diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-08-13 18:24:35 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-08-13 18:24:35 -0400 |
commit | 8d0968abd03ec6b407df117adc773562386702fa (patch) | |
tree | 61ec7f0eb052af3d7da83dee9605b1fc0fae0f57 | |
parent | 9ea319b61613085f501a79cf8d405cb221d084f3 (diff) | |
parent | e49140120c88eb99db1a9172d9ac224c0f2bbdd2 (diff) |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: padlock - fix VIA PadLock instruction usage with irq_ts_save/restore()
crypto: hash - Add missing top-level functions
crypto: hash - Fix digest size check for digest type
crypto: tcrypt - Fix AEAD chunk testing
crypto: talitos - Add handling for SEC 3.x treatment of link table
-rw-r--r-- | crypto/digest.c | 2 | ||||
-rw-r--r-- | crypto/tcrypt.c | 28 | ||||
-rw-r--r-- | drivers/char/hw_random/via-rng.c | 8 | ||||
-rw-r--r-- | drivers/crypto/padlock-aes.c | 28 | ||||
-rw-r--r-- | drivers/crypto/padlock-sha.c | 9 | ||||
-rw-r--r-- | drivers/crypto/talitos.c | 54 | ||||
-rw-r--r-- | include/asm-x86/i387.h | 32 | ||||
-rw-r--r-- | include/crypto/hash.h | 18 |
8 files changed, 153 insertions, 26 deletions
diff --git a/crypto/digest.c b/crypto/digest.c index ac0919460d14..5d3f1303da98 100644 --- a/crypto/digest.c +++ b/crypto/digest.c | |||
@@ -225,7 +225,7 @@ int crypto_init_digest_ops_async(struct crypto_tfm *tfm) | |||
225 | struct ahash_tfm *crt = &tfm->crt_ahash; | 225 | struct ahash_tfm *crt = &tfm->crt_ahash; |
226 | struct digest_alg *dalg = &tfm->__crt_alg->cra_digest; | 226 | struct digest_alg *dalg = &tfm->__crt_alg->cra_digest; |
227 | 227 | ||
228 | if (dalg->dia_digestsize > crypto_tfm_alg_blocksize(tfm)) | 228 | if (dalg->dia_digestsize > PAGE_SIZE / 8) |
229 | return -EINVAL; | 229 | return -EINVAL; |
230 | 230 | ||
231 | crt->init = digest_async_init; | 231 | crt->init = digest_async_init; |
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index 59821a22d752..66368022e0bf 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c | |||
@@ -481,21 +481,31 @@ next_one: | |||
481 | 481 | ||
482 | for (k = 0, temp = 0; k < template[i].np; k++) { | 482 | for (k = 0, temp = 0; k < template[i].np; k++) { |
483 | printk(KERN_INFO "page %u\n", k); | 483 | printk(KERN_INFO "page %u\n", k); |
484 | q = &axbuf[IDX[k]]; | 484 | q = &xbuf[IDX[k]]; |
485 | hexdump(q, template[i].tap[k]); | 485 | |
486 | n = template[i].tap[k]; | ||
487 | if (k == template[i].np - 1) | ||
488 | n += enc ? authsize : -authsize; | ||
489 | hexdump(q, n); | ||
486 | printk(KERN_INFO "%s\n", | 490 | printk(KERN_INFO "%s\n", |
487 | memcmp(q, template[i].result + temp, | 491 | memcmp(q, template[i].result + temp, n) ? |
488 | template[i].tap[k] - | ||
489 | (k < template[i].np - 1 || enc ? | ||
490 | 0 : authsize)) ? | ||
491 | "fail" : "pass"); | 492 | "fail" : "pass"); |
492 | 493 | ||
493 | for (n = 0; q[template[i].tap[k] + n]; n++) | 494 | q += n; |
494 | ; | 495 | if (k == template[i].np - 1 && !enc) { |
496 | if (memcmp(q, template[i].input + | ||
497 | temp + n, authsize)) | ||
498 | n = authsize; | ||
499 | else | ||
500 | n = 0; | ||
501 | } else { | ||
502 | for (n = 0; q[n]; n++) | ||
503 | ; | ||
504 | } | ||
495 | if (n) { | 505 | if (n) { |
496 | printk("Result buffer corruption %u " | 506 | printk("Result buffer corruption %u " |
497 | "bytes:\n", n); | 507 | "bytes:\n", n); |
498 | hexdump(&q[template[i].tap[k]], n); | 508 | hexdump(q, n); |
499 | } | 509 | } |
500 | 510 | ||
501 | temp += template[i].tap[k]; | 511 | temp += template[i].tap[k]; |
diff --git a/drivers/char/hw_random/via-rng.c b/drivers/char/hw_random/via-rng.c index f7feae4ebb5e..128202e18fc9 100644 --- a/drivers/char/hw_random/via-rng.c +++ b/drivers/char/hw_random/via-rng.c | |||
@@ -31,6 +31,7 @@ | |||
31 | #include <asm/io.h> | 31 | #include <asm/io.h> |
32 | #include <asm/msr.h> | 32 | #include <asm/msr.h> |
33 | #include <asm/cpufeature.h> | 33 | #include <asm/cpufeature.h> |
34 | #include <asm/i387.h> | ||
34 | 35 | ||
35 | 36 | ||
36 | #define PFX KBUILD_MODNAME ": " | 37 | #define PFX KBUILD_MODNAME ": " |
@@ -67,16 +68,23 @@ enum { | |||
67 | * Another possible performance boost may come from simply buffering | 68 | * Another possible performance boost may come from simply buffering |
68 | * until we have 4 bytes, thus returning a u32 at a time, | 69 | * until we have 4 bytes, thus returning a u32 at a time, |
69 | * instead of the current u8-at-a-time. | 70 | * instead of the current u8-at-a-time. |
71 | * | ||
72 | * Padlock instructions can generate a spurious DNA fault, so | ||
73 | * we have to call them in the context of irq_ts_save/restore() | ||
70 | */ | 74 | */ |
71 | 75 | ||
72 | static inline u32 xstore(u32 *addr, u32 edx_in) | 76 | static inline u32 xstore(u32 *addr, u32 edx_in) |
73 | { | 77 | { |
74 | u32 eax_out; | 78 | u32 eax_out; |
79 | int ts_state; | ||
80 | |||
81 | ts_state = irq_ts_save(); | ||
75 | 82 | ||
76 | asm(".byte 0x0F,0xA7,0xC0 /* xstore %%edi (addr=%0) */" | 83 | asm(".byte 0x0F,0xA7,0xC0 /* xstore %%edi (addr=%0) */" |
77 | :"=m"(*addr), "=a"(eax_out) | 84 | :"=m"(*addr), "=a"(eax_out) |
78 | :"D"(addr), "d"(edx_in)); | 85 | :"D"(addr), "d"(edx_in)); |
79 | 86 | ||
87 | irq_ts_restore(ts_state); | ||
80 | return eax_out; | 88 | return eax_out; |
81 | } | 89 | } |
82 | 90 | ||
diff --git a/drivers/crypto/padlock-aes.c b/drivers/crypto/padlock-aes.c index 54a2a166e566..bf2917d197a0 100644 --- a/drivers/crypto/padlock-aes.c +++ b/drivers/crypto/padlock-aes.c | |||
@@ -16,6 +16,7 @@ | |||
16 | #include <linux/interrupt.h> | 16 | #include <linux/interrupt.h> |
17 | #include <linux/kernel.h> | 17 | #include <linux/kernel.h> |
18 | #include <asm/byteorder.h> | 18 | #include <asm/byteorder.h> |
19 | #include <asm/i387.h> | ||
19 | #include "padlock.h" | 20 | #include "padlock.h" |
20 | 21 | ||
21 | /* Control word. */ | 22 | /* Control word. */ |
@@ -141,6 +142,12 @@ static inline void padlock_reset_key(void) | |||
141 | asm volatile ("pushfl; popfl"); | 142 | asm volatile ("pushfl; popfl"); |
142 | } | 143 | } |
143 | 144 | ||
145 | /* | ||
146 | * While the padlock instructions don't use FP/SSE registers, they | ||
147 | * generate a spurious DNA fault when cr0.ts is '1'. These instructions | ||
148 | * should be used only inside the irq_ts_save/restore() context | ||
149 | */ | ||
150 | |||
144 | static inline void padlock_xcrypt(const u8 *input, u8 *output, void *key, | 151 | static inline void padlock_xcrypt(const u8 *input, u8 *output, void *key, |
145 | void *control_word) | 152 | void *control_word) |
146 | { | 153 | { |
@@ -205,15 +212,23 @@ static inline u8 *padlock_xcrypt_cbc(const u8 *input, u8 *output, void *key, | |||
205 | static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 212 | static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
206 | { | 213 | { |
207 | struct aes_ctx *ctx = aes_ctx(tfm); | 214 | struct aes_ctx *ctx = aes_ctx(tfm); |
215 | int ts_state; | ||
208 | padlock_reset_key(); | 216 | padlock_reset_key(); |
217 | |||
218 | ts_state = irq_ts_save(); | ||
209 | aes_crypt(in, out, ctx->E, &ctx->cword.encrypt); | 219 | aes_crypt(in, out, ctx->E, &ctx->cword.encrypt); |
220 | irq_ts_restore(ts_state); | ||
210 | } | 221 | } |
211 | 222 | ||
212 | static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 223 | static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
213 | { | 224 | { |
214 | struct aes_ctx *ctx = aes_ctx(tfm); | 225 | struct aes_ctx *ctx = aes_ctx(tfm); |
226 | int ts_state; | ||
215 | padlock_reset_key(); | 227 | padlock_reset_key(); |
228 | |||
229 | ts_state = irq_ts_save(); | ||
216 | aes_crypt(in, out, ctx->D, &ctx->cword.decrypt); | 230 | aes_crypt(in, out, ctx->D, &ctx->cword.decrypt); |
231 | irq_ts_restore(ts_state); | ||
217 | } | 232 | } |
218 | 233 | ||
219 | static struct crypto_alg aes_alg = { | 234 | static struct crypto_alg aes_alg = { |
@@ -244,12 +259,14 @@ static int ecb_aes_encrypt(struct blkcipher_desc *desc, | |||
244 | struct aes_ctx *ctx = blk_aes_ctx(desc->tfm); | 259 | struct aes_ctx *ctx = blk_aes_ctx(desc->tfm); |
245 | struct blkcipher_walk walk; | 260 | struct blkcipher_walk walk; |
246 | int err; | 261 | int err; |
262 | int ts_state; | ||
247 | 263 | ||
248 | padlock_reset_key(); | 264 | padlock_reset_key(); |
249 | 265 | ||
250 | blkcipher_walk_init(&walk, dst, src, nbytes); | 266 | blkcipher_walk_init(&walk, dst, src, nbytes); |
251 | err = blkcipher_walk_virt(desc, &walk); | 267 | err = blkcipher_walk_virt(desc, &walk); |
252 | 268 | ||
269 | ts_state = irq_ts_save(); | ||
253 | while ((nbytes = walk.nbytes)) { | 270 | while ((nbytes = walk.nbytes)) { |
254 | padlock_xcrypt_ecb(walk.src.virt.addr, walk.dst.virt.addr, | 271 | padlock_xcrypt_ecb(walk.src.virt.addr, walk.dst.virt.addr, |
255 | ctx->E, &ctx->cword.encrypt, | 272 | ctx->E, &ctx->cword.encrypt, |
@@ -257,6 +274,7 @@ static int ecb_aes_encrypt(struct blkcipher_desc *desc, | |||
257 | nbytes &= AES_BLOCK_SIZE - 1; | 274 | nbytes &= AES_BLOCK_SIZE - 1; |
258 | err = blkcipher_walk_done(desc, &walk, nbytes); | 275 | err = blkcipher_walk_done(desc, &walk, nbytes); |
259 | } | 276 | } |
277 | irq_ts_restore(ts_state); | ||
260 | 278 | ||
261 | return err; | 279 | return err; |
262 | } | 280 | } |
@@ -268,12 +286,14 @@ static int ecb_aes_decrypt(struct blkcipher_desc *desc, | |||
268 | struct aes_ctx *ctx = blk_aes_ctx(desc->tfm); | 286 | struct aes_ctx *ctx = blk_aes_ctx(desc->tfm); |
269 | struct blkcipher_walk walk; | 287 | struct blkcipher_walk walk; |
270 | int err; | 288 | int err; |
289 | int ts_state; | ||
271 | 290 | ||
272 | padlock_reset_key(); | 291 | padlock_reset_key(); |
273 | 292 | ||
274 | blkcipher_walk_init(&walk, dst, src, nbytes); | 293 | blkcipher_walk_init(&walk, dst, src, nbytes); |
275 | err = blkcipher_walk_virt(desc, &walk); | 294 | err = blkcipher_walk_virt(desc, &walk); |
276 | 295 | ||
296 | ts_state = irq_ts_save(); | ||
277 | while ((nbytes = walk.nbytes)) { | 297 | while ((nbytes = walk.nbytes)) { |
278 | padlock_xcrypt_ecb(walk.src.virt.addr, walk.dst.virt.addr, | 298 | padlock_xcrypt_ecb(walk.src.virt.addr, walk.dst.virt.addr, |
279 | ctx->D, &ctx->cword.decrypt, | 299 | ctx->D, &ctx->cword.decrypt, |
@@ -281,7 +301,7 @@ static int ecb_aes_decrypt(struct blkcipher_desc *desc, | |||
281 | nbytes &= AES_BLOCK_SIZE - 1; | 301 | nbytes &= AES_BLOCK_SIZE - 1; |
282 | err = blkcipher_walk_done(desc, &walk, nbytes); | 302 | err = blkcipher_walk_done(desc, &walk, nbytes); |
283 | } | 303 | } |
284 | 304 | irq_ts_restore(ts_state); | |
285 | return err; | 305 | return err; |
286 | } | 306 | } |
287 | 307 | ||
@@ -314,12 +334,14 @@ static int cbc_aes_encrypt(struct blkcipher_desc *desc, | |||
314 | struct aes_ctx *ctx = blk_aes_ctx(desc->tfm); | 334 | struct aes_ctx *ctx = blk_aes_ctx(desc->tfm); |
315 | struct blkcipher_walk walk; | 335 | struct blkcipher_walk walk; |
316 | int err; | 336 | int err; |
337 | int ts_state; | ||
317 | 338 | ||
318 | padlock_reset_key(); | 339 | padlock_reset_key(); |
319 | 340 | ||
320 | blkcipher_walk_init(&walk, dst, src, nbytes); | 341 | blkcipher_walk_init(&walk, dst, src, nbytes); |
321 | err = blkcipher_walk_virt(desc, &walk); | 342 | err = blkcipher_walk_virt(desc, &walk); |
322 | 343 | ||
344 | ts_state = irq_ts_save(); | ||
323 | while ((nbytes = walk.nbytes)) { | 345 | while ((nbytes = walk.nbytes)) { |
324 | u8 *iv = padlock_xcrypt_cbc(walk.src.virt.addr, | 346 | u8 *iv = padlock_xcrypt_cbc(walk.src.virt.addr, |
325 | walk.dst.virt.addr, ctx->E, | 347 | walk.dst.virt.addr, ctx->E, |
@@ -329,6 +351,7 @@ static int cbc_aes_encrypt(struct blkcipher_desc *desc, | |||
329 | nbytes &= AES_BLOCK_SIZE - 1; | 351 | nbytes &= AES_BLOCK_SIZE - 1; |
330 | err = blkcipher_walk_done(desc, &walk, nbytes); | 352 | err = blkcipher_walk_done(desc, &walk, nbytes); |
331 | } | 353 | } |
354 | irq_ts_restore(ts_state); | ||
332 | 355 | ||
333 | return err; | 356 | return err; |
334 | } | 357 | } |
@@ -340,12 +363,14 @@ static int cbc_aes_decrypt(struct blkcipher_desc *desc, | |||
340 | struct aes_ctx *ctx = blk_aes_ctx(desc->tfm); | 363 | struct aes_ctx *ctx = blk_aes_ctx(desc->tfm); |
341 | struct blkcipher_walk walk; | 364 | struct blkcipher_walk walk; |
342 | int err; | 365 | int err; |
366 | int ts_state; | ||
343 | 367 | ||
344 | padlock_reset_key(); | 368 | padlock_reset_key(); |
345 | 369 | ||
346 | blkcipher_walk_init(&walk, dst, src, nbytes); | 370 | blkcipher_walk_init(&walk, dst, src, nbytes); |
347 | err = blkcipher_walk_virt(desc, &walk); | 371 | err = blkcipher_walk_virt(desc, &walk); |
348 | 372 | ||
373 | ts_state = irq_ts_save(); | ||
349 | while ((nbytes = walk.nbytes)) { | 374 | while ((nbytes = walk.nbytes)) { |
350 | padlock_xcrypt_cbc(walk.src.virt.addr, walk.dst.virt.addr, | 375 | padlock_xcrypt_cbc(walk.src.virt.addr, walk.dst.virt.addr, |
351 | ctx->D, walk.iv, &ctx->cword.decrypt, | 376 | ctx->D, walk.iv, &ctx->cword.decrypt, |
@@ -354,6 +379,7 @@ static int cbc_aes_decrypt(struct blkcipher_desc *desc, | |||
354 | err = blkcipher_walk_done(desc, &walk, nbytes); | 379 | err = blkcipher_walk_done(desc, &walk, nbytes); |
355 | } | 380 | } |
356 | 381 | ||
382 | irq_ts_restore(ts_state); | ||
357 | return err; | 383 | return err; |
358 | } | 384 | } |
359 | 385 | ||
diff --git a/drivers/crypto/padlock-sha.c b/drivers/crypto/padlock-sha.c index 40d5680fa013..a7fbadebf623 100644 --- a/drivers/crypto/padlock-sha.c +++ b/drivers/crypto/padlock-sha.c | |||
@@ -22,6 +22,7 @@ | |||
22 | #include <linux/interrupt.h> | 22 | #include <linux/interrupt.h> |
23 | #include <linux/kernel.h> | 23 | #include <linux/kernel.h> |
24 | #include <linux/scatterlist.h> | 24 | #include <linux/scatterlist.h> |
25 | #include <asm/i387.h> | ||
25 | #include "padlock.h" | 26 | #include "padlock.h" |
26 | 27 | ||
27 | #define SHA1_DEFAULT_FALLBACK "sha1-generic" | 28 | #define SHA1_DEFAULT_FALLBACK "sha1-generic" |
@@ -102,6 +103,7 @@ static void padlock_do_sha1(const char *in, char *out, int count) | |||
102 | * PadLock microcode needs it that big. */ | 103 | * PadLock microcode needs it that big. */ |
103 | char buf[128+16]; | 104 | char buf[128+16]; |
104 | char *result = NEAREST_ALIGNED(buf); | 105 | char *result = NEAREST_ALIGNED(buf); |
106 | int ts_state; | ||
105 | 107 | ||
106 | ((uint32_t *)result)[0] = SHA1_H0; | 108 | ((uint32_t *)result)[0] = SHA1_H0; |
107 | ((uint32_t *)result)[1] = SHA1_H1; | 109 | ((uint32_t *)result)[1] = SHA1_H1; |
@@ -109,9 +111,12 @@ static void padlock_do_sha1(const char *in, char *out, int count) | |||
109 | ((uint32_t *)result)[3] = SHA1_H3; | 111 | ((uint32_t *)result)[3] = SHA1_H3; |
110 | ((uint32_t *)result)[4] = SHA1_H4; | 112 | ((uint32_t *)result)[4] = SHA1_H4; |
111 | 113 | ||
114 | /* prevent taking the spurious DNA fault with padlock. */ | ||
115 | ts_state = irq_ts_save(); | ||
112 | asm volatile (".byte 0xf3,0x0f,0xa6,0xc8" /* rep xsha1 */ | 116 | asm volatile (".byte 0xf3,0x0f,0xa6,0xc8" /* rep xsha1 */ |
113 | : "+S"(in), "+D"(result) | 117 | : "+S"(in), "+D"(result) |
114 | : "c"(count), "a"(0)); | 118 | : "c"(count), "a"(0)); |
119 | irq_ts_restore(ts_state); | ||
115 | 120 | ||
116 | padlock_output_block((uint32_t *)result, (uint32_t *)out, 5); | 121 | padlock_output_block((uint32_t *)result, (uint32_t *)out, 5); |
117 | } | 122 | } |
@@ -123,6 +128,7 @@ static void padlock_do_sha256(const char *in, char *out, int count) | |||
123 | * PadLock microcode needs it that big. */ | 128 | * PadLock microcode needs it that big. */ |
124 | char buf[128+16]; | 129 | char buf[128+16]; |
125 | char *result = NEAREST_ALIGNED(buf); | 130 | char *result = NEAREST_ALIGNED(buf); |
131 | int ts_state; | ||
126 | 132 | ||
127 | ((uint32_t *)result)[0] = SHA256_H0; | 133 | ((uint32_t *)result)[0] = SHA256_H0; |
128 | ((uint32_t *)result)[1] = SHA256_H1; | 134 | ((uint32_t *)result)[1] = SHA256_H1; |
@@ -133,9 +139,12 @@ static void padlock_do_sha256(const char *in, char *out, int count) | |||
133 | ((uint32_t *)result)[6] = SHA256_H6; | 139 | ((uint32_t *)result)[6] = SHA256_H6; |
134 | ((uint32_t *)result)[7] = SHA256_H7; | 140 | ((uint32_t *)result)[7] = SHA256_H7; |
135 | 141 | ||
142 | /* prevent taking the spurious DNA fault with padlock. */ | ||
143 | ts_state = irq_ts_save(); | ||
136 | asm volatile (".byte 0xf3,0x0f,0xa6,0xd0" /* rep xsha256 */ | 144 | asm volatile (".byte 0xf3,0x0f,0xa6,0xd0" /* rep xsha256 */ |
137 | : "+S"(in), "+D"(result) | 145 | : "+S"(in), "+D"(result) |
138 | : "c"(count), "a"(0)); | 146 | : "c"(count), "a"(0)); |
147 | irq_ts_restore(ts_state); | ||
139 | 148 | ||
140 | padlock_output_block((uint32_t *)result, (uint32_t *)out, 8); | 149 | padlock_output_block((uint32_t *)result, (uint32_t *)out, 8); |
141 | } | 150 | } |
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index 681c15f42083..ee827a7f7c6a 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c | |||
@@ -96,6 +96,9 @@ struct talitos_private { | |||
96 | unsigned int exec_units; | 96 | unsigned int exec_units; |
97 | unsigned int desc_types; | 97 | unsigned int desc_types; |
98 | 98 | ||
99 | /* SEC Compatibility info */ | ||
100 | unsigned long features; | ||
101 | |||
99 | /* next channel to be assigned next incoming descriptor */ | 102 | /* next channel to be assigned next incoming descriptor */ |
100 | atomic_t last_chan; | 103 | atomic_t last_chan; |
101 | 104 | ||
@@ -133,6 +136,9 @@ struct talitos_private { | |||
133 | struct hwrng rng; | 136 | struct hwrng rng; |
134 | }; | 137 | }; |
135 | 138 | ||
139 | /* .features flag */ | ||
140 | #define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x00000001 | ||
141 | |||
136 | /* | 142 | /* |
137 | * map virtual single (contiguous) pointer to h/w descriptor pointer | 143 | * map virtual single (contiguous) pointer to h/w descriptor pointer |
138 | */ | 144 | */ |
@@ -785,7 +791,7 @@ static void ipsec_esp_encrypt_done(struct device *dev, | |||
785 | /* copy the generated ICV to dst */ | 791 | /* copy the generated ICV to dst */ |
786 | if (edesc->dma_len) { | 792 | if (edesc->dma_len) { |
787 | icvdata = &edesc->link_tbl[edesc->src_nents + | 793 | icvdata = &edesc->link_tbl[edesc->src_nents + |
788 | edesc->dst_nents + 1]; | 794 | edesc->dst_nents + 2]; |
789 | sg = sg_last(areq->dst, edesc->dst_nents); | 795 | sg = sg_last(areq->dst, edesc->dst_nents); |
790 | memcpy((char *)sg_virt(sg) + sg->length - ctx->authsize, | 796 | memcpy((char *)sg_virt(sg) + sg->length - ctx->authsize, |
791 | icvdata, ctx->authsize); | 797 | icvdata, ctx->authsize); |
@@ -814,7 +820,7 @@ static void ipsec_esp_decrypt_done(struct device *dev, | |||
814 | /* auth check */ | 820 | /* auth check */ |
815 | if (edesc->dma_len) | 821 | if (edesc->dma_len) |
816 | icvdata = &edesc->link_tbl[edesc->src_nents + | 822 | icvdata = &edesc->link_tbl[edesc->src_nents + |
817 | edesc->dst_nents + 1]; | 823 | edesc->dst_nents + 2]; |
818 | else | 824 | else |
819 | icvdata = &edesc->link_tbl[0]; | 825 | icvdata = &edesc->link_tbl[0]; |
820 | 826 | ||
@@ -921,10 +927,30 @@ static int ipsec_esp(struct ipsec_esp_edesc *edesc, struct aead_request *areq, | |||
921 | sg_count = sg_to_link_tbl(areq->src, sg_count, cryptlen, | 927 | sg_count = sg_to_link_tbl(areq->src, sg_count, cryptlen, |
922 | &edesc->link_tbl[0]); | 928 | &edesc->link_tbl[0]); |
923 | if (sg_count > 1) { | 929 | if (sg_count > 1) { |
930 | struct talitos_ptr *link_tbl_ptr = | ||
931 | &edesc->link_tbl[sg_count-1]; | ||
932 | struct scatterlist *sg; | ||
933 | struct talitos_private *priv = dev_get_drvdata(dev); | ||
934 | |||
924 | desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; | 935 | desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; |
925 | desc->ptr[4].ptr = cpu_to_be32(edesc->dma_link_tbl); | 936 | desc->ptr[4].ptr = cpu_to_be32(edesc->dma_link_tbl); |
926 | dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, | 937 | dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, |
927 | edesc->dma_len, DMA_BIDIRECTIONAL); | 938 | edesc->dma_len, DMA_BIDIRECTIONAL); |
939 | /* If necessary for this SEC revision, | ||
940 | * add a link table entry for ICV. | ||
941 | */ | ||
942 | if ((priv->features & | ||
943 | TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT) && | ||
944 | (edesc->desc.hdr & DESC_HDR_MODE0_ENCRYPT) == 0) { | ||
945 | link_tbl_ptr->j_extent = 0; | ||
946 | link_tbl_ptr++; | ||
947 | link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; | ||
948 | link_tbl_ptr->len = cpu_to_be16(authsize); | ||
949 | sg = sg_last(areq->src, edesc->src_nents ? : 1); | ||
950 | link_tbl_ptr->ptr = cpu_to_be32( | ||
951 | (char *)sg_dma_address(sg) | ||
952 | + sg->length - authsize); | ||
953 | } | ||
928 | } else { | 954 | } else { |
929 | /* Only one segment now, so no link tbl needed */ | 955 | /* Only one segment now, so no link tbl needed */ |
930 | desc->ptr[4].ptr = cpu_to_be32(sg_dma_address(areq->src)); | 956 | desc->ptr[4].ptr = cpu_to_be32(sg_dma_address(areq->src)); |
@@ -944,12 +970,11 @@ static int ipsec_esp(struct ipsec_esp_edesc *edesc, struct aead_request *areq, | |||
944 | desc->ptr[5].ptr = cpu_to_be32(sg_dma_address(areq->dst)); | 970 | desc->ptr[5].ptr = cpu_to_be32(sg_dma_address(areq->dst)); |
945 | } else { | 971 | } else { |
946 | struct talitos_ptr *link_tbl_ptr = | 972 | struct talitos_ptr *link_tbl_ptr = |
947 | &edesc->link_tbl[edesc->src_nents]; | 973 | &edesc->link_tbl[edesc->src_nents + 1]; |
948 | struct scatterlist *sg; | ||
949 | 974 | ||
950 | desc->ptr[5].ptr = cpu_to_be32((struct talitos_ptr *) | 975 | desc->ptr[5].ptr = cpu_to_be32((struct talitos_ptr *) |
951 | edesc->dma_link_tbl + | 976 | edesc->dma_link_tbl + |
952 | edesc->src_nents); | 977 | edesc->src_nents + 1); |
953 | if (areq->src == areq->dst) { | 978 | if (areq->src == areq->dst) { |
954 | memcpy(link_tbl_ptr, &edesc->link_tbl[0], | 979 | memcpy(link_tbl_ptr, &edesc->link_tbl[0], |
955 | edesc->src_nents * sizeof(struct talitos_ptr)); | 980 | edesc->src_nents * sizeof(struct talitos_ptr)); |
@@ -957,14 +982,10 @@ static int ipsec_esp(struct ipsec_esp_edesc *edesc, struct aead_request *areq, | |||
957 | sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, | 982 | sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, |
958 | link_tbl_ptr); | 983 | link_tbl_ptr); |
959 | } | 984 | } |
985 | /* Add an entry to the link table for ICV data */ | ||
960 | link_tbl_ptr += sg_count - 1; | 986 | link_tbl_ptr += sg_count - 1; |
961 | |||
962 | /* handle case where sg_last contains the ICV exclusively */ | ||
963 | sg = sg_last(areq->dst, edesc->dst_nents); | ||
964 | if (sg->length == ctx->authsize) | ||
965 | link_tbl_ptr--; | ||
966 | |||
967 | link_tbl_ptr->j_extent = 0; | 987 | link_tbl_ptr->j_extent = 0; |
988 | sg_count++; | ||
968 | link_tbl_ptr++; | 989 | link_tbl_ptr++; |
969 | link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; | 990 | link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; |
970 | link_tbl_ptr->len = cpu_to_be16(authsize); | 991 | link_tbl_ptr->len = cpu_to_be16(authsize); |
@@ -973,7 +994,7 @@ static int ipsec_esp(struct ipsec_esp_edesc *edesc, struct aead_request *areq, | |||
973 | link_tbl_ptr->ptr = cpu_to_be32((struct talitos_ptr *) | 994 | link_tbl_ptr->ptr = cpu_to_be32((struct talitos_ptr *) |
974 | edesc->dma_link_tbl + | 995 | edesc->dma_link_tbl + |
975 | edesc->src_nents + | 996 | edesc->src_nents + |
976 | edesc->dst_nents + 1); | 997 | edesc->dst_nents + 2); |
977 | 998 | ||
978 | desc->ptr[5].j_extent |= DESC_PTR_LNKTBL_JUMP; | 999 | desc->ptr[5].j_extent |= DESC_PTR_LNKTBL_JUMP; |
979 | dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, | 1000 | dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, |
@@ -1040,12 +1061,12 @@ static struct ipsec_esp_edesc *ipsec_esp_edesc_alloc(struct aead_request *areq, | |||
1040 | 1061 | ||
1041 | /* | 1062 | /* |
1042 | * allocate space for base edesc plus the link tables, | 1063 | * allocate space for base edesc plus the link tables, |
1043 | * allowing for a separate entry for the generated ICV (+ 1), | 1064 | * allowing for two separate entries for ICV and generated ICV (+ 2), |
1044 | * and the ICV data itself | 1065 | * and the ICV data itself |
1045 | */ | 1066 | */ |
1046 | alloc_len = sizeof(struct ipsec_esp_edesc); | 1067 | alloc_len = sizeof(struct ipsec_esp_edesc); |
1047 | if (src_nents || dst_nents) { | 1068 | if (src_nents || dst_nents) { |
1048 | dma_len = (src_nents + dst_nents + 1) * | 1069 | dma_len = (src_nents + dst_nents + 2) * |
1049 | sizeof(struct talitos_ptr) + ctx->authsize; | 1070 | sizeof(struct talitos_ptr) + ctx->authsize; |
1050 | alloc_len += dma_len; | 1071 | alloc_len += dma_len; |
1051 | } else { | 1072 | } else { |
@@ -1104,7 +1125,7 @@ static int aead_authenc_decrypt(struct aead_request *req) | |||
1104 | /* stash incoming ICV for later cmp with ICV generated by the h/w */ | 1125 | /* stash incoming ICV for later cmp with ICV generated by the h/w */ |
1105 | if (edesc->dma_len) | 1126 | if (edesc->dma_len) |
1106 | icvdata = &edesc->link_tbl[edesc->src_nents + | 1127 | icvdata = &edesc->link_tbl[edesc->src_nents + |
1107 | edesc->dst_nents + 1]; | 1128 | edesc->dst_nents + 2]; |
1108 | else | 1129 | else |
1109 | icvdata = &edesc->link_tbl[0]; | 1130 | icvdata = &edesc->link_tbl[0]; |
1110 | 1131 | ||
@@ -1480,6 +1501,9 @@ static int talitos_probe(struct of_device *ofdev, | |||
1480 | goto err_out; | 1501 | goto err_out; |
1481 | } | 1502 | } |
1482 | 1503 | ||
1504 | if (of_device_is_compatible(np, "fsl,sec3.0")) | ||
1505 | priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT; | ||
1506 | |||
1483 | priv->head_lock = kmalloc(sizeof(spinlock_t) * priv->num_channels, | 1507 | priv->head_lock = kmalloc(sizeof(spinlock_t) * priv->num_channels, |
1484 | GFP_KERNEL); | 1508 | GFP_KERNEL); |
1485 | priv->tail_lock = kmalloc(sizeof(spinlock_t) * priv->num_channels, | 1509 | priv->tail_lock = kmalloc(sizeof(spinlock_t) * priv->num_channels, |
diff --git a/include/asm-x86/i387.h b/include/asm-x86/i387.h index 96fa8449ff11..6d3b21063419 100644 --- a/include/asm-x86/i387.h +++ b/include/asm-x86/i387.h | |||
@@ -13,6 +13,7 @@ | |||
13 | #include <linux/sched.h> | 13 | #include <linux/sched.h> |
14 | #include <linux/kernel_stat.h> | 14 | #include <linux/kernel_stat.h> |
15 | #include <linux/regset.h> | 15 | #include <linux/regset.h> |
16 | #include <linux/hardirq.h> | ||
16 | #include <asm/asm.h> | 17 | #include <asm/asm.h> |
17 | #include <asm/processor.h> | 18 | #include <asm/processor.h> |
18 | #include <asm/sigcontext.h> | 19 | #include <asm/sigcontext.h> |
@@ -236,6 +237,37 @@ static inline void kernel_fpu_end(void) | |||
236 | preempt_enable(); | 237 | preempt_enable(); |
237 | } | 238 | } |
238 | 239 | ||
240 | /* | ||
241 | * Some instructions like VIA's padlock instructions generate a spurious | ||
242 | * DNA fault but don't modify SSE registers. And these instructions | ||
243 | * get used from interrupt context aswell. To prevent these kernel instructions | ||
244 | * in interrupt context interact wrongly with other user/kernel fpu usage, we | ||
245 | * should use them only in the context of irq_ts_save/restore() | ||
246 | */ | ||
247 | static inline int irq_ts_save(void) | ||
248 | { | ||
249 | /* | ||
250 | * If we are in process context, we are ok to take a spurious DNA fault. | ||
251 | * Otherwise, doing clts() in process context require pre-emption to | ||
252 | * be disabled or some heavy lifting like kernel_fpu_begin() | ||
253 | */ | ||
254 | if (!in_interrupt()) | ||
255 | return 0; | ||
256 | |||
257 | if (read_cr0() & X86_CR0_TS) { | ||
258 | clts(); | ||
259 | return 1; | ||
260 | } | ||
261 | |||
262 | return 0; | ||
263 | } | ||
264 | |||
265 | static inline void irq_ts_restore(int TS_state) | ||
266 | { | ||
267 | if (TS_state) | ||
268 | stts(); | ||
269 | } | ||
270 | |||
239 | #ifdef CONFIG_X86_64 | 271 | #ifdef CONFIG_X86_64 |
240 | 272 | ||
241 | static inline void save_init_fpu(struct task_struct *tsk) | 273 | static inline void save_init_fpu(struct task_struct *tsk) |
diff --git a/include/crypto/hash.h b/include/crypto/hash.h index d12498ec8a4e..ee48ef8fb2ea 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h | |||
@@ -101,6 +101,24 @@ static inline int crypto_ahash_digest(struct ahash_request *req) | |||
101 | return crt->digest(req); | 101 | return crt->digest(req); |
102 | } | 102 | } |
103 | 103 | ||
104 | static inline int crypto_ahash_init(struct ahash_request *req) | ||
105 | { | ||
106 | struct ahash_tfm *crt = crypto_ahash_crt(crypto_ahash_reqtfm(req)); | ||
107 | return crt->init(req); | ||
108 | } | ||
109 | |||
110 | static inline int crypto_ahash_update(struct ahash_request *req) | ||
111 | { | ||
112 | struct ahash_tfm *crt = crypto_ahash_crt(crypto_ahash_reqtfm(req)); | ||
113 | return crt->update(req); | ||
114 | } | ||
115 | |||
116 | static inline int crypto_ahash_final(struct ahash_request *req) | ||
117 | { | ||
118 | struct ahash_tfm *crt = crypto_ahash_crt(crypto_ahash_reqtfm(req)); | ||
119 | return crt->final(req); | ||
120 | } | ||
121 | |||
104 | static inline void ahash_request_set_tfm(struct ahash_request *req, | 122 | static inline void ahash_request_set_tfm(struct ahash_request *req, |
105 | struct crypto_ahash *tfm) | 123 | struct crypto_ahash *tfm) |
106 | { | 124 | { |