aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorKim Phillips <kim.phillips@freescale.com>2008-10-12 08:33:14 -0400
committerHerbert Xu <herbert@gondor.apana.org.au>2008-12-24 19:01:12 -0500
commitfe5720e2b7c1e8ff95d4bf18329517cf64ad1d70 (patch)
tree7c9eb9005a4810a9bd9c9a1dcd580a66e7d28b34 /security
parent1c2e8811eea5f0c5da3213ea206c2864fa4614fd (diff)
crypto: talitos - Perform auth check in h/w if on sec 2.1 and above
SEC version 2.1 and above adds the capability to do the IPSec ICV memcmp in h/w. Results of the cmp are written back in the descriptor header, along with the done status. A new callback is added that checks these ICCR bits instead of performing the memcmp on the core, and is enabled by h/w capability. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> After testing on different parts, another condition was added before using h/w auth check because different SEC revisions require different handling. The SEC 3.0 allows a more flexible link table where the auth data can span separate link table entries. The SEC 2.4/2.1 does not support this case. So a test was added in the decrypt routine for a fragmented case; the h/w auth check is disallowed for revisions not having the extent in the link table; in this case the hw auth check is done by software. A portion of a previous change for SEC 3.0 link table handling was removed since it became dead code with the hw auth check supported. This seems to be the best compromise for using hw auth check on supporting SEC revisions; it keeps the link table logic simpler for the fragmented cases. Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions