him411/nss-packages-qosmio
1
0
Fork 0
mirror of https://github.com/qosmio/nss-packages.git synced 2025-12-16 08:12:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

nss-cfi: Sync with upstream and remove obsolete patches

Browse Source 
2025-03-10 - e6ce3e6 - Add support for skcipher in NSS.
2025-02-27 - f49d024 - Addition of ahash finup operation
2025-02-24 - 6d9b018 - Update driver names for ahash
2024-09-16 - 6e8f294 - Linux 6.6 compilation fixes

Signed-off-by: Sean Khan <datapronix@protonmail.com>
This commit is contained in:
Sean Khan 2025-07-10 20:13:48 -04:00
parent 88ee738cb5
commit 3e2008c883
9 changed files with 26 additions and 1809 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
qca-nss-cfi/Makefile
View File

@ -5,9 +5,9 @@ PKG_RELEASE:=3
PKG_SOURCE_URL:=https://git.codelinaro.org/clo/qsdk/oss/lklm/nss-cfi.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_DATE:=2022-12-15
PKG_SOURCE_VERSION:=5cd07ce
PKG_MIRROR_HASH:=852129b4bc2a14e05c8a27e9c8904f9b7647a8aeeeaa764fd3747b5b5e441a0b
PKG_SOURCE_DATE:=2025-04-04
PKG_SOURCE_VERSION:=ff11dae
PKG_MIRROR_HASH:=050a9c7f4177099bd60168b68ddc9eff5d62b62992858c89d514b428da93cba2
QSDK_VERSION:=12.5
PKG_VERSION:=$(QSDK_VERSION).$(subst -,.,$(PKG_SOURCE_DATE))~$(PKG_SOURCE_VERSION)

62
qca-nss-cfi/patches/0001-cryptoapi-v2.0-fix-SHA1-header-include.patch
View File

@ -1,62 +0,0 @@
From 1569ac3b6bbcae9c3f4898e0d34aec8f88297ee6 Mon Sep 17 00:00:00 2001
From: Robert Marko <robimarko@gmail.com>
Date: Sun, 22 Jan 2023 21:45:23 +0100
Subject: [PATCH 1/5] cryptoapi: v2.0: fix SHA1 header include
SHA1 header has been merged to the generic SHA one,
and with that the cryptohash.h was dropped.
So, fix include in kernels 5.8 and newer.
Signed-off-by: Robert Marko <robimarko@gmail.com>
---
cryptoapi/v2.0/nss_cryptoapi.c | 5 +++++
cryptoapi/v2.0/nss_cryptoapi_aead.c | 5 +++++
cryptoapi/v2.0/nss_cryptoapi_ahash.c | 5 +++++
3 files changed, 15 insertions(+)
--- a/cryptoapi/v2.0/nss_cryptoapi.c
+++ b/cryptoapi/v2.0/nss_cryptoapi.c
@@ -39,7 +39,12 @@
#include <crypto/aes.h>
#include <crypto/des.h>
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0)
#include <crypto/sha.h>
+#else
+#include <crypto/sha1.h>
+#include <crypto/sha2.h>
+#endif
#include <crypto/hash.h>
#include <crypto/md5.h>
#include <crypto/ghash.h>
--- a/cryptoapi/v2.0/nss_cryptoapi_aead.c
+++ b/cryptoapi/v2.0/nss_cryptoapi_aead.c
@@ -39,7 +39,12 @@
#include <crypto/aes.h>
#include <crypto/des.h>
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0)
#include <crypto/sha.h>
+#else
+#include <crypto/sha1.h>
+#include <crypto/sha2.h>
+#endif
#include <crypto/hash.h>
#include <crypto/algapi.h>
#include <crypto/aead.h>
--- a/cryptoapi/v2.0/nss_cryptoapi_ahash.c
+++ b/cryptoapi/v2.0/nss_cryptoapi_ahash.c
@@ -38,7 +38,12 @@
#include <crypto/aes.h>
#include <crypto/des.h>
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0)
#include <crypto/sha.h>
+#else
+#include <crypto/sha1.h>
+#include <crypto/sha2.h>
+#endif
#include <crypto/hash.h>
#include <crypto/algapi.h>
#include <crypto/aead.h>

116
qca-nss-cfi/patches/0002-cryptoapi-v2.0-make-ablkcipher-optional.patch
View File

@ -1,116 +0,0 @@
From 26cca5006bddb0da57398452616e07ee7b11edb1 Mon Sep 17 00:00:00 2001
From: Robert Marko <robimarko@gmail.com>
Date: Sun, 22 Jan 2023 22:01:34 +0100
Subject: [PATCH 2/5] cryptoapi: v2.0: make ablkcipher optional
albkcipher has been removed from the kernel in v5.5, so until it has been
converted to skcipher, lets make it optional to at least have hashes
working.
Signed-off-by: Robert Marko <robimarko@gmail.com>
---
cryptoapi/v2.0/Makefile | 3 +++
cryptoapi/v2.0/nss_cryptoapi.c | 10 ++++++++++
cryptoapi/v2.0/nss_cryptoapi_private.h | 2 ++
3 files changed, 15 insertions(+)
--- a/cryptoapi/v2.0/Makefile
+++ b/cryptoapi/v2.0/Makefile
@@ -5,7 +5,10 @@ NSS_CRYPTOAPI_MOD_NAME=qca-nss-cfi-crypt
obj-m += $(NSS_CRYPTOAPI_MOD_NAME).o
$(NSS_CRYPTOAPI_MOD_NAME)-objs = nss_cryptoapi.o
$(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_aead.o
+ifneq "$(NSS_CRYPTOAPI_ABLK)" "n"
$(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_ablk.o
+ccflags-y += -DNSS_CRYPTOAPI_ABLK
+endif
$(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_ahash.o
obj ?= .
--- a/cryptoapi/v2.0/nss_cryptoapi.c
+++ b/cryptoapi/v2.0/nss_cryptoapi.c
@@ -1367,6 +1367,7 @@ struct aead_alg cryptoapi_aead_algs[] =
/*
* ABLK cipher algorithms
*/
+#if defined(NSS_CRYPTOAPI_ABLK)
static struct crypto_alg cryptoapi_ablkcipher_algs[] = {
{
.cra_name = "cbc(aes)",
@@ -1466,6 +1467,7 @@ static struct crypto_alg cryptoapi_ablkc
},
}
};
+#endif
/*
* AHASH algorithms
@@ -2189,7 +2191,9 @@ void nss_cryptoapi_add_ctx2debugfs(struc
*/
void nss_cryptoapi_attach_user(void *app_data, struct nss_crypto_user *user)
{
+#if defined(NSS_CRYPTOAPI_ABLK)
struct crypto_alg *ablk = cryptoapi_ablkcipher_algs;
+#endif
struct aead_alg *aead = cryptoapi_aead_algs;
struct ahash_alg *ahash = cryptoapi_ahash_algs;
struct nss_cryptoapi *sc = app_data;
@@ -2212,6 +2216,7 @@ void nss_cryptoapi_attach_user(void *app
g_cryptoapi.user = user;
}
+#if defined(NSS_CRYPTOAPI_ABLK)
for (i = 0; enable_ablk && (i < ARRAY_SIZE(cryptoapi_ablkcipher_algs)); i++, ablk++) {
info = nss_cryptoapi_cra_name_lookup(ablk->cra_name);
if(!info || !nss_crypto_algo_is_supp(info->algo))
@@ -2222,6 +2227,7 @@ void nss_cryptoapi_attach_user(void *app
ablk->cra_flags = 0;
}
}
+#endif
for (i = 0; enable_aead && (i < ARRAY_SIZE(cryptoapi_aead_algs)); i++, aead++) {
info = nss_cryptoapi_cra_name_lookup(aead->base.cra_name);
@@ -2257,7 +2263,9 @@ void nss_cryptoapi_attach_user(void *app
*/
void nss_cryptoapi_detach_user(void *app_data, struct nss_crypto_user *user)
{
+#if defined(NSS_CRYPTOAPI_ABLK)
struct crypto_alg *ablk = cryptoapi_ablkcipher_algs;
+#endif
struct aead_alg *aead = cryptoapi_aead_algs;
struct ahash_alg *ahash = cryptoapi_ahash_algs;
struct nss_cryptoapi *sc = app_data;
@@ -2270,6 +2278,7 @@ void nss_cryptoapi_detach_user(void *app
*/
atomic_set(&g_cryptoapi.registered, 0);
+#if defined(NSS_CRYPTOAPI_ABLK)
for (i = 0; enable_ablk && (i < ARRAY_SIZE(cryptoapi_ablkcipher_algs)); i++, ablk++) {
if (!ablk->cra_flags)
continue;
@@ -2277,6 +2286,7 @@ void nss_cryptoapi_detach_user(void *app
crypto_unregister_alg(ablk);
nss_cfi_info("%px: ABLK unregister succeeded, algo: %s\n", sc, ablk->cra_name);
}
+#endif
for (i = 0; enable_aead && (i < ARRAY_SIZE(cryptoapi_aead_algs)); i++, aead++) {
if (!aead->base.cra_flags)
--- a/cryptoapi/v2.0/nss_cryptoapi_private.h
+++ b/cryptoapi/v2.0/nss_cryptoapi_private.h
@@ -250,12 +250,14 @@ extern void nss_cryptoapi_aead_tx_proc(s
/*
* ABLKCIPHER
*/
+#if defined(NSS_CRYPTOAPI_ABLK)
extern int nss_cryptoapi_ablkcipher_init(struct crypto_tfm *tfm);
extern void nss_cryptoapi_ablkcipher_exit(struct crypto_tfm *tfm);
extern int nss_cryptoapi_ablk_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len);
extern int nss_cryptoapi_ablk_encrypt(struct ablkcipher_request *req);
extern int nss_cryptoapi_ablk_decrypt(struct ablkcipher_request *req);
extern void nss_cryptoapi_copy_iv(struct nss_cryptoapi_ctx *ctx, struct scatterlist *sg, uint8_t *iv, uint8_t iv_len);
+#endif
/*
* AHASH

137
qca-nss-cfi/patches/0003-cryptoapi-v2.0-remove-setting-crypto_ahash_type-for-.patch
View File

@ -1,137 +0,0 @@
From 797b5166783cda0886038ffb22f5386b9363a961 Mon Sep 17 00:00:00 2001
From: Robert Marko <robimarko@gmail.com>
Date: Sun, 22 Jan 2023 22:08:27 +0100
Subject: [PATCH 3/5] cryptoapi: v2.0: remove setting crypto_ahash_type for
newer kernels
Upstream has stopped exporting crypto_ahash_type and removed setting it
on ahash algos since v4.19 as its easily identifiable by the struct type
and its being set in the core directly, so lets do the same.
Signed-off-by: Robert Marko <robimarko@gmail.com>
---
cryptoapi/v2.0/nss_cryptoapi.c | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
--- a/cryptoapi/v2.0/nss_cryptoapi.c
+++ b/cryptoapi/v2.0/nss_cryptoapi.c
@@ -1495,7 +1495,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = MD5_HMAC_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1521,7 +1523,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA1_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1547,7 +1551,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA224_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1573,7 +1579,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA256_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1599,7 +1607,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA384_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1625,7 +1635,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA512_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1655,7 +1667,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = MD5_HMAC_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1681,7 +1695,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA1_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1707,7 +1723,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA224_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1733,7 +1751,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA256_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1759,7 +1779,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA384_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,
@@ -1785,7 +1807,9 @@ static struct ahash_alg cryptoapi_ahash_
.cra_blocksize = SHA512_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx),
.cra_alignmask = 0,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)
.cra_type = &crypto_ahash_type,
+#endif
.cra_module = THIS_MODULE,
.cra_init = nss_cryptoapi_ahash_cra_init,
.cra_exit = nss_cryptoapi_ahash_cra_exit,

97
qca-nss-cfi/patches/0005-cryptoapi-v2.0-remove-dropped-flags.patch
View File

@ -1,97 +0,0 @@
From 62bbb188e1a72d28916e1eca31f4cb9fbbf51cd1 Mon Sep 17 00:00:00 2001
From: Robert Marko <robimarko@gmail.com>
Date: Sun, 22 Jan 2023 22:11:06 +0100
Subject: [PATCH 5/5] cryptoapi: v2.0: remove dropped flags
Upstream has dropped these flags as there was no use for them, so lets do
the same.
Signed-off-by: Robert Marko <robimarko@gmail.com>
---
cryptoapi/v2.0/nss_cryptoapi_aead.c | 6 ------
cryptoapi/v2.0/nss_cryptoapi_ahash.c | 4 ----
2 files changed, 10 deletions(-)
--- a/cryptoapi/v2.0/nss_cryptoapi_aead.c
+++ b/cryptoapi/v2.0/nss_cryptoapi_aead.c
@@ -207,7 +207,6 @@ int nss_cryptoapi_aead_setkey_noauth(str
ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), keylen, 0);
if (!ctx->info) {
nss_cfi_err("%px: Unable to find algorithm with keylen\n", ctx);
- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -ENOENT;
}
@@ -239,7 +238,6 @@ int nss_cryptoapi_aead_setkey_noauth(str
status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid);
if (status < 0) {
nss_cfi_err("%px: Unable to allocate crypto session(%d)\n", ctx, status);
- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_FLAGS);
return status;
}
@@ -271,14 +269,12 @@ int nss_cryptoapi_aead_setkey(struct cry
*/
if (crypto_authenc_extractkeys(&keys, key, keylen) != 0) {
nss_cfi_err("%px: Unable to extract keys\n", ctx);
- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EIO;
}
ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), keys.enckeylen, crypto_aead_maxauthsize(aead));
if (!ctx->info) {
nss_cfi_err("%px: Unable to find algorithm with keylen\n", ctx);
- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -ENOENT;
}
@@ -299,7 +295,6 @@ int nss_cryptoapi_aead_setkey(struct cry
*/
if (keys.authkeylen > ctx->info->auth_blocksize) {
nss_cfi_err("%px: Auth keylen(%d) exceeds supported\n", ctx, keys.authkeylen);
- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EINVAL;
}
@@ -342,7 +337,6 @@ int nss_cryptoapi_aead_setkey(struct cry
status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid);
if (status < 0) {
nss_cfi_err("%px: Unable to allocate crypto session(%d)\n", ctx, status);
- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_FLAGS);
return status;
}
--- a/cryptoapi/v2.0/nss_cryptoapi_ahash.c
+++ b/cryptoapi/v2.0/nss_cryptoapi_ahash.c
@@ -192,7 +192,6 @@ int nss_cryptoapi_ahash_setkey(struct cr
ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), 0, crypto_ahash_digestsize(ahash));
if (!ctx->info) {
- crypto_ahash_set_flags(ahash, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EINVAL;
}
@@ -215,7 +214,6 @@ int nss_cryptoapi_ahash_setkey(struct cr
status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid);
if (status < 0) {
nss_cfi_warn("%px: Unable to allocate crypto session(%d)\n", ctx, status);
- crypto_ahash_set_flags(ahash, CRYPTO_TFM_RES_BAD_FLAGS);
return status;
}
@@ -299,7 +297,6 @@ int nss_cryptoapi_ahash_init(struct ahas
*/
ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), 0, 0);
if (!ctx->info) {
- crypto_ahash_set_flags(ahash, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EINVAL;
}
@@ -314,7 +311,6 @@ int nss_cryptoapi_ahash_init(struct ahas
status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid);
if (status < 0) {
nss_cfi_err("%px: Unable to allocate crypto session(%d)\n", ctx, status);
- crypto_ahash_set_flags(ahash, CRYPTO_TFM_RES_BAD_FLAGS);
return status;
}

1199
qca-nss-cfi/patches/0006-cryptoapi-v2.0-convert-to-skcipher.patch
View File

File diff suppressed because it is too large Load Diff

50
qca-nss-cfi/patches/0007-cryptoapi-v2.0-fix-crash.patch
View File

@ -11,33 +11,10 @@
ctx->user = g_cryptoapi.user;
ctx->stats.init++;
--- a/cryptoapi/v2.0/nss_cryptoapi_ahash.c
+++ b/cryptoapi/v2.0/nss_cryptoapi_ahash.c
@@ -231,8 +231,10 @@ int nss_cryptoapi_ahash_setkey(struct cr
void nss_cryptoapi_ahash_done(void *app_data, struct nss_crypto_hdr *ch, uint8_t status)
{
struct ahash_request *req = app_data;
- struct nss_cryptoapi_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
+ struct nss_cryptoapi_ctx *ctx = crypto_ahash_ctx(ahash);
struct nss_cryptoapi_req_ctx *rctx = ahash_request_ctx(req);
+
uint8_t *hw_hmac;
int error;
@@ -268,7 +270,7 @@ void nss_cryptoapi_ahash_done(void *app_
* Decrement cryptoapi reference
*/
nss_cryptoapi_ref_dec(ctx);
- req->base.complete(&req->base, error);
+ ahash_request_complete(req, error);
}
/*
--- a/cryptoapi/v2.0/nss_cryptoapi_skcipher.c
+++ b/cryptoapi/v2.0/nss_cryptoapi_skcipher.c
@@ -92,9 +92,9 @@ int nss_cryptoapi_skcipher_init(struct c
struct nss_cryptoapi_ctx *ctx = crypto_skcipher_ctx(tfm);
@@ -74,9 +74,9 @@ int nss_cryptoapi_skcipher_init(struct c
struct nss_cryptoapi_ctx *ctx = crypto_tfm_ctx(base);
BUG_ON(!ctx);
- NSS_CRYPTOAPI_SET_MAGIC(ctx);
@ -47,26 +24,3 @@
ctx->user = g_cryptoapi.user;
ctx->stats.init++;
@@ -220,11 +220,11 @@ int nss_cryptoapi_skcipher_setkey(struct
void nss_cryptoapi_skcipher_done(void *app_data, struct nss_crypto_hdr *ch, uint8_t status)
{
struct skcipher_request *req = app_data;
- struct nss_cryptoapi_ctx *ctx = skcipher_request_ctx(req);
+ struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(req);
+ struct nss_cryptoapi_ctx *ctx = crypto_skcipher_ctx(cipher);
int error;
BUG_ON(!ch);
-
/*
* Check cryptoapi context magic number.
*/
@@ -256,7 +256,7 @@ void nss_cryptoapi_skcipher_done(void *a
* Decrement cryptoapi reference
*/
nss_cryptoapi_ref_dec(ctx);
- req->base.complete(&req->base, error);
+ skcipher_request_complete(req, error);
}
/*

126
qca-nss-cfi/patches/0008-cryptoapi-v2.0-fix-dupe-driver.patch
View File

@ -1,126 +0,0 @@
--- a/cryptoapi/v2.0/nss_cryptoapi.c
+++ b/cryptoapi/v2.0/nss_cryptoapi.c
@@ -896,7 +896,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "echainiv(authenc(hmac(sha1),cbc(aes)))",
- .cra_driver_name = "nss-hmac-sha1-cbc-aes",
+ .cra_driver_name = "nss-hmac-sha1-cbc-aes-echainiv",
.cra_priority = 10000,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE,
@@ -961,7 +961,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "echainiv(authenc(hmac(sha256),cbc(aes)))",
- .cra_driver_name = "nss-hmac-sha256-cbc-aes",
+ .cra_driver_name = "nss-hmac-sha256-cbc-aes-echainiv",
.cra_priority = 10000,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE,
@@ -1070,7 +1070,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "echainiv(authenc(hmac(sha384),cbc(aes)))",
- .cra_driver_name = "nss-hmac-sha384-cbc-aes",
+ .cra_driver_name = "nss-hmac-sha384-cbc-aes-echainiv",
.cra_priority = 10000,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE,
@@ -1093,7 +1093,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "echainiv(authenc(hmac(sha512),cbc(aes)))",
- .cra_driver_name = "nss-hmac-sha512-cbc-aes",
+ .cra_driver_name = "nss-hmac-sha512-cbc-aes-echainiv",
.cra_priority = 10000,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE,
@@ -1116,7 +1116,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "echainiv(authenc(hmac(sha1),cbc(des3_ede)))",
- .cra_driver_name = "nss-hmac-sha1-cbc-3des",
+ .cra_driver_name = "nss-hmac-sha1-cbc-3des-echainiv",
.cra_priority = 300,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
@@ -1139,7 +1139,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "echainiv(authenc(hmac(sha256),cbc(des3_ede)))",
- .cra_driver_name = "nss-hmac-sha256-cbc-3des",
+ .cra_driver_name = "nss-hmac-sha256-cbc-3des-echainiv",
.cra_priority = 300,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
@@ -1160,7 +1160,7 @@ struct aead_alg cryptoapi_aead_algs[] =
{
.base = {
.cra_name = "authenc(hmac(sha1),cbc(aes))",
- .cra_driver_name = "nss-hmac-sha1-cbc-aes",
+ .cra_driver_name = "nss-hmac-sha1-cbc-aes-auth",
.cra_priority = 10000,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE,
@@ -1183,7 +1183,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "authenc(hmac(sha256),cbc(aes))",
- .cra_driver_name = "nss-hmac-sha256-cbc-aes",
+ .cra_driver_name = "nss-hmac-sha256-cbc-aes-auth",
.cra_priority = 10000,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE,
@@ -1206,7 +1206,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "authenc(hmac(sha384),cbc(aes))",
- .cra_driver_name = "nss-hmac-sha384-cbc-aes",
+ .cra_driver_name = "nss-hmac-sha384-cbc-aes-auth",
.cra_priority = 10000,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE,
@@ -1298,7 +1298,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "rfc4106(gcm(aes))",
- .cra_driver_name = "nss-rfc4106-gcm",
+ .cra_driver_name = "nss-rfc4106-gcm-aes128",
.cra_priority = 10000,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE,
@@ -1321,7 +1321,7 @@ struct aead_alg cryptoapi_aead_algs[] =
*/
.base = {
.cra_name = "seqiv(rfc4106(gcm(aes)))",
- .cra_driver_name = "nss-rfc4106-gcm",
+ .cra_driver_name = "nss-seqiv-rfc4106-gcm",
.cra_priority = 10000,
.cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE,
@@ -2166,6 +2166,7 @@ static const struct file_operations ctx_
void nss_cryptoapi_add_ctx2debugfs(struct nss_cryptoapi_ctx *ctx)
{
char buf[NSS_CRYPTOAPI_DEBUGFS_MAX_NAME] = {0};
+ struct dentry *existing;
if (!g_cryptoapi.root) {
nss_cfi_err("%px: DebugFS root directory missing(%px)\n", &g_cryptoapi, ctx);
@@ -2173,6 +2174,16 @@ void nss_cryptoapi_add_ctx2debugfs(struc
}
snprintf(buf, sizeof(buf), "ctx%d", ctx->sid);
+
+ /* Check if the directory already exists */
+ existing = debugfs_lookup(buf, g_cryptoapi.root);
+ if (existing) {
+ /* Directory already exists, store it and return */
+ ctx->dentry = existing;
+ nss_cfi_info("%px: Context debugfs entry already exists for ctx%d\n", ctx, ctx->sid);
+ return;
+ }
+
ctx->dentry = debugfs_create_dir(buf, g_cryptoapi.root);
if (!ctx->dentry) {
nss_cfi_err("%px: Unable to create context debugfs entry", ctx);

42
qca-nss-cfi/patches/0009-cryptoapi-v2.0-support-kernel-6.12.patch
View File

@ -1,16 +1,16 @@
--- a/cryptoapi/v2.0/nss_cryptoapi.c
+++ b/cryptoapi/v2.0/nss_cryptoapi.c
@@ -37,6 +37,9 @@
#include <linux/debugfs.h>
@@ -38,6 +38,9 @@
#include <linux/completion.h>
#include <linux/of.h>
+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(6, 10, 0))
+#include <linux/vmalloc.h>
+#endif
#include <crypto/aes.h>
#include <crypto/des.h>
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0)
@@ -1792,6 +1795,12 @@ static struct ahash_alg cryptoapi_ahash_
#if (LINUX_VERSION_CODE < KERNEL_VERSION(6, 6, 0))
@@ -1849,6 +1852,12 @@ static struct ahash_alg cryptoapi_ahash_
},
};
@ -23,7 +23,7 @@
/*
* nss_cryptoapi_copy_reverse()
* Reverse copy
@@ -1889,7 +1898,7 @@ struct nss_cryptoapi_algo_info *nss_cryp
@@ -1946,7 +1955,7 @@ struct nss_cryptoapi_algo_info *nss_cryp
* nss_cryptoapi_cra_name_lookup()
* Lookup the associated algorithm in NSS for the given transformation by name
*/
@ -32,7 +32,7 @@
{
struct nss_cryptoapi_algo_info *info = g_algo_info;
int i;
@@ -2060,7 +2069,7 @@ skip_iv:
@@ -2117,7 +2126,7 @@ skip_iv:
* nss_cryptoapi_ctx_stats_read()
* CryptoAPI context statistics read function
*/
@ -41,7 +41,7 @@
{
struct nss_cryptoapi_ctx *ctx = fp->private_data;
struct nss_cryptoapi_stats *stats = &ctx->stats;
@@ -2112,7 +2121,7 @@ ssize_t nss_cryptoapi_ctx_stats_read(str
@@ -2169,7 +2178,7 @@ ssize_t nss_cryptoapi_ctx_stats_read(str
* nss_cryptoapi_ctx_info_read()
* CryptoAPI context info read function
*/
@ -50,25 +50,25 @@
{
struct nss_cryptoapi_ctx *ctx = fp->private_data;
ssize_t max_buf_len;
@@ -2198,7 +2207,7 @@ void nss_cryptoapi_add_ctx2debugfs(struc
@@ -2244,7 +2253,7 @@ void nss_cryptoapi_add_ctx2debugfs(struc
* nss_cryptoapi_attach_user()
* register crypto core with the cryptoapi CFI
*/
-void nss_cryptoapi_attach_user(void *app_data, struct nss_crypto_user *user)
+static void nss_cryptoapi_attach_user(void *app_data, struct nss_crypto_user *user)
{
#if defined(NSS_CRYPTOAPI_SKCIPHER)
struct skcipher_alg *ablk = cryptoapi_skcipher_algs;
@@ -2270,7 +2279,7 @@ void nss_cryptoapi_attach_user(void *app
struct skcipher_alg *skcipher = cryptoapi_skcipher_algs;
struct aead_alg *aead = cryptoapi_aead_algs;
@@ -2312,7 +2321,7 @@ void nss_cryptoapi_attach_user(void *app
* nss_cryptoapi_detach_user()
* Unregister crypto core with cryptoapi CFI layer
*/
-void nss_cryptoapi_detach_user(void *app_data, struct nss_crypto_user *user)
+static void nss_cryptoapi_detach_user(void *app_data, struct nss_crypto_user *user)
{
#if defined(NSS_CRYPTOAPI_SKCIPHER)
struct skcipher_alg *ablk = cryptoapi_skcipher_algs;
@@ -2340,7 +2349,7 @@ EXPORT_SYMBOL(nss_cryptoapi_is_registere
struct skcipher_alg *skcipher = cryptoapi_skcipher_algs;
struct aead_alg *aead = cryptoapi_aead_algs;
@@ -2378,7 +2387,7 @@ EXPORT_SYMBOL(nss_cryptoapi_is_registere
* nss_cryptoapi_init()
* Initializing crypto core layer
*/
@ -77,7 +77,7 @@
{
nss_cfi_info("module loaded %s\n", NSS_CFI_BUILD_ID);
@@ -2370,7 +2379,7 @@ int nss_cryptoapi_init(void)
@@ -2408,7 +2417,7 @@ int nss_cryptoapi_init(void)
* nss_cryptoapi_exit()
* De-Initialize cryptoapi CFI layer
*/
@ -88,7 +88,7 @@
nss_crypto_unregister_user(g_cryptoapi.user);
--- a/cryptoapi/v2.0/nss_cryptoapi_aead.c
+++ b/cryptoapi/v2.0/nss_cryptoapi_aead.c
@@ -367,7 +367,7 @@ int nss_cryptoapi_aead_setauthsize(struc
@@ -386,7 +386,7 @@ int nss_cryptoapi_aead_setauthsize(struc
* nss_cryptoapi_aead_done()
* Cipher/Auth encrypt request completion callback function
*/
@ -112,7 +112,7 @@
/*
* nss_cryptoapi_ahash_ctx2session()
* Cryptoapi function to get the session ID for an AHASH
@@ -228,7 +234,7 @@ int nss_cryptoapi_ahash_setkey(struct cr
@@ -234,7 +240,7 @@ int nss_cryptoapi_ahash_setkey(struct cr
* nss_cryptoapi_ahash_done()
* Hash request completion callback function
*/
@ -120,15 +120,15 @@
+static void nss_cryptoapi_ahash_done(void *app_data, struct nss_crypto_hdr *ch, uint8_t status)
{
struct ahash_request *req = app_data;
struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
struct nss_cryptoapi_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
--- a/cryptoapi/v2.0/nss_cryptoapi_skcipher.c
+++ b/cryptoapi/v2.0/nss_cryptoapi_skcipher.c
@@ -217,7 +217,7 @@ int nss_cryptoapi_skcipher_setkey(struct
@@ -201,7 +201,7 @@ int nss_cryptoapi_skcipher_setkey(struct
* nss_cryptoapi_skcipher_done()
* Cipher operation completion callback function
* Cipher operation completion callback function
*/
-void nss_cryptoapi_skcipher_done(void *app_data, struct nss_crypto_hdr *ch, uint8_t status)
+static void nss_cryptoapi_skcipher_done(void *app_data, struct nss_crypto_hdr *ch, uint8_t status)
{
struct skcipher_request *req = app_data;
struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(req);
struct nss_cryptoapi_ctx *ctx = crypto_tfm_ctx(req->base.tfm);