ||
47 | +++ b/ioctl.c | ||
48 | @@ -206,6 +206,21 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
49 | stream = 0; | ||
50 | aead = 1; | ||
51 | break; | ||
52 | + case CRYPTO_TLS12_3DES_CBC_HMAC_SHA1: | ||
53 | + alg_name = "tls12(hmac(sha1),cbc(des3_ede))"; | ||
54 | + stream = 0; | ||
55 | + aead = 1; | ||
56 | + break; | ||
57 | + case CRYPTO_TLS12_AES_CBC_HMAC_SHA1: | ||
58 | + alg_name = "tls12(hmac(sha1),cbc(aes))"; | ||
59 | + stream = 0; | ||
60 | + aead = 1; | ||
61 | + break; | ||
62 | + case CRYPTO_TLS12_AES_CBC_HMAC_SHA256: | ||
63 | + alg_name = "tls12(hmac(sha256),cbc(aes))"; | ||
64 | + stream = 0; | ||
65 | + aead = 1; | ||
66 | + break; | ||
67 | case CRYPTO_NULL: | ||
68 | alg_name = "ecb(cipher_null)"; | ||
69 | stream = 1; | ||
70 | -- | ||
71 | 2.7.0 | ||
72 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0013-clean-up-code-layout.patch b/recipes-kernel/cryptodev/sdk_patches/0013-clean-up-code-layout.patch new file mode 100644 index 0000000..a6884fa --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0013-clean-up-code-layout.patch | |||
@@ -0,0 +1,186 @@ | |||
1 | From 5a87b9d5f2295ed0fd36a41c8376e01eb0df62b2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Fri, 20 Feb 2015 12:46:58 +0200 | ||
4 | Subject: [PATCH 13/38] clean-up code layout | ||
5 | |||
6 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
7 | Change-Id: I92c2f4baeed9470a2c3c42b592d878e65918b0af | ||
8 | Reviewed-on: http://git.am.freescale.net:8181/34222 | ||
9 | --- | ||
10 | cryptlib.c | 11 ++++------- | ||
11 | ioctl.c | 55 +++++++++++++++++++++---------------------------------- | ||
12 | main.c | 4 +--- | ||
13 | 3 files changed, 26 insertions(+), 44 deletions(-) | ||
14 | |||
15 | diff --git a/cryptlib.c b/cryptlib.c | ||
16 | index ec6693e..21e691b 100644 | ||
17 | --- a/cryptlib.c | ||
18 | +++ b/cryptlib.c | ||
19 | @@ -434,7 +434,7 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) | ||
20 | return waitfor(hdata->async.result, ret); | ||
21 | } | ||
22 | |||
23 | -int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
24 | +int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
25 | { | ||
26 | int ret = 0; | ||
27 | struct pkc_request *pkc_req = &pkc->req, *pkc_requested; | ||
28 | @@ -445,8 +445,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
29 | case RSA_PRIV_FORM1: | ||
30 | case RSA_PRIV_FORM2: | ||
31 | case RSA_PRIV_FORM3: | ||
32 | - pkc->s = crypto_alloc_pkc("pkc(rsa)", | ||
33 | - CRYPTO_ALG_TYPE_PKC_RSA, 0); | ||
34 | + pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0); | ||
35 | break; | ||
36 | case DSA_SIGN: | ||
37 | case DSA_VERIFY: | ||
38 | @@ -454,13 +453,11 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
39 | case ECDSA_VERIFY: | ||
40 | case DLC_KEYGEN: | ||
41 | case ECC_KEYGEN: | ||
42 | - pkc->s = crypto_alloc_pkc("pkc(dsa)", | ||
43 | - CRYPTO_ALG_TYPE_PKC_DSA, 0); | ||
44 | + pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0); | ||
45 | break; | ||
46 | case DH_COMPUTE_KEY: | ||
47 | case ECDH_COMPUTE_KEY: | ||
48 | - pkc->s = crypto_alloc_pkc("pkc(dh)", | ||
49 | - CRYPTO_ALG_TYPE_PKC_DH, 0); | ||
50 | + pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0); | ||
51 | break; | ||
52 | default: | ||
53 | return -EINVAL; | ||
54 | diff --git a/ioctl.c b/ioctl.c | ||
55 | index fb4c4e3..ee0486c 100644 | ||
56 | --- a/ioctl.c | ||
57 | +++ b/ioctl.c | ||
58 | @@ -714,16 +714,13 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
59 | case CRK_MOD_EXP: | ||
60 | { | ||
61 | struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; | ||
62 | - copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, | ||
63 | - rsa_req->g_len); | ||
64 | + copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); | ||
65 | } | ||
66 | break; | ||
67 | case CRK_MOD_EXP_CRT: | ||
68 | { | ||
69 | - struct rsa_priv_frm3_req_s *rsa_req = | ||
70 | - &pkc_req->req_u.rsa_priv_f3; | ||
71 | - copy_to_user(ckop->crk_param[6].crp_p, | ||
72 | - rsa_req->f, rsa_req->f_len); | ||
73 | + struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3; | ||
74 | + copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); | ||
75 | } | ||
76 | break; | ||
77 | case CRK_DSA_SIGN: | ||
78 | @@ -731,15 +728,11 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
79 | struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; | ||
80 | |||
81 | if (pkc_req->type == ECDSA_SIGN) { | ||
82 | - copy_to_user(ckop->crk_param[6].crp_p, | ||
83 | - dsa_req->c, dsa_req->d_len); | ||
84 | - copy_to_user(ckop->crk_param[7].crp_p, | ||
85 | - dsa_req->d, dsa_req->d_len); | ||
86 | + copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); | ||
87 | + copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); | ||
88 | } else { | ||
89 | - copy_to_user(ckop->crk_param[5].crp_p, | ||
90 | - dsa_req->c, dsa_req->d_len); | ||
91 | - copy_to_user(ckop->crk_param[6].crp_p, | ||
92 | - dsa_req->d, dsa_req->d_len); | ||
93 | + copy_to_user(ckop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len); | ||
94 | + copy_to_user(ckop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); | ||
95 | } | ||
96 | } | ||
97 | break; | ||
98 | @@ -749,11 +742,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
99 | { | ||
100 | struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; | ||
101 | if (pkc_req->type == ECDH_COMPUTE_KEY) | ||
102 | - copy_to_user(ckop->crk_param[4].crp_p, | ||
103 | - dh_req->z, dh_req->z_len); | ||
104 | + copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); | ||
105 | else | ||
106 | - copy_to_user(ckop->crk_param[3].crp_p, | ||
107 | - dh_req->z, dh_req->z_len); | ||
108 | + copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); | ||
109 | } | ||
110 | break; | ||
111 | case CRK_DSA_GENERATE_KEY: | ||
112 | @@ -763,14 +754,14 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
113 | |||
114 | if (pkc_req->type == ECC_KEYGEN) { | ||
115 | copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, | ||
116 | - key_req->pub_key_len); | ||
117 | - copy_to_user(ckop->crk_param[5].crp_p, | ||
118 | - key_req->priv_key, key_req->priv_key_len); | ||
119 | + key_req->pub_key_len); | ||
120 | + copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, | ||
121 | + key_req->priv_key_len); | ||
122 | } else { | ||
123 | - copy_to_user(ckop->crk_param[3].crp_p, | ||
124 | - key_req->pub_key, key_req->pub_key_len); | ||
125 | - copy_to_user(ckop->crk_param[4].crp_p, | ||
126 | - key_req->priv_key, key_req->priv_key_len); | ||
127 | + copy_to_user(ckop->crk_param[3].crp_p, key_req->pub_key, | ||
128 | + key_req->pub_key_len); | ||
129 | + copy_to_user(ckop->crk_param[4].crp_p, key_req->priv_key, | ||
130 | + key_req->priv_key_len); | ||
131 | } | ||
132 | } | ||
133 | default: | ||
134 | @@ -1113,16 +1104,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
135 | if (!list_empty(&pcr->asym_completed_list)) { | ||
136 | /* Run a loop in the list for upto elements | ||
137 | and copy their response back */ | ||
138 | - pkc = | ||
139 | - list_first_entry(&pcr->asym_completed_list, | ||
140 | + pkc = list_first_entry(&pcr->asym_completed_list, | ||
141 | struct cryptodev_pkc, list); | ||
142 | list_del(&pkc->list); | ||
143 | spin_unlock_bh(&pcr->completion_lock); | ||
144 | ret = crypto_async_fetch_asym(pkc); | ||
145 | if (!ret) { | ||
146 | cookie_list.cookie_available++; | ||
147 | - cookie_list.cookie[i] = | ||
148 | - pkc->kop.kop.cookie; | ||
149 | + cookie_list.cookie[i] = pkc->kop.kop.cookie; | ||
150 | cookie_list.status[i] = pkc->result.err; | ||
151 | } | ||
152 | kfree(pkc); | ||
153 | @@ -1133,12 +1122,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
154 | } | ||
155 | |||
156 | /* Reflect the updated request to user-space */ | ||
157 | - if (cookie_list.cookie_available) | ||
158 | - copy_to_user(arg, &cookie_list, | ||
159 | - sizeof(struct pkc_cookie_list_s)); | ||
160 | - else { | ||
161 | + if (cookie_list.cookie_available) { | ||
162 | + copy_to_user(arg, &cookie_list, sizeof(struct pkc_cookie_list_s)); | ||
163 | + } else { | ||
164 | struct pkc_cookie_list_s *user_ck_list = (void *)arg; | ||
165 | - | ||
166 | put_user(0, &(user_ck_list->cookie_available)); | ||
167 | } | ||
168 | ret = cookie_list.cookie_available; | ||
169 | diff --git a/main.c b/main.c | ||
170 | index 6365911..af66553 100644 | ||
171 | --- a/main.c | ||
172 | +++ b/main.c | ||
173 | @@ -666,9 +666,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) | ||
174 | if (pkc->type == SYNCHRONOUS) { | ||
175 | if (rc) | ||
176 | goto err; | ||
177 | - | ||
178 | - copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, | ||
179 | - rsa_req->g_len); | ||
180 | + copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); | ||
181 | } else { | ||
182 | if (rc != -EINPROGRESS && rc != 0) | ||
183 | goto err; | ||
184 | -- | ||
185 | 2.7.0 | ||
186 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0014-remove-redundant-data-copy-for-pkc-operations.patch b/recipes-kernel/cryptodev/sdk_patches/0014-remove-redundant-data-copy-for-pkc-operations.patch new file mode 100644 index 0000000..58d37fa --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0014-remove-redundant-data-copy-for-pkc-operations.patch | |||
@@ -0,0 +1,494 @@ | |||
1 | From a4d88e5379ddb7d9bceac3141f508b8173d1e902 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Mon, 23 Feb 2015 12:14:07 +0200 | ||
4 | Subject: [PATCH 14/38] remove redundant data copy for pkc operations | ||
5 | |||
6 | This patch removes a copy of a pkc request that was | ||
7 | allocated on the hot-path. The copy was not necessary | ||
8 | and was just slowing things down. | ||
9 | |||
10 | Change-Id: I3ad85f78c188f100ab9fc03a5777bb704a9dcb63 | ||
11 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
12 | Reviewed-on: http://git.am.freescale.net:8181/34223 | ||
13 | --- | ||
14 | cryptlib.c | 49 +++---------------- | ||
15 | cryptlib.h | 3 +- | ||
16 | ioctl.c | 17 +++---- | ||
17 | main.c | 162 +++++++++++++++++++++++++++++++++++++------------------------ | ||
18 | 4 files changed, 113 insertions(+), 118 deletions(-) | ||
19 | |||
20 | diff --git a/cryptlib.c b/cryptlib.c | ||
21 | index 21e691b..5882a30 100644 | ||
22 | --- a/cryptlib.c | ||
23 | +++ b/cryptlib.c | ||
24 | @@ -436,59 +436,22 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) | ||
25 | |||
26 | int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
27 | { | ||
28 | - int ret = 0; | ||
29 | - struct pkc_request *pkc_req = &pkc->req, *pkc_requested; | ||
30 | - | ||
31 | - switch (pkc_req->type) { | ||
32 | - case RSA_KEYGEN: | ||
33 | - case RSA_PUB: | ||
34 | - case RSA_PRIV_FORM1: | ||
35 | - case RSA_PRIV_FORM2: | ||
36 | - case RSA_PRIV_FORM3: | ||
37 | - pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0); | ||
38 | - break; | ||
39 | - case DSA_SIGN: | ||
40 | - case DSA_VERIFY: | ||
41 | - case ECDSA_SIGN: | ||
42 | - case ECDSA_VERIFY: | ||
43 | - case DLC_KEYGEN: | ||
44 | - case ECC_KEYGEN: | ||
45 | - pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0); | ||
46 | - break; | ||
47 | - case DH_COMPUTE_KEY: | ||
48 | - case ECDH_COMPUTE_KEY: | ||
49 | - pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0); | ||
50 | - break; | ||
51 | - default: | ||
52 | - return -EINVAL; | ||
53 | - } | ||
54 | - | ||
55 | - if (IS_ERR_OR_NULL(pkc->s)) | ||
56 | - return -EINVAL; | ||
57 | + int ret; | ||
58 | |||
59 | init_completion(&pkc->result.completion); | ||
60 | - pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL); | ||
61 | - | ||
62 | - if (unlikely(IS_ERR_OR_NULL(pkc_requested))) { | ||
63 | - ret = -ENOMEM; | ||
64 | - goto error; | ||
65 | - } | ||
66 | - pkc_requested->type = pkc_req->type; | ||
67 | - pkc_requested->curve_type = pkc_req->curve_type; | ||
68 | - memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u)); | ||
69 | - pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG, | ||
70 | + pkc_request_set_callback(pkc->req, CRYPTO_TFM_REQ_MAY_BACKLOG, | ||
71 | cryptodev_complete_asym, pkc); | ||
72 | - ret = crypto_pkc_op(pkc_requested); | ||
73 | + ret = crypto_pkc_op(pkc->req); | ||
74 | if (ret != -EINPROGRESS && ret != 0) | ||
75 | - goto error2; | ||
76 | + goto error; | ||
77 | |||
78 | if (pkc->type == SYNCHRONOUS) | ||
79 | ret = waitfor(&pkc->result, ret); | ||
80 | |||
81 | return ret; | ||
82 | -error2: | ||
83 | - kfree(pkc_requested); | ||
84 | + | ||
85 | error: | ||
86 | + kfree(pkc->req); | ||
87 | crypto_free_pkc(pkc->s); | ||
88 | return ret; | ||
89 | } | ||
90 | diff --git a/cryptlib.h b/cryptlib.h | ||
91 | index 7ffa54c..4fac0c8 100644 | ||
92 | --- a/cryptlib.h | ||
93 | +++ b/cryptlib.h | ||
94 | @@ -110,8 +110,7 @@ struct cryptodev_pkc { | ||
95 | struct crypto_pkc *s; /* Transform pointer from CryptoAPI */ | ||
96 | struct cryptodev_result result; /* Result to be updated by | ||
97 | completion handler */ | ||
98 | - struct pkc_request req; /* PKC request structure allocated | ||
99 | - from CryptoAPI */ | ||
100 | + struct pkc_request *req; /* PKC request allocated from CryptoAPI */ | ||
101 | enum offload_type type; /* Synchronous Vs Asynchronous request */ | ||
102 | /* | ||
103 | * cookie used for transfering tranparent information from async | ||
104 | diff --git a/ioctl.c b/ioctl.c | ||
105 | index ee0486c..797b73c 100644 | ||
106 | --- a/ioctl.c | ||
107 | +++ b/ioctl.c | ||
108 | @@ -708,26 +708,25 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
109 | int ret = 0; | ||
110 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
111 | struct crypt_kop *ckop = &kop->kop; | ||
112 | - struct pkc_request *pkc_req = &pkc->req; | ||
113 | |||
114 | switch (ckop->crk_op) { | ||
115 | case CRK_MOD_EXP: | ||
116 | { | ||
117 | - struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; | ||
118 | + struct rsa_pub_req_s *rsa_req = &pkc->req->req_u.rsa_pub_req; | ||
119 | copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); | ||
120 | } | ||
121 | break; | ||
122 | case CRK_MOD_EXP_CRT: | ||
123 | { | ||
124 | - struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3; | ||
125 | + struct rsa_priv_frm3_req_s *rsa_req = &pkc->req->req_u.rsa_priv_f3; | ||
126 | copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); | ||
127 | } | ||
128 | break; | ||
129 | case CRK_DSA_SIGN: | ||
130 | { | ||
131 | - struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; | ||
132 | + struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; | ||
133 | |||
134 | - if (pkc_req->type == ECDSA_SIGN) { | ||
135 | + if (pkc->req->type == ECDSA_SIGN) { | ||
136 | copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); | ||
137 | copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); | ||
138 | } else { | ||
139 | @@ -740,8 +739,8 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
140 | break; | ||
141 | case CRK_DH_COMPUTE_KEY: | ||
142 | { | ||
143 | - struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; | ||
144 | - if (pkc_req->type == ECDH_COMPUTE_KEY) | ||
145 | + struct dh_key_req_s *dh_req = &pkc->req->req_u.dh_req; | ||
146 | + if (pkc->req->type == ECDH_COMPUTE_KEY) | ||
147 | copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); | ||
148 | else | ||
149 | copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); | ||
150 | @@ -750,9 +749,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
151 | case CRK_DSA_GENERATE_KEY: | ||
152 | case CRK_DH_GENERATE_KEY: | ||
153 | { | ||
154 | - struct keygen_req_s *key_req = &pkc_req->req_u.keygen; | ||
155 | + struct keygen_req_s *key_req = &pkc->req->req_u.keygen; | ||
156 | |||
157 | - if (pkc_req->type == ECC_KEYGEN) { | ||
158 | + if (pkc->req->type == ECC_KEYGEN) { | ||
159 | copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, | ||
160 | key_req->pub_key_len); | ||
161 | copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, | ||
162 | diff --git a/main.c b/main.c | ||
163 | index af66553..ed1c69a 100644 | ||
164 | --- a/main.c | ||
165 | +++ b/main.c | ||
166 | @@ -186,8 +186,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) | ||
167 | { | ||
168 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
169 | struct crypt_kop *cop = &kop->kop; | ||
170 | - struct pkc_request *pkc_req = &pkc->req; | ||
171 | - struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; | ||
172 | + struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; | ||
173 | int rc, buf_size; | ||
174 | uint8_t *buf; | ||
175 | |||
176 | @@ -210,10 +209,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) | ||
177 | if (cop->crk_iparams == 6) { | ||
178 | dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; | ||
179 | buf_size += dsa_req->ab_len; | ||
180 | - pkc_req->type = ECDSA_SIGN; | ||
181 | - pkc_req->curve_type = cop->curve_type; | ||
182 | - } else { | ||
183 | - pkc_req->type = DSA_SIGN; | ||
184 | + pkc->req->curve_type = cop->curve_type; | ||
185 | } | ||
186 | |||
187 | buf = kmalloc(buf_size, GFP_DMA); | ||
188 | @@ -269,7 +265,6 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) | ||
189 | { | ||
190 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
191 | struct crypt_kop *cop = &kop->kop; | ||
192 | - struct pkc_request *pkc_req; | ||
193 | struct dsa_verify_req_s *dsa_req; | ||
194 | int rc, buf_size; | ||
195 | uint8_t *buf; | ||
196 | @@ -281,8 +276,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) | ||
197 | !cop->crk_param[7].crp_nbits)) | ||
198 | return -EINVAL; | ||
199 | |||
200 | - pkc_req = &pkc->req; | ||
201 | - dsa_req = &pkc_req->req_u.dsa_verify; | ||
202 | + dsa_req = &pkc->req->req_u.dsa_verify; | ||
203 | dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
204 | dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
205 | dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
206 | @@ -295,10 +289,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) | ||
207 | if (cop->crk_iparams == 8) { | ||
208 | dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; | ||
209 | buf_size += dsa_req->ab_len; | ||
210 | - pkc_req->type = ECDSA_VERIFY; | ||
211 | - pkc_req->curve_type = cop->curve_type; | ||
212 | - } else { | ||
213 | - pkc_req->type = DSA_VERIFY; | ||
214 | + pkc->req->curve_type = cop->curve_type; | ||
215 | } | ||
216 | |||
217 | buf = kmalloc(buf_size, GFP_DMA); | ||
218 | @@ -351,7 +342,6 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) | ||
219 | { | ||
220 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
221 | struct crypt_kop *cop = &kop->kop; | ||
222 | - struct pkc_request *pkc_req; | ||
223 | struct rsa_keygen_req_s *key_req; | ||
224 | int rc, buf_size; | ||
225 | uint8_t *buf; | ||
226 | @@ -362,9 +352,7 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) | ||
227 | !cop->crk_param[6].crp_nbits) | ||
228 | return -EINVAL; | ||
229 | |||
230 | - pkc_req = &pkc->req; | ||
231 | - pkc_req->type = RSA_KEYGEN; | ||
232 | - key_req = &pkc_req->req_u.rsa_keygen; | ||
233 | + key_req = &pkc->req->req_u.rsa_keygen; | ||
234 | key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
235 | key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8; | ||
236 | key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8; | ||
237 | @@ -427,7 +415,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
238 | { | ||
239 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
240 | struct crypt_kop *cop = &kop->kop; | ||
241 | - struct pkc_request *pkc_req; | ||
242 | struct keygen_req_s *key_req; | ||
243 | int rc, buf_size; | ||
244 | uint8_t *buf; | ||
245 | @@ -437,8 +424,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
246 | !cop->crk_param[4].crp_nbits) | ||
247 | return -EINVAL; | ||
248 | |||
249 | - pkc_req = &pkc->req; | ||
250 | - key_req = &pkc_req->req_u.keygen; | ||
251 | + key_req = &pkc->req->req_u.keygen; | ||
252 | key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
253 | key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
254 | key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
255 | @@ -447,7 +433,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
256 | key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
257 | buf_size = key_req->q_len + key_req->r_len + key_req->g_len + | ||
258 | key_req->pub_key_len + key_req->priv_key_len; | ||
259 | - pkc_req->type = DLC_KEYGEN; | ||
260 | } else { | ||
261 | key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
262 | key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
263 | @@ -455,8 +440,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
264 | buf_size = key_req->q_len + key_req->r_len + key_req->g_len + | ||
265 | key_req->pub_key_len + key_req->priv_key_len + | ||
266 | key_req->ab_len; | ||
267 | - pkc_req->type = ECC_KEYGEN; | ||
268 | - pkc_req->curve_type = cop->curve_type; | ||
269 | + pkc->req->curve_type = cop->curve_type; | ||
270 | } | ||
271 | |||
272 | buf = kmalloc(buf_size, GFP_DMA); | ||
273 | @@ -508,26 +492,22 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) | ||
274 | { | ||
275 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
276 | struct crypt_kop *cop = &kop->kop; | ||
277 | - struct pkc_request *pkc_req; | ||
278 | struct dh_key_req_s *dh_req; | ||
279 | int buf_size; | ||
280 | uint8_t *buf; | ||
281 | int rc = -EINVAL; | ||
282 | |||
283 | - pkc_req = &pkc->req; | ||
284 | - dh_req = &pkc_req->req_u.dh_req; | ||
285 | + dh_req = &pkc->req->req_u.dh_req; | ||
286 | dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
287 | dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
288 | dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
289 | buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len; | ||
290 | if (cop->crk_iparams == 4) { | ||
291 | - pkc_req->type = ECDH_COMPUTE_KEY; | ||
292 | dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
293 | dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8; | ||
294 | buf_size += dh_req->ab_len; | ||
295 | } else { | ||
296 | dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8; | ||
297 | - pkc_req->type = DH_COMPUTE_KEY; | ||
298 | } | ||
299 | buf_size += dh_req->z_len; | ||
300 | buf = kmalloc(buf_size, GFP_DMA); | ||
301 | @@ -539,7 +519,7 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) | ||
302 | dh_req->z = dh_req->pub_key + dh_req->pub_key_len; | ||
303 | if (cop->crk_iparams == 4) { | ||
304 | dh_req->ab = dh_req->z + dh_req->z_len; | ||
305 | - pkc_req->curve_type = cop->curve_type; | ||
306 | + pkc->req->curve_type = cop->curve_type; | ||
307 | copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, | ||
308 | dh_req->ab_len); | ||
309 | } | ||
310 | @@ -573,7 +553,6 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) | ||
311 | { | ||
312 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
313 | struct crypt_kop *cop = &kop->kop; | ||
314 | - struct pkc_request *pkc_req; | ||
315 | struct rsa_priv_frm3_req_s *rsa_req; | ||
316 | int rc; | ||
317 | uint8_t *buf; | ||
318 | @@ -583,9 +562,7 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) | ||
319 | !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits) | ||
320 | return -EINVAL; | ||
321 | |||
322 | - pkc_req = &pkc->req; | ||
323 | - pkc_req->type = RSA_PRIV_FORM3; | ||
324 | - rsa_req = &pkc_req->req_u.rsa_priv_f3; | ||
325 | + rsa_req = &pkc->req->req_u.rsa_priv_f3; | ||
326 | rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
327 | rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
328 | rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
329 | @@ -632,7 +609,6 @@ err: | ||
330 | |||
331 | int crypto_bn_modexp(struct cryptodev_pkc *pkc) | ||
332 | { | ||
333 | - struct pkc_request *pkc_req; | ||
334 | struct rsa_pub_req_s *rsa_req; | ||
335 | int rc; | ||
336 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
337 | @@ -643,9 +619,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) | ||
338 | !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits) | ||
339 | return -EINVAL; | ||
340 | |||
341 | - pkc_req = &pkc->req; | ||
342 | - pkc_req->type = RSA_PUB; | ||
343 | - rsa_req = &pkc_req->req_u.rsa_pub_req; | ||
344 | + rsa_req = &pkc->req->req_u.rsa_pub_req; | ||
345 | rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
346 | rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; | ||
347 | rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; | ||
348 | @@ -680,56 +654,116 @@ err: | ||
349 | return rc; | ||
350 | } | ||
351 | |||
352 | +static struct { | ||
353 | + char *alg_name; | ||
354 | + u32 type; | ||
355 | + u32 mask; | ||
356 | +} pkc_alg_list[] = { | ||
357 | + {"pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0}, | ||
358 | + {"pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0}, | ||
359 | + {"pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0}, | ||
360 | +}; | ||
361 | + | ||
362 | int crypto_run_asym(struct cryptodev_pkc *pkc) | ||
363 | { | ||
364 | - int ret = -EINVAL; | ||
365 | + int err = -EINVAL; | ||
366 | + int id; | ||
367 | struct kernel_crypt_kop *kop = &pkc->kop; | ||
368 | + enum pkc_req_type pkc_req_type; | ||
369 | + int (*call_next_action)(struct cryptodev_pkc *pkc); | ||
370 | |||
371 | switch (kop->kop.crk_op) { | ||
372 | case CRK_MOD_EXP: | ||
373 | if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1) | ||
374 | - goto err; | ||
375 | - | ||
376 | - ret = crypto_bn_modexp(pkc); | ||
377 | + return err; | ||
378 | + pkc_req_type = RSA_PUB; | ||
379 | + id = 0; | ||
380 | + call_next_action = crypto_bn_modexp; | ||
381 | break; | ||
382 | case CRK_MOD_EXP_CRT: | ||
383 | if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1) | ||
384 | - goto err; | ||
385 | - | ||
386 | - ret = crypto_modexp_crt(pkc); | ||
387 | + return err; | ||
388 | + pkc_req_type = RSA_PRIV_FORM3; | ||
389 | + id = 0; | ||
390 | + call_next_action = crypto_modexp_crt; | ||
391 | break; | ||
392 | case CRK_DSA_SIGN: | ||
393 | - if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) || | ||
394 | - kop->kop.crk_oparams != 2) | ||
395 | - goto err; | ||
396 | - | ||
397 | - ret = crypto_kop_dsasign(pkc); | ||
398 | + if (kop->kop.crk_oparams != 2) | ||
399 | + return err; | ||
400 | + else if (kop->kop.crk_iparams == 5) | ||
401 | + pkc_req_type = DSA_SIGN; | ||
402 | + else if (kop->kop.crk_iparams == 6) | ||
403 | + pkc_req_type = ECDSA_SIGN; | ||
404 | + else | ||
405 | + return err; | ||
406 | + id = 1; | ||
407 | + call_next_action = crypto_kop_dsasign; | ||
408 | break; | ||
409 | case CRK_DSA_VERIFY: | ||
410 | - if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) || | ||
411 | - kop->kop.crk_oparams != 0) | ||
412 | - goto err; | ||
413 | - | ||
414 | - ret = crypto_kop_dsaverify(pkc); | ||
415 | + if (kop->kop.crk_oparams != 0) | ||
416 | + return err; | ||
417 | + else if (kop->kop.crk_iparams == 7) | ||
418 | + pkc_req_type = DSA_VERIFY; | ||
419 | + else if (kop->kop.crk_iparams == 8) | ||
420 | + pkc_req_type = ECDSA_VERIFY; | ||
421 | + else | ||
422 | + return err; | ||
423 | + id = 1; | ||
424 | + call_next_action = crypto_kop_dsaverify; | ||
425 | break; | ||
426 | case CRK_DH_COMPUTE_KEY: | ||
427 | - if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) || | ||
428 | - kop->kop.crk_oparams != 1) | ||
429 | - goto err; | ||
430 | - ret = crypto_kop_dh_key(pkc); | ||
431 | + if (kop->kop.crk_oparams != 1) | ||
432 | + return err; | ||
433 | + else if (kop->kop.crk_iparams == 3) | ||
434 | + pkc_req_type = DH_COMPUTE_KEY; | ||
435 | + else if (kop->kop.crk_iparams == 4) | ||
436 | + pkc_req_type = ECDH_COMPUTE_KEY; | ||
437 | + else | ||
438 | + return err; | ||
439 | + id = 2; | ||
440 | + call_next_action = crypto_kop_dh_key; | ||
441 | break; | ||
442 | case CRK_DH_GENERATE_KEY: | ||
443 | case CRK_DSA_GENERATE_KEY: | ||
444 | - if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4)) | ||
445 | - goto err; | ||
446 | - ret = crypto_kop_keygen(pkc); | ||
447 | + if (kop->kop.crk_iparams == 3) | ||
448 | + pkc_req_type = DLC_KEYGEN; | ||
449 | + else if (kop->kop.crk_iparams == 4) | ||
450 | + pkc_req_type = ECC_KEYGEN; | ||
451 | + else | ||
452 | + return err; | ||
453 | + id = 1; | ||
454 | + call_next_action = crypto_kop_keygen; | ||
455 | break; | ||
456 | case CRK_RSA_GENERATE_KEY: | ||
457 | - ret = crypto_kop_rsa_keygen(pkc); | ||
458 | + pkc_req_type = RSA_KEYGEN; | ||
459 | + id = 0; | ||
460 | + call_next_action = crypto_kop_rsa_keygen; | ||
461 | break; | ||
462 | + default: | ||
463 | + return err; | ||
464 | } | ||
465 | -err: | ||
466 | - return ret; | ||
467 | + err = -ENOMEM; | ||
468 | + pkc->s = crypto_alloc_pkc(pkc_alg_list[id].alg_name, | ||
469 | + pkc_alg_list[id].type, | ||
470 | + pkc_alg_list[id].mask); | ||
471 | + if (IS_ERR_OR_NULL(pkc->s)) | ||
472 | + return err; | ||
473 | + | ||
474 | + pkc->req = pkc_request_alloc(pkc->s, GFP_KERNEL); | ||
475 | + if (IS_ERR_OR_NULL(pkc->req)) | ||
476 | + goto out_free_tfm; | ||
477 | + | ||
478 | + /* todo - fix alloc-free on error path */ | ||
479 | + pkc->req->type = pkc_req_type; | ||
480 | + err = call_next_action(pkc); | ||
481 | + if (pkc->type == SYNCHRONOUS) | ||
482 | + kfree(pkc->req); | ||
483 | + | ||
484 | + return err; | ||
485 | + | ||
486 | +out_free_tfm: | ||
487 | + crypto_free_pkc(pkc->s); | ||
488 | + return err; | ||
489 | } | ||
490 | |||
491 | int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop) | ||
492 | -- | ||
493 | 2.7.0 | ||
494 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0015-fix-pkc-request-deallocation.patch b/recipes-kernel/cryptodev/sdk_patches/0015-fix-pkc-request-deallocation.patch new file mode 100644 index 0000000..ef18992 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0015-fix-pkc-request-deallocation.patch | |||
@@ -0,0 +1,40 @@ | |||
1 | From 212e418fa7b70c8ba79446006001c574cb9d42f8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Mon, 23 Feb 2015 15:28:22 +0200 | ||
4 | Subject: [PATCH 15/38] fix pkc request deallocation | ||
5 | |||
6 | The request to be freed is actually pkc->req, and should be done inside | ||
7 | the fetch ioctl for ASYNC (this patch) and in crypt ioctl for SYNC | ||
8 | operations. | ||
9 | |||
10 | Change-Id: I6f046f2ebeae4cb513a419996ca96b52e37468ed | ||
11 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
12 | Reviewed-on: http://git.am.freescale.net:8181/34224 | ||
13 | --- | ||
14 | ioctl.c | 3 +-- | ||
15 | 1 file changed, 1 insertion(+), 2 deletions(-) | ||
16 | |||
17 | diff --git a/ioctl.c b/ioctl.c | ||
18 | index 797b73c..da3a842 100644 | ||
19 | --- a/ioctl.c | ||
20 | +++ b/ioctl.c | ||
21 | @@ -114,8 +114,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) | ||
22 | /* wake for POLLIN */ | ||
23 | wake_up_interruptible(&pcr->user_waiter); | ||
24 | } | ||
25 | - | ||
26 | - kfree(req); | ||
27 | } | ||
28 | |||
29 | #define FILL_SG(sg, ptr, len) \ | ||
30 | @@ -1113,6 +1111,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
31 | cookie_list.cookie[i] = pkc->kop.kop.cookie; | ||
32 | cookie_list.status[i] = pkc->result.err; | ||
33 | } | ||
34 | + kfree(pkc->req); | ||
35 | kfree(pkc); | ||
36 | } else { | ||
37 | spin_unlock_bh(&pcr->completion_lock); | ||
38 | -- | ||
39 | 2.7.0 | ||
40 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0016-add-basic-detection-of-asym-features.patch b/recipes-kernel/cryptodev/sdk_patches/0016-add-basic-detection-of-asym-features.patch new file mode 100644 index 0000000..9301349 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0016-add-basic-detection-of-asym-features.patch | |||
@@ -0,0 +1,37 @@ | |||
1 | From 4ce4081d9abef651473e9d7e089a0748f77db631 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Mon, 20 Apr 2015 13:18:47 +0300 | ||
4 | Subject: [PATCH 16/38] add basic detection of asym features | ||
5 | |||
6 | Change-Id: I3b3ba8664bf631a63be1f11e715024509e20f841 | ||
7 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
8 | --- | ||
9 | ioctl.c | 12 ++++++++---- | ||
10 | 1 file changed, 8 insertions(+), 4 deletions(-) | ||
11 | |||
12 | diff --git a/ioctl.c b/ioctl.c | ||
13 | index da3a842..53dbf64 100644 | ||
14 | --- a/ioctl.c | ||
15 | +++ b/ioctl.c | ||
16 | @@ -977,10 +977,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
17 | |||
18 | switch (cmd) { | ||
19 | case CIOCASYMFEAT: | ||
20 | - return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | | ||
21 | - CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | | ||
22 | - CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY | | ||
23 | - CRF_RSA_GENERATE_KEY, p); | ||
24 | + ses = 0; | ||
25 | + if (crypto_has_alg("pkc(rsa)", 0, 0)) | ||
26 | + ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_RSA_GENERATE_KEY; | ||
27 | + if (crypto_has_alg("pkc(dsa)", 0, 0)) | ||
28 | + ses |= CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DSA_GENERATE_KEY; | ||
29 | + if (crypto_has_alg("pkc(dh)", 0, 0)) | ||
30 | + ses |= CRF_DH_COMPUTE_KEY |CRF_DH_GENERATE_KEY; | ||
31 | + return put_user(ses, p); | ||
32 | case CRIOGET: | ||
33 | fd = clonefd(filp); | ||
34 | ret = put_user(fd, p); | ||
35 | -- | ||
36 | 2.7.0 | ||
37 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0017-remove-dead-code.patch b/recipes-kernel/cryptodev/sdk_patches/0017-remove-dead-code.patch new file mode 100644 index 0000000..07c389c --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0017-remove-dead-code.patch | |||
@@ -0,0 +1,67 @@ | |||
1 | From 0ca641091b4113d73e75d30ef530c88836849308 Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Fri, 29 May 2015 15:28:47 +0300 | ||
4 | Subject: [PATCH 17/38] remove dead code | ||
5 | |||
6 | Functions kop_to_user and compat_kop_to_user are never used. Delete them | ||
7 | to avoid compiler warnings. | ||
8 | |||
9 | |||
10 | crypto/../../cryptodev-linux/ioctl.c:841:12: warning: 'kop_to_user' defined but not used [-Wunused-function] | ||
11 | static int kop_to_user(struct kernel_crypt_kop *kop, | ||
12 | ^ | ||
13 | crypto/../../cryptodev-linux/ioctl.c: At top level: | ||
14 | crypto/../../cryptodev-linux/ioctl.c:1195:12: warning: 'compat_kop_to_user' defined but not used [-Wunused-function] | ||
15 | static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) | ||
16 | ^ | ||
17 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
18 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
19 | Change-Id: I6bd8a7eb6144224a20cd400813ab15a7a192dbb1 | ||
20 | Reviewed-on: http://git.am.freescale.net:8181/37440 | ||
21 | --- | ||
22 | ioctl.c | 22 ---------------------- | ||
23 | 1 file changed, 22 deletions(-) | ||
24 | |||
25 | diff --git a/ioctl.c b/ioctl.c | ||
26 | index 53dbf64..39635a4 100644 | ||
27 | --- a/ioctl.c | ||
28 | +++ b/ioctl.c | ||
29 | @@ -838,16 +838,6 @@ static int kop_from_user(struct kernel_crypt_kop *kop, | ||
30 | return fill_kop_from_cop(kop); | ||
31 | } | ||
32 | |||
33 | -static int kop_to_user(struct kernel_crypt_kop *kop, | ||
34 | - void __user *arg) | ||
35 | -{ | ||
36 | - if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) { | ||
37 | - dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); | ||
38 | - return -EFAULT; | ||
39 | - } | ||
40 | - return 0; | ||
41 | -} | ||
42 | - | ||
43 | static int kcop_from_user(struct kernel_crypt_op *kcop, | ||
44 | struct fcrypt *fcr, void __user *arg) | ||
45 | { | ||
46 | @@ -1192,18 +1182,6 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop, | ||
47 | compat->curve_type = kop->curve_type; | ||
48 | } | ||
49 | |||
50 | -static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) | ||
51 | -{ | ||
52 | - struct compat_crypt_kop compat_kop; | ||
53 | - | ||
54 | - crypt_kop_to_compat(&kop->kop, &compat_kop); | ||
55 | - if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) { | ||
56 | - dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); | ||
57 | - return -EFAULT; | ||
58 | - } | ||
59 | - return 0; | ||
60 | -} | ||
61 | - | ||
62 | static inline void | ||
63 | compat_to_session_op(struct compat_session_op *compat, struct session_op *sop) | ||
64 | { | ||
65 | -- | ||
66 | 2.7.0 | ||
67 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0018-fix-compat-warnings.patch b/recipes-kernel/cryptodev/sdk_patches/0018-fix-compat-warnings.patch new file mode 100644 index 0000000..b0fcf0f --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0018-fix-compat-warnings.patch | |||
@@ -0,0 +1,64 @@ | |||
1 | From 596378a22532908487f2c5e4d717c5ae618c4c7d Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Tue, 2 Jun 2015 10:44:12 +0300 | ||
4 | Subject: [PATCH 18/38] fix compat warnings | ||
5 | |||
6 | CC [M] crypto/../../cryptodev-linux/ioctl.o | ||
7 | crypto/../../cryptodev-linux/ioctl.c: In function 'compat_to_crypt_kop': | ||
8 | crypto/../../cryptodev-linux/ioctl.c:1161:14: warning: assignment makes pointer from integer without a cast | ||
9 | kop->cookie = compat->cookie; | ||
10 | ^ | ||
11 | crypto/../../cryptodev-linux/ioctl.c: In function 'crypt_kop_to_compat': | ||
12 | crypto/../../cryptodev-linux/ioctl.c:1191:17: warning: assignment makes integer from pointer without a cast | ||
13 | compat->cookie = kop->cookie; | ||
14 | ^ | ||
15 | crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl': | ||
16 | crypto/../../cryptodev-linux/ioctl.c:1430:28: warning: assignment makes integer from pointer without a cast | ||
17 | cookie_list.cookie[i] = | ||
18 | ^ | ||
19 | |||
20 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
21 | Change-Id: Id851408c0c743c01447f3b0ced38fbc1ae94d4db | ||
22 | Reviewed-on: http://git.am.freescale.net:8181/37442 | ||
23 | Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
24 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
25 | --- | ||
26 | ioctl.c | 8 ++++---- | ||
27 | 1 file changed, 4 insertions(+), 4 deletions(-) | ||
28 | |||
29 | diff --git a/ioctl.c b/ioctl.c | ||
30 | index 39635a4..f3ce2f6 100644 | ||
31 | --- a/ioctl.c | ||
32 | +++ b/ioctl.c | ||
33 | @@ -1148,7 +1148,7 @@ static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat, | ||
34 | } | ||
35 | |||
36 | kop->curve_type = compat->curve_type; | ||
37 | - kop->cookie = compat->cookie; | ||
38 | + kop->cookie = compat_ptr(compat->cookie); | ||
39 | } | ||
40 | |||
41 | static int compat_kop_from_user(struct kernel_crypt_kop *kop, | ||
42 | @@ -1178,7 +1178,7 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop, | ||
43 | ptr_to_compat(kop->crk_param[i].crp_p); | ||
44 | compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits; | ||
45 | } | ||
46 | - compat->cookie = kop->cookie; | ||
47 | + compat->cookie = ptr_to_compat(kop->cookie); | ||
48 | compat->curve_type = kop->curve_type; | ||
49 | } | ||
50 | |||
51 | @@ -1405,8 +1405,8 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
52 | ret = crypto_async_fetch_asym(pkc); | ||
53 | if (!ret) { | ||
54 | cookie_list.cookie_available++; | ||
55 | - cookie_list.cookie[i] = | ||
56 | - pkc->kop.kop.cookie; | ||
57 | + cookie_list.cookie[i] = ptr_to_compat( | ||
58 | + pkc->kop.kop.cookie); | ||
59 | } | ||
60 | kfree(pkc); | ||
61 | } else { | ||
62 | -- | ||
63 | 2.7.0 | ||
64 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0019-fix-size_t-print-format.patch b/recipes-kernel/cryptodev/sdk_patches/0019-fix-size_t-print-format.patch new file mode 100644 index 0000000..fdf8c5d --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0019-fix-size_t-print-format.patch | |||
@@ -0,0 +1,61 @@ | |||
1 | From 1d10f06bef0f07980a08b387850c1daf1d3a8e87 Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Tue, 2 Jun 2015 12:11:12 +0300 | ||
4 | Subject: [PATCH 19/38] fix size_t print format | ||
5 | |||
6 | CC [M] crypto/../../cryptodev-linux/cryptlib.o | ||
7 | crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_cipher_init': | ||
8 | crypto/../../cryptodev-linux/cryptlib.c:146:5: warning: format '%u' expects argument of type 'unsigned int', but argument 6 has type 'size_t' [-Wformat=] | ||
9 | ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", | ||
10 | ^ | ||
11 | crypto/../../cryptodev-linux/cryptlib.c:173:3: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=] | ||
12 | ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); | ||
13 | ^ | ||
14 | crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_hash_init': | ||
15 | crypto/../../cryptodev-linux/cryptlib.c:340:4: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=] | ||
16 | ddebug(1, "Setting hmac key failed for %s-%u.", | ||
17 | ^ | ||
18 | |||
19 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
20 | Change-Id: I67f2d79f68b4d62b598073c6a918a110523fadfd | ||
21 | Reviewed-on: http://git.am.freescale.net:8181/37443 | ||
22 | Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
23 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
24 | --- | ||
25 | cryptlib.c | 6 +++--- | ||
26 | 1 file changed, 3 insertions(+), 3 deletions(-) | ||
27 | |||
28 | diff --git a/cryptlib.c b/cryptlib.c | ||
29 | index 5882a30..10f5e1a 100644 | ||
30 | --- a/cryptlib.c | ||
31 | +++ b/cryptlib.c | ||
32 | @@ -143,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, | ||
33 | if (alg->max_keysize > 0 && | ||
34 | unlikely((keylen < alg->min_keysize) || | ||
35 | (keylen > alg->max_keysize))) { | ||
36 | - ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", | ||
37 | + ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.", | ||
38 | keylen, alg_name, alg->min_keysize, alg->max_keysize); | ||
39 | ret = -EINVAL; | ||
40 | goto error; | ||
41 | @@ -170,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, | ||
42 | } | ||
43 | |||
44 | if (unlikely(ret)) { | ||
45 | - ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); | ||
46 | + ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8); | ||
47 | ret = -EINVAL; | ||
48 | goto error; | ||
49 | } | ||
50 | @@ -337,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, | ||
51 | if (hmac_mode != 0) { | ||
52 | ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen); | ||
53 | if (unlikely(ret)) { | ||
54 | - ddebug(1, "Setting hmac key failed for %s-%u.", | ||
55 | + ddebug(1, "Setting hmac key failed for %s-%zu.", | ||
56 | alg_name, mackeylen*8); | ||
57 | ret = -EINVAL; | ||
58 | goto error; | ||
59 | -- | ||
60 | 2.7.0 | ||
61 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0020-fix-uninitialized-variable-compiler-warning.patch b/recipes-kernel/cryptodev/sdk_patches/0020-fix-uninitialized-variable-compiler-warning.patch new file mode 100644 index 0000000..dddd77e --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0020-fix-uninitialized-variable-compiler-warning.patch | |||
@@ -0,0 +1,38 @@ | |||
1 | From be9f6a0dc90847dbb00307d23f47b8b3fc3ff130 Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Fri, 29 May 2015 15:49:22 +0300 | ||
4 | Subject: [PATCH 20/38] fix uninitialized variable compiler warning | ||
5 | |||
6 | crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl': | ||
7 | crypto/../../cryptodev-linux/ioctl.c:1445:2: warning: 'ret' may be used uninitialized in this function [-Wmaybe-uninitialized] | ||
8 | return ret; | ||
9 | ^ | ||
10 | |||
11 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
12 | Change-Id: Id5226fc97a3bb880ca6db86df58957122bbaa428 | ||
13 | Reviewed-on: http://git.am.freescale.net:8181/37441 | ||
14 | Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
15 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
16 | --- | ||
17 | ioctl.c | 3 ++- | ||
18 | 1 file changed, 2 insertions(+), 1 deletion(-) | ||
19 | |||
20 | diff --git a/ioctl.c b/ioctl.c | ||
21 | index f3ce2f6..7cd3c56 100644 | ||
22 | --- a/ioctl.c | ||
23 | +++ b/ioctl.c | ||
24 | @@ -1387,9 +1387,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
25 | case COMPAT_CIOCASYMFETCHCOOKIE: | ||
26 | { | ||
27 | struct cryptodev_pkc *pkc; | ||
28 | - int i = 0; | ||
29 | + int i; | ||
30 | struct compat_pkc_cookie_list_s cookie_list; | ||
31 | |||
32 | + ret = 0; | ||
33 | cookie_list.cookie_available = 0; | ||
34 | |||
35 | for (i = 0; i < MAX_COOKIES; i++) { | ||
36 | -- | ||
37 | 2.7.0 | ||
38 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0021-check-return-codes-for-copy-to-from-user-functions.patch b/recipes-kernel/cryptodev/sdk_patches/0021-check-return-codes-for-copy-to-from-user-functions.patch new file mode 100644 index 0000000..2cace5f --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0021-check-return-codes-for-copy-to-from-user-functions.patch | |||
@@ -0,0 +1,398 @@ | |||
1 | From 4078382cfc69c0f5e582d485fe8cc778f9e458d1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Mon, 21 Sep 2015 16:39:52 +0300 | ||
4 | Subject: [PATCH 21/38] check return codes for copy to/from user functions | ||
5 | |||
6 | - these functions may fail and we should check their return codes. | ||
7 | - fix an unintended fall-through in CRK_DSA_GENERATE_KEY | ||
8 | - fix incorrect return code for CIOCASYMFETCHCOOKIE | ||
9 | |||
10 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
11 | --- | ||
12 | ioctl.c | 42 +++++++-------- | ||
13 | main.c | 183 ++++++++++++++++++++++++++++++---------------------------------- | ||
14 | 2 files changed, 108 insertions(+), 117 deletions(-) | ||
15 | |||
16 | diff --git a/ioctl.c b/ioctl.c | ||
17 | index 7cd3c56..8fa3e5c 100644 | ||
18 | --- a/ioctl.c | ||
19 | +++ b/ioctl.c | ||
20 | @@ -711,13 +711,13 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
21 | case CRK_MOD_EXP: | ||
22 | { | ||
23 | struct rsa_pub_req_s *rsa_req = &pkc->req->req_u.rsa_pub_req; | ||
24 | - copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); | ||
25 | + ret = copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); | ||
26 | } | ||
27 | break; | ||
28 | case CRK_MOD_EXP_CRT: | ||
29 | { | ||
30 | struct rsa_priv_frm3_req_s *rsa_req = &pkc->req->req_u.rsa_priv_f3; | ||
31 | - copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); | ||
32 | + ret = copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); | ||
33 | } | ||
34 | break; | ||
35 | case CRK_DSA_SIGN: | ||
36 | @@ -725,11 +725,11 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
37 | struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; | ||
38 | |||
39 | if (pkc->req->type == ECDSA_SIGN) { | ||
40 | - copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); | ||
41 | - copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); | ||
42 | + ret = copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len) || | ||
43 | + copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); | ||
44 | } else { | ||
45 | - copy_to_user(ckop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len); | ||
46 | - copy_to_user(ckop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); | ||
47 | + ret = copy_to_user(ckop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len) || | ||
48 | + copy_to_user(ckop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); | ||
49 | } | ||
50 | } | ||
51 | break; | ||
52 | @@ -739,9 +739,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
53 | { | ||
54 | struct dh_key_req_s *dh_req = &pkc->req->req_u.dh_req; | ||
55 | if (pkc->req->type == ECDH_COMPUTE_KEY) | ||
56 | - copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); | ||
57 | + ret = copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); | ||
58 | else | ||
59 | - copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); | ||
60 | + ret = copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); | ||
61 | } | ||
62 | break; | ||
63 | case CRK_DSA_GENERATE_KEY: | ||
64 | @@ -750,16 +750,17 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) | ||
65 | struct keygen_req_s *key_req = &pkc->req->req_u.keygen; | ||
66 | |||
67 | if (pkc->req->type == ECC_KEYGEN) { | ||
68 | - copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, | ||
69 | - key_req->pub_key_len); | ||
70 | - copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, | ||
71 | + ret = copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, | ||
72 | + key_req->pub_key_len) || | ||
73 | + copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, | ||
74 | key_req->priv_key_len); | ||
75 | } else { | ||
76 | - copy_to_user(ckop->crk_param[3].crp_p, key_req->pub_key, | ||
77 | - key_req->pub_key_len); | ||
78 | - copy_to_user(ckop->crk_param[4].crp_p, key_req->priv_key, | ||
79 | + ret = copy_to_user(ckop->crk_param[3].crp_p, key_req->pub_key, | ||
80 | + key_req->pub_key_len) || | ||
81 | + copy_to_user(ckop->crk_param[4].crp_p, key_req->priv_key, | ||
82 | key_req->priv_key_len); | ||
83 | } | ||
84 | + break; | ||
85 | } | ||
86 | default: | ||
87 | ret = -EINVAL; | ||
88 | @@ -1115,14 +1116,12 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
89 | |||
90 | /* Reflect the updated request to user-space */ | ||
91 | if (cookie_list.cookie_available) { | ||
92 | - copy_to_user(arg, &cookie_list, sizeof(struct pkc_cookie_list_s)); | ||
93 | + ret = copy_to_user(arg, &cookie_list, sizeof(struct pkc_cookie_list_s)); | ||
94 | } else { | ||
95 | struct pkc_cookie_list_s *user_ck_list = (void *)arg; | ||
96 | - put_user(0, &(user_ck_list->cookie_available)); | ||
97 | + ret = put_user(0, &(user_ck_list->cookie_available)); | ||
98 | } | ||
99 | - ret = cookie_list.cookie_available; | ||
100 | } | ||
101 | - | ||
102 | return ret; | ||
103 | default: | ||
104 | return -EINVAL; | ||
105 | @@ -1417,9 +1416,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
106 | } | ||
107 | |||
108 | /* Reflect the updated request to user-space */ | ||
109 | - if (cookie_list.cookie_available) | ||
110 | - copy_to_user(arg, &cookie_list, | ||
111 | - sizeof(struct compat_pkc_cookie_list_s)); | ||
112 | + if (cookie_list.cookie_available) { | ||
113 | + ret = copy_to_user(arg, &cookie_list, | ||
114 | + sizeof(struct compat_pkc_cookie_list_s)); | ||
115 | + } | ||
116 | } | ||
117 | return ret; | ||
118 | default: | ||
119 | diff --git a/main.c b/main.c | ||
120 | index ed1c69a..e5adb93 100644 | ||
121 | --- a/main.c | ||
122 | +++ b/main.c | ||
123 | @@ -223,31 +223,29 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) | ||
124 | dsa_req->m = dsa_req->priv_key + dsa_req->priv_key_len; | ||
125 | dsa_req->c = dsa_req->m + dsa_req->m_len; | ||
126 | dsa_req->d = dsa_req->c + dsa_req->d_len; | ||
127 | - copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); | ||
128 | - copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); | ||
129 | - copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); | ||
130 | - copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); | ||
131 | - copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p, | ||
132 | - dsa_req->priv_key_len); | ||
133 | + rc = copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len) || | ||
134 | + copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len) || | ||
135 | + copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len) || | ||
136 | + copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len) || | ||
137 | + copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p, dsa_req->priv_key_len); | ||
138 | if (cop->crk_iparams == 6) { | ||
139 | dsa_req->ab = dsa_req->d + dsa_req->d_len; | ||
140 | - copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, | ||
141 | + rc = rc || copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, | ||
142 | dsa_req->ab_len); | ||
143 | } | ||
144 | + if (rc) | ||
145 | + goto err; | ||
146 | + | ||
147 | rc = cryptodev_pkc_offload(pkc); | ||
148 | if (pkc->type == SYNCHRONOUS) { | ||
149 | - if (rc) | ||
150 | - goto err; | ||
151 | if (cop->crk_iparams == 6) { | ||
152 | - copy_to_user(cop->crk_param[6].crp_p, dsa_req->c, | ||
153 | - dsa_req->d_len); | ||
154 | - copy_to_user(cop->crk_param[7].crp_p, dsa_req->d, | ||
155 | - dsa_req->d_len); | ||
156 | + rc = rc || | ||
157 | + copy_to_user(cop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len) || | ||
158 | + copy_to_user(cop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); | ||
159 | } else { | ||
160 | - copy_to_user(cop->crk_param[5].crp_p, dsa_req->c, | ||
161 | - dsa_req->d_len); | ||
162 | - copy_to_user(cop->crk_param[6].crp_p, dsa_req->d, | ||
163 | - dsa_req->d_len); | ||
164 | + rc = rc || | ||
165 | + copy_to_user(cop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len) || | ||
166 | + copy_to_user(cop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); | ||
167 | } | ||
168 | } else { | ||
169 | if (rc != -EINPROGRESS && rc != 0) | ||
170 | @@ -303,31 +301,28 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) | ||
171 | dsa_req->m = dsa_req->pub_key + dsa_req->pub_key_len; | ||
172 | dsa_req->c = dsa_req->m + dsa_req->m_len; | ||
173 | dsa_req->d = dsa_req->c + dsa_req->d_len; | ||
174 | - copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); | ||
175 | - copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); | ||
176 | - copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); | ||
177 | - copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); | ||
178 | - copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p, | ||
179 | - dsa_req->pub_key_len); | ||
180 | + rc = copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len) || | ||
181 | + copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len) || | ||
182 | + copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len) || | ||
183 | + copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len) || | ||
184 | + copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p, dsa_req->pub_key_len); | ||
185 | if (cop->crk_iparams == 8) { | ||
186 | dsa_req->ab = dsa_req->d + dsa_req->d_len; | ||
187 | - copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, | ||
188 | - dsa_req->ab_len); | ||
189 | - copy_from_user(dsa_req->c, cop->crk_param[6].crp_p, | ||
190 | - dsa_req->d_len); | ||
191 | - copy_from_user(dsa_req->d, cop->crk_param[7].crp_p, | ||
192 | - dsa_req->d_len); | ||
193 | + rc = rc || | ||
194 | + copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, dsa_req->ab_len) || | ||
195 | + copy_from_user(dsa_req->c, cop->crk_param[6].crp_p, dsa_req->d_len) || | ||
196 | + copy_from_user(dsa_req->d, cop->crk_param[7].crp_p, dsa_req->d_len); | ||
197 | } else { | ||
198 | - copy_from_user(dsa_req->c, cop->crk_param[5].crp_p, | ||
199 | - dsa_req->d_len); | ||
200 | - copy_from_user(dsa_req->d, cop->crk_param[6].crp_p, | ||
201 | - dsa_req->d_len); | ||
202 | + rc = rc || | ||
203 | + copy_from_user(dsa_req->c, cop->crk_param[5].crp_p, dsa_req->d_len) || | ||
204 | + copy_from_user(dsa_req->d, cop->crk_param[6].crp_p, dsa_req->d_len); | ||
205 | } | ||
206 | + | ||
207 | + if (rc) | ||
208 | + goto err; | ||
209 | + | ||
210 | rc = cryptodev_pkc_offload(pkc); | ||
211 | - if (pkc->type == SYNCHRONOUS) { | ||
212 | - if (rc) | ||
213 | - goto err; | ||
214 | - } else { | ||
215 | + if (pkc->type != SYNCHRONOUS) { | ||
216 | if (rc != -EINPROGRESS && !rc) | ||
217 | goto err; | ||
218 | pkc->cookie = buf; | ||
219 | @@ -380,24 +375,15 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) | ||
220 | rc = cryptodev_pkc_offload(pkc); | ||
221 | |||
222 | if (pkc->type == SYNCHRONOUS) { | ||
223 | - if (rc) | ||
224 | - goto err; | ||
225 | - | ||
226 | - copy_to_user(cop->crk_param[0].crp_p, | ||
227 | - key_req->p, key_req->p_len); | ||
228 | - copy_to_user(cop->crk_param[1].crp_p, | ||
229 | - key_req->q, key_req->q_len); | ||
230 | - copy_to_user(cop->crk_param[2].crp_p, | ||
231 | - key_req->n, key_req->n_len); | ||
232 | - copy_to_user(cop->crk_param[3].crp_p, | ||
233 | - key_req->d, key_req->d_len); | ||
234 | - copy_to_user(cop->crk_param[4].crp_p, | ||
235 | - key_req->dp, key_req->dp_len); | ||
236 | - copy_to_user(cop->crk_param[5].crp_p, | ||
237 | - key_req->dq, key_req->dq_len); | ||
238 | - copy_to_user(cop->crk_param[6].crp_p, | ||
239 | - key_req->c, key_req->c_len); | ||
240 | - } else { | ||
241 | + rc = rc || | ||
242 | + copy_to_user(cop->crk_param[0].crp_p, key_req->p, key_req->p_len) || | ||
243 | + copy_to_user(cop->crk_param[1].crp_p, key_req->q, key_req->q_len) || | ||
244 | + copy_to_user(cop->crk_param[2].crp_p, key_req->n, key_req->n_len) || | ||
245 | + copy_to_user(cop->crk_param[3].crp_p, key_req->d, key_req->d_len) || | ||
246 | + copy_to_user(cop->crk_param[4].crp_p, key_req->dp, key_req->dp_len) || | ||
247 | + copy_to_user(cop->crk_param[5].crp_p, key_req->dq, key_req->dq_len) || | ||
248 | + copy_to_user(cop->crk_param[6].crp_p, key_req->c, key_req->c_len); | ||
249 | + } else { | ||
250 | if (rc != -EINPROGRESS && !rc) { | ||
251 | printk("%s: Failed\n", __func__); | ||
252 | goto err; | ||
253 | @@ -451,30 +437,33 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) | ||
254 | key_req->g = key_req->r + key_req->r_len; | ||
255 | key_req->pub_key = key_req->g + key_req->g_len; | ||
256 | key_req->priv_key = key_req->pub_key + key_req->pub_key_len; | ||
257 | - copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); | ||
258 | - copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); | ||
259 | - copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); | ||
260 | + rc = copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len) || | ||
261 | + copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len) || | ||
262 | + copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); | ||
263 | + | ||
264 | if (cop->crk_iparams == 4) { | ||
265 | key_req->ab = key_req->priv_key + key_req->priv_key_len; | ||
266 | - copy_from_user(key_req->ab, cop->crk_param[3].crp_p, | ||
267 | + rc = rc || copy_from_user(key_req->ab, cop->crk_param[3].crp_p, | ||
268 | key_req->ab_len); | ||
269 | } | ||
270 | |||
271 | + if (rc) | ||
272 | + goto err; | ||
273 | + | ||
274 | rc = cryptodev_pkc_offload(pkc); | ||
275 | if (pkc->type == SYNCHRONOUS) { | ||
276 | - if (rc) | ||
277 | - goto err; | ||
278 | - | ||
279 | if (cop->crk_iparams == 4) { | ||
280 | - copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key, | ||
281 | - key_req->pub_key_len); | ||
282 | - copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key, | ||
283 | + rc = rc || | ||
284 | + copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key, | ||
285 | + key_req->pub_key_len) || | ||
286 | + copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key, | ||
287 | key_req->priv_key_len); | ||
288 | } else { | ||
289 | - copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key, | ||
290 | - key_req->pub_key_len); | ||
291 | - copy_to_user(cop->crk_param[4].crp_p, | ||
292 | - key_req->priv_key, key_req->priv_key_len); | ||
293 | + rc = rc || | ||
294 | + copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key, | ||
295 | + key_req->pub_key_len) || | ||
296 | + copy_to_user(cop->crk_param[4].crp_p, key_req->priv_key, | ||
297 | + key_req->priv_key_len); | ||
298 | } | ||
299 | } else { | ||
300 | if (rc != -EINPROGRESS && !rc) | ||
301 | @@ -495,7 +484,7 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) | ||
302 | struct dh_key_req_s *dh_req; | ||
303 | int buf_size; | ||
304 | uint8_t *buf; | ||
305 | - int rc = -EINVAL; | ||
306 | + int rc = 0; | ||
307 | |||
308 | dh_req = &pkc->req->req_u.dh_req; | ||
309 | dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; | ||
310 | @@ -520,22 +509,23 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) | ||
311 | if (cop->crk_iparams == 4) { | ||
312 | dh_req->ab = dh_req->z + dh_req->z_len; | ||
313 | pkc->req->curve_type = cop->curve_type; | ||
314 | - copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, | ||
315 | - dh_req->ab_len); | ||
316 | + rc = copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, dh_req->ab_len); | ||
317 | } | ||
318 | - copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len); | ||
319 | - copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p, | ||
320 | - dh_req->pub_key_len); | ||
321 | - copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len); | ||
322 | + | ||
323 | + rc = rc || | ||
324 | + copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len) || | ||
325 | + copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p, dh_req->pub_key_len) || | ||
326 | + copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len); | ||
327 | + if (rc) | ||
328 | + goto err; | ||
329 | + | ||
330 | rc = cryptodev_pkc_offload(pkc); | ||
331 | if (pkc->type == SYNCHRONOUS) { | ||
332 | - if (rc) | ||
333 | - goto err; | ||
334 | if (cop->crk_iparams == 4) | ||
335 | - copy_to_user(cop->crk_param[4].crp_p, dh_req->z, | ||
336 | + rc = rc || copy_to_user(cop->crk_param[4].crp_p, dh_req->z, | ||
337 | dh_req->z_len); | ||
338 | else | ||
339 | - copy_to_user(cop->crk_param[3].crp_p, dh_req->z, | ||
340 | + rc = rc || copy_to_user(cop->crk_param[3].crp_p, dh_req->z, | ||
341 | dh_req->z_len); | ||
342 | } else { | ||
343 | if (rc != -EINPROGRESS && rc != 0) | ||
344 | @@ -582,19 +572,19 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) | ||
345 | rsa_req->dq = rsa_req->dp + rsa_req->dp_len; | ||
346 | rsa_req->c = rsa_req->dq + rsa_req->dq_len; | ||
347 | rsa_req->f = rsa_req->c + rsa_req->c_len; | ||
348 | - copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len); | ||
349 | - copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len); | ||
350 | - copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len); | ||
351 | - copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len); | ||
352 | - copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len); | ||
353 | - copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len); | ||
354 | + rc = copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len) || | ||
355 | + copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len) || | ||
356 | + copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len) || | ||
357 | + copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len) || | ||
358 | + copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len) || | ||
359 | + copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len); | ||
360 | + if (rc) | ||
361 | + goto err; | ||
362 | + | ||
363 | rc = cryptodev_pkc_offload(pkc); | ||
364 | |||
365 | if (pkc->type == SYNCHRONOUS) { | ||
366 | - if (rc) | ||
367 | - goto err; | ||
368 | - copy_to_user(cop->crk_param[6].crp_p, rsa_req->f, | ||
369 | - rsa_req->f_len); | ||
370 | + rc = rc || copy_to_user(cop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); | ||
371 | } else { | ||
372 | if (rc != -EINPROGRESS && rc != 0) | ||
373 | goto err; | ||
374 | @@ -633,14 +623,15 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) | ||
375 | rsa_req->f = rsa_req->e + rsa_req->e_len; | ||
376 | rsa_req->g = rsa_req->f + rsa_req->f_len; | ||
377 | rsa_req->n = rsa_req->g + rsa_req->g_len; | ||
378 | - copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len); | ||
379 | - copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len); | ||
380 | - copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len); | ||
381 | + rc = copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len) || | ||
382 | + copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len) || | ||
383 | + copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len); | ||
384 | + if (rc) | ||
385 | + goto err; | ||
386 | + | ||
387 | rc = cryptodev_pkc_offload(pkc); | ||
388 | if (pkc->type == SYNCHRONOUS) { | ||
389 | - if (rc) | ||
390 | - goto err; | ||
391 | - copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); | ||
392 | + rc = rc || copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); | ||
393 | } else { | ||
394 | if (rc != -EINPROGRESS && rc != 0) | ||
395 | goto err; | ||
396 | -- | ||
397 | 2.7.0 | ||
398 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0022-fix-double-free-pkc-req-on-error.patch b/recipes-kernel/cryptodev/sdk_patches/0022-fix-double-free-pkc-req-on-error.patch new file mode 100644 index 0000000..7bc177e --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0022-fix-double-free-pkc-req-on-error.patch | |||
@@ -0,0 +1,26 @@ | |||
1 | From 85146b8429ba11bd0be68c24c17dd77b21ec8c25 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Mon, 12 Oct 2015 23:03:28 +0300 | ||
4 | Subject: [PATCH 22/38] fix double free pkc->req on error | ||
5 | |||
6 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
7 | --- | ||
8 | main.c | 2 +- | ||
9 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
10 | |||
11 | diff --git a/main.c b/main.c | ||
12 | index e5adb93..ec11129 100644 | ||
13 | --- a/main.c | ||
14 | +++ b/main.c | ||
15 | @@ -747,7 +747,7 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) | ||
16 | /* todo - fix alloc-free on error path */ | ||
17 | pkc->req->type = pkc_req_type; | ||
18 | err = call_next_action(pkc); | ||
19 | - if (pkc->type == SYNCHRONOUS) | ||
20 | + if (err == 0 && pkc->type == SYNCHRONOUS) | ||
21 | kfree(pkc->req); | ||
22 | |||
23 | return err; | ||
24 | -- | ||
25 | 2.7.0 | ||
26 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0023-remove-MAY_BACKLOG-flag-from-requests.patch b/recipes-kernel/cryptodev/sdk_patches/0023-remove-MAY_BACKLOG-flag-from-requests.patch new file mode 100644 index 0000000..5674e03 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0023-remove-MAY_BACKLOG-flag-from-requests.patch | |||
@@ -0,0 +1,69 @@ | |||
1 | From 7d0d0deb255f8c59b0cf6d3944ee2e3be4133b4c Mon Sep 17 00:00:00 2001 | ||
2 | From: Alex Porosanu <alexandru.porosanu@freescale.com> | ||
3 | Date: Mon, 19 Oct 2015 11:53:11 +0300 | ||
4 | Subject: [PATCH 23/38] remove MAY_BACKLOG flag from requests | ||
5 | |||
6 | cryptodev doesn't implement the backlogging mechanism properly, | ||
7 | since it misses the possibility of sleeping and waiting for | ||
8 | wake-up when the crypto driver below starts working on the | ||
9 | submitted backloggable request. | ||
10 | In case the crypto driver below implements backlogging mechanisms, | ||
11 | this can lead to side-effects such as working on previously-free'ed | ||
12 | data. | ||
13 | This patch removes the MAY_BACKLOG flag from the requests. | ||
14 | |||
15 | Change-Id: Ia3d822b1abfc1a51e2ce3e9682476b2c99d19c5a | ||
16 | Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com> | ||
17 | --- | ||
18 | cryptlib.c | 14 +++++--------- | ||
19 | 1 file changed, 5 insertions(+), 9 deletions(-) | ||
20 | |||
21 | diff --git a/cryptlib.c b/cryptlib.c | ||
22 | index 10f5e1a..eba4616 100644 | ||
23 | --- a/cryptlib.c | ||
24 | +++ b/cryptlib.c | ||
25 | @@ -194,8 +194,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, | ||
26 | goto error; | ||
27 | } | ||
28 | |||
29 | - ablkcipher_request_set_callback(out->async.request, | ||
30 | - CRYPTO_TFM_REQ_MAY_BACKLOG, | ||
31 | + ablkcipher_request_set_callback(out->async.request, 0, | ||
32 | cryptodev_complete, out->async.result); | ||
33 | } else { | ||
34 | out->async.arequest = aead_request_alloc(out->async.as, GFP_KERNEL); | ||
35 | @@ -205,8 +204,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, | ||
36 | goto error; | ||
37 | } | ||
38 | |||
39 | - aead_request_set_callback(out->async.arequest, | ||
40 | - CRYPTO_TFM_REQ_MAY_BACKLOG, | ||
41 | + aead_request_set_callback(out->async.arequest, 0, | ||
42 | cryptodev_complete, out->async.result); | ||
43 | } | ||
44 | |||
45 | @@ -362,9 +360,8 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, | ||
46 | goto error; | ||
47 | } | ||
48 | |||
49 | - ahash_request_set_callback(hdata->async.request, | ||
50 | - CRYPTO_TFM_REQ_MAY_BACKLOG, | ||
51 | - cryptodev_complete, hdata->async.result); | ||
52 | + ahash_request_set_callback(hdata->async.request, 0, | ||
53 | + cryptodev_complete, hdata->async.result); | ||
54 | |||
55 | ret = crypto_ahash_init(hdata->async.request); | ||
56 | if (unlikely(ret)) { | ||
57 | @@ -439,8 +436,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
58 | int ret; | ||
59 | |||
60 | init_completion(&pkc->result.completion); | ||
61 | - pkc_request_set_callback(pkc->req, CRYPTO_TFM_REQ_MAY_BACKLOG, | ||
62 | - cryptodev_complete_asym, pkc); | ||
63 | + pkc_request_set_callback(pkc->req, 0, cryptodev_complete_asym, pkc); | ||
64 | ret = crypto_pkc_op(pkc->req); | ||
65 | if (ret != -EINPROGRESS && ret != 0) | ||
66 | goto error; | ||
67 | -- | ||
68 | 2.7.0 | ||
69 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0024-fix-COMPAT_CIOCKEY-ioctl-command-number.patch b/recipes-kernel/cryptodev/sdk_patches/0024-fix-COMPAT_CIOCKEY-ioctl-command-number.patch new file mode 100644 index 0000000..7277086 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0024-fix-COMPAT_CIOCKEY-ioctl-command-number.patch | |||
@@ -0,0 +1,29 @@ | |||
1 | From 53e4d0fe4a334dae3df32b2053e4ebdfda2e9148 Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Tue, 27 Oct 2015 15:51:02 +0200 | ||
4 | Subject: [PATCH 24/38] fix COMPAT_CIOCKEY ioctl command number | ||
5 | |||
6 | CIOCKEY and COMPAT_CIOCKEY had different command numbers, | ||
7 | so that 32-bit applications got EINVAL error on 64-bit kernel. | ||
8 | |||
9 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
10 | --- | ||
11 | cryptodev_int.h | 2 +- | ||
12 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
13 | |||
14 | diff --git a/cryptodev_int.h b/cryptodev_int.h | ||
15 | index c83c885..cb005d7 100644 | ||
16 | --- a/cryptodev_int.h | ||
17 | +++ b/cryptodev_int.h | ||
18 | @@ -132,7 +132,7 @@ struct compat_crypt_auth_op { | ||
19 | /* compat ioctls, defined for the above structs */ | ||
20 | #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) | ||
21 | #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) | ||
22 | -#define COMPAT_CIOCKEY _IOW('c', 105, struct compat_crypt_kop) | ||
23 | +#define COMPAT_CIOCKEY _IOWR('c', 105, struct compat_crypt_kop) | ||
24 | #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) | ||
25 | #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) | ||
26 | #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) | ||
27 | -- | ||
28 | 2.7.0 | ||
29 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0025-fix-benchmarks-linking.patch b/recipes-kernel/cryptodev/sdk_patches/0025-fix-benchmarks-linking.patch new file mode 100644 index 0000000..608c681 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0025-fix-benchmarks-linking.patch | |||
@@ -0,0 +1,25 @@ | |||
1 | From 978cfcf9253c409520c0f168f8caa249f50a8843 Mon Sep 17 00:00:00 2001 | ||
2 | From: Fridolin Pokorny <fpokorny@redhat.com> | ||
3 | Date: Fri, 8 Jan 2016 09:38:29 +0100 | ||
4 | Subject: [PATCH 25/38] fix benchmarks linking | ||
5 | |||
6 | --- | ||
7 | lib/Makefile | 2 +- | ||
8 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
9 | |||
10 | diff --git a/lib/Makefile b/lib/Makefile | ||
11 | index af87795..3bedc34 100644 | ||
12 | --- a/lib/Makefile | ||
13 | +++ b/lib/Makefile | ||
14 | @@ -3,7 +3,7 @@ CFLAGS=-g -O2 -Wall | ||
15 | all: benchmark | ||
16 | |||
17 | benchmark: main.c libthreshold.a | ||
18 | - gcc $(CFLAGS) -DDEBUG -o $@ $^ -lssl libthreshold.a | ||
19 | + gcc $(CFLAGS) -DDEBUG -o $@ $^ -lssl -lcrypto libthreshold.a | ||
20 | |||
21 | .o: | ||
22 | gcc $(CCFLAGS) -c $< -o $@ | ||
23 | -- | ||
24 | 2.7.0 | ||
25 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0026-fix-Makefile-to-allow-parallel-make-with-j-option.patch b/recipes-kernel/cryptodev/sdk_patches/0026-fix-Makefile-to-allow-parallel-make-with-j-option.patch new file mode 100644 index 0000000..b8cf4e1 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0026-fix-Makefile-to-allow-parallel-make-with-j-option.patch | |||
@@ -0,0 +1,56 @@ | |||
1 | From d96ae48c87f80af1a202c2d2e837bf477edc0fb7 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Thu, 10 Dec 2015 12:42:18 +0200 | ||
4 | Subject: [PATCH 26/38] fix Makefile to allow parallel make with -j option | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | Recursive make commands should always use the variable MAKE, not the | ||
10 | explicit command name ‘make’ | ||
11 | |||
12 | Documented in section "5.7.1 How the MAKE Variable Works" of GNU Make manual | ||
13 | |||
14 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
15 | --- | ||
16 | Makefile | 10 +++++----- | ||
17 | 1 file changed, 5 insertions(+), 5 deletions(-) | ||
18 | |||
19 | diff --git a/Makefile b/Makefile | ||
20 | index 9e56e9d..2f50210 100644 | ||
21 | --- a/Makefile | ||
22 | +++ b/Makefile | ||
23 | @@ -22,7 +22,7 @@ KERNEL_MAKE_OPTS += CROSS_COMPILE=${CROSS_COMPILE} | ||
24 | endif | ||
25 | |||
26 | build: version.h | ||
27 | - make ${KERNEL_MAKE_OPTS} modules | ||
28 | + $(MAKE) $(KERNEL_MAKE_OPTS) modules | ||
29 | |||
30 | version.h: Makefile | ||
31 | @echo "#define VERSION \"$(VERSION)\"" > version.h | ||
32 | @@ -30,17 +30,17 @@ version.h: Makefile | ||
33 | install: modules_install | ||
34 | |||
35 | modules_install: | ||
36 | - make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install | ||
37 | + $(MAKE) -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install | ||
38 | @echo "Installing cryptodev.h in $(PREFIX)/usr/include/crypto ..." | ||
39 | @install -D crypto/cryptodev.h $(PREFIX)/usr/include/crypto/cryptodev.h | ||
40 | |||
41 | clean: | ||
42 | - make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean | ||
43 | + $(MAKE) -C $(KERNEL_DIR) SUBDIRS=`pwd` clean | ||
44 | rm -f $(hostprogs) *~ | ||
45 | - CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) make -C tests clean | ||
46 | + CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) $(MAKE) -C tests clean | ||
47 | |||
48 | check: | ||
49 | - CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) make -C tests check | ||
50 | + CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) $(MAKE) -C tests check | ||
51 | |||
52 | CPOPTS = | ||
53 | ifneq (${SHOW_TYPES},) | ||
54 | -- | ||
55 | 2.7.0 | ||
56 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0027-use-Linux-kernel-conventions-for-Makefile-variables.patch b/recipes-kernel/cryptodev/sdk_patches/0027-use-Linux-kernel-conventions-for-Makefile-variables.patch new file mode 100644 index 0000000..ad18da8 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0027-use-Linux-kernel-conventions-for-Makefile-variables.patch | |||
@@ -0,0 +1,47 @@ | |||
1 | From e51bf208fbd3796238ff4d721e8d070f711f8c56 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Thu, 10 Dec 2015 12:42:19 +0200 | ||
4 | Subject: [PATCH 27/38] use Linux kernel conventions for Makefile variables | ||
5 | |||
6 | The kernel Makefile specifies to use M=... instead of SUBDIR=... for | ||
7 | external modules. | ||
8 | |||
9 | PWD variable is already set in a POSIX system and calling `pwd` to find | ||
10 | it is redundant. | ||
11 | |||
12 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
13 | --- | ||
14 | Makefile | 6 +++--- | ||
15 | 1 file changed, 3 insertions(+), 3 deletions(-) | ||
16 | |||
17 | diff --git a/Makefile b/Makefile | ||
18 | index 2f50210..7c7e193 100644 | ||
19 | --- a/Makefile | ||
20 | +++ b/Makefile | ||
21 | @@ -13,7 +13,7 @@ cryptodev-objs = ioctl.o main.o cryptlib.o authenc.o zc.o util.o | ||
22 | |||
23 | obj-m += cryptodev.o | ||
24 | |||
25 | -KERNEL_MAKE_OPTS := -C ${KERNEL_DIR} SUBDIRS=`pwd` | ||
26 | +KERNEL_MAKE_OPTS := -C $(KERNEL_DIR) M=$(PWD) | ||
27 | ifneq (${ARCH},) | ||
28 | KERNEL_MAKE_OPTS += ARCH=${ARCH} | ||
29 | endif | ||
30 | @@ -30,12 +30,12 @@ version.h: Makefile | ||
31 | install: modules_install | ||
32 | |||
33 | modules_install: | ||
34 | - $(MAKE) -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install | ||
35 | + $(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules_install | ||
36 | @echo "Installing cryptodev.h in $(PREFIX)/usr/include/crypto ..." | ||
37 | @install -D crypto/cryptodev.h $(PREFIX)/usr/include/crypto/cryptodev.h | ||
38 | |||
39 | clean: | ||
40 | - $(MAKE) -C $(KERNEL_DIR) SUBDIRS=`pwd` clean | ||
41 | + $(MAKE) -C $(KERNEL_DIR) M=$(PWD) clean | ||
42 | rm -f $(hostprogs) *~ | ||
43 | CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) $(MAKE) -C tests clean | ||
44 | |||
45 | -- | ||
46 | 2.7.0 | ||
47 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0028-for-consistency-use-.-instead-of-.-in-makefiles.patch b/recipes-kernel/cryptodev/sdk_patches/0028-for-consistency-use-.-instead-of-.-in-makefiles.patch new file mode 100644 index 0000000..756ca33 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0028-for-consistency-use-.-instead-of-.-in-makefiles.patch | |||
@@ -0,0 +1,73 @@ | |||
1 | From 22b63631de17507c12355c30e408dbd88350bb3a Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Thu, 10 Dec 2015 12:42:20 +0200 | ||
4 | Subject: [PATCH 28/38] for consistency, use $(...) instead of ${...} in | ||
5 | makefiles | ||
6 | |||
7 | Both syntax rules are equaly valid and mixing them is permitted but | ||
8 | looks inconsistent. | ||
9 | |||
10 | See section "6.1 Basics of Variable References" of GNU make manual | ||
11 | |||
12 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
13 | --- | ||
14 | Makefile | 16 ++++++++-------- | ||
15 | tests/Makefile | 2 +- | ||
16 | 2 files changed, 9 insertions(+), 9 deletions(-) | ||
17 | |||
18 | diff --git a/Makefile b/Makefile | ||
19 | index 7c7e193..7f8df37 100644 | ||
20 | --- a/Makefile | ||
21 | +++ b/Makefile | ||
22 | @@ -14,11 +14,11 @@ cryptodev-objs = ioctl.o main.o cryptlib.o authenc.o zc.o util.o | ||
23 | obj-m += cryptodev.o | ||
24 | |||
25 | KERNEL_MAKE_OPTS := -C $(KERNEL_DIR) M=$(PWD) | ||
26 | -ifneq (${ARCH},) | ||
27 | -KERNEL_MAKE_OPTS += ARCH=${ARCH} | ||
28 | +ifneq ($(ARCH),) | ||
29 | +KERNEL_MAKE_OPTS += ARCH=$(ARCH) | ||
30 | endif | ||
31 | -ifneq (${CROSS_COMPILE},) | ||
32 | -KERNEL_MAKE_OPTS += CROSS_COMPILE=${CROSS_COMPILE} | ||
33 | +ifneq ($(CROSS_COMPILE),) | ||
34 | +KERNEL_MAKE_OPTS += CROSS_COMPILE=$(CROSS_COMPILE) | ||
35 | endif | ||
36 | |||
37 | build: version.h | ||
38 | @@ -43,15 +43,15 @@ check: | ||
39 | CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) $(MAKE) -C tests check | ||
40 | |||
41 | CPOPTS = | ||
42 | -ifneq (${SHOW_TYPES},) | ||
43 | +ifneq ($(SHOW_TYPES),) | ||
44 | CPOPTS += --show-types | ||
45 | endif | ||
46 | -ifneq (${IGNORE_TYPES},) | ||
47 | -CPOPTS += --ignore ${IGNORE_TYPES} | ||
48 | +ifneq ($(IGNORE_TYPES),) | ||
49 | +CPOPTS += --ignore $(IGNORE_TYPES) | ||
50 | endif | ||
51 | |||
52 | checkpatch: | ||
53 | - $(KERNEL_DIR)/scripts/checkpatch.pl ${CPOPTS} --file *.c *.h | ||
54 | + $(KERNEL_DIR)/scripts/checkpatch.pl $(CPOPTS) --file *.c *.h | ||
55 | |||
56 | VERSIONTAG = refs/tags/cryptodev-linux-$(VERSION) | ||
57 | FILEBASE = cryptodev-linux-$(VERSION) | ||
58 | diff --git a/tests/Makefile b/tests/Makefile | ||
59 | index 20c52ba..3155da9 100644 | ||
60 | --- a/tests/Makefile | ||
61 | +++ b/tests/Makefile | ||
62 | @@ -6,7 +6,7 @@ comp_progs := cipher_comp hash_comp hmac_comp | ||
63 | |||
64 | hostprogs := cipher cipher-aead hmac speed async_cipher async_hmac \ | ||
65 | async_speed sha_speed hashcrypt_speed fullspeed cipher-gcm \ | ||
66 | - cipher-aead-srtp ${comp_progs} | ||
67 | + cipher-aead-srtp $(comp_progs) | ||
68 | |||
69 | example-cipher-objs := cipher.o | ||
70 | example-cipher-aead-objs := cipher-aead.o | ||
71 | -- | ||
72 | 2.7.0 | ||
73 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0029-fix-clean-up-on-error-path-for-crypto_create_session.patch b/recipes-kernel/cryptodev/sdk_patches/0029-fix-clean-up-on-error-path-for-crypto_create_session.patch new file mode 100644 index 0000000..67e4a89 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0029-fix-clean-up-on-error-path-for-crypto_create_session.patch | |||
@@ -0,0 +1,117 @@ | |||
1 | From 294abaaa4540ec340ed6046a784c9789c8724420 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Mon, 11 Jan 2016 17:45:50 +0200 | ||
4 | Subject: [PATCH 29/38] fix clean-up on error path for crypto_create_session | ||
5 | |||
6 | This patch fixes clean-up on error path for failed allocations of | ||
7 | ses_new->pages or ses_new->sg. In these cases, allocations made in | ||
8 | cryptodev_hash_init have not been undone resulting in possible memory | ||
9 | leaks. | ||
10 | |||
11 | We take advantage of the initializations with zeros of the session | ||
12 | structure to trim the code to a single clean-up path. | ||
13 | |||
14 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
15 | --- | ||
16 | ioctl.c | 28 +++++++++++++++------------- | ||
17 | 1 file changed, 15 insertions(+), 13 deletions(-) | ||
18 | |||
19 | diff --git a/ioctl.c b/ioctl.c | ||
20 | index b23f5fd..c781f9d 100644 | ||
21 | --- a/ioctl.c | ||
22 | +++ b/ioctl.c | ||
23 | @@ -228,7 +228,8 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
24 | return -EINVAL; | ||
25 | } | ||
26 | |||
27 | - /* Create a session and put it to the list. */ | ||
28 | + /* Create a session and put it to the list. Zeroing the structure helps | ||
29 | + * also with a single exit point in case of errors */ | ||
30 | ses_new = kzalloc(sizeof(*ses_new), GFP_KERNEL); | ||
31 | if (!ses_new) | ||
32 | return -ENOMEM; | ||
33 | @@ -240,19 +241,19 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
34 | if (unlikely(ret < 0)) { | ||
35 | ddebug(1, "Setting key failed for %s-%zu.", | ||
36 | alg_name, (size_t)sop->keylen*8); | ||
37 | - goto error_cipher; | ||
38 | + goto session_error; | ||
39 | } | ||
40 | |||
41 | ret = cryptodev_get_cipher_key(keys.ckey, sop, aead); | ||
42 | if (unlikely(ret < 0)) | ||
43 | - goto error_cipher; | ||
44 | + goto session_error; | ||
45 | |||
46 | ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, keys.ckey, | ||
47 | keylen, stream, aead); | ||
48 | if (ret < 0) { | ||
49 | ddebug(1, "Failed to load cipher for %s", alg_name); | ||
50 | ret = -EINVAL; | ||
51 | - goto error_cipher; | ||
52 | + goto session_error; | ||
53 | } | ||
54 | } | ||
55 | |||
56 | @@ -261,13 +262,13 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
57 | ddebug(1, "Setting key failed for %s-%zu.", | ||
58 | hash_name, (size_t)sop->mackeylen*8); | ||
59 | ret = -EINVAL; | ||
60 | - goto error_hash; | ||
61 | + goto session_error; | ||
62 | } | ||
63 | |||
64 | if (sop->mackey && unlikely(copy_from_user(keys.mkey, sop->mackey, | ||
65 | sop->mackeylen))) { | ||
66 | ret = -EFAULT; | ||
67 | - goto error_hash; | ||
68 | + goto session_error; | ||
69 | } | ||
70 | |||
71 | ret = cryptodev_hash_init(&ses_new->hdata, hash_name, hmac_mode, | ||
72 | @@ -275,7 +276,7 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
73 | if (ret != 0) { | ||
74 | ddebug(1, "Failed to load hash for %s", hash_name); | ||
75 | ret = -EINVAL; | ||
76 | - goto error_hash; | ||
77 | + goto session_error; | ||
78 | } | ||
79 | } | ||
80 | |||
81 | @@ -292,7 +293,7 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
82 | if (ses_new->sg == NULL || ses_new->pages == NULL) { | ||
83 | ddebug(0, "Memory error"); | ||
84 | ret = -ENOMEM; | ||
85 | - goto error_hash; | ||
86 | + goto session_error; | ||
87 | } | ||
88 | |||
89 | /* put the new session to the list */ | ||
90 | @@ -316,18 +317,19 @@ restart: | ||
91 | |||
92 | /* Fill in some values for the user. */ | ||
93 | sop->ses = ses_new->sid; | ||
94 | - | ||
95 | return 0; | ||
96 | |||
97 | -error_hash: | ||
98 | + /* We count on ses_new to be initialized with zeroes | ||
99 | + * Since hdata and cdata are embedded within ses_new, it follows that | ||
100 | + * hdata->init and cdata->init are either zero or one as they have been | ||
101 | + * initialized or not */ | ||
102 | +session_error: | ||
103 | + cryptodev_hash_deinit(&ses_new->hdata); | ||
104 | cryptodev_cipher_deinit(&ses_new->cdata); | ||
105 | kfree(ses_new->sg); | ||
106 | kfree(ses_new->pages); | ||
107 | -error_cipher: | ||
108 | kfree(ses_new); | ||
109 | - | ||
110 | return ret; | ||
111 | - | ||
112 | } | ||
113 | |||
114 | /* Everything that needs to be done when remowing a session. */ | ||
115 | -- | ||
116 | 2.7.0 | ||
117 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0030-remove-code-duplication-in-cryptodev_hash_init.patch b/recipes-kernel/cryptodev/sdk_patches/0030-remove-code-duplication-in-cryptodev_hash_init.patch new file mode 100644 index 0000000..1e3ebf3 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0030-remove-code-duplication-in-cryptodev_hash_init.patch | |||
@@ -0,0 +1,59 @@ | |||
1 | From f4534df637b078fce275763bd8bc2a83bfad25e0 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Mon, 11 Jan 2016 18:01:06 +0200 | ||
4 | Subject: [PATCH 30/38] remove code duplication in cryptodev_hash_init | ||
5 | |||
6 | cryptodev_hash_init is concerned mostly with allocating data structures | ||
7 | for hash operations. | ||
8 | This patch replaces the call it makes to crypto_ahash_init with | ||
9 | one to cryptodev_hash_reset to avoid code duplication. This call is made | ||
10 | now outside of the original function to increase modularity. | ||
11 | |||
12 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
13 | --- | ||
14 | cryptlib.c | 9 --------- | ||
15 | ioctl.c | 5 +++++ | ||
16 | 2 files changed, 5 insertions(+), 9 deletions(-) | ||
17 | |||
18 | diff --git a/cryptlib.c b/cryptlib.c | ||
19 | index eba4616..4fd29eb 100644 | ||
20 | --- a/cryptlib.c | ||
21 | +++ b/cryptlib.c | ||
22 | @@ -362,18 +362,9 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, | ||
23 | |||
24 | ahash_request_set_callback(hdata->async.request, 0, | ||
25 | cryptodev_complete, hdata->async.result); | ||
26 | - | ||
27 | - ret = crypto_ahash_init(hdata->async.request); | ||
28 | - if (unlikely(ret)) { | ||
29 | - derr(0, "error in crypto_hash_init()"); | ||
30 | - goto error_request; | ||
31 | - } | ||
32 | - | ||
33 | hdata->init = 1; | ||
34 | return 0; | ||
35 | |||
36 | -error_request: | ||
37 | - ahash_request_free(hdata->async.request); | ||
38 | error: | ||
39 | kfree(hdata->async.result); | ||
40 | crypto_free_ahash(hdata->async.s); | ||
41 | diff --git a/ioctl.c b/ioctl.c | ||
42 | index b36dd03..a537886 100644 | ||
43 | --- a/ioctl.c | ||
44 | +++ b/ioctl.c | ||
45 | @@ -338,6 +338,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) | ||
46 | ret = -EINVAL; | ||
47 | goto session_error; | ||
48 | } | ||
49 | + | ||
50 | + ret = cryptodev_hash_reset(&ses_new->hdata); | ||
51 | + if (ret != 0) { | ||
52 | + goto session_error; | ||
53 | + } | ||
54 | } | ||
55 | |||
56 | ses_new->alignmask = max(ses_new->cdata.alignmask, | ||
57 | -- | ||
58 | 2.7.0 | ||
59 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0031-fix-comment-typo.patch b/recipes-kernel/cryptodev/sdk_patches/0031-fix-comment-typo.patch new file mode 100644 index 0000000..cde9552 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0031-fix-comment-typo.patch | |||
@@ -0,0 +1,26 @@ | |||
1 | From 73a2489ba634503a0cc2bb6e84627ceeda0f059f Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Tue, 12 Jan 2016 17:15:56 +0200 | ||
4 | Subject: [PATCH 31/38] fix comment typo | ||
5 | |||
6 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
7 | --- | ||
8 | ioctl.c | 2 +- | ||
9 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
10 | |||
11 | diff --git a/ioctl.c b/ioctl.c | ||
12 | index a537886..7adde75 100644 | ||
13 | --- a/ioctl.c | ||
14 | +++ b/ioctl.c | ||
15 | @@ -397,7 +397,7 @@ session_error: | ||
16 | return ret; | ||
17 | } | ||
18 | |||
19 | -/* Everything that needs to be done when remowing a session. */ | ||
20 | +/* Everything that needs to be done when removing a session. */ | ||
21 | static inline void | ||
22 | crypto_destroy_session(struct csession *ses_ptr) | ||
23 | { | ||
24 | -- | ||
25 | 2.7.0 | ||
26 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0032-avoid-calls-to-kmalloc-on-hotpaths.patch b/recipes-kernel/cryptodev/sdk_patches/0032-avoid-calls-to-kmalloc-on-hotpaths.patch new file mode 100644 index 0000000..2aa5810 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0032-avoid-calls-to-kmalloc-on-hotpaths.patch | |||
@@ -0,0 +1,220 @@ | |||
1 | From 9b513838035c35fd3706bb824edd17d705641439 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Tue, 12 Jan 2016 15:13:15 +0200 | ||
4 | Subject: [PATCH 32/38] avoid calls to kmalloc on hotpaths | ||
5 | |||
6 | We replace a pointer to a small structure with the structure itself to | ||
7 | avoid unnecessary dynamic allocations at runtime. The embedding | ||
8 | structure is itself dynamically allocated and we get a slight increase | ||
9 | in performance from elimination of unnecessary code. | ||
10 | |||
11 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
12 | --- | ||
13 | cryptlib.c | 42 +++++++++++++----------------------------- | ||
14 | cryptlib.h | 14 +++++++------- | ||
15 | 2 files changed, 20 insertions(+), 36 deletions(-) | ||
16 | |||
17 | diff --git a/cryptlib.c b/cryptlib.c | ||
18 | index 4fd29eb..5972fc2 100644 | ||
19 | --- a/cryptlib.c | ||
20 | +++ b/cryptlib.c | ||
21 | @@ -178,13 +178,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, | ||
22 | out->stream = stream; | ||
23 | out->aead = aead; | ||
24 | |||
25 | - out->async.result = kzalloc(sizeof(*out->async.result), GFP_KERNEL); | ||
26 | - if (unlikely(!out->async.result)) { | ||
27 | - ret = -ENOMEM; | ||
28 | - goto error; | ||
29 | - } | ||
30 | - | ||
31 | - init_completion(&out->async.result->completion); | ||
32 | + init_completion(&out->async.result.completion); | ||
33 | |||
34 | if (aead == 0) { | ||
35 | out->async.request = ablkcipher_request_alloc(out->async.s, GFP_KERNEL); | ||
36 | @@ -195,7 +189,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, | ||
37 | } | ||
38 | |||
39 | ablkcipher_request_set_callback(out->async.request, 0, | ||
40 | - cryptodev_complete, out->async.result); | ||
41 | + cryptodev_complete, &out->async.result); | ||
42 | } else { | ||
43 | out->async.arequest = aead_request_alloc(out->async.as, GFP_KERNEL); | ||
44 | if (unlikely(!out->async.arequest)) { | ||
45 | @@ -205,7 +199,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, | ||
46 | } | ||
47 | |||
48 | aead_request_set_callback(out->async.arequest, 0, | ||
49 | - cryptodev_complete, out->async.result); | ||
50 | + cryptodev_complete, &out->async.result); | ||
51 | } | ||
52 | |||
53 | out->init = 1; | ||
54 | @@ -222,7 +216,6 @@ error: | ||
55 | if (out->async.as) | ||
56 | crypto_free_aead(out->async.as); | ||
57 | } | ||
58 | - kfree(out->async.result); | ||
59 | |||
60 | return ret; | ||
61 | } | ||
62 | @@ -242,7 +235,6 @@ void cryptodev_cipher_deinit(struct cipher_data *cdata) | ||
63 | crypto_free_aead(cdata->async.as); | ||
64 | } | ||
65 | |||
66 | - kfree(cdata->async.result); | ||
67 | cdata->init = 0; | ||
68 | } | ||
69 | } | ||
70 | @@ -279,7 +271,7 @@ ssize_t cryptodev_cipher_encrypt(struct cipher_data *cdata, | ||
71 | { | ||
72 | int ret; | ||
73 | |||
74 | - reinit_completion(&cdata->async.result->completion); | ||
75 | + reinit_completion(&cdata->async.result.completion); | ||
76 | |||
77 | if (cdata->aead == 0) { | ||
78 | ablkcipher_request_set_crypt(cdata->async.request, | ||
79 | @@ -293,7 +285,7 @@ ssize_t cryptodev_cipher_encrypt(struct cipher_data *cdata, | ||
80 | ret = crypto_aead_encrypt(cdata->async.arequest); | ||
81 | } | ||
82 | |||
83 | - return waitfor(cdata->async.result, ret); | ||
84 | + return waitfor(&cdata->async.result, ret); | ||
85 | } | ||
86 | |||
87 | ssize_t cryptodev_cipher_decrypt(struct cipher_data *cdata, | ||
88 | @@ -302,7 +294,7 @@ ssize_t cryptodev_cipher_decrypt(struct cipher_data *cdata, | ||
89 | { | ||
90 | int ret; | ||
91 | |||
92 | - reinit_completion(&cdata->async.result->completion); | ||
93 | + reinit_completion(&cdata->async.result.completion); | ||
94 | if (cdata->aead == 0) { | ||
95 | ablkcipher_request_set_crypt(cdata->async.request, | ||
96 | (struct scatterlist *)src, dst, | ||
97 | @@ -315,7 +307,7 @@ ssize_t cryptodev_cipher_decrypt(struct cipher_data *cdata, | ||
98 | ret = crypto_aead_decrypt(cdata->async.arequest); | ||
99 | } | ||
100 | |||
101 | - return waitfor(cdata->async.result, ret); | ||
102 | + return waitfor(&cdata->async.result, ret); | ||
103 | } | ||
104 | |||
105 | /* Hash functions */ | ||
106 | @@ -345,13 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, | ||
107 | hdata->digestsize = crypto_ahash_digestsize(hdata->async.s); | ||
108 | hdata->alignmask = crypto_ahash_alignmask(hdata->async.s); | ||
109 | |||
110 | - hdata->async.result = kzalloc(sizeof(*hdata->async.result), GFP_KERNEL); | ||
111 | - if (unlikely(!hdata->async.result)) { | ||
112 | - ret = -ENOMEM; | ||
113 | - goto error; | ||
114 | - } | ||
115 | - | ||
116 | - init_completion(&hdata->async.result->completion); | ||
117 | + init_completion(&hdata->async.result.completion); | ||
118 | |||
119 | hdata->async.request = ahash_request_alloc(hdata->async.s, GFP_KERNEL); | ||
120 | if (unlikely(!hdata->async.request)) { | ||
121 | @@ -361,12 +347,11 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, | ||
122 | } | ||
123 | |||
124 | ahash_request_set_callback(hdata->async.request, 0, | ||
125 | - cryptodev_complete, hdata->async.result); | ||
126 | + cryptodev_complete, &hdata->async.result); | ||
127 | hdata->init = 1; | ||
128 | return 0; | ||
129 | |||
130 | error: | ||
131 | - kfree(hdata->async.result); | ||
132 | crypto_free_ahash(hdata->async.s); | ||
133 | return ret; | ||
134 | } | ||
135 | @@ -376,7 +361,6 @@ void cryptodev_hash_deinit(struct hash_data *hdata) | ||
136 | if (hdata->init) { | ||
137 | if (hdata->async.request) | ||
138 | ahash_request_free(hdata->async.request); | ||
139 | - kfree(hdata->async.result); | ||
140 | if (hdata->async.s) | ||
141 | crypto_free_ahash(hdata->async.s); | ||
142 | hdata->init = 0; | ||
143 | @@ -402,24 +386,24 @@ ssize_t cryptodev_hash_update(struct hash_data *hdata, | ||
144 | { | ||
145 | int ret; | ||
146 | |||
147 | - reinit_completion(&hdata->async.result->completion); | ||
148 | + reinit_completion(&hdata->async.result.completion); | ||
149 | ahash_request_set_crypt(hdata->async.request, sg, NULL, len); | ||
150 | |||
151 | ret = crypto_ahash_update(hdata->async.request); | ||
152 | |||
153 | - return waitfor(hdata->async.result, ret); | ||
154 | + return waitfor(&hdata->async.result, ret); | ||
155 | } | ||
156 | |||
157 | int cryptodev_hash_final(struct hash_data *hdata, void *output) | ||
158 | { | ||
159 | int ret; | ||
160 | |||
161 | - reinit_completion(&hdata->async.result->completion); | ||
162 | + reinit_completion(&hdata->async.result.completion); | ||
163 | ahash_request_set_crypt(hdata->async.request, NULL, output, 0); | ||
164 | |||
165 | ret = crypto_ahash_final(hdata->async.request); | ||
166 | |||
167 | - return waitfor(hdata->async.result, ret); | ||
168 | + return waitfor(&hdata->async.result, ret); | ||
169 | } | ||
170 | |||
171 | int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) | ||
172 | diff --git a/cryptlib.h b/cryptlib.h | ||
173 | index e1c4e3e..d8e8046 100644 | ||
174 | --- a/cryptlib.h | ||
175 | +++ b/cryptlib.h | ||
176 | @@ -6,6 +6,11 @@ | ||
177 | |||
178 | #include <linux/version.h> | ||
179 | |||
180 | +struct cryptodev_result { | ||
181 | + struct completion completion; | ||
182 | + int err; | ||
183 | +}; | ||
184 | + | ||
185 | struct cipher_data { | ||
186 | int init; /* 0 uninitialized */ | ||
187 | int blocksize; | ||
188 | @@ -22,7 +27,7 @@ struct cipher_data { | ||
189 | struct crypto_aead *as; | ||
190 | struct aead_request *arequest; | ||
191 | |||
192 | - struct cryptodev_result *result; | ||
193 | + struct cryptodev_result result; | ||
194 | uint8_t iv[EALG_MAX_BLOCK_LEN]; | ||
195 | } async; | ||
196 | }; | ||
197 | @@ -85,7 +90,7 @@ struct hash_data { | ||
198 | int alignmask; | ||
199 | struct { | ||
200 | struct crypto_ahash *s; | ||
201 | - struct cryptodev_result *result; | ||
202 | + struct cryptodev_result result; | ||
203 | struct ahash_request *request; | ||
204 | } async; | ||
205 | }; | ||
206 | @@ -104,11 +109,6 @@ enum offload_type { | ||
207 | ASYNCHRONOUS | ||
208 | }; | ||
209 | |||
210 | -struct cryptodev_result { | ||
211 | - struct completion completion; | ||
212 | - int err; | ||
213 | -}; | ||
214 | - | ||
215 | struct cryptodev_pkc { | ||
216 | struct list_head list; /* To maintain the Jobs in completed | ||
217 | cryptodev lists */ | ||
218 | -- | ||
219 | 2.7.0 | ||
220 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0033-avoid-unnecessary-checks-for-hash-clean-up.patch b/recipes-kernel/cryptodev/sdk_patches/0033-avoid-unnecessary-checks-for-hash-clean-up.patch new file mode 100644 index 0000000..3ce8a5f --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0033-avoid-unnecessary-checks-for-hash-clean-up.patch | |||
@@ -0,0 +1,33 @@ | |||
1 | From 774c6bd169b683ed54ebad164d0ff541e1381a64 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Tue, 12 Jan 2016 17:09:33 +0200 | ||
4 | Subject: [PATCH 33/38] avoid unnecessary checks for hash clean-up | ||
5 | |||
6 | hdata->init is set only after all necessary allocations succeed. On | ||
7 | clean-up is no longer necessary to make the allocation checks. | ||
8 | |||
9 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
10 | --- | ||
11 | cryptlib.c | 6 ++---- | ||
12 | 1 file changed, 2 insertions(+), 4 deletions(-) | ||
13 | |||
14 | diff --git a/cryptlib.c b/cryptlib.c | ||
15 | index 5972fc2..5d1a5a9 100644 | ||
16 | --- a/cryptlib.c | ||
17 | +++ b/cryptlib.c | ||
18 | @@ -359,10 +359,8 @@ error: | ||
19 | void cryptodev_hash_deinit(struct hash_data *hdata) | ||
20 | { | ||
21 | if (hdata->init) { | ||
22 | - if (hdata->async.request) | ||
23 | - ahash_request_free(hdata->async.request); | ||
24 | - if (hdata->async.s) | ||
25 | - crypto_free_ahash(hdata->async.s); | ||
26 | + ahash_request_free(hdata->async.request); | ||
27 | + crypto_free_ahash(hdata->async.s); | ||
28 | hdata->init = 0; | ||
29 | } | ||
30 | } | ||
31 | -- | ||
32 | 2.7.0 | ||
33 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0034-extend-API-with-CIOCHASH-to-support-direct-hash-oper.patch b/recipes-kernel/cryptodev/sdk_patches/0034-extend-API-with-CIOCHASH-to-support-direct-hash-oper.patch new file mode 100644 index 0000000..3a1f0c0 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0034-extend-API-with-CIOCHASH-to-support-direct-hash-oper.patch | |||
@@ -0,0 +1,114 @@ | |||
1 | From c43fa74b9ed11f0183d25b21486b71fe02d84de7 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Tue, 15 Dec 2015 15:31:47 +0200 | ||
4 | Subject: [PATCH 34/38] extend API with CIOCHASH to support direct hash | ||
5 | operations | ||
6 | |||
7 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
8 | --- | ||
9 | crypto/cryptodev.h | 16 ++++++++++++++++ | ||
10 | ioctl.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ | ||
11 | 2 files changed, 65 insertions(+) | ||
12 | |||
13 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
14 | index f6058ca..c6083f7 100644 | ||
15 | --- a/crypto/cryptodev.h | ||
16 | +++ b/crypto/cryptodev.h | ||
17 | @@ -167,6 +167,19 @@ struct crypt_auth_op { | ||
18 | __u32 iv_len; | ||
19 | }; | ||
20 | |||
21 | +/* data container for CIOCHASH operations */ | ||
22 | +struct hash_op_data { | ||
23 | + __u32 ses; /* session identifier */ | ||
24 | + __u32 mac_op; /* cryptodev_crypto_op_t */ | ||
25 | + __u8 *mackey; | ||
26 | + __u32 mackeylen; | ||
27 | + | ||
28 | + __u16 flags; /* see COP_FLAG_* */ | ||
29 | + __u32 len; /* length of source data */ | ||
30 | + __u8 *src; /* source data */ | ||
31 | + __u8 *mac_result; | ||
32 | +}; | ||
33 | + | ||
34 | /* In plain AEAD mode the following are required: | ||
35 | * flags : 0 | ||
36 | * iv : the initialization vector (12 bytes) | ||
37 | @@ -325,4 +338,7 @@ enum cryptodev_crk_op_t { | ||
38 | /* additional ioctls for asynchronous operation for asymmetric ciphers*/ | ||
39 | #define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop) | ||
40 | #define CIOCASYMFETCHCOOKIE _IOR('c', 113, struct pkc_cookie_list_s) | ||
41 | + | ||
42 | +#define CIOCHASH _IOWR('c', 114, struct hash_op_data) | ||
43 | + | ||
44 | #endif /* L_CRYPTODEV_H */ | ||
45 | diff --git a/ioctl.c b/ioctl.c | ||
46 | index 7adde75..3763954 100644 | ||
47 | --- a/ioctl.c | ||
48 | +++ b/ioctl.c | ||
49 | @@ -960,6 +960,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
50 | void __user *arg = (void __user *)arg_; | ||
51 | int __user *p = arg; | ||
52 | struct session_op sop; | ||
53 | + struct hash_op_data hash_op; | ||
54 | struct kernel_crypt_op kcop; | ||
55 | struct kernel_crypt_auth_op kcaop; | ||
56 | struct crypt_priv *pcr = filp->private_data; | ||
57 | @@ -1049,6 +1050,54 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
58 | } | ||
59 | |||
60 | return kcop_to_user(&kcop, fcr, arg); | ||
61 | + case CIOCHASH: | ||
62 | + /* get session */ | ||
63 | + if (unlikely(copy_from_user(&hash_op, arg, sizeof(struct hash_op_data)))) { | ||
64 | + pr_err("copy from user fault\n"); | ||
65 | + return -EFAULT; | ||
66 | + } | ||
67 | + | ||
68 | + sop.cipher = 0; | ||
69 | + sop.mac = hash_op.mac_op; | ||
70 | + sop.mackey = hash_op.mackey; | ||
71 | + sop.mackeylen = hash_op.mackeylen; | ||
72 | + | ||
73 | + /* writes sop.ses as a side-effect */ | ||
74 | + ret = crypto_create_session(fcr, &sop); | ||
75 | + if (unlikely(ret)) { | ||
76 | + pr_err("can't get session\n"); | ||
77 | + return ret; | ||
78 | + } | ||
79 | + | ||
80 | + /* do hashing */ | ||
81 | + kcop.cop.ses = sop.ses; | ||
82 | + kcop.cop.flags = hash_op.flags; | ||
83 | + kcop.cop.len = hash_op.len; | ||
84 | + kcop.cop.src = hash_op.src; | ||
85 | + kcop.cop.mac = hash_op.mac_result; | ||
86 | + kcop.cop.dst = 0; | ||
87 | + kcop.cop.op = 0; | ||
88 | + kcop.cop.iv = 0; | ||
89 | + kcop.ivlen = 0; | ||
90 | + kcop.digestsize = 0; /* will be updated during operation */ | ||
91 | + kcop.task = current; | ||
92 | + kcop.mm = current->mm; | ||
93 | + | ||
94 | + ret = crypto_run(fcr, &kcop); | ||
95 | + if (unlikely(ret)) { | ||
96 | + dwarning(1, "Error in hash run"); | ||
97 | + return ret; | ||
98 | + } | ||
99 | + | ||
100 | + ret = copy_to_user(kcop.cop.mac, kcop.hash_output, kcop.digestsize); | ||
101 | + if (unlikely(ret)) { | ||
102 | + dwarning(1, "Error in copy to user"); | ||
103 | + return ret; | ||
104 | + } | ||
105 | + | ||
106 | + /* put session */ | ||
107 | + ret = crypto_finish_session(fcr, sop.ses); | ||
108 | + return 0; | ||
109 | case CIOCAUTHCRYPT: | ||
110 | if (unlikely(ret = kcaop_from_user(&kcaop, fcr, arg))) { | ||
111 | dwarning(1, "Error copying from user"); | ||
112 | -- | ||
113 | 2.7.0 | ||
114 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0035-use-directly-crypto-API-digest-operation-for-CIOCHAS.patch b/recipes-kernel/cryptodev/sdk_patches/0035-use-directly-crypto-API-digest-operation-for-CIOCHAS.patch new file mode 100644 index 0000000..4745dc9 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0035-use-directly-crypto-API-digest-operation-for-CIOCHAS.patch | |||
@@ -0,0 +1,315 @@ | |||
1 | From f123f38532ae022e818312a9bc04cdb287e9623f Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Thu, 17 Dec 2015 10:34:20 +0200 | ||
4 | Subject: [PATCH 35/38] use directly crypto API 'digest' operation for CIOCHASH | ||
5 | |||
6 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
7 | --- | ||
8 | crypto/cryptodev.h | 2 +- | ||
9 | cryptodev_int.h | 10 ++++ | ||
10 | ioctl.c | 158 ++++++++++++++++++++++++++++++++++++++++++++--------- | ||
11 | main.c | 39 ++++++++++++- | ||
12 | 4 files changed, 179 insertions(+), 30 deletions(-) | ||
13 | |||
14 | diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h | ||
15 | index c6083f7..9ade102 100644 | ||
16 | --- a/crypto/cryptodev.h | ||
17 | +++ b/crypto/cryptodev.h | ||
18 | @@ -169,7 +169,7 @@ struct crypt_auth_op { | ||
19 | |||
20 | /* data container for CIOCHASH operations */ | ||
21 | struct hash_op_data { | ||
22 | - __u32 ses; /* session identifier */ | ||
23 | + struct csession *ses; /* session identifier */ | ||
24 | __u32 mac_op; /* cryptodev_crypto_op_t */ | ||
25 | __u8 *mackey; | ||
26 | __u32 mackeylen; | ||
27 | diff --git a/cryptodev_int.h b/cryptodev_int.h | ||
28 | index cb005d7..74c295a 100644 | ||
29 | --- a/cryptodev_int.h | ||
30 | +++ b/cryptodev_int.h | ||
31 | @@ -164,6 +164,15 @@ struct kernel_crypt_op { | ||
32 | struct mm_struct *mm; | ||
33 | }; | ||
34 | |||
35 | +struct kernel_hash_op { | ||
36 | + struct hash_op_data hash_op; | ||
37 | + | ||
38 | + int digestsize; | ||
39 | + uint8_t hash_output[AALG_MAX_RESULT_LEN]; | ||
40 | + struct task_struct *task; | ||
41 | + struct mm_struct *mm; | ||
42 | +}; | ||
43 | + | ||
44 | struct kernel_crypt_auth_op { | ||
45 | struct crypt_auth_op caop; | ||
46 | |||
47 | @@ -192,6 +201,7 @@ int kcaop_to_user(struct kernel_crypt_auth_op *kcaop, | ||
48 | struct fcrypt *fcr, void __user *arg); | ||
49 | int crypto_auth_run(struct fcrypt *fcr, struct kernel_crypt_auth_op *kcaop); | ||
50 | int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop); | ||
51 | +int hash_run(struct kernel_hash_op *khop); | ||
52 | |||
53 | #include <cryptlib.h> | ||
54 | |||
55 | diff --git a/ioctl.c b/ioctl.c | ||
56 | index 3763954..a052614 100644 | ||
57 | --- a/ioctl.c | ||
58 | +++ b/ioctl.c | ||
59 | @@ -397,7 +397,128 @@ session_error: | ||
60 | return ret; | ||
61 | } | ||
62 | |||
63 | -/* Everything that needs to be done when removing a session. */ | ||
64 | +static inline void hash_destroy_session(struct csession *ses_ptr) | ||
65 | +{ | ||
66 | + cryptodev_hash_deinit(&ses_ptr->hdata); | ||
67 | + kfree(ses_ptr->pages); | ||
68 | + kfree(ses_ptr->sg); | ||
69 | + kfree(ses_ptr); | ||
70 | +} | ||
71 | + | ||
72 | +static int hash_create_session(struct hash_op_data *hash_op) | ||
73 | +{ | ||
74 | + struct csession *ses; | ||
75 | + int ret = 0; | ||
76 | + const char *hash_name; | ||
77 | + int hmac_mode = 1; | ||
78 | + uint8_t mkey[CRYPTO_HMAC_MAX_KEY_LEN]; | ||
79 | + | ||
80 | + switch (hash_op->mac_op) { | ||
81 | + case CRYPTO_MD5_HMAC: | ||
82 | + hash_name = "hmac(md5)"; | ||
83 | + break; | ||
84 | + case CRYPTO_RIPEMD160_HMAC: | ||
85 | + hash_name = "hmac(rmd160)"; | ||
86 | + break; | ||
87 | + case CRYPTO_SHA1_HMAC: | ||
88 | + hash_name = "hmac(sha1)"; | ||
89 | + break; | ||
90 | + case CRYPTO_SHA2_224_HMAC: | ||
91 | + hash_name = "hmac(sha224)"; | ||
92 | + break; | ||
93 | + case CRYPTO_SHA2_256_HMAC: | ||
94 | + hash_name = "hmac(sha256)"; | ||
95 | + break; | ||
96 | + case CRYPTO_SHA2_384_HMAC: | ||
97 | + hash_name = "hmac(sha384)"; | ||
98 | + break; | ||
99 | + case CRYPTO_SHA2_512_HMAC: | ||
100 | + hash_name = "hmac(sha512)"; | ||
101 | + break; | ||
102 | + /* non-hmac cases */ | ||
103 | + case CRYPTO_MD5: | ||
104 | + hash_name = "md5"; | ||
105 | + hmac_mode = 0; | ||
106 | + break; | ||
107 | + case CRYPTO_RIPEMD160: | ||
108 | + hash_name = "rmd160"; | ||
109 | + hmac_mode = 0; | ||
110 | + break; | ||
111 | + case CRYPTO_SHA1: | ||
112 | + hash_name = "sha1"; | ||
113 | + hmac_mode = 0; | ||
114 | + break; | ||
115 | + case CRYPTO_SHA2_224: | ||
116 | + hash_name = "sha224"; | ||
117 | + hmac_mode = 0; | ||
118 | + break; | ||
119 | + case CRYPTO_SHA2_256: | ||
120 | + hash_name = "sha256"; | ||
121 | + hmac_mode = 0; | ||
122 | + break; | ||
123 | + case CRYPTO_SHA2_384: | ||
124 | + hash_name = "sha384"; | ||
125 | + hmac_mode = 0; | ||
126 | + break; | ||
127 | + case CRYPTO_SHA2_512: | ||
128 | + hash_name = "sha512"; | ||
129 | + hmac_mode = 0; | ||
130 | + break; | ||
131 | + default: | ||
132 | + ddebug(1, "bad mac: %d", hash_op->mac_op); | ||
133 | + return -EINVAL; | ||
134 | + } | ||
135 | + | ||
136 | + ses = kzalloc(sizeof(*ses), GFP_KERNEL); | ||
137 | + if (!ses) { | ||
138 | + return -ENOMEM; | ||
139 | + } | ||
140 | + | ||
141 | + if (unlikely(hash_op->mackeylen > CRYPTO_HMAC_MAX_KEY_LEN)) { | ||
142 | + ddebug(1, "Setting key failed for %s-%zu.", hash_name, | ||
143 | + (size_t)hash_op->mackeylen * 8); | ||
144 | + ret = -EINVAL; | ||
145 | + goto error_hash; | ||
146 | + } | ||
147 | + | ||
148 | + if (hash_op->mackey && | ||
149 | + unlikely(copy_from_user(mkey, hash_op->mackey, hash_op->mackeylen))) { | ||
150 | + ret = -EFAULT; | ||
151 | + goto error_hash; | ||
152 | + } | ||
153 | + | ||
154 | + ret = cryptodev_hash_init(&ses->hdata, hash_name, hmac_mode, | ||
155 | + mkey, hash_op->mackeylen); | ||
156 | + if (ret != 0) { | ||
157 | + ddebug(1, "Failed to load hash for %s", hash_name); | ||
158 | + ret = -EINVAL; | ||
159 | + goto error_hash; | ||
160 | + } | ||
161 | + | ||
162 | + ses->alignmask = ses->hdata.alignmask; | ||
163 | + ddebug(2, "got alignmask %d", ses->alignmask); | ||
164 | + | ||
165 | + ses->array_size = DEFAULT_PREALLOC_PAGES; | ||
166 | + ddebug(2, "preallocating for %d user pages", ses->array_size); | ||
167 | + | ||
168 | + ses->pages = kzalloc(ses->array_size * sizeof(struct page *), GFP_KERNEL); | ||
169 | + ses->sg = kzalloc(ses->array_size * sizeof(struct scatterlist), GFP_KERNEL); | ||
170 | + if (ses->sg == NULL || ses->pages == NULL) { | ||
171 | + ddebug(0, "Memory error"); | ||
172 | + ret = -ENOMEM; | ||
173 | + goto error_hash; | ||
174 | + } | ||
175 | + | ||
176 | + hash_op->ses = ses; | ||
177 | + return 0; | ||
178 | + | ||
179 | +error_hash: | ||
180 | + hash_destroy_session(ses); | ||
181 | + return ret; | ||
182 | +} | ||
183 | + | ||
184 | + | ||
185 | +/* Everything that needs to be done when remowing a session. */ | ||
186 | static inline void | ||
187 | crypto_destroy_session(struct csession *ses_ptr) | ||
188 | { | ||
189 | @@ -960,7 +1081,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
190 | void __user *arg = (void __user *)arg_; | ||
191 | int __user *p = arg; | ||
192 | struct session_op sop; | ||
193 | - struct hash_op_data hash_op; | ||
194 | + struct kernel_hash_op khop; | ||
195 | struct kernel_crypt_op kcop; | ||
196 | struct kernel_crypt_auth_op kcaop; | ||
197 | struct crypt_priv *pcr = filp->private_data; | ||
198 | @@ -1051,52 +1172,35 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
199 | |||
200 | return kcop_to_user(&kcop, fcr, arg); | ||
201 | case CIOCHASH: | ||
202 | - /* get session */ | ||
203 | - if (unlikely(copy_from_user(&hash_op, arg, sizeof(struct hash_op_data)))) { | ||
204 | + if (unlikely(copy_from_user(&khop.hash_op, arg, sizeof(struct hash_op_data)))) { | ||
205 | pr_err("copy from user fault\n"); | ||
206 | return -EFAULT; | ||
207 | } | ||
208 | + khop.task = current; | ||
209 | + khop.mm = current->mm; | ||
210 | |||
211 | - sop.cipher = 0; | ||
212 | - sop.mac = hash_op.mac_op; | ||
213 | - sop.mackey = hash_op.mackey; | ||
214 | - sop.mackeylen = hash_op.mackeylen; | ||
215 | - | ||
216 | - /* writes sop.ses as a side-effect */ | ||
217 | - ret = crypto_create_session(fcr, &sop); | ||
218 | + /* get session */ | ||
219 | + ret = hash_create_session(&khop.hash_op); | ||
220 | if (unlikely(ret)) { | ||
221 | pr_err("can't get session\n"); | ||
222 | return ret; | ||
223 | } | ||
224 | |||
225 | /* do hashing */ | ||
226 | - kcop.cop.ses = sop.ses; | ||
227 | - kcop.cop.flags = hash_op.flags; | ||
228 | - kcop.cop.len = hash_op.len; | ||
229 | - kcop.cop.src = hash_op.src; | ||
230 | - kcop.cop.mac = hash_op.mac_result; | ||
231 | - kcop.cop.dst = 0; | ||
232 | - kcop.cop.op = 0; | ||
233 | - kcop.cop.iv = 0; | ||
234 | - kcop.ivlen = 0; | ||
235 | - kcop.digestsize = 0; /* will be updated during operation */ | ||
236 | - kcop.task = current; | ||
237 | - kcop.mm = current->mm; | ||
238 | - | ||
239 | - ret = crypto_run(fcr, &kcop); | ||
240 | + ret = hash_run(&khop); | ||
241 | if (unlikely(ret)) { | ||
242 | dwarning(1, "Error in hash run"); | ||
243 | return ret; | ||
244 | } | ||
245 | |||
246 | - ret = copy_to_user(kcop.cop.mac, kcop.hash_output, kcop.digestsize); | ||
247 | + ret = copy_to_user(khop.hash_op.mac_result, khop.hash_output, khop.digestsize); | ||
248 | if (unlikely(ret)) { | ||
249 | dwarning(1, "Error in copy to user"); | ||
250 | return ret; | ||
251 | } | ||
252 | |||
253 | /* put session */ | ||
254 | - ret = crypto_finish_session(fcr, sop.ses); | ||
255 | + hash_destroy_session(khop.hash_op.ses); | ||
256 | return 0; | ||
257 | case CIOCAUTHCRYPT: | ||
258 | if (unlikely(ret = kcaop_from_user(&kcaop, fcr, arg))) { | ||
259 | diff --git a/main.c b/main.c | ||
260 | index ec11129..095aea5 100644 | ||
261 | --- a/main.c | ||
262 | +++ b/main.c | ||
263 | @@ -159,8 +159,6 @@ __crypto_run_std(struct csession *ses_ptr, struct crypt_op *cop) | ||
264 | return ret; | ||
265 | } | ||
266 | |||
267 | - | ||
268 | - | ||
269 | /* This is the main crypto function - zero-copy edition */ | ||
270 | static int | ||
271 | __crypto_run_zc(struct csession *ses_ptr, struct kernel_crypt_op *kcop) | ||
272 | @@ -841,3 +839,40 @@ out_unlock: | ||
273 | crypto_put_session(ses_ptr); | ||
274 | return ret; | ||
275 | } | ||
276 | + | ||
277 | +int hash_run(struct kernel_hash_op *khop) | ||
278 | +{ | ||
279 | + struct hash_op_data *hash_op = &khop->hash_op; | ||
280 | + struct csession *ses_ptr = hash_op->ses; | ||
281 | + struct hash_data *hdata = &ses_ptr->hdata; | ||
282 | + int ret; | ||
283 | + struct scatterlist *src_sg; | ||
284 | + struct scatterlist *dst_sg; /* required by get_userbuf but not used */ | ||
285 | + | ||
286 | + if (hash_op->len == 0) { | ||
287 | + src_sg = NULL; | ||
288 | + } else { | ||
289 | + ret = get_userbuf(ses_ptr, hash_op->src, hash_op->len, NULL, 0, | ||
290 | + khop->task, khop->mm, &src_sg, &dst_sg); | ||
291 | + if (unlikely(ret)) { | ||
292 | + derr(1, "Error getting user pages"); | ||
293 | + return ret; | ||
294 | + } | ||
295 | + } | ||
296 | + | ||
297 | + ahash_request_set_crypt(hdata->async.request, src_sg, khop->hash_output, hash_op->len); | ||
298 | + | ||
299 | + ret = crypto_ahash_digest(hdata->async.request); | ||
300 | + if (ret == -EINPROGRESS || ret == -EBUSY) { | ||
301 | + wait_for_completion(&hdata->async.result.completion); | ||
302 | + ret = hdata->async.result.err; | ||
303 | + if (ret != 0) { | ||
304 | + derr(0, "CryptoAPI failure: %d", ret); | ||
305 | + } | ||
306 | + } | ||
307 | + | ||
308 | + khop->digestsize = ses_ptr->hdata.digestsize; | ||
309 | + | ||
310 | + release_user_pages(ses_ptr); | ||
311 | + return ret; | ||
312 | +} | ||
313 | -- | ||
314 | 2.7.0 | ||
315 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0036-add-compat-for-CIOCHASH-operation.patch b/recipes-kernel/cryptodev/sdk_patches/0036-add-compat-for-CIOCHASH-operation.patch new file mode 100644 index 0000000..c206995 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0036-add-compat-for-CIOCHASH-operation.patch | |||
@@ -0,0 +1,120 @@ | |||
1 | From 711529cc7b8743ae8c9c0db4980ac15f7acb8618 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alex Porosanu <alexandru.porosanu@nxp.com> | ||
3 | Date: Tue, 12 Jan 2016 14:51:00 +0200 | ||
4 | Subject: [PATCH 36/38] add compat for CIOCHASH operation | ||
5 | |||
6 | This patch adds the necessary ioctl for using the CIOCHASH | ||
7 | operation for different userspace & kernel (i.e. 32b userspace | ||
8 | and 64b kernel). | ||
9 | |||
10 | Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com> | ||
11 | --- | ||
12 | cryptodev_int.h | 14 +++++++++++++- | ||
13 | ioctl.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ | ||
14 | 2 files changed, 63 insertions(+), 1 deletion(-) | ||
15 | |||
16 | diff --git a/cryptodev_int.h b/cryptodev_int.h | ||
17 | index 74c295a..6dcfd69 100644 | ||
18 | --- a/cryptodev_int.h | ||
19 | +++ b/cryptodev_int.h | ||
20 | @@ -129,6 +129,18 @@ struct compat_crypt_auth_op { | ||
21 | uint32_t iv_len; | ||
22 | }; | ||
23 | |||
24 | +struct compat_hash_op_data { | ||
25 | + compat_uptr_t ses; | ||
26 | + uint32_t mac_op; /* cryptodev_crypto_op_t */ | ||
27 | + compat_uptr_t mackey; | ||
28 | + uint32_t mackeylen; | ||
29 | + | ||
30 | + uint16_t flags; /* see COP_FLAG_* */ | ||
31 | + uint32_t len; /* length of source data */ | ||
32 | + compat_uptr_t src; /* source data */ | ||
33 | + compat_uptr_t mac_result; | ||
34 | +}; | ||
35 | + | ||
36 | /* compat ioctls, defined for the above structs */ | ||
37 | #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) | ||
38 | #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) | ||
39 | @@ -139,7 +151,7 @@ struct compat_crypt_auth_op { | ||
40 | #define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop) | ||
41 | #define COMPAT_CIOCASYMFETCHCOOKIE _IOR('c', 111, \ | ||
42 | struct compat_pkc_cookie_list_s) | ||
43 | - | ||
44 | +#define COMPAT_CIOCHASH _IOWR('c', 114, struct compat_hash_op_data) | ||
45 | #endif /* CONFIG_COMPAT */ | ||
46 | |||
47 | /* kernel-internal extension to struct crypt_kop */ | ||
48 | diff --git a/ioctl.c b/ioctl.c | ||
49 | index a052614..ff3de44 100644 | ||
50 | --- a/ioctl.c | ||
51 | +++ b/ioctl.c | ||
52 | @@ -1435,8 +1435,11 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
53 | struct fcrypt *fcr; | ||
54 | struct session_op sop; | ||
55 | struct compat_session_op compat_sop; | ||
56 | + struct kernel_hash_op khop; | ||
57 | struct kernel_crypt_op kcop; | ||
58 | struct kernel_crypt_auth_op kcaop; | ||
59 | + struct compat_hash_op_data compat_hash_op_data; | ||
60 | + | ||
61 | int ret; | ||
62 | |||
63 | if (unlikely(!pcr)) | ||
64 | @@ -1499,6 +1502,53 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
65 | |||
66 | return compat_kcop_to_user(&kcop, fcr, arg); | ||
67 | |||
68 | + case COMPAT_CIOCHASH: | ||
69 | + /* get session */ | ||
70 | + if (unlikely(copy_from_user(&compat_hash_op_data, arg, | ||
71 | + sizeof(struct compat_hash_op_data)))) { | ||
72 | + pr_err("copy from user fault\n"); | ||
73 | + return -EFAULT; | ||
74 | + } | ||
75 | + | ||
76 | + khop.task = current; | ||
77 | + khop.mm = current->mm; | ||
78 | + | ||
79 | + khop.hash_op.mac_op = compat_hash_op_data.mac_op; | ||
80 | + khop.hash_op.mackey = compat_ptr(compat_hash_op_data.mackey); | ||
81 | + khop.hash_op.mackeylen = compat_hash_op_data.mackeylen; | ||
82 | + khop.hash_op.flags = compat_hash_op_data.flags; | ||
83 | + khop.hash_op.len = compat_hash_op_data.len; | ||
84 | + khop.hash_op.src = compat_ptr(compat_hash_op_data.src); | ||
85 | + khop.hash_op.mac_result = | ||
86 | + compat_ptr(compat_hash_op_data.mac_result); | ||
87 | + | ||
88 | + ret = hash_create_session(&khop.hash_op); | ||
89 | + if (unlikely(ret)) { | ||
90 | + pr_err("can't get session\n"); | ||
91 | + return ret; | ||
92 | + } | ||
93 | + | ||
94 | + /* do hashing */ | ||
95 | + ret = hash_run(&khop); | ||
96 | + if (unlikely(ret)) { | ||
97 | + dwarning(1, "Error in hash run"); | ||
98 | + return ret; | ||
99 | + } | ||
100 | + | ||
101 | + ret = copy_to_user(khop.hash_op.mac_result, khop.hash_output, | ||
102 | + khop.digestsize); | ||
103 | + if (unlikely(ret)) { | ||
104 | + dwarning(1, "Error in copy to user"); | ||
105 | + return ret; | ||
106 | + } | ||
107 | + | ||
108 | + copy_to_user(arg, &compat_hash_op_data, | ||
109 | + sizeof(struct compat_hash_op_data)); | ||
110 | + | ||
111 | + /* put session */ | ||
112 | + hash_destroy_session(khop.hash_op.ses); | ||
113 | + return 0; | ||
114 | + | ||
115 | case COMPAT_CIOCAUTHCRYPT: | ||
116 | if (unlikely(ret = compat_kcaop_from_user(&kcaop, fcr, arg))) { | ||
117 | dprintk(1, KERN_WARNING, "Error copying from user\n"); | ||
118 | -- | ||
119 | 2.7.0 | ||
120 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0037-rewrite-sha_speed.c-to-reduce-code-duplication.patch b/recipes-kernel/cryptodev/sdk_patches/0037-rewrite-sha_speed.c-to-reduce-code-duplication.patch new file mode 100644 index 0000000..eff6ed9 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0037-rewrite-sha_speed.c-to-reduce-code-duplication.patch | |||
@@ -0,0 +1,190 @@ | |||
1 | From 344a0243e31f8fc467253404a548eedbb72b35d0 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Wed, 20 Jan 2016 17:11:49 +0200 | ||
4 | Subject: [PATCH 37/38] rewrite sha_speed.c to reduce code duplication | ||
5 | |||
6 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
7 | --- | ||
8 | tests/sha_speed.c | 131 ++++++++++++++++++++++++++++++++++-------------------- | ||
9 | 1 file changed, 84 insertions(+), 47 deletions(-) | ||
10 | |||
11 | diff --git a/tests/sha_speed.c b/tests/sha_speed.c | ||
12 | index e1dc54b..5f694bd 100644 | ||
13 | --- a/tests/sha_speed.c | ||
14 | +++ b/tests/sha_speed.c | ||
15 | @@ -28,6 +28,13 @@ | ||
16 | |||
17 | #include <crypto/cryptodev.h> | ||
18 | |||
19 | +/* Sizes of buffers to be hashed */ | ||
20 | +int buffer_lengths[] = {256, 512, 1024, 2048, 4096, 8192, 65536, 0}; | ||
21 | + | ||
22 | +/* Time in seconds allocated for each tested buffer lengths */ | ||
23 | +#define BUFFER_TEST_TIME 10 | ||
24 | + | ||
25 | + | ||
26 | static double udifftimeval(struct timeval start, struct timeval end) | ||
27 | { | ||
28 | return (double)(end.tv_usec - start.tv_usec) + | ||
29 | @@ -97,7 +104,7 @@ int hash_data(struct session_op *sess, int fdc, int chunksize, int alignmask) | ||
30 | memset(buffer, val++, chunksize); | ||
31 | |||
32 | must_finish = 0; | ||
33 | - alarm(5); | ||
34 | + alarm(BUFFER_TEST_TIME); | ||
35 | |||
36 | gettimeofday(&start, NULL); | ||
37 | do { | ||
38 | @@ -126,73 +133,103 @@ int hash_data(struct session_op *sess, int fdc, int chunksize, int alignmask) | ||
39 | return 0; | ||
40 | } | ||
41 | |||
42 | -int main(void) | ||
43 | -{ | ||
44 | - int fd, i, fdc = -1, alignmask = 0; | ||
45 | - struct session_op sess; | ||
46 | - char keybuf[32]; | ||
47 | + | ||
48 | #ifdef CIOCGSESSINFO | ||
49 | +int get_alignmask(struct session_op *sess, int fdc) | ||
50 | +{ | ||
51 | struct session_info_op siop; | ||
52 | + | ||
53 | + siop.ses = sess->ses; | ||
54 | + if (ioctl(fdc, CIOCGSESSINFO, &siop) < 0) { | ||
55 | + perror("ioctl(CIOCGSESSINFO)"); | ||
56 | + /* continue test ignoring CIOCGSESSINFO error */ | ||
57 | + return 0; | ||
58 | + } | ||
59 | + | ||
60 | + printf("using algorithm %s with driver %s\n", | ||
61 | + siop.hash_info.cra_name, siop.hash_info.cra_driver_name); | ||
62 | + | ||
63 | + return siop.alignmask; | ||
64 | +} | ||
65 | #endif | ||
66 | |||
67 | - signal(SIGALRM, alarm_handler); | ||
68 | |||
69 | - if ((fd = open("/dev/crypto", O_RDWR, 0)) < 0) { | ||
70 | - perror("open()"); | ||
71 | - return 1; | ||
72 | - } | ||
73 | - if (ioctl(fd, CRIOGET, &fdc)) { | ||
74 | - perror("ioctl(CRIOGET)"); | ||
75 | - return 1; | ||
76 | - } | ||
77 | +int hash_session(struct session_op *sess, int fdc) | ||
78 | +{ | ||
79 | + int i; | ||
80 | + int err; | ||
81 | + int alignmask; | ||
82 | |||
83 | - fprintf(stderr, "Testing SHA1 Hash: \n"); | ||
84 | - memset(&sess, 0, sizeof(sess)); | ||
85 | - sess.mac = CRYPTO_SHA1; | ||
86 | - if (ioctl(fdc, CIOCGSESSION, &sess)) { | ||
87 | + if (ioctl(fdc, CIOCGSESSION, sess)) { | ||
88 | perror("ioctl(CIOCGSESSION)"); | ||
89 | return 1; | ||
90 | } | ||
91 | + | ||
92 | #ifdef CIOCGSESSINFO | ||
93 | - siop.ses = sess.ses; | ||
94 | - if (ioctl(fdc, CIOCGSESSINFO, &siop)) { | ||
95 | - perror("ioctl(CIOCGSESSINFO)"); | ||
96 | - return 1; | ||
97 | - } | ||
98 | - printf("requested hash CRYPTO_SHA1, got %s with driver %s\n", | ||
99 | - siop.hash_info.cra_name, siop.hash_info.cra_driver_name); | ||
100 | - alignmask = siop.alignmask; | ||
101 | + alignmask = get_alignmask(sess, fdc); | ||
102 | +#else | ||
103 | + alignmask = 0; | ||
104 | #endif | ||
105 | |||
106 | - for (i = 256; i <= (64 * 1024); i *= 4) { | ||
107 | - if (hash_data(&sess, fdc, i, alignmask)) | ||
108 | - break; | ||
109 | + err = 0; | ||
110 | + for(i = 0; (err == 0) && (buffer_lengths[i] != 0); i++) { | ||
111 | + err = hash_data(sess, fdc, buffer_lengths[i], alignmask); | ||
112 | } | ||
113 | |||
114 | - fprintf(stderr, "\nTesting SHA256 Hash: \n"); | ||
115 | - memset(&sess, 0, sizeof(sess)); | ||
116 | - sess.mac = CRYPTO_SHA2_256; | ||
117 | - if (ioctl(fdc, CIOCGSESSION, &sess)) { | ||
118 | - perror("ioctl(CIOCGSESSION)"); | ||
119 | + if (ioctl(fdc, CIOCFSESSION, sess)) { | ||
120 | + perror("ioctl(CIOCFSESSION)"); | ||
121 | return 1; | ||
122 | } | ||
123 | -#ifdef CIOCGSESSINFO | ||
124 | - siop.ses = sess.ses; | ||
125 | - if (ioctl(fdc, CIOCGSESSINFO, &siop)) { | ||
126 | - perror("ioctl(CIOCGSESSINFO)"); | ||
127 | + | ||
128 | + return err; | ||
129 | +} | ||
130 | + | ||
131 | +int test_sha1(struct session_op *sess, int fdc) | ||
132 | +{ | ||
133 | + fprintf(stderr, "Testing SHA1 Hash: \n"); | ||
134 | + memset(sess, 0, sizeof(sess)); | ||
135 | + sess->mac = CRYPTO_SHA1; | ||
136 | + return hash_session(sess, fdc); | ||
137 | +} | ||
138 | + | ||
139 | + | ||
140 | +int test_sha256(struct session_op *sess, int fdc) | ||
141 | +{ | ||
142 | + fprintf(stderr, "Testing SHA256 Hash: \n"); | ||
143 | + memset(sess, 0, sizeof(sess)); | ||
144 | + sess->mac = CRYPTO_SHA2_256; | ||
145 | + return hash_session(sess, fdc); | ||
146 | +} | ||
147 | + | ||
148 | + | ||
149 | +int main(void) | ||
150 | +{ | ||
151 | + int fd; | ||
152 | + int fdc; | ||
153 | + int err; | ||
154 | + int i; | ||
155 | + struct session_op sess; | ||
156 | + | ||
157 | + signal(SIGALRM, alarm_handler); | ||
158 | + | ||
159 | + fd = open("/dev/crypto", O_RDWR, 0); | ||
160 | + if (fd < 0) { | ||
161 | + perror("open()"); | ||
162 | return 1; | ||
163 | } | ||
164 | - printf("requested hash CRYPTO_SHA2_256, got %s with driver %s\n", | ||
165 | - siop.hash_info.cra_name, siop.hash_info.cra_driver_name); | ||
166 | - alignmask = siop.alignmask; | ||
167 | -#endif | ||
168 | |||
169 | - for (i = 256; i <= (64 * 1024); i *= 4) { | ||
170 | - if (hash_data(&sess, fdc, i, alignmask)) | ||
171 | - break; | ||
172 | + err = ioctl(fd, CRIOGET, &fdc); | ||
173 | + if (err != 0) { | ||
174 | + perror("ioctl(CRIOGET)"); | ||
175 | + close(fd); | ||
176 | + return 1; | ||
177 | } | ||
178 | |||
179 | + /* run all tests but return an eventual error */ | ||
180 | + err |= test_sha1(&sess, fdc); | ||
181 | + err |= test_sha256(&sess, fdc); | ||
182 | + | ||
183 | close(fdc); | ||
184 | close(fd); | ||
185 | - return 0; | ||
186 | + return err; | ||
187 | } | ||
188 | -- | ||
189 | 2.7.0 | ||
190 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0038-extend-sha_speed.c-to-test-CIOCHASH.patch b/recipes-kernel/cryptodev/sdk_patches/0038-extend-sha_speed.c-to-test-CIOCHASH.patch new file mode 100644 index 0000000..eb8bf19 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0038-extend-sha_speed.c-to-test-CIOCHASH.patch | |||
@@ -0,0 +1,143 @@ | |||
1 | From 65704ea24e80647e8c5f938300f51cb70af50c1c Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Thu, 21 Jan 2016 17:30:59 +0200 | ||
4 | Subject: [PATCH 38/38] extend sha_speed.c to test CIOCHASH | ||
5 | |||
6 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
7 | --- | ||
8 | tests/sha_speed.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ | ||
9 | 1 file changed, 90 insertions(+) | ||
10 | |||
11 | diff --git a/tests/sha_speed.c b/tests/sha_speed.c | ||
12 | index 5f694bd..d731c66 100644 | ||
13 | --- a/tests/sha_speed.c | ||
14 | +++ b/tests/sha_speed.c | ||
15 | @@ -133,6 +133,62 @@ int hash_data(struct session_op *sess, int fdc, int chunksize, int alignmask) | ||
16 | return 0; | ||
17 | } | ||
18 | |||
19 | +int digest_data(struct session_op *sess, int fdc, int chunksize, int alignmask) | ||
20 | +{ | ||
21 | + struct hash_op_data hash_op; | ||
22 | + char *buffer; | ||
23 | + static int val = 23; | ||
24 | + struct timeval start, end; | ||
25 | + double total = 0; | ||
26 | + double secs, ddata, dspeed; | ||
27 | + char metric[16]; | ||
28 | + uint8_t mac[AALG_MAX_RESULT_LEN]; | ||
29 | + | ||
30 | + if (alignmask) { | ||
31 | + if (posix_memalign((void **)&buffer, alignmask + 1, chunksize)) { | ||
32 | + printf("posix_memalign() failed!\n"); | ||
33 | + return 1; | ||
34 | + } | ||
35 | + } else { | ||
36 | + if (!(buffer = malloc(chunksize))) { | ||
37 | + perror("malloc()"); | ||
38 | + return 1; | ||
39 | + } | ||
40 | + } | ||
41 | + | ||
42 | + printf("\tEncrypting in chunks of %d bytes: ", chunksize); | ||
43 | + fflush(stdout); | ||
44 | + | ||
45 | + memset(buffer, val++, chunksize); | ||
46 | + | ||
47 | + must_finish = 0; | ||
48 | + alarm(BUFFER_TEST_TIME); | ||
49 | + | ||
50 | + gettimeofday(&start, NULL); | ||
51 | + do { | ||
52 | + memset(&hash_op, 0, sizeof(hash_op)); | ||
53 | + hash_op.mac_op = sess->mac; | ||
54 | + hash_op.len = chunksize; | ||
55 | + hash_op.src = (unsigned char *)buffer; | ||
56 | + hash_op.mac_result = mac; | ||
57 | + | ||
58 | + if (ioctl(fdc, CIOCHASH, hash_op) != 0) { | ||
59 | + perror("ioctl(CIOCHASH)"); | ||
60 | + return 1; | ||
61 | + } | ||
62 | + total += chunksize; | ||
63 | + } while(must_finish == 0); | ||
64 | + gettimeofday(&end, NULL); | ||
65 | + | ||
66 | + secs = udifftimeval(start, end)/ 1000000.0; | ||
67 | + | ||
68 | + value2human(1, total, secs, &ddata, &dspeed, metric); | ||
69 | + printf ("done. %.2f %s in %.2f secs: ", ddata, metric, secs); | ||
70 | + printf ("%.2f %s/sec\n", dspeed, metric); | ||
71 | + | ||
72 | + free(buffer); | ||
73 | + return 0; | ||
74 | +} | ||
75 | |||
76 | #ifdef CIOCGSESSINFO | ||
77 | int get_alignmask(struct session_op *sess, int fdc) | ||
78 | @@ -154,6 +210,20 @@ int get_alignmask(struct session_op *sess, int fdc) | ||
79 | #endif | ||
80 | |||
81 | |||
82 | +int ciochash_session(struct session_op *sess, int fdc) | ||
83 | +{ | ||
84 | + int i; | ||
85 | + int err = 0; | ||
86 | + | ||
87 | + err = 0; | ||
88 | + for(i = 0; (err == 0) && (buffer_lengths[i] != 0); i++) { | ||
89 | + err = digest_data(sess, fdc, buffer_lengths[i], 0); | ||
90 | + } | ||
91 | + | ||
92 | + return err; | ||
93 | +} | ||
94 | + | ||
95 | + | ||
96 | int hash_session(struct session_op *sess, int fdc) | ||
97 | { | ||
98 | int i; | ||
99 | @@ -193,6 +263,15 @@ int test_sha1(struct session_op *sess, int fdc) | ||
100 | } | ||
101 | |||
102 | |||
103 | +int test_sha1_ciochash(struct session_op *sess, int fdc) | ||
104 | +{ | ||
105 | + fprintf(stderr, "Testing SHA1 CIOCHASH: \n"); | ||
106 | + memset(sess, 0, sizeof(sess)); | ||
107 | + sess->mac = CRYPTO_SHA1; | ||
108 | + return ciochash_session(sess, fdc); | ||
109 | +} | ||
110 | + | ||
111 | + | ||
112 | int test_sha256(struct session_op *sess, int fdc) | ||
113 | { | ||
114 | fprintf(stderr, "Testing SHA256 Hash: \n"); | ||
115 | @@ -202,6 +281,15 @@ int test_sha256(struct session_op *sess, int fdc) | ||
116 | } | ||
117 | |||
118 | |||
119 | +int test_sha256_ciochash(struct session_op *sess, int fdc) | ||
120 | +{ | ||
121 | + fprintf(stderr, "Testing SHA256 CIOCHASH: \n"); | ||
122 | + memset(sess, 0, sizeof(sess)); | ||
123 | + sess->mac = CRYPTO_SHA2_256; | ||
124 | + return ciochash_session(sess, fdc); | ||
125 | +} | ||
126 | + | ||
127 | + | ||
128 | int main(void) | ||
129 | { | ||
130 | int fd; | ||
131 | @@ -227,7 +315,9 @@ int main(void) | ||
132 | |||
133 | /* run all tests but return an eventual error */ | ||
134 | err |= test_sha1(&sess, fdc); | ||
135 | + err |= test_sha1_ciochash(&sess, fdc); | ||
136 | err |= test_sha256(&sess, fdc); | ||
137 | + err |= test_sha256_ciochash(&sess, fdc); | ||
138 | |||
139 | close(fdc); | ||
140 | close(fd); | ||
141 | -- | ||
142 | 2.7.0 | ||
143 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0039-fix-memory-leaks-on-error-path-for-CIOCHASH.patch b/recipes-kernel/cryptodev/sdk_patches/0039-fix-memory-leaks-on-error-path-for-CIOCHASH.patch new file mode 100644 index 0000000..fc2f4c8 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0039-fix-memory-leaks-on-error-path-for-CIOCHASH.patch | |||
@@ -0,0 +1,70 @@ | |||
1 | From 3e3996b40fd3a93cbe2e5ddee244280dd7de6c18 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Tue, 9 Feb 2016 21:07:06 +0200 | ||
4 | Subject: [PATCH 39/40] fix memory leaks on error path for CIOCHASH | ||
5 | |||
6 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
7 | --- | ||
8 | ioctl.c | 20 +++++++++++--------- | ||
9 | 1 file changed, 11 insertions(+), 9 deletions(-) | ||
10 | |||
11 | diff --git a/ioctl.c b/ioctl.c | ||
12 | index ff3de44..8d81b56 100644 | ||
13 | --- a/ioctl.c | ||
14 | +++ b/ioctl.c | ||
15 | @@ -1190,18 +1190,17 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) | ||
16 | ret = hash_run(&khop); | ||
17 | if (unlikely(ret)) { | ||
18 | dwarning(1, "Error in hash run"); | ||
19 | - return ret; | ||
20 | + goto hash_err; | ||
21 | } | ||
22 | |||
23 | ret = copy_to_user(khop.hash_op.mac_result, khop.hash_output, khop.digestsize); | ||
24 | if (unlikely(ret)) { | ||
25 | dwarning(1, "Error in copy to user"); | ||
26 | - return ret; | ||
27 | } | ||
28 | |||
29 | - /* put session */ | ||
30 | + hash_err: | ||
31 | hash_destroy_session(khop.hash_op.ses); | ||
32 | - return 0; | ||
33 | + return ret; | ||
34 | case CIOCAUTHCRYPT: | ||
35 | if (unlikely(ret = kcaop_from_user(&kcaop, fcr, arg))) { | ||
36 | dwarning(1, "Error copying from user"); | ||
37 | @@ -1532,22 +1531,25 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) | ||
38 | ret = hash_run(&khop); | ||
39 | if (unlikely(ret)) { | ||
40 | dwarning(1, "Error in hash run"); | ||
41 | - return ret; | ||
42 | + goto hash_err; | ||
43 | } | ||
44 | |||
45 | ret = copy_to_user(khop.hash_op.mac_result, khop.hash_output, | ||
46 | khop.digestsize); | ||
47 | if (unlikely(ret)) { | ||
48 | dwarning(1, "Error in copy to user"); | ||
49 | - return ret; | ||
50 | + goto hash_err; | ||
51 | } | ||
52 | |||
53 | - copy_to_user(arg, &compat_hash_op_data, | ||
54 | + ret = copy_to_user(arg, &compat_hash_op_data, | ||
55 | sizeof(struct compat_hash_op_data)); | ||
56 | + if (unlikely(ret)) { | ||
57 | + dwarning(1, "Error in copy to user"); | ||
58 | + } | ||
59 | |||
60 | - /* put session */ | ||
61 | + hash_err: | ||
62 | hash_destroy_session(khop.hash_op.ses); | ||
63 | - return 0; | ||
64 | + return ret; | ||
65 | |||
66 | case COMPAT_CIOCAUTHCRYPT: | ||
67 | if (unlikely(ret = compat_kcaop_from_user(&kcaop, fcr, arg))) { | ||
68 | -- | ||
69 | 2.7.0 | ||
70 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0040-fix-structure-init-in-sha_speed-test.patch b/recipes-kernel/cryptodev/sdk_patches/0040-fix-structure-init-in-sha_speed-test.patch new file mode 100644 index 0000000..053d376 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0040-fix-structure-init-in-sha_speed-test.patch | |||
@@ -0,0 +1,53 @@ | |||
1 | From 3eb9ed52743584949ff9b4844e810333c34a3a1f Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Fri, 12 Feb 2016 11:23:41 +0200 | ||
4 | Subject: [PATCH 40/40] fix structure init in sha_speed test | ||
5 | |||
6 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
7 | --- | ||
8 | tests/sha_speed.c | 8 ++++---- | ||
9 | 1 file changed, 4 insertions(+), 4 deletions(-) | ||
10 | |||
11 | diff --git a/tests/sha_speed.c b/tests/sha_speed.c | ||
12 | index d731c66..75d0f42 100644 | ||
13 | --- a/tests/sha_speed.c | ||
14 | +++ b/tests/sha_speed.c | ||
15 | @@ -257,7 +257,7 @@ int hash_session(struct session_op *sess, int fdc) | ||
16 | int test_sha1(struct session_op *sess, int fdc) | ||
17 | { | ||
18 | fprintf(stderr, "Testing SHA1 Hash: \n"); | ||
19 | - memset(sess, 0, sizeof(sess)); | ||
20 | + memset(sess, 0, sizeof(struct session_op)); | ||
21 | sess->mac = CRYPTO_SHA1; | ||
22 | return hash_session(sess, fdc); | ||
23 | } | ||
24 | @@ -266,7 +266,7 @@ int test_sha1(struct session_op *sess, int fdc) | ||
25 | int test_sha1_ciochash(struct session_op *sess, int fdc) | ||
26 | { | ||
27 | fprintf(stderr, "Testing SHA1 CIOCHASH: \n"); | ||
28 | - memset(sess, 0, sizeof(sess)); | ||
29 | + memset(sess, 0, sizeof(struct session_op)); | ||
30 | sess->mac = CRYPTO_SHA1; | ||
31 | return ciochash_session(sess, fdc); | ||
32 | } | ||
33 | @@ -275,7 +275,7 @@ int test_sha1_ciochash(struct session_op *sess, int fdc) | ||
34 | int test_sha256(struct session_op *sess, int fdc) | ||
35 | { | ||
36 | fprintf(stderr, "Testing SHA256 Hash: \n"); | ||
37 | - memset(sess, 0, sizeof(sess)); | ||
38 | + memset(sess, 0, sizeof(struct session_op)); | ||
39 | sess->mac = CRYPTO_SHA2_256; | ||
40 | return hash_session(sess, fdc); | ||
41 | } | ||
42 | @@ -284,7 +284,7 @@ int test_sha256(struct session_op *sess, int fdc) | ||
43 | int test_sha256_ciochash(struct session_op *sess, int fdc) | ||
44 | { | ||
45 | fprintf(stderr, "Testing SHA256 CIOCHASH: \n"); | ||
46 | - memset(sess, 0, sizeof(sess)); | ||
47 | + memset(sess, 0, sizeof(struct session_op)); | ||
48 | sess->mac = CRYPTO_SHA2_256; | ||
49 | return ciochash_session(sess, fdc); | ||
50 | } | ||
51 | -- | ||
52 | 2.7.0 | ||
53 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0041-add-separate-target-for-building-tests.patch b/recipes-kernel/cryptodev/sdk_patches/0041-add-separate-target-for-building-tests.patch new file mode 100644 index 0000000..ff73825 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0041-add-separate-target-for-building-tests.patch | |||
@@ -0,0 +1,38 @@ | |||
1 | From 0d58530f5c5970db9787a23aef4227c68f941fcc Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Wed, 10 Feb 2016 16:22:05 +0200 | ||
4 | Subject: [PATCH 41/43] add separate target for building tests | ||
5 | |||
6 | A separate target for build is useful with cross-compilation. In this | ||
7 | case it makes sense to build the tests without running them on the host | ||
8 | machine. | ||
9 | |||
10 | The default target is now 'all' and only builds the tests | ||
11 | |||
12 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
13 | --- | ||
14 | tests/Makefile | 4 ++++ | ||
15 | 1 file changed, 4 insertions(+) | ||
16 | |||
17 | diff --git a/tests/Makefile b/tests/Makefile | ||
18 | index 3155da9..89f88fe 100644 | ||
19 | --- a/tests/Makefile | ||
20 | +++ b/tests/Makefile | ||
21 | @@ -19,6 +19,8 @@ example-async-hmac-objs := async_hmac.o | ||
22 | example-async-speed-objs := async_speed.o | ||
23 | example-hashcrypt-speed-objs := hashcrypt_speed.c | ||
24 | |||
25 | +all: $(hostprogs) | ||
26 | + | ||
27 | check: $(hostprogs) | ||
28 | ./cipher | ||
29 | ./hmac | ||
30 | @@ -33,3 +35,5 @@ clean: | ||
31 | |||
32 | ${comp_progs}: LDLIBS += -lssl -lcrypto | ||
33 | ${comp_progs}: %: %.o openssl_wrapper.o | ||
34 | + | ||
35 | +.PHONY: all clean check | ||
36 | -- | ||
37 | 2.7.0 | ||
38 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0042-fix-destination-for-staged-installs.patch b/recipes-kernel/cryptodev/sdk_patches/0042-fix-destination-for-staged-installs.patch new file mode 100644 index 0000000..c8ae06e --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0042-fix-destination-for-staged-installs.patch | |||
@@ -0,0 +1,55 @@ | |||
1 | From dcb8fe0fcf71feac2a4f57c44a5153bfc404b4c3 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Thu, 11 Feb 2016 16:37:23 +0200 | ||
4 | Subject: [PATCH 42/43] fix destination for staged installs | ||
5 | |||
6 | The standard variable for staged installations is DESTDIR and it should | ||
7 | be set only by the user, outside of Makefile. This is consistent with | ||
8 | recommendations from both GNU Make and FreeBSD porters-handbook. | ||
9 | |||
10 | make DESTDIR=/tmp/stage install | ||
11 | |||
12 | $prefix and $PREFIX (in FreeBSD world) are used to specify where the | ||
13 | files will be installed. It defaults to /usr/local but can be /usr or | ||
14 | /opt or something else. | ||
15 | |||
16 | Usually one wants to do a stage installation when cross-building or for | ||
17 | other purposes. The convention is to use DESTDIR. | ||
18 | Changing $prefix is useful for installers. They can override its value | ||
19 | when calling make: | ||
20 | |||
21 | make prefix=/usr install | ||
22 | |||
23 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
24 | --- | ||
25 | Makefile | 7 ++++--- | ||
26 | 1 file changed, 4 insertions(+), 3 deletions(-) | ||
27 | |||
28 | diff --git a/Makefile b/Makefile | ||
29 | index 7f8df37..9871a8e 100644 | ||
30 | --- a/Makefile | ||
31 | +++ b/Makefile | ||
32 | @@ -7,7 +7,9 @@ CRYPTODEV_CFLAGS ?= #-DENABLE_ASYNC | ||
33 | KBUILD_CFLAGS += -I$(src) $(CRYPTODEV_CFLAGS) | ||
34 | KERNEL_DIR ?= /lib/modules/$(shell uname -r)/build | ||
35 | VERSION = 1.8 | ||
36 | -PREFIX ?= | ||
37 | + | ||
38 | +prefix ?= /usr/local | ||
39 | +includedir = $(prefix)/include | ||
40 | |||
41 | cryptodev-objs = ioctl.o main.o cryptlib.o authenc.o zc.o util.o | ||
42 | |||
43 | @@ -31,8 +33,7 @@ install: modules_install | ||
44 | |||
45 | modules_install: | ||
46 | $(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules_install | ||
47 | - @echo "Installing cryptodev.h in $(PREFIX)/usr/include/crypto ..." | ||
48 | - @install -D crypto/cryptodev.h $(PREFIX)/usr/include/crypto/cryptodev.h | ||
49 | + install -m 644 -D crypto/cryptodev.h $(DESTDIR)/$(includedir)/crypto/cryptodev.h | ||
50 | |||
51 | clean: | ||
52 | $(MAKE) -C $(KERNEL_DIR) M=$(PWD) clean | ||
53 | -- | ||
54 | 2.7.0 | ||
55 | |||
diff --git a/recipes-kernel/cryptodev/sdk_patches/0043-add-install-target-for-tests.patch b/recipes-kernel/cryptodev/sdk_patches/0043-add-install-target-for-tests.patch new file mode 100644 index 0000000..f3b7022 --- /dev/null +++ b/recipes-kernel/cryptodev/sdk_patches/0043-add-install-target-for-tests.patch | |||
@@ -0,0 +1,46 @@ | |||
1 | From 44629033d47543d106299b6c8bed9e5c9fed1513 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Thu, 11 Feb 2016 16:48:53 +0200 | ||
4 | Subject: [PATCH 43/43] add install target for tests | ||
5 | |||
6 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
7 | --- | ||
8 | tests/Makefile | 12 +++++++++++- | ||
9 | 1 file changed, 11 insertions(+), 1 deletion(-) | ||
10 | |||
11 | diff --git a/tests/Makefile b/tests/Makefile | ||
12 | index 89f88fe..5e3111d 100644 | ||
13 | --- a/tests/Makefile | ||
14 | +++ b/tests/Makefile | ||
15 | @@ -19,6 +19,10 @@ example-async-hmac-objs := async_hmac.o | ||
16 | example-async-speed-objs := async_speed.o | ||
17 | example-hashcrypt-speed-objs := hashcrypt_speed.c | ||
18 | |||
19 | +prefix ?= /usr/local | ||
20 | +execprefix ?= $(prefix) | ||
21 | +bindir = $(execprefix)/bin | ||
22 | + | ||
23 | all: $(hostprogs) | ||
24 | |||
25 | check: $(hostprogs) | ||
26 | @@ -30,10 +34,16 @@ check: $(hostprogs) | ||
27 | ./cipher-gcm | ||
28 | ./cipher-aead | ||
29 | |||
30 | +install: | ||
31 | + install -d $(DESTDIR)/$(bindir) | ||
32 | + for prog in $(hostprogs); do \ | ||
33 | + install -m 755 $$prog $(DESTDIR)/$(bindir); \ | ||
34 | + done | ||
35 | + | ||
36 | clean: | ||
37 | rm -f *.o *~ $(hostprogs) | ||
38 | |||
39 | ${comp_progs}: LDLIBS += -lssl -lcrypto | ||
40 | ${comp_progs}: %: %.o openssl_wrapper.o | ||
41 | |||
42 | -.PHONY: all clean check | ||
43 | +.PHONY: all clean check install | ||
44 | -- | ||
45 | 2.7.0 | ||
46 | |||