diff --git a/firmware/nss-firmware/Makefile b/firmware/nss-firmware/Makefile new file mode 100644 index 0000000..6f95ce3 --- /dev/null +++ b/firmware/nss-firmware/Makefile @@ -0,0 +1,95 @@ +# +# Copyright (C) 2022 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=nss-firmware +PKG_SOURCE_DATE:=2022-07-12 +PKG_SOURCE_VERSION:=ade6bff594377c9d9c79b45e39bf104303d919bc +PKG_MIRROR_HASH:=af0521893064b7bc52baab263e12c7db5462461ddac30d02647ed76d999b59fb +PKG_RELEASE:=1 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/quic/qca-sdk-nss-fw.git + +PKG_LICENSE_FILES:=LICENSE.md + +PKG_MAINTAINER:=Robert Marko + +include $(INCLUDE_DIR)/package.mk + +RSTRIP:=: +STRIP:=: + +VERSION_PATH=$(PKG_BUILD_DIR)/QCA_Networking_2022.SPF_12.0.0/ED1 + +NSS_VER:=12.1 +NSS_REL:=022 +NSS_PROFILE:=R + +define Package/nss-firmware-default + TITLE:=NSS firmware + SECTION:=firmware + CATEGORY:=Firmware + URL:=$(PKG_SOURCE_URL) + DEPENDS:=@TARGET_qualcommax +endef + +define Package/nss-firmware-ipq8074 +$(Package/nss-firmware-default) + IPQ_PLATFORM=IPQ8074 + DEPENDS+= @TARGET_qualcommax_ipq807x + NSS_SOC:=HK +endef + +define Package/nss-firmware-ipq6018 +$(Package/nss-firmware-default) + IPQ_PLATFORM=IPQ6018 + DEPENDS+= @TARGET_qualcommax_ipq60xx + NSS_SOC:=CP +endef + +define Package/nss-firmware-ipq5018 +$(Package/nss-firmware-default) + IPQ_PLATFORM=IPQ5018 + DEPENDS+= @TARGET_qualcommax_ipq50xx + NSS_SOC:=MP +endef + +define Build/Compile +endef + +define Package/nss-firmware/install + $(eval NSS_ARCHIVE := $(VERSION_PATH)/$(IPQ_PLATFORM).ATH.12.0.0/BIN-NSS.FW.$(NSS_VER)-$(NSS_REL)-$(NSS_SOC).$(NSS_PROFILE).tar.bz2) + mkdir -p $(PKG_BUILD_DIR)/$(IPQ_PLATFORM) + $(TAR) -C $(PKG_BUILD_DIR)/$(IPQ_PLATFORM) -xf $(NSS_ARCHIVE) --strip-components=1 + $(INSTALL_DIR) $(1)/lib/firmware/ + $(INSTALL_DATA) \ + $(PKG_BUILD_DIR)/$(IPQ_PLATFORM)/retail_router0.bin \ + $(1)/lib/firmware/qca-nss0-retail.bin +ifeq ($(NSS_SOC),HK) + $(INSTALL_DATA) \ + $(PKG_BUILD_DIR)/$(IPQ_PLATFORM)/retail_router1.bin \ + $(1)/lib/firmware/qca-nss1-retail.bin +endif +endef + +define Package/nss-firmware-ipq8074/install + $(call Package/nss-firmware/install,$1) +endef + +define Package/nss-firmware-ipq6018/install + $(call Package/nss-firmware/install,$1) +endef + +define Package/nss-firmware-ipq5018/install + $(call Package/nss-firmware/install,$1) +endef + +$(eval $(call BuildPackage,nss-firmware-ipq8074)) +$(eval $(call BuildPackage,nss-firmware-ipq6018)) +$(eval $(call BuildPackage,nss-firmware-ipq5018)) diff --git a/qca/nss-ifb/Makefile b/nss-ifb/Makefile similarity index 100% rename from qca/nss-ifb/Makefile rename to nss-ifb/Makefile diff --git a/qca/nss-ifb/README.md b/nss-ifb/README.md similarity index 100% rename from qca/nss-ifb/README.md rename to nss-ifb/README.md diff --git a/qca/nss-ifb/src/Makefile b/nss-ifb/src/Makefile similarity index 100% rename from qca/nss-ifb/src/Makefile rename to nss-ifb/src/Makefile diff --git a/qca/nss-ifb/src/nss_ifb.c b/nss-ifb/src/nss_ifb.c similarity index 100% rename from qca/nss-ifb/src/nss_ifb.c rename to nss-ifb/src/nss_ifb.c diff --git a/qca/nss-udp-st-drv/Makefile b/nss-udp-st-drv/Makefile similarity index 100% rename from qca/nss-udp-st-drv/Makefile rename to nss-udp-st-drv/Makefile diff --git a/qca/nss-udp-st-drv/patches/0001-fix-missing-ppp_defs.patch b/nss-udp-st-drv/patches/0001-fix-missing-ppp_defs.patch similarity index 100% rename from qca/nss-udp-st-drv/patches/0001-fix-missing-ppp_defs.patch rename to nss-udp-st-drv/patches/0001-fix-missing-ppp_defs.patch diff --git a/qca/nss-udp-st-drv/patches/0002-fix-missing-hrtimer-symbols.patch b/nss-udp-st-drv/patches/0002-fix-missing-hrtimer-symbols.patch similarity index 100% rename from qca/nss-udp-st-drv/patches/0002-fix-missing-hrtimer-symbols.patch rename to nss-udp-st-drv/patches/0002-fix-missing-hrtimer-symbols.patch diff --git a/qca/nss-udp-st-drv/src/Makefile b/nss-udp-st-drv/src/Makefile similarity index 100% rename from qca/nss-udp-st-drv/src/Makefile rename to nss-udp-st-drv/src/Makefile diff --git a/qca/nss-udp-st-drv/src/exports/nss_udp_st_drv.h b/nss-udp-st-drv/src/exports/nss_udp_st_drv.h similarity index 100% rename from qca/nss-udp-st-drv/src/exports/nss_udp_st_drv.h rename to nss-udp-st-drv/src/exports/nss_udp_st_drv.h diff --git a/qca/nss-udp-st-drv/src/nss_udp_st_drv.c b/nss-udp-st-drv/src/nss_udp_st_drv.c similarity index 100% rename from qca/nss-udp-st-drv/src/nss_udp_st_drv.c rename to nss-udp-st-drv/src/nss_udp_st_drv.c diff --git a/qca/nss-udp-st-drv/src/nss_udp_st_ip.c b/nss-udp-st-drv/src/nss_udp_st_ip.c similarity index 100% rename from qca/nss-udp-st-drv/src/nss_udp_st_ip.c rename to nss-udp-st-drv/src/nss_udp_st_ip.c diff --git a/qca/nss-udp-st-drv/src/nss_udp_st_ip.h b/nss-udp-st-drv/src/nss_udp_st_ip.h similarity index 100% rename from qca/nss-udp-st-drv/src/nss_udp_st_ip.h rename to nss-udp-st-drv/src/nss_udp_st_ip.h diff --git a/qca/nss-udp-st-drv/src/nss_udp_st_public.h b/nss-udp-st-drv/src/nss_udp_st_public.h similarity index 100% rename from qca/nss-udp-st-drv/src/nss_udp_st_public.h rename to nss-udp-st-drv/src/nss_udp_st_public.h diff --git a/qca/nss-udp-st-drv/src/nss_udp_st_rx.c b/nss-udp-st-drv/src/nss_udp_st_rx.c similarity index 100% rename from qca/nss-udp-st-drv/src/nss_udp_st_rx.c rename to nss-udp-st-drv/src/nss_udp_st_rx.c diff --git a/qca/nss-udp-st-drv/src/nss_udp_st_rx.h b/nss-udp-st-drv/src/nss_udp_st_rx.h similarity index 100% rename from qca/nss-udp-st-drv/src/nss_udp_st_rx.h rename to nss-udp-st-drv/src/nss_udp_st_rx.h diff --git a/qca/nss-udp-st-drv/src/nss_udp_st_tx.c b/nss-udp-st-drv/src/nss_udp_st_tx.c similarity index 100% rename from qca/nss-udp-st-drv/src/nss_udp_st_tx.c rename to nss-udp-st-drv/src/nss_udp_st_tx.c diff --git a/qca/nss-udp-st-drv/src/nss_udp_st_tx.h b/nss-udp-st-drv/src/nss_udp_st_tx.h similarity index 100% rename from qca/nss-udp-st-drv/src/nss_udp_st_tx.h rename to nss-udp-st-drv/src/nss_udp_st_tx.h diff --git a/qca/nss-userspace-oss/libnl-nss/Makefile b/nss-userspace-oss/libnl-nss/Makefile similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/Makefile rename to nss-userspace-oss/libnl-nss/Makefile diff --git a/qca/nss-userspace-oss/libnl-nss/src/Makefile b/nss-userspace-oss/libnl-nss/src/Makefile similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/Makefile rename to nss-userspace-oss/libnl-nss/src/Makefile diff --git a/qca/nss-userspace-oss/libnl-nss/src/include/nss_nlbase.h b/nss-userspace-oss/libnl-nss/src/include/nss_nlbase.h similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/include/nss_nlbase.h rename to nss-userspace-oss/libnl-nss/src/include/nss_nlbase.h diff --git a/qca/nss-userspace-oss/libnl-nss/src/include/nss_nldtls_api.h b/nss-userspace-oss/libnl-nss/src/include/nss_nldtls_api.h similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/include/nss_nldtls_api.h rename to nss-userspace-oss/libnl-nss/src/include/nss_nldtls_api.h diff --git a/qca/nss-userspace-oss/libnl-nss/src/include/nss_nlipv4_api.h b/nss-userspace-oss/libnl-nss/src/include/nss_nlipv4_api.h similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/include/nss_nlipv4_api.h rename to nss-userspace-oss/libnl-nss/src/include/nss_nlipv4_api.h diff --git a/qca/nss-userspace-oss/libnl-nss/src/include/nss_nlipv6_api.h b/nss-userspace-oss/libnl-nss/src/include/nss_nlipv6_api.h similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/include/nss_nlipv6_api.h rename to nss-userspace-oss/libnl-nss/src/include/nss_nlipv6_api.h diff --git a/qca/nss-userspace-oss/libnl-nss/src/include/nss_nlist_api.h b/nss-userspace-oss/libnl-nss/src/include/nss_nlist_api.h similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/include/nss_nlist_api.h rename to nss-userspace-oss/libnl-nss/src/include/nss_nlist_api.h diff --git a/qca/nss-userspace-oss/libnl-nss/src/include/nss_nlmcast_api.h b/nss-userspace-oss/libnl-nss/src/include/nss_nlmcast_api.h similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/include/nss_nlmcast_api.h rename to nss-userspace-oss/libnl-nss/src/include/nss_nlmcast_api.h diff --git a/qca/nss-userspace-oss/libnl-nss/src/include/nss_nlsock_api.h b/nss-userspace-oss/libnl-nss/src/include/nss_nlsock_api.h similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/include/nss_nlsock_api.h rename to nss-userspace-oss/libnl-nss/src/include/nss_nlsock_api.h diff --git a/qca/nss-userspace-oss/libnl-nss/src/nss_nldtls_api.c b/nss-userspace-oss/libnl-nss/src/nss_nldtls_api.c similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/nss_nldtls_api.c rename to nss-userspace-oss/libnl-nss/src/nss_nldtls_api.c diff --git a/qca/nss-userspace-oss/libnl-nss/src/nss_nlipv4_api.c b/nss-userspace-oss/libnl-nss/src/nss_nlipv4_api.c similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/nss_nlipv4_api.c rename to nss-userspace-oss/libnl-nss/src/nss_nlipv4_api.c diff --git a/qca/nss-userspace-oss/libnl-nss/src/nss_nlipv6_api.c b/nss-userspace-oss/libnl-nss/src/nss_nlipv6_api.c similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/nss_nlipv6_api.c rename to nss-userspace-oss/libnl-nss/src/nss_nlipv6_api.c diff --git a/qca/nss-userspace-oss/libnl-nss/src/nss_nlmcast_api.c b/nss-userspace-oss/libnl-nss/src/nss_nlmcast_api.c similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/nss_nlmcast_api.c rename to nss-userspace-oss/libnl-nss/src/nss_nlmcast_api.c diff --git a/qca/nss-userspace-oss/libnl-nss/src/nss_nlsock.c b/nss-userspace-oss/libnl-nss/src/nss_nlsock.c similarity index 100% rename from qca/nss-userspace-oss/libnl-nss/src/nss_nlsock.c rename to nss-userspace-oss/libnl-nss/src/nss_nlsock.c diff --git a/qca/nss-userspace-oss/nss-udp-st/Makefile b/nss-userspace-oss/nss-udp-st/Makefile similarity index 100% rename from qca/nss-userspace-oss/nss-udp-st/Makefile rename to nss-userspace-oss/nss-udp-st/Makefile diff --git a/qca/nss-userspace-oss/nss-udp-st/src/Makefile b/nss-userspace-oss/nss-udp-st/src/Makefile similarity index 100% rename from qca/nss-userspace-oss/nss-udp-st/src/Makefile rename to nss-userspace-oss/nss-udp-st/src/Makefile diff --git a/qca/nss-userspace-oss/nss-udp-st/src/nss-udp-st.c b/nss-userspace-oss/nss-udp-st/src/nss-udp-st.c similarity index 100% rename from qca/nss-userspace-oss/nss-udp-st/src/nss-udp-st.c rename to nss-userspace-oss/nss-udp-st/src/nss-udp-st.c diff --git a/qca/nss-userspace-oss/nss-udp-st/src/nss-udp-st.h b/nss-userspace-oss/nss-udp-st/src/nss-udp-st.h similarity index 100% rename from qca/nss-userspace-oss/nss-udp-st/src/nss-udp-st.h rename to nss-userspace-oss/nss-udp-st/src/nss-udp-st.h diff --git a/qca/nss-userspace-oss/nssinfo/Makefile b/nss-userspace-oss/nssinfo/Makefile similarity index 100% rename from qca/nss-userspace-oss/nssinfo/Makefile rename to nss-userspace-oss/nssinfo/Makefile diff --git a/qca/nss-userspace-oss/nssinfo/patches/001-fix-warnings.patch b/nss-userspace-oss/nssinfo/patches/001-fix-warnings.patch similarity index 100% rename from qca/nss-userspace-oss/nssinfo/patches/001-fix-warnings.patch rename to nss-userspace-oss/nssinfo/patches/001-fix-warnings.patch diff --git a/qca/nss-userspace-oss/nssinfo/src/Makefile b/nss-userspace-oss/nssinfo/src/Makefile similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/Makefile rename to nss-userspace-oss/nssinfo/src/Makefile diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo.c b/nss-userspace-oss/nssinfo/src/src/nssinfo.c similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo.c rename to nss-userspace-oss/nssinfo/src/src/nssinfo.c diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo.h b/nss-userspace-oss/nssinfo/src/src/nssinfo.h similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo.h rename to nss-userspace-oss/nssinfo/src/src/nssinfo.h diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_dynamic_interface.c b/nss-userspace-oss/nssinfo/src/src/nssinfo_dynamic_interface.c similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_dynamic_interface.c rename to nss-userspace-oss/nssinfo/src/src/nssinfo_dynamic_interface.c diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_dynamic_interface.h b/nss-userspace-oss/nssinfo/src/src/nssinfo_dynamic_interface.h similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_dynamic_interface.h rename to nss-userspace-oss/nssinfo/src/src/nssinfo_dynamic_interface.h diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ethrx.c b/nss-userspace-oss/nssinfo/src/src/nssinfo_ethrx.c similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ethrx.c rename to nss-userspace-oss/nssinfo/src/src/nssinfo_ethrx.c diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ethrx.h b/nss-userspace-oss/nssinfo/src/src/nssinfo_ethrx.h similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ethrx.h rename to nss-userspace-oss/nssinfo/src/src/nssinfo_ethrx.h diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv4.c b/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv4.c similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv4.c rename to nss-userspace-oss/nssinfo/src/src/nssinfo_ipv4.c diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv4.h b/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv4.h similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv4.h rename to nss-userspace-oss/nssinfo/src/src/nssinfo_ipv4.h diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv6.c b/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv6.c similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv6.c rename to nss-userspace-oss/nssinfo/src/src/nssinfo_ipv6.c diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv6.h b/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv6.h similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_ipv6.h rename to nss-userspace-oss/nssinfo/src/src/nssinfo_ipv6.h diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_lso_rx.c b/nss-userspace-oss/nssinfo/src/src/nssinfo_lso_rx.c similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_lso_rx.c rename to nss-userspace-oss/nssinfo/src/src/nssinfo_lso_rx.c diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_lso_rx.h b/nss-userspace-oss/nssinfo/src/src/nssinfo_lso_rx.h similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_lso_rx.h rename to nss-userspace-oss/nssinfo/src/src/nssinfo_lso_rx.h diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_main.c b/nss-userspace-oss/nssinfo/src/src/nssinfo_main.c similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_main.c rename to nss-userspace-oss/nssinfo/src/src/nssinfo_main.c diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_n2h.c b/nss-userspace-oss/nssinfo/src/src/nssinfo_n2h.c similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_n2h.c rename to nss-userspace-oss/nssinfo/src/src/nssinfo_n2h.c diff --git a/qca/nss-userspace-oss/nssinfo/src/src/nssinfo_n2h.h b/nss-userspace-oss/nssinfo/src/src/nssinfo_n2h.h similarity index 100% rename from qca/nss-userspace-oss/nssinfo/src/src/nssinfo_n2h.h rename to nss-userspace-oss/nssinfo/src/src/nssinfo_n2h.h diff --git a/qca/qca-mcs/Makefile b/qca-mcs/Makefile similarity index 100% rename from qca/qca-mcs/Makefile rename to qca-mcs/Makefile diff --git a/qca/qca-mcs/patches/0001-kernel-5.10-compat.patch b/qca-mcs/patches/0001-kernel-5.10-compat.patch similarity index 100% rename from qca/qca-mcs/patches/0001-kernel-5.10-compat.patch rename to qca-mcs/patches/0001-kernel-5.10-compat.patch diff --git a/qca-nss-cfi/Makefile b/qca-nss-cfi/Makefile new file mode 100644 index 0000000..f7197e3 --- /dev/null +++ b/qca-nss-cfi/Makefile @@ -0,0 +1,87 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=qca-nss-cfi +PKG_RELEASE:=1 + +PKG_SOURCE_URL:=https://git.codelinaro.org/clo/qsdk/oss/lklm/nss-cfi.git +PKG_SOURCE_PROTO:=git +PKG_SOURCE_DATE:=2022-12-15 +PKG_SOURCE_VERSION:=5cd07ce299ee3ce62dbe4f6783ad36361e57583b +PKG_MIRROR_HASH:=e449eee24fccc09b1cf0f1367bb54cedadcc46a30423934744e78272443197e7 + +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/kernel.mk +include $(INCLUDE_DIR)/package.mk + +ifneq (, $(findstring $(CONFIG_TARGET_SUBTARGET), "ipq807x")) +#4.4/5.4 + ipq807x/ipq60xx/ipq50xx + CFI_OCF_DIR:=ocf/v2.0 + CFI_CRYPTOAPI_DIR:=cryptoapi/v2.0 +else +#4.4 Kernel + ipq806x + CFI_CRYPTOAPI_DIR:=cryptoapi/v1.1 + CFI_OCF_DIR:=ocf/v1.0 + CFI_IPSEC_DIR:=ipsec/v1.0 +endif + +define KernelPackage/qca-nss-cfi-cryptoapi + SECTION:=kernel + CATEGORY:=Kernel modules + SUBMENU:=Cryptographic API modules + DEPENDS:=@TARGET_qualcommax +kmod-qca-nss-crypto +kmod-crypto-authenc + TITLE:=Kernel driver for NSS cfi + FILES:=$(PKG_BUILD_DIR)/$(CFI_CRYPTOAPI_DIR)/qca-nss-cfi-cryptoapi.ko + AUTOLOAD:=$(call AutoLoad,59,qca-nss-cfi-cryptoapi) +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/qca-nss-cfi + $(CP) $(PKG_BUILD_DIR)/$(CFI_CRYPTOAPI_DIR)/../exports/* $(1)/usr/include/qca-nss-cfi + $(CP) $(PKG_BUILD_DIR)/include/* $(1)/usr/include/qca-nss-cfi +endef + +define KernelPackage/qca-nss-cfi/Description +This package contains a NSS cfi driver for QCA chipset +endef + +EXTRA_CFLAGS+= \ + -DCONFIG_NSS_DEBUG_LEVEL=4 \ + -I$(LINUX_DIR)/crypto/ocf \ + -I$(STAGING_DIR)/usr/include/qca-nss-crypto \ + -I$(STAGING_DIR)/usr/include/crypto \ + -I$(STAGING_DIR)/usr/include/qca-nss-drv + +ifneq (, $(findstring $(CONFIG_TARGET_SUBTARGET), "ipq807x")) +EXTRA_CFLAGS+= -I$(STAGING_DIR)/usr/include/qca-nss-clients +endif + +# Build individual packages if selected +ifneq ($(CONFIG_PACKAGE_kmod-qca-nss-cfi-cryptoapi),) +MAKE_OPTS+= \ + cryptoapi=y \ + NSS_CRYPTOAPI_ABLK=n \ + NSS_CRYPTOAPI_SKCIPHER=y +endif + +ifeq ($(CONFIG_TARGET_BOARD), "qualcommax") + SOC:=$(CONFIG_TARGET_SUBTARGET) +endif + +define Build/Compile + +$(MAKE) -C "$(LINUX_DIR)" $(strip $(MAKE_OPTS)) \ + CROSS_COMPILE="$(TARGET_CROSS)" \ + ARCH="$(LINUX_KARCH)" \ + M="$(PKG_BUILD_DIR)" \ + EXTRA_CFLAGS="$(EXTRA_CFLAGS)" \ + CC="$(TARGET_CC)" \ + CFI_CRYPTOAPI_DIR=$(CFI_CRYPTOAPI_DIR) \ + CFI_OCF_DIR=$(CFI_OCF_DIR) \ + CFI_IPSEC_DIR=$(CFI_IPSEC_DIR) \ + SoC=$(SOC) \ + $(KERNEL_MAKE_FLAGS) \ + $(PKG_JOBS) \ + modules +endef + +$(eval $(call KernelPackage,qca-nss-cfi-cryptoapi)) diff --git a/qca-nss-cfi/patches/0001-cryptoapi-v2.0-fix-SHA1-header-include.patch b/qca-nss-cfi/patches/0001-cryptoapi-v2.0-fix-SHA1-header-include.patch new file mode 100644 index 0000000..12df90f --- /dev/null +++ b/qca-nss-cfi/patches/0001-cryptoapi-v2.0-fix-SHA1-header-include.patch @@ -0,0 +1,62 @@ +From 1569ac3b6bbcae9c3f4898e0d34aec8f88297ee6 Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Sun, 22 Jan 2023 21:45:23 +0100 +Subject: [PATCH 1/5] cryptoapi: v2.0: fix SHA1 header include + +SHA1 header has been merged to the generic SHA one, +and with that the cryptohash.h was dropped. + +So, fix include in kernels 5.8 and newer. + +Signed-off-by: Robert Marko +--- + cryptoapi/v2.0/nss_cryptoapi.c | 5 +++++ + cryptoapi/v2.0/nss_cryptoapi_aead.c | 5 +++++ + cryptoapi/v2.0/nss_cryptoapi_ahash.c | 5 +++++ + 3 files changed, 15 insertions(+) + +--- a/cryptoapi/v2.0/nss_cryptoapi.c ++++ b/cryptoapi/v2.0/nss_cryptoapi.c +@@ -39,7 +39,12 @@ + + #include + #include ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0) + #include ++#else ++#include ++#include ++#endif + #include + #include + #include +--- a/cryptoapi/v2.0/nss_cryptoapi_aead.c ++++ b/cryptoapi/v2.0/nss_cryptoapi_aead.c +@@ -39,7 +39,12 @@ + + #include + #include ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0) + #include ++#else ++#include ++#include ++#endif + #include + #include + #include +--- a/cryptoapi/v2.0/nss_cryptoapi_ahash.c ++++ b/cryptoapi/v2.0/nss_cryptoapi_ahash.c +@@ -38,7 +38,12 @@ + + #include + #include ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0) + #include ++#else ++#include ++#include ++#endif + #include + #include + #include diff --git a/qca-nss-cfi/patches/0002-cryptoapi-v2.0-make-ablkcipher-optional.patch b/qca-nss-cfi/patches/0002-cryptoapi-v2.0-make-ablkcipher-optional.patch new file mode 100644 index 0000000..e9702eb --- /dev/null +++ b/qca-nss-cfi/patches/0002-cryptoapi-v2.0-make-ablkcipher-optional.patch @@ -0,0 +1,116 @@ +From 26cca5006bddb0da57398452616e07ee7b11edb1 Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Sun, 22 Jan 2023 22:01:34 +0100 +Subject: [PATCH 2/5] cryptoapi: v2.0: make ablkcipher optional + +albkcipher has been removed from the kernel in v5.5, so until it has been +converted to skcipher, lets make it optional to at least have hashes +working. + +Signed-off-by: Robert Marko +--- + cryptoapi/v2.0/Makefile | 3 +++ + cryptoapi/v2.0/nss_cryptoapi.c | 10 ++++++++++ + cryptoapi/v2.0/nss_cryptoapi_private.h | 2 ++ + 3 files changed, 15 insertions(+) + +--- a/cryptoapi/v2.0/Makefile ++++ b/cryptoapi/v2.0/Makefile +@@ -5,7 +5,10 @@ NSS_CRYPTOAPI_MOD_NAME=qca-nss-cfi-crypt + obj-m += $(NSS_CRYPTOAPI_MOD_NAME).o + $(NSS_CRYPTOAPI_MOD_NAME)-objs = nss_cryptoapi.o + $(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_aead.o ++ifneq "$(NSS_CRYPTOAPI_ABLK)" "n" + $(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_ablk.o ++ccflags-y += -DNSS_CRYPTOAPI_ABLK ++endif + $(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_ahash.o + + obj ?= . +--- a/cryptoapi/v2.0/nss_cryptoapi.c ++++ b/cryptoapi/v2.0/nss_cryptoapi.c +@@ -1367,6 +1367,7 @@ struct aead_alg cryptoapi_aead_algs[] = + /* + * ABLK cipher algorithms + */ ++#if defined(NSS_CRYPTOAPI_ABLK) + static struct crypto_alg cryptoapi_ablkcipher_algs[] = { + { + .cra_name = "cbc(aes)", +@@ -1466,6 +1467,7 @@ static struct crypto_alg cryptoapi_ablkc + }, + } + }; ++#endif + + /* + * AHASH algorithms +@@ -2189,7 +2191,9 @@ void nss_cryptoapi_add_ctx2debugfs(struc + */ + void nss_cryptoapi_attach_user(void *app_data, struct nss_crypto_user *user) + { ++#if defined(NSS_CRYPTOAPI_ABLK) + struct crypto_alg *ablk = cryptoapi_ablkcipher_algs; ++#endif + struct aead_alg *aead = cryptoapi_aead_algs; + struct ahash_alg *ahash = cryptoapi_ahash_algs; + struct nss_cryptoapi *sc = app_data; +@@ -2212,6 +2216,7 @@ void nss_cryptoapi_attach_user(void *app + g_cryptoapi.user = user; + } + ++#if defined(NSS_CRYPTOAPI_ABLK) + for (i = 0; enable_ablk && (i < ARRAY_SIZE(cryptoapi_ablkcipher_algs)); i++, ablk++) { + info = nss_cryptoapi_cra_name_lookup(ablk->cra_name); + if(!info || !nss_crypto_algo_is_supp(info->algo)) +@@ -2222,6 +2227,7 @@ void nss_cryptoapi_attach_user(void *app + ablk->cra_flags = 0; + } + } ++#endif + + for (i = 0; enable_aead && (i < ARRAY_SIZE(cryptoapi_aead_algs)); i++, aead++) { + info = nss_cryptoapi_cra_name_lookup(aead->base.cra_name); +@@ -2257,7 +2263,9 @@ void nss_cryptoapi_attach_user(void *app + */ + void nss_cryptoapi_detach_user(void *app_data, struct nss_crypto_user *user) + { ++#if defined(NSS_CRYPTOAPI_ABLK) + struct crypto_alg *ablk = cryptoapi_ablkcipher_algs; ++#endif + struct aead_alg *aead = cryptoapi_aead_algs; + struct ahash_alg *ahash = cryptoapi_ahash_algs; + struct nss_cryptoapi *sc = app_data; +@@ -2270,6 +2278,7 @@ void nss_cryptoapi_detach_user(void *app + */ + atomic_set(&g_cryptoapi.registered, 0); + ++#if defined(NSS_CRYPTOAPI_ABLK) + for (i = 0; enable_ablk && (i < ARRAY_SIZE(cryptoapi_ablkcipher_algs)); i++, ablk++) { + if (!ablk->cra_flags) + continue; +@@ -2277,6 +2286,7 @@ void nss_cryptoapi_detach_user(void *app + crypto_unregister_alg(ablk); + nss_cfi_info("%px: ABLK unregister succeeded, algo: %s\n", sc, ablk->cra_name); + } ++#endif + + for (i = 0; enable_aead && (i < ARRAY_SIZE(cryptoapi_aead_algs)); i++, aead++) { + if (!aead->base.cra_flags) +--- a/cryptoapi/v2.0/nss_cryptoapi_private.h ++++ b/cryptoapi/v2.0/nss_cryptoapi_private.h +@@ -250,12 +250,14 @@ extern void nss_cryptoapi_aead_tx_proc(s + /* + * ABLKCIPHER + */ ++#if defined(NSS_CRYPTOAPI_ABLK) + extern int nss_cryptoapi_ablkcipher_init(struct crypto_tfm *tfm); + extern void nss_cryptoapi_ablkcipher_exit(struct crypto_tfm *tfm); + extern int nss_cryptoapi_ablk_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len); + extern int nss_cryptoapi_ablk_encrypt(struct ablkcipher_request *req); + extern int nss_cryptoapi_ablk_decrypt(struct ablkcipher_request *req); + extern void nss_cryptoapi_copy_iv(struct nss_cryptoapi_ctx *ctx, struct scatterlist *sg, uint8_t *iv, uint8_t iv_len); ++#endif + + /* + * AHASH diff --git a/qca-nss-cfi/patches/0003-cryptoapi-v2.0-remove-setting-crypto_ahash_type-for-.patch b/qca-nss-cfi/patches/0003-cryptoapi-v2.0-remove-setting-crypto_ahash_type-for-.patch new file mode 100644 index 0000000..ad11b8b --- /dev/null +++ b/qca-nss-cfi/patches/0003-cryptoapi-v2.0-remove-setting-crypto_ahash_type-for-.patch @@ -0,0 +1,137 @@ +From 797b5166783cda0886038ffb22f5386b9363a961 Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Sun, 22 Jan 2023 22:08:27 +0100 +Subject: [PATCH 3/5] cryptoapi: v2.0: remove setting crypto_ahash_type for + newer kernels + +Upstream has stopped exporting crypto_ahash_type and removed setting it +on ahash algos since v4.19 as its easily identifiable by the struct type +and its being set in the core directly, so lets do the same. + +Signed-off-by: Robert Marko +--- + cryptoapi/v2.0/nss_cryptoapi.c | 24 ++++++++++++++++++++++++ + 1 file changed, 24 insertions(+) + +--- a/cryptoapi/v2.0/nss_cryptoapi.c ++++ b/cryptoapi/v2.0/nss_cryptoapi.c +@@ -1495,7 +1495,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = MD5_HMAC_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1521,7 +1523,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA1_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1547,7 +1551,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA224_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1573,7 +1579,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA256_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1599,7 +1607,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA384_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1625,7 +1635,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA512_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1655,7 +1667,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = MD5_HMAC_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1681,7 +1695,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA1_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1707,7 +1723,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA224_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1733,7 +1751,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA256_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1759,7 +1779,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA384_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, +@@ -1785,7 +1807,9 @@ static struct ahash_alg cryptoapi_ahash_ + .cra_blocksize = SHA512_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), + .cra_alignmask = 0, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0) + .cra_type = &crypto_ahash_type, ++#endif + .cra_module = THIS_MODULE, + .cra_init = nss_cryptoapi_ahash_cra_init, + .cra_exit = nss_cryptoapi_ahash_cra_exit, diff --git a/qca-nss-cfi/patches/0004-cryptoapi-v2.0-aead-add-downstream-crypto_tfm_alg_fl.patch b/qca-nss-cfi/patches/0004-cryptoapi-v2.0-aead-add-downstream-crypto_tfm_alg_fl.patch new file mode 100644 index 0000000..a872321 --- /dev/null +++ b/qca-nss-cfi/patches/0004-cryptoapi-v2.0-aead-add-downstream-crypto_tfm_alg_fl.patch @@ -0,0 +1,28 @@ +From 8db77add1a794bdee8eef0a351e40bf1cdf6dfa9 Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Sun, 22 Jan 2023 22:09:51 +0100 +Subject: [PATCH 4/5] cryptoapi: v2.0: aead: add downstream + crypto_tfm_alg_flags + +crypto_tfm_alg_flags newer made it upstream, but as a temporary stopgap +until a better solution is figured out lets add it. + +Signed-off-by: Robert Marko +--- + cryptoapi/v2.0/nss_cryptoapi_aead.c | 5 +++++ + 1 file changed, 5 insertions(+) + +--- a/cryptoapi/v2.0/nss_cryptoapi_aead.c ++++ b/cryptoapi/v2.0/nss_cryptoapi_aead.c +@@ -61,6 +61,11 @@ + #include + #include "nss_cryptoapi_private.h" + ++static inline u32 crypto_tfm_alg_flags(struct crypto_tfm *tfm) ++{ ++ return tfm->__crt_alg->cra_flags & ~CRYPTO_ALG_TYPE_MASK; ++} ++ + /* + * nss_cryptoapi_aead_ctx2session() + * Cryptoapi function to get the session ID for an AEAD diff --git a/qca-nss-cfi/patches/0005-cryptoapi-v2.0-remove-dropped-flags.patch b/qca-nss-cfi/patches/0005-cryptoapi-v2.0-remove-dropped-flags.patch new file mode 100644 index 0000000..645633a --- /dev/null +++ b/qca-nss-cfi/patches/0005-cryptoapi-v2.0-remove-dropped-flags.patch @@ -0,0 +1,97 @@ +From 62bbb188e1a72d28916e1eca31f4cb9fbbf51cd1 Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Sun, 22 Jan 2023 22:11:06 +0100 +Subject: [PATCH 5/5] cryptoapi: v2.0: remove dropped flags + +Upstream has dropped these flags as there was no use for them, so lets do +the same. + +Signed-off-by: Robert Marko +--- + cryptoapi/v2.0/nss_cryptoapi_aead.c | 6 ------ + cryptoapi/v2.0/nss_cryptoapi_ahash.c | 4 ---- + 2 files changed, 10 deletions(-) + +--- a/cryptoapi/v2.0/nss_cryptoapi_aead.c ++++ b/cryptoapi/v2.0/nss_cryptoapi_aead.c +@@ -207,7 +207,6 @@ int nss_cryptoapi_aead_setkey_noauth(str + ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), keylen, 0); + if (!ctx->info) { + nss_cfi_err("%px: Unable to find algorithm with keylen\n", ctx); +- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -ENOENT; + } + +@@ -239,7 +238,6 @@ int nss_cryptoapi_aead_setkey_noauth(str + status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid); + if (status < 0) { + nss_cfi_err("%px: Unable to allocate crypto session(%d)\n", ctx, status); +- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_FLAGS); + return status; + } + +@@ -271,14 +269,12 @@ int nss_cryptoapi_aead_setkey(struct cry + */ + if (crypto_authenc_extractkeys(&keys, key, keylen) != 0) { + nss_cfi_err("%px: Unable to extract keys\n", ctx); +- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EIO; + } + + ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), keys.enckeylen, crypto_aead_maxauthsize(aead)); + if (!ctx->info) { + nss_cfi_err("%px: Unable to find algorithm with keylen\n", ctx); +- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -ENOENT; + } + +@@ -299,7 +295,6 @@ int nss_cryptoapi_aead_setkey(struct cry + */ + if (keys.authkeylen > ctx->info->auth_blocksize) { + nss_cfi_err("%px: Auth keylen(%d) exceeds supported\n", ctx, keys.authkeylen); +- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; + } + +@@ -342,7 +337,6 @@ int nss_cryptoapi_aead_setkey(struct cry + status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid); + if (status < 0) { + nss_cfi_err("%px: Unable to allocate crypto session(%d)\n", ctx, status); +- crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_FLAGS); + return status; + } + +--- a/cryptoapi/v2.0/nss_cryptoapi_ahash.c ++++ b/cryptoapi/v2.0/nss_cryptoapi_ahash.c +@@ -192,7 +192,6 @@ int nss_cryptoapi_ahash_setkey(struct cr + + ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), 0, crypto_ahash_digestsize(ahash)); + if (!ctx->info) { +- crypto_ahash_set_flags(ahash, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; + } + +@@ -215,7 +214,6 @@ int nss_cryptoapi_ahash_setkey(struct cr + status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid); + if (status < 0) { + nss_cfi_warn("%px: Unable to allocate crypto session(%d)\n", ctx, status); +- crypto_ahash_set_flags(ahash, CRYPTO_TFM_RES_BAD_FLAGS); + return status; + } + +@@ -299,7 +297,6 @@ int nss_cryptoapi_ahash_init(struct ahas + */ + ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), 0, 0); + if (!ctx->info) { +- crypto_ahash_set_flags(ahash, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; + } + +@@ -314,7 +311,6 @@ int nss_cryptoapi_ahash_init(struct ahas + status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid); + if (status < 0) { + nss_cfi_err("%px: Unable to allocate crypto session(%d)\n", ctx, status); +- crypto_ahash_set_flags(ahash, CRYPTO_TFM_RES_BAD_FLAGS); + return status; + } + diff --git a/qca-nss-cfi/patches/0006-cryptoapi-v2.0-convert-to-skcipher.patch b/qca-nss-cfi/patches/0006-cryptoapi-v2.0-convert-to-skcipher.patch new file mode 100644 index 0000000..f85e3d8 --- /dev/null +++ b/qca-nss-cfi/patches/0006-cryptoapi-v2.0-convert-to-skcipher.patch @@ -0,0 +1,1199 @@ +From 1b30927548c2498c76b815b87f604f9a1de40a48 Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Sun, 22 Jan 2023 23:31:09 +0100 +Subject: [PATCH] cryptoapi: v2.0: convert to skcipher + +Finally convert the driver from ablkcipher that was dropped in v5.5 to +skcipher. + +Signed-off-by: Robert Marko +--- + cryptoapi/v2.0/Makefile | 6 +- + cryptoapi/v2.0/nss_cryptoapi.c | 200 ++++++++---------- + cryptoapi/v2.0/nss_cryptoapi_private.h | 14 +- + ...ptoapi_ablk.c => nss_cryptoapi_skcipher.c} | 116 +++++----- + 4 files changed, 145 insertions(+), 191 deletions(-) + rename cryptoapi/v2.0/{nss_cryptoapi_ablk.c => nss_cryptoapi_skcipher.c} (74%) + +--- a/cryptoapi/v2.0/Makefile ++++ b/cryptoapi/v2.0/Makefile +@@ -5,9 +5,9 @@ NSS_CRYPTOAPI_MOD_NAME=qca-nss-cfi-crypt + obj-m += $(NSS_CRYPTOAPI_MOD_NAME).o + $(NSS_CRYPTOAPI_MOD_NAME)-objs = nss_cryptoapi.o + $(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_aead.o +-ifneq "$(NSS_CRYPTOAPI_ABLK)" "n" +-$(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_ablk.o +-ccflags-y += -DNSS_CRYPTOAPI_ABLK ++ifneq "$(NSS_CRYPTOAPI_SKCIPHER)" "n" ++$(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_skcipher.o ++ccflags-y += -DNSS_CRYPTOAPI_SKCIPHER + endif + $(NSS_CRYPTOAPI_MOD_NAME)-objs += nss_cryptoapi_ahash.o + +--- a/cryptoapi/v2.0/nss_cryptoapi.c ++++ b/cryptoapi/v2.0/nss_cryptoapi.c +@@ -1367,104 +1367,78 @@ struct aead_alg cryptoapi_aead_algs[] = + /* + * ABLK cipher algorithms + */ +-#if defined(NSS_CRYPTOAPI_ABLK) +-static struct crypto_alg cryptoapi_ablkcipher_algs[] = { ++#if defined(NSS_CRYPTOAPI_SKCIPHER) ++static struct skcipher_alg cryptoapi_skcipher_algs[] = { + { +- .cra_name = "cbc(aes)", +- .cra_driver_name = "nss-cbc-aes", +- .cra_priority = 10000, +- .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, +- .cra_blocksize = AES_BLOCK_SIZE, +- .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), +- .cra_alignmask = 0, +- .cra_type = &crypto_ablkcipher_type, +- .cra_module = THIS_MODULE, +- .cra_init = nss_cryptoapi_ablkcipher_init, +- .cra_exit = nss_cryptoapi_ablkcipher_exit, +- .cra_u = { +- .ablkcipher = { +- .ivsize = AES_BLOCK_SIZE, +- .min_keysize = AES_MIN_KEY_SIZE, +- .max_keysize = AES_MAX_KEY_SIZE, +- .setkey = nss_cryptoapi_ablk_setkey, +- .encrypt = nss_cryptoapi_ablk_encrypt, +- .decrypt = nss_cryptoapi_ablk_decrypt, +- }, +- }, +- }, +- { +- .cra_name = "rfc3686(ctr(aes))", +- .cra_driver_name = "nss-rfc3686-ctr-aes", +- .cra_priority = 30000, +- .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, +- .cra_blocksize = AES_BLOCK_SIZE, +- .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), +- .cra_alignmask = 0, +- .cra_type = &crypto_ablkcipher_type, +- .cra_module = THIS_MODULE, +- .cra_init = nss_cryptoapi_ablkcipher_init, +- .cra_exit = nss_cryptoapi_ablkcipher_exit, +- .cra_u = { +- .ablkcipher = { +- .ivsize = CTR_RFC3686_IV_SIZE, +-/* +- * geniv deprecated from kernel version 5.0 and above +- */ +-#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)) +- .geniv = "seqiv", +-#endif +- .min_keysize = AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, +- .max_keysize = AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, +- .setkey = nss_cryptoapi_ablk_setkey, +- .encrypt = nss_cryptoapi_ablk_encrypt, +- .decrypt = nss_cryptoapi_ablk_decrypt, +- }, +- }, +- }, +- { +- .cra_name = "ecb(aes)", +- .cra_driver_name = "nss-ecb-aes", +- .cra_priority = 10000, +- .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, +- .cra_blocksize = AES_BLOCK_SIZE, +- .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), +- .cra_alignmask = 0, +- .cra_type = &crypto_ablkcipher_type, +- .cra_module = THIS_MODULE, +- .cra_init = nss_cryptoapi_ablkcipher_init, +- .cra_exit = nss_cryptoapi_ablkcipher_exit, +- .cra_u = { +- .ablkcipher = { +- .min_keysize = AES_MIN_KEY_SIZE, +- .max_keysize = AES_MAX_KEY_SIZE, +- .setkey = nss_cryptoapi_ablk_setkey, +- .encrypt = nss_cryptoapi_ablk_encrypt, +- .decrypt = nss_cryptoapi_ablk_decrypt, +- }, +- }, +- }, +- { +- .cra_name = "cbc(des3_ede)", +- .cra_driver_name = "nss-cbc-des-ede", +- .cra_priority = 10000, +- .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, +- .cra_blocksize = DES3_EDE_BLOCK_SIZE, +- .cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), +- .cra_alignmask = 0, +- .cra_type = &crypto_ablkcipher_type, +- .cra_module = THIS_MODULE, +- .cra_init = nss_cryptoapi_ablkcipher_init, +- .cra_exit = nss_cryptoapi_ablkcipher_exit, +- .cra_u = { +- .ablkcipher = { +- .ivsize = DES3_EDE_BLOCK_SIZE, +- .min_keysize = DES3_EDE_KEY_SIZE, +- .max_keysize = DES3_EDE_KEY_SIZE, +- .setkey = nss_cryptoapi_ablk_setkey, +- .encrypt = nss_cryptoapi_ablk_encrypt, +- .decrypt = nss_cryptoapi_ablk_decrypt, +- }, +- }, ++ .base.cra_name = "cbc(aes)", ++ .base.cra_driver_name = "nss-cbc-aes", ++ .base.cra_priority = 10000, ++ .base.cra_flags = CRYPTO_ALG_ASYNC, ++ .base.cra_blocksize = AES_BLOCK_SIZE, ++ .base.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), ++ .base.cra_alignmask = 0, ++ .base.cra_module = THIS_MODULE, ++ .init = nss_cryptoapi_skcipher_init, ++ .exit = nss_cryptoapi_skcipher_exit, ++ .ivsize = AES_BLOCK_SIZE, ++ .min_keysize = AES_MIN_KEY_SIZE, ++ .max_keysize = AES_MAX_KEY_SIZE, ++ .setkey = nss_cryptoapi_skcipher_setkey, ++ .encrypt = nss_cryptoapi_skcipher_encrypt, ++ .decrypt = nss_cryptoapi_skcipher_decrypt, ++ }, ++ { ++ .base.cra_name = "rfc3686(ctr(aes))", ++ .base.cra_driver_name = "nss-rfc3686-ctr-aes", ++ .base.cra_priority = 30000, ++ .base.cra_flags = CRYPTO_ALG_ASYNC, ++ .base.cra_blocksize = AES_BLOCK_SIZE, ++ .base.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), ++ .base.cra_alignmask = 0, ++ .base.cra_module = THIS_MODULE, ++ .init = nss_cryptoapi_skcipher_init, ++ .exit = nss_cryptoapi_skcipher_exit, ++ .ivsize = CTR_RFC3686_IV_SIZE, ++ .min_keysize = AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, ++ .max_keysize = AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, ++ .setkey = nss_cryptoapi_skcipher_setkey, ++ .encrypt = nss_cryptoapi_skcipher_encrypt, ++ .decrypt = nss_cryptoapi_skcipher_decrypt, ++ }, ++ { ++ .base.cra_name = "ecb(aes)", ++ .base.cra_driver_name = "nss-ecb-aes", ++ .base.cra_priority = 10000, ++ .base.cra_flags = CRYPTO_ALG_ASYNC, ++ .base.cra_blocksize = AES_BLOCK_SIZE, ++ .base.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), ++ .base.cra_alignmask = 0, ++ .base.cra_module = THIS_MODULE, ++ .init = nss_cryptoapi_skcipher_init, ++ .exit = nss_cryptoapi_skcipher_exit, ++ .min_keysize = AES_MIN_KEY_SIZE, ++ .max_keysize = AES_MAX_KEY_SIZE, ++ .setkey = nss_cryptoapi_skcipher_setkey, ++ .encrypt = nss_cryptoapi_skcipher_encrypt, ++ .decrypt = nss_cryptoapi_skcipher_decrypt, ++ }, ++ { ++ .base.cra_name = "cbc(des3_ede)", ++ .base.cra_driver_name = "nss-cbc-des-ede", ++ .base.cra_priority = 10000, ++ .base.cra_flags = CRYPTO_ALG_ASYNC, ++ .base.cra_blocksize = DES3_EDE_BLOCK_SIZE, ++ .base.cra_ctxsize = sizeof(struct nss_cryptoapi_ctx), ++ .base.cra_alignmask = 0, ++ .base.cra_module = THIS_MODULE, ++ .init = nss_cryptoapi_skcipher_init, ++ .exit = nss_cryptoapi_skcipher_exit, ++ .ivsize = DES3_EDE_BLOCK_SIZE, ++ .min_keysize = DES3_EDE_KEY_SIZE, ++ .max_keysize = DES3_EDE_KEY_SIZE, ++ .setkey = nss_cryptoapi_skcipher_setkey, ++ .encrypt = nss_cryptoapi_skcipher_encrypt, ++ .decrypt = nss_cryptoapi_skcipher_decrypt, + } + }; + #endif +@@ -2215,8 +2189,8 @@ void nss_cryptoapi_add_ctx2debugfs(struc + */ + void nss_cryptoapi_attach_user(void *app_data, struct nss_crypto_user *user) + { +-#if defined(NSS_CRYPTOAPI_ABLK) +- struct crypto_alg *ablk = cryptoapi_ablkcipher_algs; ++#if defined(NSS_CRYPTOAPI_SKCIPHER) ++ struct skcipher_alg *ablk = cryptoapi_skcipher_algs; + #endif + struct aead_alg *aead = cryptoapi_aead_algs; + struct ahash_alg *ahash = cryptoapi_ahash_algs; +@@ -2240,15 +2214,15 @@ void nss_cryptoapi_attach_user(void *app + g_cryptoapi.user = user; + } + +-#if defined(NSS_CRYPTOAPI_ABLK) +- for (i = 0; enable_ablk && (i < ARRAY_SIZE(cryptoapi_ablkcipher_algs)); i++, ablk++) { +- info = nss_cryptoapi_cra_name_lookup(ablk->cra_name); ++#if defined(NSS_CRYPTOAPI_SKCIPHER) ++ for (i = 0; enable_ablk && (i < ARRAY_SIZE(cryptoapi_skcipher_algs)); i++, ablk++) { ++ info = nss_cryptoapi_cra_name_lookup(ablk->base.cra_name); + if(!info || !nss_crypto_algo_is_supp(info->algo)) + continue; + +- if (crypto_register_alg(ablk)) { +- nss_cfi_err("%px: ABLK registration failed(%s)\n", sc, ablk->cra_name); +- ablk->cra_flags = 0; ++ if (crypto_register_skcipher(ablk)) { ++ nss_cfi_err("%px: skcipher registration failed(%s)\n", sc, ablk->base.cra_name); ++ ablk->base.cra_flags = 0; + } + } + #endif +@@ -2287,8 +2261,8 @@ void nss_cryptoapi_attach_user(void *app + */ + void nss_cryptoapi_detach_user(void *app_data, struct nss_crypto_user *user) + { +-#if defined(NSS_CRYPTOAPI_ABLK) +- struct crypto_alg *ablk = cryptoapi_ablkcipher_algs; ++#if defined(NSS_CRYPTOAPI_SKCIPHER) ++ struct skcipher_alg *ablk = cryptoapi_skcipher_algs; + #endif + struct aead_alg *aead = cryptoapi_aead_algs; + struct ahash_alg *ahash = cryptoapi_ahash_algs; +@@ -2302,13 +2276,13 @@ void nss_cryptoapi_detach_user(void *app + */ + atomic_set(&g_cryptoapi.registered, 0); + +-#if defined(NSS_CRYPTOAPI_ABLK) +- for (i = 0; enable_ablk && (i < ARRAY_SIZE(cryptoapi_ablkcipher_algs)); i++, ablk++) { +- if (!ablk->cra_flags) ++#if defined(NSS_CRYPTOAPI_SKCIPHER) ++ for (i = 0; enable_ablk && (i < ARRAY_SIZE(cryptoapi_skcipher_algs)); i++, ablk++) { ++ if (!ablk->base.cra_flags) + continue; + +- crypto_unregister_alg(ablk); +- nss_cfi_info("%px: ABLK unregister succeeded, algo: %s\n", sc, ablk->cra_name); ++ crypto_unregister_skcipher(ablk); ++ nss_cfi_info("%px: skcipher unregister succeeded, algo: %s\n", sc, ablk->base.cra_name); + } + #endif + +--- a/cryptoapi/v2.0/nss_cryptoapi_private.h ++++ b/cryptoapi/v2.0/nss_cryptoapi_private.h +@@ -248,14 +248,14 @@ extern void nss_cryptoapi_aead_tx_proc(s + struct nss_cryptoapi_info *info, bool encrypt); + + /* +- * ABLKCIPHER ++ * SKCIPHER + */ +-#if defined(NSS_CRYPTOAPI_ABLK) +-extern int nss_cryptoapi_ablkcipher_init(struct crypto_tfm *tfm); +-extern void nss_cryptoapi_ablkcipher_exit(struct crypto_tfm *tfm); +-extern int nss_cryptoapi_ablk_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len); +-extern int nss_cryptoapi_ablk_encrypt(struct ablkcipher_request *req); +-extern int nss_cryptoapi_ablk_decrypt(struct ablkcipher_request *req); ++#if defined(NSS_CRYPTOAPI_SKCIPHER) ++extern int nss_cryptoapi_skcipher_init(struct crypto_skcipher *tfm); ++extern void nss_cryptoapi_skcipher_exit(struct crypto_skcipher *tfm); ++extern int nss_cryptoapi_skcipher_setkey(struct crypto_skcipher *cipher, const u8 *key, unsigned int len); ++extern int nss_cryptoapi_skcipher_encrypt(struct skcipher_request *req); ++extern int nss_cryptoapi_skcipher_decrypt(struct skcipher_request *req); + extern void nss_cryptoapi_copy_iv(struct nss_cryptoapi_ctx *ctx, struct scatterlist *sg, uint8_t *iv, uint8_t iv_len); + #endif + +--- a/cryptoapi/v2.0/nss_cryptoapi_ablk.c ++++ /dev/null +@@ -1,458 +0,0 @@ +-/* Copyright (c) 2015-2020 The Linux Foundation. All rights reserved. +- * Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved. +- * +- * Permission to use, copy, modify, and/or distribute this software for any +- * purpose with or without fee is hereby granted, provided that the above +- * copyright notice and this permission notice appear in all copies. +- * +- * +- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +- * AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT +- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +- * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +- * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +- * PERFORMANCE OF THIS SOFTWARE. +- * +- * +- */ +- +-/** +- * nss_cryptoapi_ablk.c +- * Interface to communicate Native Linux crypto framework specific data +- * to Crypto core specific data +- */ +- +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +- +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +- +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include "nss_cryptoapi_private.h" +- +-extern struct nss_cryptoapi g_cryptoapi; +- +-/* +- * nss_cryptoapi_skcipher_ctx2session() +- * Cryptoapi function to get the session ID for an skcipher +- */ +-int nss_cryptoapi_skcipher_ctx2session(struct crypto_skcipher *sk, uint32_t *sid) +-{ +- struct crypto_tfm *tfm = crypto_skcipher_tfm(sk); +- struct crypto_ablkcipher **actx, *ablk; +- struct ablkcipher_tfm *ablk_tfm; +- struct nss_cryptoapi_ctx *ctx; +- +- if (strncmp("nss-", crypto_tfm_alg_driver_name(tfm), 4)) +- return -EINVAL; +- +- /* Get the ablkcipher from the skcipher */ +- actx = crypto_skcipher_ctx(sk); +- if (!actx || !(*actx)) +- return -EINVAL; +- +- /* +- * The ablkcipher now obtained is a wrapper around the actual +- * ablkcipher that is created when the skcipher is created. +- * Hence we derive the required ablkcipher through ablkcipher_tfm. +- */ +- ablk_tfm = crypto_ablkcipher_crt(*actx); +- if (!ablk_tfm) +- return -EINVAL; +- +- ablk = ablk_tfm->base; +- if (!ablk) +- return -EINVAL; +- +- /* Get the nss_cryptoapi context stored in the ablkcipher */ +- ctx = crypto_ablkcipher_ctx(ablk); +- +- BUG_ON(!ctx); +- NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); +- +- *sid = ctx->sid; +- return 0; +-} +-EXPORT_SYMBOL(nss_cryptoapi_skcipher_ctx2session); +- +-/* +- * nss_cryptoapi_ablkcipher_init() +- * Cryptoapi ablkcipher init function. +- */ +-int nss_cryptoapi_ablkcipher_init(struct crypto_tfm *tfm) +-{ +- struct nss_cryptoapi_ctx *ctx = crypto_tfm_ctx(tfm); +- +- BUG_ON(!ctx); +- NSS_CRYPTOAPI_SET_MAGIC(ctx); +- +- memset(ctx, 0, sizeof(struct nss_cryptoapi_ctx)); +- +- ctx->user = g_cryptoapi.user; +- ctx->stats.init++; +- ctx->sid = NSS_CRYPTO_SESSION_MAX; +- init_completion(&ctx->complete); +- +- return 0; +-} +- +-/* +- * nss_cryptoapi_ablkcipher_exit() +- * Cryptoapi ablkcipher exit function. +- */ +-void nss_cryptoapi_ablkcipher_exit(struct crypto_tfm *tfm) +-{ +- struct nss_cryptoapi_ctx *ctx = crypto_tfm_ctx(tfm); +- int ret; +- +- BUG_ON(!ctx); +- NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); +- +- ctx->stats.exit++; +- +- /* +- * When fallback_req is set, it means that fallback tfm was used +- * we didn't create any sessions. +- */ +- if (ctx->fallback_req) { +- ctx->stats.failed_fallback++; +- return; +- } +- +- if (!atomic_read(&ctx->active)) { +- ctx->stats.failed_exit++; +- return; +- } +- +- /* +- * Mark cryptoapi context as inactive +- */ +- atomic_set(&ctx->active, 0); +- +- if (!atomic_sub_and_test(1, &ctx->refcnt)) { +- /* +- * We need to wait for any outstanding packet using this ctx. +- * Once the last packet get processed, reference count will become +- * 0 this ctx. We will wait for the reference to go down to 0. +- */ +- ret = wait_for_completion_timeout(&ctx->complete, NSS_CRYPTOAPI_REQ_TIMEOUT_TICKS); +- WARN_ON(!ret); +- } +- +- if (ctx->sid != NSS_CRYPTO_SESSION_MAX) { +- nss_crypto_session_free(ctx->user, ctx->sid); +- debugfs_remove_recursive(ctx->dentry); +- ctx->sid = NSS_CRYPTO_SESSION_MAX; +- } +- +- NSS_CRYPTOAPI_CLEAR_MAGIC(ctx); +-} +- +-/* +- * nss_cryptoapi_ablk_setkey() +- * Cryptoapi setkey routine for aes. +- */ +-int nss_cryptoapi_ablk_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) +-{ +- struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); +- struct nss_cryptoapi_ctx *ctx = crypto_tfm_ctx(tfm); +- struct nss_crypto_session_data data = {0}; +- int status; +- +- /* +- * Validate magic number - init should be called before setkey +- */ +- NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); +- +- ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), keylen, 0); +- if (!ctx->info) { +- crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); +- return -EINVAL; +- } +- +- ctx->iv_size = crypto_ablkcipher_ivsize(cipher); +- +- if (ctx->info->cipher_mode == NSS_CRYPTOAPI_CIPHER_MODE_CTR_RFC3686) { +- keylen = keylen - CTR_RFC3686_NONCE_SIZE; +- memcpy(ctx->ctx_iv, key + keylen, CTR_RFC3686_NONCE_SIZE); +- ctx->ctx_iv[3] = ntohl(0x1); +- ctx->iv_size += CTR_RFC3686_NONCE_SIZE + sizeof(uint32_t); +- } +- +- /* +- * Fill NSS crypto session data +- */ +- data.algo = ctx->info->algo; +- data.cipher_key = key; +- +- if (data.algo >= NSS_CRYPTO_CMN_ALGO_MAX) +- return -ERANGE; +- +- if (ctx->sid != NSS_CRYPTO_SESSION_MAX) { +- nss_crypto_session_free(ctx->user, ctx->sid); +- debugfs_remove_recursive(ctx->dentry); +- ctx->sid = NSS_CRYPTO_SESSION_MAX; +- } +- +- status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid); +- if (status < 0) { +- nss_cfi_err("%px: Unable to allocate crypto session(%d)\n", ctx, status); +- crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_FLAGS); +- return status; +- } +- +- nss_cryptoapi_add_ctx2debugfs(ctx); +- atomic_set(&ctx->active, 1); +- atomic_set(&ctx->refcnt, 1); +- return 0; +-} +- +-/* +- * nss_cryptoapi_ablkcipher_done() +- * Cipher operation completion callback function +- */ +-void nss_cryptoapi_ablkcipher_done(void *app_data, struct nss_crypto_hdr *ch, uint8_t status) +-{ +- struct ablkcipher_request *req = app_data; +- struct nss_cryptoapi_ctx *ctx = crypto_tfm_ctx(req->base.tfm); +- int error; +- +- BUG_ON(!ch); +- +- /* +- * Check cryptoapi context magic number. +- */ +- NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); +- +- /* +- * For skcipher decryption case, the last block of encrypted data is used as +- * an IV for the next data +- */ +- if (ch->op == NSS_CRYPTO_OP_DIR_ENC) { +- nss_cryptoapi_copy_iv(ctx, req->dst, req->info, ch->iv_len); +- } +- +- /* +- * Free crypto hdr +- */ +- nss_crypto_hdr_free(ctx->user, ch); +- +- nss_cfi_dbg("data dump after transformation\n"); +- nss_cfi_dbg_data(sg_virt(req->dst), req->nbytes, ' '); +- +- /* +- * Check if there is any error reported by hardware +- */ +- error = nss_cryptoapi_status2error(ctx, status); +- ctx->stats.completed++; +- +- /* +- * Decrement cryptoapi reference +- */ +- nss_cryptoapi_ref_dec(ctx); +- req->base.complete(&req->base, error); +-} +- +-/* +- * nss_cryptoapi_ablk_encrypt() +- * Crytoapi encrypt for AES and 3DES algorithms. +- */ +-int nss_cryptoapi_ablk_encrypt(struct ablkcipher_request *req) +-{ +- struct nss_cryptoapi_info info = {.op_dir = NSS_CRYPTO_OP_DIR_ENC}; +- struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(req); +- struct nss_cryptoapi_ctx *ctx = crypto_ablkcipher_ctx(cipher); +- struct crypto_tfm *tfm = req->base.tfm; +- struct scatterlist *cur; +- int tot_len = 0; +- int i; +- +- /* +- * Check cryptoapi context magic number. +- */ +- NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); +- +- /* +- * Check if cryptoapi context is active or not +- */ +- if (!atomic_read(&ctx->active)) +- return -EINVAL; +- +- if (sg_nents(req->src) != sg_nents(req->dst)) { +- ctx->stats.failed_req++; +- return -EINVAL; +- } +- +- /* +- * Block size not aligned. +- * AES-CTR requires only a one-byte block size alignment. +- */ +- if (!IS_ALIGNED(req->nbytes, crypto_tfm_alg_blocksize(tfm)) && ctx->info->blk_align) { +- ctx->stats.failed_align++; +- crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_BLOCK_LEN); +- return -EFAULT; +- } +- +- /* +- * Fill the request information structure +- */ +- info.iv = req->info; +- info.src.nsegs = sg_nents(req->src); +- info.dst.nsegs = sg_nents(req->dst); +- info.op_dir = NSS_CRYPTO_OP_DIR_ENC; +- info.cb = nss_cryptoapi_ablkcipher_done; +- info.iv_size = ctx->iv_size; +- info.src.first_sg = req->src; +- info.dst.first_sg = req->dst; +- info.dst.last_sg = sg_last(req->dst, info.dst.nsegs); +- +- /* out and in length will be same as ablk does only encrypt/decryt operation */ +- info.total_in_len = info.total_out_len = req->nbytes; +- info.in_place = (req->src == req->dst) ? true : false; +- +- /* +- * The exact length of data that needs to be ciphered for an ABLK +- * request is stored in req->nbytes. Hence we may have to reduce +- * the DMA length to what is specified in req->nbytes and later +- * restore the length of scatterlist back to its original value. +- */ +- for_each_sg(req->src, cur, info.src.nsegs, i) { +- if (!cur) +- break; +- +- tot_len += cur->length; +- if (!sg_next(cur)) +- break; +- } +- +- /* +- * We only support (2^16 - 1) length. +- */ +- if (tot_len > U16_MAX) { +- ctx->stats.failed_len++; +- return -EFBIG; +- } +- +- info.src.last_sg = cur; +- info.ahash_skip = tot_len - req->nbytes; +- +- if (!atomic_inc_not_zero(&ctx->refcnt)) +- return -ENOENT; +- +- return nss_cryptoapi_transform(ctx, &info, (void *)req, false); +-} +- +-/* +- * nss_cryptoapi_ablk_decrypt() +- * Crytoapi decrypt for AES and 3DES CBC algorithms. +- */ +-int nss_cryptoapi_ablk_decrypt(struct ablkcipher_request *req) +-{ +- struct nss_cryptoapi_info info = {.op_dir = NSS_CRYPTO_OP_DIR_DEC}; +- struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(req); +- struct nss_cryptoapi_ctx *ctx = crypto_ablkcipher_ctx(cipher); +- struct crypto_tfm *tfm = req->base.tfm; +- struct scatterlist *cur; +- int tot_len = 0; +- int i; +- +- /* +- * Check cryptoapi context magic number. +- */ +- NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); +- +- /* +- * Check if cryptoapi context is active or not +- */ +- if (!atomic_read(&ctx->active)) +- return -EINVAL; +- +- if (sg_nents(req->src) != sg_nents(req->dst)) { +- ctx->stats.failed_req++; +- return -EINVAL; +- } +- +- /* +- * Block size not aligned +- */ +- if (!IS_ALIGNED(req->nbytes, crypto_tfm_alg_blocksize(tfm)) && ctx->info->blk_align) { +- ctx->stats.failed_align++; +- crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_BLOCK_LEN); +- return -EFAULT; +- } +- +- /* +- * Fill the request information structure +- * Note: For CTR mode, IV size will be set to AES_BLOCK_SIZE. +- * This is because linux gives iv size as 8 while we need to alloc 16 bytes +- * in crypto hdr to accomodate +- * - 4 bytes of nonce +- * - 8 bytes of IV +- * - 4 bytes of initial counter +- */ +- info.iv = req->info; +- info.src.nsegs = sg_nents(req->src); +- info.dst.nsegs = sg_nents(req->dst); +- info.iv_size = ctx->iv_size; +- info.op_dir = NSS_CRYPTO_OP_DIR_DEC; +- info.cb = nss_cryptoapi_ablkcipher_done; +- info.src.first_sg = req->src; +- info.dst.first_sg = req->dst; +- info.dst.last_sg = sg_last(req->dst, info.dst.nsegs); +- +- /* out and in length will be same as ablk does only encrypt/decryt operation */ +- info.total_in_len = info.total_out_len = req->nbytes; +- info.in_place = (req->src == req->dst) ? true : false; +- +- /* +- * The exact length of data that needs to be ciphered for an ABLK +- * request is stored in req->nbytes. Hence we may have to reduce +- * the DMA length to what is specified in req->nbytes and later +- * restore the length of scatterlist back to its original value. +- */ +- for_each_sg(req->src, cur, info.src.nsegs, i) { +- tot_len += cur->length; +- if (!sg_next(cur)) +- break; +- } +- +- /* +- * We only support (2^16 - 1) length. +- */ +- if (tot_len > U16_MAX) { +- ctx->stats.failed_len++; +- return -EFBIG; +- } +- +- info.ahash_skip = tot_len - req->nbytes; +- info.src.last_sg = cur; +- +- if (!atomic_inc_not_zero(&ctx->refcnt)) +- return -ENOENT; +- +- return nss_cryptoapi_transform(ctx, &info, (void *)req, false); +-} +--- /dev/null ++++ b/cryptoapi/v2.0/nss_cryptoapi_skcipher.c +@@ -0,0 +1,438 @@ ++/* Copyright (c) 2015-2020 The Linux Foundation. All rights reserved. ++ * Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved. ++ * ++ * Permission to use, copy, modify, and/or distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM ++ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE ++ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ++ * PERFORMANCE OF THIS SOFTWARE. ++ * ++ * ++ */ ++ ++/** ++ * nss_cryptoapi_ablk.c ++ * Interface to communicate Native Linux crypto framework specific data ++ * to Crypto core specific data ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0) ++#include ++#else ++#include ++#include ++#endif ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "nss_cryptoapi_private.h" ++ ++extern struct nss_cryptoapi g_cryptoapi; ++ ++/* ++ * nss_cryptoapi_skcipher_ctx2session() ++ * Cryptoapi function to get the session ID for an skcipher ++ */ ++int nss_cryptoapi_skcipher_ctx2session(struct crypto_skcipher *sk, uint32_t *sid) ++{ ++ struct crypto_tfm *tfm = crypto_skcipher_tfm(sk); ++ struct nss_cryptoapi_ctx *ctx; ++ ++ if (strncmp("nss-", crypto_tfm_alg_driver_name(tfm), 4)) ++ return -EINVAL; ++ ++ /* Get the nss_cryptoapi context stored in skcipher */ ++ ctx = crypto_skcipher_ctx(sk); ++ BUG_ON(!ctx); ++ NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); ++ ++ *sid = ctx->sid; ++ return 0; ++} ++EXPORT_SYMBOL(nss_cryptoapi_skcipher_ctx2session); ++ ++/* ++ * nss_cryptoapi_skcipher_init() ++ * Cryptoapi skcipher init function. ++ */ ++int nss_cryptoapi_skcipher_init(struct crypto_skcipher *tfm) ++{ ++ struct nss_cryptoapi_ctx *ctx = crypto_skcipher_ctx(tfm); ++ ++ BUG_ON(!ctx); ++ NSS_CRYPTOAPI_SET_MAGIC(ctx); ++ ++ memset(ctx, 0, sizeof(struct nss_cryptoapi_ctx)); ++ ++ ctx->user = g_cryptoapi.user; ++ ctx->stats.init++; ++ ctx->sid = NSS_CRYPTO_SESSION_MAX; ++ init_completion(&ctx->complete); ++ ++ return 0; ++} ++ ++/* ++ * nss_cryptoapi_skcipher_exit() ++ * Cryptoapi skcipher exit function. ++ */ ++void nss_cryptoapi_skcipher_exit(struct crypto_skcipher *tfm) ++{ ++ struct nss_cryptoapi_ctx *ctx = crypto_skcipher_ctx(tfm); ++ int ret; ++ ++ BUG_ON(!ctx); ++ NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); ++ ++ ctx->stats.exit++; ++ ++ /* ++ * When fallback_req is set, it means that fallback tfm was used ++ * we didn't create any sessions. ++ */ ++ if (ctx->fallback_req) { ++ ctx->stats.failed_fallback++; ++ return; ++ } ++ ++ if (!atomic_read(&ctx->active)) { ++ ctx->stats.failed_exit++; ++ return; ++ } ++ ++ /* ++ * Mark cryptoapi context as inactive ++ */ ++ atomic_set(&ctx->active, 0); ++ ++ if (!atomic_sub_and_test(1, &ctx->refcnt)) { ++ /* ++ * We need to wait for any outstanding packet using this ctx. ++ * Once the last packet get processed, reference count will become ++ * 0 this ctx. We will wait for the reference to go down to 0. ++ */ ++ ret = wait_for_completion_timeout(&ctx->complete, NSS_CRYPTOAPI_REQ_TIMEOUT_TICKS); ++ WARN_ON(!ret); ++ } ++ ++ if (ctx->sid != NSS_CRYPTO_SESSION_MAX) { ++ nss_crypto_session_free(ctx->user, ctx->sid); ++ debugfs_remove_recursive(ctx->dentry); ++ ctx->sid = NSS_CRYPTO_SESSION_MAX; ++ } ++ ++ NSS_CRYPTOAPI_CLEAR_MAGIC(ctx); ++} ++ ++/* ++ * nss_cryptoapi_skcipher_setkey() ++ * Cryptoapi setkey routine for aes. ++ */ ++int nss_cryptoapi_skcipher_setkey(struct crypto_skcipher *cipher, const u8 *key, unsigned int keylen) ++{ ++ struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher); ++ struct nss_cryptoapi_ctx *ctx = crypto_skcipher_ctx(cipher); ++ struct nss_crypto_session_data data = {0}; ++ int status; ++ ++ /* ++ * Validate magic number - init should be called before setkey ++ */ ++ NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); ++ ++ ctx->info = nss_cryptoapi_cra_name2info(crypto_tfm_alg_name(tfm), keylen, 0); ++ if (!ctx->info) { ++ return -EINVAL; ++ } ++ ++ ctx->iv_size = crypto_skcipher_ivsize(cipher); ++ ++ if (ctx->info->cipher_mode == NSS_CRYPTOAPI_CIPHER_MODE_CTR_RFC3686) { ++ keylen = keylen - CTR_RFC3686_NONCE_SIZE; ++ memcpy(ctx->ctx_iv, key + keylen, CTR_RFC3686_NONCE_SIZE); ++ ctx->ctx_iv[3] = ntohl(0x1); ++ ctx->iv_size += CTR_RFC3686_NONCE_SIZE + sizeof(uint32_t); ++ } ++ ++ /* ++ * Fill NSS crypto session data ++ */ ++ data.algo = ctx->info->algo; ++ data.cipher_key = key; ++ ++ if (data.algo >= NSS_CRYPTO_CMN_ALGO_MAX) ++ return -ERANGE; ++ ++ if (ctx->sid != NSS_CRYPTO_SESSION_MAX) { ++ nss_crypto_session_free(ctx->user, ctx->sid); ++ debugfs_remove_recursive(ctx->dentry); ++ ctx->sid = NSS_CRYPTO_SESSION_MAX; ++ } ++ ++ status = nss_crypto_session_alloc(ctx->user, &data, &ctx->sid); ++ if (status < 0) { ++ nss_cfi_err("%px: Unable to allocate crypto session(%d)\n", ctx, status); ++ return status; ++ } ++ ++ nss_cryptoapi_add_ctx2debugfs(ctx); ++ atomic_set(&ctx->active, 1); ++ atomic_set(&ctx->refcnt, 1); ++ return 0; ++} ++ ++/* ++ * nss_cryptoapi_skcipher_done() ++ * Cipher operation completion callback function ++ */ ++void nss_cryptoapi_skcipher_done(void *app_data, struct nss_crypto_hdr *ch, uint8_t status) ++{ ++ struct skcipher_request *req = app_data; ++ struct nss_cryptoapi_ctx *ctx = skcipher_request_ctx(req); ++ int error; ++ ++ BUG_ON(!ch); ++ ++ /* ++ * Check cryptoapi context magic number. ++ */ ++ NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); ++ ++ /* ++ * For skcipher decryption case, the last block of encrypted data is used as ++ * an IV for the next data ++ */ ++ if (ch->op == NSS_CRYPTO_OP_DIR_ENC) { ++ nss_cryptoapi_copy_iv(ctx, req->dst, req->iv, ch->iv_len); ++ } ++ ++ /* ++ * Free crypto hdr ++ */ ++ nss_crypto_hdr_free(ctx->user, ch); ++ ++ nss_cfi_dbg("data dump after transformation\n"); ++ nss_cfi_dbg_data(sg_virt(req->dst), req->cryptlen, ' '); ++ ++ /* ++ * Check if there is any error reported by hardware ++ */ ++ error = nss_cryptoapi_status2error(ctx, status); ++ ctx->stats.completed++; ++ ++ /* ++ * Decrement cryptoapi reference ++ */ ++ nss_cryptoapi_ref_dec(ctx); ++ req->base.complete(&req->base, error); ++} ++ ++/* ++ * nss_cryptoapi_skcipher_encrypt() ++ * Crytoapi encrypt for AES and 3DES algorithms. ++ */ ++int nss_cryptoapi_skcipher_encrypt(struct skcipher_request *req) ++{ ++ struct nss_cryptoapi_info info = {.op_dir = NSS_CRYPTO_OP_DIR_ENC}; ++ struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(req); ++ struct nss_cryptoapi_ctx *ctx = crypto_skcipher_ctx(cipher); ++ struct crypto_tfm *tfm = req->base.tfm; ++ struct scatterlist *cur; ++ int tot_len = 0; ++ int i; ++ ++ /* ++ * Check cryptoapi context magic number. ++ */ ++ NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); ++ ++ /* ++ * Check if cryptoapi context is active or not ++ */ ++ if (!atomic_read(&ctx->active)) ++ return -EINVAL; ++ ++ if (sg_nents(req->src) != sg_nents(req->dst)) { ++ ctx->stats.failed_req++; ++ return -EINVAL; ++ } ++ ++ /* ++ * Block size not aligned. ++ * AES-CTR requires only a one-byte block size alignment. ++ */ ++ if (!IS_ALIGNED(req->cryptlen, crypto_tfm_alg_blocksize(tfm)) && ctx->info->blk_align) { ++ ctx->stats.failed_align++; ++ return -EFAULT; ++ } ++ ++ /* ++ * Fill the request information structure ++ */ ++ info.iv = req->iv; ++ info.src.nsegs = sg_nents(req->src); ++ info.dst.nsegs = sg_nents(req->dst); ++ info.op_dir = NSS_CRYPTO_OP_DIR_ENC; ++ info.cb = nss_cryptoapi_skcipher_done; ++ info.iv_size = ctx->iv_size; ++ info.src.first_sg = req->src; ++ info.dst.first_sg = req->dst; ++ info.dst.last_sg = sg_last(req->dst, info.dst.nsegs); ++ ++ /* out and in length will be same as ablk does only encrypt/decryt operation */ ++ info.total_in_len = info.total_out_len = req->cryptlen; ++ info.in_place = (req->src == req->dst) ? true : false; ++ ++ /* ++ * The exact length of data that needs to be ciphered for an ABLK ++ * request is stored in req->cryptlen. Hence we may have to reduce ++ * the DMA length to what is specified in req->cryptlen and later ++ * restore the length of scatterlist back to its original value. ++ */ ++ for_each_sg(req->src, cur, info.src.nsegs, i) { ++ if (!cur) ++ break; ++ ++ tot_len += cur->length; ++ if (!sg_next(cur)) ++ break; ++ } ++ ++ /* ++ * We only support (2^16 - 1) length. ++ */ ++ if (tot_len > U16_MAX) { ++ ctx->stats.failed_len++; ++ return -EFBIG; ++ } ++ ++ info.src.last_sg = cur; ++ info.ahash_skip = tot_len - req->cryptlen; ++ ++ if (!atomic_inc_not_zero(&ctx->refcnt)) ++ return -ENOENT; ++ ++ return nss_cryptoapi_transform(ctx, &info, (void *)req, false); ++} ++ ++/* ++ * nss_cryptoapi_skcipher_decrypt() ++ * Crytoapi decrypt for AES and 3DES CBC algorithms. ++ */ ++int nss_cryptoapi_skcipher_decrypt(struct skcipher_request *req) ++{ ++ struct nss_cryptoapi_info info = {.op_dir = NSS_CRYPTO_OP_DIR_DEC}; ++ struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(req); ++ struct nss_cryptoapi_ctx *ctx = crypto_skcipher_ctx(cipher); ++ struct crypto_tfm *tfm = req->base.tfm; ++ struct scatterlist *cur; ++ int tot_len = 0; ++ int i; ++ ++ /* ++ * Check cryptoapi context magic number. ++ */ ++ NSS_CRYPTOAPI_VERIFY_MAGIC(ctx); ++ ++ /* ++ * Check if cryptoapi context is active or not ++ */ ++ if (!atomic_read(&ctx->active)) ++ return -EINVAL; ++ ++ if (sg_nents(req->src) != sg_nents(req->dst)) { ++ ctx->stats.failed_req++; ++ return -EINVAL; ++ } ++ ++ /* ++ * Block size not aligned ++ */ ++ if (!IS_ALIGNED(req->cryptlen, crypto_tfm_alg_blocksize(tfm)) && ctx->info->blk_align) { ++ ctx->stats.failed_align++; ++ return -EFAULT; ++ } ++ ++ /* ++ * Fill the request information structure ++ * Note: For CTR mode, IV size will be set to AES_BLOCK_SIZE. ++ * This is because linux gives iv size as 8 while we need to alloc 16 bytes ++ * in crypto hdr to accomodate ++ * - 4 bytes of nonce ++ * - 8 bytes of IV ++ * - 4 bytes of initial counter ++ */ ++ info.iv = req->iv; ++ info.src.nsegs = sg_nents(req->src); ++ info.dst.nsegs = sg_nents(req->dst); ++ info.iv_size = ctx->iv_size; ++ info.op_dir = NSS_CRYPTO_OP_DIR_DEC; ++ info.cb = nss_cryptoapi_skcipher_done; ++ info.src.first_sg = req->src; ++ info.dst.first_sg = req->dst; ++ info.dst.last_sg = sg_last(req->dst, info.dst.nsegs); ++ ++ /* out and in length will be same as ablk does only encrypt/decryt operation */ ++ info.total_in_len = info.total_out_len = req->cryptlen; ++ info.in_place = (req->src == req->dst) ? true : false; ++ ++ /* ++ * The exact length of data that needs to be ciphered for an ABLK ++ * request is stored in req->cryptlen. Hence we may have to reduce ++ * the DMA length to what is specified in req->cryptlen and later ++ * restore the length of scatterlist back to its original value. ++ */ ++ for_each_sg(req->src, cur, info.src.nsegs, i) { ++ tot_len += cur->length; ++ if (!sg_next(cur)) ++ break; ++ } ++ ++ /* ++ * We only support (2^16 - 1) length. ++ */ ++ if (tot_len > U16_MAX) { ++ ctx->stats.failed_len++; ++ return -EFBIG; ++ } ++ ++ info.ahash_skip = tot_len - req->cryptlen; ++ info.src.last_sg = cur; ++ ++ if (!atomic_inc_not_zero(&ctx->refcnt)) ++ return -ENOENT; ++ ++ return nss_cryptoapi_transform(ctx, &info, (void *)req, false); ++} diff --git a/qca/qca-nss-clients/Makefile b/qca-nss-clients/Makefile similarity index 100% rename from qca/qca-nss-clients/Makefile rename to qca-nss-clients/Makefile diff --git a/qca/qca-nss-clients/files/qca-nss-ipsec b/qca-nss-clients/files/qca-nss-ipsec similarity index 100% rename from qca/qca-nss-clients/files/qca-nss-ipsec rename to qca-nss-clients/files/qca-nss-ipsec diff --git a/qca/qca-nss-clients/files/qca-nss-mirred.init b/qca-nss-clients/files/qca-nss-mirred.init similarity index 100% rename from qca/qca-nss-clients/files/qca-nss-mirred.init rename to qca-nss-clients/files/qca-nss-mirred.init diff --git a/qca/qca-nss-clients/files/qca-nss-netlink.init b/qca-nss-clients/files/qca-nss-netlink.init similarity index 100% rename from qca/qca-nss-clients/files/qca-nss-netlink.init rename to qca-nss-clients/files/qca-nss-netlink.init diff --git a/qca/qca-nss-clients/files/qca-nss-ovpn.init b/qca-nss-clients/files/qca-nss-ovpn.init similarity index 100% rename from qca/qca-nss-clients/files/qca-nss-ovpn.init rename to qca-nss-clients/files/qca-nss-ovpn.init diff --git a/qca/qca-nss-clients/patches/0001-kernel-5.15-support-qdisc.patch b/qca-nss-clients/patches/0001-kernel-5.15-support-qdisc.patch similarity index 100% rename from qca/qca-nss-clients/patches/0001-kernel-5.15-support-qdisc.patch rename to qca-nss-clients/patches/0001-kernel-5.15-support-qdisc.patch diff --git a/qca/qca-nss-clients/patches/0002-kernel-5.4-support-gre.patch b/qca-nss-clients/patches/0002-kernel-5.4-support-gre.patch similarity index 100% rename from qca/qca-nss-clients/patches/0002-kernel-5.4-support-gre.patch rename to qca-nss-clients/patches/0002-kernel-5.4-support-gre.patch diff --git a/qca/qca-nss-clients/patches/0003-kernel-5.4-support-ipsec.patch b/qca-nss-clients/patches/0003-kernel-5.4-support-ipsec.patch similarity index 100% rename from qca/qca-nss-clients/patches/0003-kernel-5.4-support-ipsec.patch rename to qca-nss-clients/patches/0003-kernel-5.4-support-ipsec.patch diff --git a/qca/qca-nss-clients/patches/0004-kernel-5.4-support-dtls.patch b/qca-nss-clients/patches/0004-kernel-5.4-support-dtls.patch similarity index 100% rename from qca/qca-nss-clients/patches/0004-kernel-5.4-support-dtls.patch rename to qca-nss-clients/patches/0004-kernel-5.4-support-dtls.patch diff --git a/qca/qca-nss-clients/patches/0005-vlanmgr-fix-compile-error.patch b/qca-nss-clients/patches/0005-vlanmgr-fix-compile-error.patch similarity index 100% rename from qca/qca-nss-clients/patches/0005-vlanmgr-fix-compile-error.patch rename to qca-nss-clients/patches/0005-vlanmgr-fix-compile-error.patch diff --git a/qca/qca-nss-clients/patches/0006-match-fix-compile-error.patch b/qca-nss-clients/patches/0006-match-fix-compile-error.patch similarity index 100% rename from qca/qca-nss-clients/patches/0006-match-fix-compile-error.patch rename to qca-nss-clients/patches/0006-match-fix-compile-error.patch diff --git a/qca/qca-nss-clients/patches/0007-bridge-fix-compile-error.patch b/qca-nss-clients/patches/0007-bridge-fix-compile-error.patch similarity index 100% rename from qca/qca-nss-clients/patches/0007-bridge-fix-compile-error.patch rename to qca-nss-clients/patches/0007-bridge-fix-compile-error.patch diff --git a/qca/qca-nss-clients/patches/0008-profiler-fix-compile-error.patch b/qca-nss-clients/patches/0008-profiler-fix-compile-error.patch similarity index 100% rename from qca/qca-nss-clients/patches/0008-profiler-fix-compile-error.patch rename to qca-nss-clients/patches/0008-profiler-fix-compile-error.patch diff --git a/qca/qca-nss-clients/patches/0009-gre-fix-compile-error.patch b/qca-nss-clients/patches/0009-gre-fix-compile-error.patch similarity index 100% rename from qca/qca-nss-clients/patches/0009-gre-fix-compile-error.patch rename to qca-nss-clients/patches/0009-gre-fix-compile-error.patch diff --git a/qca/qca-nss-clients/patches/0010-fix-portifmgr.patch b/qca-nss-clients/patches/0010-fix-portifmgr.patch similarity index 100% rename from qca/qca-nss-clients/patches/0010-fix-portifmgr.patch rename to qca-nss-clients/patches/0010-fix-portifmgr.patch diff --git a/qca/qca-nss-clients/patches/0011-dtlsmgr-fix-SHA-header-include-in-5.15.patch b/qca-nss-clients/patches/0011-dtlsmgr-fix-SHA-header-include-in-5.15.patch similarity index 100% rename from qca/qca-nss-clients/patches/0011-dtlsmgr-fix-SHA-header-include-in-5.15.patch rename to qca-nss-clients/patches/0011-dtlsmgr-fix-SHA-header-include-in-5.15.patch diff --git a/qca/qca-nss-clients/patches/0012-dtlsmgr-fix-debug-print-in-5.15.patch b/qca-nss-clients/patches/0012-dtlsmgr-fix-debug-print-in-5.15.patch similarity index 100% rename from qca/qca-nss-clients/patches/0012-dtlsmgr-fix-debug-print-in-5.15.patch rename to qca-nss-clients/patches/0012-dtlsmgr-fix-debug-print-in-5.15.patch diff --git a/qca/qca-nss-clients/patches/0013-tlsmgr-fix-SHA-header-include-in-5.15.patch b/qca-nss-clients/patches/0013-tlsmgr-fix-SHA-header-include-in-5.15.patch similarity index 100% rename from qca/qca-nss-clients/patches/0013-tlsmgr-fix-SHA-header-include-in-5.15.patch rename to qca-nss-clients/patches/0013-tlsmgr-fix-SHA-header-include-in-5.15.patch diff --git a/qca/qca-nss-clients/patches/0014-ovpnmgr-fix-SHA-header-include-in-5.15.patch b/qca-nss-clients/patches/0014-ovpnmgr-fix-SHA-header-include-in-5.15.patch similarity index 100% rename from qca/qca-nss-clients/patches/0014-ovpnmgr-fix-SHA-header-include-in-5.15.patch rename to qca-nss-clients/patches/0014-ovpnmgr-fix-SHA-header-include-in-5.15.patch diff --git a/qca/qca-nss-clients/patches/0015-tunipip6-fix-compile-error-in-5.15.patch b/qca-nss-clients/patches/0015-tunipip6-fix-compile-error-in-5.15.patch similarity index 100% rename from qca/qca-nss-clients/patches/0015-tunipip6-fix-compile-error-in-5.15.patch rename to qca-nss-clients/patches/0015-tunipip6-fix-compile-error-in-5.15.patch diff --git a/qca/qca-nss-clients/patches/0016-vxlanmgr-fix-compile-error-in-5.15.patch b/qca-nss-clients/patches/0016-vxlanmgr-fix-compile-error-in-5.15.patch similarity index 100% rename from qca/qca-nss-clients/patches/0016-vxlanmgr-fix-compile-error-in-5.15.patch rename to qca-nss-clients/patches/0016-vxlanmgr-fix-compile-error-in-5.15.patch diff --git a/qca/qca-nss-clients/patches/0017-tlsmgr-fix-debug-print-in-5.15.patch b/qca-nss-clients/patches/0017-tlsmgr-fix-debug-print-in-5.15.patch similarity index 100% rename from qca/qca-nss-clients/patches/0017-tlsmgr-fix-debug-print-in-5.15.patch rename to qca-nss-clients/patches/0017-tlsmgr-fix-debug-print-in-5.15.patch diff --git a/qca/qca-nss-clients/patches/0018-kernel-6.1-support.patch b/qca-nss-clients/patches/0018-kernel-6.1-support.patch similarity index 100% rename from qca/qca-nss-clients/patches/0018-kernel-6.1-support.patch rename to qca-nss-clients/patches/0018-kernel-6.1-support.patch diff --git a/qca/qca-nss-clients/patches/0019-wifi-meshmgr-fix-uninitialized-and-implicit.patch b/qca-nss-clients/patches/0019-wifi-meshmgr-fix-uninitialized-and-implicit.patch similarity index 100% rename from qca/qca-nss-clients/patches/0019-wifi-meshmgr-fix-uninitialized-and-implicit.patch rename to qca-nss-clients/patches/0019-wifi-meshmgr-fix-uninitialized-and-implicit.patch diff --git a/qca/qca-nss-clients/patches/0020-capwapmgr-fix-compile-error.patch b/qca-nss-clients/patches/0020-capwapmgr-fix-compile-error.patch similarity index 100% rename from qca/qca-nss-clients/patches/0020-capwapmgr-fix-compile-error.patch rename to qca-nss-clients/patches/0020-capwapmgr-fix-compile-error.patch diff --git a/qca/qca-nss-clients/patches/0022-netlink-modularize-makefile.patch b/qca-nss-clients/patches/0022-netlink-modularize-makefile.patch similarity index 100% rename from qca/qca-nss-clients/patches/0022-netlink-modularize-makefile.patch rename to qca-nss-clients/patches/0022-netlink-modularize-makefile.patch diff --git a/qca-nss-crypto/Makefile b/qca-nss-crypto/Makefile new file mode 100644 index 0000000..19b5513 --- /dev/null +++ b/qca-nss-crypto/Makefile @@ -0,0 +1,70 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=qca-nss-crypto +PKG_RELEASE:=1 + +PKG_SOURCE_URL:=https://git.codelinaro.org/clo/qsdk/oss/lklm/nss-crypto.git +PKG_SOURCE_PROTO:=git +PKG_SOURCE_DATE:=2022-12-15 +PKG_SOURCE_VERSION:=3c5a574ce99d7f0b9f892002020f1bf9bfc57a81 +PKG_MIRROR_HASH:=ff487c5574481f548eef7b61129fa7be1d83ae285dcc3356a06be237440d8782 + +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/kernel.mk +include $(INCLUDE_DIR)/package.mk + +# v1.0 is for Akronite +# v2.0 is for Hawkeye/Cypress/Maple +ifneq (, $(findstring $(CONFIG_TARGET_SUBTARGET), "ipq807x")) +NSS_CRYPTO_DIR:=v2.0 +else +NSS_CRYPTO_DIR:=v1.0 +endif + +define KernelPackage/qca-nss-crypto + SECTION:=kernel + CATEGORY:=Kernel modules + SUBMENU:=Cryptographic API modules + DEPENDS:=@TARGET_qualcommax +kmod-qca-nss-drv + TITLE:=Kernel driver for NSS crypto driver + FILES:=$(PKG_BUILD_DIR)/$(NSS_CRYPTO_DIR)/src/qca-nss-crypto.ko \ + $(PKG_BUILD_DIR)/$(NSS_CRYPTO_DIR)/tool/qca-nss-crypto-tool.ko + AUTOLOAD:=$(call AutoProbe,qca-nss-crypto) +endef + +define KernelPackage/qca-nss-crypto/Description +This package contains a NSS crypto driver for QCA chipset +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/qca-nss-crypto + $(CP) $(PKG_BUILD_DIR)/$(NSS_CRYPTO_DIR)/include/* $(1)/usr/include/qca-nss-crypto +endef + +EXTRA_CFLAGS+= \ + -DCONFIG_NSS_DEBUG_LEVEL=4 \ + -I$(STAGING_DIR)/usr/include/qca-nss-crypto \ + -I$(STAGING_DIR)/usr/include/qca-nss-drv \ + -I$(PKG_BUILD_DIR)/$(NSS_CRYPTO_DIR)/include \ + -I$(PKG_BUILD_DIR)/$(NSS_CRYPTO_DIR)/src + +ifeq ($(CONFIG_TARGET_BOARD), "qualcommax") + SOC:=$(CONFIG_TARGET_SUBTARGET) +endif + +define Build/Compile + +$(MAKE) -C "$(LINUX_DIR)" \ + CC="$(TARGET_CC)" \ + CROSS_COMPILE="$(TARGET_CROSS)" \ + ARCH="$(LINUX_KARCH)" \ + M="$(PKG_BUILD_DIR)" \ + EXTRA_CFLAGS="$(EXTRA_CFLAGS)" \ + NSS_CRYPTO_DIR=$(NSS_CRYPTO_DIR) \ + SoC=$(SOC) \ + $(KERNEL_MAKE_FLAGS) \ + $(PKG_JOBS) \ + modules +endef + +$(eval $(call KernelPackage,qca-nss-crypto)) diff --git a/qca-nss-crypto/patches/0001-nss-crypto-fix-SHA1-header-include.patch b/qca-nss-crypto/patches/0001-nss-crypto-fix-SHA1-header-include.patch new file mode 100644 index 0000000..c9849a2 --- /dev/null +++ b/qca-nss-crypto/patches/0001-nss-crypto-fix-SHA1-header-include.patch @@ -0,0 +1,27 @@ +From 0c6c593783f2d64a429ad38523661a915aa462fc Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Sun, 13 Mar 2022 13:44:47 +0100 +Subject: [PATCH 1/3] nss-crypto: fix SHA1 header include + +SHA1 header has been merged to the generic SHA one, +and with that the cryptohash.h was dropped. + +So, fix include in kernels 5.8 and newer. + +Signed-off-by: Robert Marko +--- + v2.0/src/nss_crypto_hlos.h | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/v2.0/src/nss_crypto_hlos.h ++++ b/v2.0/src/nss_crypto_hlos.h +@@ -55,7 +55,9 @@ + #include + #include + #include ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) + #include ++#endif + #include + #include + #include diff --git a/qca-nss-crypto/patches/0002-nss-crypto-replace-ioremap_nocache-with-ioremap.patch b/qca-nss-crypto/patches/0002-nss-crypto-replace-ioremap_nocache-with-ioremap.patch new file mode 100644 index 0000000..19454c4 --- /dev/null +++ b/qca-nss-crypto/patches/0002-nss-crypto-replace-ioremap_nocache-with-ioremap.patch @@ -0,0 +1,94 @@ +From 8baa8e747247403c6f814ea5dc3e463c70e0415f Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Tue, 8 Jun 2021 22:14:34 +0200 +Subject: [PATCH 2/3] nss-crypto: replace ioremap_nocache() with ioremap + +ioremap_nocache() was dropped in kernel 5.5 as regular +ioremap() was exactly the same. + +So, simply replace all of the ioremap_nocache() calls +with ioremap(). + +Signed-off-by: Robert Marko +--- + v1.0/src/nss_crypto_dtsi.c | 4 ++-- + v1.0/src/nss_crypto_platform.c | 4 ++-- + v2.0/src/hal/ipq50xx/nss_crypto_ce5.c | 4 ++-- + v2.0/src/hal/ipq60xx/nss_crypto_eip197.c | 2 +- + v2.0/src/hal/ipq807x/nss_crypto_eip197.c | 2 +- + 5 files changed, 8 insertions(+), 8 deletions(-) + +--- a/v1.0/src/nss_crypto_dtsi.c ++++ b/v1.0/src/nss_crypto_dtsi.c +@@ -311,11 +311,11 @@ static int nss_crypto_probe(struct platf + e_ctrl->dev = &pdev->dev; + + e_ctrl->cmd_base = crypto_res.start; +- e_ctrl->crypto_base = ioremap_nocache(e_ctrl->cmd_base, resource_size(&crypto_res)); ++ e_ctrl->crypto_base = ioremap(e_ctrl->cmd_base, resource_size(&crypto_res)); + nss_crypto_assert(e_ctrl->crypto_base); + + e_ctrl->bam_pbase = bam_res.start; +- e_ctrl->bam_base = ioremap_nocache(e_ctrl->bam_pbase, resource_size(&bam_res)); ++ e_ctrl->bam_base = ioremap(e_ctrl->bam_pbase, resource_size(&bam_res)); + nss_crypto_assert(e_ctrl->bam_base); + + e_ctrl->bam_ee = bam_ee; +--- a/v1.0/src/nss_crypto_platform.c ++++ b/v1.0/src/nss_crypto_platform.c +@@ -134,11 +134,11 @@ static int nss_crypto_probe(struct platf + e_ctrl->bam_ee = res->bam_ee; + + e_ctrl->cmd_base = res->crypto_pbase; +- e_ctrl->crypto_base = ioremap_nocache(res->crypto_pbase, res->crypto_pbase_sz); ++ e_ctrl->crypto_base = ioremap(res->crypto_pbase, res->crypto_pbase_sz); + nss_crypto_assert(e_ctrl->crypto_base); + + e_ctrl->bam_pbase = res->bam_pbase; +- e_ctrl->bam_base = ioremap_nocache(res->bam_pbase, res->bam_pbase_sz); ++ e_ctrl->bam_base = ioremap(res->bam_pbase, res->bam_pbase_sz); + nss_crypto_assert(e_ctrl->bam_base); + + /* +--- a/v2.0/src/hal/ipq50xx/nss_crypto_ce5.c ++++ b/v2.0/src/hal/ipq50xx/nss_crypto_ce5.c +@@ -288,7 +288,7 @@ int nss_crypto_ce5_engine_init(struct pl + * remap the I/O addresses for crypto + */ + eng->crypto_paddr = crypto_res->start; +- eng->crypto_vaddr = ioremap_nocache(crypto_res->start, resource_size(crypto_res)); ++ eng->crypto_vaddr = ioremap(crypto_res->start, resource_size(crypto_res)); + if (!eng->crypto_vaddr) { + nss_crypto_warn("%px: unable to remap crypto_addr(0x%px)\n", node, (void *)eng->crypto_paddr); + nss_crypto_engine_free(eng); +@@ -299,7 +299,7 @@ int nss_crypto_ce5_engine_init(struct pl + * remap the I/O addresses for bam + */ + eng->dma_paddr = bam_res->start; +- eng->dma_vaddr = ioremap_nocache(bam_res->start, resource_size(bam_res)); ++ eng->dma_vaddr = ioremap(bam_res->start, resource_size(bam_res)); + if (!eng->dma_vaddr) { + iounmap(eng->crypto_vaddr); + nss_crypto_warn("%px: unable to remap dma_addr(0x%px)\n", node, (void *)eng->dma_paddr); +--- a/v2.0/src/hal/ipq60xx/nss_crypto_eip197.c ++++ b/v2.0/src/hal/ipq60xx/nss_crypto_eip197.c +@@ -490,7 +490,7 @@ int nss_crypto_eip197_engine_init(struct + * remap the I/O addresses + */ + paddr = res->start + offset; +- vaddr = ioremap_nocache(paddr, resource_size(res)); ++ vaddr = ioremap(paddr, resource_size(res)); + if (!vaddr) { + nss_crypto_warn("%px: unable to remap crypto_addr(0x%px)\n", node, (void *)paddr); + return -EIO; +--- a/v2.0/src/hal/ipq807x/nss_crypto_eip197.c ++++ b/v2.0/src/hal/ipq807x/nss_crypto_eip197.c +@@ -490,7 +490,7 @@ int nss_crypto_eip197_engine_init(struct + * remap the I/O addresses + */ + paddr = res->start + offset; +- vaddr = ioremap_nocache(paddr, resource_size(res)); ++ vaddr = ioremap(paddr, resource_size(res)); + if (!vaddr) { + nss_crypto_warn("%px: unable to remap crypto_addr(0x%px)\n", node, (void *)paddr); + return -EIO; diff --git a/qca-nss-crypto/patches/0003-nss-crypto-fix-SHA-header-include-in-5.15.patch b/qca-nss-crypto/patches/0003-nss-crypto-fix-SHA-header-include-in-5.15.patch new file mode 100644 index 0000000..61df791 --- /dev/null +++ b/qca-nss-crypto/patches/0003-nss-crypto-fix-SHA-header-include-in-5.15.patch @@ -0,0 +1,44 @@ +From 96da3ca01ac172e5d858209b3d3d9aefad04423c Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Sun, 13 Mar 2022 13:47:24 +0100 +Subject: [PATCH 3/3] nss-crypto: fix SHA header include in 5.15 + +SHA header was split into SHA-1 and SHA-2 headers in kernel 5.11, so +fix the include for newer kernels. + +Signed-off-by: Robert Marko +--- + v2.0/src/nss_crypto_ctrl.c | 6 ++++++ + v2.0/src/nss_crypto_hlos.h | 4 ++++ + 2 files changed, 10 insertions(+) + +--- a/v2.0/src/nss_crypto_ctrl.c ++++ b/v2.0/src/nss_crypto_ctrl.c +@@ -38,7 +38,13 @@ + #include + #include + #include ++#include ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0) + #include ++#else ++#include ++#include ++#endif + #include + #include + #include +--- a/v2.0/src/nss_crypto_hlos.h ++++ b/v2.0/src/nss_crypto_hlos.h +@@ -58,7 +58,11 @@ + #if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) + #include + #endif ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0) + #include ++#else ++#include ++#endif + #include + #include + #include diff --git a/qca/qca-nss-drv/Config.in b/qca-nss-drv/Config.in similarity index 100% rename from qca/qca-nss-drv/Config.in rename to qca-nss-drv/Config.in diff --git a/qca/qca-nss-drv/Makefile b/qca-nss-drv/Makefile similarity index 100% rename from qca/qca-nss-drv/Makefile rename to qca-nss-drv/Makefile diff --git a/qca/qca-nss-drv/files/qca-nss-drv.conf b/qca-nss-drv/files/qca-nss-drv.conf similarity index 100% rename from qca/qca-nss-drv/files/qca-nss-drv.conf rename to qca-nss-drv/files/qca-nss-drv.conf diff --git a/qca/qca-nss-drv/files/qca-nss-drv.debug b/qca-nss-drv/files/qca-nss-drv.debug similarity index 100% rename from qca/qca-nss-drv/files/qca-nss-drv.debug rename to qca-nss-drv/files/qca-nss-drv.debug diff --git a/qca/qca-nss-drv/files/qca-nss-drv.hotplug b/qca-nss-drv/files/qca-nss-drv.hotplug similarity index 100% rename from qca/qca-nss-drv/files/qca-nss-drv.hotplug rename to qca-nss-drv/files/qca-nss-drv.hotplug diff --git a/qca/qca-nss-drv/files/qca-nss-drv.init b/qca-nss-drv/files/qca-nss-drv.init similarity index 100% rename from qca/qca-nss-drv/files/qca-nss-drv.init rename to qca-nss-drv/files/qca-nss-drv.init diff --git a/qca/qca-nss-drv/files/qca-nss-drv.sysctl b/qca-nss-drv/files/qca-nss-drv.sysctl similarity index 100% rename from qca/qca-nss-drv/files/qca-nss-drv.sysctl rename to qca-nss-drv/files/qca-nss-drv.sysctl diff --git a/qca/qca-nss-drv/patches/0001-nss-drv-replace-ioremap_nocache-with-ioremap.patch b/qca-nss-drv/patches/0001-nss-drv-replace-ioremap_nocache-with-ioremap.patch similarity index 100% rename from qca/qca-nss-drv/patches/0001-nss-drv-replace-ioremap_nocache-with-ioremap.patch rename to qca-nss-drv/patches/0001-nss-drv-replace-ioremap_nocache-with-ioremap.patch diff --git a/qca/qca-nss-drv/patches/0002-nss-drv-add-support-for-kernel-5.15.patch b/qca-nss-drv/patches/0002-nss-drv-add-support-for-kernel-5.15.patch similarity index 100% rename from qca/qca-nss-drv/patches/0002-nss-drv-add-support-for-kernel-5.15.patch rename to qca-nss-drv/patches/0002-nss-drv-add-support-for-kernel-5.15.patch diff --git a/qca/qca-nss-drv/patches/0003-DMA-Fix-NULL-pointer-exceptions.patch b/qca-nss-drv/patches/0003-DMA-Fix-NULL-pointer-exceptions.patch similarity index 100% rename from qca/qca-nss-drv/patches/0003-DMA-Fix-NULL-pointer-exceptions.patch rename to qca-nss-drv/patches/0003-DMA-Fix-NULL-pointer-exceptions.patch diff --git a/qca/qca-nss-drv/patches/0004-nss-drv-rework-NSS_CORE_DMA_CACHE_MAINT-ops.patch b/qca-nss-drv/patches/0004-nss-drv-rework-NSS_CORE_DMA_CACHE_MAINT-ops.patch similarity index 100% rename from qca/qca-nss-drv/patches/0004-nss-drv-rework-NSS_CORE_DMA_CACHE_MAINT-ops.patch rename to qca-nss-drv/patches/0004-nss-drv-rework-NSS_CORE_DMA_CACHE_MAINT-ops.patch diff --git a/qca/qca-nss-drv/patches/0005-nss-drv-rework-getting-the-reserved-memory-size.patch b/qca-nss-drv/patches/0005-nss-drv-rework-getting-the-reserved-memory-size.patch similarity index 100% rename from qca/qca-nss-drv/patches/0005-nss-drv-rework-getting-the-reserved-memory-size.patch rename to qca-nss-drv/patches/0005-nss-drv-rework-getting-the-reserved-memory-size.patch diff --git a/qca/qca-nss-drv/patches/0006-nss-drv-Fix-nss_clmap_stats-enum-int-compilation-error-GCC-13.patch b/qca-nss-drv/patches/0006-nss-drv-Fix-nss_clmap_stats-enum-int-compilation-error-GCC-13.patch similarity index 100% rename from qca/qca-nss-drv/patches/0006-nss-drv-Fix-nss_clmap_stats-enum-int-compilation-error-GCC-13.patch rename to qca-nss-drv/patches/0006-nss-drv-Fix-nss_clmap_stats-enum-int-compilation-error-GCC-13.patch diff --git a/qca/qca-nss-drv/patches/0007-nss-drv-Fix-nss_wifili_if-compilation-error-GCC-13.patch b/qca-nss-drv/patches/0007-nss-drv-Fix-nss_wifili_if-compilation-error-GCC-13.patch similarity index 100% rename from qca/qca-nss-drv/patches/0007-nss-drv-Fix-nss_wifili_if-compilation-error-GCC-13.patch rename to qca-nss-drv/patches/0007-nss-drv-Fix-nss_wifili_if-compilation-error-GCC-13.patch diff --git a/qca/qca-nss-drv/patches/0008-Add-kernel-6.1-support.patch b/qca-nss-drv/patches/0008-Add-kernel-6.1-support.patch similarity index 100% rename from qca/qca-nss-drv/patches/0008-Add-kernel-6.1-support.patch rename to qca-nss-drv/patches/0008-Add-kernel-6.1-support.patch diff --git a/qca/qca-nss-drv/patches/0010-nss-drv-dynamic-interface-desc.patch b/qca-nss-drv/patches/0010-nss-drv-dynamic-interface-desc.patch similarity index 100% rename from qca/qca-nss-drv/patches/0010-nss-drv-dynamic-interface-desc.patch rename to qca-nss-drv/patches/0010-nss-drv-dynamic-interface-desc.patch diff --git a/qca/qca-nss-drv/patches/0011-nss-drv-remove-gmac-stat.patch b/qca-nss-drv/patches/0011-nss-drv-remove-gmac-stat.patch similarity index 100% rename from qca/qca-nss-drv/patches/0011-nss-drv-remove-gmac-stat.patch rename to qca-nss-drv/patches/0011-nss-drv-remove-gmac-stat.patch diff --git a/qca/qca-nss-drv/patches/0012-nss-drv-quiet-messages.patch b/qca-nss-drv/patches/0012-nss-drv-quiet-messages.patch similarity index 100% rename from qca/qca-nss-drv/patches/0012-nss-drv-quiet-messages.patch rename to qca-nss-drv/patches/0012-nss-drv-quiet-messages.patch diff --git a/qca/qca-nss-drv/patches/0013-nss-drv-remove-legacy-wifi.patch b/qca-nss-drv/patches/0013-nss-drv-remove-legacy-wifi.patch similarity index 100% rename from qca/qca-nss-drv/patches/0013-nss-drv-remove-legacy-wifi.patch rename to qca-nss-drv/patches/0013-nss-drv-remove-legacy-wifi.patch diff --git a/qca/qca-nss-drv/patches/0014-nss-drv-avoid-recreating-virt_if.patch b/qca-nss-drv/patches/0014-nss-drv-avoid-recreating-virt_if.patch similarity index 100% rename from qca/qca-nss-drv/patches/0014-nss-drv-avoid-recreating-virt_if.patch rename to qca-nss-drv/patches/0014-nss-drv-avoid-recreating-virt_if.patch diff --git a/qca/qca-nss-drv/patches/0015-nss-drv-fix-igs.patch b/qca-nss-drv/patches/0015-nss-drv-fix-igs.patch similarity index 100% rename from qca/qca-nss-drv/patches/0015-nss-drv-fix-igs.patch rename to qca-nss-drv/patches/0015-nss-drv-fix-igs.patch diff --git a/qca/qca-nss-ecm/Makefile b/qca-nss-ecm/Makefile similarity index 100% rename from qca/qca-nss-ecm/Makefile rename to qca-nss-ecm/Makefile diff --git a/qca/qca-nss-ecm/files/disable_offloads.hotplug b/qca-nss-ecm/files/disable_offloads.hotplug similarity index 100% rename from qca/qca-nss-ecm/files/disable_offloads.hotplug rename to qca-nss-ecm/files/disable_offloads.hotplug diff --git a/qca/qca-nss-ecm/files/disable_offloads.sh b/qca-nss-ecm/files/disable_offloads.sh similarity index 100% rename from qca/qca-nss-ecm/files/disable_offloads.sh rename to qca-nss-ecm/files/disable_offloads.sh diff --git a/qca/qca-nss-ecm/files/ecm_dump.sh b/qca-nss-ecm/files/ecm_dump.sh similarity index 100% rename from qca/qca-nss-ecm/files/ecm_dump.sh rename to qca-nss-ecm/files/ecm_dump.sh diff --git a/qca/qca-nss-ecm/files/on-demand-down b/qca-nss-ecm/files/on-demand-down similarity index 100% rename from qca/qca-nss-ecm/files/on-demand-down rename to qca-nss-ecm/files/on-demand-down diff --git a/qca/qca-nss-ecm/files/qca-nss-ecm.defaults b/qca-nss-ecm/files/qca-nss-ecm.defaults similarity index 100% rename from qca/qca-nss-ecm/files/qca-nss-ecm.defaults rename to qca-nss-ecm/files/qca-nss-ecm.defaults diff --git a/qca/qca-nss-ecm/files/qca-nss-ecm.firewall b/qca-nss-ecm/files/qca-nss-ecm.firewall similarity index 100% rename from qca/qca-nss-ecm/files/qca-nss-ecm.firewall rename to qca-nss-ecm/files/qca-nss-ecm.firewall diff --git a/qca/qca-nss-ecm/files/qca-nss-ecm.init b/qca-nss-ecm/files/qca-nss-ecm.init similarity index 100% rename from qca/qca-nss-ecm/files/qca-nss-ecm.init rename to qca-nss-ecm/files/qca-nss-ecm.init diff --git a/qca/qca-nss-ecm/files/qca-nss-ecm.sysctl b/qca-nss-ecm/files/qca-nss-ecm.sysctl similarity index 100% rename from qca/qca-nss-ecm/files/qca-nss-ecm.sysctl rename to qca-nss-ecm/files/qca-nss-ecm.sysctl diff --git a/qca/qca-nss-ecm/files/qca-nss-ecm.uci b/qca-nss-ecm/files/qca-nss-ecm.uci similarity index 100% rename from qca/qca-nss-ecm/files/qca-nss-ecm.uci rename to qca-nss-ecm/files/qca-nss-ecm.uci diff --git a/qca/qca-nss-ecm/patches/0001-treewide-componentize-the-module-even-more.patch b/qca-nss-ecm/patches/0001-treewide-componentize-the-module-even-more.patch similarity index 100% rename from qca/qca-nss-ecm/patches/0001-treewide-componentize-the-module-even-more.patch rename to qca-nss-ecm/patches/0001-treewide-componentize-the-module-even-more.patch diff --git a/qca/qca-nss-ecm/patches/0002-treewide-rework-ipv6_dev_find_and_hold.patch b/qca-nss-ecm/patches/0002-treewide-rework-ipv6_dev_find_and_hold.patch similarity index 100% rename from qca/qca-nss-ecm/patches/0002-treewide-rework-ipv6_dev_find_and_hold.patch rename to qca-nss-ecm/patches/0002-treewide-rework-ipv6_dev_find_and_hold.patch diff --git a/qca/qca-nss-ecm/patches/0004-qca-nss-ecm-resolve-the-cpu-high-load-regarding-ecm.patch b/qca-nss-ecm/patches/0004-qca-nss-ecm-resolve-the-cpu-high-load-regarding-ecm.patch similarity index 100% rename from qca/qca-nss-ecm/patches/0004-qca-nss-ecm-resolve-the-cpu-high-load-regarding-ecm.patch rename to qca-nss-ecm/patches/0004-qca-nss-ecm-resolve-the-cpu-high-load-regarding-ecm.patch diff --git a/qca/qca-nss-ecm/patches/0006-treewide-rework-notifier-changes-for-5.15.patch b/qca-nss-ecm/patches/0006-treewide-rework-notifier-changes-for-5.15.patch similarity index 100% rename from qca/qca-nss-ecm/patches/0006-treewide-rework-notifier-changes-for-5.15.patch rename to qca-nss-ecm/patches/0006-treewide-rework-notifier-changes-for-5.15.patch diff --git a/qca/qca-nss-ecm/patches/0008-ecm_tracker_datagram-drop-static-for-EXPORT_SYMBOL.patch b/qca-nss-ecm/patches/0008-ecm_tracker_datagram-drop-static-for-EXPORT_SYMBOL.patch similarity index 100% rename from qca/qca-nss-ecm/patches/0008-ecm_tracker_datagram-drop-static-for-EXPORT_SYMBOL.patch rename to qca-nss-ecm/patches/0008-ecm_tracker_datagram-drop-static-for-EXPORT_SYMBOL.patch diff --git a/qca/qca-nss-ecm/patches/0009-frontends-drop-udp_get_timeouts-and-use-standard-ups.patch b/qca-nss-ecm/patches/0009-frontends-drop-udp_get_timeouts-and-use-standard-ups.patch similarity index 100% rename from qca/qca-nss-ecm/patches/0009-frontends-drop-udp_get_timeouts-and-use-standard-ups.patch rename to qca-nss-ecm/patches/0009-frontends-drop-udp_get_timeouts-and-use-standard-ups.patch diff --git a/qca/qca-nss-ecm/patches/0010-ecm_interface-fix-ppp-generic-function-calls-for-5.15.patch b/qca-nss-ecm/patches/0010-ecm_interface-fix-ppp-generic-function-calls-for-5.15.patch similarity index 100% rename from qca/qca-nss-ecm/patches/0010-ecm_interface-fix-ppp-generic-function-calls-for-5.15.patch rename to qca-nss-ecm/patches/0010-ecm_interface-fix-ppp-generic-function-calls-for-5.15.patch diff --git a/qca/qca-nss-ecm/patches/0011-ecm_classifier-move-defs.patch b/qca-nss-ecm/patches/0011-ecm_classifier-move-defs.patch similarity index 100% rename from qca/qca-nss-ecm/patches/0011-ecm_classifier-move-defs.patch rename to qca-nss-ecm/patches/0011-ecm_classifier-move-defs.patch diff --git a/qca/qca-nss-ecm/patches/0012-ecm_add-check-for-pppoe.patch b/qca-nss-ecm/patches/0012-ecm_add-check-for-pppoe.patch similarity index 100% rename from qca/qca-nss-ecm/patches/0012-ecm_add-check-for-pppoe.patch rename to qca-nss-ecm/patches/0012-ecm_add-check-for-pppoe.patch diff --git a/qca/qca-nss-ecm/patches/900-treewide-export-ipv4-and-ipv6-symbols.patch b/qca-nss-ecm/patches/900-treewide-export-ipv4-and-ipv6-symbols.patch similarity index 100% rename from qca/qca-nss-ecm/patches/900-treewide-export-ipv4-and-ipv6-symbols.patch rename to qca-nss-ecm/patches/900-treewide-export-ipv4-and-ipv6-symbols.patch diff --git a/qca/qca-nss-ecm/patches/901-qca-nss-ecm-fix-a-memcpy-overflow-in-ecm_db.patch b/qca-nss-ecm/patches/901-qca-nss-ecm-fix-a-memcpy-overflow-in-ecm_db.patch similarity index 100% rename from qca/qca-nss-ecm/patches/901-qca-nss-ecm-fix-a-memcpy-overflow-in-ecm_db.patch rename to qca-nss-ecm/patches/901-qca-nss-ecm-fix-a-memcpy-overflow-in-ecm_db.patch diff --git a/qca/qca-nss-macsec/Makefile b/qca-nss-macsec/Makefile similarity index 100% rename from qca/qca-nss-macsec/Makefile rename to qca-nss-macsec/Makefile diff --git a/qca/qca-nss-macsec/patches/0001-change-warning-to-debug.patch b/qca-nss-macsec/patches/0001-change-warning-to-debug.patch similarity index 100% rename from qca/qca-nss-macsec/patches/0001-change-warning-to-debug.patch rename to qca-nss-macsec/patches/0001-change-warning-to-debug.patch diff --git a/qca/qca-ssdk-shell/Makefile b/qca-ssdk-shell/Makefile similarity index 100% rename from qca/qca-ssdk-shell/Makefile rename to qca-ssdk-shell/Makefile diff --git a/qca/qca-ssdk-shell/patches/0001-qca-ssdk-shell-Fix-fal_port_cdt-compilation-error-GCC-13.patch b/qca-ssdk-shell/patches/0001-qca-ssdk-shell-Fix-fal_port_cdt-compilation-error-GCC-13.patch similarity index 100% rename from qca/qca-ssdk-shell/patches/0001-qca-ssdk-shell-Fix-fal_port_cdt-compilation-error-GCC-13.patch rename to qca-ssdk-shell/patches/0001-qca-ssdk-shell-Fix-fal_port_cdt-compilation-error-GCC-13.patch diff --git a/qca/qrtr/Makefile b/qca/qrtr/Makefile deleted file mode 100644 index 135d1bc..0000000 --- a/qca/qrtr/Makefile +++ /dev/null @@ -1,32 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=qrtr -PKG_RELEASE:=$(AUTORELEASE) - -PKG_SOURCE_URL:=https://git.codelinaro.org/clo/qsdk/qrtr.git -PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2019-07-25 -PKG_SOURCE_VERSION:=cd6bedd5d00f211e6c1e3803ff2f9f53c246435e -PKG_MIRROR_HASH:=a06d2b4b11101655606b5592199c137466595e9f420c0d6780128dcb5df5f253 - -include $(INCLUDE_DIR)/package.mk - -define Package/qrtr - SECTION:=utils - CATEGORY:=Utilities - TITLE:=QRTR tools - DEPENDS:=@(TARGET_qualcommax) -endef - -define Package/qrtr/description - Set of QRTR related configuration and debugging tools. -endef - -define Package/qrtr/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/qrtr-cfg $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/qrtr-lookup $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/qrtr-ns $(1)/usr/sbin -endef - -$(eval $(call BuildPackage,qrtr)) diff --git a/utils/mhz/Makefile b/utils/mhz/Makefile deleted file mode 100644 index 6cea1b0..0000000 --- a/utils/mhz/Makefile +++ /dev/null @@ -1,27 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=mhz -PKG_RELEASE:=1 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL=https://github.com/wtarreau/mhz.git -PKG_SOURCE_DATE:=2022-08-17 -PKG_SOURCE_VERSION:=6ec38cbb1371d20078a7a5059dd9faa5b281b2d9 -PKG_MIRROR_HASH:=a98bd9f97b470606ab71c7244eb92a0955e3976986590dc9139770ffc8c9ba67 - -PKG_MAINTAINER:=Robert Marko - -include $(INCLUDE_DIR)/package.mk - -define Package/mhz - SECTION:=utils - CATEGORY:=Utilities - TITLE:=CPU frequency measurement utility -endef - -define Package/mhz/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/mhz $(1)/usr/sbin/mhz -endef - -$(eval $(call BuildPackage,mhz))