diff options
Diffstat (limited to 'recipes-kernel/cryptodev/files')
30 files changed, 0 insertions, 4281 deletions
diff --git a/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch b/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch deleted file mode 100644 index 7d957ec..0000000 --- a/recipes-kernel/cryptodev/files/0001-add-support-for-composite-TLS10-SHA1-AES-algorithm-o.patch +++ /dev/null @@ -1,52 +0,0 @@ -From c653e3a70499c6bb66b57c1788d2d38ca9b8a07e Mon Sep 17 00:00:00 2001 -From: Cristian Stoica <cristian.stoica@freescale.com> -Date: Thu, 29 Aug 2013 16:52:30 +0300 -Subject: [PATCH 01/15] add support for composite TLS10(SHA1,AES) algorithm - offload - -This adds support for composite algorithm offload as a primitive -crypto (cipher + hmac) operation. - -It requires kernel support for tls10(hmac(sha1),cbc(aes)) algorithm -provided either in software or accelerated by hardware such as -Freescale B*, P* and T* platforms. - -Change-Id: Ia1c605da3860e91e681295dfc8df7c09eb4006cf -Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> -Reviewed-on: http://git.am.freescale.net:8181/17218 ---- - crypto/cryptodev.h | 1 + - ioctl.c | 5 +++++ - 2 files changed, 6 insertions(+) - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 7fb9c7d..c0e8cd4 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -50,6 +50,7 @@ enum cryptodev_crypto_op_t { - CRYPTO_SHA2_384, - CRYPTO_SHA2_512, - CRYPTO_SHA2_224_HMAC, -+ CRYPTO_TLS10_AES_CBC_HMAC_SHA1, - CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ - }; - -diff --git a/ioctl.c b/ioctl.c -index b23f5fd..a3f8379 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -159,6 +159,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) - stream = 1; - aead = 1; - break; -+ case CRYPTO_TLS10_AES_CBC_HMAC_SHA1: -+ alg_name = "tls10(hmac(sha1),cbc(aes))"; -+ stream = 0; -+ aead = 1; -+ break; - case CRYPTO_NULL: - alg_name = "ecb(cipher_null)"; - stream = 1; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch b/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch deleted file mode 100644 index 10d6c8b..0000000 --- a/recipes-kernel/cryptodev/files/0001-don-t-advertise-RSA-keygen.patch +++ /dev/null @@ -1,33 +0,0 @@ -From d30c9c64aca4a7905e1b7eb3e28e1c616191bd34 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica <cristian.stoica@freescale.com> -Date: Tue, 9 Dec 2014 16:41:25 +0200 -Subject: [PATCH] don't advertise RSA keygen - -Disable RSA keygen operations when they are not available. - -Currently no testing can be done and this patch should be applied -selectively on platforms that have incomplete support for RSA operations -(for example pkc driver on C293) - -Change-Id: Ic8df014623410c3cf4b0b217a246efcea8f2eeef -Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - ioctl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ioctl.c b/ioctl.c -index 53dbf64..27dc66e 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -979,7 +979,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMFEAT: - ses = 0; - if (crypto_has_alg("pkc(rsa)", 0, 0)) -- ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_RSA_GENERATE_KEY; -+ ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP ; - if (crypto_has_alg("pkc(dsa)", 0, 0)) - ses |= CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DSA_GENERATE_KEY; - if (crypto_has_alg("pkc(dh)", 0, 0)) --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch b/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch deleted file mode 100644 index ab276d2..0000000 --- a/recipes-kernel/cryptodev/files/0001-fix-compilation-against-linux-3.19.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 5054d20d45571cc85339351fde52f872eeb82206 Mon Sep 17 00:00:00 2001 -From: Phil Sutter <phil@nwl.cc> -Date: Tue, 10 Feb 2015 04:57:05 +0100 -Subject: [PATCH 1/4] fix compilation against linux-3.19 - -Commit f938612dd97d481b8b5bf960c992ae577f081c17 in linux.git removes -get_unused_fd() macro. This patch changes the calling code to use it's -content 'get_unused_fd_flags(0)' instead. Checking for when -get_unused_fd_flags was introduced shows it's been there since 2.6.23 at -least, so probably no need to make this change conditional on the target -kernel version. - -Original patch by Ricardo Ribalda Delgado for Open Embedded, reported by -Oleg Rakhmanov. - -Signed-off-by: Phil Sutter <phil@nwl.cc> ---- - ioctl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ioctl.c b/ioctl.c -index 5a55a76..b23f5fd 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -546,7 +546,7 @@ static int - clonefd(struct file *filp) - { - int ret; -- ret = get_unused_fd(); -+ ret = get_unused_fd_flags(0); - if (ret >= 0) { - get_file(filp); - fd_install(ret, filp); --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch b/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch deleted file mode 100644 index f5ab8b4..0000000 --- a/recipes-kernel/cryptodev/files/0002-Fix-tests-Makefile-usage-of-LDLIBS-vs.-LDFLAGS.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 47ff1eb9bb4f872c1d731b93d334ee5865bf3439 Mon Sep 17 00:00:00 2001 -From: Denys Dmytriyenko <denys@ti.com> -Date: Sun, 6 Apr 2014 22:16:30 -0400 -Subject: [PATCH] Fix tests Makefile usage of LDLIBS vs. LDFLAGS - -Libraries must come after objects, as link order matters, especially -when using linker flags like -Wl,--as-needed. - -Signed-off-by: Denys Dmytriyenko <denys@ti.com> - -Upstream-Status: Pending ---- - tests/Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/Makefile b/tests/Makefile -index cd202af..67c3c83 100644 ---- a/tests/Makefile -+++ b/tests/Makefile -@@ -39,5 +39,5 @@ testprogs: $(hostprogs) - clean: - rm -f *.o *~ $(hostprogs) - --${comp_progs}: LDFLAGS += -lssl -lcrypto -+${comp_progs}: LDLIBS += -lssl -lcrypto - ${comp_progs}: %: %.o openssl_wrapper.o --- -1.9.1 - diff --git a/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch b/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch deleted file mode 100644 index 08d9231..0000000 --- a/recipes-kernel/cryptodev/files/0002-add-support-for-COMPAT_CIOCAUTHCRYPT-ioctl.patch +++ /dev/null @@ -1,207 +0,0 @@ -From 71b317347179225693c6d41b740d387ae2c25061 Mon Sep 17 00:00:00 2001 -From: Horia Geanta <horia.geanta@freescale.com> -Date: Wed, 4 Dec 2013 15:43:41 +0200 -Subject: [PATCH 02/15] add support for COMPAT_CIOCAUTHCRYPT ioctl() - -Upstream-status: Pending - -Needed for 64b kernel with 32b user space. - -Change-Id: I44a999a4164e7ae7122dee6ed0716b2f25cadbc1 -Signed-off-by: Horia Geanta <horia.geanta@freescale.com> -Tested-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - authenc.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - cryptodev_int.h | 40 +++++++++++++++++++++++++++++ - ioctl.c | 16 ++++++++++++ - 3 files changed, 134 insertions(+) - -diff --git a/authenc.c b/authenc.c -index 1bd7377..ef0d3db 100644 ---- a/authenc.c -+++ b/authenc.c -@@ -272,6 +272,84 @@ static int fill_caop_from_kcaop(struct kernel_crypt_auth_op *kcaop, struct fcryp - return 0; - } - -+/* compatibility code for 32bit userlands */ -+#ifdef CONFIG_COMPAT -+ -+static inline void -+compat_to_crypt_auth_op(struct compat_crypt_auth_op *compat, -+ struct crypt_auth_op *caop) -+{ -+ caop->ses = compat->ses; -+ caop->op = compat->op; -+ caop->flags = compat->flags; -+ caop->len = compat->len; -+ caop->auth_len = compat->auth_len; -+ caop->tag_len = compat->tag_len; -+ caop->iv_len = compat->iv_len; -+ -+ caop->auth_src = compat_ptr(compat->auth_src); -+ caop->src = compat_ptr(compat->src); -+ caop->dst = compat_ptr(compat->dst); -+ caop->tag = compat_ptr(compat->tag); -+ caop->iv = compat_ptr(compat->iv); -+} -+ -+static inline void -+crypt_auth_op_to_compat(struct crypt_auth_op *caop, -+ struct compat_crypt_auth_op *compat) -+{ -+ compat->ses = caop->ses; -+ compat->op = caop->op; -+ compat->flags = caop->flags; -+ compat->len = caop->len; -+ compat->auth_len = caop->auth_len; -+ compat->tag_len = caop->tag_len; -+ compat->iv_len = caop->iv_len; -+ -+ compat->auth_src = ptr_to_compat(caop->auth_src); -+ compat->src = ptr_to_compat(caop->src); -+ compat->dst = ptr_to_compat(caop->dst); -+ compat->tag = ptr_to_compat(caop->tag); -+ compat->iv = ptr_to_compat(caop->iv); -+} -+ -+int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop, -+ struct fcrypt *fcr, void __user *arg) -+{ -+ struct compat_crypt_auth_op compat_caop; -+ -+ if (unlikely(copy_from_user(&compat_caop, arg, sizeof(compat_caop)))) { -+ dprintk(1, KERN_ERR, "Error in copying from userspace\n"); -+ return -EFAULT; -+ } -+ -+ compat_to_crypt_auth_op(&compat_caop, &kcaop->caop); -+ -+ return fill_kcaop_from_caop(kcaop, fcr); -+} -+ -+int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop, -+ struct fcrypt *fcr, void __user *arg) -+{ -+ int ret; -+ struct compat_crypt_auth_op compat_caop; -+ -+ ret = fill_caop_from_kcaop(kcaop, fcr); -+ if (unlikely(ret)) { -+ dprintk(1, KERN_ERR, "fill_caop_from_kcaop\n"); -+ return ret; -+ } -+ -+ crypt_auth_op_to_compat(&kcaop->caop, &compat_caop); -+ -+ if (unlikely(copy_to_user(arg, &compat_caop, sizeof(compat_caop)))) { -+ dprintk(1, KERN_ERR, "Error in copying to userspace\n"); -+ return -EFAULT; -+ } -+ return 0; -+} -+ -+#endif /* CONFIG_COMPAT */ - - int kcaop_from_user(struct kernel_crypt_auth_op *kcaop, - struct fcrypt *fcr, void __user *arg) -diff --git a/cryptodev_int.h b/cryptodev_int.h -index d7660fa..8e687e7 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -73,11 +73,42 @@ struct compat_crypt_op { - compat_uptr_t iv;/* initialization vector for encryption operations */ - }; - -+ /* input of CIOCAUTHCRYPT */ -+struct compat_crypt_auth_op { -+ uint32_t ses; /* session identifier */ -+ uint16_t op; /* COP_ENCRYPT or COP_DECRYPT */ -+ uint16_t flags; /* see COP_FLAG_AEAD_* */ -+ uint32_t len; /* length of source data */ -+ uint32_t auth_len; /* length of auth data */ -+ compat_uptr_t auth_src; /* authenticated-only data */ -+ -+ /* The current implementation is more efficient if data are -+ * encrypted in-place (src==dst). */ -+ compat_uptr_t src; /* data to be encrypted and -+ authenticated */ -+ compat_uptr_t dst; /* pointer to output data. Must have -+ * space for tag. For TLS this should be -+ * at least len + tag_size + block_size -+ * for padding */ -+ -+ compat_uptr_t tag; /* where the tag will be copied to. TLS -+ * mode doesn't use that as tag is -+ * copied to dst. -+ * SRTP mode copies tag there. */ -+ uint32_t tag_len; /* the length of the tag. Use zero for -+ * digest size or max tag. */ -+ -+ /* initialization vector for encryption operations */ -+ compat_uptr_t iv; -+ uint32_t iv_len; -+}; -+ - /* compat ioctls, defined for the above structs */ - #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) - #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) - #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) - #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) -+#define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) - - #endif /* CONFIG_COMPAT */ - -@@ -108,6 +139,15 @@ struct kernel_crypt_auth_op { - - /* auth */ - -+#ifdef CONFIG_COMPAT -+int compat_kcaop_from_user(struct kernel_crypt_auth_op *kcaop, -+ struct fcrypt *fcr, void __user *arg); -+ -+int compat_kcaop_to_user(struct kernel_crypt_auth_op *kcaop, -+ struct fcrypt *fcr, void __user *arg); -+#endif /* CONFIG_COMPAT */ -+ -+ - int kcaop_from_user(struct kernel_crypt_auth_op *kcop, - struct fcrypt *fcr, void __user *arg); - int kcaop_to_user(struct kernel_crypt_auth_op *kcaop, -diff --git a/ioctl.c b/ioctl.c -index a3f8379..5a44807 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -998,6 +998,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - struct session_op sop; - struct compat_session_op compat_sop; - struct kernel_crypt_op kcop; -+ struct kernel_crypt_auth_op kcaop; - int ret; - - if (unlikely(!pcr)) -@@ -1040,6 +1041,21 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - return ret; - - return compat_kcop_to_user(&kcop, fcr, arg); -+ -+ case COMPAT_CIOCAUTHCRYPT: -+ if (unlikely(ret = compat_kcaop_from_user(&kcaop, fcr, arg))) { -+ dprintk(1, KERN_WARNING, "Error copying from user\n"); -+ return ret; -+ } -+ -+ ret = crypto_auth_run(fcr, &kcaop); -+ if (unlikely(ret)) { -+ dprintk(1, KERN_WARNING, "Error in crypto_auth_run\n"); -+ return ret; -+ } -+ -+ return compat_kcaop_to_user(&kcaop, fcr, arg); -+ - #ifdef ENABLE_ASYNC - case COMPAT_CIOCASYNCCRYPT: - if (unlikely(ret = compat_kcop_from_user(&kcop, fcr, arg))) --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch b/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch deleted file mode 100644 index 68c48e0..0000000 --- a/recipes-kernel/cryptodev/files/0002-tests-Makefile-fix-arg-passing-to-CC-in-implicit-rul.patch +++ /dev/null @@ -1,28 +0,0 @@ -From da730106c2558c8e0c8e1b1b1812d32ef9574ab7 Mon Sep 17 00:00:00 2001 -From: Phil Sutter <phil@nwl.cc> -Date: Sat, 11 Apr 2015 12:45:05 +0200 -Subject: [PATCH 2/4] tests/Makefile: fix arg passing to CC in implicit rule - -GCC docs suggest passing -lfoo after object files referring to functions -in libfoo. Therefore use LDLIBS to specify libraries, which puts them at -the right place when make calls CC implicitly. - -Signed-off-by: Phil Sutter <phil@nwl.cc> ---- - tests/Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/Makefile b/tests/Makefile -index c9f04e8..20c52ba 100644 ---- a/tests/Makefile -+++ b/tests/Makefile -@@ -31,5 +31,5 @@ check: $(hostprogs) - clean: - rm -f *.o *~ $(hostprogs) - --${comp_progs}: LDFLAGS += -lssl -lcrypto -+${comp_progs}: LDLIBS += -lssl -lcrypto - ${comp_progs}: %: %.o openssl_wrapper.o --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch b/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch deleted file mode 100644 index e384950..0000000 --- a/recipes-kernel/cryptodev/files/0003-Disable-installing-header-file-provided-by-another-p.patch +++ /dev/null @@ -1,29 +0,0 @@ -From c618f882c283511dd4f7547113a1117c4785f56f Mon Sep 17 00:00:00 2001 -From: Denys Dmytriyenko <denys@ti.com> -Date: Sun, 6 Apr 2014 19:51:39 -0400 -Subject: [PATCH 3/4] Disable installing header file provided by another - package - -Signed-off-by: Denys Dmytriyenko <denys@ti.com> - -Upstream-Status: Inappropriate [ OE specific ] ---- - Makefile | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/Makefile b/Makefile -index 31c4b3f..855bb54 100644 ---- a/Makefile -+++ b/Makefile -@@ -31,8 +31,6 @@ install: modules_install - - modules_install: - make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install -- @echo "Installing cryptodev.h in $(PREFIX)/usr/include/crypto ..." -- @install -D crypto/cryptodev.h $(PREFIX)/usr/include/crypto/cryptodev.h - - clean: - make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch b/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch deleted file mode 100644 index 46f2432..0000000 --- a/recipes-kernel/cryptodev/files/0003-PKC-support-added-in-cryptodev-module.patch +++ /dev/null @@ -1,898 +0,0 @@ -From fc9ee6ed33c76372de6e3748d2e951fa10f7c47e Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta <yashpal.dutta@freescale.com> -Date: Fri, 7 Mar 2014 06:16:09 +0545 -Subject: [PATCH 03/15] PKC support added in cryptodev module - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> ---- - cryptlib.c | 66 +++++++++- - cryptlib.h | 28 ++++ - crypto/cryptodev.h | 15 ++- - cryptodev_int.h | 20 ++- - ioctl.c | 196 +++++++++++++++++++++++++-- - main.c | 378 +++++++++++++++++++++++++++++++++++++++++++++++++++++ - 6 files changed, 685 insertions(+), 18 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 44ce763..6900028 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -5,6 +5,8 @@ - * Portions Copyright (c) 2010 Michael Weiser - * Portions Copyright (c) 2010 Phil Sutter - * -+ * Copyright 2012 Freescale Semiconductor, Inc. -+ * - * This file is part of linux cryptodev. - * - * This program is free software; you can redistribute it and/or -@@ -39,11 +41,6 @@ - #include "cryptodev_int.h" - - --struct cryptodev_result { -- struct completion completion; -- int err; --}; -- - static void cryptodev_complete(struct crypto_async_request *req, int err) - { - struct cryptodev_result *res = req->data; -@@ -259,7 +256,6 @@ static inline int waitfor(struct cryptodev_result *cr, ssize_t ret) - case 0: - break; - case -EINPROGRESS: -- case -EBUSY: - wait_for_completion(&cr->completion); - /* At this point we known for sure the request has finished, - * because wait_for_completion above was not interruptible. -@@ -439,3 +435,61 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) - return waitfor(hdata->async.result, ret); - } - -+int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) -+{ -+ int ret = 0; -+ struct pkc_request *pkc_req = &pkc->req, *pkc_requested; -+ -+ switch (pkc_req->type) { -+ case RSA_PUB: -+ case RSA_PRIV_FORM1: -+ case RSA_PRIV_FORM2: -+ case RSA_PRIV_FORM3: -+ pkc->s = crypto_alloc_pkc("pkc(rsa)", -+ CRYPTO_ALG_TYPE_PKC_RSA, 0); -+ break; -+ case DSA_SIGN: -+ case DSA_VERIFY: -+ case ECDSA_SIGN: -+ case ECDSA_VERIFY: -+ pkc->s = crypto_alloc_pkc("pkc(dsa)", -+ CRYPTO_ALG_TYPE_PKC_DSA, 0); -+ break; -+ case DH_COMPUTE_KEY: -+ case ECDH_COMPUTE_KEY: -+ pkc->s = crypto_alloc_pkc("pkc(dh)", -+ CRYPTO_ALG_TYPE_PKC_DH, 0); -+ break; -+ default: -+ return -EINVAL; -+ } -+ -+ if (IS_ERR_OR_NULL(pkc->s)) -+ return -EINVAL; -+ -+ init_completion(&pkc->result.completion); -+ pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL); -+ -+ if (unlikely(IS_ERR_OR_NULL(pkc_requested))) { -+ ret = -ENOMEM; -+ goto error; -+ } -+ pkc_requested->type = pkc_req->type; -+ pkc_requested->curve_type = pkc_req->curve_type; -+ memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u)); -+ pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG, -+ cryptodev_complete_asym, pkc); -+ ret = crypto_pkc_op(pkc_requested); -+ if (ret != -EINPROGRESS && ret != 0) -+ goto error2; -+ -+ if (pkc->type == SYNCHRONOUS) -+ ret = waitfor(&pkc->result, ret); -+ -+ return ret; -+error2: -+ kfree(pkc_requested); -+error: -+ crypto_free_pkc(pkc->s); -+ return ret; -+} -diff --git a/cryptlib.h b/cryptlib.h -index a0a8a63..56d325a 100644 ---- a/cryptlib.h -+++ b/cryptlib.h -@@ -1,3 +1,6 @@ -+/* -+ * Copyright 2012 Freescale Semiconductor, Inc. -+ */ - #ifndef CRYPTLIB_H - # define CRYPTLIB_H - -@@ -89,5 +92,30 @@ void cryptodev_hash_deinit(struct hash_data *hdata); - int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, - int hmac_mode, void *mackey, size_t mackeylen); - -+/* Operation Type */ -+enum offload_type { -+ SYNCHRONOUS, -+ ASYNCHRONOUS -+}; -+ -+struct cryptodev_result { -+ struct completion completion; -+ int err; -+}; -+ -+struct cryptodev_pkc { -+ struct list_head list; /* To maintain the Jobs in completed -+ cryptodev lists */ -+ struct kernel_crypt_kop kop; -+ struct crypto_pkc *s; /* Transform pointer from CryptoAPI */ -+ struct cryptodev_result result; /* Result to be updated by -+ completion handler */ -+ struct pkc_request req; /* PKC request structure allocated -+ from CryptoAPI */ -+ enum offload_type type; /* Synchronous Vs Asynchronous request */ -+ void *cookie; /*Additional opaque cookie to be used in future */ -+ struct crypt_priv *priv; -+}; - -+int cryptodev_pkc_offload(struct cryptodev_pkc *); - #endif -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index c0e8cd4..96675fe 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -1,6 +1,10 @@ --/* This is a source compatible implementation with the original API of -+/* -+ * Copyright 2012 Freescale Semiconductor, Inc. -+ * -+ * This is a source compatible implementation with the original API of - * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h. -- * Placed under public domain */ -+ * Placed under public domain -+ */ - - #ifndef L_CRYPTODEV_H - #define L_CRYPTODEV_H -@@ -245,6 +249,9 @@ struct crypt_kop { - __u16 crk_oparams; - __u32 crk_pad1; - struct crparam crk_param[CRK_MAXPARAM]; -+ enum curve_t curve_type; /* 0 == Discrete Log, -+ 1 = EC_PRIME, 2 = EC_BINARY */ -+ void *cookie; - }; - - enum cryptodev_crk_op_t { -@@ -289,5 +296,7 @@ enum cryptodev_crk_op_t { - */ - #define CIOCASYNCCRYPT _IOW('c', 110, struct crypt_op) - #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) -- -+/* additional ioctls for asynchronous operation for asymmetric ciphers*/ -+#define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop) -+#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop) - #endif /* L_CRYPTODEV_H */ -diff --git a/cryptodev_int.h b/cryptodev_int.h -index 8e687e7..fdbcc61 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -1,4 +1,6 @@ --/* cipher stuff */ -+/* cipher stuff -+ * Copyright 2012 Freescale Semiconductor, Inc. -+ */ - #ifndef CRYPTODEV_INT_H - # define CRYPTODEV_INT_H - -@@ -112,6 +114,14 @@ struct compat_crypt_auth_op { - - #endif /* CONFIG_COMPAT */ - -+/* kernel-internal extension to struct crypt_kop */ -+struct kernel_crypt_kop { -+ struct crypt_kop kop; -+ -+ struct task_struct *task; -+ struct mm_struct *mm; -+}; -+ - /* kernel-internal extension to struct crypt_op */ - struct kernel_crypt_op { - struct crypt_op cop; -@@ -157,6 +167,14 @@ int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop); - - #include <cryptlib.h> - -+/* Cryptodev Key operation handler */ -+int crypto_bn_modexp(struct cryptodev_pkc *); -+int crypto_modexp_crt(struct cryptodev_pkc *); -+int crypto_kop_dsasign(struct cryptodev_pkc *); -+int crypto_kop_dsaverify(struct cryptodev_pkc *); -+int crypto_run_asym(struct cryptodev_pkc *); -+void cryptodev_complete_asym(struct crypto_async_request *, int); -+ - /* other internal structs */ - struct csession { - struct list_head entry; -diff --git a/ioctl.c b/ioctl.c -index 5a44807..69980e3 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -4,6 +4,7 @@ - * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs - * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org> - * Copyright (c) 2010 Phil Sutter -+ * Copyright 2012 Freescale Semiconductor, Inc. - * - * This file is part of linux cryptodev. - * -@@ -89,8 +90,37 @@ struct crypt_priv { - int itemcount; - struct work_struct cryptask; - wait_queue_head_t user_waiter; -+ /* List of pending cryptodev_pkc asym requests */ -+ struct list_head asym_completed_list; -+ /* For addition/removal of entry in pending list of asymmetric request*/ -+ spinlock_t completion_lock; - }; - -+/* Asymmetric request Completion handler */ -+void cryptodev_complete_asym(struct crypto_async_request *req, int err) -+{ -+ struct cryptodev_pkc *pkc = req->data; -+ struct cryptodev_result *res = &pkc->result; -+ -+ crypto_free_pkc(pkc->s); -+ res->err = err; -+ if (pkc->type == SYNCHRONOUS) { -+ if (err == -EINPROGRESS) -+ return; -+ complete(&res->completion); -+ } else { -+ struct crypt_priv *pcr = pkc->priv; -+ unsigned long flags; -+ spin_lock_irqsave(&pcr->completion_lock, flags); -+ list_add_tail(&pkc->list, &pcr->asym_completed_list); -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ /* wake for POLLIN */ -+ wake_up_interruptible(&pcr->user_waiter); -+ } -+ -+ kfree(req); -+} -+ - #define FILL_SG(sg, ptr, len) \ - do { \ - (sg)->page = virt_to_page(ptr); \ -@@ -472,7 +502,8 @@ cryptodev_open(struct inode *inode, struct file *filp) - INIT_LIST_HEAD(&pcr->free.list); - INIT_LIST_HEAD(&pcr->todo.list); - INIT_LIST_HEAD(&pcr->done.list); -- -+ INIT_LIST_HEAD(&pcr->asym_completed_list); -+ spin_lock_init(&pcr->completion_lock); - INIT_WORK(&pcr->cryptask, cryptask_routine); - - init_waitqueue_head(&pcr->user_waiter); -@@ -639,6 +670,79 @@ static int crypto_async_fetch(struct crypt_priv *pcr, - } - #endif - -+/* get the first asym cipher completed job from the "done" queue -+ * -+ * returns: -+ * -EBUSY if no completed jobs are ready (yet) -+ * the return value otherwise */ -+static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) -+{ -+ int ret = 0; -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *ckop = &kop->kop; -+ struct pkc_request *pkc_req = &pkc->req; -+ -+ switch (ckop->crk_op) { -+ case CRK_MOD_EXP: -+ { -+ struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; -+ copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, -+ rsa_req->g_len); -+ } -+ break; -+ case CRK_MOD_EXP_CRT: -+ { -+ struct rsa_priv_frm3_req_s *rsa_req = -+ &pkc_req->req_u.rsa_priv_f3; -+ copy_to_user(ckop->crk_param[6].crp_p, -+ rsa_req->f, rsa_req->f_len); -+ } -+ break; -+ case CRK_DSA_SIGN: -+ { -+ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; -+ -+ if (pkc_req->type == ECDSA_SIGN) { -+ copy_to_user(ckop->crk_param[6].crp_p, -+ dsa_req->c, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[7].crp_p, -+ dsa_req->d, dsa_req->d_len); -+ } else { -+ copy_to_user(ckop->crk_param[5].crp_p, -+ dsa_req->c, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[6].crp_p, -+ dsa_req->d, dsa_req->d_len); -+ } -+ } -+ break; -+ case CRK_DSA_VERIFY: -+ break; -+ case CRK_DH_COMPUTE_KEY: -+ { -+ struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; -+ if (pkc_req->type == ECDH_COMPUTE_KEY) -+ copy_to_user(ckop->crk_param[4].crp_p, -+ dh_req->z, dh_req->z_len); -+ else -+ copy_to_user(ckop->crk_param[3].crp_p, -+ dh_req->z, dh_req->z_len); -+ } -+ break; -+ default: -+ ret = -EINVAL; -+ } -+ kfree(pkc->cookie); -+ return ret; -+} -+ -+/* this function has to be called from process context */ -+static int fill_kop_from_cop(struct kernel_crypt_kop *kop) -+{ -+ kop->task = current; -+ kop->mm = current->mm; -+ return 0; -+} -+ - /* this function has to be called from process context */ - static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) - { -@@ -662,11 +766,8 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) - - if (cop->iv) { - rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen); -- if (unlikely(rc)) { -- derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p", -- kcop->ivlen, rc, cop->iv); -+ if (unlikely(rc)) - return -EFAULT; -- } - } - - return 0; -@@ -692,6 +793,25 @@ static int fill_cop_from_kcop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) - return 0; - } - -+static int kop_from_user(struct kernel_crypt_kop *kop, -+ void __user *arg) -+{ -+ if (unlikely(copy_from_user(&kop->kop, arg, sizeof(kop->kop)))) -+ return -EFAULT; -+ -+ return fill_kop_from_cop(kop); -+} -+ -+static int kop_to_user(struct kernel_crypt_kop *kop, -+ void __user *arg) -+{ -+ if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) { -+ dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); -+ return -EFAULT; -+ } -+ return 0; -+} -+ - static int kcop_from_user(struct kernel_crypt_op *kcop, - struct fcrypt *fcr, void __user *arg) - { -@@ -821,7 +941,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - - switch (cmd) { - case CIOCASYMFEAT: -- return put_user(0, p); -+ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | -+ CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); -@@ -857,6 +978,24 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - if (unlikely(ret)) - return ret; - return copy_to_user(arg, &siop, sizeof(siop)); -+ case CIOCKEY: -+ { -+ struct cryptodev_pkc *pkc = -+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ -+ if (!pkc) -+ return -ENOMEM; -+ -+ ret = kop_from_user(&pkc->kop, arg); -+ if (unlikely(ret)) { -+ kfree(pkc); -+ return ret; -+ } -+ pkc->type = SYNCHRONOUS; -+ ret = crypto_run_asym(pkc); -+ kfree(pkc); -+ } -+ return ret; - case CIOCCRYPT: - if (unlikely(ret = kcop_from_user(&kcop, fcr, arg))) { - dwarning(1, "Error copying from user"); -@@ -895,6 +1034,45 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - - return kcop_to_user(&kcop, fcr, arg); - #endif -+ case CIOCASYMASYNCRYPT: -+ { -+ struct cryptodev_pkc *pkc = -+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ ret = kop_from_user(&pkc->kop, arg); -+ -+ if (unlikely(ret)) -+ return -EINVAL; -+ -+ /* Store associated FD priv data with asymmetric request */ -+ pkc->priv = pcr; -+ pkc->type = ASYNCHRONOUS; -+ ret = crypto_run_asym(pkc); -+ if (ret == -EINPROGRESS) -+ ret = 0; -+ } -+ return ret; -+ case CIOCASYMASYNFETCH: -+ { -+ struct cryptodev_pkc *pkc; -+ unsigned long flags; -+ -+ spin_lock_irqsave(&pcr->completion_lock, flags); -+ if (list_empty(&pcr->asym_completed_list)) { -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ return -ENOMEM; -+ } -+ pkc = list_first_entry(&pcr->asym_completed_list, -+ struct cryptodev_pkc, list); -+ list_del(&pkc->list); -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ ret = crypto_async_fetch_asym(pkc); -+ -+ /* Reflect the updated request to user-space */ -+ if (!ret) -+ kop_to_user(&pkc->kop, arg); -+ kfree(pkc); -+ } -+ return ret; - default: - return -EINVAL; - } -@@ -1083,9 +1261,11 @@ static unsigned int cryptodev_poll(struct file *file, poll_table *wait) - - poll_wait(file, &pcr->user_waiter, wait); - -- if (!list_empty_careful(&pcr->done.list)) -+ if (!list_empty_careful(&pcr->done.list) || -+ !list_empty_careful(&pcr->asym_completed_list)) - ret |= POLLIN | POLLRDNORM; -- if (!list_empty_careful(&pcr->free.list) || pcr->itemcount < MAX_COP_RINGSIZE) -+ if (!list_empty_careful(&pcr->free.list) || -+ pcr->itemcount < MAX_COP_RINGSIZE) - ret |= POLLOUT | POLLWRNORM; - - return ret; -diff --git a/main.c b/main.c -index 57e5c38..0b7951e 100644 ---- a/main.c -+++ b/main.c -@@ -181,6 +181,384 @@ __crypto_run_zc(struct csession *ses_ptr, struct kernel_crypt_op *kcop) - return ret; - } - -+int crypto_kop_dsasign(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req = &pkc->req; -+ struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; -+ int rc, buf_size; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || -+ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 6 && -+ !cop->crk_param[7].crp_nbits)) -+ return -EINVAL; -+ -+ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ dsa_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8; -+ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len + -+ dsa_req->g_len + dsa_req->priv_key_len + dsa_req->d_len + -+ dsa_req->d_len; -+ if (cop->crk_iparams == 6) { -+ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; -+ buf_size += dsa_req->ab_len; -+ pkc_req->type = ECDSA_SIGN; -+ pkc_req->curve_type = cop->curve_type; -+ } else { -+ pkc_req->type = DSA_SIGN; -+ } -+ -+ buf = kzalloc(buf_size, GFP_DMA); -+ -+ dsa_req->q = buf; -+ dsa_req->r = dsa_req->q + dsa_req->q_len; -+ dsa_req->g = dsa_req->r + dsa_req->r_len; -+ dsa_req->priv_key = dsa_req->g + dsa_req->g_len; -+ dsa_req->m = dsa_req->priv_key + dsa_req->priv_key_len; -+ dsa_req->c = dsa_req->m + dsa_req->m_len; -+ dsa_req->d = dsa_req->c + dsa_req->d_len; -+ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); -+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); -+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); -+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); -+ copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p, -+ dsa_req->priv_key_len); -+ if (cop->crk_iparams == 6) { -+ dsa_req->ab = dsa_req->d + dsa_req->d_len; -+ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, -+ dsa_req->ab_len); -+ } -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ if (cop->crk_iparams == 6) { -+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->c, -+ dsa_req->d_len); -+ copy_to_user(cop->crk_param[7].crp_p, dsa_req->d, -+ dsa_req->d_len); -+ } else { -+ copy_to_user(cop->crk_param[5].crp_p, dsa_req->c, -+ dsa_req->d_len); -+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->d, -+ dsa_req->d_len); -+ } -+ } else { -+ if (rc != -EINPROGRESS && rc != 0) -+ goto err; -+ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct dsa_verify_req_s *dsa_req; -+ int rc, buf_size; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || -+ !cop->crk_param[6].crp_nbits || (cop->crk_iparams == 8 && -+ !cop->crk_param[7].crp_nbits)) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ dsa_req = &pkc_req->req_u.dsa_verify; -+ dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ dsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ dsa_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ dsa_req->d_len = (cop->crk_param[6].crp_nbits + 7)/8; -+ buf_size = dsa_req->m_len + dsa_req->q_len + dsa_req->r_len + -+ dsa_req->g_len + dsa_req->pub_key_len + dsa_req->d_len + -+ dsa_req->d_len; -+ if (cop->crk_iparams == 8) { -+ dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; -+ buf_size += dsa_req->ab_len; -+ pkc_req->type = ECDSA_VERIFY; -+ pkc_req->curve_type = cop->curve_type; -+ } else { -+ pkc_req->type = DSA_VERIFY; -+ } -+ -+ buf = kzalloc(buf_size, GFP_DMA); -+ -+ dsa_req->q = buf; -+ dsa_req->r = dsa_req->q + dsa_req->q_len; -+ dsa_req->g = dsa_req->r + dsa_req->r_len; -+ dsa_req->pub_key = dsa_req->g + dsa_req->g_len; -+ dsa_req->m = dsa_req->pub_key + dsa_req->pub_key_len; -+ dsa_req->c = dsa_req->m + dsa_req->m_len; -+ dsa_req->d = dsa_req->c + dsa_req->d_len; -+ copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); -+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); -+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); -+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); -+ copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p, -+ dsa_req->pub_key_len); -+ if (cop->crk_iparams == 8) { -+ dsa_req->ab = dsa_req->d + dsa_req->d_len; -+ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, -+ dsa_req->ab_len); -+ copy_from_user(dsa_req->c, cop->crk_param[6].crp_p, -+ dsa_req->d_len); -+ copy_from_user(dsa_req->d, cop->crk_param[7].crp_p, -+ dsa_req->d_len); -+ } else { -+ copy_from_user(dsa_req->c, cop->crk_param[5].crp_p, -+ dsa_req->d_len); -+ copy_from_user(dsa_req->d, cop->crk_param[6].crp_p, -+ dsa_req->d_len); -+ } -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ } else { -+ if (rc != -EINPROGRESS && !rc) -+ goto err; -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_kop_dh_key(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct dh_key_req_s *dh_req; -+ int buf_size; -+ uint8_t *buf; -+ int rc = -EINVAL; -+ -+ pkc_req = &pkc->req; -+ dh_req = &pkc_req->req_u.dh_req; -+ dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len; -+ if (cop->crk_iparams == 4) { -+ pkc_req->type = ECDH_COMPUTE_KEY; -+ dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ buf_size += dh_req->ab_len; -+ } else { -+ dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ pkc_req->type = DH_COMPUTE_KEY; -+ } -+ buf_size += dh_req->z_len; -+ buf = kzalloc(buf_size, GFP_DMA); -+ dh_req->q = buf; -+ dh_req->s = dh_req->q + dh_req->q_len; -+ dh_req->pub_key = dh_req->s + dh_req->s_len; -+ dh_req->z = dh_req->pub_key + dh_req->pub_key_len; -+ if (cop->crk_iparams == 4) { -+ dh_req->ab = dh_req->z + dh_req->z_len; -+ pkc_req->curve_type = cop->curve_type; -+ copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, -+ dh_req->ab_len); -+ } -+ copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len); -+ copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p, -+ dh_req->pub_key_len); -+ copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len); -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ if (cop->crk_iparams == 4) -+ copy_to_user(cop->crk_param[4].crp_p, dh_req->z, -+ dh_req->z_len); -+ else -+ copy_to_user(cop->crk_param[3].crp_p, dh_req->z, -+ dh_req->z_len); -+ } else { -+ if (rc != -EINPROGRESS && rc != 0) -+ goto err; -+ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_modexp_crt(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct rsa_priv_frm3_req_s *rsa_req; -+ int rc; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ pkc_req->type = RSA_PRIV_FORM3; -+ rsa_req = &pkc_req->req_u.rsa_priv_f3; -+ rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ rsa_req->dp_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8; -+ rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8; -+ buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + -+ rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len + -+ rsa_req->g_len, GFP_DMA); -+ rsa_req->p = buf; -+ rsa_req->q = rsa_req->p + rsa_req->p_len; -+ rsa_req->g = rsa_req->q + rsa_req->q_len; -+ rsa_req->dp = rsa_req->g + rsa_req->g_len; -+ rsa_req->dq = rsa_req->dp + rsa_req->dp_len; -+ rsa_req->c = rsa_req->dq + rsa_req->dq_len; -+ rsa_req->f = rsa_req->c + rsa_req->c_len; -+ copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len); -+ copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len); -+ copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len); -+ copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len); -+ copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len); -+ copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len); -+ rc = cryptodev_pkc_offload(pkc); -+ -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ copy_to_user(cop->crk_param[6].crp_p, rsa_req->f, -+ rsa_req->f_len); -+ } else { -+ if (rc != -EINPROGRESS && rc != 0) -+ goto err; -+ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_bn_modexp(struct cryptodev_pkc *pkc) -+{ -+ struct pkc_request *pkc_req; -+ struct rsa_pub_req_s *rsa_req; -+ int rc; -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ pkc_req->type = RSA_PUB; -+ rsa_req = &pkc_req->req_u.rsa_pub_req; -+ rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len -+ + rsa_req->g_len, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; -+ -+ rsa_req->e = buf; -+ rsa_req->f = rsa_req->e + rsa_req->e_len; -+ rsa_req->g = rsa_req->f + rsa_req->f_len; -+ rsa_req->n = rsa_req->g + rsa_req->g_len; -+ copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len); -+ copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len); -+ copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len); -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ -+ copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, -+ rsa_req->g_len); -+ } else { -+ if (rc != -EINPROGRESS && rc != 0) -+ goto err; -+ -+ /* This one will be freed later in fetch handler */ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ -+int crypto_run_asym(struct cryptodev_pkc *pkc) -+{ -+ int ret = -EINVAL; -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ -+ switch (kop->kop.crk_op) { -+ case CRK_MOD_EXP: -+ if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1) -+ goto err; -+ -+ ret = crypto_bn_modexp(pkc); -+ break; -+ case CRK_MOD_EXP_CRT: -+ if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1) -+ goto err; -+ -+ ret = crypto_modexp_crt(pkc); -+ break; -+ case CRK_DSA_SIGN: -+ if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) || -+ kop->kop.crk_oparams != 2) -+ goto err; -+ -+ ret = crypto_kop_dsasign(pkc); -+ break; -+ case CRK_DSA_VERIFY: -+ if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) || -+ kop->kop.crk_oparams != 0) -+ goto err; -+ -+ ret = crypto_kop_dsaverify(pkc); -+ break; -+ case CRK_DH_COMPUTE_KEY: -+ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) || -+ kop->kop.crk_oparams != 1) -+ goto err; -+ ret = crypto_kop_dh_key(pkc); -+ break; -+ } -+err: -+ return ret; -+} -+ - int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop) - { - struct csession *ses_ptr; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch b/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch deleted file mode 100644 index 25a52a9..0000000 --- a/recipes-kernel/cryptodev/files/0004-Add-the-compile-and-install-rules-for-cryptodev-test.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 188f30f6233d05eb62b58bf6d94a16bcbeeae0ee Mon Sep 17 00:00:00 2001 -From: Cristian Stoica <cristian.stoica@freescale.com> -Date: Mon, 27 Apr 2015 15:26:14 +0300 -Subject: [PATCH 4/4] Add the compile and install rules for cryptodev tests - -Change-Id: Ica10dc563c77220dcf0e0993515230df8a86c34d -Signed-off-by: Yu Zongchun <b40527@freescale.com> ---- - Makefile | 6 ++++++ - tests/Makefile | 8 ++++++++ - 2 files changed, 14 insertions(+) - -diff --git a/Makefile b/Makefile -index 855bb54..5497037 100644 ---- a/Makefile -+++ b/Makefile -@@ -32,6 +32,9 @@ install: modules_install - modules_install: - make -C $(KERNEL_DIR) SUBDIRS=`pwd` modules_install - -+install_tests: -+ make -C tests install DESTDIR=$(PREFIX) -+ - clean: - make -C $(KERNEL_DIR) SUBDIRS=`pwd` clean - rm -f $(hostprogs) *~ -@@ -40,6 +43,9 @@ clean: - check: - CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) make -C tests check - -+testprogs: -+ KERNEL_DIR=$(KERNEL_DIR) make -C tests testprogs -+ - CPOPTS = - ifneq (${SHOW_TYPES},) - CPOPTS += --show-types -diff --git a/tests/Makefile b/tests/Makefile -index 20c52ba..67c3c83 100644 ---- a/tests/Makefile -+++ b/tests/Makefile -@@ -19,6 +19,12 @@ example-async-hmac-objs := async_hmac.o - example-async-speed-objs := async_speed.o - example-hashcrypt-speed-objs := hashcrypt_speed.c - -+install: -+ install -d $(DESTDIR)/usr/bin/tests_cryptodev -+ for bin in $(hostprogs); do \ -+ install -m 755 $${bin} $(DESTDIR)/usr/bin/tests_cryptodev/; \ -+ done -+ - check: $(hostprogs) - ./cipher - ./hmac -@@ -28,6 +34,8 @@ check: $(hostprogs) - ./cipher-gcm - ./cipher-aead - -+testprogs: $(hostprogs) -+ - clean: - rm -f *.o *~ $(hostprogs) - --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch b/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch deleted file mode 100644 index 2f35768..0000000 --- a/recipes-kernel/cryptodev/files/0004-Compat-versions-of-PKC-IOCTLs.patch +++ /dev/null @@ -1,200 +0,0 @@ -From b109fbdb64de6be0dc2f0d2ef108cead34652495 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta <yashpal.dutta@freescale.com> -Date: Fri, 7 Mar 2014 06:52:13 +0545 -Subject: [PATCH 04/15] Compat versions of PKC IOCTLs - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> ---- - cryptodev_int.h | 20 ++++++++++ - ioctl.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 140 insertions(+) - -diff --git a/cryptodev_int.h b/cryptodev_int.h -index fdbcc61..cf54dac 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -75,6 +75,24 @@ struct compat_crypt_op { - compat_uptr_t iv;/* initialization vector for encryption operations */ - }; - -+/* input of CIOCKEY */ -+struct compat_crparam { -+ compat_uptr_t crp_p; -+ uint32_t crp_nbits; -+}; -+ -+struct compat_crypt_kop { -+ uint32_t crk_op; /* cryptodev_crk_ot_t */ -+ uint32_t crk_status; -+ uint16_t crk_iparams; -+ uint16_t crk_oparams; -+ uint32_t crk_pad1; -+ struct compat_crparam crk_param[CRK_MAXPARAM]; -+ enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, -+ 2 = EC_BINARY */ -+ compat_uptr_t cookie; -+}; -+ - /* input of CIOCAUTHCRYPT */ - struct compat_crypt_auth_op { - uint32_t ses; /* session identifier */ -@@ -111,6 +129,8 @@ struct compat_crypt_auth_op { - #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) - #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) - #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) -+#define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop) -+#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop) - - #endif /* CONFIG_COMPAT */ - -diff --git a/ioctl.c b/ioctl.c -index 69980e3..9431025 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -1081,6 +1081,68 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - /* compatibility code for 32bit userlands */ - #ifdef CONFIG_COMPAT - -+static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat, -+ struct crypt_kop *kop) -+{ -+ int i; -+ kop->crk_op = compat->crk_op; -+ kop->crk_status = compat->crk_status; -+ kop->crk_iparams = compat->crk_iparams; -+ kop->crk_oparams = compat->crk_oparams; -+ -+ for (i = 0; i < CRK_MAXPARAM; i++) { -+ kop->crk_param[i].crp_p = -+ compat_ptr(compat->crk_param[i].crp_p); -+ kop->crk_param[i].crp_nbits = compat->crk_param[i].crp_nbits; -+ } -+ -+ kop->curve_type = compat->curve_type; -+ kop->cookie = compat->cookie; -+} -+ -+static int compat_kop_from_user(struct kernel_crypt_kop *kop, -+ void __user *arg) -+{ -+ struct compat_crypt_kop compat_kop; -+ -+ if (unlikely(copy_from_user(&compat_kop, arg, sizeof(compat_kop)))) -+ return -EFAULT; -+ -+ compat_to_crypt_kop(&compat_kop, &kop->kop); -+ return fill_kop_from_cop(kop); -+} -+ -+static inline void crypt_kop_to_compat(struct crypt_kop *kop, -+ struct compat_crypt_kop *compat) -+{ -+ int i; -+ -+ compat->crk_op = kop->crk_op; -+ compat->crk_status = kop->crk_status; -+ compat->crk_iparams = kop->crk_iparams; -+ compat->crk_oparams = kop->crk_oparams; -+ -+ for (i = 0; i < CRK_MAXPARAM; i++) { -+ compat->crk_param[i].crp_p = -+ ptr_to_compat(kop->crk_param[i].crp_p); -+ compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits; -+ } -+ compat->cookie = kop->cookie; -+ compat->curve_type = kop->curve_type; -+} -+ -+static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) -+{ -+ struct compat_crypt_kop compat_kop; -+ -+ crypt_kop_to_compat(&kop->kop, &compat_kop); -+ if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) { -+ dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); -+ return -EFAULT; -+ } -+ return 0; -+} -+ - static inline void - compat_to_session_op(struct compat_session_op *compat, struct session_op *sop) - { -@@ -1208,7 +1270,26 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - return -EFAULT; - } - return ret; -+ case COMPAT_CIOCKEY: -+ { -+ struct cryptodev_pkc *pkc = -+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ -+ if (!pkc) -+ return -ENOMEM; -+ -+ ret = compat_kop_from_user(&pkc->kop, arg); -+ -+ if (unlikely(ret)) { -+ kfree(pkc); -+ return ret; -+ } - -+ pkc->type = SYNCHRONOUS; -+ ret = crypto_run_asym(pkc); -+ kfree(pkc); -+ } -+ return ret; - case COMPAT_CIOCCRYPT: - ret = compat_kcop_from_user(&kcop, fcr, arg); - if (unlikely(ret)) -@@ -1247,6 +1328,45 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - - return compat_kcop_to_user(&kcop, fcr, arg); - #endif -+ case COMPAT_CIOCASYMASYNCRYPT: -+ { -+ struct cryptodev_pkc *pkc = -+ kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ -+ ret = compat_kop_from_user(&pkc->kop, arg); -+ if (unlikely(ret)) -+ return -EINVAL; -+ -+ /* Store associated FD priv data with asymmetric request */ -+ pkc->priv = pcr; -+ pkc->type = ASYNCHRONOUS; -+ ret = crypto_run_asym(pkc); -+ if (ret == -EINPROGRESS) -+ ret = 0; -+ } -+ return ret; -+ case COMPAT_CIOCASYMASYNFETCH: -+ { -+ struct cryptodev_pkc *pkc; -+ unsigned long flags; -+ -+ spin_lock_irqsave(&pcr->completion_lock, flags); -+ if (list_empty(&pcr->asym_completed_list)) { -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ return -ENOMEM; -+ } -+ pkc = list_first_entry(&pcr->asym_completed_list, -+ struct cryptodev_pkc, list); -+ list_del(&pkc->list); -+ spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ ret = crypto_async_fetch_asym(pkc); -+ -+ /* Reflect the updated request to user-space */ -+ if (!ret) -+ compat_kop_to_user(&pkc->kop, arg); -+ kfree(pkc); -+ } -+ return ret; - default: - return -EINVAL; - } --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch b/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch deleted file mode 100644 index 8827fb0..0000000 --- a/recipes-kernel/cryptodev/files/0005-Asynchronous-interface-changes-in-cryptodev.patch +++ /dev/null @@ -1,213 +0,0 @@ -From 7594d5375d998eb25241750b623661ff021697d3 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta <yashpal.dutta@freescale.com> -Date: Fri, 7 Mar 2014 07:24:00 +0545 -Subject: [PATCH 05/15] Asynchronous interface changes in cryptodev - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> ---- - cryptlib.h | 7 ++++- - crypto/cryptodev.h | 10 ++++++- - cryptodev_int.h | 10 ++++++- - ioctl.c | 76 +++++++++++++++++++++++++++++++++++++----------------- - 4 files changed, 76 insertions(+), 27 deletions(-) - -diff --git a/cryptlib.h b/cryptlib.h -index 56d325a..7ffa54c 100644 ---- a/cryptlib.h -+++ b/cryptlib.h -@@ -113,7 +113,12 @@ struct cryptodev_pkc { - struct pkc_request req; /* PKC request structure allocated - from CryptoAPI */ - enum offload_type type; /* Synchronous Vs Asynchronous request */ -- void *cookie; /*Additional opaque cookie to be used in future */ -+ /* -+ * cookie used for transfering tranparent information from async -+ * submission to async fetch. Currently some dynamic allocated -+ * buffers are maintained which will be freed later during fetch -+ */ -+ void *cookie; - struct crypt_priv *priv; - }; - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 96675fe..4436fbf 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -254,6 +254,14 @@ struct crypt_kop { - void *cookie; - }; - -+#define MAX_COOKIES 4 -+ -+struct pkc_cookie_list_s { -+ int cookie_available; -+ void *cookie[MAX_COOKIES]; -+ int status[MAX_COOKIES]; -+}; -+ - enum cryptodev_crk_op_t { - CRK_MOD_EXP = 0, - CRK_MOD_EXP_CRT = 1, -@@ -298,5 +306,5 @@ enum cryptodev_crk_op_t { - #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) - /* additional ioctls for asynchronous operation for asymmetric ciphers*/ - #define CIOCASYMASYNCRYPT _IOW('c', 112, struct crypt_kop) --#define CIOCASYMASYNFETCH _IOR('c', 113, struct crypt_kop) -+#define CIOCASYMFETCHCOOKIE _IOR('c', 113, struct pkc_cookie_list_s) - #endif /* L_CRYPTODEV_H */ -diff --git a/cryptodev_int.h b/cryptodev_int.h -index cf54dac..5347cae 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -93,6 +93,12 @@ struct compat_crypt_kop { - compat_uptr_t cookie; - }; - -+struct compat_pkc_cookie_list_s { -+ int cookie_available; -+ compat_uptr_t cookie[MAX_COOKIES]; -+ int status[MAX_COOKIES]; -+}; -+ - /* input of CIOCAUTHCRYPT */ - struct compat_crypt_auth_op { - uint32_t ses; /* session identifier */ -@@ -126,11 +132,13 @@ struct compat_crypt_auth_op { - /* compat ioctls, defined for the above structs */ - #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) - #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) -+#define COMPAT_CIOCKEY _IOW('c', 105, struct compat_crypt_kop) - #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) - #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) - #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) - #define COMPAT_CIOCASYMASYNCRYPT _IOW('c', 110, struct compat_crypt_kop) --#define COMPAT_CIOCASYMASYNFETCH _IOR('c', 111, struct compat_crypt_kop) -+#define COMPAT_CIOCASYMFETCHCOOKIE _IOR('c', 111, \ -+ struct compat_pkc_cookie_list_s) - - #endif /* CONFIG_COMPAT */ - -diff --git a/ioctl.c b/ioctl.c -index 9431025..e2f407f 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -105,8 +105,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) - crypto_free_pkc(pkc->s); - res->err = err; - if (pkc->type == SYNCHRONOUS) { -- if (err == -EINPROGRESS) -- return; - complete(&res->completion); - } else { - struct crypt_priv *pcr = pkc->priv; -@@ -1051,26 +1049,41 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - ret = 0; - } - return ret; -- case CIOCASYMASYNFETCH: -+ case CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; - unsigned long flags; -+ int i; -+ struct pkc_cookie_list_s cookie_list; - - spin_lock_irqsave(&pcr->completion_lock, flags); -- if (list_empty(&pcr->asym_completed_list)) { -- spin_unlock_irqrestore(&pcr->completion_lock, flags); -- return -ENOMEM; -+ cookie_list.cookie_available = 0; -+ for (i = 0; i < MAX_COOKIES; i++) { -+ if (!list_empty(&pcr->asym_completed_list)) { -+ /* Run a loop in the list for upto elements -+ and copy their response back */ -+ pkc = -+ list_first_entry(&pcr->asym_completed_list, -+ struct cryptodev_pkc, list); -+ list_del(&pkc->list); -+ ret = crypto_async_fetch_asym(pkc); -+ if (!ret) { -+ cookie_list.cookie_available++; -+ cookie_list.cookie[i] = -+ pkc->kop.kop.cookie; -+ cookie_list.status[i] = pkc->result.err; -+ } -+ kfree(pkc); -+ } else { -+ break; -+ } - } -- pkc = list_first_entry(&pcr->asym_completed_list, -- struct cryptodev_pkc, list); -- list_del(&pkc->list); - spin_unlock_irqrestore(&pcr->completion_lock, flags); -- ret = crypto_async_fetch_asym(pkc); - - /* Reflect the updated request to user-space */ -- if (!ret) -- kop_to_user(&pkc->kop, arg); -- kfree(pkc); -+ if (cookie_list.cookie_available) -+ copy_to_user(arg, &cookie_list, -+ sizeof(struct pkc_cookie_list_s)); - } - return ret; - default: -@@ -1345,26 +1358,41 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - ret = 0; - } - return ret; -- case COMPAT_CIOCASYMASYNFETCH: -+ case COMPAT_CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; - unsigned long flags; -+ int i = 0; -+ struct compat_pkc_cookie_list_s cookie_list; - - spin_lock_irqsave(&pcr->completion_lock, flags); -- if (list_empty(&pcr->asym_completed_list)) { -- spin_unlock_irqrestore(&pcr->completion_lock, flags); -- return -ENOMEM; -+ cookie_list.cookie_available = 0; -+ -+ for (i = 0; i < MAX_COOKIES; i++) { -+ if (!list_empty(&pcr->asym_completed_list)) { -+ /* Run a loop in the list for upto elements -+ and copy their response back */ -+ pkc = -+ list_first_entry(&pcr->asym_completed_list, -+ struct cryptodev_pkc, list); -+ list_del(&pkc->list); -+ ret = crypto_async_fetch_asym(pkc); -+ if (!ret) { -+ cookie_list.cookie_available++; -+ cookie_list.cookie[i] = -+ pkc->kop.kop.cookie; -+ } -+ kfree(pkc); -+ } else { -+ break; -+ } - } -- pkc = list_first_entry(&pcr->asym_completed_list, -- struct cryptodev_pkc, list); -- list_del(&pkc->list); - spin_unlock_irqrestore(&pcr->completion_lock, flags); -- ret = crypto_async_fetch_asym(pkc); - - /* Reflect the updated request to user-space */ -- if (!ret) -- compat_kop_to_user(&pkc->kop, arg); -- kfree(pkc); -+ if (cookie_list.cookie_available) -+ copy_to_user(arg, &cookie_list, -+ sizeof(struct compat_pkc_cookie_list_s)); - } - return ret; - default: --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch b/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch deleted file mode 100644 index 89cace3..0000000 --- a/recipes-kernel/cryptodev/files/0006-ECC_KEYGEN-and-DLC_KEYGEN-supported-in-cryptodev-mod.patch +++ /dev/null @@ -1,212 +0,0 @@ -From eccd6277b067cd85094eb057225cc0a983300b9f Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta <yashpal.dutta@freescale.com> -Date: Fri, 7 Mar 2014 07:53:53 +0545 -Subject: [PATCH 06/15] ECC_KEYGEN and DLC_KEYGEN supported in cryptodev module - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> ---- - cryptlib.c | 2 ++ - crypto/cryptodev.h | 5 +++- - ioctl.c | 29 +++++++++++++++++-- - main.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ - 4 files changed, 118 insertions(+), 3 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 6900028..47cd568 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -452,6 +452,8 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - case DSA_VERIFY: - case ECDSA_SIGN: - case ECDSA_VERIFY: -+ case DLC_KEYGEN: -+ case ECC_KEYGEN: - pkc->s = crypto_alloc_pkc("pkc(dsa)", - CRYPTO_ALG_TYPE_PKC_DSA, 0); - break; -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 4436fbf..275a55c 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -268,6 +268,8 @@ enum cryptodev_crk_op_t { - CRK_DSA_SIGN = 2, - CRK_DSA_VERIFY = 3, - CRK_DH_COMPUTE_KEY = 4, -+ CRK_DSA_GENERATE_KEY = 5, -+ CRK_DH_GENERATE_KEY = 6, - CRK_ALGORITHM_ALL - }; - -@@ -280,7 +282,8 @@ enum cryptodev_crk_op_t { - #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) - #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) - #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) -- -+#define CRF_DSA_GENERATE_KEY (1 << CRK_DSA_GENERATE_KEY) -+#define CRF_DH_GENERATE_KEY (1 << CRK_DH_GENERATE_KEY) - - /* ioctl's. Compatible with old linux cryptodev.h - */ -diff --git a/ioctl.c b/ioctl.c -index e2f407f..1f0741a 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -726,6 +726,23 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - dh_req->z, dh_req->z_len); - } - break; -+ case CRK_DSA_GENERATE_KEY: -+ case CRK_DH_GENERATE_KEY: -+ { -+ struct keygen_req_s *key_req = &pkc_req->req_u.keygen; -+ -+ if (pkc_req->type == ECC_KEYGEN) { -+ copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, -+ key_req->pub_key_len); -+ copy_to_user(ckop->crk_param[5].crp_p, -+ key_req->priv_key, key_req->priv_key_len); -+ } else { -+ copy_to_user(ckop->crk_param[3].crp_p, -+ key_req->pub_key, key_req->pub_key_len); -+ copy_to_user(ckop->crk_param[4].crp_p, -+ key_req->priv_key, key_req->priv_key_len); -+ } -+ } - default: - ret = -EINVAL; - } -@@ -939,8 +956,9 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - - switch (cmd) { - case CIOCASYMFEAT: -- return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | -- CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY, p); -+ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | -+ CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | -+ CRF_DSA_GENERATE_KEY, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); -@@ -1084,7 +1102,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - if (cookie_list.cookie_available) - copy_to_user(arg, &cookie_list, - sizeof(struct pkc_cookie_list_s)); -+ else { -+ struct pkc_cookie_list_s *user_ck_list = (void *)arg; -+ -+ put_user(0, &(user_ck_list->cookie_available)); -+ } -+ ret = cookie_list.cookie_available; - } -+ - return ret; - default: - return -EINVAL; -diff --git a/main.c b/main.c -index 0b7951e..c901bc7 100644 ---- a/main.c -+++ b/main.c -@@ -342,6 +342,85 @@ err: - return rc; - } - -+int crypto_kop_keygen(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct keygen_req_s *key_req; -+ int rc, buf_size; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ key_req = &pkc_req->req_u.keygen; -+ key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8; -+ key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8; -+ key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ if (cop->crk_iparams == 3) { -+ key_req->pub_key_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ buf_size = key_req->q_len + key_req->r_len + key_req->g_len + -+ key_req->pub_key_len + key_req->priv_key_len; -+ pkc_req->type = DLC_KEYGEN; -+ } else { -+ key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; -+ key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -+ key_req->priv_key_len = (cop->crk_param[5].crp_nbits + 7)/8; -+ buf_size = key_req->q_len + key_req->r_len + key_req->g_len + -+ key_req->pub_key_len + key_req->priv_key_len + -+ key_req->ab_len; -+ pkc_req->type = ECC_KEYGEN; -+ pkc_req->curve_type = cop->curve_type; -+ } -+ -+ buf = kzalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; -+ -+ key_req->q = buf; -+ key_req->r = key_req->q + key_req->q_len; -+ key_req->g = key_req->r + key_req->r_len; -+ key_req->pub_key = key_req->g + key_req->g_len; -+ key_req->priv_key = key_req->pub_key + key_req->pub_key_len; -+ copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); -+ copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); -+ copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); -+ if (cop->crk_iparams == 3) { -+ copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p, -+ key_req->pub_key_len); -+ copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p, -+ key_req->priv_key_len); -+ } else { -+ key_req->ab = key_req->priv_key + key_req->priv_key_len; -+ copy_from_user(key_req->ab, cop->crk_param[3].crp_p, -+ key_req->ab_len); -+ copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p, -+ key_req->pub_key_len); -+ copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p, -+ key_req->priv_key_len); -+ } -+ -+ rc = cryptodev_pkc_offload(pkc); -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ } else { -+ if (rc != -EINPROGRESS && !rc) -+ goto err; -+ -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+} -+ - int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; -@@ -554,6 +633,12 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) - goto err; - ret = crypto_kop_dh_key(pkc); - break; -+ case CRK_DH_GENERATE_KEY: -+ case CRK_DSA_GENERATE_KEY: -+ if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4)) -+ goto err; -+ ret = crypto_kop_keygen(pkc); -+ break; - } - err: - return ret; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch b/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch deleted file mode 100644 index a76aca4..0000000 --- a/recipes-kernel/cryptodev/files/0007-RCU-stall-fixed-in-PKC-asynchronous-interface.patch +++ /dev/null @@ -1,238 +0,0 @@ -From 78c01e1882def52c72966c0e86913950ec201af9 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta <yashpal.dutta@freescale.com> -Date: Fri, 7 Mar 2014 08:49:15 +0545 -Subject: [PATCH 07/15] RCU stall fixed in PKC asynchronous interface - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> ---- - ioctl.c | 23 +++++++++++------------ - main.c | 43 +++++++++++++++++++++++++++---------------- - 2 files changed, 38 insertions(+), 28 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index 1f0741a..e4e16a8 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -108,10 +108,9 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) - complete(&res->completion); - } else { - struct crypt_priv *pcr = pkc->priv; -- unsigned long flags; -- spin_lock_irqsave(&pcr->completion_lock, flags); -+ spin_lock_bh(&pcr->completion_lock); - list_add_tail(&pkc->list, &pcr->asym_completed_list); -- spin_unlock_irqrestore(&pcr->completion_lock, flags); -+ spin_unlock_bh(&pcr->completion_lock); - /* wake for POLLIN */ - wake_up_interruptible(&pcr->user_waiter); - } -@@ -958,7 +957,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMFEAT: - return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | - CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | -- CRF_DSA_GENERATE_KEY, p); -+ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); -@@ -997,7 +996,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCKEY: - { - struct cryptodev_pkc *pkc = -- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); - - if (!pkc) - return -ENOMEM; -@@ -1053,7 +1052,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMASYNCRYPT: - { - struct cryptodev_pkc *pkc = -- kzalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); -+ kmalloc(sizeof(struct cryptodev_pkc), GFP_KERNEL); - ret = kop_from_user(&pkc->kop, arg); - - if (unlikely(ret)) -@@ -1070,13 +1069,12 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; -- unsigned long flags; - int i; - struct pkc_cookie_list_s cookie_list; - -- spin_lock_irqsave(&pcr->completion_lock, flags); - cookie_list.cookie_available = 0; - for (i = 0; i < MAX_COOKIES; i++) { -+ spin_lock_bh(&pcr->completion_lock); - if (!list_empty(&pcr->asym_completed_list)) { - /* Run a loop in the list for upto elements - and copy their response back */ -@@ -1084,6 +1082,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - list_first_entry(&pcr->asym_completed_list, - struct cryptodev_pkc, list); - list_del(&pkc->list); -+ spin_unlock_bh(&pcr->completion_lock); - ret = crypto_async_fetch_asym(pkc); - if (!ret) { - cookie_list.cookie_available++; -@@ -1093,10 +1092,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - } - kfree(pkc); - } else { -+ spin_unlock_bh(&pcr->completion_lock); - break; - } - } -- spin_unlock_irqrestore(&pcr->completion_lock, flags); - - /* Reflect the updated request to user-space */ - if (cookie_list.cookie_available) -@@ -1386,14 +1385,13 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - case COMPAT_CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; -- unsigned long flags; - int i = 0; - struct compat_pkc_cookie_list_s cookie_list; - -- spin_lock_irqsave(&pcr->completion_lock, flags); - cookie_list.cookie_available = 0; - - for (i = 0; i < MAX_COOKIES; i++) { -+ spin_lock_bh(&pcr->completion_lock); - if (!list_empty(&pcr->asym_completed_list)) { - /* Run a loop in the list for upto elements - and copy their response back */ -@@ -1401,6 +1399,7 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - list_first_entry(&pcr->asym_completed_list, - struct cryptodev_pkc, list); - list_del(&pkc->list); -+ spin_unlock_bh(&pcr->completion_lock); - ret = crypto_async_fetch_asym(pkc); - if (!ret) { - cookie_list.cookie_available++; -@@ -1409,10 +1408,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - } - kfree(pkc); - } else { -+ spin_unlock_bh(&pcr->completion_lock); - break; - } - } -- spin_unlock_irqrestore(&pcr->completion_lock, flags); - - /* Reflect the updated request to user-space */ - if (cookie_list.cookie_available) -diff --git a/main.c b/main.c -index c901bc7..2747706 100644 ---- a/main.c -+++ b/main.c -@@ -215,7 +215,9 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) - pkc_req->type = DSA_SIGN; - } - -- buf = kzalloc(buf_size, GFP_DMA); -+ buf = kmalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; - - dsa_req->q = buf; - dsa_req->r = dsa_req->q + dsa_req->q_len; -@@ -298,7 +300,9 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) - pkc_req->type = DSA_VERIFY; - } - -- buf = kzalloc(buf_size, GFP_DMA); -+ buf = kmalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; - - dsa_req->q = buf; - dsa_req->r = dsa_req->q + dsa_req->q_len; -@@ -378,7 +382,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - pkc_req->curve_type = cop->curve_type; - } - -- buf = kzalloc(buf_size, GFP_DMA); -+ buf = kmalloc(buf_size, GFP_DMA); - if (!buf) - return -ENOMEM; - -@@ -390,25 +394,28 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); - copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); - copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); -- if (cop->crk_iparams == 3) { -- copy_from_user(key_req->pub_key, cop->crk_param[3].crp_p, -- key_req->pub_key_len); -- copy_from_user(key_req->priv_key, cop->crk_param[4].crp_p, -- key_req->priv_key_len); -- } else { -+ if (cop->crk_iparams == 4) { - key_req->ab = key_req->priv_key + key_req->priv_key_len; - copy_from_user(key_req->ab, cop->crk_param[3].crp_p, - key_req->ab_len); -- copy_from_user(key_req->pub_key, cop->crk_param[4].crp_p, -- key_req->pub_key_len); -- copy_from_user(key_req->priv_key, cop->crk_param[5].crp_p, -- key_req->priv_key_len); - } - - rc = cryptodev_pkc_offload(pkc); - if (pkc->type == SYNCHRONOUS) { - if (rc) - goto err; -+ -+ if (cop->crk_iparams == 4) { -+ copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key, -+ key_req->pub_key_len); -+ copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key, -+ key_req->priv_key_len); -+ } else { -+ copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key, -+ key_req->pub_key_len); -+ copy_to_user(cop->crk_param[4].crp_p, -+ key_req->priv_key, key_req->priv_key_len); -+ } - } else { - if (rc != -EINPROGRESS && !rc) - goto err; -@@ -447,7 +454,9 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - pkc_req->type = DH_COMPUTE_KEY; - } - buf_size += dh_req->z_len; -- buf = kzalloc(buf_size, GFP_DMA); -+ buf = kmalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; - dh_req->q = buf; - dh_req->s = dh_req->q + dh_req->q_len; - dh_req->pub_key = dh_req->s + dh_req->s_len; -@@ -508,9 +517,11 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) - rsa_req->dq_len = (cop->crk_param[4].crp_nbits + 7)/8; - rsa_req->c_len = (cop->crk_param[5].crp_nbits + 7)/8; - rsa_req->f_len = (cop->crk_param[6].crp_nbits + 7)/8; -- buf = kzalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + -+ buf = kmalloc(rsa_req->p_len + rsa_req->q_len + rsa_req->f_len + - rsa_req->dp_len + rsa_req->dp_len + rsa_req->c_len + - rsa_req->g_len, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; - rsa_req->p = buf; - rsa_req->q = rsa_req->p + rsa_req->p_len; - rsa_req->g = rsa_req->q + rsa_req->q_len; -@@ -563,7 +574,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) - rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; - rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; - rsa_req->g_len = (cop->crk_param[3].crp_nbits + 7)/8; -- buf = kzalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len -+ buf = kmalloc(rsa_req->f_len + rsa_req->e_len + rsa_req->n_len - + rsa_req->g_len, GFP_DMA); - if (!buf) - return -ENOMEM; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch b/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch deleted file mode 100644 index d251c66..0000000 --- a/recipes-kernel/cryptodev/files/0008-Add-RSA-Key-generation-offloading.patch +++ /dev/null @@ -1,170 +0,0 @@ -From 5127db3483a2e4f6dc13330bea7237931c5f15a0 Mon Sep 17 00:00:00 2001 -From: Hou Zhiqiang <B48286@freescale.com> -Date: Wed, 19 Mar 2014 14:02:46 +0800 -Subject: [PATCH 08/15] Add RSA Key generation offloading - -Upstream-status: Pending - -Signed-off-by: Hou Zhiqiang <B48286@freescale.com> -Tested-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - cryptlib.c | 1 + - crypto/cryptodev.h | 2 ++ - ioctl.c | 3 +- - main.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++- - 4 files changed, 84 insertions(+), 2 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 47cd568..4dd1847 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -441,6 +441,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - struct pkc_request *pkc_req = &pkc->req, *pkc_requested; - - switch (pkc_req->type) { -+ case RSA_KEYGEN: - case RSA_PUB: - case RSA_PRIV_FORM1: - case RSA_PRIV_FORM2: -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 275a55c..d0cc542 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -270,6 +270,7 @@ enum cryptodev_crk_op_t { - CRK_DH_COMPUTE_KEY = 4, - CRK_DSA_GENERATE_KEY = 5, - CRK_DH_GENERATE_KEY = 6, -+ CRK_RSA_GENERATE_KEY = 7, - CRK_ALGORITHM_ALL - }; - -@@ -279,6 +280,7 @@ enum cryptodev_crk_op_t { - */ - #define CRF_MOD_EXP (1 << CRK_MOD_EXP) - #define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT) -+#define CRF_RSA_GENERATE_KEY (1 << CRK_RSA_GENERATE_KEY) - #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) - #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) - #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) -diff --git a/ioctl.c b/ioctl.c -index e4e16a8..3762a47 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -957,7 +957,8 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - case CIOCASYMFEAT: - return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | - CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | -- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p); -+ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY | -+ CRF_RSA_GENERATE_KEY, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); -diff --git a/main.c b/main.c -index 2747706..14dcf40 100644 ---- a/main.c -+++ b/main.c -@@ -346,6 +346,82 @@ err: - return rc; - } - -+int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) -+{ -+ struct kernel_crypt_kop *kop = &pkc->kop; -+ struct crypt_kop *cop = &kop->kop; -+ struct pkc_request *pkc_req; -+ struct rsa_keygen_req_s *key_req; -+ int rc, buf_size; -+ uint8_t *buf; -+ -+ if (!cop->crk_param[0].crp_nbits || !cop->crk_param[1].crp_nbits || -+ !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits || -+ !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits || -+ !cop->crk_param[6].crp_nbits) -+ return -EINVAL; -+ -+ pkc_req = &pkc->req; -+ pkc_req->type = RSA_KEYGEN; -+ key_req = &pkc_req->req_u.rsa_keygen; -+ key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; -+ key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8; -+ key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8; -+ key_req->n_len = (cop->crk_param[2].crp_nbits + 7) / 8; -+ key_req->d_len = (cop->crk_param[3].crp_nbits + 7) / 8; -+ key_req->dp_len = (cop->crk_param[4].crp_nbits + 7) / 8; -+ key_req->dq_len = (cop->crk_param[5].crp_nbits + 7) / 8; -+ key_req->c_len = (cop->crk_param[6].crp_nbits + 7) / 8; -+ -+ buf_size = key_req->p_len + key_req->q_len + key_req->n_len + -+ key_req->d_len + key_req->dp_len + -+ key_req->dq_len + key_req->c_len; -+ -+ buf = kmalloc(buf_size, GFP_DMA); -+ if (!buf) -+ return -ENOMEM; -+ key_req->p = buf; -+ key_req->q = key_req->p + key_req->p_len; -+ key_req->n = key_req->q + key_req->q_len; -+ key_req->d = key_req->n + key_req->n_len; -+ key_req->dp = key_req->d + key_req->d_len; -+ key_req->dq = key_req->dp + key_req->dp_len; -+ key_req->c = key_req->dq + key_req->dq_len; -+ -+ rc = cryptodev_pkc_offload(pkc); -+ -+ if (pkc->type == SYNCHRONOUS) { -+ if (rc) -+ goto err; -+ -+ copy_to_user(cop->crk_param[0].crp_p, -+ key_req->p, key_req->p_len); -+ copy_to_user(cop->crk_param[1].crp_p, -+ key_req->q, key_req->q_len); -+ copy_to_user(cop->crk_param[2].crp_p, -+ key_req->n, key_req->n_len); -+ copy_to_user(cop->crk_param[3].crp_p, -+ key_req->d, key_req->d_len); -+ copy_to_user(cop->crk_param[4].crp_p, -+ key_req->dp, key_req->dp_len); -+ copy_to_user(cop->crk_param[5].crp_p, -+ key_req->dq, key_req->dq_len); -+ copy_to_user(cop->crk_param[6].crp_p, -+ key_req->c, key_req->c_len); -+ } else { -+ if (rc != -EINPROGRESS && !rc) { -+ printk("%s: Failed\n", __func__); -+ goto err; -+ } -+ pkc->cookie = buf; -+ return rc; -+ } -+err: -+ kfree(buf); -+ return rc; -+ -+} -+ - int crypto_kop_keygen(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; -@@ -385,7 +461,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - buf = kmalloc(buf_size, GFP_DMA); - if (!buf) - return -ENOMEM; -- - key_req->q = buf; - key_req->r = key_req->q + key_req->q_len; - key_req->g = key_req->r + key_req->r_len; -@@ -650,6 +725,9 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) - goto err; - ret = crypto_kop_keygen(pkc); - break; -+ case CRK_RSA_GENERATE_KEY: -+ ret = crypto_kop_rsa_keygen(pkc); -+ break; - } - err: - return ret; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch b/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch deleted file mode 100644 index 2213fae..0000000 --- a/recipes-kernel/cryptodev/files/0009-Fixed-compilation-error-of-openssl-with-fsl-cryptode.patch +++ /dev/null @@ -1,160 +0,0 @@ -From 800af48d0c26830943ca2308dd426b5b09811750 Mon Sep 17 00:00:00 2001 -From: Yashpal Dutta <yashpal.dutta@freescale.com> -Date: Thu, 17 Apr 2014 07:08:47 +0545 -Subject: [PATCH 09/15] Fixed compilation error of openssl with fsl cryptodev - -Upstream-status: Pending - -Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> -Tested-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - authenc.c | 1 + - cryptlib.c | 9 ++++----- - crypto/cryptodev.h | 9 ++++++++- - cryptodev_int.h | 2 +- - ioctl.c | 8 ++++++-- - main.c | 1 + - 6 files changed, 21 insertions(+), 9 deletions(-) - -diff --git a/authenc.c b/authenc.c -index ef0d3db..2aa4d38 100644 ---- a/authenc.c -+++ b/authenc.c -@@ -2,6 +2,7 @@ - * Driver for /dev/crypto device (aka CryptoDev) - * - * Copyright (c) 2011, 2012 OpenSSL Software Foundation, Inc. -+ * Copyright (c) 2014 Freescale Semiconductor, Inc. - * - * Author: Nikos Mavrogiannopoulos - * -diff --git a/cryptlib.c b/cryptlib.c -index 4dd1847..ec6693e 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -4,8 +4,7 @@ - * Copyright (c) 2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org> - * Portions Copyright (c) 2010 Michael Weiser - * Portions Copyright (c) 2010 Phil Sutter -- * -- * Copyright 2012 Freescale Semiconductor, Inc. -+ * Copyright 2012-2014 Freescale Semiconductor, Inc. - * - * This file is part of linux cryptodev. - * -@@ -144,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - if (alg->max_keysize > 0 && - unlikely((keylen < alg->min_keysize) || - (keylen > alg->max_keysize))) { -- ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.", -+ ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", - keylen, alg_name, alg->min_keysize, alg->max_keysize); - ret = -EINVAL; - goto error; -@@ -171,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - } - - if (unlikely(ret)) { -- ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8); -+ ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); - ret = -EINVAL; - goto error; - } -@@ -338,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, - if (hmac_mode != 0) { - ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen); - if (unlikely(ret)) { -- ddebug(1, "Setting hmac key failed for %s-%zu.", -+ ddebug(1, "Setting hmac key failed for %s-%u.", - alg_name, mackeylen*8); - ret = -EINVAL; - goto error; -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index d0cc542..e7edd97 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -234,6 +234,13 @@ struct crypt_auth_op { - #define CRYPTO_ALG_FLAG_RNG_ENABLE 2 - #define CRYPTO_ALG_FLAG_DSA_SHA 4 - -+enum ec_curve_t { -+ EC_DISCRETE_LOG, -+ EC_PRIME, -+ EC_BINARY, -+ MAX_EC_TYPE -+}; -+ - struct crparam { - __u8 *crp_p; - __u32 crp_nbits; -@@ -249,7 +256,7 @@ struct crypt_kop { - __u16 crk_oparams; - __u32 crk_pad1; - struct crparam crk_param[CRK_MAXPARAM]; -- enum curve_t curve_type; /* 0 == Discrete Log, -+ enum ec_curve_t curve_type; /* 0 == Discrete Log, - 1 = EC_PRIME, 2 = EC_BINARY */ - void *cookie; - }; -diff --git a/cryptodev_int.h b/cryptodev_int.h -index 5347cae..c83c885 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -88,7 +88,7 @@ struct compat_crypt_kop { - uint16_t crk_oparams; - uint32_t crk_pad1; - struct compat_crparam crk_param[CRK_MAXPARAM]; -- enum curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, -+ enum ec_curve_t curve_type; /* 0 == Discrete Log, 1 = EC_PRIME, - 2 = EC_BINARY */ - compat_uptr_t cookie; - }; -diff --git a/ioctl.c b/ioctl.c -index 3762a47..c97320b 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -4,7 +4,7 @@ - * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs - * Copyright (c) 2009,2010,2011 Nikos Mavrogiannopoulos <nmav@gnutls.org> - * Copyright (c) 2010 Phil Sutter -- * Copyright 2012 Freescale Semiconductor, Inc. -+ * Copyright 2012-2014 Freescale Semiconductor, Inc. - * - * This file is part of linux cryptodev. - * -@@ -501,6 +501,7 @@ cryptodev_open(struct inode *inode, struct file *filp) - INIT_LIST_HEAD(&pcr->done.list); - INIT_LIST_HEAD(&pcr->asym_completed_list); - spin_lock_init(&pcr->completion_lock); -+ - INIT_WORK(&pcr->cryptask, cryptask_routine); - - init_waitqueue_head(&pcr->user_waiter); -@@ -780,8 +781,11 @@ static int fill_kcop_from_cop(struct kernel_crypt_op *kcop, struct fcrypt *fcr) - - if (cop->iv) { - rc = copy_from_user(kcop->iv, cop->iv, kcop->ivlen); -- if (unlikely(rc)) -+ if (unlikely(rc)) { -+ derr(1, "error copying IV (%d bytes), copy_from_user returned %d for address %p", -+ kcop->ivlen, rc, cop->iv); - return -EFAULT; -+ } - } - - return 0; -diff --git a/main.c b/main.c -index 14dcf40..6365911 100644 ---- a/main.c -+++ b/main.c -@@ -3,6 +3,7 @@ - * - * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs - * Copyright (c) 2009-2013 Nikos Mavrogiannopoulos <nmav@gnutls.org> -+ * Copyright (c) 2014 Freescale Semiconductor, Inc. - * - * This file is part of linux cryptodev. - * --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch b/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch deleted file mode 100644 index 2032159..0000000 --- a/recipes-kernel/cryptodev/files/0010-add-support-for-composite-TLS10-SHA1-3DES-algorithm-.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 55ee0ae703a68db74a492f5910937260502b9602 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus <tudor.ambarus@freescale.com> -Date: Tue, 10 Jun 2014 08:27:59 +0300 -Subject: [PATCH 10/15] add support for composite TLS10(SHA1,3DES) algorithm - offload - -This adds support for composite algorithm offload in a single crypto -(cipher + hmac) operation. - -It requires either software or hardware TLS support in the Linux kernel -and can be used with Freescale B*, P* and T* platforms that have support -for hardware TLS acceleration. - -Change-Id: Ibce0ceb4174809c9c96b453cd3202bc5220ff084 -Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> -Reviewed-on: http://git.am.freescale.net:8181/34000 -Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> -Tested-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - crypto/cryptodev.h | 1 + - ioctl.c | 5 +++++ - 2 files changed, 6 insertions(+) - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index e7edd97..07f40b2 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -55,6 +55,7 @@ enum cryptodev_crypto_op_t { - CRYPTO_SHA2_512, - CRYPTO_SHA2_224_HMAC, - CRYPTO_TLS10_AES_CBC_HMAC_SHA1, -+ CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, - CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ - }; - -diff --git a/ioctl.c b/ioctl.c -index c97320b..574e913 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -191,6 +191,11 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) - stream = 0; - aead = 1; - break; -+ case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: -+ alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; -+ stream = 0; -+ aead = 1; -+ break; - case CRYPTO_NULL: - alg_name = "ecb(cipher_null)"; - stream = 1; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch b/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch deleted file mode 100644 index 37862b5..0000000 --- a/recipes-kernel/cryptodev/files/0011-add-support-for-TLSv1.1-record-offload.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 06cca15fd0412ae872c2b2c5d50216e1eb34fc50 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus <tudor.ambarus@freescale.com> -Date: Tue, 31 Mar 2015 16:15:47 +0300 -Subject: [PATCH 11/15] add support for TLSv1.1 record offload - -This adds support for composite algorithm offload in a single crypto -(cipher + hmac) operation. - -Supported cipher suites: -- 3des-ede-cbc-sha -- aes-128-cbc-hmac-sha -- aes-256-cbc-hmac-sha - -It requires either software or hardware TLS support in the Linux kernel -and can be used with Freescale B*, P* and T* platforms that have support -for hardware TLS acceleration. - -Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> -Change-Id: Ia5f3fa7ec090d5643d71b0f608c68a274ec6b51f -Reviewed-on: http://git.am.freescale.net:8181/33998 -Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> -Tested-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - crypto/cryptodev.h | 4 +++- - ioctl.c | 14 ++++++++++++-- - 2 files changed, 15 insertions(+), 3 deletions(-) - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 07f40b2..61e8599 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -54,8 +54,10 @@ enum cryptodev_crypto_op_t { - CRYPTO_SHA2_384, - CRYPTO_SHA2_512, - CRYPTO_SHA2_224_HMAC, -- CRYPTO_TLS10_AES_CBC_HMAC_SHA1, - CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, -+ CRYPTO_TLS10_AES_CBC_HMAC_SHA1, -+ CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, -+ CRYPTO_TLS11_AES_CBC_HMAC_SHA1, - CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ - }; - -diff --git a/ioctl.c b/ioctl.c -index 574e913..ba82387 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -186,13 +186,23 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) - stream = 1; - aead = 1; - break; -+ case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: -+ alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; -+ stream = 0; -+ aead = 1; -+ break; - case CRYPTO_TLS10_AES_CBC_HMAC_SHA1: - alg_name = "tls10(hmac(sha1),cbc(aes))"; - stream = 0; - aead = 1; - break; -- case CRYPTO_TLS10_3DES_CBC_HMAC_SHA1: -- alg_name = "tls10(hmac(sha1),cbc(des3_ede))"; -+ case CRYPTO_TLS11_3DES_CBC_HMAC_SHA1: -+ alg_name = "tls11(hmac(sha1),cbc(des3_ede))"; -+ stream = 0; -+ aead = 1; -+ break; -+ case CRYPTO_TLS11_AES_CBC_HMAC_SHA1: -+ alg_name = "tls11(hmac(sha1),cbc(aes))"; - stream = 0; - aead = 1; - break; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch b/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch deleted file mode 100644 index 6aa672a..0000000 --- a/recipes-kernel/cryptodev/files/0012-add-support-for-TLSv1.2-record-offload.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 15999e402dd7472cafe51be3fd0ce66433ca924b Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus <tudor.ambarus@freescale.com> -Date: Tue, 31 Mar 2015 16:16:28 +0300 -Subject: [PATCH 12/15] add support for TLSv1.2 record offload - -This adds support for composite algorithm offload in a single crypto -(cipher + hmac) operation. - -Supported cipher suites: -- 3des-ede-cbc-sha -- aes-128-cbc-hmac-sha -- aes-256-cbc-hmac-sha -- aes-128-cbc-hmac-sha256 -- aes-256-cbc-hmac-sha256 - -It requires either software or hardware TLS support in the Linux kernel -and can be used with Freescale B*, P* and T* platforms that have support -for hardware TLS acceleration. - -Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> -Change-Id: I21f45993505fc3dad09848a13aa20f778a7c2de0 -Reviewed-on: http://git.am.freescale.net:8181/33999 -Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> -Tested-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - crypto/cryptodev.h | 3 +++ - ioctl.c | 15 +++++++++++++++ - 2 files changed, 18 insertions(+) - -diff --git a/crypto/cryptodev.h b/crypto/cryptodev.h -index 61e8599..f6058ca 100644 ---- a/crypto/cryptodev.h -+++ b/crypto/cryptodev.h -@@ -58,6 +58,9 @@ enum cryptodev_crypto_op_t { - CRYPTO_TLS10_AES_CBC_HMAC_SHA1, - CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, - CRYPTO_TLS11_AES_CBC_HMAC_SHA1, -+ CRYPTO_TLS12_3DES_CBC_HMAC_SHA1, -+ CRYPTO_TLS12_AES_CBC_HMAC_SHA1, -+ CRYPTO_TLS12_AES_CBC_HMAC_SHA256, - CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ - }; - -diff --git a/ioctl.c b/ioctl.c -index ba82387..fb4c4e3 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -206,6 +206,21 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) - stream = 0; - aead = 1; - break; -+ case CRYPTO_TLS12_3DES_CBC_HMAC_SHA1: -+ alg_name = "tls12(hmac(sha1),cbc(des3_ede))"; -+ stream = 0; -+ aead = 1; -+ break; -+ case CRYPTO_TLS12_AES_CBC_HMAC_SHA1: -+ alg_name = "tls12(hmac(sha1),cbc(aes))"; -+ stream = 0; -+ aead = 1; -+ break; -+ case CRYPTO_TLS12_AES_CBC_HMAC_SHA256: -+ alg_name = "tls12(hmac(sha256),cbc(aes))"; -+ stream = 0; -+ aead = 1; -+ break; - case CRYPTO_NULL: - alg_name = "ecb(cipher_null)"; - stream = 1; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch b/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch deleted file mode 100644 index 86cf6a2..0000000 --- a/recipes-kernel/cryptodev/files/0013-clean-up-code-layout.patch +++ /dev/null @@ -1,186 +0,0 @@ -From 39abcb9cea60540528e848d6c66169c36d666861 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica <cristian.stoica@freescale.com> -Date: Fri, 20 Feb 2015 12:46:58 +0200 -Subject: [PATCH 13/15] clean-up code layout - -Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> -Change-Id: I92c2f4baeed9470a2c3c42b592d878e65918b0af -Reviewed-on: http://git.am.freescale.net:8181/34222 ---- - cryptlib.c | 11 ++++------- - ioctl.c | 55 +++++++++++++++++++++---------------------------------- - main.c | 4 +--- - 3 files changed, 26 insertions(+), 44 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index ec6693e..21e691b 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -434,7 +434,7 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) - return waitfor(hdata->async.result, ret); - } - --int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) -+int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - { - int ret = 0; - struct pkc_request *pkc_req = &pkc->req, *pkc_requested; -@@ -445,8 +445,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - case RSA_PRIV_FORM1: - case RSA_PRIV_FORM2: - case RSA_PRIV_FORM3: -- pkc->s = crypto_alloc_pkc("pkc(rsa)", -- CRYPTO_ALG_TYPE_PKC_RSA, 0); -+ pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0); - break; - case DSA_SIGN: - case DSA_VERIFY: -@@ -454,13 +453,11 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - case ECDSA_VERIFY: - case DLC_KEYGEN: - case ECC_KEYGEN: -- pkc->s = crypto_alloc_pkc("pkc(dsa)", -- CRYPTO_ALG_TYPE_PKC_DSA, 0); -+ pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0); - break; - case DH_COMPUTE_KEY: - case ECDH_COMPUTE_KEY: -- pkc->s = crypto_alloc_pkc("pkc(dh)", -- CRYPTO_ALG_TYPE_PKC_DH, 0); -+ pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0); - break; - default: - return -EINVAL; -diff --git a/ioctl.c b/ioctl.c -index fb4c4e3..ee0486c 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -714,16 +714,13 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - case CRK_MOD_EXP: - { - struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; -- copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, -- rsa_req->g_len); -+ copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); - } - break; - case CRK_MOD_EXP_CRT: - { -- struct rsa_priv_frm3_req_s *rsa_req = -- &pkc_req->req_u.rsa_priv_f3; -- copy_to_user(ckop->crk_param[6].crp_p, -- rsa_req->f, rsa_req->f_len); -+ struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3; -+ copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); - } - break; - case CRK_DSA_SIGN: -@@ -731,15 +728,11 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; - - if (pkc_req->type == ECDSA_SIGN) { -- copy_to_user(ckop->crk_param[6].crp_p, -- dsa_req->c, dsa_req->d_len); -- copy_to_user(ckop->crk_param[7].crp_p, -- dsa_req->d, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); - } else { -- copy_to_user(ckop->crk_param[5].crp_p, -- dsa_req->c, dsa_req->d_len); -- copy_to_user(ckop->crk_param[6].crp_p, -- dsa_req->d, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len); -+ copy_to_user(ckop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); - } - } - break; -@@ -749,11 +742,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - { - struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; - if (pkc_req->type == ECDH_COMPUTE_KEY) -- copy_to_user(ckop->crk_param[4].crp_p, -- dh_req->z, dh_req->z_len); -+ copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); - else -- copy_to_user(ckop->crk_param[3].crp_p, -- dh_req->z, dh_req->z_len); -+ copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); - } - break; - case CRK_DSA_GENERATE_KEY: -@@ -763,14 +754,14 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - - if (pkc_req->type == ECC_KEYGEN) { - copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, -- key_req->pub_key_len); -- copy_to_user(ckop->crk_param[5].crp_p, -- key_req->priv_key, key_req->priv_key_len); -+ key_req->pub_key_len); -+ copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, -+ key_req->priv_key_len); - } else { -- copy_to_user(ckop->crk_param[3].crp_p, -- key_req->pub_key, key_req->pub_key_len); -- copy_to_user(ckop->crk_param[4].crp_p, -- key_req->priv_key, key_req->priv_key_len); -+ copy_to_user(ckop->crk_param[3].crp_p, key_req->pub_key, -+ key_req->pub_key_len); -+ copy_to_user(ckop->crk_param[4].crp_p, key_req->priv_key, -+ key_req->priv_key_len); - } - } - default: -@@ -1113,16 +1104,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - if (!list_empty(&pcr->asym_completed_list)) { - /* Run a loop in the list for upto elements - and copy their response back */ -- pkc = -- list_first_entry(&pcr->asym_completed_list, -+ pkc = list_first_entry(&pcr->asym_completed_list, - struct cryptodev_pkc, list); - list_del(&pkc->list); - spin_unlock_bh(&pcr->completion_lock); - ret = crypto_async_fetch_asym(pkc); - if (!ret) { - cookie_list.cookie_available++; -- cookie_list.cookie[i] = -- pkc->kop.kop.cookie; -+ cookie_list.cookie[i] = pkc->kop.kop.cookie; - cookie_list.status[i] = pkc->result.err; - } - kfree(pkc); -@@ -1133,12 +1122,10 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - } - - /* Reflect the updated request to user-space */ -- if (cookie_list.cookie_available) -- copy_to_user(arg, &cookie_list, -- sizeof(struct pkc_cookie_list_s)); -- else { -+ if (cookie_list.cookie_available) { -+ copy_to_user(arg, &cookie_list, sizeof(struct pkc_cookie_list_s)); -+ } else { - struct pkc_cookie_list_s *user_ck_list = (void *)arg; -- - put_user(0, &(user_ck_list->cookie_available)); - } - ret = cookie_list.cookie_available; -diff --git a/main.c b/main.c -index 6365911..af66553 100644 ---- a/main.c -+++ b/main.c -@@ -666,9 +666,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) - if (pkc->type == SYNCHRONOUS) { - if (rc) - goto err; -- -- copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, -- rsa_req->g_len); -+ copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); - } else { - if (rc != -EINPROGRESS && rc != 0) - goto err; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch b/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch deleted file mode 100644 index b9e9d2b..0000000 --- a/recipes-kernel/cryptodev/files/0014-remove-redundant-data-copy-for-pkc-operations.patch +++ /dev/null @@ -1,494 +0,0 @@ -From 34e765977633b5f81845c0183af6d388d8225f00 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica <cristian.stoica@freescale.com> -Date: Mon, 23 Feb 2015 12:14:07 +0200 -Subject: [PATCH 14/15] remove redundant data copy for pkc operations - -This patch removes a copy of a pkc request that was -allocated on the hot-path. The copy was not necessary -and was just slowing things down. - -Change-Id: I3ad85f78c188f100ab9fc03a5777bb704a9dcb63 -Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> -Reviewed-on: http://git.am.freescale.net:8181/34223 ---- - cryptlib.c | 49 +++---------------- - cryptlib.h | 3 +- - ioctl.c | 17 +++---- - main.c | 162 +++++++++++++++++++++++++++++++++++++------------------------ - 4 files changed, 113 insertions(+), 118 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 21e691b..5882a30 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -436,59 +436,22 @@ int cryptodev_hash_final(struct hash_data *hdata, void *output) - - int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - { -- int ret = 0; -- struct pkc_request *pkc_req = &pkc->req, *pkc_requested; -- -- switch (pkc_req->type) { -- case RSA_KEYGEN: -- case RSA_PUB: -- case RSA_PRIV_FORM1: -- case RSA_PRIV_FORM2: -- case RSA_PRIV_FORM3: -- pkc->s = crypto_alloc_pkc("pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0); -- break; -- case DSA_SIGN: -- case DSA_VERIFY: -- case ECDSA_SIGN: -- case ECDSA_VERIFY: -- case DLC_KEYGEN: -- case ECC_KEYGEN: -- pkc->s = crypto_alloc_pkc("pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0); -- break; -- case DH_COMPUTE_KEY: -- case ECDH_COMPUTE_KEY: -- pkc->s = crypto_alloc_pkc("pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0); -- break; -- default: -- return -EINVAL; -- } -- -- if (IS_ERR_OR_NULL(pkc->s)) -- return -EINVAL; -+ int ret; - - init_completion(&pkc->result.completion); -- pkc_requested = pkc_request_alloc(pkc->s, GFP_KERNEL); -- -- if (unlikely(IS_ERR_OR_NULL(pkc_requested))) { -- ret = -ENOMEM; -- goto error; -- } -- pkc_requested->type = pkc_req->type; -- pkc_requested->curve_type = pkc_req->curve_type; -- memcpy(&pkc_requested->req_u, &pkc_req->req_u, sizeof(pkc_req->req_u)); -- pkc_request_set_callback(pkc_requested, CRYPTO_TFM_REQ_MAY_BACKLOG, -+ pkc_request_set_callback(pkc->req, CRYPTO_TFM_REQ_MAY_BACKLOG, - cryptodev_complete_asym, pkc); -- ret = crypto_pkc_op(pkc_requested); -+ ret = crypto_pkc_op(pkc->req); - if (ret != -EINPROGRESS && ret != 0) -- goto error2; -+ goto error; - - if (pkc->type == SYNCHRONOUS) - ret = waitfor(&pkc->result, ret); - - return ret; --error2: -- kfree(pkc_requested); -+ - error: -+ kfree(pkc->req); - crypto_free_pkc(pkc->s); - return ret; - } -diff --git a/cryptlib.h b/cryptlib.h -index 7ffa54c..4fac0c8 100644 ---- a/cryptlib.h -+++ b/cryptlib.h -@@ -110,8 +110,7 @@ struct cryptodev_pkc { - struct crypto_pkc *s; /* Transform pointer from CryptoAPI */ - struct cryptodev_result result; /* Result to be updated by - completion handler */ -- struct pkc_request req; /* PKC request structure allocated -- from CryptoAPI */ -+ struct pkc_request *req; /* PKC request allocated from CryptoAPI */ - enum offload_type type; /* Synchronous Vs Asynchronous request */ - /* - * cookie used for transfering tranparent information from async -diff --git a/ioctl.c b/ioctl.c -index ee0486c..797b73c 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -708,26 +708,25 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - int ret = 0; - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *ckop = &kop->kop; -- struct pkc_request *pkc_req = &pkc->req; - - switch (ckop->crk_op) { - case CRK_MOD_EXP: - { -- struct rsa_pub_req_s *rsa_req = &pkc_req->req_u.rsa_pub_req; -+ struct rsa_pub_req_s *rsa_req = &pkc->req->req_u.rsa_pub_req; - copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); - } - break; - case CRK_MOD_EXP_CRT: - { -- struct rsa_priv_frm3_req_s *rsa_req = &pkc_req->req_u.rsa_priv_f3; -+ struct rsa_priv_frm3_req_s *rsa_req = &pkc->req->req_u.rsa_priv_f3; - copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); - } - break; - case CRK_DSA_SIGN: - { -- struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; -+ struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; - -- if (pkc_req->type == ECDSA_SIGN) { -+ if (pkc->req->type == ECDSA_SIGN) { - copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); - copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); - } else { -@@ -740,8 +739,8 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - break; - case CRK_DH_COMPUTE_KEY: - { -- struct dh_key_req_s *dh_req = &pkc_req->req_u.dh_req; -- if (pkc_req->type == ECDH_COMPUTE_KEY) -+ struct dh_key_req_s *dh_req = &pkc->req->req_u.dh_req; -+ if (pkc->req->type == ECDH_COMPUTE_KEY) - copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); - else - copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); -@@ -750,9 +749,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - case CRK_DSA_GENERATE_KEY: - case CRK_DH_GENERATE_KEY: - { -- struct keygen_req_s *key_req = &pkc_req->req_u.keygen; -+ struct keygen_req_s *key_req = &pkc->req->req_u.keygen; - -- if (pkc_req->type == ECC_KEYGEN) { -+ if (pkc->req->type == ECC_KEYGEN) { - copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, - key_req->pub_key_len); - copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, -diff --git a/main.c b/main.c -index af66553..ed1c69a 100644 ---- a/main.c -+++ b/main.c -@@ -186,8 +186,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req = &pkc->req; -- struct dsa_sign_req_s *dsa_req = &pkc_req->req_u.dsa_sign; -+ struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; - int rc, buf_size; - uint8_t *buf; - -@@ -210,10 +209,7 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) - if (cop->crk_iparams == 6) { - dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; - buf_size += dsa_req->ab_len; -- pkc_req->type = ECDSA_SIGN; -- pkc_req->curve_type = cop->curve_type; -- } else { -- pkc_req->type = DSA_SIGN; -+ pkc->req->curve_type = cop->curve_type; - } - - buf = kmalloc(buf_size, GFP_DMA); -@@ -269,7 +265,6 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct dsa_verify_req_s *dsa_req; - int rc, buf_size; - uint8_t *buf; -@@ -281,8 +276,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) - !cop->crk_param[7].crp_nbits)) - return -EINVAL; - -- pkc_req = &pkc->req; -- dsa_req = &pkc_req->req_u.dsa_verify; -+ dsa_req = &pkc->req->req_u.dsa_verify; - dsa_req->m_len = (cop->crk_param[0].crp_nbits + 7)/8; - dsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; - dsa_req->r_len = (cop->crk_param[2].crp_nbits + 7)/8; -@@ -295,10 +289,7 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) - if (cop->crk_iparams == 8) { - dsa_req->ab_len = (cop->crk_param[5].crp_nbits + 7)/8; - buf_size += dsa_req->ab_len; -- pkc_req->type = ECDSA_VERIFY; -- pkc_req->curve_type = cop->curve_type; -- } else { -- pkc_req->type = DSA_VERIFY; -+ pkc->req->curve_type = cop->curve_type; - } - - buf = kmalloc(buf_size, GFP_DMA); -@@ -351,7 +342,6 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct rsa_keygen_req_s *key_req; - int rc, buf_size; - uint8_t *buf; -@@ -362,9 +352,7 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) - !cop->crk_param[6].crp_nbits) - return -EINVAL; - -- pkc_req = &pkc->req; -- pkc_req->type = RSA_KEYGEN; -- key_req = &pkc_req->req_u.rsa_keygen; -+ key_req = &pkc->req->req_u.rsa_keygen; - key_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; - key_req->p_len = (cop->crk_param[0].crp_nbits + 7) / 8; - key_req->q_len = (cop->crk_param[1].crp_nbits + 7) / 8; -@@ -427,7 +415,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct keygen_req_s *key_req; - int rc, buf_size; - uint8_t *buf; -@@ -437,8 +424,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - !cop->crk_param[4].crp_nbits) - return -EINVAL; - -- pkc_req = &pkc->req; -- key_req = &pkc_req->req_u.keygen; -+ key_req = &pkc->req->req_u.keygen; - key_req->q_len = (cop->crk_param[0].crp_nbits + 7)/8; - key_req->r_len = (cop->crk_param[1].crp_nbits + 7)/8; - key_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; -@@ -447,7 +433,6 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - key_req->priv_key_len = (cop->crk_param[4].crp_nbits + 7)/8; - buf_size = key_req->q_len + key_req->r_len + key_req->g_len + - key_req->pub_key_len + key_req->priv_key_len; -- pkc_req->type = DLC_KEYGEN; - } else { - key_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; - key_req->pub_key_len = (cop->crk_param[4].crp_nbits + 7)/8; -@@ -455,8 +440,7 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - buf_size = key_req->q_len + key_req->r_len + key_req->g_len + - key_req->pub_key_len + key_req->priv_key_len + - key_req->ab_len; -- pkc_req->type = ECC_KEYGEN; -- pkc_req->curve_type = cop->curve_type; -+ pkc->req->curve_type = cop->curve_type; - } - - buf = kmalloc(buf_size, GFP_DMA); -@@ -508,26 +492,22 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct dh_key_req_s *dh_req; - int buf_size; - uint8_t *buf; - int rc = -EINVAL; - -- pkc_req = &pkc->req; -- dh_req = &pkc_req->req_u.dh_req; -+ dh_req = &pkc->req->req_u.dh_req; - dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; - dh_req->pub_key_len = (cop->crk_param[1].crp_nbits + 7)/8; - dh_req->q_len = (cop->crk_param[2].crp_nbits + 7)/8; - buf_size = dh_req->q_len + dh_req->pub_key_len + dh_req->s_len; - if (cop->crk_iparams == 4) { -- pkc_req->type = ECDH_COMPUTE_KEY; - dh_req->ab_len = (cop->crk_param[3].crp_nbits + 7)/8; - dh_req->z_len = (cop->crk_param[4].crp_nbits + 7)/8; - buf_size += dh_req->ab_len; - } else { - dh_req->z_len = (cop->crk_param[3].crp_nbits + 7)/8; -- pkc_req->type = DH_COMPUTE_KEY; - } - buf_size += dh_req->z_len; - buf = kmalloc(buf_size, GFP_DMA); -@@ -539,7 +519,7 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - dh_req->z = dh_req->pub_key + dh_req->pub_key_len; - if (cop->crk_iparams == 4) { - dh_req->ab = dh_req->z + dh_req->z_len; -- pkc_req->curve_type = cop->curve_type; -+ pkc->req->curve_type = cop->curve_type; - copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, - dh_req->ab_len); - } -@@ -573,7 +553,6 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) - { - struct kernel_crypt_kop *kop = &pkc->kop; - struct crypt_kop *cop = &kop->kop; -- struct pkc_request *pkc_req; - struct rsa_priv_frm3_req_s *rsa_req; - int rc; - uint8_t *buf; -@@ -583,9 +562,7 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) - !cop->crk_param[4].crp_nbits || !cop->crk_param[5].crp_nbits) - return -EINVAL; - -- pkc_req = &pkc->req; -- pkc_req->type = RSA_PRIV_FORM3; -- rsa_req = &pkc_req->req_u.rsa_priv_f3; -+ rsa_req = &pkc->req->req_u.rsa_priv_f3; - rsa_req->p_len = (cop->crk_param[0].crp_nbits + 7)/8; - rsa_req->q_len = (cop->crk_param[1].crp_nbits + 7)/8; - rsa_req->g_len = (cop->crk_param[2].crp_nbits + 7)/8; -@@ -632,7 +609,6 @@ err: - - int crypto_bn_modexp(struct cryptodev_pkc *pkc) - { -- struct pkc_request *pkc_req; - struct rsa_pub_req_s *rsa_req; - int rc; - struct kernel_crypt_kop *kop = &pkc->kop; -@@ -643,9 +619,7 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) - !cop->crk_param[2].crp_nbits || !cop->crk_param[3].crp_nbits) - return -EINVAL; - -- pkc_req = &pkc->req; -- pkc_req->type = RSA_PUB; -- rsa_req = &pkc_req->req_u.rsa_pub_req; -+ rsa_req = &pkc->req->req_u.rsa_pub_req; - rsa_req->f_len = (cop->crk_param[0].crp_nbits + 7)/8; - rsa_req->e_len = (cop->crk_param[1].crp_nbits + 7)/8; - rsa_req->n_len = (cop->crk_param[2].crp_nbits + 7)/8; -@@ -680,56 +654,116 @@ err: - return rc; - } - -+static struct { -+ char *alg_name; -+ u32 type; -+ u32 mask; -+} pkc_alg_list[] = { -+ {"pkc(rsa)", CRYPTO_ALG_TYPE_PKC_RSA, 0}, -+ {"pkc(dsa)", CRYPTO_ALG_TYPE_PKC_DSA, 0}, -+ {"pkc(dh)", CRYPTO_ALG_TYPE_PKC_DH, 0}, -+}; -+ - int crypto_run_asym(struct cryptodev_pkc *pkc) - { -- int ret = -EINVAL; -+ int err = -EINVAL; -+ int id; - struct kernel_crypt_kop *kop = &pkc->kop; -+ enum pkc_req_type pkc_req_type; -+ int (*call_next_action)(struct cryptodev_pkc *pkc); - - switch (kop->kop.crk_op) { - case CRK_MOD_EXP: - if (kop->kop.crk_iparams != 3 && kop->kop.crk_oparams != 1) -- goto err; -- -- ret = crypto_bn_modexp(pkc); -+ return err; -+ pkc_req_type = RSA_PUB; -+ id = 0; -+ call_next_action = crypto_bn_modexp; - break; - case CRK_MOD_EXP_CRT: - if (kop->kop.crk_iparams != 6 && kop->kop.crk_oparams != 1) -- goto err; -- -- ret = crypto_modexp_crt(pkc); -+ return err; -+ pkc_req_type = RSA_PRIV_FORM3; -+ id = 0; -+ call_next_action = crypto_modexp_crt; - break; - case CRK_DSA_SIGN: -- if ((kop->kop.crk_iparams != 5 && kop->kop.crk_iparams != 6) || -- kop->kop.crk_oparams != 2) -- goto err; -- -- ret = crypto_kop_dsasign(pkc); -+ if (kop->kop.crk_oparams != 2) -+ return err; -+ else if (kop->kop.crk_iparams == 5) -+ pkc_req_type = DSA_SIGN; -+ else if (kop->kop.crk_iparams == 6) -+ pkc_req_type = ECDSA_SIGN; -+ else -+ return err; -+ id = 1; -+ call_next_action = crypto_kop_dsasign; - break; - case CRK_DSA_VERIFY: -- if ((kop->kop.crk_iparams != 7 && kop->kop.crk_iparams != 8) || -- kop->kop.crk_oparams != 0) -- goto err; -- -- ret = crypto_kop_dsaverify(pkc); -+ if (kop->kop.crk_oparams != 0) -+ return err; -+ else if (kop->kop.crk_iparams == 7) -+ pkc_req_type = DSA_VERIFY; -+ else if (kop->kop.crk_iparams == 8) -+ pkc_req_type = ECDSA_VERIFY; -+ else -+ return err; -+ id = 1; -+ call_next_action = crypto_kop_dsaverify; - break; - case CRK_DH_COMPUTE_KEY: -- if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4) || -- kop->kop.crk_oparams != 1) -- goto err; -- ret = crypto_kop_dh_key(pkc); -+ if (kop->kop.crk_oparams != 1) -+ return err; -+ else if (kop->kop.crk_iparams == 3) -+ pkc_req_type = DH_COMPUTE_KEY; -+ else if (kop->kop.crk_iparams == 4) -+ pkc_req_type = ECDH_COMPUTE_KEY; -+ else -+ return err; -+ id = 2; -+ call_next_action = crypto_kop_dh_key; - break; - case CRK_DH_GENERATE_KEY: - case CRK_DSA_GENERATE_KEY: -- if ((kop->kop.crk_iparams != 3 && kop->kop.crk_iparams != 4)) -- goto err; -- ret = crypto_kop_keygen(pkc); -+ if (kop->kop.crk_iparams == 3) -+ pkc_req_type = DLC_KEYGEN; -+ else if (kop->kop.crk_iparams == 4) -+ pkc_req_type = ECC_KEYGEN; -+ else -+ return err; -+ id = 1; -+ call_next_action = crypto_kop_keygen; - break; - case CRK_RSA_GENERATE_KEY: -- ret = crypto_kop_rsa_keygen(pkc); -+ pkc_req_type = RSA_KEYGEN; -+ id = 0; -+ call_next_action = crypto_kop_rsa_keygen; - break; -+ default: -+ return err; - } --err: -- return ret; -+ err = -ENOMEM; -+ pkc->s = crypto_alloc_pkc(pkc_alg_list[id].alg_name, -+ pkc_alg_list[id].type, -+ pkc_alg_list[id].mask); -+ if (IS_ERR_OR_NULL(pkc->s)) -+ return err; -+ -+ pkc->req = pkc_request_alloc(pkc->s, GFP_KERNEL); -+ if (IS_ERR_OR_NULL(pkc->req)) -+ goto out_free_tfm; -+ -+ /* todo - fix alloc-free on error path */ -+ pkc->req->type = pkc_req_type; -+ err = call_next_action(pkc); -+ if (pkc->type == SYNCHRONOUS) -+ kfree(pkc->req); -+ -+ return err; -+ -+out_free_tfm: -+ crypto_free_pkc(pkc->s); -+ return err; - } - - int crypto_run(struct fcrypt *fcr, struct kernel_crypt_op *kcop) --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch b/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch deleted file mode 100644 index 949fe12..0000000 --- a/recipes-kernel/cryptodev/files/0015-fix-pkc-request-deallocation.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 8361f99c940fbe270fca2112dae3d97c9a5776d6 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica <cristian.stoica@freescale.com> -Date: Mon, 23 Feb 2015 15:28:22 +0200 -Subject: [PATCH 15/15] fix pkc request deallocation - -The request to be freed is actually pkc->req, and should be done inside -the fetch ioctl for ASYNC (this patch) and in crypt ioctl for SYNC -operations. - -Change-Id: I6f046f2ebeae4cb513a419996ca96b52e37468ed -Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> -Reviewed-on: http://git.am.freescale.net:8181/34224 ---- - ioctl.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index 797b73c..da3a842 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -114,8 +114,6 @@ void cryptodev_complete_asym(struct crypto_async_request *req, int err) - /* wake for POLLIN */ - wake_up_interruptible(&pcr->user_waiter); - } -- -- kfree(req); - } - - #define FILL_SG(sg, ptr, len) \ -@@ -1113,6 +1111,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - cookie_list.cookie[i] = pkc->kop.kop.cookie; - cookie_list.status[i] = pkc->result.err; - } -+ kfree(pkc->req); - kfree(pkc); - } else { - spin_unlock_bh(&pcr->completion_lock); --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch b/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch deleted file mode 100644 index cefb6dc..0000000 --- a/recipes-kernel/cryptodev/files/0016-add-basic-detection-of-asym-features.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 586bc4a6cd1014c57364020013062f07a8861e38 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica <cristian.stoica@freescale.com> -Date: Mon, 20 Apr 2015 13:18:47 +0300 -Subject: [PATCH] add basic detection of asym features - -Change-Id: I3b3ba8664bf631a63be1f11e715024509e20f841 -Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - ioctl.c | 12 ++++++++---- - 1 file changed, 8 insertions(+), 4 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index da3a842..53dbf64 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -977,10 +977,14 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - - switch (cmd) { - case CIOCASYMFEAT: -- return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN | -- CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY | -- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY | -- CRF_RSA_GENERATE_KEY, p); -+ ses = 0; -+ if (crypto_has_alg("pkc(rsa)", 0, 0)) -+ ses = CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_RSA_GENERATE_KEY; -+ if (crypto_has_alg("pkc(dsa)", 0, 0)) -+ ses |= CRF_DSA_SIGN | CRF_DSA_VERIFY | CRF_DSA_GENERATE_KEY; -+ if (crypto_has_alg("pkc(dh)", 0, 0)) -+ ses |= CRF_DH_COMPUTE_KEY |CRF_DH_GENERATE_KEY; -+ return put_user(ses, p); - case CRIOGET: - fd = clonefd(filp); - ret = put_user(fd, p); --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch b/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch deleted file mode 100644 index b3c36b3..0000000 --- a/recipes-kernel/cryptodev/files/0017-remove-dead-code.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 0ca641091b4113d73e75d30ef530c88836849308 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus <tudor.ambarus@freescale.com> -Date: Fri, 29 May 2015 15:28:47 +0300 -Subject: [PATCH 17/20] remove dead code - -Functions kop_to_user and compat_kop_to_user are never used. Delete them -to avoid compiler warnings. - - -crypto/../../cryptodev-linux/ioctl.c:841:12: warning: 'kop_to_user' defined but not used [-Wunused-function] - static int kop_to_user(struct kernel_crypt_kop *kop, - ^ -crypto/../../cryptodev-linux/ioctl.c: At top level: -crypto/../../cryptodev-linux/ioctl.c:1195:12: warning: 'compat_kop_to_user' defined but not used [-Wunused-function] - static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) - ^ -Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> -Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> -Change-Id: I6bd8a7eb6144224a20cd400813ab15a7a192dbb1 -Reviewed-on: http://git.am.freescale.net:8181/37440 ---- - ioctl.c | 22 ---------------------- - 1 file changed, 22 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index 53dbf64..39635a4 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -838,16 +838,6 @@ static int kop_from_user(struct kernel_crypt_kop *kop, - return fill_kop_from_cop(kop); - } - --static int kop_to_user(struct kernel_crypt_kop *kop, -- void __user *arg) --{ -- if (unlikely(copy_to_user(arg, &kop->kop, sizeof(kop->kop)))) { -- dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); -- return -EFAULT; -- } -- return 0; --} -- - static int kcop_from_user(struct kernel_crypt_op *kcop, - struct fcrypt *fcr, void __user *arg) - { -@@ -1192,18 +1182,6 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop, - compat->curve_type = kop->curve_type; - } - --static int compat_kop_to_user(struct kernel_crypt_kop *kop, void __user *arg) --{ -- struct compat_crypt_kop compat_kop; -- -- crypt_kop_to_compat(&kop->kop, &compat_kop); -- if (unlikely(copy_to_user(arg, &compat_kop, sizeof(compat_kop)))) { -- dprintk(1, KERN_ERR, "Cannot copy to userspace\n"); -- return -EFAULT; -- } -- return 0; --} -- - static inline void - compat_to_session_op(struct compat_session_op *compat, struct session_op *sop) - { --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch b/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch deleted file mode 100644 index bf93f5b..0000000 --- a/recipes-kernel/cryptodev/files/0018-fix-compat-warnings.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 596378a22532908487f2c5e4d717c5ae618c4c7d Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus <tudor.ambarus@freescale.com> -Date: Tue, 2 Jun 2015 10:44:12 +0300 -Subject: [PATCH 18/20] fix compat warnings - - CC [M] crypto/../../cryptodev-linux/ioctl.o -crypto/../../cryptodev-linux/ioctl.c: In function 'compat_to_crypt_kop': -crypto/../../cryptodev-linux/ioctl.c:1161:14: warning: assignment makes pointer from integer without a cast - kop->cookie = compat->cookie; - ^ -crypto/../../cryptodev-linux/ioctl.c: In function 'crypt_kop_to_compat': -crypto/../../cryptodev-linux/ioctl.c:1191:17: warning: assignment makes integer from pointer without a cast - compat->cookie = kop->cookie; - ^ -crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl': -crypto/../../cryptodev-linux/ioctl.c:1430:28: warning: assignment makes integer from pointer without a cast - cookie_list.cookie[i] = - ^ - -Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> -Change-Id: Id851408c0c743c01447f3b0ced38fbc1ae94d4db -Reviewed-on: http://git.am.freescale.net:8181/37442 -Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> -Tested-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - ioctl.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index 39635a4..f3ce2f6 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -1148,7 +1148,7 @@ static inline void compat_to_crypt_kop(struct compat_crypt_kop *compat, - } - - kop->curve_type = compat->curve_type; -- kop->cookie = compat->cookie; -+ kop->cookie = compat_ptr(compat->cookie); - } - - static int compat_kop_from_user(struct kernel_crypt_kop *kop, -@@ -1178,7 +1178,7 @@ static inline void crypt_kop_to_compat(struct crypt_kop *kop, - ptr_to_compat(kop->crk_param[i].crp_p); - compat->crk_param[i].crp_nbits = kop->crk_param[i].crp_nbits; - } -- compat->cookie = kop->cookie; -+ compat->cookie = ptr_to_compat(kop->cookie); - compat->curve_type = kop->curve_type; - } - -@@ -1405,8 +1405,8 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - ret = crypto_async_fetch_asym(pkc); - if (!ret) { - cookie_list.cookie_available++; -- cookie_list.cookie[i] = -- pkc->kop.kop.cookie; -+ cookie_list.cookie[i] = ptr_to_compat( -+ pkc->kop.kop.cookie); - } - kfree(pkc); - } else { --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch b/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch deleted file mode 100644 index a71cff4..0000000 --- a/recipes-kernel/cryptodev/files/0019-fix-size_t-print-format.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 1d10f06bef0f07980a08b387850c1daf1d3a8e87 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus <tudor.ambarus@freescale.com> -Date: Tue, 2 Jun 2015 12:11:12 +0300 -Subject: [PATCH 19/20] fix size_t print format - - CC [M] crypto/../../cryptodev-linux/cryptlib.o -crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_cipher_init': -crypto/../../cryptodev-linux/cryptlib.c:146:5: warning: format '%u' expects argument of type 'unsigned int', but argument 6 has type 'size_t' [-Wformat=] - ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", - ^ -crypto/../../cryptodev-linux/cryptlib.c:173:3: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=] - ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); - ^ -crypto/../../cryptodev-linux/cryptlib.c: In function 'cryptodev_hash_init': -crypto/../../cryptodev-linux/cryptlib.c:340:4: warning: format '%u' expects argument of type 'unsigned int', but argument 7 has type 'size_t' [-Wformat=] - ddebug(1, "Setting hmac key failed for %s-%u.", - ^ - -Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> -Change-Id: I67f2d79f68b4d62b598073c6a918a110523fadfd -Reviewed-on: http://git.am.freescale.net:8181/37443 -Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> -Tested-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - cryptlib.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 5882a30..10f5e1a 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -143,7 +143,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - if (alg->max_keysize > 0 && - unlikely((keylen < alg->min_keysize) || - (keylen > alg->max_keysize))) { -- ddebug(1, "Wrong keylen '%u' for algorithm '%s'. Use %u to %u.", -+ ddebug(1, "Wrong keylen '%zu' for algorithm '%s'. Use %u to %u.", - keylen, alg_name, alg->min_keysize, alg->max_keysize); - ret = -EINVAL; - goto error; -@@ -170,7 +170,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - } - - if (unlikely(ret)) { -- ddebug(1, "Setting key failed for %s-%u.", alg_name, keylen*8); -+ ddebug(1, "Setting key failed for %s-%zu.", alg_name, keylen*8); - ret = -EINVAL; - goto error; - } -@@ -337,7 +337,7 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, - if (hmac_mode != 0) { - ret = crypto_ahash_setkey(hdata->async.s, mackey, mackeylen); - if (unlikely(ret)) { -- ddebug(1, "Setting hmac key failed for %s-%u.", -+ ddebug(1, "Setting hmac key failed for %s-%zu.", - alg_name, mackeylen*8); - ret = -EINVAL; - goto error; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch b/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch deleted file mode 100644 index a97a2d4..0000000 --- a/recipes-kernel/cryptodev/files/0020-fix-uninitialized-variable-compiler-warning.patch +++ /dev/null @@ -1,38 +0,0 @@ -From be9f6a0dc90847dbb00307d23f47b8b3fc3ff130 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus <tudor.ambarus@freescale.com> -Date: Fri, 29 May 2015 15:49:22 +0300 -Subject: [PATCH 20/20] fix uninitialized variable compiler warning - -crypto/../../cryptodev-linux/ioctl.c: In function 'cryptodev_compat_ioctl': -crypto/../../cryptodev-linux/ioctl.c:1445:2: warning: 'ret' may be used uninitialized in this function [-Wmaybe-uninitialized] - return ret; - ^ - -Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> -Change-Id: Id5226fc97a3bb880ca6db86df58957122bbaa428 -Reviewed-on: http://git.am.freescale.net:8181/37441 -Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> -Tested-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - ioctl.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/ioctl.c b/ioctl.c -index f3ce2f6..7cd3c56 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -1387,9 +1387,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - case COMPAT_CIOCASYMFETCHCOOKIE: - { - struct cryptodev_pkc *pkc; -- int i = 0; -+ int i; - struct compat_pkc_cookie_list_s cookie_list; - -+ ret = 0; - cookie_list.cookie_available = 0; - - for (i = 0; i < MAX_COOKIES; i++) { --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0021-check-return-codes-for-copy-to-from-user-functions.patch b/recipes-kernel/cryptodev/files/0021-check-return-codes-for-copy-to-from-user-functions.patch deleted file mode 100644 index 558d045..0000000 --- a/recipes-kernel/cryptodev/files/0021-check-return-codes-for-copy-to-from-user-functions.patch +++ /dev/null @@ -1,398 +0,0 @@ -From 4078382cfc69c0f5e582d485fe8cc778f9e458d1 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica <cristian.stoica@freescale.com> -Date: Mon, 21 Sep 2015 16:39:52 +0300 -Subject: [PATCH 21/23] check return codes for copy to/from user functions - -- these functions may fail and we should check their return codes. -- fix an unintended fall-through in CRK_DSA_GENERATE_KEY -- fix incorrect return code for CIOCASYMFETCHCOOKIE - -Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - ioctl.c | 42 +++++++-------- - main.c | 183 ++++++++++++++++++++++++++++++---------------------------------- - 2 files changed, 108 insertions(+), 117 deletions(-) - -diff --git a/ioctl.c b/ioctl.c -index 7cd3c56..8fa3e5c 100644 ---- a/ioctl.c -+++ b/ioctl.c -@@ -711,13 +711,13 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - case CRK_MOD_EXP: - { - struct rsa_pub_req_s *rsa_req = &pkc->req->req_u.rsa_pub_req; -- copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); -+ ret = copy_to_user(ckop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); - } - break; - case CRK_MOD_EXP_CRT: - { - struct rsa_priv_frm3_req_s *rsa_req = &pkc->req->req_u.rsa_priv_f3; -- copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); -+ ret = copy_to_user(ckop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); - } - break; - case CRK_DSA_SIGN: -@@ -725,11 +725,11 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - struct dsa_sign_req_s *dsa_req = &pkc->req->req_u.dsa_sign; - - if (pkc->req->type == ECDSA_SIGN) { -- copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len); -- copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); -+ ret = copy_to_user(ckop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len) || -+ copy_to_user(ckop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); - } else { -- copy_to_user(ckop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len); -- copy_to_user(ckop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); -+ ret = copy_to_user(ckop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len) || -+ copy_to_user(ckop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); - } - } - break; -@@ -739,9 +739,9 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - { - struct dh_key_req_s *dh_req = &pkc->req->req_u.dh_req; - if (pkc->req->type == ECDH_COMPUTE_KEY) -- copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); -+ ret = copy_to_user(ckop->crk_param[4].crp_p, dh_req->z, dh_req->z_len); - else -- copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); -+ ret = copy_to_user(ckop->crk_param[3].crp_p, dh_req->z, dh_req->z_len); - } - break; - case CRK_DSA_GENERATE_KEY: -@@ -750,16 +750,17 @@ static int crypto_async_fetch_asym(struct cryptodev_pkc *pkc) - struct keygen_req_s *key_req = &pkc->req->req_u.keygen; - - if (pkc->req->type == ECC_KEYGEN) { -- copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, -- key_req->pub_key_len); -- copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, -+ ret = copy_to_user(ckop->crk_param[4].crp_p, key_req->pub_key, -+ key_req->pub_key_len) || -+ copy_to_user(ckop->crk_param[5].crp_p, key_req->priv_key, - key_req->priv_key_len); - } else { -- copy_to_user(ckop->crk_param[3].crp_p, key_req->pub_key, -- key_req->pub_key_len); -- copy_to_user(ckop->crk_param[4].crp_p, key_req->priv_key, -+ ret = copy_to_user(ckop->crk_param[3].crp_p, key_req->pub_key, -+ key_req->pub_key_len) || -+ copy_to_user(ckop->crk_param[4].crp_p, key_req->priv_key, - key_req->priv_key_len); - } -+ break; - } - default: - ret = -EINVAL; -@@ -1115,14 +1116,12 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) - - /* Reflect the updated request to user-space */ - if (cookie_list.cookie_available) { -- copy_to_user(arg, &cookie_list, sizeof(struct pkc_cookie_list_s)); -+ ret = copy_to_user(arg, &cookie_list, sizeof(struct pkc_cookie_list_s)); - } else { - struct pkc_cookie_list_s *user_ck_list = (void *)arg; -- put_user(0, &(user_ck_list->cookie_available)); -+ ret = put_user(0, &(user_ck_list->cookie_available)); - } -- ret = cookie_list.cookie_available; - } -- - return ret; - default: - return -EINVAL; -@@ -1417,9 +1416,10 @@ cryptodev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg_) - } - - /* Reflect the updated request to user-space */ -- if (cookie_list.cookie_available) -- copy_to_user(arg, &cookie_list, -- sizeof(struct compat_pkc_cookie_list_s)); -+ if (cookie_list.cookie_available) { -+ ret = copy_to_user(arg, &cookie_list, -+ sizeof(struct compat_pkc_cookie_list_s)); -+ } - } - return ret; - default: -diff --git a/main.c b/main.c -index ed1c69a..e5adb93 100644 ---- a/main.c -+++ b/main.c -@@ -223,31 +223,29 @@ int crypto_kop_dsasign(struct cryptodev_pkc *pkc) - dsa_req->m = dsa_req->priv_key + dsa_req->priv_key_len; - dsa_req->c = dsa_req->m + dsa_req->m_len; - dsa_req->d = dsa_req->c + dsa_req->d_len; -- copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); -- copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); -- copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); -- copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); -- copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p, -- dsa_req->priv_key_len); -+ rc = copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len) || -+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len) || -+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len) || -+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len) || -+ copy_from_user(dsa_req->priv_key, cop->crk_param[4].crp_p, dsa_req->priv_key_len); - if (cop->crk_iparams == 6) { - dsa_req->ab = dsa_req->d + dsa_req->d_len; -- copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, -+ rc = rc || copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, - dsa_req->ab_len); - } -+ if (rc) -+ goto err; -+ - rc = cryptodev_pkc_offload(pkc); - if (pkc->type == SYNCHRONOUS) { -- if (rc) -- goto err; - if (cop->crk_iparams == 6) { -- copy_to_user(cop->crk_param[6].crp_p, dsa_req->c, -- dsa_req->d_len); -- copy_to_user(cop->crk_param[7].crp_p, dsa_req->d, -- dsa_req->d_len); -+ rc = rc || -+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->c, dsa_req->d_len) || -+ copy_to_user(cop->crk_param[7].crp_p, dsa_req->d, dsa_req->d_len); - } else { -- copy_to_user(cop->crk_param[5].crp_p, dsa_req->c, -- dsa_req->d_len); -- copy_to_user(cop->crk_param[6].crp_p, dsa_req->d, -- dsa_req->d_len); -+ rc = rc || -+ copy_to_user(cop->crk_param[5].crp_p, dsa_req->c, dsa_req->d_len) || -+ copy_to_user(cop->crk_param[6].crp_p, dsa_req->d, dsa_req->d_len); - } - } else { - if (rc != -EINPROGRESS && rc != 0) -@@ -303,31 +301,28 @@ int crypto_kop_dsaverify(struct cryptodev_pkc *pkc) - dsa_req->m = dsa_req->pub_key + dsa_req->pub_key_len; - dsa_req->c = dsa_req->m + dsa_req->m_len; - dsa_req->d = dsa_req->c + dsa_req->d_len; -- copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len); -- copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len); -- copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len); -- copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len); -- copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p, -- dsa_req->pub_key_len); -+ rc = copy_from_user(dsa_req->m, cop->crk_param[0].crp_p, dsa_req->m_len) || -+ copy_from_user(dsa_req->q, cop->crk_param[1].crp_p, dsa_req->q_len) || -+ copy_from_user(dsa_req->r, cop->crk_param[2].crp_p, dsa_req->r_len) || -+ copy_from_user(dsa_req->g, cop->crk_param[3].crp_p, dsa_req->g_len) || -+ copy_from_user(dsa_req->pub_key, cop->crk_param[4].crp_p, dsa_req->pub_key_len); - if (cop->crk_iparams == 8) { - dsa_req->ab = dsa_req->d + dsa_req->d_len; -- copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, -- dsa_req->ab_len); -- copy_from_user(dsa_req->c, cop->crk_param[6].crp_p, -- dsa_req->d_len); -- copy_from_user(dsa_req->d, cop->crk_param[7].crp_p, -- dsa_req->d_len); -+ rc = rc || -+ copy_from_user(dsa_req->ab, cop->crk_param[5].crp_p, dsa_req->ab_len) || -+ copy_from_user(dsa_req->c, cop->crk_param[6].crp_p, dsa_req->d_len) || -+ copy_from_user(dsa_req->d, cop->crk_param[7].crp_p, dsa_req->d_len); - } else { -- copy_from_user(dsa_req->c, cop->crk_param[5].crp_p, -- dsa_req->d_len); -- copy_from_user(dsa_req->d, cop->crk_param[6].crp_p, -- dsa_req->d_len); -+ rc = rc || -+ copy_from_user(dsa_req->c, cop->crk_param[5].crp_p, dsa_req->d_len) || -+ copy_from_user(dsa_req->d, cop->crk_param[6].crp_p, dsa_req->d_len); - } -+ -+ if (rc) -+ goto err; -+ - rc = cryptodev_pkc_offload(pkc); -- if (pkc->type == SYNCHRONOUS) { -- if (rc) -- goto err; -- } else { -+ if (pkc->type != SYNCHRONOUS) { - if (rc != -EINPROGRESS && !rc) - goto err; - pkc->cookie = buf; -@@ -380,24 +375,15 @@ int crypto_kop_rsa_keygen(struct cryptodev_pkc *pkc) - rc = cryptodev_pkc_offload(pkc); - - if (pkc->type == SYNCHRONOUS) { -- if (rc) -- goto err; -- -- copy_to_user(cop->crk_param[0].crp_p, -- key_req->p, key_req->p_len); -- copy_to_user(cop->crk_param[1].crp_p, -- key_req->q, key_req->q_len); -- copy_to_user(cop->crk_param[2].crp_p, -- key_req->n, key_req->n_len); -- copy_to_user(cop->crk_param[3].crp_p, -- key_req->d, key_req->d_len); -- copy_to_user(cop->crk_param[4].crp_p, -- key_req->dp, key_req->dp_len); -- copy_to_user(cop->crk_param[5].crp_p, -- key_req->dq, key_req->dq_len); -- copy_to_user(cop->crk_param[6].crp_p, -- key_req->c, key_req->c_len); -- } else { -+ rc = rc || -+ copy_to_user(cop->crk_param[0].crp_p, key_req->p, key_req->p_len) || -+ copy_to_user(cop->crk_param[1].crp_p, key_req->q, key_req->q_len) || -+ copy_to_user(cop->crk_param[2].crp_p, key_req->n, key_req->n_len) || -+ copy_to_user(cop->crk_param[3].crp_p, key_req->d, key_req->d_len) || -+ copy_to_user(cop->crk_param[4].crp_p, key_req->dp, key_req->dp_len) || -+ copy_to_user(cop->crk_param[5].crp_p, key_req->dq, key_req->dq_len) || -+ copy_to_user(cop->crk_param[6].crp_p, key_req->c, key_req->c_len); -+ } else { - if (rc != -EINPROGRESS && !rc) { - printk("%s: Failed\n", __func__); - goto err; -@@ -451,30 +437,33 @@ int crypto_kop_keygen(struct cryptodev_pkc *pkc) - key_req->g = key_req->r + key_req->r_len; - key_req->pub_key = key_req->g + key_req->g_len; - key_req->priv_key = key_req->pub_key + key_req->pub_key_len; -- copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len); -- copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len); -- copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); -+ rc = copy_from_user(key_req->q, cop->crk_param[0].crp_p, key_req->q_len) || -+ copy_from_user(key_req->r, cop->crk_param[1].crp_p, key_req->r_len) || -+ copy_from_user(key_req->g, cop->crk_param[2].crp_p, key_req->g_len); -+ - if (cop->crk_iparams == 4) { - key_req->ab = key_req->priv_key + key_req->priv_key_len; -- copy_from_user(key_req->ab, cop->crk_param[3].crp_p, -+ rc = rc || copy_from_user(key_req->ab, cop->crk_param[3].crp_p, - key_req->ab_len); - } - -+ if (rc) -+ goto err; -+ - rc = cryptodev_pkc_offload(pkc); - if (pkc->type == SYNCHRONOUS) { -- if (rc) -- goto err; -- - if (cop->crk_iparams == 4) { -- copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key, -- key_req->pub_key_len); -- copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key, -+ rc = rc || -+ copy_to_user(cop->crk_param[4].crp_p, key_req->pub_key, -+ key_req->pub_key_len) || -+ copy_to_user(cop->crk_param[5].crp_p, key_req->priv_key, - key_req->priv_key_len); - } else { -- copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key, -- key_req->pub_key_len); -- copy_to_user(cop->crk_param[4].crp_p, -- key_req->priv_key, key_req->priv_key_len); -+ rc = rc || -+ copy_to_user(cop->crk_param[3].crp_p, key_req->pub_key, -+ key_req->pub_key_len) || -+ copy_to_user(cop->crk_param[4].crp_p, key_req->priv_key, -+ key_req->priv_key_len); - } - } else { - if (rc != -EINPROGRESS && !rc) -@@ -495,7 +484,7 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - struct dh_key_req_s *dh_req; - int buf_size; - uint8_t *buf; -- int rc = -EINVAL; -+ int rc = 0; - - dh_req = &pkc->req->req_u.dh_req; - dh_req->s_len = (cop->crk_param[0].crp_nbits + 7)/8; -@@ -520,22 +509,23 @@ int crypto_kop_dh_key(struct cryptodev_pkc *pkc) - if (cop->crk_iparams == 4) { - dh_req->ab = dh_req->z + dh_req->z_len; - pkc->req->curve_type = cop->curve_type; -- copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, -- dh_req->ab_len); -+ rc = copy_from_user(dh_req->ab, cop->crk_param[3].crp_p, dh_req->ab_len); - } -- copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len); -- copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p, -- dh_req->pub_key_len); -- copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len); -+ -+ rc = rc || -+ copy_from_user(dh_req->s, cop->crk_param[0].crp_p, dh_req->s_len) || -+ copy_from_user(dh_req->pub_key, cop->crk_param[1].crp_p, dh_req->pub_key_len) || -+ copy_from_user(dh_req->q, cop->crk_param[2].crp_p, dh_req->q_len); -+ if (rc) -+ goto err; -+ - rc = cryptodev_pkc_offload(pkc); - if (pkc->type == SYNCHRONOUS) { -- if (rc) -- goto err; - if (cop->crk_iparams == 4) -- copy_to_user(cop->crk_param[4].crp_p, dh_req->z, -+ rc = rc || copy_to_user(cop->crk_param[4].crp_p, dh_req->z, - dh_req->z_len); - else -- copy_to_user(cop->crk_param[3].crp_p, dh_req->z, -+ rc = rc || copy_to_user(cop->crk_param[3].crp_p, dh_req->z, - dh_req->z_len); - } else { - if (rc != -EINPROGRESS && rc != 0) -@@ -582,19 +572,19 @@ int crypto_modexp_crt(struct cryptodev_pkc *pkc) - rsa_req->dq = rsa_req->dp + rsa_req->dp_len; - rsa_req->c = rsa_req->dq + rsa_req->dq_len; - rsa_req->f = rsa_req->c + rsa_req->c_len; -- copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len); -- copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len); -- copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len); -- copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len); -- copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len); -- copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len); -+ rc = copy_from_user(rsa_req->p, cop->crk_param[0].crp_p, rsa_req->p_len) || -+ copy_from_user(rsa_req->q, cop->crk_param[1].crp_p, rsa_req->q_len) || -+ copy_from_user(rsa_req->g, cop->crk_param[2].crp_p, rsa_req->g_len) || -+ copy_from_user(rsa_req->dp, cop->crk_param[3].crp_p, rsa_req->dp_len) || -+ copy_from_user(rsa_req->dq, cop->crk_param[4].crp_p, rsa_req->dq_len) || -+ copy_from_user(rsa_req->c, cop->crk_param[5].crp_p, rsa_req->c_len); -+ if (rc) -+ goto err; -+ - rc = cryptodev_pkc_offload(pkc); - - if (pkc->type == SYNCHRONOUS) { -- if (rc) -- goto err; -- copy_to_user(cop->crk_param[6].crp_p, rsa_req->f, -- rsa_req->f_len); -+ rc = rc || copy_to_user(cop->crk_param[6].crp_p, rsa_req->f, rsa_req->f_len); - } else { - if (rc != -EINPROGRESS && rc != 0) - goto err; -@@ -633,14 +623,15 @@ int crypto_bn_modexp(struct cryptodev_pkc *pkc) - rsa_req->f = rsa_req->e + rsa_req->e_len; - rsa_req->g = rsa_req->f + rsa_req->f_len; - rsa_req->n = rsa_req->g + rsa_req->g_len; -- copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len); -- copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len); -- copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len); -+ rc = copy_from_user(rsa_req->f, cop->crk_param[0].crp_p, rsa_req->f_len) || -+ copy_from_user(rsa_req->e, cop->crk_param[1].crp_p, rsa_req->e_len) || -+ copy_from_user(rsa_req->n, cop->crk_param[2].crp_p, rsa_req->n_len); -+ if (rc) -+ goto err; -+ - rc = cryptodev_pkc_offload(pkc); - if (pkc->type == SYNCHRONOUS) { -- if (rc) -- goto err; -- copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); -+ rc = rc || copy_to_user(cop->crk_param[3].crp_p, rsa_req->g, rsa_req->g_len); - } else { - if (rc != -EINPROGRESS && rc != 0) - goto err; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0022-fix-double-free-pkc-req-on-error.patch b/recipes-kernel/cryptodev/files/0022-fix-double-free-pkc-req-on-error.patch deleted file mode 100644 index 6e747e0..0000000 --- a/recipes-kernel/cryptodev/files/0022-fix-double-free-pkc-req-on-error.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 85146b8429ba11bd0be68c24c17dd77b21ec8c25 Mon Sep 17 00:00:00 2001 -From: Cristian Stoica <cristian.stoica@freescale.com> -Date: Mon, 12 Oct 2015 23:03:28 +0300 -Subject: [PATCH 22/23] fix double free pkc->req on error - -Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> ---- - main.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/main.c b/main.c -index e5adb93..ec11129 100644 ---- a/main.c -+++ b/main.c -@@ -747,7 +747,7 @@ int crypto_run_asym(struct cryptodev_pkc *pkc) - /* todo - fix alloc-free on error path */ - pkc->req->type = pkc_req_type; - err = call_next_action(pkc); -- if (pkc->type == SYNCHRONOUS) -+ if (err == 0 && pkc->type == SYNCHRONOUS) - kfree(pkc->req); - - return err; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0023-remove-MAY_BACKLOG-flag-from-requests.patch b/recipes-kernel/cryptodev/files/0023-remove-MAY_BACKLOG-flag-from-requests.patch deleted file mode 100644 index 32c3ddd..0000000 --- a/recipes-kernel/cryptodev/files/0023-remove-MAY_BACKLOG-flag-from-requests.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 7d0d0deb255f8c59b0cf6d3944ee2e3be4133b4c Mon Sep 17 00:00:00 2001 -From: Alex Porosanu <alexandru.porosanu@freescale.com> -Date: Mon, 19 Oct 2015 11:53:11 +0300 -Subject: [PATCH 23/23] remove MAY_BACKLOG flag from requests - -cryptodev doesn't implement the backlogging mechanism properly, -since it misses the possibility of sleeping and waiting for -wake-up when the crypto driver below starts working on the -submitted backloggable request. -In case the crypto driver below implements backlogging mechanisms, -this can lead to side-effects such as working on previously-free'ed -data. -This patch removes the MAY_BACKLOG flag from the requests. - -Change-Id: Ia3d822b1abfc1a51e2ce3e9682476b2c99d19c5a -Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com> ---- - cryptlib.c | 14 +++++--------- - 1 file changed, 5 insertions(+), 9 deletions(-) - -diff --git a/cryptlib.c b/cryptlib.c -index 10f5e1a..eba4616 100644 ---- a/cryptlib.c -+++ b/cryptlib.c -@@ -194,8 +194,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - goto error; - } - -- ablkcipher_request_set_callback(out->async.request, -- CRYPTO_TFM_REQ_MAY_BACKLOG, -+ ablkcipher_request_set_callback(out->async.request, 0, - cryptodev_complete, out->async.result); - } else { - out->async.arequest = aead_request_alloc(out->async.as, GFP_KERNEL); -@@ -205,8 +204,7 @@ int cryptodev_cipher_init(struct cipher_data *out, const char *alg_name, - goto error; - } - -- aead_request_set_callback(out->async.arequest, -- CRYPTO_TFM_REQ_MAY_BACKLOG, -+ aead_request_set_callback(out->async.arequest, 0, - cryptodev_complete, out->async.result); - } - -@@ -362,9 +360,8 @@ int cryptodev_hash_init(struct hash_data *hdata, const char *alg_name, - goto error; - } - -- ahash_request_set_callback(hdata->async.request, -- CRYPTO_TFM_REQ_MAY_BACKLOG, -- cryptodev_complete, hdata->async.result); -+ ahash_request_set_callback(hdata->async.request, 0, -+ cryptodev_complete, hdata->async.result); - - ret = crypto_ahash_init(hdata->async.request); - if (unlikely(ret)) { -@@ -439,8 +436,7 @@ int cryptodev_pkc_offload(struct cryptodev_pkc *pkc) - int ret; - - init_completion(&pkc->result.completion); -- pkc_request_set_callback(pkc->req, CRYPTO_TFM_REQ_MAY_BACKLOG, -- cryptodev_complete_asym, pkc); -+ pkc_request_set_callback(pkc->req, 0, cryptodev_complete_asym, pkc); - ret = crypto_pkc_op(pkc->req); - if (ret != -EINPROGRESS && ret != 0) - goto error; --- -2.3.5 - diff --git a/recipes-kernel/cryptodev/files/0024-fix-COMPAT_CIOCKEY-ioctl-command-number.patch b/recipes-kernel/cryptodev/files/0024-fix-COMPAT_CIOCKEY-ioctl-command-number.patch deleted file mode 100644 index 8d0bd8b..0000000 --- a/recipes-kernel/cryptodev/files/0024-fix-COMPAT_CIOCKEY-ioctl-command-number.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 53e4d0fe4a334dae3df32b2053e4ebdfda2e9148 Mon Sep 17 00:00:00 2001 -From: Tudor Ambarus <tudor.ambarus@freescale.com> -Date: Tue, 27 Oct 2015 15:51:02 +0200 -Subject: [PATCH] fix COMPAT_CIOCKEY ioctl command number - -CIOCKEY and COMPAT_CIOCKEY had different command numbers, -so that 32-bit applications got EINVAL error on 64-bit kernel. - -Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> ---- - cryptodev_int.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/cryptodev_int.h b/cryptodev_int.h -index c83c885..cb005d7 100644 ---- a/cryptodev_int.h -+++ b/cryptodev_int.h -@@ -132,7 +132,7 @@ struct compat_crypt_auth_op { - /* compat ioctls, defined for the above structs */ - #define COMPAT_CIOCGSESSION _IOWR('c', 102, struct compat_session_op) - #define COMPAT_CIOCCRYPT _IOWR('c', 104, struct compat_crypt_op) --#define COMPAT_CIOCKEY _IOW('c', 105, struct compat_crypt_kop) -+#define COMPAT_CIOCKEY _IOWR('c', 105, struct compat_crypt_kop) - #define COMPAT_CIOCASYNCCRYPT _IOW('c', 107, struct compat_crypt_op) - #define COMPAT_CIOCASYNCFETCH _IOR('c', 108, struct compat_crypt_op) - #define COMPAT_CIOCAUTHCRYPT _IOWR('c', 109, struct compat_crypt_auth_op) --- -2.3.3 - |