From 56d7544ebb722827e046818a7a030caaec1e7ed6 Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@openwrt.org>
Date: Sun, 24 Jul 2011 14:17:58 +0000
Subject: ocf-linux: version bump to 20110720

Fixes problem with TFM allocation in cryptosoft.c


Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

Hauke:
 * remove ubsec_ssb package and take it from ocf-linux
 * use patches from ocf-linux package
 * refresh all patches
 * readd some build fixes for OpenWrt.
 * readd CRYPTO_MANAGER dependency


git-svn-id: svn://svn.openwrt.org/openwrt/trunk@27753 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 .../linux/generic/files/crypto/ocf/safe/hmachack.h | 37 +++++++++++
 target/linux/generic/files/crypto/ocf/safe/safe.c  | 73 +++-------------------
 .../linux/generic/files/crypto/ocf/safe/safevar.h  |  1 -
 3 files changed, 44 insertions(+), 67 deletions(-)
 create mode 100644 target/linux/generic/files/crypto/ocf/safe/hmachack.h

(limited to 'target/linux/generic/files/crypto/ocf/safe')

diff --git a/target/linux/generic/files/crypto/ocf/safe/hmachack.h b/target/linux/generic/files/crypto/ocf/safe/hmachack.h
new file mode 100644
index 0000000000..598c958560
--- /dev/null
+++ b/target/linux/generic/files/crypto/ocf/safe/hmachack.h
@@ -0,0 +1,37 @@
+/*
+ * until we find a cleaner way, include the BSD md5/sha1 code
+ * here
+ */
+#ifdef HMAC_HACK
+#define LITTLE_ENDIAN 1234
+#define BIG_ENDIAN 4321
+#ifdef __LITTLE_ENDIAN
+#define BYTE_ORDER LITTLE_ENDIAN
+#endif
+#ifdef __BIG_ENDIAN
+#define BYTE_ORDER BIG_ENDIAN
+#endif
+
+u_int8_t hmac_ipad_buffer[64] = {
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
+};
+
+u_int8_t hmac_opad_buffer[64] = {
+    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
+    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
+    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
+    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
+    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
+    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
+    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
+    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C
+};
+#endif /* HMAC_HACK */
+
diff --git a/target/linux/generic/files/crypto/ocf/safe/safe.c b/target/linux/generic/files/crypto/ocf/safe/safe.c
index de7743154f..189b95f609 100644
--- a/target/linux/generic/files/crypto/ocf/safe/safe.c
+++ b/target/linux/generic/files/crypto/ocf/safe/safe.c
@@ -32,10 +32,8 @@ __FBSDID("$FreeBSD: src/sys/dev/safe/safe.c,v 1.18 2007/03/21 03:42:50 sam Exp $
  */
 
 #include <linux/version.h>
-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-#include <generated/autoconf.h>
-#else
-#include <linux/autoconf.h>
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
+#include <linux/config.h>
 #endif
 #include <linux/module.h>
 #include <linux/kernel.h>
@@ -49,7 +47,6 @@ __FBSDID("$FreeBSD: src/sys/dev/safe/safe.c,v 1.18 2007/03/21 03:42:50 sam Exp $
 #include <linux/interrupt.h>
 #include <linux/spinlock.h>
 #include <linux/random.h>
-#include <linux/version.h>
 #include <linux/skbuff.h>
 #include <asm/io.h>
 
@@ -80,40 +77,11 @@ __FBSDID("$FreeBSD: src/sys/dev/safe/safe.c,v 1.18 2007/03/21 03:42:50 sam Exp $
  */
 #define HMAC_HACK 1
 #ifdef HMAC_HACK
-#define LITTLE_ENDIAN 1234
-#define BIG_ENDIAN 4321
-#ifdef __LITTLE_ENDIAN
-#define BYTE_ORDER LITTLE_ENDIAN
-#endif
-#ifdef __BIG_ENDIAN
-#define BYTE_ORDER BIG_ENDIAN
-#endif
+#include <safe/hmachack.h>
 #include <safe/md5.h>
 #include <safe/md5.c>
 #include <safe/sha1.h>
 #include <safe/sha1.c>
-
-u_int8_t hmac_ipad_buffer[64] = {
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
-};
-
-u_int8_t hmac_opad_buffer[64] = {
-    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
-    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
-    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
-    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
-    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
-    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
-    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
-    0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C
-};
 #endif /* HMAC_HACK */
 
 /* add proc entry for this */
@@ -564,10 +532,6 @@ safe_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri)
 	ses->ses_used = 1;
 
 	if (encini) {
-		/* get an IV */
-		/* XXX may read fewer than requested */
-		read_random(ses->ses_iv, sizeof(ses->ses_iv));
-
 		ses->ses_klen = encini->cri_klen;
 		if (encini->cri_key != NULL)
 			safe_setup_enckey(ses, encini->cri_key);
@@ -630,7 +594,7 @@ safe_process(device_t dev, struct cryptop *crp, int hint)
 	struct safe_ringentry *re;
 	struct safe_sarec *sa;
 	struct safe_pdesc *pd;
-	u_int32_t cmd0, cmd1, staterec;
+	u_int32_t cmd0, cmd1, staterec, rand_iv[4];
 	unsigned long flags;
 
 	DPRINTF(("%s()\n", __FUNCTION__));
@@ -779,7 +743,7 @@ safe_process(device_t dev, struct cryptop *crp, int hint)
 			if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
 				iv = enccrd->crd_iv;
 			else
-				iv = (caddr_t) ses->ses_iv;
+				read_random((iv = (caddr_t) &rand_iv[0]), sizeof(rand_iv));
 			if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) {
 				crypto_copyback(crp->crp_flags, crp->crp_buf,
 				    enccrd->crd_inject, ivsize, iv);
@@ -1129,31 +1093,6 @@ safe_callback(struct safe_softc *sc, struct safe_ringentry *re)
 		return;
 	}
 
-	if (re->re_flags & SAFE_QFLAGS_COPYOUTIV) {
-		/* copy out IV for future use */
-		for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
-			int i;
-			int ivsize;
-
-			if (crd->crd_alg == CRYPTO_DES_CBC ||
-			    crd->crd_alg == CRYPTO_3DES_CBC) {
-				ivsize = 2*sizeof(u_int32_t);
-			} else if (crd->crd_alg == CRYPTO_AES_CBC) {
-				ivsize = 4*sizeof(u_int32_t);
-			} else
-				continue;
-			crypto_copydata(crp->crp_flags, crp->crp_buf,
-			    crd->crd_skip + crd->crd_len - ivsize, ivsize,
-			    (caddr_t)sc->sc_sessions[re->re_sesn].ses_iv);
-			for (i = 0;
-					i < ivsize/sizeof(sc->sc_sessions[re->re_sesn].ses_iv[0]);
-					i++)
-				sc->sc_sessions[re->re_sesn].ses_iv[i] =
-					cpu_to_le32(sc->sc_sessions[re->re_sesn].ses_iv[i]);
-			break;
-		}
-	}
-
 	if (re->re_flags & SAFE_QFLAGS_COPYOUTICV) {
 		/* copy out ICV result */
 		for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
@@ -2005,10 +1944,12 @@ static int safe_probe(struct pci_dev *dev, const struct pci_device_id *ent)
 		return(-ENODEV);
 	}
 
+#ifdef HAVE_PCI_SET_MWI
 	if (pci_set_mwi(dev)) {
 		printk("safe: pci_set_mwi failed!");
 		return(-ENODEV);
 	}
+#endif
 
 	sc = (struct safe_softc *) kmalloc(sizeof(*sc), GFP_KERNEL);
 	if (!sc)
diff --git a/target/linux/generic/files/crypto/ocf/safe/safevar.h b/target/linux/generic/files/crypto/ocf/safe/safevar.h
index 9039a5d31b..11d8304aac 100644
--- a/target/linux/generic/files/crypto/ocf/safe/safevar.h
+++ b/target/linux/generic/files/crypto/ocf/safe/safevar.h
@@ -145,7 +145,6 @@ struct safe_session {
 	u_int32_t	ses_mlen;		/* hmac length in bytes */
 	u_int32_t	ses_hminner[5];		/* hmac inner state */
 	u_int32_t	ses_hmouter[5];		/* hmac outer state */
-	u_int32_t	ses_iv[4];		/* DES/3DES/AES iv */
 };
 
 struct safe_pkq {
-- 
cgit v1.2.3