diff options
author | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2010-05-04 20:59:19 +0000 |
---|---|---|
committer | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2010-05-04 20:59:19 +0000 |
commit | 40b344028b6b043b73512f036be7b3e963f85c88 (patch) | |
tree | e2514d65fed366af6c5f498e58431b2008ccf437 /target/linux/generic-2.6/files/crypto/ocf/ep80579 | |
parent | 64f1ed8de7026752f2b306797226b932e386b4b5 (diff) |
[generic-2.6] update OCF framework to version 20100325
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21356 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'target/linux/generic-2.6/files/crypto/ocf/ep80579')
7 files changed, 658 insertions, 1165 deletions
diff --git a/target/linux/generic-2.6/files/crypto/ocf/ep80579/Makefile b/target/linux/generic-2.6/files/crypto/ocf/ep80579/Makefile index 19ff6eb05..9aab29573 100644 --- a/target/linux/generic-2.6/files/crypto/ocf/ep80579/Makefile +++ b/target/linux/generic-2.6/files/crypto/ocf/ep80579/Makefile @@ -13,7 +13,7 @@ # # GPL LICENSE SUMMARY # -# Copyright(c) 2007,2008 Intel Corporation. All rights reserved. +# Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. # # This program is free software; you can redistribute it and/or modify # it under the terms of version 2 of the GNU General Public License as @@ -35,7 +35,7 @@ # # BSD LICENSE # -# Copyright(c) 2007,2008 Intel Corporation. All rights reserved. +# Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -65,43 +65,55 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # # -# version: Security.L.1.0.130 +# version: Security.L.1.0.2-229 ############################################################################ ####################Common variables and definitions######################## +ifndef ICP_ROOT +$(warning ICP_ROOT is undefined. Please set the path to EP80579 release package directory \ + "-> setenv ICP_ROOT <path>") +all fastdep: + : +else + +ifndef KERNEL_SOURCE_ROOT +$(error KERNEL_SOURCE_ROOT is undefined. Please set the path to the kernel source directory \ + "-> setenv KERNEL_SOURCE_ROOT <path>") +endif + # Ensure The ENV_DIR environmental var is defined. ifndef ICP_ENV_DIR -$(error ICP_ENV_DIR is undefined. Please set the path to your environment makefile \ +$(error ICP_ENV_DIR is undefined. Please set the path to EP80579 driver environment.mk file \ "-> setenv ICP_ENV_DIR <path>") endif #Add your project environment Makefile -include $(ICP_ENV_DIR)/environment.mk +include ${ICP_ENV_DIR}/environment.mk #include the makefile with all the default and common Make variable definitions -include $(ICP_BUILDSYSTEM_PATH)/build_files/common.mk +include ${ICP_BUILDSYSTEM_PATH}/build_files/common.mk #Add the name for the executable, Library or Module output definitions OUTPUT_NAME= icp_ocf # List of Source Files to be compiled -SOURCES= icp_common.c icp_sym.c icp_asym.c +SOURCES= icp_common.c icp_sym.c icp_asym.c icp_ocf_linux.c #common includes between all supported OSes -INCLUDES= -I $(ICP_API_DIR) -I$(ICP_LAC_API) \ --I$(ICP_OCF_SRC_DIR) +INCLUDES= -I ${ICP_API_DIR} -I${ICP_LAC_API} \ +-I${ICP_OCF_SRC_DIR} # The location of the os level makefile needs to be changed. -include $(ICP_ENV_DIR)/$(ICP_OS)_$(ICP_OS_LEVEL).mk +include ${ICP_ENV_DIR}/${ICP_OS}_${ICP_OS_LEVEL}.mk # On the line directly below list the outputs you wish to build for, -# e.g "lib_static lib_shared exe module" as show below +# e.g "lib_static lib_shared exe module" as shown below install: module ###################Include rules makefiles######################## -include $(ICP_BUILDSYSTEM_PATH)/build_files/rules.mk +include ${ICP_BUILDSYSTEM_PATH}/build_files/rules.mk ###################End of Rules inclusion######################### - +endif diff --git a/target/linux/generic-2.6/files/crypto/ocf/ep80579/environment.mk b/target/linux/generic-2.6/files/crypto/ocf/ep80579/environment.mk deleted file mode 100644 index a674b4589..000000000 --- a/target/linux/generic-2.6/files/crypto/ocf/ep80579/environment.mk +++ /dev/null @@ -1,75 +0,0 @@ - ########################################################################### - # -# This file is provided under a dual BSD/GPLv2 license. When using or -# redistributing this file, you may do so under either license. -# -# GPL LICENSE SUMMARY -# -# Copyright(c) 2007,2008 Intel Corporation. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of version 2 of the GNU General Public License as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. -# The full GNU General Public License is included in this distribution -# in the file called LICENSE.GPL. -# -# Contact Information: -# Intel Corporation -# -# BSD LICENSE -# -# Copyright(c) 2007,2008 Intel Corporation. All rights reserved. -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in -# the documentation and/or other materials provided with the -# distribution. -# * Neither the name of Intel Corporation nor the names of its -# contributors may be used to endorse or promote products derived -# from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# -# -# version: Security.L.1.0.130 - # - ########################################################################### - - -ICP_LAC_API=$(ICP_ROOT)/Acceleration/include/lac -ICP_BTR_API=$(ICP_ROOT)/Acceleration/include/btr -ICP_API_DIR=$(ICP_ROOT)/Acceleration/include -ICP_OCF_SHIM_DIR?=$(KERNEL_SOURCE_ROOT)/crypto/ocf/ - -ICP_OS_LEVEL?=kernel_space - -ICP_OS?=linux_2.6 - -ICP_CORE?=ia - diff --git a/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_asym.c b/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_asym.c index 1a9bd28bf..d2641c545 100644 --- a/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_asym.c +++ b/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_asym.c @@ -5,7 +5,7 @@ * * GPL LICENSE SUMMARY * - * Copyright(c) 2007,2008 Intel Corporation. All rights reserved. + * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. * * This program is free software; you can redistribute it and/or modify * it under the terms of version 2 of the GNU General Public License as @@ -27,7 +27,7 @@ * * BSD LICENSE * - * Copyright(c) 2007,2008 Intel Corporation. All rights reserved. + * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -57,7 +57,7 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * - * version: Security.L.1.0.130 + * version: Security.L.1.0.2-229 * ***************************************************************************/ @@ -70,90 +70,94 @@ calling program uses different input buffer positions, these defines will have to be changed.*/ /*DIFFIE HELLMAN buffer index values*/ -#define ICP_DH_KRP_PARAM_PRIME_INDEX (0) -#define ICP_DH_KRP_PARAM_BASE_INDEX (1) -#define ICP_DH_KRP_PARAM_PRIVATE_VALUE_INDEX (2) -#define ICP_DH_KRP_PARAM_RESULT_INDEX (3) +#define ICP_DH_KRP_PARAM_PRIME_INDEX (0) +#define ICP_DH_KRP_PARAM_BASE_INDEX (1) +#define ICP_DH_KRP_PARAM_PRIVATE_VALUE_INDEX (2) +#define ICP_DH_KRP_PARAM_RESULT_INDEX (3) /*MOD EXP buffer index values*/ -#define ICP_MOD_EXP_KRP_PARAM_BASE_INDEX (0) -#define ICP_MOD_EXP_KRP_PARAM_EXPONENT_INDEX (1) -#define ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX (2) -#define ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX (3) - -#define SINGLE_BYTE_VALUE (4) +#define ICP_MOD_EXP_KRP_PARAM_BASE_INDEX (0) +#define ICP_MOD_EXP_KRP_PARAM_EXPONENT_INDEX (1) +#define ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX (2) +#define ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX (3) /*MOD EXP CRT buffer index values*/ -#define ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_P_INDEX (0) -#define ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_Q_INDEX (1) -#define ICP_MOD_EXP_CRT_KRP_PARAM_I_INDEX (2) -#define ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DP_INDEX (3) -#define ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DQ_INDEX (4) -#define ICP_MOD_EXP_CRT_KRP_PARAM_COEFF_QINV_INDEX (5) -#define ICP_MOD_EXP_CRT_KRP_PARAM_RESULT_INDEX (6) +#define ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_P_INDEX (0) +#define ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_Q_INDEX (1) +#define ICP_MOD_EXP_CRT_KRP_PARAM_I_INDEX (2) +#define ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DP_INDEX (3) +#define ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DQ_INDEX (4) +#define ICP_MOD_EXP_CRT_KRP_PARAM_COEFF_QINV_INDEX (5) +#define ICP_MOD_EXP_CRT_KRP_PARAM_RESULT_INDEX (6) /*DSA sign buffer index values*/ -#define ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX (0) -#define ICP_DSA_SIGN_KRP_PARAM_PRIME_P_INDEX (1) -#define ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX (2) -#define ICP_DSA_SIGN_KRP_PARAM_G_INDEX (3) -#define ICP_DSA_SIGN_KRP_PARAM_X_INDEX (4) -#define ICP_DSA_SIGN_KRP_PARAM_R_RESULT_INDEX (5) -#define ICP_DSA_SIGN_KRP_PARAM_S_RESULT_INDEX (6) +#define ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX (0) +#define ICP_DSA_SIGN_KRP_PARAM_PRIME_P_INDEX (1) +#define ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX (2) +#define ICP_DSA_SIGN_KRP_PARAM_G_INDEX (3) +#define ICP_DSA_SIGN_KRP_PARAM_X_INDEX (4) +#define ICP_DSA_SIGN_KRP_PARAM_R_RESULT_INDEX (5) +#define ICP_DSA_SIGN_KRP_PARAM_S_RESULT_INDEX (6) /*DSA verify buffer index values*/ -#define ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX (0) -#define ICP_DSA_VERIFY_KRP_PARAM_PRIME_P_INDEX (1) -#define ICP_DSA_VERIFY_KRP_PARAM_PRIME_Q_INDEX (2) -#define ICP_DSA_VERIFY_KRP_PARAM_G_INDEX (3) -#define ICP_DSA_VERIFY_KRP_PARAM_PUBKEY_INDEX (4) -#define ICP_DSA_VERIFY_KRP_PARAM_SIG_R_INDEX (5) -#define ICP_DSA_VERIFY_KRP_PARAM_SIG_S_INDEX (6) +#define ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX (0) +#define ICP_DSA_VERIFY_KRP_PARAM_PRIME_P_INDEX (1) +#define ICP_DSA_VERIFY_KRP_PARAM_PRIME_Q_INDEX (2) +#define ICP_DSA_VERIFY_KRP_PARAM_G_INDEX (3) +#define ICP_DSA_VERIFY_KRP_PARAM_PUBKEY_INDEX (4) +#define ICP_DSA_VERIFY_KRP_PARAM_SIG_R_INDEX (5) +#define ICP_DSA_VERIFY_KRP_PARAM_SIG_S_INDEX (6) /*DSA sign prime Q vs random number K size check values*/ -#define DONT_RUN_LESS_THAN_CHECK (0) -#define FAIL_A_IS_GREATER_THAN_B (1) -#define FAIL_A_IS_EQUAL_TO_B (1) -#define SUCCESS_A_IS_LESS_THAN_B (0) -#define DSA_SIGN_RAND_GEN_VAL_CHECK_MAX_ITERATIONS (500) +#define DONT_RUN_LESS_THAN_CHECK (0) +#define FAIL_A_IS_GREATER_THAN_B (1) +#define FAIL_A_IS_EQUAL_TO_B (1) +#define SUCCESS_A_IS_LESS_THAN_B (0) +#define DSA_SIGN_RAND_GEN_VAL_CHECK_MAX_ITERATIONS (500) /* We need to set a cryptokp success value just in case it is set or allocated and not set to zero outside of this module */ -#define CRYPTO_OP_SUCCESS (0) +#define CRYPTO_OP_SUCCESS (0) +/*Function to compute Diffie Hellman (DH) phase 1 or phase 2 key values*/ static int icp_ocfDrvDHComputeKey(struct cryptkop *krp); +/*Function to compute a Modular Exponentiation (Mod Exp)*/ static int icp_ocfDrvModExp(struct cryptkop *krp); +/*Function to compute a Mod Exp using the Chinease Remainder Theorem*/ static int icp_ocfDrvModExpCRT(struct cryptkop *krp); +/*Helper function to compute whether the first big number argument is less than + the second big number argument */ static int icp_ocfDrvCheckALessThanB(CpaFlatBuffer * pK, CpaFlatBuffer * pQ, int *doCheck); +/*Function to sign an input with DSA R and S keys*/ static int icp_ocfDrvDsaSign(struct cryptkop *krp); +/*Function to Verify a DSA buffer signature*/ static int icp_ocfDrvDsaVerify(struct cryptkop *krp); +/*Callback function for DH operation*/ static void icp_ocfDrvDhP1CallBack(void *callbackTag, CpaStatus status, void *pOpData, CpaFlatBuffer * pLocalOctetStringPV); +/*Callback function for ME operation*/ static void icp_ocfDrvModExpCallBack(void *callbackTag, CpaStatus status, void *pOpData, CpaFlatBuffer * pResult); +/*Callback function for ME CRT operation*/ static void icp_ocfDrvModExpCRTCallBack(void *callbackTag, CpaStatus status, void *pOpData, CpaFlatBuffer * pOutputData); -static void -icp_ocfDrvDsaVerifyCallBack(void *callbackTag, - CpaStatus status, - void *pOpData, CpaBoolean verifyStatus); - +/*Callback function for DSA sign operation*/ static void icp_ocfDrvDsaRSSignCallBack(void *callbackTag, CpaStatus status, @@ -161,12 +165,18 @@ icp_ocfDrvDsaRSSignCallBack(void *callbackTag, CpaBoolean protocolStatus, CpaFlatBuffer * pR, CpaFlatBuffer * pS); +/*Callback function for DSA Verify operation*/ +static void +icp_ocfDrvDsaVerifyCallBack(void *callbackTag, + CpaStatus status, + void *pOpData, CpaBoolean verifyStatus); + /* Name : icp_ocfDrvPkeProcess * * Description : This function will choose which PKE process to follow * based on the input arguments */ -int icp_ocfDrvPkeProcess(device_t dev, struct cryptkop *krp, int hint) +int icp_ocfDrvPkeProcess(icp_device_t dev, struct cryptkop *krp, int hint) { CpaStatus lacStatus = CPA_STATUS_SUCCESS; @@ -176,7 +186,7 @@ int icp_ocfDrvPkeProcess(device_t dev, struct cryptkop *krp, int hint) return EINVAL; } - if (CPA_TRUE == atomic_read(&icp_ocfDrvIsExiting)) { + if (CPA_TRUE == icp_atomic_read(&icp_ocfDrvIsExiting)) { krp->krp_status = ECANCELED; return ECANCELED; } @@ -258,8 +268,7 @@ int icp_ocfDrvPkeProcess(device_t dev, struct cryptkop *krp, int hint) * It has been seen that in general we are passed little endian byte order * buffers, but LAC only accepts big endian byte order buffers. */ -static void inline -icp_ocfDrvSwapBytes(u_int8_t * num, u_int32_t buff_len_bytes) +static void inline icp_ocfDrvSwapBytes(u_int8_t * num, u_int32_t buff_len_bytes) { int i; @@ -319,7 +328,9 @@ static int icp_ocfDrvDHComputeKey(struct cryptkop *krp) callbackTag = krp; - pPhase1OpData = kmem_cache_zalloc(drvDH_zone, GFP_KERNEL); +/*All allocations are set to ICP_M_NOWAIT due to the possibility of getting +called in interrupt context*/ + pPhase1OpData = icp_kmem_cache_zalloc(drvDH_zone, ICP_M_NOWAIT); if (NULL == pPhase1OpData) { APRINTK("%s():Failed to get memory for key gen data\n", __FUNCTION__); @@ -327,11 +338,12 @@ static int icp_ocfDrvDHComputeKey(struct cryptkop *krp) return ENOMEM; } - pLocalOctetStringPV = kmem_cache_zalloc(drvFlatBuffer_zone, GFP_KERNEL); + pLocalOctetStringPV = + icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT); if (NULL == pLocalOctetStringPV) { APRINTK("%s():Failed to get memory for pLocalOctetStringPV\n", __FUNCTION__); - kmem_cache_free(drvDH_zone, pPhase1OpData); + ICP_CACHE_FREE(drvDH_zone, pPhase1OpData); krp->krp_status = ENOMEM; return ENOMEM; } @@ -379,7 +391,7 @@ static int icp_ocfDrvDHComputeKey(struct cryptkop *krp) EPRINTK("%s(): DH Phase 1 Key Gen failed (%d).\n", __FUNCTION__, lacStatus); icp_ocfDrvFreeFlatBuffer(pLocalOctetStringPV); - kmem_cache_free(drvDH_zone, pPhase1OpData); + ICP_CACHE_FREE(drvDH_zone, pPhase1OpData); } return lacStatus; @@ -418,7 +430,7 @@ static int icp_ocfDrvModExp(struct cryptkop *krp) callbackTag = krp; - pModExpOpData = kmem_cache_zalloc(drvLnModExp_zone, GFP_KERNEL); + pModExpOpData = icp_kmem_cache_zalloc(drvLnModExp_zone, ICP_M_NOWAIT); if (NULL == pModExpOpData) { APRINTK("%s():Failed to get memory for key gen data\n", __FUNCTION__); @@ -426,11 +438,11 @@ static int icp_ocfDrvModExp(struct cryptkop *krp) return ENOMEM; } - pResult = kmem_cache_zalloc(drvFlatBuffer_zone, GFP_KERNEL); + pResult = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT); if (NULL == pResult) { APRINTK("%s():Failed to get memory for ModExp result\n", __FUNCTION__); - kmem_cache_free(drvLnModExp_zone, pModExpOpData); + ICP_CACHE_FREE(drvLnModExp_zone, pModExpOpData); krp->krp_status = ENOMEM; return ENOMEM; } @@ -445,35 +457,15 @@ static int icp_ocfDrvModExp(struct cryptkop *krp) icp_ocfDrvSwapBytes(pModExpOpData->modulus.pData, pModExpOpData->modulus.dataLenInBytes); - /*OCF patch to Openswan Pluto regularly sends the base value as 2 - bits in size. In this case, it has been found it is better to - use the base size memory space as the input buffer (if the number - is in bits is less than a byte, the number of bits is the input - value) */ - if (krp->krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_nbits < - NUM_BITS_IN_BYTE) { - DPRINTK("%s : base is small (%d)\n", __FUNCTION__, krp-> - krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_nbits); - pModExpOpData->base.dataLenInBytes = SINGLE_BYTE_VALUE; - pModExpOpData->base.pData = - (uint8_t *) & (krp-> - krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX]. - crp_nbits); - *((uint32_t *) pModExpOpData->base.pData) = - htonl(*((uint32_t *) pModExpOpData->base.pData)); - - } else { - - DPRINTK("%s : base is big (%d)\n", __FUNCTION__, krp-> - krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_nbits); - pModExpOpData->base.pData = - krp->krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_p; - BITS_TO_BYTES(pModExpOpData->base.dataLenInBytes, - krp->krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX]. - crp_nbits); - icp_ocfDrvSwapBytes(pModExpOpData->base.pData, - pModExpOpData->base.dataLenInBytes); - } + DPRINTK("%s : base (%d)\n", __FUNCTION__, krp-> + krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_nbits); + pModExpOpData->base.pData = + krp->krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_p; + BITS_TO_BYTES(pModExpOpData->base.dataLenInBytes, + krp->krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX]. + crp_nbits); + icp_ocfDrvSwapBytes(pModExpOpData->base.pData, + pModExpOpData->base.dataLenInBytes); pModExpOpData->exponent.pData = krp->krp_param[ICP_MOD_EXP_KRP_PARAM_EXPONENT_INDEX].crp_p; @@ -499,7 +491,7 @@ static int icp_ocfDrvModExp(struct cryptkop *krp) __FUNCTION__, lacStatus); krp->krp_status = ECANCELED; icp_ocfDrvFreeFlatBuffer(pResult); - kmem_cache_free(drvLnModExp_zone, pModExpOpData); + ICP_CACHE_FREE(drvLnModExp_zone, pModExpOpData); } return lacStatus; @@ -515,7 +507,6 @@ static int icp_ocfDrvModExp(struct cryptkop *krp) * numbers. Although basic primality checks are done in LAC, it is up to the * user to do any correct prime number checking before passing the inputs. */ - static int icp_ocfDrvModExpCRT(struct cryptkop *krp) { CpaStatus lacStatus = CPA_STATUS_SUCCESS; @@ -527,7 +518,8 @@ static int icp_ocfDrvModExpCRT(struct cryptkop *krp) them here. */ callbackTag = krp; - rsaDecryptOpData = kmem_cache_zalloc(drvRSADecrypt_zone, GFP_KERNEL); + rsaDecryptOpData = + icp_kmem_cache_zalloc(drvRSADecrypt_zone, ICP_M_NOWAIT); if (NULL == rsaDecryptOpData) { APRINTK("%s():Failed to get memory" " for MOD EXP CRT Op data struct\n", __FUNCTION__); @@ -536,11 +528,11 @@ static int icp_ocfDrvModExpCRT(struct cryptkop *krp) } rsaDecryptOpData->pRecipientPrivateKey - = kmem_cache_zalloc(drvRSAPrivateKey_zone, GFP_KERNEL); + = icp_kmem_cache_zalloc(drvRSAPrivateKey_zone, ICP_M_NOWAIT); if (NULL == rsaDecryptOpData->pRecipientPrivateKey) { APRINTK("%s():Failed to get memory for MOD EXP CRT" " private key values struct\n", __FUNCTION__); - kmem_cache_free(drvRSADecrypt_zone, rsaDecryptOpData); + ICP_CACHE_FREE(drvRSADecrypt_zone, rsaDecryptOpData); krp->krp_status = ENOMEM; return ENOMEM; } @@ -550,13 +542,13 @@ static int icp_ocfDrvModExpCRT(struct cryptkop *krp) rsaDecryptOpData->pRecipientPrivateKey-> privateKeyRepType = CPA_CY_RSA_PRIVATE_KEY_REP_TYPE_2; - pOutputData = kmem_cache_zalloc(drvFlatBuffer_zone, GFP_KERNEL); + pOutputData = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT); if (NULL == pOutputData) { APRINTK("%s():Failed to get memory" " for MOD EXP CRT output data\n", __FUNCTION__); - kmem_cache_free(drvRSAPrivateKey_zone, - rsaDecryptOpData->pRecipientPrivateKey); - kmem_cache_free(drvRSADecrypt_zone, rsaDecryptOpData); + ICP_CACHE_FREE(drvRSAPrivateKey_zone, + rsaDecryptOpData->pRecipientPrivateKey); + ICP_CACHE_FREE(drvRSADecrypt_zone, rsaDecryptOpData); krp->krp_status = ENOMEM; return ENOMEM; } @@ -658,9 +650,9 @@ static int icp_ocfDrvModExpCRT(struct cryptkop *krp) __FUNCTION__, lacStatus); krp->krp_status = ECANCELED; icp_ocfDrvFreeFlatBuffer(pOutputData); - kmem_cache_free(drvRSAPrivateKey_zone, - rsaDecryptOpData->pRecipientPrivateKey); - kmem_cache_free(drvRSADecrypt_zone, rsaDecryptOpData); + ICP_CACHE_FREE(drvRSAPrivateKey_zone, + rsaDecryptOpData->pRecipientPrivateKey); + ICP_CACHE_FREE(drvRSADecrypt_zone, rsaDecryptOpData); } return lacStatus; @@ -747,7 +739,8 @@ static int icp_ocfDrvDsaSign(struct cryptkop *krp) return EDOM; } - dsaRsSignOpData = kmem_cache_zalloc(drvDSARSSign_zone, GFP_KERNEL); + dsaRsSignOpData = + icp_kmem_cache_zalloc(drvDSARSSign_zone, ICP_M_NOWAIT); if (NULL == dsaRsSignOpData) { APRINTK("%s():Failed to get memory" " for DSA RS Sign Op data struct\n", __FUNCTION__); @@ -756,35 +749,35 @@ static int icp_ocfDrvDsaSign(struct cryptkop *krp) } dsaRsSignOpData->K.pData = - kmem_cache_alloc(drvDSARSSignKValue_zone, GFP_ATOMIC); + icp_kmem_cache_alloc(drvDSARSSignKValue_zone, ICP_M_NOWAIT); if (NULL == dsaRsSignOpData->K.pData) { APRINTK("%s():Failed to get memory" " for DSA RS Sign Op Random value\n", __FUNCTION__); - kmem_cache_free(drvDSARSSign_zone, dsaRsSignOpData); + ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData); krp->krp_status = ENOMEM; return ENOMEM; } - pR = kmem_cache_zalloc(drvFlatBuffer_zone, GFP_KERNEL); + pR = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT); if (NULL == pR) { APRINTK("%s():Failed to get memory" " for DSA signature R\n", __FUNCTION__); - kmem_cache_free(drvDSARSSignKValue_zone, - dsaRsSignOpData->K.pData); - kmem_cache_free(drvDSARSSign_zone, dsaRsSignOpData); + ICP_CACHE_FREE(drvDSARSSignKValue_zone, + dsaRsSignOpData->K.pData); + ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData); krp->krp_status = ENOMEM; return ENOMEM; } - pS = kmem_cache_zalloc(drvFlatBuffer_zone, GFP_KERNEL); + pS = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT); if (NULL == pS) { APRINTK("%s():Failed to get memory" " for DSA signature S\n", __FUNCTION__); icp_ocfDrvFreeFlatBuffer(pR); - kmem_cache_free(drvDSARSSignKValue_zone, - dsaRsSignOpData->K.pData); - kmem_cache_free(drvDSARSSign_zone, dsaRsSignOpData); + ICP_CACHE_FREE(drvDSARSSignKValue_zone, + dsaRsSignOpData->K.pData); + ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData); krp->krp_status = ENOMEM; return ENOMEM; } @@ -830,9 +823,9 @@ static int icp_ocfDrvDsaSign(struct cryptkop *krp) "value\n", __FUNCTION__); icp_ocfDrvFreeFlatBuffer(pS); icp_ocfDrvFreeFlatBuffer(pR); - kmem_cache_free(drvDSARSSignKValue_zone, - dsaRsSignOpData->K.pData); - kmem_cache_free(drvDSARSSign_zone, dsaRsSignOpData); + ICP_CACHE_FREE(drvDSARSSignKValue_zone, + dsaRsSignOpData->K.pData); + ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData); krp->krp_status = EAGAIN; return EAGAIN; } @@ -843,9 +836,9 @@ static int icp_ocfDrvDsaSign(struct cryptkop *krp) "value less than Q value\n", __FUNCTION__); icp_ocfDrvFreeFlatBuffer(pS); icp_ocfDrvFreeFlatBuffer(pR); - kmem_cache_free(drvDSARSSignKValue_zone, - dsaRsSignOpData->K.pData); - kmem_cache_free(drvDSARSSign_zone, dsaRsSignOpData); + ICP_CACHE_FREE(drvDSARSSignKValue_zone, + dsaRsSignOpData->K.pData); + ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData); krp->krp_status = EAGAIN; return EAGAIN; } @@ -869,13 +862,13 @@ static int icp_ocfDrvDsaSign(struct cryptkop *krp) icp_ocfDrvSwapBytes(dsaRsSignOpData->X.pData, dsaRsSignOpData->X.dataLenInBytes); + /*OpenSSL dgst parameter is left in big endian byte order, + therefore no byte swap is required */ dsaRsSignOpData->M.pData = krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX].crp_p; BITS_TO_BYTES(dsaRsSignOpData->M.dataLenInBytes, krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX]. crp_nbits); - icp_ocfDrvSwapBytes(dsaRsSignOpData->M.pData, - dsaRsSignOpData->M.dataLenInBytes); /* Output Parameters */ pS->pData = krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_S_RESULT_INDEX].crp_p; @@ -899,9 +892,9 @@ static int icp_ocfDrvDsaSign(struct cryptkop *krp) krp->krp_status = ECANCELED; icp_ocfDrvFreeFlatBuffer(pS); icp_ocfDrvFreeFlatBuffer(pR); - kmem_cache_free(drvDSARSSignKValue_zone, - dsaRsSignOpData->K.pData); - kmem_cache_free(drvDSARSSign_zone, dsaRsSignOpData); + ICP_CACHE_FREE(drvDSARSSignKValue_zone, + dsaRsSignOpData->K.pData); + ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData); } return lacStatus; @@ -921,7 +914,8 @@ static int icp_ocfDrvDsaVerify(struct cryptkop *krp) callbackTag = krp; - dsaVerifyOpData = kmem_cache_zalloc(drvDSAVerify_zone, GFP_KERNEL); + dsaVerifyOpData = + icp_kmem_cache_zalloc(drvDSAVerify_zone, ICP_M_NOWAIT); if (NULL == dsaVerifyOpData) { APRINTK("%s():Failed to get memory" " for DSA Verify Op data struct\n", __FUNCTION__); @@ -962,13 +956,13 @@ static int icp_ocfDrvDsaVerify(struct cryptkop *krp) icp_ocfDrvSwapBytes(dsaVerifyOpData->Y.pData, dsaVerifyOpData->Y.dataLenInBytes); + /*OpenSSL dgst parameter is left in big endian byte order, + therefore no byte swap is required */ dsaVerifyOpData->M.pData = krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX].crp_p; BITS_TO_BYTES(dsaVerifyOpData->M.dataLenInBytes, krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX]. crp_nbits); - icp_ocfDrvSwapBytes(dsaVerifyOpData->M.pData, - dsaVerifyOpData->M.dataLenInBytes); dsaVerifyOpData->R.pData = krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_SIG_R_INDEX].crp_p; @@ -993,48 +987,13 @@ static int icp_ocfDrvDsaVerify(struct cryptkop *krp) if (CPA_STATUS_SUCCESS != lacStatus) { EPRINTK("%s(): DSA Verify Operation failed (%d).\n", __FUNCTION__, lacStatus); - kmem_cache_free(drvDSAVerify_zone, dsaVerifyOpData); + ICP_CACHE_FREE(drvDSAVerify_zone, dsaVerifyOpData); krp->krp_status = ECANCELED; } return lacStatus; } -/* Name : icp_ocfDrvReadRandom - * - * Description : This function will map RNG functionality calls from OCF - * to the LAC API. - */ -int icp_ocfDrvReadRandom(void *arg, uint32_t * buf, int maxwords) -{ - CpaStatus lacStatus = CPA_STATUS_SUCCESS; - CpaCyRandGenOpData randGenOpData; - CpaFlatBuffer randData; - - if (NULL == buf) { - APRINTK("%s(): Invalid input parameters\n", __FUNCTION__); - return EINVAL; - } - - /* maxwords here is number of integers to generate data for */ - randGenOpData.generateBits = CPA_TRUE; - - randGenOpData.lenInBytes = maxwords * sizeof(uint32_t); - - icp_ocfDrvPtrAndLenToFlatBuffer((Cpa8U *) buf, - randGenOpData.lenInBytes, &randData); - - lacStatus = cpaCyRandGen(CPA_INSTANCE_HANDLE_SINGLE, - NULL, NULL, &randGenOpData, &randData); - if (CPA_STATUS_SUCCESS != lacStatus) { - EPRINTK("%s(): icp_LacSymRandGen failed (%d). \n", - __FUNCTION__, lacStatus); - return RETURN_RAND_NUM_GEN_FAILED; - } - - return randGenOpData.lenInBytes / sizeof(uint32_t); -} - /* Name : icp_ocfDrvDhP1Callback * * Description : When this function returns it signifies that the LAC @@ -1068,7 +1027,7 @@ icp_ocfDrvDhP1CallBack(void *callbackTag, DPRINTK("%s(): Invalid input parameters - " "pLocalOctetStringPV Data is NULL\n", __FUNCTION__); memset(pPhase1OpData, 0, sizeof(CpaCyDhPhase1KeyGenOpData)); - kmem_cache_free(drvDH_zone, pPhase1OpData); + ICP_CACHE_FREE(drvDH_zone, pPhase1OpData); krp->krp_status = ECANCELED; crypto_kdone(krp); return; @@ -1087,7 +1046,7 @@ icp_ocfDrvDhP1CallBack(void *callbackTag, icp_ocfDrvFreeFlatBuffer(pLocalOctetStringPV); memset(pPhase1OpData, 0, sizeof(CpaCyDhPhase1KeyGenOpData)); - kmem_cache_free(drvDH_zone, pPhase1OpData); + ICP_CACHE_FREE(drvDH_zone, pPhase1OpData); crypto_kdone(krp); @@ -1128,7 +1087,7 @@ icp_ocfDrvModExpCallBack(void *callbackTag, "pResult data is NULL\n", __FUNCTION__); krp->krp_status = ECANCELED; memset(pLnModExpOpData, 0, sizeof(CpaCyLnModExpOpData)); - kmem_cache_free(drvLnModExp_zone, pLnModExpOpData); + ICP_CACHE_FREE(drvLnModExp_zone, pLnModExpOpData); crypto_kdone(krp); return; } @@ -1153,7 +1112,7 @@ icp_ocfDrvModExpCallBack(void *callbackTag, } icp_ocfDrvFreeFlatBuffer(pResult); memset(pLnModExpOpData, 0, sizeof(CpaCyLnModExpOpData)); - kmem_cache_free(drvLnModExp_zone, pLnModExpOpData); + ICP_CACHE_FREE(drvLnModExp_zone, pLnModExpOpData); crypto_kdone(krp); @@ -1196,10 +1155,10 @@ icp_ocfDrvModExpCRTCallBack(void *callbackTag, "pOutputData is NULL\n", __FUNCTION__); memset(pDecryptData->pRecipientPrivateKey, 0, sizeof(CpaCyRsaPrivateKey)); - kmem_cache_free(drvRSAPrivateKey_zone, - pDecryptData->pRecipientPrivateKey); + ICP_CACHE_FREE(drvRSAPrivateKey_zone, + pDecryptData->pRecipientPrivateKey); memset(pDecryptData, 0, sizeof(CpaCyRsaDecryptOpData)); - kmem_cache_free(drvRSADecrypt_zone, pDecryptData); + ICP_CACHE_FREE(drvRSADecrypt_zone, pDecryptData); krp->krp_status = ECANCELED; crypto_kdone(krp); return; @@ -1218,10 +1177,10 @@ icp_ocfDrvModExpCRTCallBack(void *callbackTag, icp_ocfDrvFreeFlatBuffer(pOutputData); memset(pDecryptData->pRecipientPrivateKey, 0, sizeof(CpaCyRsaPrivateKey)); - kmem_cache_free(drvRSAPrivateKey_zone, - pDecryptData->pRecipientPrivateKey); + ICP_CACHE_FREE(drvRSAPrivateKey_zone, + pDecryptData->pRecipientPrivateKey); memset(pDecryptData, 0, sizeof(CpaCyRsaDecryptOpData)); - kmem_cache_free(drvRSADecrypt_zone, pDecryptData); + ICP_CACHE_FREE(drvRSADecrypt_zone, pDecryptData); crypto_kdone(krp); @@ -1264,7 +1223,7 @@ icp_ocfDrvDsaRSSignCallBack(void *callbackTag, DPRINTK("%s(): Invalid input parameter - " "pR sign is NULL\n", __FUNCTION__); icp_ocfDrvFreeFlatBuffer(pS); - kmem_cache_free(drvDSARSSign_zone, pSignData); + ICP_CACHE_FREE(drvDSARSSign_zone, pSignData); krp->krp_status = ECANCELED; crypto_kdone(krp); return; @@ -1274,7 +1233,7 @@ icp_ocfDrvDsaRSSignCallBack(void *callbackTag, DPRINTK("%s(): Invalid input parameter - " "pS sign is NULL\n", __FUNCTION__); icp_ocfDrvFreeFlatBuffer(pR); - kmem_cache_free(drvDSARSSign_zone, pSignData); + ICP_CACHE_FREE(drvDSARSSign_zone, pSignData); krp->krp_status = ECANCELED; crypto_kdone(krp); return; @@ -1304,9 +1263,9 @@ icp_ocfDrvDsaRSSignCallBack(void *callbackTag, icp_ocfDrvFreeFlatBuffer(pR); icp_ocfDrvFreeFlatBuffer(pS); memset(pSignData->K.pData, 0, pSignData->K.dataLenInBytes); - kmem_cache_free(drvDSARSSignKValue_zone, pSignData->K.pData); + ICP_CACHE_FREE(drvDSARSSignKValue_zone, pSignData->K.pData); memset(pSignData, 0, sizeof(CpaCyDsaRSSignOpData)); - kmem_cache_free(drvDSARSSign_zone, pSignData); + ICP_CACHE_FREE(drvDSARSSign_zone, pSignData); crypto_kdone(krp); return; @@ -1368,7 +1327,7 @@ icp_ocfDrvDsaVerifyCallBack(void *callbackTag, } memset(pVerData, 0, sizeof(CpaCyDsaVerifyOpData)); - kmem_cache_free(drvDSAVerify_zone, pVerData); + ICP_CACHE_FREE(drvDSAVerify_zone, pVerData); crypto_kdone(krp); return; diff --git a/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_common.c b/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_common.c index 461370c2c..5d46c0adc 100644 --- a/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_common.c +++ b/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_common.c @@ -1,11 +1,11 @@ -/*************************************************************************** +/************************************************************************* * * This file is provided under a dual BSD/GPLv2 license. When using or * redistributing this file, you may do so under either license. * * GPL LICENSE SUMMARY * - * Copyright(c) 2007,2008 Intel Corporation. All rights reserved. + * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. * * This program is free software; you can redistribute it and/or modify * it under the terms of version 2 of the GNU General Public License as @@ -27,7 +27,7 @@ * * BSD LICENSE * - * Copyright(c) 2007,2008 Intel Corporation. All rights reserved. + * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -57,7 +57,7 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * - * version: Security.L.1.0.130 + * version: Security.L.1.0.2-229 * ***************************************************************************/ @@ -71,38 +71,57 @@ #include "icp_ocf.h" -#define ICP_OCF_COMP_NAME "ICP_OCF" -#define ICP_OCF_VER_MAIN (2) -#define ICP_OCF_VER_MJR (0) -#define ICP_OCF_VER_MNR (0) +#define ICP_OCF_COMP_NAME "ICP_OCF" +#define ICP_OCF_VER_MAIN (2) +#define ICP_OCF_VER_MJR (1) +#define ICP_OCF_VER_MNR (0) -#define MAX_DEREG_RETRIES (100) +#define MAX_DEREG_RETRIES (100) #define DEFAULT_DEREG_RETRIES (10) #define DEFAULT_DEREG_DELAY_IN_JIFFIES (10) /* This defines the maximum number of sessions possible between OCF - and the OCF Tolapai Driver. If set to zero, there is no limit. */ -#define DEFAULT_OCF_TO_DRV_MAX_SESSION_COUNT (0) -#define NUM_SUPPORTED_CAPABILITIES (21) + and the OCF EP80579 Driver. If set to zero, there is no limit. */ +#define DEFAULT_OCF_TO_DRV_MAX_SESSION_COUNT (0) +#define NUM_SUPPORTED_CAPABILITIES (21) + +/*Slab zone names*/ +#define ICP_SESSION_DATA_NAME "icp_ocf.SesDat" +#define ICP_OP_DATA_NAME "icp_ocf.OpDat" +#define ICP_DH_NAME "icp_ocf.DH" +#define ICP_MODEXP_NAME "icp_ocf.ModExp" +#define ICP_RSA_DECRYPT_NAME "icp_ocf.RSAdec" +#define ICP_RSA_PKEY_NAME "icp_ocf.RSApk" +#define ICP_DSA_SIGN_NAME "icp_ocf.DSAsg" +#define ICP_DSA_VER_NAME "icp_ocf.DSAver" +#define ICP_RAND_VAL_NAME "icp_ocf.DSArnd" +#define ICP_FLAT_BUFF_NAME "icp_ocf.FB" /*Slabs zones*/ -struct kmem_cache *drvSessionData_zone = NULL; -struct kmem_cache *drvOpData_zone = NULL; -struct kmem_cache *drvDH_zone = NULL; -struct kmem_cache *drvLnModExp_zone = NULL; -struct kmem_cache *drvRSADecrypt_zone = NULL; -struct kmem_cache *drvRSAPrivateKey_zone = NULL; -struct kmem_cache *drvDSARSSign_zone = NULL; -struct kmem_cache *drvDSARSSignKValue_zone = NULL; -struct kmem_cache *drvDSAVerify_zone = NULL; +icp_kmem_cache drvSessionData_zone = NULL; +icp_kmem_cache drvOpData_zone = NULL; +icp_kmem_cache drvDH_zone = NULL; +icp_kmem_cache drvLnModExp_zone = NULL; +icp_kmem_cache drvRSADecrypt_zone = NULL; +icp_kmem_cache drvRSAPrivateKey_zone = NULL; +icp_kmem_cache drvDSARSSign_zone = NULL; +icp_kmem_cache drvDSARSSignKValue_zone = NULL; +icp_kmem_cache drvDSAVerify_zone = NULL; /*Slab zones for flatbuffers and bufferlist*/ -struct kmem_cache *drvFlatBuffer_zone = NULL; +icp_kmem_cache drvFlatBuffer_zone = NULL; -static int icp_ocfDrvInit(void); -static void icp_ocfDrvExit(void); +static inline int icp_cache_null_check(void) +{ + return (drvSessionData_zone && drvOpData_zone + && drvDH_zone && drvLnModExp_zone && drvRSADecrypt_zone + && drvRSAPrivateKey_zone && drvDSARSSign_zone + && drvDSARSSign_zone && drvDSARSSignKValue_zone + && drvDSAVerify_zone && drvFlatBuffer_zone); +} + +/*Function to free all allocated slab caches before exiting the module*/ static void icp_ocfDrvFreeCaches(void); -static void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg); int32_t icp_ocfDrvDriverId = INVALID_DRIVER_ID; @@ -115,66 +134,42 @@ int num_dereg_retries = DEFAULT_DEREG_RETRIES; int dereg_retry_delay_in_jiffies = DEFAULT_DEREG_DELAY_IN_JIFFIES; /* Module parameter - gives the maximum number of sessions possible between - OCF and the OCF Tolapai Driver. If set to zero, there is no limit.*/ + OCF and the OCF EP80579 Driver. If set to zero, there is no limit.*/ int max_sessions = DEFAULT_OCF_TO_DRV_MAX_SESSION_COUNT; /* This is set when the module is removed from the system, no further processing can take place if this is set */ -atomic_t icp_ocfDrvIsExiting = ATOMIC_INIT(0); +icp_atomic_t icp_ocfDrvIsExiting = ICP_ATOMIC_INIT(0); /* This is used to show how many lac sessions were not deregistered*/ -atomic_t lac_session_failed_dereg_count = ATOMIC_INIT(0); +icp_atomic_t lac_session_failed_dereg_count = ICP_ATOMIC_INIT(0); /* This is used to track the number of registered sessions between OCF and - * and the OCF Tolapai driver, when max_session is set to value other than + * and the OCF EP80579 driver, when max_session is set to value other than * zero. This ensures that the max_session set for the OCF and the driver * is equal to the LAC registered sessions */ -atomic_t num_ocf_to_drv_registered_sessions = ATOMIC_INIT(0); +icp_atomic_t num_ocf_to_drv_registered_sessions = ICP_ATOMIC_INIT(0); /* Head of linked list used to store session data */ -struct list_head icp_ocfDrvGlobalSymListHead; -struct list_head icp_ocfDrvGlobalSymListHead_FreeMemList; +icp_drvSessionListHead_t icp_ocfDrvGlobalSymListHead; +icp_drvSessionListHead_t icp_ocfDrvGlobalSymListHead_FreeMemList; -spinlock_t icp_ocfDrvSymSessInfoListSpinlock = SPIN_LOCK_UNLOCKED; -rwlock_t icp_kmem_cache_destroy_alloc_lock = RW_LOCK_UNLOCKED; +icp_spinlock_t icp_ocfDrvSymSessInfoListSpinlock; -struct workqueue_struct *icp_ocfDrvFreeLacSessionWorkQ; +/*Below pointer is only used in linux, FreeBSD uses the name to +create its own variable name*/ +icp_workqueue *icp_ocfDrvFreeLacSessionWorkQ = NULL; +ICP_WORKQUEUE_DEFINE_THREAD(icp_ocfDrvFreeLacSessionWorkQ); struct icp_drvBuffListInfo defBuffListInfo; -static struct { - softc_device_decl sc_dev; -} icpDev; - -static device_method_t icp_methods = { - /* crypto device methods */ - DEVMETHOD(cryptodev_newsession, icp_ocfDrvNewSession), - DEVMETHOD(cryptodev_freesession, icp_ocfDrvFreeLACSession), - DEVMETHOD(cryptodev_process, icp_ocfDrvSymProcess), - DEVMETHOD(cryptodev_kprocess, icp_ocfDrvPkeProcess), -}; - -module_param(num_dereg_retries, int, S_IRUGO); -module_param(dereg_retry_delay_in_jiffies, int, S_IRUGO); -module_param(max_sessions, int, S_IRUGO); - -MODULE_PARM_DESC(num_dereg_retries, - "Number of times to retry LAC Sym Session Deregistration. " - "Default 10, Max 100"); -MODULE_PARM_DESC(dereg_retry_delay_in_jiffies, "Delay in jiffies " - "(added to a schedule() function call) before a LAC Sym " - "Session Dereg is retried. Default 10"); -MODULE_PARM_DESC(max_sessions, "This sets the maximum number of sessions " - "between OCF and this driver. If this value is set to zero, " - "max session count checking is disabled. Default is zero(0)"); - /* Name : icp_ocfDrvInit * * Description : This function will register all the symmetric and asymmetric * functionality that will be accelerated by the hardware. It will also * get a unique driver ID from the OCF and initialise all slab caches */ -static int __init icp_ocfDrvInit(void) +ICP_MODULE_INIT_FUNC(icp_ocfDrvInit) { int ocfStatus = 0; @@ -184,7 +179,7 @@ static int __init icp_ocfDrvInit(void) if (MAX_DEREG_RETRIES < num_dereg_retries) { EPRINTK("Session deregistration retry count set to greater " "than %d", MAX_DEREG_RETRIES); - return -1; + icp_module_return_code(EINVAL); } /* Initialize and Start the Cryptographic component */ @@ -192,130 +187,133 @@ static int __init icp_ocfDrvInit(void) cpaCyStartInstance(CPA_INSTANCE_HANDLE_SINGLE)) { EPRINTK("Failed to initialize and start the instance " "of the Cryptographic component.\n"); - return -1; + return icp_module_return_code(EINVAL); } + icp_spin_lock_init(&icp_ocfDrvSymSessInfoListSpinlock); + /* Set the default size of BufferList to allocate */ memset(&defBuffListInfo, 0, sizeof(struct icp_drvBuffListInfo)); if (ICP_OCF_DRV_STATUS_SUCCESS != icp_ocfDrvBufferListMemInfo(ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS, &defBuffListInfo)) { EPRINTK("Failed to get bufferlist memory info.\n"); - return -1; + return icp_module_return_code(ENOMEM); } - /*Register OCF Tolapai Driver with OCF */ - memset(&icpDev, 0, sizeof(icpDev)); - softc_device_init(&icpDev, "icp", 0, icp_methods); - - icp_ocfDrvDriverId = crypto_get_driverid(softc_get_device(&icpDev), - CRYPTOCAP_F_HARDWARE); + /*Register OCF EP80579 Driver with OCF */ + icp_ocfDrvDriverId = ICP_CRYPTO_GET_DRIVERID(); if (icp_ocfDrvDriverId < 0) { EPRINTK("%s : ICP driver failed to register with OCF!\n", __FUNCTION__); - return -ENODEV; + return icp_module_return_code(ENODEV); } - /*Create all the slab caches used by the OCF Tolapai Driver */ + /*Create all the slab caches used by the OCF EP80579 Driver */ drvSessionData_zone = - ICP_CACHE_CREATE("ICP Session Data", struct icp_drvSessionData); - ICP_CACHE_NULL_CHECK(drvSessionData_zone); + ICP_CACHE_CREATE(ICP_SESSION_DATA_NAME, struct icp_drvSessionData); /* * Allocation of the OpData includes the allocation space for meta data. * The memory after the opData structure is reserved for this meta data. */ drvOpData_zone = - kmem_cache_create("ICP Op Data", sizeof(struct icp_drvOpData) + - defBuffListInfo.metaSize ,0, SLAB_HWCACHE_ALIGN, NULL, NULL); + icp_kmem_cache_create(ICP_OP_DATA_NAME, + sizeof(struct icp_drvOpData) + + defBuffListInfo.metaSize, + ICP_KERNEL_CACHE_ALIGN, + ICP_KERNEL_CACHE_NOINIT); - - ICP_CACHE_NULL_CHECK(drvOpData_zone); - - drvDH_zone = ICP_CACHE_CREATE("ICP DH data", CpaCyDhPhase1KeyGenOpData); - ICP_CACHE_NULL_CHECK(drvDH_zone); + drvDH_zone = ICP_CACHE_CREATE(ICP_DH_NAME, CpaCyDhPhase1KeyGenOpData); drvLnModExp_zone = - ICP_CACHE_CREATE("ICP ModExp data", CpaCyLnModExpOpData); - ICP_CACHE_NULL_CHECK(drvLnModExp_zone); + ICP_CACHE_CREATE(ICP_MODEXP_NAME, CpaCyLnModExpOpData); drvRSADecrypt_zone = - ICP_CACHE_CREATE("ICP RSA decrypt data", CpaCyRsaDecryptOpData); - ICP_CACHE_NULL_CHECK(drvRSADecrypt_zone); + ICP_CACHE_CREATE(ICP_RSA_DECRYPT_NAME, CpaCyRsaDecryptOpData); drvRSAPrivateKey_zone = - ICP_CACHE_CREATE("ICP RSA private key data", CpaCyRsaPrivateKey); - ICP_CACHE_NULL_CHECK(drvRSAPrivateKey_zone); + ICP_CACHE_CREATE(ICP_RSA_PKEY_NAME, CpaCyRsaPrivateKey); drvDSARSSign_zone = - ICP_CACHE_CREATE("ICP DSA Sign", CpaCyDsaRSSignOpData); - ICP_CACHE_NULL_CHECK(drvDSARSSign_zone); + ICP_CACHE_CREATE(ICP_DSA_SIGN_NAME, CpaCyDsaRSSignOpData); /*too awkward to use a macro here */ drvDSARSSignKValue_zone = - kmem_cache_create("ICP DSA Sign Rand Val", - DSA_RS_SIGN_PRIMEQ_SIZE_IN_BYTES, 0, - SLAB_HWCACHE_ALIGN, NULL, NULL); - ICP_CACHE_NULL_CHECK(drvDSARSSignKValue_zone); + ICP_CACHE_CREATE(ICP_RAND_VAL_NAME, + DSA_RS_SIGN_PRIMEQ_SIZE_IN_BYTES); drvDSAVerify_zone = - ICP_CACHE_CREATE("ICP DSA Verify", CpaCyDsaVerifyOpData); - ICP_CACHE_NULL_CHECK(drvDSAVerify_zone); + ICP_CACHE_CREATE(ICP_DSA_VER_NAME, CpaCyDsaVerifyOpData); drvFlatBuffer_zone = - ICP_CACHE_CREATE("ICP Flat Buffers", CpaFlatBuffer); - ICP_CACHE_NULL_CHECK(drvFlatBuffer_zone); + ICP_CACHE_CREATE(ICP_FLAT_BUFF_NAME, CpaFlatBuffer); + + if (0 == icp_cache_null_check()) { + icp_ocfDrvFreeCaches(); + EPRINTK("%s() line %d: Not enough memory!\n", + __FUNCTION__, __LINE__); + return ENOMEM; + } /* Register the ICP symmetric crypto support. */ - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_NULL_CBC); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_DES_CBC); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_3DES_CBC); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_AES_CBC); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_ARC4); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_MD5); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_MD5_HMAC); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_SHA1); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_SHA1_HMAC); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_SHA2_256); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_SHA2_256_HMAC); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_SHA2_384); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_SHA2_384_HMAC); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_SHA2_512); - ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(CRYPTO_SHA2_512_HMAC); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_NULL_CBC, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_DES_CBC, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_3DES_CBC, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_AES_CBC, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_ARC4, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_MD5, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_MD5_HMAC, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA1, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA1_HMAC, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_256, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_256_HMAC, + ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_384, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_384_HMAC, + ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_512, ocfStatus); + ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_512_HMAC, + ocfStatus); /* Register the ICP asymmetric algorithm support */ - ICP_REGISTER_ASYM_FUNCTIONALITY_WITH_OCF(CRK_DH_COMPUTE_KEY); - ICP_REGISTER_ASYM_FUNCTIONALITY_WITH_OCF(CRK_MOD_EXP); - ICP_REGISTER_ASYM_FUNCTIONALITY_WITH_OCF(CRK_MOD_EXP_CRT); - ICP_REGISTER_ASYM_FUNCTIONALITY_WITH_OCF(CRK_DSA_SIGN); - ICP_REGISTER_ASYM_FUNCTIONALITY_WITH_OCF(CRK_DSA_VERIFY); + ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_DH_COMPUTE_KEY, + ocfStatus); + ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_MOD_EXP, ocfStatus); + ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_MOD_EXP_CRT, ocfStatus); + ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_DSA_SIGN, ocfStatus); + ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_DSA_VERIFY, ocfStatus); /* Register the ICP random number generator support */ - if (OCF_REGISTRATION_STATUS_SUCCESS == - crypto_rregister(icp_ocfDrvDriverId, icp_ocfDrvReadRandom, NULL)) { - ocfStatus++; - } + ICP_REG_RAND_WITH_OCF(icp_ocfDrvDriverId, + icp_ocfDrvReadRandom, NULL, ocfStatus); if (OCF_ZERO_FUNCTIONALITY_REGISTERED == ocfStatus) { DPRINTK("%s: Failed to register any device capabilities\n", __FUNCTION__); icp_ocfDrvFreeCaches(); icp_ocfDrvDriverId = INVALID_DRIVER_ID; - return -ECANCELED; + return icp_module_return_code(ECANCELED); } DPRINTK("%s: Registered %d of %d device capabilities\n", __FUNCTION__, ocfStatus, NUM_SUPPORTED_CAPABILITIES); -/*Session data linked list used during module exit*/ - INIT_LIST_HEAD(&icp_ocfDrvGlobalSymListHead); - INIT_LIST_HEAD(&icp_ocfDrvGlobalSymListHead_FreeMemList); + /*Session data linked list used during module exit */ + ICP_INIT_LIST_HEAD(&icp_ocfDrvGlobalSymListHead); + ICP_INIT_LIST_HEAD(&icp_ocfDrvGlobalSymListHead_FreeMemList); - icp_ocfDrvFreeLacSessionWorkQ = - create_singlethread_workqueue("ocfLacDeregWorkQueue"); + ICP_WORKQUEUE_CREATE(icp_ocfDrvFreeLacSessionWorkQ, "icpwq"); + if (ICP_WORKQUEUE_NULL_CHECK(icp_ocfDrvFreeLacSessionWorkQ)) { + EPRINTK("%s: Failed to create single " + "thread workqueue\n", __FUNCTION__); + icp_ocfDrvFreeCaches(); + icp_ocfDrvDriverId = INVALID_DRIVER_ID; + return icp_module_return_code(ENOMEM); + } - return 0; + return icp_module_return_code(0); } /* Name : icp_ocfDrvExit @@ -325,31 +323,46 @@ static int __init icp_ocfDrvInit(void) * and asymmetric functionality that can be accelerated by the hardware via OCF * and random number generation if it is enabled. */ -static void icp_ocfDrvExit(void) +ICP_MODULE_EXIT_FUNC(icp_ocfDrvExit) { CpaStatus lacStatus = CPA_STATUS_SUCCESS; struct icp_drvSessionData *sessionData = NULL; struct icp_drvSessionData *tempSessionData = NULL; int i, remaining_delay_time_in_jiffies = 0; + + /* For FreeBSD the invariant macro below makes function to return */ + /* with EBUSY value in the case of any session which has been regi- */ + /* stered with LAC not being deregistered. */ + /* The Linux implementation is empty since it is purely to compensate */ + /* for a limitation of the FreeBSD 7.1 Opencrypto framework. */ + + ICP_MODULE_EXIT_INV(); + /* There is a possibility of a process or new session command being */ /* sent before this variable is incremented. The aim of this variable */ /* is to stop a loop of calls creating a deadlock situation which */ /* would prevent the driver from exiting. */ - - atomic_inc(&icp_ocfDrvIsExiting); + icp_atomic_set(&icp_ocfDrvIsExiting, 1); /*Existing sessions will be routed to another driver after these calls */ crypto_unregister_all(icp_ocfDrvDriverId); crypto_runregister_all(icp_ocfDrvDriverId); + if (ICP_WORKQUEUE_NULL_CHECK(icp_ocfDrvFreeLacSessionWorkQ)) { + DPRINTK("%s: workqueue already " + "destroyed, therefore module exit " + " function already called. Exiting.\n", __FUNCTION__); + return ICP_MODULE_EXIT_FUNC_RETURN_VAL; + } /*If any sessions are waiting to be deregistered, do that. This also flushes the work queue */ - destroy_workqueue(icp_ocfDrvFreeLacSessionWorkQ); + ICP_WORKQUEUE_DESTROY(icp_ocfDrvFreeLacSessionWorkQ); /*ENTER CRITICAL SECTION */ - spin_lock_bh(&icp_ocfDrvSymSessInfoListSpinlock); - list_for_each_entry_safe(tempSessionData, sessionData, - &icp_ocfDrvGlobalSymListHead, listNode) { + icp_spin_lockbh_lock(&icp_ocfDrvSymSessInfoListSpinlock); + + ICP_LIST_FOR_EACH_ENTRY_SAFE(tempSessionData, sessionData, + &icp_ocfDrvGlobalSymListHead, listNode) { for (i = 0; i < num_dereg_retries; i++) { /*No harm if bad input - LAC will handle error cases */ if (ICP_SESSION_RUNNING == tempSessionData->inUse) { @@ -361,7 +374,7 @@ static void icp_ocfDrvExit(void) /* Succesfully deregistered */ break; } else if (CPA_STATUS_RETRY != lacStatus) { - atomic_inc + icp_atomic_inc (&lac_session_failed_dereg_count); break; } @@ -372,8 +385,9 @@ static void icp_ocfDrvExit(void) dereg_retry_delay_in_jiffies; while (0 > remaining_delay_time_in_jiffies) { remaining_delay_time_in_jiffies = - schedule_timeout - (remaining_delay_time_in_jiffies); + icp_schedule_timeout + (&icp_ocfDrvSymSessInfoListSpinlock, + remaining_delay_time_in_jiffies); } DPRINTK @@ -383,44 +397,48 @@ static void icp_ocfDrvExit(void) } /*remove from current list */ - list_del(&(tempSessionData->listNode)); + ICP_LIST_DEL(tempSessionData, listNode); /*add to free mem linked list */ - list_add(&(tempSessionData->listNode), - &icp_ocfDrvGlobalSymListHead_FreeMemList); + ICP_LIST_ADD(tempSessionData, + &icp_ocfDrvGlobalSymListHead_FreeMemList, + listNode); } /*EXIT CRITICAL SECTION */ - spin_unlock_bh(&icp_ocfDrvSymSessInfoListSpinlock); + icp_spin_lockbh_unlock(&icp_ocfDrvSymSessInfoListSpinlock); /*set back to initial values */ sessionData = NULL; /*still have a reference in our list! */ tempSessionData = NULL; /*free memory */ - list_for_each_entry_safe(tempSessionData, sessionData, - &icp_ocfDrvGlobalSymListHead_FreeMemList, - listNode) { - list_del(&(tempSessionData->listNode)); + ICP_LIST_FOR_EACH_ENTRY_SAFE(tempSessionData, sessionData, + &icp_ocfDrvGlobalSymListHead_FreeMemList, + listNode) { + + ICP_LIST_DEL(tempSessionData, listNode); /* Free allocated CpaCySymSessionCtx */ if (NULL != tempSessionData->sessHandle) { - kfree(tempSessionData->sessHandle); + icp_kfree(tempSessionData->sessHandle); } memset(tempSessionData, 0, sizeof(struct icp_drvSessionData)); - kmem_cache_free(drvSessionData_zone, tempSessionData); + ICP_CACHE_FREE(drvSessionData_zone, tempSessionData); } - if (0 != atomic_read(&lac_session_failed_dereg_count)) { + if (0 != icp_atomic_read(&lac_session_failed_dereg_count)) { DPRINTK("%s(): %d LAC sessions were not deregistered " "correctly. This is not a clean exit! \n", __FUNCTION__, - atomic_read(&lac_session_failed_dereg_count)); + icp_atomic_read(&lac_session_failed_dereg_count)); } icp_ocfDrvFreeCaches(); icp_ocfDrvDriverId = INVALID_DRIVER_ID; + icp_spin_lock_destroy(&icp_ocfDrvSymSessInfoListSpinlock); + /* Shutdown the Cryptographic component */ lacStatus = cpaCyStopInstance(CPA_INSTANCE_HANDLE_SINGLE); if (CPA_STATUS_SUCCESS != lacStatus) { @@ -429,6 +447,7 @@ static void icp_ocfDrvExit(void) __FUNCTION__, lacStatus); } + return ICP_MODULE_EXIT_FUNC_RETURN_VAL; } /* Name : icp_ocfDrvFreeCaches @@ -437,9 +456,7 @@ static void icp_ocfDrvExit(void) */ static void icp_ocfDrvFreeCaches(void) { - if (atomic_read(&icp_ocfDrvIsExiting) != CPA_TRUE) { - atomic_set(&icp_ocfDrvIsExiting, 1); - } + icp_atomic_set(&icp_ocfDrvIsExiting, 1); /*Sym Zones */ ICP_CACHE_DESTROY(drvSessionData_zone); @@ -465,7 +482,6 @@ static void icp_ocfDrvFreeCaches(void) * off to a work queue. If it fails, nothing more can be done and it * returns an error */ - int icp_ocfDrvDeregRetry(CpaCySymSessionCtx sessionToDeregister) { struct icp_ocfDrvFreeLacSession *workstore = NULL; @@ -475,11 +491,11 @@ int icp_ocfDrvDeregRetry(CpaCySymSessionCtx sessionToDeregister) /*make sure the session is not available to be allocated during this process */ - atomic_inc(&lac_session_failed_dereg_count); + icp_atomic_inc(&lac_session_failed_dereg_count); /*Farm off to work queue */ workstore = - kmalloc(sizeof(struct icp_ocfDrvFreeLacSession), GFP_ATOMIC); + icp_kmalloc(sizeof(struct icp_ocfDrvFreeLacSession), ICP_M_NOWAIT); if (NULL == workstore) { DPRINTK("%s(): unable to free session - no memory available " "for work queue\n", __FUNCTION__); @@ -488,9 +504,11 @@ int icp_ocfDrvDeregRetry(CpaCySymSessionCtx sessionToDeregister) workstore->sessionToDeregister = sessionToDeregister; - INIT_WORK(&(workstore->work), icp_ocfDrvDeferedFreeLacSessionProcess, - workstore); - queue_work(icp_ocfDrvFreeLacSessionWorkQ, &(workstore->work)); + icp_init_work(&(workstore->work), + icp_ocfDrvDeferedFreeLacSessionTaskFn, workstore); + + ICP_WORKQUEUE_ENQUEUE(icp_ocfDrvFreeLacSessionWorkQ, + &(workstore->work)); return ICP_OCF_DRV_STATUS_SUCCESS; @@ -503,7 +521,7 @@ int icp_ocfDrvDeregRetry(CpaCySymSessionCtx sessionToDeregister) * CPA_STATUS_RETRY message from the LAC component. This function is run in * Thread context because it is called from a worker thread */ -static void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg) +void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg) { struct icp_ocfDrvFreeLacSession *workstore = NULL; CpaCySymSessionCtx sessionToDeregister = NULL; @@ -519,10 +537,10 @@ static void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg) } sessionToDeregister = workstore->sessionToDeregister; - kfree(workstore); + icp_kfree(workstore); /*if exiting, give deregistration one more blast only */ - if (atomic_read(&icp_ocfDrvIsExiting) == CPA_TRUE) { + if (icp_atomic_read(&icp_ocfDrvIsExiting) == CPA_TRUE) { lacStatus = cpaCySymRemoveSession(CPA_INSTANCE_HANDLE_SINGLE, sessionToDeregister); @@ -533,7 +551,7 @@ static void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg) return; } - atomic_dec(&lac_session_failed_dereg_count); + icp_atomic_dec(&lac_session_failed_dereg_count); return; } @@ -542,7 +560,7 @@ static void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg) sessionToDeregister); if (lacStatus == CPA_STATUS_SUCCESS) { - atomic_dec(&lac_session_failed_dereg_count); + icp_atomic_dec(&lac_session_failed_dereg_count); return; } if (lacStatus != CPA_STATUS_RETRY) { @@ -554,16 +572,17 @@ static void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg) /*schedule_timout returns the time left for completion if this task is set to TASK_INTERRUPTIBLE */ remaining_delay_time_in_jiffies = dereg_retry_delay_in_jiffies; - while (0 > remaining_delay_time_in_jiffies) { + while (0 < remaining_delay_time_in_jiffies) { remaining_delay_time_in_jiffies = - schedule_timeout(remaining_delay_time_in_jiffies); + icp_schedule_timeout(NULL, + remaining_delay_time_in_jiffies); } } DPRINTK("%s(): Unable to deregister session\n", __FUNCTION__); DPRINTK("%s(): Number of unavailable LAC sessions = %d\n", __FUNCTION__, - atomic_read(&lac_session_failed_dereg_count)); + icp_atomic_read(&lac_session_failed_dereg_count)); } /* Name : icp_ocfDrvPtrAndLenToFlatBuffer @@ -581,131 +600,6 @@ icp_ocfDrvPtrAndLenToFlatBuffer(void *pData, uint32_t len, pFlatBuffer->dataLenInBytes = len; } -/* Name : icp_ocfDrvSingleSkBuffToFlatBuffer - * - * Description : This function converts a single socket buffer (sk_buff) - * structure to a Fredericksburg Flat Buffer (CpaFlatBuffer) format. - * - * This function assumes that the data passed in are valid. - */ -static inline void -icp_ocfDrvSingleSkBuffToFlatBuffer(struct sk_buff *pSkb, - CpaFlatBuffer * pFlatBuffer) -{ - pFlatBuffer->pData = pSkb->data; - pFlatBuffer->dataLenInBytes = skb_headlen(pSkb); -} - -/* Name : icp_ocfDrvSkBuffToBufferList - * - * Description : This function converts a socket buffer (sk_buff) structure to - * Fredericksburg Scatter/Gather (CpaBufferList) buffer format. - * - * This function assumes that the bufferlist has been allocated with the correct - * number of buffer arrays. - * - */ -inline int -icp_ocfDrvSkBuffToBufferList(struct sk_buff *pSkb, CpaBufferList * bufferList) -{ - CpaFlatBuffer *curFlatBuffer = NULL; - char *skbuffPageAddr = NULL; - struct sk_buff *pCurFrag = NULL; - struct skb_shared_info *pShInfo = NULL; - uint32_t page_offset = 0, i = 0; - - DPRINTK("%s(): Entry Point\n", __FUNCTION__); - - /* - * In all cases, the first skb needs to be translated to FlatBuffer. - * Perform a buffer translation for the first skbuff - */ - curFlatBuffer = bufferList->pBuffers; - icp_ocfDrvSingleSkBuffToFlatBuffer(pSkb, curFlatBuffer); - - /* Set the userData to point to the original sk_buff */ - bufferList->pUserData = (void *)pSkb; - - /* We now know we'll have at least one element in the SGL */ - bufferList->numBuffers = 1; - - if (0 == skb_is_nonlinear(pSkb)) { - /* Is a linear buffer - therefore it's a single skbuff */ - DPRINTK("%s(): Exit Point\n", __FUNCTION__); - return ICP_OCF_DRV_STATUS_SUCCESS; - } - - curFlatBuffer++; - pShInfo = skb_shinfo(pSkb); - if (pShInfo->frag_list != NULL && pShInfo->nr_frags != 0) { - EPRINTK("%s():" - "Translation for a combination of frag_list " - "and frags[] array not supported!\n", __FUNCTION__); - return ICP_OCF_DRV_STATUS_FAIL; - } else if (pShInfo->frag_list != NULL) { - /* - * Non linear skbuff supported through frag_list - * Perform translation for each fragment (sk_buff) - * in the frag_list of the first sk_buff. - */ - for (pCurFrag = pShInfo->frag_list; - pCurFrag != NULL; pCurFrag = pCurFrag->next) { - icp_ocfDrvSingleSkBuffToFlatBuffer(pCurFrag, - curFlatBuffer); - curFlatBuffer++; - bufferList->numBuffers++; - } - } else if (pShInfo->nr_frags != 0) { - /* - * Perform translation for each fragment in frags array - * and add to the BufferList - */ - for (i = 0; i < pShInfo->nr_frags; i++) { - /* Get the page address and offset of this frag */ - skbuffPageAddr = (char *)pShInfo->frags[i].page; - page_offset = pShInfo->frags[i].page_offset; - - /* Convert a pointer and length to a flat buffer */ - icp_ocfDrvPtrAndLenToFlatBuffer(skbuffPageAddr + - page_offset, - pShInfo->frags[i].size, - curFlatBuffer); - curFlatBuffer++; - bufferList->numBuffers++; - } - } else { - EPRINTK("%s():" "Could not recognize skbuff fragments!\n", - __FUNCTION__); - return ICP_OCF_DRV_STATUS_FAIL; - } - - DPRINTK("%s(): Exit Point\n", __FUNCTION__); - return ICP_OCF_DRV_STATUS_SUCCESS; -} - -/* Name : icp_ocfDrvBufferListToSkBuff - * - * Description : This function converts a Fredericksburg Scatter/Gather - * (CpaBufferList) buffer format to socket buffer structure. - */ -inline int -icp_ocfDrvBufferListToSkBuff(CpaBufferList * bufferList, struct sk_buff **skb) -{ - DPRINTK("%s(): Entry Point\n", __FUNCTION__); - - /* Retrieve the orignal skbuff */ - *skb = (struct sk_buff *)bufferList->pUserData; - if (NULL == *skb) { - EPRINTK("%s():" - "Error on converting from a BufferList. " - "The BufferList does not contain an sk_buff.\n", - __FUNCTION__); - return ICP_OCF_DRV_STATUS_FAIL; - } - DPRINTK("%s(): Exit Point\n", __FUNCTION__); - return ICP_OCF_DRV_STATUS_SUCCESS; -} - /* Name : icp_ocfDrvPtrAndLenToBufferList * * Description : This function converts a "pointer and length" buffer @@ -761,45 +655,6 @@ icp_ocfDrvBufferListMemInfo(uint16_t numBuffers, return ICP_OCF_DRV_STATUS_SUCCESS; } -/* Name : icp_ocfDrvGetSkBuffFrags - * - * Description : This function will determine the number of - * fragments in a socket buffer(sk_buff). - */ -inline uint16_t icp_ocfDrvGetSkBuffFrags(struct sk_buff * pSkb) -{ - uint16_t numFrags = 0; - struct sk_buff *pCurFrag = NULL; - struct skb_shared_info *pShInfo = NULL; - - if (NULL == pSkb) - return 0; - - numFrags = 1; - if (0 == skb_is_nonlinear(pSkb)) { - /* Linear buffer - it's a single skbuff */ - return numFrags; - } - - pShInfo = skb_shinfo(pSkb); - if (NULL != pShInfo->frag_list && 0 != pShInfo->nr_frags) { - EPRINTK("%s(): Combination of frag_list " - "and frags[] array not supported!\n", __FUNCTION__); - return 0; - } else if (0 != pShInfo->nr_frags) { - numFrags += pShInfo->nr_frags; - return numFrags; - } else if (NULL != pShInfo->frag_list) { - for (pCurFrag = pShInfo->frag_list; - pCurFrag != NULL; pCurFrag = pCurFrag->next) { - numFrags++; - } - return numFrags; - } else { - return 0; - } -} - /* Name : icp_ocfDrvFreeFlatBuffer * * Description : This function will deallocate flat buffer. @@ -808,7 +663,7 @@ inline void icp_ocfDrvFreeFlatBuffer(CpaFlatBuffer * pFlatBuffer) { if (pFlatBuffer != NULL) { memset(pFlatBuffer, 0, sizeof(CpaFlatBuffer)); - kmem_cache_free(drvFlatBuffer_zone, pFlatBuffer); + ICP_CACHE_FREE(drvFlatBuffer_zone, pFlatBuffer); } } @@ -819,14 +674,14 @@ inline void icp_ocfDrvFreeFlatBuffer(CpaFlatBuffer * pFlatBuffer) */ inline int icp_ocfDrvAllocMetaData(CpaBufferList * pBufferList, - const struct icp_drvOpData *pOpData) + struct icp_drvOpData *pOpData) { Cpa32U metaSize = 0; - if (pBufferList->numBuffers <= ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS){ - void *pOpDataStartAddr = (void *)pOpData; + if (pBufferList->numBuffers <= ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS) { + uint8_t *pOpDataStartAddr = (uint8_t *) pOpData; - if (0 == defBuffListInfo.metaSize) { + if (0 == defBuffListInfo.metaSize) { pBufferList->pPrivateMetaData = NULL; return ICP_OCF_DRV_STATUS_SUCCESS; } @@ -835,8 +690,9 @@ icp_ocfDrvAllocMetaData(CpaBufferList * pBufferList, * op data. It has been pre-allocated in memory just after the * icp_drvOpData structure. */ - pBufferList->pPrivateMetaData = pOpDataStartAddr + - sizeof(struct icp_drvOpData); + pBufferList->pPrivateMetaData = (void *)(pOpDataStartAddr + + sizeof(struct + icp_drvOpData)); } else { if (CPA_STATUS_SUCCESS != cpaCyBufferListGetMetaSize(CPA_INSTANCE_HANDLE_SINGLE, @@ -852,7 +708,8 @@ icp_ocfDrvAllocMetaData(CpaBufferList * pBufferList, return ICP_OCF_DRV_STATUS_SUCCESS; } - pBufferList->pPrivateMetaData = kmalloc(metaSize, GFP_ATOMIC); + pBufferList->pPrivateMetaData = + icp_kmalloc(metaSize, ICP_M_NOWAIT); } if (NULL == pBufferList->pPrivateMetaData) { EPRINTK("%s() Failed to allocate pPrivateMetaData.\n", @@ -879,13 +736,38 @@ inline void icp_ocfDrvFreeMetaData(CpaBufferList * pBufferList) * Otherwise, the meta data shall be freed when the icp_drvOpData is * freed. */ - if (ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS < pBufferList->numBuffers){ - kfree(pBufferList->pPrivateMetaData); + if (ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS < pBufferList->numBuffers) { + icp_kfree(pBufferList->pPrivateMetaData); } } -module_init(icp_ocfDrvInit); -module_exit(icp_ocfDrvExit); -MODULE_LICENSE("Dual BSD/GPL"); -MODULE_AUTHOR("Intel"); -MODULE_DESCRIPTION("OCF Driver for Intel Quick Assist crypto acceleration"); +/* Module declaration, init and exit functions */ +ICP_DECLARE_MODULE(icp_ocf, icp_ocfDrvInit, icp_ocfDrvExit); +ICP_MODULE_DESCRIPTION("OCF Driver for Intel Quick Assist crypto acceleration"); +ICP_MODULE_VERSION(icp_ocf, ICP_OCF_VER_MJR); +ICP_MODULE_LICENSE("Dual BSD/GPL"); +ICP_MODULE_AUTHOR("Intel"); + +/* Module parameters */ +ICP_MODULE_PARAM_INT(icp_ocf, num_dereg_retries, + "Number of times to retry LAC Sym Session Deregistration. " + "Default 10, Max 100"); +ICP_MODULE_PARAM_INT(icp_ocf, dereg_retry_delay_in_jiffies, "Delay in jiffies " + "(added to a schedule() function call) before a LAC Sym " + "Session Dereg is retried. Default 10"); +ICP_MODULE_PARAM_INT(icp_ocf, max_sessions, + "This sets the maximum number of sessions " + "between OCF and this driver. If this value is set to zero," + "max session count checking is disabled. Default is zero(0)"); + +/* Module dependencies */ +#define MODULE_MIN_VER 1 +#define CRYPTO_MAX_VER 3 +#define LAC_MAX_VER 2 + +ICP_MODULE_DEPEND(icp_ocf, crypto, MODULE_MIN_VER, MODULE_MIN_VER, + CRYPTO_MAX_VER); +ICP_MODULE_DEPEND(icp_ocf, cryptodev, MODULE_MIN_VER, MODULE_MIN_VER, + CRYPTO_MAX_VER); +ICP_MODULE_DEPEND(icp_ocf, icp_crypto, MODULE_MIN_VER, MODULE_MIN_VER, + LAC_MAX_VER); diff --git a/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_ocf.h b/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_ocf.h index dff0a8b7d..d9dde8740 100644 --- a/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_ocf.h +++ b/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_ocf.h @@ -5,7 +5,7 @@ * * GPL LICENSE SUMMARY * - * Copyright(c) 2007,2008 Intel Corporation. All rights reserved. + * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. * * This program is free software; you can redistribute it and/or modify * it under the terms of version 2 of the GNU General Public License as @@ -27,7 +27,7 @@ * * BSD LICENSE * - * Copyright(c) 2007,2008 Intel Corporation. All rights reserved. + * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -57,42 +57,34 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * - * version: Security.L.1.0.130 + * version: Security.L.1.0.2-229 * ***************************************************************************/ /* - * OCF drv driver header file for the Intel ICP processor. + * OCF driver header file for the Intel ICP processor. */ -#ifndef ICP_OCF_H -#define ICP_OCF_H +#ifndef ICP_OCF_H_ +#define ICP_OCF_H_ -#include <linux/crypto.h> -#include <linux/delay.h> -#include <linux/skbuff.h> +#include <cpa.h> +#include <cpa_cy_im.h> +#include <cpa_cy_sym.h> +#include <cpa_cy_rand.h> +#include <cpa_cy_dh.h> +#include <cpa_cy_rsa.h> +#include <cpa_cy_ln.h> +#include <cpa_cy_common.h> +#include <cpa_cy_dsa.h> -#include "cryptodev.h" -#include "uio.h" - -#include "cpa.h" -#include "cpa_cy_im.h" -#include "cpa_cy_sym.h" -#include "cpa_cy_rand.h" -#include "cpa_cy_dh.h" -#include "cpa_cy_rsa.h" -#include "cpa_cy_ln.h" -#include "cpa_cy_common.h" -#include "cpa_cy_dsa.h" +#include "icp_os.h" #define NUM_BITS_IN_BYTE (8) #define NUM_BITS_IN_BYTE_MINUS_ONE (NUM_BITS_IN_BYTE -1) #define INVALID_DRIVER_ID (-1) #define RETURN_RAND_NUM_GEN_FAILED (-1) -/*This is define means only one operation can be chained to another -(resulting in one chain of two operations)*/ -#define MAX_NUM_OF_CHAINED_OPS (1) /*This is the max block cipher initialisation vector*/ #define MAX_IV_LEN_IN_BYTES (20) /*This is used to check whether the OCF to this driver session limit has @@ -118,61 +110,10 @@ #define ICP_OCF_PRINT_KERN_ALERT (1) #define ICP_OCF_PRINT_KERN_ERRS (1) -/*DSA Prime Q size in bytes (as defined in the standard) */ -#define DSA_RS_SIGN_PRIMEQ_SIZE_IN_BYTES (20) - -/*MACRO DEFINITIONS*/ - -#define BITS_TO_BYTES(bytes, bits) \ - bytes = (bits + NUM_BITS_IN_BYTE_MINUS_ONE) / NUM_BITS_IN_BYTE - -#define ICP_CACHE_CREATE(cache_ID, cache_name) \ - kmem_cache_create(cache_ID, sizeof(cache_name),0, \ - SLAB_HWCACHE_ALIGN, NULL, NULL); - -#define ICP_CACHE_NULL_CHECK(slab_zone) \ -{ \ - if(NULL == slab_zone){ \ - icp_ocfDrvFreeCaches(); \ - EPRINTK("%s() line %d: Not enough memory!\n", \ - __FUNCTION__, __LINE__); \ - return ENOMEM; \ - } \ -} - -#define ICP_CACHE_DESTROY(slab_zone) \ -{ \ - if(NULL != slab_zone){ \ - kmem_cache_destroy(slab_zone); \ - slab_zone = NULL; \ - } \ -} - -#define ICP_REGISTER_SYM_FUNCTIONALITY_WITH_OCF(alg) \ -{ \ - if(OCF_REGISTRATION_STATUS_SUCCESS == \ - crypto_register(icp_ocfDrvDriverId, \ - alg, \ - 0, \ - 0)) { \ - ocfStatus++; \ - } \ -} - -#define ICP_REGISTER_ASYM_FUNCTIONALITY_WITH_OCF(alg) \ -{ \ - if(OCF_REGISTRATION_STATUS_SUCCESS == \ - crypto_kregister(icp_ocfDrvDriverId, \ - alg, \ - 0)){ \ - ocfStatus++; \ - } \ -} - #if ICP_OCF_PRINT_DEBUG_MESSAGES == 1 #define DPRINTK(args...) \ { \ - printk(args); \ + ICP_IPRINTK(args); \ } #else //ICP_OCF_PRINT_DEBUG_MESSAGES == 1 @@ -184,7 +125,7 @@ #if ICP_OCF_PRINT_KERN_ALERT == 1 #define APRINTK(args...) \ { \ - printk(KERN_ALERT args); \ + ICP_APRINTK(args); \ } #else //ICP_OCF_PRINT_KERN_ALERT == 1 @@ -196,7 +137,7 @@ #if ICP_OCF_PRINT_KERN_ERRS == 1 #define EPRINTK(args...) \ { \ - printk(KERN_ERR args); \ + ICP_EPRINTK(args); \ } #else //ICP_OCF_PRINT_KERN_ERRS == 1 @@ -207,47 +148,110 @@ #define IPRINTK(args...) \ { \ - printk(KERN_INFO args); \ + ICP_IPRINTK(args); \ } -/*END OF MACRO DEFINITIONS*/ +/*DSA Prime Q size in bytes (as defined in the standard) */ +#define DSA_RS_SIGN_PRIMEQ_SIZE_IN_BYTES (20) + +#define BITS_TO_BYTES(bytes, bits) \ + bytes = (bits + NUM_BITS_IN_BYTE_MINUS_ONE) / NUM_BITS_IN_BYTE typedef enum { ICP_OCF_DRV_ALG_CIPHER = 0, ICP_OCF_DRV_ALG_HASH } icp_ocf_drv_alg_type_t; -/* These are all defined in icp_common.c */ -extern atomic_t lac_session_failed_dereg_count; -extern atomic_t icp_ocfDrvIsExiting; -extern atomic_t num_ocf_to_drv_registered_sessions; +typedef ICP_LIST_HEAD(icp_drvSessionListHead_s, + icp_drvSessionData) icp_drvSessionListHead_t; -/*These are use inputs used in icp_sym.c and icp_common.c - They are instantiated in icp_common.c*/ -extern int max_sessions; +/*Values used to derisk chances of performs being called against +deregistered sessions (for which the slab page has been reclaimed) +This is not a fix - since page frames are reclaimed from a slab, one cannot +rely on that memory not being re-used by another app.*/ +typedef enum { + ICP_SESSION_INITIALISED = 0x5C5C5C, + ICP_SESSION_RUNNING = 0x005C00, + ICP_SESSION_DEREGISTERED = 0xC5C5C5 +} usage_derisk; + +/* This struct is required for deferred session + deregistration as a work queue function can + only have one argument*/ +struct icp_ocfDrvFreeLacSession { + CpaCySymSessionCtx sessionToDeregister; + icp_workstruct work; +}; + +/* +This is the OCF<->OCF_DRV session object: + +1.listNode + The first member is a listNode. These session objects are added to a linked + list in order to make it easier to remove them all at session exit time. + +2.inUse + The second member is used to give the session object state and derisk the + possibility of OCF batch calls executing against a deregistered session (as + described above). + +3.sessHandle + The third member is a LAC<->OCF_DRV session handle (initialised with the first + perform request for that session). + +4.lacSessCtx + The fourth is the LAC session context. All the parameters for this structure + are only known when the first perform request for this session occurs. That is + why the OCF EP80579 Driver only registers a new LAC session at perform time +*/ +struct icp_drvSessionData { + ICP_LIST_ENTRY(icp_drvSessionData) listNode; + usage_derisk inUse; + CpaCySymSessionCtx sessHandle; + CpaCySymSessionSetupData lacSessCtx; +}; + +/* These are all defined in icp_common.c */ +extern icp_atomic_t lac_session_failed_dereg_count; +extern icp_atomic_t icp_ocfDrvIsExiting; +extern icp_atomic_t num_ocf_to_drv_registered_sessions; extern int32_t icp_ocfDrvDriverId; -extern struct list_head icp_ocfDrvGlobalSymListHead; -extern struct list_head icp_ocfDrvGlobalSymListHead_FreeMemList; -extern struct workqueue_struct *icp_ocfDrvFreeLacSessionWorkQ; -extern spinlock_t icp_ocfDrvSymSessInfoListSpinlock; -extern rwlock_t icp_kmem_cache_destroy_alloc_lock; + +extern icp_drvSessionListHead_t icp_ocfDrvGlobalSymListHead; +extern icp_drvSessionListHead_t icp_ocfDrvGlobalSymListHead_FreeMemList; +extern icp_workqueue *icp_ocfDrvFreeLacSessionWorkQ; +extern icp_spinlock_t icp_ocfDrvSymSessInfoListSpinlock; /*Slab zones for symettric functionality, instantiated in icp_common.c*/ -extern struct kmem_cache *drvSessionData_zone; -extern struct kmem_cache *drvOpData_zone; +extern icp_kmem_cache drvSessionData_zone; +extern icp_kmem_cache drvOpData_zone; /*Slabs zones for asymettric functionality, instantiated in icp_common.c*/ -extern struct kmem_cache *drvDH_zone; -extern struct kmem_cache *drvLnModExp_zone; -extern struct kmem_cache *drvRSADecrypt_zone; -extern struct kmem_cache *drvRSAPrivateKey_zone; -extern struct kmem_cache *drvDSARSSign_zone; -extern struct kmem_cache *drvDSARSSignKValue_zone; -extern struct kmem_cache *drvDSAVerify_zone; +extern icp_kmem_cache drvDH_zone; +extern icp_kmem_cache drvLnModExp_zone; +extern icp_kmem_cache drvRSADecrypt_zone; +extern icp_kmem_cache drvRSAPrivateKey_zone; +extern icp_kmem_cache drvDSARSSign_zone; +extern icp_kmem_cache drvDSARSSignKValue_zone; +extern icp_kmem_cache drvDSAVerify_zone; + +/* Module parameters defined in icp_cpmmon.c*/ + +/* Module parameters - gives the number of times LAC deregistration shall be + re-tried */ +extern int num_dereg_retries; + +/* Module parameter - gives the delay time in jiffies before a LAC session + shall be attempted to be deregistered again */ +extern int dereg_retry_delay_in_jiffies; + +/* Module parameter - gives the maximum number of sessions possible between + OCF and the OCF EP80579 Driver. If set to zero, there is no limit.*/ +extern int max_sessions; /*Slab zones for flatbuffers and bufferlist*/ -extern struct kmem_cache *drvFlatBuffer_zone; +extern icp_kmem_cache drvFlatBuffer_zone; #define ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS (16) @@ -257,19 +261,13 @@ struct icp_drvBuffListInfo { Cpa32U metaOffset; Cpa32U buffListSize; }; + extern struct icp_drvBuffListInfo defBuffListInfo; -/* -* This struct is used to keep a reference to the relevant node in the list -* of sessionData structs, to the buffer type required by OCF and to the OCF -* provided crp struct that needs to be returned. All this info is needed in -* the callback function. -* -* IV can sometimes be stored in non-contiguous memory (e.g. skbuff -* linked/frag list, therefore a contiguous memory space for the IV data must be -* created and passed to LAC -* -*/ +/* This struct is used to keep a reference to the relevant node in the list + of sessionData structs, to the buffer type required by OCF and to the OCF + provided crp struct that needs to be returned. All this info is needed in + the callback function.*/ struct icp_drvOpData { CpaCySymOpData lacOpData; uint32_t digestSizeInBytes; @@ -281,83 +279,98 @@ struct icp_drvOpData { CpaFlatBuffer bufferListArray[ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS]; CpaBoolean verifyResult; }; -/*Values used to derisk chances of performs being called against -deregistered sessions (for which the slab page has been reclaimed) -This is not a fix - since page frames are reclaimed from a slab, one cannot -rely on that memory not being re-used by another app.*/ -typedef enum { - ICP_SESSION_INITIALISED = 0x5C5C5C, - ICP_SESSION_RUNNING = 0x005C00, - ICP_SESSION_DEREGISTERED = 0xC5C5C5 -} usage_derisk; - -/* -This is the OCF<->OCF_DRV session object: - -1.The first member is a listNode. These session objects are added to a linked - list in order to make it easier to remove them all at session exit time. -2.The second member is used to give the session object state and derisk the - possibility of OCF batch calls executing against a deregistered session (as - described above). -3.The third member is a LAC<->OCF_DRV session handle (initialised with the first - perform request for that session). -4.The fourth is the LAC session context. All the parameters for this structure - are only known when the first perform request for this session occurs. That is - why the OCF Tolapai Driver only registers a new LAC session at perform time -*/ -struct icp_drvSessionData { - struct list_head listNode; - usage_derisk inUse; - CpaCySymSessionCtx sessHandle; - CpaCySymSessionSetupData lacSessCtx; -}; -/* This struct is required for deferred session - deregistration as a work queue function can - only have one argument*/ -struct icp_ocfDrvFreeLacSession { - CpaCySymSessionCtx sessionToDeregister; - struct work_struct work; -}; +/* Create a new session between OCF and this driver*/ +int icp_ocfDrvNewSession(icp_device_t dev, uint32_t * sild, + struct cryptoini *cri); -int icp_ocfDrvNewSession(device_t dev, uint32_t * sild, struct cryptoini *cri); +/* Free a session between this driver and the Quick Assist Framework*/ +int icp_ocfDrvFreeLACSession(icp_device_t dev, uint64_t sid); -int icp_ocfDrvFreeLACSession(device_t dev, uint64_t sid); +/* Defer freeing a Quick Assist session*/ +void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg); -int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint); +/* Process OCF cryptographic request for a symmetric algorithm*/ +int icp_ocfDrvSymProcess(icp_device_t dev, struct cryptop *crp, int hint); -int icp_ocfDrvPkeProcess(device_t dev, struct cryptkop *krp, int hint); +/* Process OCF cryptographic request for an asymmetric algorithm*/ +int icp_ocfDrvPkeProcess(icp_device_t dev, struct cryptkop *krp, int hint); +/* Populate a buffer with random data*/ int icp_ocfDrvReadRandom(void *arg, uint32_t * buf, int maxwords); +/* Retry Quick Assist session deregistration*/ int icp_ocfDrvDeregRetry(CpaCySymSessionCtx sessionToDeregister); -int icp_ocfDrvSkBuffToBufferList(struct sk_buff *skb, - CpaBufferList * bufferList); +/* Convert an OS scatter gather list to a CPA buffer list*/ +int icp_ocfDrvPacketBuffToBufferList(icp_packet_buffer_t * pPacketBuffer, + CpaBufferList * bufferList); + +/* Convert a CPA buffer list to an OS scatter gather list*/ +int icp_ocfDrvBufferListToPacketBuff(CpaBufferList * bufferList, + icp_packet_buffer_t ** pPacketBuffer); -int icp_ocfDrvBufferListToSkBuff(CpaBufferList * bufferList, - struct sk_buff **skb); +/* Get the number of buffers in an OS scatter gather list*/ +uint16_t icp_ocfDrvGetPacketBuffFrags(icp_packet_buffer_t * pPacketBuffer); +/* Convert a single OS buffer to a CPA Flat Buffer*/ +void icp_ocfDrvSinglePacketBuffToFlatBuffer(icp_packet_buffer_t * pPacketBuffer, + CpaFlatBuffer * pFlatBuffer); + +/* Add pointer and length to a CPA Flat Buffer structure*/ void icp_ocfDrvPtrAndLenToFlatBuffer(void *pData, uint32_t len, CpaFlatBuffer * pFlatBuffer); +/* Convert pointer and length values to a CPA buffer list*/ void icp_ocfDrvPtrAndLenToBufferList(void *pDataIn, uint32_t length, CpaBufferList * pBufferList); +/* Convert a CPA buffer list to pointer and length values*/ void icp_ocfDrvBufferListToPtrAndLen(CpaBufferList * pBufferList, void **ppDataOut, uint32_t * pLength); +/* Set the number of flat buffers in bufferlist and the size of memory + to allocate for the pPrivateMetaData member of the CpaBufferList.*/ int icp_ocfDrvBufferListMemInfo(uint16_t numBuffers, struct icp_drvBuffListInfo *buffListInfo); -uint16_t icp_ocfDrvGetSkBuffFrags(struct sk_buff *pSkb); +/* Find pointer position of the digest within an OS scatter gather list*/ +uint8_t *icp_ocfDrvPacketBufferDigestPointerFind(struct icp_drvOpData + *drvOpData, + int offsetInBytes, + uint32_t digestSizeInBytes); + +/*This top level function is used to find a pointer to where a digest is + stored/needs to be inserted. */ +uint8_t *icp_ocfDrvDigestPointerFind(struct icp_drvOpData *drvOpData, + struct cryptodesc *crp_desc); +/* Free a CPA flat buffer*/ void icp_ocfDrvFreeFlatBuffer(CpaFlatBuffer * pFlatBuffer); -int icp_ocfDrvAllocMetaData(CpaBufferList * pBufferList, - const struct icp_drvOpData *pOpData); +/* This function will allocate memory for the pPrivateMetaData + member of CpaBufferList. */ +int icp_ocfDrvAllocMetaData(CpaBufferList * pBufferList, + struct icp_drvOpData *pOpData); +/* Free data allocated for the pPrivateMetaData + member of CpaBufferList.*/ void icp_ocfDrvFreeMetaData(CpaBufferList * pBufferList); +#define ICP_CACHE_CREATE(cache_ID, cache_name) \ + icp_kmem_cache_create(cache_ID, sizeof(cache_name),ICP_KERNEL_CACHE_ALIGN,\ + ICP_KERNEL_CACHE_NOINIT) + +#define ICP_CACHE_FREE(args...) \ + icp_kmem_cache_free (args) + +#define ICP_CACHE_DESTROY(slab_zone)\ +{\ + if(NULL != slab_zone){\ + icp_kmem_cache_destroy(slab_zone);\ + slab_zone = NULL;\ + }\ +} + #endif -/* ICP_OCF_H */ +/* ICP_OCF_H_ */ diff --git a/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_sym.c b/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_sym.c index d63297016..e1c71484a 100644 --- a/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_sym.c +++ b/target/linux/generic-2.6/files/crypto/ocf/ep80579/icp_sym.c @@ -5,7 +5,7 @@ * * GPL LICENSE SUMMARY * - * Copyright(c) 2007,2008 Intel Corporation. All rights reserved. + * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. * * This program is free software; you can redistribute it and/or modify * it under the terms of version 2 of the GNU General Public License as @@ -27,7 +27,7 @@ * * BSD LICENSE * - * Copyright(c) 2007,2008 Intel Corporation. All rights reserved. + * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -57,7 +57,7 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * - * version: Security.L.1.0.130 + * version: Security.L.1.0.2-229 * ***************************************************************************/ /* @@ -96,38 +96,6 @@ static int icp_ocfDrvAlgorithmSetup(struct cryptoini *cri, CpaCySymSessionSetupData * lacSessCtx); -/*This top level function is used to find a pointer to where a digest is - stored/needs to be inserted. */ -static uint8_t *icp_ocfDrvDigestPointerFind(struct icp_drvOpData *drvOpData, - struct cryptodesc *crp_desc); - -/*This function is called when a digest pointer has to be found within a - SKBUFF.*/ -static inline uint8_t *icp_ocfDrvSkbuffDigestPointerFind(struct icp_drvOpData - *drvOpData, - int offsetInBytes, - uint32_t - digestSizeInBytes); - -/*The following two functions are called if the SKBUFF digest pointer is not - positioned in the linear portion of the buffer (i.e. it is in a linked SKBUFF - or page fragment).*/ -/*This function takes care of the page fragment case.*/ -static inline uint8_t *icp_ocfDrvDigestSkbNRFragsCheck(struct sk_buff *skb, - struct skb_shared_info - *skb_shared, - int offsetInBytes, - uint32_t - digestSizeInBytes); - -/*This function takes care of the linked list case.*/ -static inline uint8_t *icp_ocfDrvDigestSkbFragListCheck(struct sk_buff *skb, - struct skb_shared_info - *skb_shared, - int offsetInBytes, - uint32_t - digestSizeInBytes); - /*This function is used to free an OCF->OCF_DRV session object*/ static void icp_ocfDrvFreeOCFSession(struct icp_drvSessionData *sessionData); @@ -142,7 +110,7 @@ static void icp_ocfDrvFreeOCFSession(struct icp_drvSessionData *sessionData); * Notes : The callbackTag is a pointer to an icp_drvOpData. This memory * object was passed to LAC for the cryptographic processing and contains all * the relevant information for cleaning up buffer handles etc. so that the - * OCF Tolapai Driver portion of this crypto operation can be fully completed. + * OCF EP80579 Driver portion of this crypto operation can be fully completed. */ static void icp_ocfDrvSymCallBack(void *callbackTag, @@ -188,11 +156,12 @@ icp_ocfDrvSymCallBack(void *callbackTag, if (CPA_STATUS_SUCCESS == status) { - if (temp_drvOpData->bufferType == CRYPTO_F_SKBUF) { + if (temp_drvOpData->bufferType == ICP_CRYPTO_F_PACKET_BUF) { if (ICP_OCF_DRV_STATUS_SUCCESS != - icp_ocfDrvBufferListToSkBuff(pDstBuffer, - (struct sk_buff **) - &(crp->crp_buf))) { + icp_ocfDrvBufferListToPacketBuff(pDstBuffer, + (icp_packet_buffer_t + **) + & (crp->crp_buf))) { EPRINTK("%s(): BufferList to SkBuff " "conversion error.\n", __FUNCTION__); crp->crp_etype = EPERM; @@ -213,10 +182,10 @@ icp_ocfDrvSymCallBack(void *callbackTag, if (temp_drvOpData->numBufferListArray > ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS) { - kfree(pDstBuffer->pBuffers); + icp_kfree(pDstBuffer->pBuffers); } icp_ocfDrvFreeMetaData(pDstBuffer); - kmem_cache_free(drvOpData_zone, temp_drvOpData); + ICP_CACHE_FREE(drvOpData_zone, temp_drvOpData); /* Invoke the OCF callback function */ crypto_done(crp); @@ -231,7 +200,8 @@ icp_ocfDrvSymCallBack(void *callbackTag, * Notes : LAC session registration happens during the first perform call. * That is the first time we know all information about a given session. */ -int icp_ocfDrvNewSession(device_t dev, uint32_t * sid, struct cryptoini *cri) +int icp_ocfDrvNewSession(icp_device_t dev, uint32_t * sid, + struct cryptoini *cri) { struct icp_drvSessionData *sessionData = NULL; uint32_t delete_session = 0; @@ -258,44 +228,44 @@ int icp_ocfDrvNewSession(device_t dev, uint32_t * sid, struct cryptoini *cri) return EINVAL; } - sessionData = kmem_cache_zalloc(drvSessionData_zone, GFP_ATOMIC); + sessionData = icp_kmem_cache_zalloc(drvSessionData_zone, ICP_M_NOWAIT); if (NULL == sessionData) { DPRINTK("%s():No memory for Session Data\n", __FUNCTION__); return ENOMEM; } /*ENTER CRITICAL SECTION */ - spin_lock_bh(&icp_ocfDrvSymSessInfoListSpinlock); + icp_spin_lockbh_lock(&icp_ocfDrvSymSessInfoListSpinlock); /*put this check in the spinlock so no new sessions can be added to the linked list when we are exiting */ - if (CPA_TRUE == atomic_read(&icp_ocfDrvIsExiting)) { + if (CPA_TRUE == icp_atomic_read(&icp_ocfDrvIsExiting)) { delete_session++; } else if (NO_OCF_TO_DRV_MAX_SESSIONS != max_sessions) { - if (atomic_read(&num_ocf_to_drv_registered_sessions) >= + if (icp_atomic_read(&num_ocf_to_drv_registered_sessions) >= (max_sessions - - atomic_read(&lac_session_failed_dereg_count))) { + icp_atomic_read(&lac_session_failed_dereg_count))) { delete_session++; } else { - atomic_inc(&num_ocf_to_drv_registered_sessions); + icp_atomic_inc(&num_ocf_to_drv_registered_sessions); /* Add to session data linked list */ - list_add(&(sessionData->listNode), - &icp_ocfDrvGlobalSymListHead); + ICP_LIST_ADD(sessionData, &icp_ocfDrvGlobalSymListHead, + listNode); } } else if (NO_OCF_TO_DRV_MAX_SESSIONS == max_sessions) { - list_add(&(sessionData->listNode), - &icp_ocfDrvGlobalSymListHead); + ICP_LIST_ADD(sessionData, &icp_ocfDrvGlobalSymListHead, + listNode); } sessionData->inUse = ICP_SESSION_INITIALISED; /*EXIT CRITICAL SECTION */ - spin_unlock_bh(&icp_ocfDrvSymSessInfoListSpinlock); + icp_spin_lockbh_unlock(&icp_ocfDrvSymSessInfoListSpinlock); if (delete_session) { DPRINTK("%s():No Session handles available\n", __FUNCTION__); - kmem_cache_free(drvSessionData_zone, sessionData); + ICP_CACHE_FREE(drvSessionData_zone, sessionData); return EPERM; } @@ -560,27 +530,27 @@ static void icp_ocfDrvFreeOCFSession(struct icp_drvSessionData *sessionData) sessionData->inUse = ICP_SESSION_DEREGISTERED; /*ENTER CRITICAL SECTION */ - spin_lock_bh(&icp_ocfDrvSymSessInfoListSpinlock); + icp_spin_lockbh_lock(&icp_ocfDrvSymSessInfoListSpinlock); - if (CPA_TRUE == atomic_read(&icp_ocfDrvIsExiting)) { + if (CPA_TRUE == icp_atomic_read(&icp_ocfDrvIsExiting)) { /*If the Driver is exiting, allow that process to handle any deletions */ /*EXIT CRITICAL SECTION */ - spin_unlock_bh(&icp_ocfDrvSymSessInfoListSpinlock); + icp_spin_lockbh_unlock(&icp_ocfDrvSymSessInfoListSpinlock); return; } - atomic_dec(&num_ocf_to_drv_registered_sessions); + icp_atomic_dec(&num_ocf_to_drv_registered_sessions); - list_del(&(sessionData->listNode)); + ICP_LIST_DEL(sessionData, listNode); /*EXIT CRITICAL SECTION */ - spin_unlock_bh(&icp_ocfDrvSymSessInfoListSpinlock); + icp_spin_lockbh_unlock(&icp_ocfDrvSymSessInfoListSpinlock); if (NULL != sessionData->sessHandle) { - kfree(sessionData->sessHandle); + icp_kfree(sessionData->sessHandle); } - kmem_cache_free(drvSessionData_zone, sessionData); + ICP_CACHE_FREE(drvSessionData_zone, sessionData); } /* Name : icp_ocfDrvFreeLACSession @@ -588,7 +558,7 @@ static void icp_ocfDrvFreeOCFSession(struct icp_drvSessionData *sessionData) * Description : This attempts to deregister a LAC session. If it fails, the * deregistation retry function is called. */ -int icp_ocfDrvFreeLACSession(device_t dev, uint64_t sid) +int icp_ocfDrvFreeLACSession(icp_device_t dev, uint64_t sid) { CpaCySymSessionCtx sessionToDeregister = NULL; struct icp_drvSessionData *sessionData = NULL; @@ -604,14 +574,14 @@ int icp_ocfDrvFreeLACSession(device_t dev, uint64_t sid) sessionToDeregister = sessionData->sessHandle; - if (ICP_SESSION_INITIALISED == sessionData->inUse) { - DPRINTK("%s() Session not registered with LAC\n", __FUNCTION__); - } else if (NULL == sessionData->sessHandle) { - EPRINTK - ("%s(): OCF Free session called with Null Session Handle.\n", - __FUNCTION__); + if ((ICP_SESSION_INITIALISED != sessionData->inUse) && + (ICP_SESSION_RUNNING != sessionData->inUse) && + (ICP_SESSION_DEREGISTERED != sessionData->inUse)) { + DPRINTK("%s() Session not initialised.\n", __FUNCTION__); return EINVAL; - } else { + } + + if (ICP_SESSION_RUNNING == sessionData->inUse) { lacStatus = cpaCySymRemoveSession(CPA_INSTANCE_HANDLE_SINGLE, sessionToDeregister); if (CPA_STATUS_RETRY == lacStatus) { @@ -629,9 +599,12 @@ int icp_ocfDrvFreeLACSession(device_t dev, uint64_t sid) DPRINTK("%s(): LAC failed to deregister the session. " "localSessionId= %p, lacStatus = %d\n", __FUNCTION__, sessionToDeregister, lacStatus); - atomic_inc(&lac_session_failed_dereg_count); + icp_atomic_inc(&lac_session_failed_dereg_count); retval = EPERM; } + } else { + DPRINTK("%s() Session not registered with LAC.\n", + __FUNCTION__); } icp_ocfDrvFreeOCFSession(sessionData); @@ -668,13 +641,12 @@ static int icp_ocfDrvAlgCheck(struct cryptodesc *crp_desc) * to whether session paramaters have changed (e.g. alg chain order) are * done. */ -int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint) +int icp_ocfDrvSymProcess(icp_device_t dev, struct cryptop *crp, int hint) { struct icp_drvSessionData *sessionData = NULL; struct icp_drvOpData *drvOpData = NULL; CpaStatus lacStatus = CPA_STATUS_SUCCESS; Cpa32U sessionCtxSizeInBytes = 0; - uint16_t numBufferListArray = 0; if (NULL == crp) { DPRINTK("%s(): Invalid input parameters, cryptop is NULL\n", @@ -696,7 +668,7 @@ int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint) return EINVAL; } - if (CPA_TRUE == atomic_read(&icp_ocfDrvIsExiting)) { + if (CPA_TRUE == icp_atomic_read(&icp_ocfDrvIsExiting)) { crp->crp_etype = EFAULT; return EFAULT; } @@ -793,14 +765,16 @@ int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint) if (CPA_STATUS_SUCCESS != lacStatus) { EPRINTK("%s(): cpaCySymSessionCtxGetSize failed - %d\n", __FUNCTION__, lacStatus); + crp->crp_etype = EINVAL; return EINVAL; } sessionData->sessHandle = - kmalloc(sessionCtxSizeInBytes, GFP_ATOMIC); + icp_kmalloc(sessionCtxSizeInBytes, ICP_M_NOWAIT); if (NULL == sessionData->sessHandle) { EPRINTK ("%s(): Failed to get memory for SymSessionCtx\n", __FUNCTION__); + crp->crp_etype = ENOMEM; return ENOMEM; } @@ -812,13 +786,14 @@ int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint) if (CPA_STATUS_SUCCESS != lacStatus) { EPRINTK("%s(): cpaCySymInitSession failed -%d \n", __FUNCTION__, lacStatus); + crp->crp_etype = EFAULT; return EFAULT; } sessionData->inUse = ICP_SESSION_RUNNING; } - drvOpData = kmem_cache_zalloc(drvOpData_zone, GFP_ATOMIC); + drvOpData = icp_kmem_cache_zalloc(drvOpData_zone, ICP_M_NOWAIT); if (NULL == drvOpData) { EPRINTK("%s():Failed to get memory for drvOpData\n", __FUNCTION__); @@ -835,28 +810,48 @@ int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint) drvOpData->srcBuffer.pBuffers = drvOpData->bufferListArray; drvOpData->numBufferListArray = ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS; + if (ICP_OCF_DRV_STATUS_SUCCESS != + icp_ocfDrvProcessDataSetup(drvOpData, drvOpData->crp->crp_desc)) { + crp->crp_etype = EINVAL; + goto err; + } + + if (drvOpData->crp->crp_desc->crd_next != NULL) { + if (icp_ocfDrvProcessDataSetup(drvOpData, drvOpData->crp-> + crp_desc->crd_next)) { + crp->crp_etype = EINVAL; + goto err; + } + + } + /* - * Allocate buffer list array memory allocation if the - * data fragment is more than the default allocation + * Allocate buffer list array memory if the data fragment is more than + * the default number (ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS) and not + * calculated already */ - if (crp->crp_flags & CRYPTO_F_SKBUF) { - numBufferListArray = icp_ocfDrvGetSkBuffFrags((struct sk_buff *) - crp->crp_buf); - if (ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS < numBufferListArray) { + if (crp->crp_flags & ICP_CRYPTO_F_PACKET_BUF) { + if (NULL == drvOpData->lacOpData.pDigestResult) { + drvOpData->numBufferListArray = + icp_ocfDrvGetPacketBuffFrags((icp_packet_buffer_t *) + crp->crp_buf); + } + + if (ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS < + drvOpData->numBufferListArray) { DPRINTK("%s() numBufferListArray more than default\n", __FUNCTION__); drvOpData->srcBuffer.pBuffers = NULL; drvOpData->srcBuffer.pBuffers = - kmalloc(numBufferListArray * - sizeof(CpaFlatBuffer), GFP_ATOMIC); + icp_kmalloc(drvOpData->numBufferListArray * + sizeof(CpaFlatBuffer), ICP_M_NOWAIT); if (NULL == drvOpData->srcBuffer.pBuffers) { EPRINTK("%s() Failed to get memory for " "pBuffers\n", __FUNCTION__); - kmem_cache_free(drvOpData_zone, drvOpData); + ICP_CACHE_FREE(drvOpData_zone, drvOpData); crp->crp_etype = ENOMEM; return ENOMEM; } - drvOpData->numBufferListArray = numBufferListArray; } } @@ -864,17 +859,18 @@ int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint) * Check the type of buffer structure we got and convert it into * CpaBufferList format. */ - if (crp->crp_flags & CRYPTO_F_SKBUF) { + if (crp->crp_flags & ICP_CRYPTO_F_PACKET_BUF) { if (ICP_OCF_DRV_STATUS_SUCCESS != - icp_ocfDrvSkBuffToBufferList((struct sk_buff *)crp->crp_buf, - &(drvOpData->srcBuffer))) { - EPRINTK("%s():Failed to translate from SK_BUF " + icp_ocfDrvPacketBuffToBufferList((icp_packet_buffer_t *) + crp->crp_buf, + &(drvOpData->srcBuffer))) { + EPRINTK("%s():Failed to translate from packet buffer " "to bufferlist\n", __FUNCTION__); crp->crp_etype = EINVAL; goto err; } - drvOpData->bufferType = CRYPTO_F_SKBUF; + drvOpData->bufferType = ICP_CRYPTO_F_PACKET_BUF; } else if (crp->crp_flags & CRYPTO_F_IOV) { /* OCF only supports IOV of one entry. */ if (NUM_IOV_SUPPORTED == @@ -906,21 +902,6 @@ int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint) drvOpData->bufferType = CRYPTO_BUF_CONTIG; } - if (ICP_OCF_DRV_STATUS_SUCCESS != - icp_ocfDrvProcessDataSetup(drvOpData, drvOpData->crp->crp_desc)) { - crp->crp_etype = EINVAL; - goto err; - } - - if (drvOpData->crp->crp_desc->crd_next != NULL) { - if (icp_ocfDrvProcessDataSetup(drvOpData, drvOpData->crp-> - crp_desc->crd_next)) { - crp->crp_etype = EINVAL; - goto err; - } - - } - /* Allocate srcBuffer's private meta data */ if (ICP_OCF_DRV_STATUS_SUCCESS != icp_ocfDrvAllocMetaData(&(drvOpData->srcBuffer), drvOpData)) { @@ -941,7 +922,7 @@ int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint) DPRINTK("%s(): cpaCySymPerformOp retry, lacStatus = %d\n", __FUNCTION__, lacStatus); memset(&(drvOpData->lacOpData), 0, sizeof(CpaCySymOpData)); - crp->crp_etype = EINVAL; + crp->crp_etype = ERESTART; goto err; } if (CPA_STATUS_SUCCESS != lacStatus) { @@ -956,10 +937,10 @@ int icp_ocfDrvSymProcess(device_t dev, struct cryptop *crp, int hint) err: if (drvOpData->numBufferListArray > ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS) { - kfree(drvOpData->srcBuffer.pBuffers); + icp_kfree(drvOpData->srcBuffer.pBuffers); } icp_ocfDrvFreeMetaData(&(drvOpData->srcBuffer)); - kmem_cache_free(drvOpData_zone, drvOpData); + ICP_CACHE_FREE(drvOpData_zone, drvOpData); return crp->crp_etype; } @@ -1129,32 +1110,20 @@ static int icp_ocfDrvProcessDataSetup(struct icp_drvOpData *drvOpData, * must be traversed by the data length offset in order to find the digest start * address. Whether there is enough space for the digest must also be checked. */ - -static uint8_t *icp_ocfDrvDigestPointerFind(struct icp_drvOpData *drvOpData, - struct cryptodesc *crp_desc) +uint8_t *icp_ocfDrvDigestPointerFind(struct icp_drvOpData * drvOpData, + struct cryptodesc * crp_desc) { int offsetInBytes = crp_desc->crd_inject; uint32_t digestSizeInBytes = drvOpData->digestSizeInBytes; uint8_t *flat_buffer_base = NULL; int flat_buffer_length = 0; - struct sk_buff *skb; - if (drvOpData->crp->crp_flags & CRYPTO_F_SKBUF) { - /*check if enough overall space to store hash */ - skb = (struct sk_buff *)(drvOpData->crp->crp_buf); - - if (skb->len < (offsetInBytes + digestSizeInBytes)) { - DPRINTK("%s() Not enough space for Digest" - " payload after the offset (%d), " - "digest size (%d) \n", __FUNCTION__, - offsetInBytes, digestSizeInBytes); - return NULL; - } + if (drvOpData->crp->crp_flags & ICP_CRYPTO_F_PACKET_BUF) { - return icp_ocfDrvSkbuffDigestPointerFind(drvOpData, - offsetInBytes, - digestSizeInBytes); + return icp_ocfDrvPacketBufferDigestPointerFind(drvOpData, + offsetInBytes, + digestSizeInBytes); } else { /* IOV or flat buffer */ @@ -1182,201 +1151,3 @@ static uint8_t *icp_ocfDrvDigestPointerFind(struct icp_drvOpData *drvOpData, DPRINTK("%s() Should not reach this point\n", __FUNCTION__); return NULL; } - -/* Name : icp_ocfDrvSkbuffDigestPointerFind - * - * Description : This function is used by icp_ocfDrvDigestPointerFind to process - * the non-linear portion of the skbuff if the fragmentation type is a linked - * list (frag_list is not NULL in the skb_shared_info structure) - */ -static inline uint8_t *icp_ocfDrvSkbuffDigestPointerFind(struct icp_drvOpData - *drvOpData, - int offsetInBytes, - uint32_t - digestSizeInBytes) -{ - - struct sk_buff *skb = NULL; - struct skb_shared_info *skb_shared = NULL; - - uint32_t skbuffisnonlinear = 0; - - uint32_t skbheadlen = 0; - - skb = (struct sk_buff *)(drvOpData->crp->crp_buf); - skbuffisnonlinear = skb_is_nonlinear(skb); - - skbheadlen = skb_headlen(skb); - - /*Linear skb checks */ - if (skbheadlen > offsetInBytes) { - - if (skbheadlen >= (offsetInBytes + digestSizeInBytes)) { - return (uint8_t *) (skb->data + offsetInBytes); - } else { - DPRINTK("%s() Auth payload stretches " - "accross contiguous memory\n", __FUNCTION__); - return NULL; - } - } else { - if (skbuffisnonlinear) { - offsetInBytes -= skbheadlen; - } else { - DPRINTK("%s() Offset outside of buffer boundaries\n", - __FUNCTION__); - return NULL; - } - } - - /*Non Linear checks */ - skb_shared = (struct skb_shared_info *)(skb->end); - if (unlikely(NULL == skb_shared)) { - DPRINTK("%s() skbuff shared info stucture is NULL! \n", - __FUNCTION__); - return NULL; - } else if ((0 != skb_shared->nr_frags) && - (skb_shared->frag_list != NULL)) { - DPRINTK("%s() skbuff nr_frags AND " - "frag_list not supported \n", __FUNCTION__); - return NULL; - } - - /*TCP segmentation more likely than IP fragmentation */ - if (likely(0 != skb_shared->nr_frags)) { - return icp_ocfDrvDigestSkbNRFragsCheck(skb, skb_shared, - offsetInBytes, - digestSizeInBytes); - } else if (skb_shared->frag_list != NULL) { - return icp_ocfDrvDigestSkbFragListCheck(skb, skb_shared, - offsetInBytes, - digestSizeInBytes); - } else { - DPRINTK("%s() skbuff is non-linear but does not show any " - "linked data\n", __FUNCTION__); - return NULL; - } - -} - -/* Name : icp_ocfDrvDigestSkbNRFragsCheck - * - * Description : This function is used by icp_ocfDrvSkbuffDigestPointerFind to - * process the non-linear portion of the skbuff, if the fragmentation type is - * page fragments - */ -static inline uint8_t *icp_ocfDrvDigestSkbNRFragsCheck(struct sk_buff *skb, - struct skb_shared_info - *skb_shared, - int offsetInBytes, - uint32_t - digestSizeInBytes) -{ - int i = 0; - /*nr_frags starts from 1 */ - if (MAX_SKB_FRAGS < skb_shared->nr_frags) { - DPRINTK("%s error processing skbuff " - "page frame -- MAX FRAGS exceeded \n", __FUNCTION__); - return NULL; - } - - for (i = 0; i < skb_shared->nr_frags; i++) { - - if (offsetInBytes >= skb_shared->frags[i].size) { - /*offset still greater than data position */ - offsetInBytes -= skb_shared->frags[i].size; - } else { - /* found the page containing start of hash */ - - if (NULL == skb_shared->frags[i].page) { - DPRINTK("%s() Linked page is NULL!\n", - __FUNCTION__); - return NULL; - } - - if (offsetInBytes + digestSizeInBytes > - skb_shared->frags[i].size) { - DPRINTK("%s() Auth payload stretches accross " - "contiguous memory\n", __FUNCTION__); - return NULL; - } else { - return (uint8_t *) (skb_shared->frags[i].page + - skb_shared->frags[i]. - page_offset + - offsetInBytes); - } - } - /*only possible if internal page sizes are set wrong */ - if (offsetInBytes < 0) { - DPRINTK("%s error processing skbuff page frame " - "-- offset calculation \n", __FUNCTION__); - return NULL; - } - } - /*only possible if internal page sizes are set wrong */ - DPRINTK("%s error processing skbuff page frame " - "-- ran out of page fragments, remaining offset = %d \n", - __FUNCTION__, offsetInBytes); - return NULL; - -} - -/* Name : icp_ocfDrvDigestSkbFragListCheck - * - * Description : This function is used by icp_ocfDrvSkbuffDigestPointerFind to - * process the non-linear portion of the skbuff, if the fragmentation type is - * a linked list - * - */ -static inline uint8_t *icp_ocfDrvDigestSkbFragListCheck(struct sk_buff *skb, - struct skb_shared_info - *skb_shared, - int offsetInBytes, - uint32_t - digestSizeInBytes) -{ - - struct sk_buff *skb_list = skb_shared->frag_list; - /*check added for readability */ - if (NULL == skb_list) { - DPRINTK("%s error processing skbuff " - "-- no more list! \n", __FUNCTION__); - return NULL; - } - - for (; skb_list; skb_list = skb_list->next) { - if (NULL == skb_list) { - DPRINTK("%s error processing skbuff " - "-- no more list! \n", __FUNCTION__); - return NULL; - } - - if (offsetInBytes >= skb_list->len) { - offsetInBytes -= skb_list->len; - - } else { - if (offsetInBytes + digestSizeInBytes > skb_list->len) { - DPRINTK("%s() Auth payload stretches accross " - "contiguous memory\n", __FUNCTION__); - return NULL; - } else { - return (uint8_t *) - (skb_list->data + offsetInBytes); - } - - } - - /*This check is only needed if internal skb_list length values - are set wrong. */ - if (0 > offsetInBytes) { - DPRINTK("%s() error processing skbuff object -- offset " - "calculation \n", __FUNCTION__); - return NULL; - } - - } - - /*catch all for unusual for-loop exit. - This code should never be reached */ - DPRINTK("%s() Catch-All hit! Process error.\n", __FUNCTION__); - return NULL; -} diff --git a/target/linux/generic-2.6/files/crypto/ocf/ep80579/linux_2.6_kernel_space.mk b/target/linux/generic-2.6/files/crypto/ocf/ep80579/linux_2.6_kernel_space.mk deleted file mode 100644 index 96afa9a45..000000000 --- a/target/linux/generic-2.6/files/crypto/ocf/ep80579/linux_2.6_kernel_space.mk +++ /dev/null @@ -1,69 +0,0 @@ -################### -# @par -# This file is provided under a dual BSD/GPLv2 license. When using or -# redistributing this file, you may do so under either license. -# -# GPL LICENSE SUMMARY -# -# Copyright(c) 2007,2008 Intel Corporation. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of version 2 of the GNU General Public License as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. -# The full GNU General Public License is included in this distribution -# in the file called LICENSE.GPL. -# -# Contact Information: -# Intel Corporation -# -# BSD LICENSE -# -# Copyright(c) 2007,2008 Intel Corporation. All rights reserved. -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in -# the documentation and/or other materials provided with the -# distribution. -# * Neither the name of Intel Corporation nor the names of its -# contributors may be used to endorse or promote products derived -# from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# -# -# version: Security.L.1.0.130 -################### - -#specific include directories in kernel space -INCLUDES+=#e.g. -I$(OSAL_DIR)/include \ - -#Extra Flags Specific in kernel space e.g. include path or debug flags etc. e.g to add an include path EXTRA_CFLAGS += -I$(src)/../include -EXTRA_CFLAGS += $(INCLUDES) -O2 -Wall -EXTRA_LDFLAGS +=-whole-archive - |