diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2023-08-29 21:23:29 +0300 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2023-08-29 21:23:29 +0300 |
commit | 68cf01760bc0891074e813b9bb06d2696cac1c01 (patch) | |
tree | 0bfbd6a995c19df689476782450a7df8bd51b213 /include | |
parent | f97e18a3f2fb78a4ed0d25e427535d9f853b9e9e (diff) | |
parent | 85b9bf9a514d991fcecb118d0a8a35e754ff9265 (diff) | |
download | linux-68cf01760bc0891074e813b9bb06d2696cac1c01.tar.xz |
Merge tag 'v6.6-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu:
"API:
- Move crypto engine callback from tfm ctx into algorithm object
- Fix atomic sleep bug in crypto_destroy_instance
- Move lib/mpi into lib/crypto
Algorithms:
- Add chacha20 and poly1305 implementation for powerpc p10
Drivers:
- Add AES skcipher and aead support to starfive
- Add Dynamic Boost Control support to ccp
- Add support for STM32P13 platform to stm32"
* tag 'v6.6-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (149 commits)
Revert "dt-bindings: crypto: qcom,prng: Add SM8450"
crypto: chelsio - Remove unused declarations
X.509: if signature is unsupported skip validation
crypto: qat - fix crypto capability detection for 4xxx
crypto: drivers - Explicitly include correct DT includes
crypto: engine - Remove crypto_engine_ctx
crypto: zynqmp - Use new crypto_engine_op interface
crypto: virtio - Use new crypto_engine_op interface
crypto: stm32 - Use new crypto_engine_op interface
crypto: jh7110 - Use new crypto_engine_op interface
crypto: rk3288 - Use new crypto_engine_op interface
crypto: omap - Use new crypto_engine_op interface
crypto: keembay - Use new crypto_engine_op interface
crypto: sl3516 - Use new crypto_engine_op interface
crypto: caam - Use new crypto_engine_op interface
crypto: aspeed - Remove non-standard sha512 algorithms
crypto: aspeed - Use new crypto_engine_op interface
crypto: amlogic - Use new crypto_engine_op interface
crypto: sun8i-ss - Use new crypto_engine_op interface
crypto: sun8i-ce - Use new crypto_engine_op interface
...
Diffstat (limited to 'include')
-rw-r--r-- | include/crypto/algapi.h | 3 | ||||
-rw-r--r-- | include/crypto/engine.h | 118 | ||||
-rw-r--r-- | include/crypto/internal/engine.h | 74 | ||||
-rw-r--r-- | include/linux/hisi_acc_qm.h | 2 | ||||
-rw-r--r-- | include/linux/psp-platform-access.h | 4 | ||||
-rw-r--r-- | include/uapi/linux/psp-dbc.h | 147 |
6 files changed, 278 insertions, 70 deletions
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h index 6156161b181f..ca86f4c6ba43 100644 --- a/include/crypto/algapi.h +++ b/include/crypto/algapi.h @@ -12,6 +12,7 @@ #include <linux/cache.h> #include <linux/crypto.h> #include <linux/types.h> +#include <linux/workqueue.h> /* * Maximum values for blocksize and alignmask, used to allocate @@ -82,6 +83,8 @@ struct crypto_instance { struct crypto_spawn *spawns; }; + struct work_struct free_work; + void *__ctx[] CRYPTO_MINALIGN_ATTR; }; diff --git a/include/crypto/engine.h b/include/crypto/engine.h index 2038764b30c2..2835069c5997 100644 --- a/include/crypto/engine.h +++ b/include/crypto/engine.h @@ -7,91 +7,47 @@ #ifndef _CRYPTO_ENGINE_H #define _CRYPTO_ENGINE_H -#include <linux/crypto.h> -#include <linux/list.h> -#include <linux/kthread.h> -#include <linux/spinlock.h> -#include <linux/types.h> - -#include <crypto/algapi.h> #include <crypto/aead.h> #include <crypto/akcipher.h> #include <crypto/hash.h> -#include <crypto/skcipher.h> #include <crypto/kpp.h> +#include <crypto/skcipher.h> +#include <linux/types.h> +struct crypto_engine; struct device; -#define ENGINE_NAME_LEN 30 -/* - * struct crypto_engine - crypto hardware engine - * @name: the engine name - * @idling: the engine is entering idle state - * @busy: request pump is busy - * @running: the engine is on working - * @retry_support: indication that the hardware allows re-execution - * of a failed backlog request - * crypto-engine, in head position to keep order - * @list: link with the global crypto engine list - * @queue_lock: spinlock to synchronise access to request queue - * @queue: the crypto queue of the engine - * @rt: whether this queue is set to run as a realtime task - * @prepare_crypt_hardware: a request will soon arrive from the queue - * so the subsystem requests the driver to prepare the hardware - * by issuing this call - * @unprepare_crypt_hardware: there are currently no more requests on the - * queue so the subsystem notifies the driver that it may relax the - * hardware by issuing this call - * @do_batch_requests: execute a batch of requests. Depends on multiple - * requests support. - * @kworker: kthread worker struct for request pump - * @pump_requests: work struct for scheduling work to the request pump - * @priv_data: the engine private data - * @cur_req: the current request which is on processing - */ -struct crypto_engine { - char name[ENGINE_NAME_LEN]; - bool idling; - bool busy; - bool running; - - bool retry_support; - - struct list_head list; - spinlock_t queue_lock; - struct crypto_queue queue; - struct device *dev; - - bool rt; - - int (*prepare_crypt_hardware)(struct crypto_engine *engine); - int (*unprepare_crypt_hardware)(struct crypto_engine *engine); - int (*do_batch_requests)(struct crypto_engine *engine); - - - struct kthread_worker *kworker; - struct kthread_work pump_requests; - - void *priv_data; - struct crypto_async_request *cur_req; -}; - /* * struct crypto_engine_op - crypto hardware engine operations - * @prepare_request: do some preparation if needed before handling the current request - * @unprepare_request: undo any work done by prepare_request() * @do_one_request: do encryption for current request */ struct crypto_engine_op { - int (*prepare_request)(struct crypto_engine *engine, - void *areq); - int (*unprepare_request)(struct crypto_engine *engine, - void *areq); int (*do_one_request)(struct crypto_engine *engine, void *areq); }; -struct crypto_engine_ctx { +struct aead_engine_alg { + struct aead_alg base; + struct crypto_engine_op op; +}; + +struct ahash_engine_alg { + struct ahash_alg base; + struct crypto_engine_op op; +}; + +struct akcipher_engine_alg { + struct akcipher_alg base; + struct crypto_engine_op op; +}; + +struct kpp_engine_alg { + struct kpp_alg base; + struct crypto_engine_op op; +}; + +struct skcipher_engine_alg { + struct skcipher_alg base; struct crypto_engine_op op; }; @@ -124,4 +80,28 @@ struct crypto_engine *crypto_engine_alloc_init_and_set(struct device *dev, bool rt, int qlen); int crypto_engine_exit(struct crypto_engine *engine); +int crypto_engine_register_aead(struct aead_engine_alg *alg); +void crypto_engine_unregister_aead(struct aead_engine_alg *alg); +int crypto_engine_register_aeads(struct aead_engine_alg *algs, int count); +void crypto_engine_unregister_aeads(struct aead_engine_alg *algs, int count); + +int crypto_engine_register_ahash(struct ahash_engine_alg *alg); +void crypto_engine_unregister_ahash(struct ahash_engine_alg *alg); +int crypto_engine_register_ahashes(struct ahash_engine_alg *algs, int count); +void crypto_engine_unregister_ahashes(struct ahash_engine_alg *algs, + int count); + +int crypto_engine_register_akcipher(struct akcipher_engine_alg *alg); +void crypto_engine_unregister_akcipher(struct akcipher_engine_alg *alg); + +int crypto_engine_register_kpp(struct kpp_engine_alg *alg); +void crypto_engine_unregister_kpp(struct kpp_engine_alg *alg); + +int crypto_engine_register_skcipher(struct skcipher_engine_alg *alg); +void crypto_engine_unregister_skcipher(struct skcipher_engine_alg *alg); +int crypto_engine_register_skciphers(struct skcipher_engine_alg *algs, + int count); +void crypto_engine_unregister_skciphers(struct skcipher_engine_alg *algs, + int count); + #endif /* _CRYPTO_ENGINE_H */ diff --git a/include/crypto/internal/engine.h b/include/crypto/internal/engine.h new file mode 100644 index 000000000000..fbf4be56cf12 --- /dev/null +++ b/include/crypto/internal/engine.h @@ -0,0 +1,74 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * Crypto engine API + * + * Copyright (c) 2016 Baolin Wang <baolin.wang@linaro.org> + * Copyright (c) 2023 Herbert Xu <herbert@gondor.apana.org.au> + */ +#ifndef _CRYPTO_INTERNAL_ENGINE_H +#define _CRYPTO_INTERNAL_ENGINE_H + +#include <crypto/algapi.h> +#include <crypto/engine.h> +#include <linux/kthread.h> +#include <linux/spinlock_types.h> +#include <linux/types.h> + +#define ENGINE_NAME_LEN 30 + +struct device; + +/* + * struct crypto_engine - crypto hardware engine + * @name: the engine name + * @idling: the engine is entering idle state + * @busy: request pump is busy + * @running: the engine is on working + * @retry_support: indication that the hardware allows re-execution + * of a failed backlog request + * crypto-engine, in head position to keep order + * @list: link with the global crypto engine list + * @queue_lock: spinlock to synchronise access to request queue + * @queue: the crypto queue of the engine + * @rt: whether this queue is set to run as a realtime task + * @prepare_crypt_hardware: a request will soon arrive from the queue + * so the subsystem requests the driver to prepare the hardware + * by issuing this call + * @unprepare_crypt_hardware: there are currently no more requests on the + * queue so the subsystem notifies the driver that it may relax the + * hardware by issuing this call + * @do_batch_requests: execute a batch of requests. Depends on multiple + * requests support. + * @kworker: kthread worker struct for request pump + * @pump_requests: work struct for scheduling work to the request pump + * @priv_data: the engine private data + * @cur_req: the current request which is on processing + */ +struct crypto_engine { + char name[ENGINE_NAME_LEN]; + bool idling; + bool busy; + bool running; + + bool retry_support; + + struct list_head list; + spinlock_t queue_lock; + struct crypto_queue queue; + struct device *dev; + + bool rt; + + int (*prepare_crypt_hardware)(struct crypto_engine *engine); + int (*unprepare_crypt_hardware)(struct crypto_engine *engine); + int (*do_batch_requests)(struct crypto_engine *engine); + + + struct kthread_worker *kworker; + struct kthread_work pump_requests; + + void *priv_data; + struct crypto_async_request *cur_req; +}; + +#endif diff --git a/include/linux/hisi_acc_qm.h b/include/linux/hisi_acc_qm.h index a7d54d4d41fd..39fbfb4be944 100644 --- a/include/linux/hisi_acc_qm.h +++ b/include/linux/hisi_acc_qm.h @@ -104,7 +104,7 @@ enum qm_stop_reason { QM_NORMAL, QM_SOFT_RESET, - QM_FLR, + QM_DOWN, }; enum qm_state { diff --git a/include/linux/psp-platform-access.h b/include/linux/psp-platform-access.h index 75da8f5f7ad8..c1dc87fc536b 100644 --- a/include/linux/psp-platform-access.h +++ b/include/linux/psp-platform-access.h @@ -8,6 +8,10 @@ enum psp_platform_access_msg { PSP_CMD_NONE = 0x0, PSP_I2C_REQ_BUS_CMD = 0x64, + PSP_DYNAMIC_BOOST_GET_NONCE, + PSP_DYNAMIC_BOOST_SET_UID, + PSP_DYNAMIC_BOOST_GET_PARAMETER, + PSP_DYNAMIC_BOOST_SET_PARAMETER, }; struct psp_req_buffer_hdr { diff --git a/include/uapi/linux/psp-dbc.h b/include/uapi/linux/psp-dbc.h new file mode 100644 index 000000000000..b3845a9ff5fd --- /dev/null +++ b/include/uapi/linux/psp-dbc.h @@ -0,0 +1,147 @@ +/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */ +/* + * Userspace interface for AMD Dynamic Boost Control (DBC) + * + * Copyright (C) 2023 Advanced Micro Devices, Inc. + * + * Author: Mario Limonciello <mario.limonciello@amd.com> + */ + +#ifndef __PSP_DBC_USER_H__ +#define __PSP_DBC_USER_H__ + +#include <linux/types.h> + +/** + * DOC: AMD Dynamic Boost Control (DBC) interface + */ + +#define DBC_NONCE_SIZE 16 +#define DBC_SIG_SIZE 32 +#define DBC_UID_SIZE 16 + +/** + * struct dbc_user_nonce - Nonce exchange structure (input/output). + * @auth_needed: Whether the PSP should authenticate this request (input). + * 0: no authentication, PSP will return single use nonce. + * 1: authentication: PSP will return multi-use nonce. + * @nonce: 8 byte value used for future authentication (output). + * @signature: Optional 32 byte signature created by software using a + * previous nonce (input). + */ +struct dbc_user_nonce { + __u32 auth_needed; + __u8 nonce[DBC_NONCE_SIZE]; + __u8 signature[DBC_SIG_SIZE]; +} __packed; + +/** + * struct dbc_user_setuid - UID exchange structure (input). + * @uid: 16 byte value representing software identity + * @signature: 32 byte signature created by software using a previous nonce + */ +struct dbc_user_setuid { + __u8 uid[DBC_UID_SIZE]; + __u8 signature[DBC_SIG_SIZE]; +} __packed; + +/** + * struct dbc_user_param - Parameter exchange structure (input/output). + * @msg_index: Message indicating what parameter to set or get (input) + * @param: 4 byte parameter, units are message specific. (input/output) + * @signature: 32 byte signature. + * - When sending a message this is to be created by software + * using a previous nonce (input) + * - For interpreting results, this signature is updated by the + * PSP to allow software to validate the authenticity of the + * results. + */ +struct dbc_user_param { + __u32 msg_index; + __u32 param; + __u8 signature[DBC_SIG_SIZE]; +} __packed; + +/** + * Dynamic Boost Control (DBC) IOC + * + * possible return codes for all DBC IOCTLs: + * 0: success + * -EINVAL: invalid input + * -E2BIG: excess data passed + * -EFAULT: failed to copy to/from userspace + * -EBUSY: mailbox in recovery or in use + * -ENODEV: driver not bound with PSP device + * -EACCES: request isn't authorized + * -EINVAL: invalid parameter + * -ETIMEDOUT: request timed out + * -EAGAIN: invalid request for state machine + * -ENOENT: not implemented + * -ENFILE: overflow + * -EPERM: invalid signature + * -EIO: unknown error + */ +#define DBC_IOC_TYPE 'D' + +/** + * DBCIOCNONCE - Fetch a nonce from the PSP for authenticating commands. + * If a nonce is fetched without authentication it can only + * be utilized for one command. + * If a nonce is fetched with authentication it can be used + * for multiple requests. + */ +#define DBCIOCNONCE _IOWR(DBC_IOC_TYPE, 0x1, struct dbc_user_nonce) + +/** + * DBCIOCUID - Set the user ID (UID) of a calling process. + * The user ID is 8 bytes long. It must be programmed using a + * 32 byte signature built using the nonce fetched from + * DBCIOCNONCE. + * The UID can only be set once until the system is rebooted. + */ +#define DBCIOCUID _IOW(DBC_IOC_TYPE, 0x2, struct dbc_user_setuid) + +/** + * DBCIOCPARAM - Set or get a parameter from the PSP. + * This request will only work after DBCIOCUID has successfully + * set the UID of the calling process. + * Whether the parameter is set or get is controlled by the + * message ID in the request. + * This command must be sent using a 32 byte signature built + * using the nonce fetched from DBCIOCNONCE. + * When the command succeeds, the 32 byte signature will be + * updated by the PSP for software to authenticate the results. + */ +#define DBCIOCPARAM _IOWR(DBC_IOC_TYPE, 0x3, struct dbc_user_param) + +/** + * enum dbc_cmd_msg - Messages utilized by DBCIOCPARAM + * @PARAM_GET_FMAX_CAP: Get frequency cap (MHz) + * @PARAM_SET_FMAX_CAP: Set frequency cap (MHz) + * @PARAM_GET_PWR_CAP: Get socket power cap (mW) + * @PARAM_SET_PWR_CAP: Set socket power cap (mW) + * @PARAM_GET_GFX_MODE: Get graphics mode (0/1) + * @PARAM_SET_GFX_MODE: Set graphics mode (0/1) + * @PARAM_GET_CURR_TEMP: Get current temperature (degrees C) + * @PARAM_GET_FMAX_MAX: Get maximum allowed value for frequency (MHz) + * @PARAM_GET_FMAX_MIN: Get minimum allowed value for frequency (MHz) + * @PARAM_GET_SOC_PWR_MAX: Get maximum allowed value for SoC power (mw) + * @PARAM_GET_SOC_PWR_MIN: Get minimum allowed value for SoC power (mw) + * @PARAM_GET_SOC_PWR_CUR: Get current value for SoC Power (mW) + */ +enum dbc_cmd_msg { + PARAM_GET_FMAX_CAP = 0x3, + PARAM_SET_FMAX_CAP = 0x4, + PARAM_GET_PWR_CAP = 0x5, + PARAM_SET_PWR_CAP = 0x6, + PARAM_GET_GFX_MODE = 0x7, + PARAM_SET_GFX_MODE = 0x8, + PARAM_GET_CURR_TEMP = 0x9, + PARAM_GET_FMAX_MAX = 0xA, + PARAM_GET_FMAX_MIN = 0xB, + PARAM_GET_SOC_PWR_MAX = 0xC, + PARAM_GET_SOC_PWR_MIN = 0xD, + PARAM_GET_SOC_PWR_CUR = 0xE, +}; + +#endif /* __PSP_DBC_USER_H__ */ |