linux-toradex.git/drivers/crypto/padlock-sha.c, branch v3.4.45 Linux kernel for Apalis and Colibri modules crypto: Add support for x86 cpuid auto loading for x86 crypto drivers 2012-01-27T00:48:10+00:00 Andi Kleen ak@linux.intel.com 2012-01-25T23:09:06+00:00 3bd391f056df61e928de1680ff4a3e7e07e5b399 Add support for auto-loading of crypto drivers based on cpuid features. This enables auto-loading of the VIA and Intel specific drivers for AES, hashing and CRCs. Requires the earlier infrastructure patch to add x86 modinfo. I kept it all in a single patch for now. I dropped the printks when the driver cpuid doesn't match (imho drivers never should print anything in such a case) One drawback is that udev doesn't know if the drivers are used or not, so they will be unconditionally loaded at boot up. That's better than not loading them at all, like it often happens. Cc: Dave Jones <davej@redhat.com> Cc: Kay Sievers <kay.sievers@vrfy.org> Cc: Jen Axboe <axboe@kernel.dk> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Huang Ying <ying.huang@intel.com> Signed-off-by: Andi Kleen <ak@linux.intel.com> Signed-off-by: Thomas Renninger <trenn@suse.de> Acked-by: H. Peter Anvin <hpa@zytor.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
Add support for auto-loading of crypto drivers based on cpuid features.
This enables auto-loading of the VIA and Intel specific drivers
for AES, hashing and CRCs.

Requires the earlier infrastructure patch to add x86 modinfo.
I kept it all in a single patch for now.

I dropped the printks when the driver cpuid doesn't match (imho
drivers never should print anything in such a case)

One drawback is that udev doesn't know if the drivers are used or not,
so they will be unconditionally loaded at boot up. That's better
than not loading them at all, like it often happens.

Cc: Dave Jones <davej@redhat.com>
Cc: Kay Sievers <kay.sievers@vrfy.org>
Cc: Jen Axboe <axboe@kernel.dk>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Huang Ying <ying.huang@intel.com>
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Renninger <trenn@suse.de>
Acked-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
crypto: padlock - Add SHA-1/256 module for VIA Nano 2011-03-27T02:45:18+00:00 Brilly Wu brillywu@viatech.com.cn 2011-03-27T02:45:00+00:00 0475add3c27a43a6599fe6338f8fffe919a13547 Add new SHA-1/256 module that never needs any fallback and just calls the PadLock hardware instruction supported from VIA Nano processors to implement the "update" and "final" function. They are respectively named "sha1_alg_nano" and "sha256_alg_nano", and will be used on any VIA Nano processor or the later ones. On VIA C7 CPU, the "sha1_alg" and "sha256_alg" modules will still be used as before. Signed-off-by: Brilly Wu <brillywu@viatech.com.cn> Signed-off-by: Kary Jin <karyjin@viatech.com.cn> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Add new SHA-1/256 module that never needs any fallback and just calls the
PadLock hardware instruction supported from VIA Nano processors to implement
the "update" and "final" function.

They are respectively named "sha1_alg_nano" and "sha256_alg_nano", and will
be used on any VIA Nano processor or the later ones. On VIA C7 CPU, the
"sha1_alg" and "sha256_alg" modules will still be used as before.

Signed-off-by: Brilly Wu <brillywu@viatech.com.cn>
Signed-off-by: Kary Jin <karyjin@viatech.com.cn>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: padlock - Move padlock.h into include/crypto 2011-01-07T03:52:00+00:00 Herbert Xu herbert@gondor.apana.org.au 2011-01-07T03:52:00+00:00 21493088733e6e09dac6f54595a1b6b8ab1e68fd This patch moves padlock.h from drivers/crypto into include/crypto so that it may be used by the via-rng driver. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch moves padlock.h from drivers/crypto into include/crypto
so that it may be used by the via-rng driver.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: padlock-sha - Add import/export support 2010-02-01T19:50:25+00:00 Herbert Xu herbert@gondor.apana.org.au 2010-01-31T22:17:56+00:00 a8d7ac279743077965afeca0c9ed748507b68e89 As the padlock driver for SHA uses a software fallback to perform partial hashing, it must implement custom import/export functions. Otherwise hmac which depends on import/export for prehashing will not work with padlock-sha. Reported-by: Wolfgang Walter <wolfgang.walter@stwm.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
As the padlock driver for SHA uses a software fallback to perform
partial hashing, it must implement custom import/export functions.
Otherwise hmac which depends on import/export for prehashing will
not work with padlock-sha.

Reported-by: Wolfgang Walter <wolfgang.walter@stwm.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: padlock-sha - Fix stack alignment 2009-09-22T06:21:53+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-09-22T06:21:53+00:00 4c6ab3ee4cdb86cbd4e9400dd22fad7701cbe795 The PadLock hardware requires the output buffer for SHA to be 128-bit aligned. We currentply place the buffer on the stack, and ask gcc to align it to 128 bits. That doesn't work on i386 because the kernel stack is only aligned to 32 bits. This patch changes the code to align the buffer by hand so that the hardware doesn't fault on unaligned buffers. Reported-by: Séguier Régis <rguier@e-teleport.net> Tested-by: Séguier Régis <rguier@e-teleport.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The PadLock hardware requires the output buffer for SHA to be
128-bit aligned.  We currentply place the buffer on the stack,
and ask gcc to align it to 128 bits.  That doesn't work on i386
because the kernel stack is only aligned to 32 bits.  This patch
changes the code to align the buffer by hand so that the hardware
doesn't fault on unaligned buffers.

Reported-by: Séguier Régis <rguier@e-teleport.net>
Tested-by: Séguier Régis <rguier@e-teleport.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: padlock - Fix hashing of partial blocks 2009-07-16T02:33:27+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-07-16T02:33:27+00:00 e9b25f16cda88b33fe15b30c009912e6c471edda When we encounter partial blocks in finup, we'll invoke the xsha instruction with a bogus count that is not a multiple of the block size. This patch fixes it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
When we encounter partial blocks in finup, we'll invoke the xsha
instruction with a bogus count that is not a multiple of the block
size.  This patch fixes it.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: padlock - Fix compile error on i386 2009-07-15T10:37:48+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-07-15T10:37:48+00:00 faae890883624e14a328863eafabf54a36698774 The previous change to allow hashing from states other than the initial broke compilation on i386 because the inline assembly tried to squeeze a u64 into a 32-bit register. As we've already checked for 32-bit overflows we can simply truncate it to u32, or unsigned long so that we don't truncate at all on x86-64. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The previous change to allow hashing from states other than the
initial broke compilation on i386 because the inline assembly
tried to squeeze a u64 into a 32-bit register.  As we've already
checked for 32-bit overflows we can simply truncate it to u32,
or unsigned long so that we don't truncate at all on x86-64.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: padlock - Switch sha to shash 2009-07-14T04:58:02+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-07-11T10:16:16+00:00 bbbee4679afd7c29a58087f133ffe241597f3144 This patch converts the padlock-sha implementation to shash. In doing so the existing mechanism of storing the data until final is no longer viable as we do not have a way of allocating data in crypto_shash_init and then reliably freeing it. This is just as well because a better way of handling the problem is to hash everything but the last chunk using normal sha code and then provide the intermediate result to the padlock device. This is good enough because the primary application of padlock-sha is IPsec and there the data is laid out in the form of an hmac header followed by the rest of the packet. In essence we can provide all the data to the padlock as the hmac header only needs to be hashed once. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch converts the padlock-sha implementation to shash.
In doing so the existing mechanism of storing the data until
final is no longer viable as we do not have a way of allocating
data in crypto_shash_init and then reliably freeing it.

This is just as well because a better way of handling the problem
is to hash everything but the last chunk using normal sha code
and then provide the intermediate result to the padlock device.

This is good enough because the primary application of padlock-sha
is IPsec and there the data is laid out in the form of an hmac
header followed by the rest of the packet.  In essence we can
provide all the data to the padlock as the hmac header only needs
to be hashed once.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: padlock - Use shash fallback for sha 2009-07-11T10:23:35+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-07-10T09:26:44+00:00 7d024608265eb815ae4ce1e5da097ec9d800dda4 This patch changes padlock sha fallback to shash instead of hash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch changes padlock sha fallback to shash instead of hash.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - Fix module load deadlock with fallback algorithms 2009-02-26T06:06:31+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-02-26T06:06:31+00:00 a760a6656e6f00bb0144a42a048cf0266646e22c With the mandatory algorithm testing at registration, we have now created a deadlock with algorithms requiring fallbacks. This can happen if the module containing the algorithm requiring fallback is loaded first, without the fallback module being loaded first. The system will then try to test the new algorithm, find that it needs to load a fallback, and then try to load that. As both algorithms share the same module alias, it can attempt to load the original algorithm again and block indefinitely. As algorithms requiring fallbacks are a special case, we can fix this by giving them a different module alias than the rest. Then it's just a matter of using the right aliases according to what algorithms we're trying to find. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
With the mandatory algorithm testing at registration, we have
now created a deadlock with algorithms requiring fallbacks.
This can happen if the module containing the algorithm requiring
fallback is loaded first, without the fallback module being loaded
first.  The system will then try to test the new algorithm, find
that it needs to load a fallback, and then try to load that.

As both algorithms share the same module alias, it can attempt
to load the original algorithm again and block indefinitely.

As algorithms requiring fallbacks are a special case, we can fix
this by giving them a different module alias than the rest.  Then
it's just a matter of using the right aliases according to what
algorithms we're trying to find.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>