It may happen that the variable req->iv may have stale values or
zero sized buffer by default and may end up getting used during
encryption/decryption. This in turn may corrupt the results or break
the operation. Ensure not use IV for algorithms like AES ECB where IV
is not expected.
Bug 4883011
Change-Id: I309ad26f99fe54005ff71b270b3b115dc62ac168
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3330469
Reviewed-by: svcacv <svcacv@nvidia.com>
Reviewed-by: Laxman Dewangan <ldewangan@nvidia.com>
GVS: buildbot_gerritrpt <buildbot_gerritrpt@nvidia.com>
The HW supports only storing 15 keys at a time. This limits the number
of tfms that can work without failutes. Reserve keyslots to solve this
and use the reserved ones during the encryption/decryption operation.
This allow users to have the capability of hardware protected keys
and faster operations if there are limited number of tfms while not
halting the operation if there are more tfms.
Bug 4883011
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Change-Id: I7de17eb1acf3b5a9f55a42e9df2aa8b64e20cb6d
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3347661
GVS: buildbot_gerritrpt <buildbot_gerritrpt@nvidia.com>
Reviewed-by: Laxman Dewangan <ldewangan@nvidia.com>
The intermediate hash values generated during an update task were
handled incorrectly in the driver. The values have a defined format for
each algorithm. Copying and pasting from the HASH_RESULT register
balantly would not work for all the supported algorithms. This incorrect
handling causes failures when there is a context switch between multiple
operations.
To handle the expected format correctly, add a separate buffer for
storing the intermediate results for each request. Remove the previous
copy/paste functions which read/wrote to the registers directly. Instead
configure the hardware to get the intermediate result copied to the
buffer and use host1x path to restore the intermediate hash results.
Bug 4883011
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Change-Id: I54952620906ccfd57d560c4619d17211f67b9ac3
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3328440
GVS: buildbot_gerritrpt <buildbot_gerritrpt@nvidia.com>
Reviewed-by: Laxman Dewangan <ldewangan@nvidia.com>
Ahash init() function was called asynchronous to the crypto engine queue.
This could corrupt the request context if there is any ongoing operation
for the same request. Queue the init function as well to the crypto
engine queue so that this scenario can be avoided.
Bug 4883011
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Change-Id: I7d5e4629fbd47215c7d7748b675030c1cb63e5ea
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3328439
Reviewed-by: Laxman Dewangan <ldewangan@nvidia.com>
GVS: buildbot_gerritrpt <buildbot_gerritrpt@nvidia.com>
The buffer which sends the commands to host1x was shared for all tasks
in the engine. This causes a problem with the setkey() function as it
gets called asynchronous to the crypto engine queue. Modifying the same
cmdbuf in setkey() will corrupt the ongoing host1x task and in turn
break the encryption/decryption operation. Hence use a separate cmdbuf
for setkey().
Bug 4883011
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Change-Id: Ia6a5376e2c8dfc98e11414666ebf9ade41f10fee
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3328437
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
GVS: buildbot_gerritrpt <buildbot_gerritrpt@nvidia.com>
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
Reviewed-by: Laxman Dewangan <ldewangan@nvidia.com>
Allocate the buffer based on the request instead of a fixed buffer
length. In operations which may require larger buffer size, a fixed
buffer may fail. Similar patch was added for AES algorithms. Fix the
same for HASH algorithms as well.
Bug 4908156
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Change-Id: Idd2c1ceae1a85434a5a51154a17dce8c927bb66c
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3233718
Reviewed-by: Laxman Dewangan <ldewangan@nvidia.com>
GVS: buildbot_gerritrpt <buildbot_gerritrpt@nvidia.com>
The correct module license string for drivers is "GPL" and not "GPL
V2". Note that "GPL" in the module license indicates GPLv2 according to
the kernel documentation. Using "GPL V2" causes the following kernel
warns to be printed when the module is loaded ...
r8168: module license 'GPL V2' taints kernel.
Disabling lock debugging due to kernel taint
r8168: module license taints kernel.
Fix this by correcting the license string for dummy drivers.
Bug 4606591
Bug 4471899
Change-Id: Ib785b2d3c90234e279cb1d804bf9a9842e6e5084
Signed-off-by: Jon Hunter <jonathanh@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3141628
GVS: buildbot_gerritrpt <buildbot_gerritrpt@nvidia.com>
The compiler option -Wmissing-prototypes is being enabled globally in
the upstream Linux kernel and this causes build failures for various
drivers. The build failures occur because either the driver is missing
an include file which has the prototype or because the function is not
declared statically when it should be (ie. there are no external users).
Fix the various build failures and enable -Wmissing-prototypes to
prevent any new instances from occurring. Note that the only driver that
is not fixed at the moment is rtl8822ce due to large number of failures
and so build this with '-Wno-missing-prototypes' for now, which is not
different to how it was being compiled prior to this change.
Bug 4404965
Change-Id: Ie5572d23659e0346fa035d645d9043b0a6da5fdc
Signed-off-by: Jon Hunter <jonathanh@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3027488
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
Add the updated Tegra SE driver with the below improvements.
- Remove dependency with nvhost apis and use upstream Host1x APIs.
- Implement software fallbacks for keys/plaintexts unsupported by
hardware.
- Support only T234 and later. Prior chips will use tegra-se-nvhost
driver.
Bug 4221414
Bug 3579794
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Change-Id: I398a5b7cc3f752b44d01d6d1c81f813f862e4cd9
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/2977810
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
