This patch fixes the regression caused by adding the NEON
variant of the ghash as the default ghash package package:
> ERROR: module '[...]/arch/arm/crypto/ghash-arm-ce.ko' is missing.
> modules/crypto.mk:286: recipe for target
> '[...]/kmod-crypto-ghash_4.19.106-1_aarch64_cortex-a53.ipk' failed
This patch limits the scope to the ARM32/cortexa9 target of mvebu.
Fixes: 285df63efc ("kernel: build neon-asm version of ghash module")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This removes the assignment of setup and cleanup functions for the ath79
target. Assigning the setup-method will lead to 'setup_transfer' not
being assigned in spi_bitbang_init.
Also drop the redundant cleanup assignment, as this also happens in
spi_bitbang_init.
Signed-off-by: David Bauer <mail@david-bauer.net>
This fixes some outstanding issues with the Kernel 5.4 build:
* Adds missing support patch for the Enterasys WS-AP3710i
* Fixes incorrect NAND symbols
* Adds patch for broken image wrapping
Signed-off-by: David Bauer <mail@david-bauer.net>
This patch adds important NAND config symbols.
These are necessary as otherwise the devices
won't find the rootfs on the NAND chips.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This patch just refreshes the 5.4 patches. It seems as if
070-v4.20-soc-qcom-spm-add-SCM-probe-dependency.patch is
already applied, so drop it. It also does a quick
make kernel_oldconfig to get rid of unneeded symbols.
[Looks like USB and Ethernet need some more work].
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This patch adds a few more symbols that I found that
need disabling in order to not break the automatic build.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This builds the regular arm and arm-neon asm optmized modules for sha1
and sha512, for targets that set CONFIG_ARM_CRYPTO.
On ip40xx, the arm-asm version of sha1 improves performance by 5% over
the generic C implementation; sha1-neon is 25% faster than generic,
and sha512-neon, 259%.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This alone improves AES-GCM performance by up to 50% on ipq40xx. This
is enabled for targets that support neon and set CONFIG_ARM_CRYPTO:
imx6, ipq40xx, and mvebu.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This backports commits from master that fix AES ciphers when using the
qce driver:
- A couple of simple fixes for CTR and XTS modes used with AES:
* 041-crypto-qce-fix-ctr-aes-qce-block-chunk-sizes.patch
* 042-crypto-qce-fix-xts-aes-qce-key-sizes.patch
- A fix for a bug that affected cases when there were more entries in
the input sg list than necessary to actually encrypt, resulting in
failure in gcm, where the authentication tag is present after the
encryption data:
* 043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch
- A fix to update the IV buffer passed to the driver from the kernel:
* 044-crypto-qce-update-the-skcipher-IV.patch
- A patch that reduces memory footprint and driver initialization by
only initializing the fallback mechanism where it is actually used:
* 046-crypto-qce-initialize-fallback-only-for-AES.patch
- Three patches that make gcm and xts modes work with the qce driver,
and improve performance with small blocks:
* 047-crypto-qce-use-cryptlen-when-adding-extra-sgl.patch
* 048-crypto-qce-use-AES-fallback-for-small-requests.patch
* 049-crypto-qce-handle-AES-XTS-cases-that-qce-fails.patch
- A patch that allows the hashes/ciphers to be built individually.
* 051-crypto-qce-allow-building-only-hashes-ciphers.patch
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
[renumbered patches, added patches from dropped commit, refreshed, 5.4]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This adds the neon based implementations of AES & SHA256.
For AES, according to the kernel config help:
Use a faster and more secure NEON based implementation of AES in CBC,
CTR and XTS modes.
Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
and for XTS mode encryption, CBC and XTS mode decryption speedup is
around 25%. (CBC encryption speed is not affected by this driver.)
This implementation does not rely on any lookup tables so it is
believed to be invulnerable to cache timing attacks.
...
The observed speedups on ipq40xx are more modest: speedup is around 20%
for CTR mode and for XTS mode encryption, CBC and XTS mode decryption
speedup is around 10%. Measurements were made using tcrypt, with
1024-bytes blocks for CTR & CBC, and 4096-bytes for XTS.
The aes-neon-bs driver uses a fallback for CBC encryption; that fallback
could be either the generic driver written in C, or the scalar arm-asm
one. Even though aes-arm is 1.9% slower, it is more resilient to timing
attacks (the reason for being slower), so it is being included here.
The neon sha256 module increases performance over the generic module by
33%.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
[Enable only ciphers for now, reorder patch in series to help bisect
as new symbols could lead to build failures, 5.4]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This backports a commit updating the API of the QCE crypto engine to
what is used in current kerenl, easing future upstream backports.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
[renumber patches, refreshed, added 5.4 patches]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This patch disables the CRYPTO KERNEL SYMBOLs that are touched
by the upcoming ipq40xx patch "ipq40xx: use neon crypto drivers"
from "Eneas U de Queiroz" and more so for his follow up patches
for the other ARM targets in this series. This should help to
prevent at least a few potential build errors on other archs.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
SOC: IPQ4019 / QCA Dakota
CPU: Quad-Core ARMv7 Processor rev 5 (v7l) Cortex-A7
DRAM: 256 MiB
FLASH: NOR 4 MiB + NAND 128 MiB
ETH: Qualcomm Atheros QCA8072
WLAN1: Qualcomm Atheros QCA4019 2.4GHz 802.11bgn 2:2x2
WLAN2: Qualcomm Atheros QCA4019 5GHz 802.11a/n/ac 2:2x2
WLAN2: Qualcomm Atheros QCA9888 5GHz 802.11a/n/ac 2:2x2
INPUT: WPS Button
LEDS: Power, LAN1, LAN2, WLAN 2.4GHz, WLAN 5GHz-1, WLAN 5GHz-2, OPMODE
1. Load Ramdisk via U-Boot
To set up the flash memory environment, do the following:
a. As a preliminary step, ensure that the board console port is connected to the PC using these RS232 parameters:
* 115200bps
* 8N1
b. Confirm that the PC is connected to the board using one of the Ethernet ports.
c. Set a static ip 192.168.99.8 for Ethernet that connects to board.
d. The PC must have a TFTP server launched and listening on the interface to which the board is connected.
e. At this stage power up the board and, after a few seconds, press 4 and then any key during the countdown.
U-BOOT> set serverip 192.168.99.9 && tftpboot 0x84000000 192.168.99.8:openwrt.itb && bootm
Signed-off-by: Steven Lin <steven.lin@senao.com>
[copied 4.19 dts to 5.4]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Fix typedef clash on darwin.
HOSTCC scripts/mod/file2alias.o
scripts/mod/file2alias.c:47:3: error: typedef redefinition with different types ('struct uuid_t' vs '__darwin_uuid_t' (aka 'unsigned char [16]'))
} uuid_t;
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/sys/_types/_uuid_t.h:31:25: note: previous definition is here
typedef __darwin_uuid_t uuid_t;
^
scripts/mod/file2alias.c:1305:42: error: array initializer must be an initializer list or string literal
DEF_FIELD(symval, tee_client_device_id, uuid);
^
2 errors generated.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
This is still missing a lot of love but people want to start working on it
so lets give them a common baseline.
Signed-off-by: John Crispin <john@phrozen.org>
* Fix some bugs in the driver
* Add missing clock and reset references in dts
* Rename mdio-bus to mdio so the driver find it
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
[refreshed]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* Sync the patches with the changes done for kernel 4.19
* Use KERNEL_TESTING_PATCHVER
* Refresh the configuration
* Fix multiple compile bugs in the patches
* Only add own ag71xx files for kernel 4.19 and use upstream version for
5.4.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
With kernel 5.4 the upstream kernel supports deactivating the FPU
support on MIPS. Use this new upstream feature instead of our older
patch which was removed when porting the kernel patches to kernel 5.4.
This way both options are set which should work for older kernel
versions and also new ones.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The nvmem framework is now used in net/ethernet/eth.c and the nvmem
sysfs is split into a separate Kconfig option. More work would be needed
to adapt this patch for the broader use. The current patch compiles fine
on ath79, but it breaks the x86 target.
nvmem is also compiled into the kernel for most of our targets for
example ath79 anyway, so patching the kernel to remove it is now harder
and not the case on multiple targets anyway. Instead of making this work
on kernel 5.4 just remove this hack patch.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This module was added with kernel 4.15, but is was removed again with
kernel version 5.3. OpenWrt does not support specifying a kernel version
range so just break it with kernel 4.14 and only support recent kernel
versions.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
With kernel 5.4 kmod-sound-hda-intel also needs snd-intel-nhlt.ko, but
this kernel module is only build on x86, make the OpenWrt kmod depend on
TARGET_x86.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This makes it possible to select CONFIG_CRYPTO_LIB_ARC4 directly. We
need this to be able to compile this into the kernel and make use of it
from mac80211 backports.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
nf_reset() was renamed to nf_reset_ct() in upstream Linux commit
895b5c9f206e ("netfilter: drop bridge nf reset from nf_reset)"
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
gigaset was moved to staging in kernel 5.4, just deactivate it on
recent kernel versions instead of adapting it.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
In kernel 5.3 and 5.4 some crypto modules were split into two modules,
one implementing the crypto algorithm and the other integrating it
into the Linux crypto framework.
Adapt OpenWrt to support this split.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds the new xfrm4_mode_beet, xfrm4_mode_transport,
xfrm4_mode_tunnel and their IPv6 versions on kernel 5.4. These modules
were newly added in kernel 5.2.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
The configuration was refreshed and KERNEL_TESTING_PATCHVER was set to
make it easy to compile for kernel 5.4.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>