358ba762d9
Instantiate CAAM RNG with prediction resistance enabled to improve its quality (with PR on DRNG is forced to reseed from TRNG every time random data is generated). Management Complex firmware with version lower than 10.20.0 doesn't provide prediction resistance support. Consider this and only instantiate rng when mc f/w version is lower. Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com> Signed-off-by: Andrei Botila <andrei.botila@nxp.com> Cc: Chris Healy <cphealy@gmail.com> Cc: Lucas Stach <l.stach@pengutronix.de> Cc: Horia Geantă <horia.geanta@nxp.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Iuliana Prodan <iuliana.prodan@nxp.com> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-imx@nxp.com Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
175 lines
5.0 KiB
Plaintext
175 lines
5.0 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0
|
|
config CRYPTO_DEV_FSL_CAAM_COMMON
|
|
tristate
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC
|
|
tristate
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_AHASH_API_DESC
|
|
tristate
|
|
|
|
config CRYPTO_DEV_FSL_CAAM
|
|
tristate "Freescale CAAM-Multicore platform driver backend"
|
|
depends on FSL_SOC || ARCH_MXC || ARCH_LAYERSCAPE
|
|
select SOC_BUS
|
|
select CRYPTO_DEV_FSL_CAAM_COMMON
|
|
imply FSL_MC_BUS
|
|
help
|
|
Enables the driver module for Freescale's Cryptographic Accelerator
|
|
and Assurance Module (CAAM), also known as the SEC version 4 (SEC4).
|
|
This module creates job ring devices, and configures h/w
|
|
to operate as a DPAA component automatically, depending
|
|
on h/w feature availability.
|
|
|
|
To compile this driver as a module, choose M here: the module
|
|
will be called caam.
|
|
|
|
if CRYPTO_DEV_FSL_CAAM
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_DEBUG
|
|
bool "Enable debug output in CAAM driver"
|
|
help
|
|
Selecting this will enable printing of various debug
|
|
information in the CAAM driver.
|
|
|
|
menuconfig CRYPTO_DEV_FSL_CAAM_JR
|
|
tristate "Freescale CAAM Job Ring driver backend"
|
|
select CRYPTO_ENGINE
|
|
default y
|
|
help
|
|
Enables the driver module for Job Rings which are part of
|
|
Freescale's Cryptographic Accelerator
|
|
and Assurance Module (CAAM). This module adds a job ring operation
|
|
interface.
|
|
|
|
To compile this driver as a module, choose M here: the module
|
|
will be called caam_jr.
|
|
|
|
if CRYPTO_DEV_FSL_CAAM_JR
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_RINGSIZE
|
|
int "Job Ring size"
|
|
range 2 9
|
|
default "9"
|
|
help
|
|
Select size of Job Rings as a power of 2, within the
|
|
range 2-9 (ring size 4-512).
|
|
Examples:
|
|
2 => 4
|
|
3 => 8
|
|
4 => 16
|
|
5 => 32
|
|
6 => 64
|
|
7 => 128
|
|
8 => 256
|
|
9 => 512
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_INTC
|
|
bool "Job Ring interrupt coalescing"
|
|
help
|
|
Enable the Job Ring's interrupt coalescing feature.
|
|
|
|
Note: the driver already provides adequate
|
|
interrupt coalescing in software.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_INTC_COUNT_THLD
|
|
int "Job Ring interrupt coalescing count threshold"
|
|
depends on CRYPTO_DEV_FSL_CAAM_INTC
|
|
range 1 255
|
|
default 255
|
|
help
|
|
Select number of descriptor completions to queue before
|
|
raising an interrupt, in the range 1-255. Note that a selection
|
|
of 1 functionally defeats the coalescing feature, and a selection
|
|
equal or greater than the job ring size will force timeouts.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_INTC_TIME_THLD
|
|
int "Job Ring interrupt coalescing timer threshold"
|
|
depends on CRYPTO_DEV_FSL_CAAM_INTC
|
|
range 1 65535
|
|
default 2048
|
|
help
|
|
Select number of bus clocks/64 to timeout in the case that one or
|
|
more descriptor completions are queued without reaching the count
|
|
threshold. Range is 1-65535.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_CRYPTO_API
|
|
bool "Register algorithm implementations with the Crypto API"
|
|
default y
|
|
select CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC
|
|
select CRYPTO_AEAD
|
|
select CRYPTO_AUTHENC
|
|
select CRYPTO_SKCIPHER
|
|
select CRYPTO_LIB_DES
|
|
help
|
|
Selecting this will offload crypto for users of the
|
|
scatterlist crypto API (such as the linux native IPSec
|
|
stack) to the SEC4 via job ring.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_CRYPTO_API_QI
|
|
bool "Queue Interface as Crypto API backend"
|
|
depends on FSL_DPAA && NET
|
|
default y
|
|
select CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC
|
|
select CRYPTO_AUTHENC
|
|
select CRYPTO_SKCIPHER
|
|
select CRYPTO_DES
|
|
help
|
|
Selecting this will use CAAM Queue Interface (QI) for sending
|
|
& receiving crypto jobs to/from CAAM. This gives better performance
|
|
than job ring interface when the number of cores are more than the
|
|
number of job rings assigned to the kernel. The number of portals
|
|
assigned to the kernel should also be more than the number of
|
|
job rings.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_AHASH_API
|
|
bool "Register hash algorithm implementations with Crypto API"
|
|
default y
|
|
select CRYPTO_DEV_FSL_CAAM_AHASH_API_DESC
|
|
select CRYPTO_HASH
|
|
help
|
|
Selecting this will offload ahash for users of the
|
|
scatterlist crypto API to the SEC4 via job ring.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_PKC_API
|
|
bool "Register public key cryptography implementations with Crypto API"
|
|
default y
|
|
select CRYPTO_RSA
|
|
help
|
|
Selecting this will allow SEC Public key support for RSA.
|
|
Supported cryptographic primitives: encryption, decryption,
|
|
signature and verification.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_RNG_API
|
|
bool "Register caam device for hwrng API"
|
|
default y
|
|
select CRYPTO_RNG
|
|
select HW_RANDOM
|
|
help
|
|
Selecting this will register the SEC4 hardware rng to
|
|
the hw_random API for suppying the kernel entropy pool.
|
|
|
|
endif # CRYPTO_DEV_FSL_CAAM_JR
|
|
|
|
endif # CRYPTO_DEV_FSL_CAAM
|
|
|
|
config CRYPTO_DEV_FSL_DPAA2_CAAM
|
|
tristate "QorIQ DPAA2 CAAM (DPSECI) driver"
|
|
depends on FSL_MC_DPIO
|
|
depends on NETDEVICES
|
|
select CRYPTO_DEV_FSL_CAAM_COMMON
|
|
select CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC
|
|
select CRYPTO_DEV_FSL_CAAM_AHASH_API_DESC
|
|
select CRYPTO_SKCIPHER
|
|
select CRYPTO_AUTHENC
|
|
select CRYPTO_AEAD
|
|
select CRYPTO_HASH
|
|
select CRYPTO_DES
|
|
help
|
|
CAAM driver for QorIQ Data Path Acceleration Architecture 2.
|
|
It handles DPSECI DPAA2 objects that sit on the Management Complex
|
|
(MC) fsl-mc bus.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called dpaa2_caam.
|