Signed-off-by: Cristian Stoica <cristianmarian.stoica@nxp.com>

The 1st parameter of `crypto_completion_t` is now the user data passed to the
callback instead of the `crypto_async_request`.
Migrate to the new API and add a shim to keep compatibility with old kernels.

See also: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=255e48eb17684157336bd6dd98d22c1b2d9e3f43



Signed-off-by: Joan Bruguera <joanbrugueram@gmail.com>

`make cscope` will generate cscope files for source code browsing.
The cscope files will be removed by `make clean`.

Signed-off-by: Tan En De <ende.tan@starfivetech.com>

Add support for cfb, ofb and ccm aes algorithms

This patch allows to expose the cfb, ofb and ccm aes algorithms
using cryptodev-linux.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>

README.md: reword sentences and rework links and punctuation

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>

The mailing list server is dead for some time but the previous home
of cryptodev-linux is still accessible

Signed-off-by: Cristian Stoica <cristianmarian.stoica@nxp.com>

README: convert to markdown format

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>

README: rework OpenSSL compilation instructions

As the patches for OpenSSL are already upstream, remove the obsolete
instructions.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>

Fix potential crash or deadlock in CIOCCPHASH implementation

lockdep reports a potential deadlock when this ioctl is used,
because crypto_copy_hash_state() takes mutexes in inconsistent
order.

1. In the first call to crypto_get_session_by_sid(), it is holding
   a fcrypt mutex when it locks a csession mutex.
2. In the second call it is still holding a csession mutex  when it
   locks a fcrypt mutex.

But there is an even simpler potential self-deadlock: the caller could
pass the same session ID as both source and destination.

Add a crypto_get_sessions_by_sid() that looks up and locks two
sessions:

* If the session IDs are the same, fail
* If both sessions are found, lock their mutexes in address ordre

Use this in crypto_copy_hash_state().

Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>

In case the CIOCCPHASH ioctl is used on a session that only has cipher
state, this results in a null pointer dereference.

Change cryptodev_hash_copy() to check that the hash_data structures it
is given have been initialised.

Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>

Add support for xts aes algorithm

This patch allows to expose the xts aes algorithm using cryptodev-linux.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>

This is required to install the cryptodev tests folder to rootfs

(Original patch
Signed-off-by: Yu Zongchun <b40527@freescale.com>
at https://git.openembedded.org/openembedded-core/plain/meta/recipes-kernel/cryptodev/files/0001-Add-the-compile-and-install-rules-for-cryptodev-test.patch

 )

Signed-off-by: Cristian Stoica <cristianmarian.stoica@nxp.com>

Add option for INSTALL_MOD_PATH for make

INSTALL_MOD_PATH will allow developers to install the module at the
locations other than default one.

Signed-off-by: Vaibhav Gupta <vaibhavgupta40@gmail.com>

Signed-off-by: Cristian Stoica <cristianmarian.stoica@nxp.com>

Fix build for Linux 5.11-rc1

ksys_close was removed, as far as I can tell, close_fd replaces it.

See also: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8760c909f54a82aaa6e76da19afe798a0c77c3c3
          https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1572bfdf21d4d50e51941498ffe0b56c2289f783

Fix build for Linux 5.9-rc1

See also: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=64019a2e467a288a16b65ab55ddcbf58c1b00187
          https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bce617edecada007aee8610fbe2c14d10b8de2f6
          https://lore.kernel.org/lkml/CAHk-=wj_V2Tps2QrMn20_W0OJF9xqNh52XSGA42s-ZJ8Y+GyKw@mail.gmail.com/



Signed-off-by: Joan Bruguera <joanbrugueram@gmail.com>

Signed-off-by: Cristian Stoica <cristian.stoica@microchip.com>

Linux no longer allows VLA use in the kernel, requiring declaration of
arrays to be up-front. This patch fixes "alloca is no longer permitted
in linux" build error.

Suggested-at: https://github.com/cryptodev-linux/cryptodev-linux/pull/49/commits/5b0662b802f40aa5956e095e404c8080828f8858


Signed-off-by: Cristian Stoica <cristian.stoica@microchip.com>

Fix for change in Kernel 4.4.168

Signed-off-by: Scott Branden <scott.branden@broadcom.com>

Fix build for Linux 5.8-rc1

See also: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9740ca4e95b43b91a4a848694a20d01ba6818f7b
          https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=da1c55f1b272f4bd54671d459b39ea7b54944ef9
          https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d8ed45c5dcd455fc5848d47f86883a1b872ac0d0



Signed-off-by: Joan Bruguera <joanbrugueram@gmail.com>

enabled the support for TLS1.1 - AES128-SHA1 - AES256-SHA1

& TLS1.2 offloads for:
    - AES128-SHA256
    - AES256-SHA256

It requires kernel support for algorithms:

    - tls11(hmac(sha1),cbc(aes))
    - tls12(hmac(sha256),cbc(aes))

to be provided either in software or accelerated by hardware
such as NXP B*, P* and T* platforms.

Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>

Starting with kernel v5.5-rc1 ablkcipher and blkcipher are removed and
symmetric key operations will rely solely on skcipher:
commit d63007eb954 ("crypto: ablkcipher - remove deprecated and unused ablkcipher support").

When cryptodev will use higher kernel versions > 5.4 will need to use the
skcipher interface instead.

Signed-off-by: Andrei Botila <andrei.botila@nxp.com>

Currently, only auth_src is aligned, while dst buffer is not.

Depending on the HEADER_SIZE value, it may trigger the following warning:
...
cryptodev: cipher-aead-srt[407] (get_userbuf_srtp:121): careful - source address xxx is not 4 byte aligned
...

Signed-off-by: Ovidiu Panait <ovpanait@gmail.com>

This commit fixes this module load error:
[...]
[   29.112091] cryptodev: loading out-of-tree module taints kernel.
[   29.128906] cryptodev: Unknown symbol crypto_givcipher_type (err -2)
[   29.188842] cryptodev: Unknown symbol crypto_givcipher_type (err -2)
modprobe: can't load module cryptodev (extra/cryptodev.ko): unknown symbol in module, or unknown parameter
[...]

Upstream Linux support for unused GIVCIPHER, and others, was dropped here:

c79b411eaa72 (crypto: skcipher - remove remnants of internal IV generators)

Signed-off-by: Derald D. Woods <woods.technical@gmail.com>

Signed-off-by: Cristian Stoica <cristian.stoica@microchip.com>

add CIOCCPHASH ioctl to copy hash state between sessions

It is often useful to copy the partial state of a hash function to
another session, so that it can be used as a base for two or more
computations.

The most prominent example is HMAC where all hashes start from
a base determined by the key.  By copying the state to another
session means that we only have to compute that base once rather
than for each message.

This creates a CIOCCPHASH ioctl, where the source and destination
session ids are fed to the paramenter struct.  Both sessions must have
been created before calling CIOCCPHASH.

The ioctl uses the kernel ahash import/export calls, available since
version 2.6.29.  The drivers were not required to implement these
calls until version 4.17.

OpenSSL requires this ioctl to avoid having to keep the contents of the
whole message before it can calculate the digest.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>