Commit Graph

226 Commits

Author SHA1 Message Date
Martin Schiller
1f7ec35077 kernel: add new ltq-vdsl-vr11 driver
This uses version 4.23.1 of the drv_dsl_cpe_api package from the Intel
UGW 8.5.2.10 for the VRX518.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[rebased and updated for kernel 5.10]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[update to 4.23.1, switch to tag tarball, update patches]
Signed-off-by: Andre Heider <a.heider@gmail.com>
[added fix for elapsed time and upstream MINEFTR]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-01-16 23:41:41 +00:00
Martin Schiller
bc442076f2 kernel: add new ltq-vdsl-vr11-mei driver
This uses version 1.11.1 of the drv_mei_cpe package from the Intel UGW
8.5.2.10 for the VRX518.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[updated for kernel 5.10]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[update to 1.11.1, switch to tag tarball, update patches]
Signed-off-by: Andre Heider <a.heider@gmail.com>
[update for kernel 5.15]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-01-16 23:41:41 +00:00
Andre Heider
2a0aa9eefa ltq-ifxos: enable for ipq40xx
This is required for the MEI CPE driver.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-01-16 23:41:41 +00:00
Martin Schiller
474bbe23b7 kernel: add Intel/Lantiq VRX518 TC driver
This driver version is also included in Intel UGW 8.5.2.10.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[updated for kernel 5.10]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[update to 1.5.12.4, switch to tag tarball]
Signed-off-by: Andre Heider <a.heider@gmail.com>
[add working software data path]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-01-16 23:41:41 +00:00
Martin Schiller
568d17989f kernel: add Intel/Lantiq VRX518 EP driver
This driver was picked from the Intel UGW 8.5.2.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[updated for kernel 5.10]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[update to 8.5.2]
Signed-off-by: Andre Heider <a.heider@gmail.com>
[fix masking interrupts and add locking]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-01-16 23:41:41 +00:00
Hauke Mehrtens
243a7256c1 kernel: Make use of KERNEL_MAKE
Make use of KERNEL_MAKE in kernel packages were easily possible.
This moves some more code to common places and reduces the number of
lines.

It is defined like this:
KERNEL_MAKE = $(MAKE) $(KERNEL_MAKEOPTS)
KERNEL_MAKEOPTS = -C $(LINUX_DIR) $(KERNEL_MAKE_FLAGS)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-12-17 20:12:31 +01:00
Jonas Albrecht
74a5718223 lantiq: ltq-tapi: add customer pulse digit time
With this patch you can change the pulse digit time by loading the Lantiq
FXS driver kernel module called ltq-tapi. This is relevant for old
rotaryphones that uses pulsedialing.

The default values are:
30-80ms for the low pulse
30-80ms for the high pulse
300ms for minimum Interdigit time

this is OK but on some Phones it can be usefull to customize the values
If you want to change the values to high and low pulse to 40-90ms and
minimum interdigit time to 400ms

than change /etc/modules.d/20-ltq-tapi to (without linebrakes):
drv_tapi min_digit_low=40  min_digit_high=90 max_digit_low=40 \
max_digit_high=90 min_interdigit=400

Signed-off-by: Jonas Albrecht <plonkbong100@protonmail.com>
2022-11-18 20:27:52 +01:00
Hauke Mehrtens
898b4104b3 ltq-tapi: Fix compile with kernel 5.15
Do not use find_vpid(), but get_task_pid() to get the pid from
pThrCntrl->tid. This is now a ponter to struct task_struct instead of
an integer.

This fixes the build of ltq-tapi with lantiq/xway.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-11-05 22:35:58 +01:00
Hauke Mehrtens
b3aa998f6c ltq-ifxos: Fix compile with ltq-tapi
Do not include asm/irq.h directly, but include linux/interrupt.h instead.
This fixes the build of ltq-tapi with lantiq/xway.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-11-05 22:35:46 +01:00
Martin Blumenstingl
a075ddb8ca kernel: ltq-adsl-mei: Fix compilation with Linux 5.15
struct of_device_id is not implicitly included anymore. Include
<linux/mod_devicetable.h> to fix compilation on Linux 5.15.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-10-22 19:44:46 +02:00
Martin Blumenstingl
2964353927 kernel: ltq-vmmc: Fix compilation with Linux 5.15
MODULE_SUPPORTED_DEVICE is gone after Linux 5.15. Drop it's usage on
newer kernels to fix compilation with Linux 5.15.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-10-22 19:44:45 +02:00
Martin Blumenstingl
f4ce7df4fc kernel: ltq-vdsl-vr9-mei: Fix compilation with Linux 5.15
The result of copy_to_user() now has to be checked explicitly. Also
MODULE_SUPPORTED_DEVICE is gone after Linux 5.10.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-10-22 19:44:45 +02:00
Martin Blumenstingl
22fbc2d896 kernel: ltq-tapi: Fix compilation with Linux 5.15
MODULE_SUPPORTED_DEVICE was removed after Linux 5.10. Drop it from the
driver as well.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-10-22 19:44:45 +02:00
Martin Blumenstingl
d6e506eaaa kernel: ltq-deu: Fix compilation with Linux 5.15
struct of_device_id is not implicitly included anymore. Include
<linux/mod_devicetable.h> to fix compilation on Linux 5.15.
Also upstream commit a24d22b225ce15 ("crypto: sha - split sha.h into
sha1.h and sha2.h") from Linux 5.11 moves functionality from sha.h to
sha1.h.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-10-22 19:44:45 +02:00
Jan Hoffmann
e4c76e6fa3 ltq-ifxos: add compatibility with kernel 5.15
set_fs is no longer supported since kernel 5.13 for mips.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-10-22 19:44:45 +02:00
Andre Heider
33e2115fe4 ltq-vdsl-app: rename to ltq-vdsl-vr9-app
This matches the scheme used by other target packages and will avoid
confusion with any future version.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-09-17 17:39:23 +02:00
Andre Heider
07536cff51 lantiq: rename ltq-vdsl folder to ltq-vdsl-vr9
Now PKG_NAME matches the folder name, and this will avoid confusion with
any future version.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-09-17 17:39:23 +02:00
Andre Heider
5d53b8e9f9 lantiq: rename ltq-vdsl-mei folder to ltq-vdsl-vr9-mei
Now PKG_NAME matches the folder name, and this will avoid confusion with
any future version.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-09-17 17:39:23 +02:00
Daniel Golle
1f84d45e18 ltq-vdsl-fw: fix firmware installer
The downloaded filename was wrong in multiple places. Fix that.

Fixes: 2f95dd8ff0 ("ltq-vdsl-fw: update w921v firmware download URL")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-08-26 22:32:47 +01:00
Jan Hoffmann
db4bf4b968 ltq-vdsl/ltq-adsl: fix elapsed time calculation
The driver maintains elapsed times by repeatedly accumulating the time
since the previous update in a loop. For the elapsed showtime time, the
time difference is truncated to seconds before adding it, leading to a
sizable error over time.

Move the truncation to before calculation of the time difference in
order to remove this error. Also maintain the total elapsed time in the
same way in full seconds, to prevent the unsigned 32-bit counter from
wrapping around after about 50 days.

Testing on a VR9 device shows that the reported line uptime now matches
the actual elapsed wall time. The ADSL variant is only compile-tested,
but it should also work as the relevant code is identical.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-05-04 01:38:04 +01:00
Jan Hoffmann
2f484aeff5 ltq-atm/ltq-ptm: avoid unnecessary build dependencies
Right now, both ltq-adsl-mei and ltq-vdsl-mei are always built, even
when they aren't necessary for the selected variant. This can cause the
build to fail, for example ltq-vdsl-mei doesn't build successfully here
on xway target due to the vectoring callback.

Make these dependencies conditional on the specific package variants,
so they are only built when actually needed.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-05-04 01:38:04 +01:00
Jan Hoffmann
1700424553 ltq-vdsl-mei: add locking to interrupt handler
Some users noticed repeated resyncs at random intervals, which go away
when the MEI driver is configured to use polling instead of interrupts.
Debugging shows that this seems to be caused by concurrent calls to
MEI_ReadMailbox (in the interrupt handler) and MEI_WriteMailbox. This
appears to be mostly triggered when there is an interrupt for vectoring
error reports.

In polling mode, calls to MEI_ReadMailbox are protected by the same
semaphore as is used in MEI_WriteMailbox. When interrupts are used,
MEI_WriteMailbox appears to rely on MEI_DisableDeviceInt and
MEI_EnableDeviceInt to provide mutual exclusion with the interrupt
handler. These functions mask/unmask interrupts, and there is an
additional check of the mask in the interrupt handler itself. However,
this is not sufficient on systems with SMP, as the interrupt handler
may be running in parallel, and could already be past the interrupt
mask check at this point.

This adds a lock to the interrupt handler, and also acquires this lock
in MEI_DisableDeviceInt. This should make sure that after a call to
MEI_DisableDeviceInt the interrupt is masked, and the interrupt handler
is either not running, has alread finished its work, or is still before
the interrupt mask check, and is thus going to detect the change.

Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2022-03-21 12:28:37 +00:00
Jan Hoffmann
93f0e1f922 ltq-vdsl-mei: enable vectoring error sample callback
This re-enables the vectoring error sample callback and adds a
dependency to the corresponding driver.

Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2022-03-21 12:28:31 +00:00
Jan Hoffmann
f872b96609 ltq-vectoring: add driver
In order to calculate the required pre-distortion for downstream
vectoring, the vectoring control entity (VCE) at the carrier office
needs error samples from the modem. On Lantiq VR9 modems, error reports
are generated by the firmware, but need to be multiplexed into the data
stream by the driver on the main processor when L2 encapsulation is
selected by the VCE.

This driver provides the necessary callback function, which is called by
the MEI driver after receiving an error report from the firmware.

Originally, it is part of the Lantiq PPA driver, but after a few changes
it also works with the PTM driver used in OpenWrt. The direct call to
ndo_start_xmit needs to be replaced, as the PTM driver relies on locks
from the kernel. Instead dev_queue_xmit is used, which is called from a
work queue, as it is not safe to call from an interrupt handler.

Additional changes include fixes to support recent kernel versions and
a change of the used interface from ptm0 to dsl0.

Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2022-03-21 12:28:26 +00:00
Hauke Mehrtens
71bdff9139 ltq-vdsl-mei: Remove static linking
This removes -static compile option. The -static option tells GCC to
link this statically with the libc, which we do not want in OpenWrt. We
want to link everything dynamically to the libc. This fixes a compile
problem with glibc.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-01-21 23:09:24 +01:00
Jan Hoffmann
9d878d8422 ltq-ifxos: update to 1.7.1
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[fix warnings, switch to tag tarball, update patches]
Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-01-08 00:49:59 +01:00
Andre Heider
5ee1e04517 ltq-vdsl: move to the default device name /dev/dsl_cpe_api/0
This makes patching it for ltq-vdsl-app unnecessary and paves the way
for VRX518 support.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-01-08 00:49:59 +01:00
Daniel Kestrel
b61d756b6c ltq-deu: disable arc4 algorithm
ARC4 was used for WEP, which is not secure anymore. Therefor it is
disabled in the driver, but the code is not removed for now.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:15 +01:00
Daniel Kestrel
fc4d88cf73 ltq-deu: add aes_gcm algorithm
The lantiq AES hardware does not support the gcm algorithm. But it
can be implemented in the driver as a combination of the aes_ctr
algorithm and the xor plus gfmul operations for the hashing.
Due to the wrapping of the several algorithms and the inefficient
16 byte block by 16 byte block invokation in the kernel
implementations, this driver is about 3 times faster for the larger
block sizes.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:15 +01:00
Daniel Kestrel
973e28f248 ltq-deu: change PKG_RELEASE to AUTORELEASE
As per suggestion by adschm, PKG_RELEASE is set to AUTORELEASE.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:15 +01:00
Daniel Kestrel
a0d6b09c36 ltq-deu: remove redundant code for setting the key in aes
After adding xts and cbcmac the aes algorithm source had three sections
for setting the aes key to the hardware which are identical.
Method aes_set_key_hw was created which is now called from within the
spinlock secured control sections in methods ifx_deu_aes, ifx_deu_aes_xts
and aes_cbcmac_final_impl and reduces the size of ifxmips_aes.c.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:15 +01:00
Daniel Kestrel
79efaa7f8f ltq-deu: add shash cbcmac-aes algorithm to the driver
Since commit 53b6783 hostapd is using the kernel api which includes the
cbcmac-aes shash algorithm. The kernels implementation is a wrapper around
the aes encryption algorithm, which encrypts block (16 bytes) by block.
When the ltq-deu driver is present, it uses hardware aes, but every 16 byte
encrypt requires setting the key. This is very inefficient and is a huge
overhead. Since the cbcmac-aes is simply a hash that uses the cbc aes
algorithm starting with an iv set to x'00' with an optional ecb aes
encryption of a possible last incomplete block that is padded with the
positional bytes of the last cbc encrypted block, this algorithm is now
added to the driver. Most of the code is derived from md5-hmac and
tailored for aes. Tested with the kernels crypto testmgr including extra
tests against the kernels generic ccm module implementation.
This patch also fixes the overallocation in the aes_ctx that is caused
by using u32 instead of u8 for the aes keys.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:15 +01:00
Daniel Kestrel
f8e5c6080c ltq-deu: remove driver disablement for kernel 5.4 and above
Remove the dependency on kernel 5.4 from the Makefile to allow the
driver to compile with kernel 5.10 or kernel versions higher than
5.4.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:15 +01:00
Daniel Kestrel
43422deed3 ltq-deu: add aes_xts algorithm
The lantiq AES hardware does not support the xts algorithm. Apart
from the cipher text stealing (XTS), the AES XTS implementation is
just an XOR with the IV, followed by AES ECB, followed by another
XOR with the IV and as such can be also implemented by using the
lantiq hardware's CBC AES implemention plus one additional XOR with
the IV in the driver. The output IV by CBC AES is also not usable
and the gfmul operation not supported by lantiq hardware. Both need
to be done in the driver too in addition to the IV treatment which is
the initial encryption by the other half of the input key and to
set the IV to the IV registers for every block.
In the generic kernel implementation, the block size for XTS is set
to 16 bytes, although the algorithm is designed to process any size
of input larger than 16 bytes. But since there is no way to
indicate a minimum input length, the block size is used. This leads
to certain issues when the skcipher walk functions are used, e.g.
processing less than block size bytes is not supported by calling
skcipher_walk_done.
The walksize is 2 AES blocks because otherwise for splitted input
or output data, less than blocksize is to be returned in some cases,
which cannot be processed. Another issue was that depending on
possible split of input/output data, just 16 bytes are returned while
less than 16 bytes were remaining, while cipher text stealing
requires 17 bytes or more for processing.
For example, if the input is 60 bytes and the walk is 48, then
processing 48 bytes leads to a return code of -EINVAL for
skcipher_walk_done. Therefor the processed counter is used to
figure out, when the actual cipher text stealing for the remaining
bytes less than blocksize needs to be applied.
Measured with cryptsetup benchmark, this XTS AES implementation is
about 19% faster than the kernels XTS implementation that uses the
hardware ECB AES (ca. 18.6 MiB/s vs. 15.8 MiB/s decryption 256b key).
The implementation was tested with the kernels crypto testmgr against
the kernels generic XTS AES implementation including extended tests.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:08 +01:00
Daniel Kestrel
006fee0dad ltq-deu: update initialisations for hmac algorithms
The processing in the hmac algorithms depends on the status fields:
count, dbn and started. Not all were initialised in the init method
and after finishing the final method. Added missing fields to init
method and call init method after finishing final.
The memsets have the wrong size in the original driver and did not
clear everything and are not necessary. Since no memset is done in
the kernels generic implementation, memsets were removed.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:05 +01:00
Daniel Kestrel
6ade9d1dda ltq-deu: remove compiler warning and shorten locked sections
Removing hash pointer in _hmac_setkey since its not needed and causes
a compiler warning.
Make the spinlock control sections shorter and move initializations
out of the control sections to free the spinlock faster for allowing
other threads to use the hash engine.
Minor improvements for indentation and removal of blanks and blank
lines in some areas.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:02 +01:00
Daniel Kestrel
0470b05b56 ltq-deu: fix temp size exceed in hmac algorithms
Exceeding the temp array size was not checked and instead storage not
allocated by the driver was used/overwritten which in most cases
resulted in reboots. This patch implements processing the input to the
hash algorithm in tempsize chunks.
The _hmac_final methods were changed to _hmac_final_impl adding a
parameter that indicates intermediate or final processing. The started
variable was added to the context to indicate, if there is an
intermediate result in the context. For sha1_hmac the variable to store
the intermediate hash was added to the context too.
In order to avoid md5_hmac_final_impl being recursively called if the
padding of the input and the resulting last transform during the hmac
algorighms final processing causes the temp array to overflow and to
make sure that there is at least one block in the temp array when the
_hmac_final for final processing is called, the check for exceeding
the temp array in _hmac_transform was moved before copying the block
and incrementing dbn. dbn needs to be at least 1 at final processing
time to let the hash engine apply the opad operation.
To make the hash engine not apply the hmac algorithms final opad
operation, for intermediate processing the dbn in the control register
is set to a higher value than number of dbns are actually processed.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:59 +01:00
Daniel Kestrel
85383b3112 ltq-deu: fix setkey errors and static shared temp for hmac algos
The hmac algorithms state, that keys larger than the key size should be
hashed with the underlying hash algorithms and then those hashes are to
be used as keys. This patch implements this. In order to avoid allocating
a descriptor during setkey, a shash_desc pointer is added to the context.
Another issue for multithreaded callers is the shared temp array.
The temp array is static and as such would be shared among multithreaded
callers, which obviously would neither work nor produce correct results.
The temp array (4k size) is moved to the context and since the size of
the context is limited, it can only be defined as pointer otherwise the
initialisation of the hash algorithm fails.
The allocations and freeing of both the temp and the desc pointer in the
context are done by implementing cra_init and cra_exit functions for
the hmac algorithms.
Also improved indentation in some areas.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:57 +01:00
Daniel Kestrel
9cb1875d2f ltq-deu: fix ifxdeu-ctr-rfc3686(aes) not matching generic impl
Error ifxdeu-ctr-rfc3686(aes) (16) doesn't match generic impl (20) occurs
when running the cryptomgr extra tests that compare against the linux
kernels generic implementation.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:53 +01:00
Daniel Kestrel
34a3eaf07f ltq-deu: changes for hash multithread callers and md5 endianess
The algorithms sha1, sha1_hmac and md5_hmac all use ENDI=1. The md5
algorithm uses ENDI=0 and the endian_swap methods to reverse the
endianess switch by using user CPU time, which is unnecessary overhead.
Danube and AR9 devices do not set endianess for SHA1, so is done for
MD5.
Furthermore the patch replaces endian_swap with le32_to_cpu for md5 and
md5 hmac algorithms and removes endian_swap for them.
The init functions initialize the algorithm in the hardware. The lock is
not used to write to the control register. If another thread calls
another hash algo before update or final, the result will be wrong.
Therefore move the algorithm init to the lock protected sections in the
transform or final methods.
Setting the hw key for the hmac algorithms is now done from within the
lock protected sections in their final methods. The lock protecting is
removed from the _hmac_setkey_hw functions.
In final for md5 and sha1 the lock section is removed, because all the
work was already done in transform (which is called from final). As such
only copying the hash to the output is required.
MD5 and MD5_HMAC produce 16 byte hashes (4 DWORDS) only, therefor
writing register D5R to the hash output is removed for MD5_HMAC.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:50 +01:00
Daniel Kestrel
87a19c9345 ltq-deu: make deu hash lock global and remove md5_hmac_ exports
All hash algorithms use the same base IFX_HASH_CON to access the hash unit.
Parallel threads should not be able to call different hash algorithms and
therefor a global lock is required.
Fixed linker warning, that md5_hmac_init, md5_hmac_update and
md5_hmac_final are static export symbols. The export symbols are not
required, because the functions are exposed using shash_alg structure.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:48 +01:00
Daniel Kestrel
536dc6f164 ltq-deu: add aes_ofb and aes_cfb algorithms
The functions ifx_deu_aes_cfg and ifx_deu_aes_ofb have been part of the
driver ever since. But the functions and definitions to make the
algorithms actually usable were missing.
This patch adds the neccessary code for aes_ofb and aes_cfb algorithms.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:45 +01:00
Daniel Kestrel
cd01d41c77 ltq-deu: fix cryptomgr test errors for aes
When running cryptomgr tests against the driver, there are several
occurences of different errors for even and uneven splitted data in the
underlying scatterlists for the ctr and ctr_rfc3686 algorithms which are
now fixed.
Fixed error in ctr_rfc3686_aes_decrypt function which was introduced with
the previous commit by using CRYPTO_DIR_ENCRYPT in the decrypt function.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:42 +01:00
Daniel Kestrel
19cb3c9dff ltq-deu: fix cryptomgr test errors for des
When running cryptomgr tests against the driver, there are several
occurences of different errors for setkey of des and des3-ede
algorithms.
Those key checks are already implemented in the kernels des
implementation, so this is added as dependency and the kernel methods
are called. It also required adding the kernels des/des3 context
definitions to the des_ctx internal structure to be able to call the
kernel methods.
Fixed ifxdeu-des... setkey unexpectedly succeeded on test vector x;
expected_error=-22.
Fixed ifxdeu-des... setkey failed on test vector x; expected_error=0,
actual_error=-22.
Renamed des_ctx internal structure and des_encrypt/des_decrypt methods
because they are already defined in the kernel module.
Fixed wrong DES_xxx constant definitions in crypto_alg definition for
ifxdeu_des3_ede_alg.
Fixed method comment errors.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:38 +01:00
Daniel Kestrel
e84c4b54f3 ltq-deu: convert SHA1 after library impl of SHA1 was removed
The <linux/cryptohash.h> was removed with Linux 5.8, because it only
contained the library implementation of SHA1, which was folded
into <crypto/sha.h>.
So switch this driver away from using <linux/cryptohash.h>.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:35 +01:00
Daniel Kestrel
737bd4f296 ltq-deu: convert blkcipher to skcipher
Convert blkcipher to skcipher for the synchronous versions of AES,
DES and ARC4.
The Block Cipher API was depracated for a while and was removed with
Linux 5.5. So switch this driver to the skcipher API.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:30 +01:00
Daniel Kestrel
c8967d6d12 ltq-deu: set correct control register for AES
Some devices initialize AES during boot and AES works out of the box
and the correct endianess is set.
NDC means (No Danube Compatibility Mode) and the endianess setting has
no effect if its set to 0.
NDC 0: OFF ENDI bit cannot be written as in Danube
To make it work for other devices, the NDC control register needs to
be set to 1.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:22:18 +01:00
Mathias Kresin
8dafa98bfb ltq-deu: make cipher/digest usable by openssl
OpenSSL with cryptdev support uses the data encryption unit (DEU) driver
for hard accelerated processing of ciphers/digests, if the flag
CRYPTO_ALG_KERN_DRIVER_ONLY is set.

Signed-off-by: Mathias Kresin <dev@kresin.me>
[fix commit title prefix]
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-05 23:05:38 +01:00
Mathias Kresin
17656f21f3 ltq-deu: aes-ctr: process all input data
Even if the minimum blocksize is set to 16 (AES_BLOCK_SIZE), the crypto
manager tests pass 499 bytes of data to the aes-ctr encryption, from
which only 496 bytes are actually encrypted.

Reading the comment regarding the minimum blocksize, it only states that
it's the "smallest possible unit which can be transformed with this
algorithm". Which doesn't necessarily mean, the data have to be a
multiple of the minimal blocksize.

All kernel hardware crypto driver enforce a minimum blocksize of 1,
which perfect fine works for the lantiq data encryption unit as well.

Lower the blocksize limit to 1, to process not padded data as well.
In AES for processing the remaining bytes, uninitialized pointers
were used.
This patch fixes using uninitialized pointers and wrong offsets.

Signed-off-by: Mathias Kresin <dev@kresin.me>
[fix commit title prefix]
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-05 23:05:38 +01:00
Mathias Kresin
ab270c6fbc ltq-deu: aes: do not read/write behind buffer
When handling non-aligned remaining data (not padded to 16 byte
[AES_BLOCK_SIZE]), a full 16 byte block is read from the input buffer
and written to the output buffer after en-/decryption.

While code already assumes that an input buffer could have less than 16
byte remaining, as it can be seen by the code zeroing the remaining
bytes till AES_BLOCK_SIZE, the full AES_BLOCK_SIZE is read.

An output buffer size of a multiple of AES_BLOCK_SIZE is expected but
never validated.

To get rid of the read/write behind buffer, use a temporary buffer when
dealing with not padded data and only write as much bytes to the output
as we read.

Do not memcpy directly to the register, to make used of the endian swap
macro and to trigger the crypto start operator via the ID0R to trigger
the register. Since we might need an endian swap for the output in
future, use a temporary buffer for the output as well.

The issue could not be observed so far, since all caller of ifx_deu_aes
will ignore the padded (remaining) data. Considering that the minimum
blocksize for the algorithm is set to AES_BLOCK_SIZE, the behaviour
could be called expected.

Signed-off-by: Mathias Kresin <dev@kresin.me>
[fix commit title prefix]
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-05 23:05:38 +01:00