cryptodev: disable RSA_KEYGEN if pkc-host installed

Currently pkc-host does not support RSA_KEYGEN. When pkc-host
installed, RSA keygen operations should be avoided.

Introduce DISTRO_FEATURE "c29x_pkc". To install pkc-host, this
feature should be enabled. Then cryptodev checks it to disable
RSA_KEYGEN.

this can be done in conf/local.conf:
DISTRO_FEATURES_append = " c29x_pkc"

Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>

diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-fsl/0001-don-t-advertise-RSA-keygen.patch b/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-fsl/0001-don-t-advertise-RSA-keygen.patch
new file mode 100644 (file)
index 0000000..3d7c608
--- /dev/null
+++ b/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-fsl/0001-don-t-advertise-RSA-keygen.patch
@@ -0,0 +1,32 @@
+From b6e2a3747e3cffdf3cc515b0ce35d6bcdcb051c5 Mon Sep 17 00:00:00 2001
+From: Cristian Stoica <cristian.stoica@freescale.com>
+Date: Tue, 9 Dec 2014 16:41:25 +0200
+Subject: [PATCH] don't advertise RSA keygen
+
+This is supposed to avoid RSA keygen operations when they are not
+available. Since no testing can be done, the patch should be applied
+selectively (for example when offloading through pkc driver on C293)
+
+Change-Id: I60765f46fd7a39053d42e075d2ec71b032b2ed8a
+Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
+---
+ ioctl.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/ioctl.c b/ioctl.c
+index e907167..3239093 100644
+--- a/ioctl.c
++++ b/ioctl.c
+@@ -961,8 +961,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
+       case CIOCASYMFEAT:
+               return put_user(CRF_MOD_EXP_CRT |  CRF_MOD_EXP | CRF_DSA_SIGN |
+                       CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY |
+-                      CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY |
+-                      CRF_RSA_GENERATE_KEY, p);
++                      CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p);
+       case CRIOGET:
+               fd = clonefd(filp);
+               ret = put_user(fd, p);
+-- 
+2.2.0
+

diff --git a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend b/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend
index 345a09d448d373a8bfd811e1ac25ed9505021a48..2bf012c188e9f8ef32ecbe5baa6a1c59cc1ca689 100644 (file)
--- a/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend
+++ b/meta-fsl-ppc/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend
@@ -6,3 +6,7 @@ do_install_append_qoriq-ppc () {
     rm -fr ${D}/usr
 }
 
+# Currently pkc-host does not support RSA_KEYGEN, remove this
+# if it is fixed.
+SRC_URI_append_qoriq-ppc = "${@base_contains('DISTRO_FEATURES', 'c29x_pkc', ' file://0001-don-t-advertise-RSA-keygen.patch', '', d)}"
+

diff --git a/meta-fsl-ppc/recipes-kernel/pkc-host/pkc-host_git.bb b/meta-fsl-ppc/recipes-kernel/pkc-host/pkc-host_git.bb
index 2e579c1e29dc9cf9dd9316f26ed8163783dbe56e..2d5e3165484d334218cb531686cf47c0725d825b 100644 (file)
--- a/meta-fsl-ppc/recipes-kernel/pkc-host/pkc-host_git.bb
+++ b/meta-fsl-ppc/recipes-kernel/pkc-host/pkc-host_git.bb
@@ -4,6 +4,11 @@ LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://Makefile;endline=30;md5=6a26ed8e76a8ea2e019c525369ed0f03"
 
 inherit  module qoriq_build_64bit_kernel
+RDEPENDS_${PN} += "cryptodev-module"
+
+# Currently pkc-host does not support RSA_KEYGEN, remove this
+# if it is fixed.
+REQUIRED_DISTRO_FEATURES = "c29x_pkc"
 
 SRC_URI = "git://git.freescale.com/ppc/sdk/pkc-host.git;nobranch=1"
 SRCREV = "cae512c94e2a26cc6b0d6393d307cdea2d7282c9"