258 lines
7.7 KiB
Plaintext
258 lines
7.7 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0
|
|
config CRYPTO_DEV_FSL_CAAM_COMMON
|
|
tristate
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC
|
|
tristate
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_AHASH_API_DESC
|
|
tristate
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_KEYBLOB_API_DESC
|
|
tristate
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_SECVIO
|
|
tristate "CAAM/SNVS Security Violation Handler (EXPERIMENTAL)"
|
|
depends on ARCH_MXC
|
|
help
|
|
Enables installation of an interrupt handler with registrable
|
|
handler functions which can be specified to act on the consequences
|
|
of a security violation.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM
|
|
tristate "Freescale CAAM-Multicore platform driver backend"
|
|
depends on FSL_SOC || ARCH_MXC || ARCH_LAYERSCAPE
|
|
select SOC_BUS
|
|
select CRYPTO_DEV_FSL_CAAM_COMMON
|
|
help
|
|
Enables the driver module for Freescale's Cryptographic Accelerator
|
|
and Assurance Module (CAAM), also known as the SEC version 4 (SEC4).
|
|
This module creates job ring devices, and configures h/w
|
|
to operate as a DPAA component automatically, depending
|
|
on h/w feature availability.
|
|
|
|
To compile this driver as a module, choose M here: the module
|
|
will be called caam.
|
|
|
|
if CRYPTO_DEV_FSL_CAAM
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_DEBUG
|
|
bool "Enable debug output in CAAM driver"
|
|
help
|
|
Selecting this will enable printing of various debug
|
|
information in the CAAM driver.
|
|
|
|
menuconfig CRYPTO_DEV_FSL_CAAM_JR
|
|
tristate "Freescale CAAM Job Ring driver backend"
|
|
select CRYPTO_ENGINE
|
|
default y
|
|
help
|
|
Enables the driver module for Job Rings which are part of
|
|
Freescale's Cryptographic Accelerator
|
|
and Assurance Module (CAAM). This module adds a job ring operation
|
|
interface.
|
|
|
|
To compile this driver as a module, choose M here: the module
|
|
will be called caam_jr.
|
|
|
|
if CRYPTO_DEV_FSL_CAAM_JR
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_RINGSIZE
|
|
int "Job Ring size"
|
|
range 2 9
|
|
default "9"
|
|
help
|
|
Select size of Job Rings as a power of 2, within the
|
|
range 2-9 (ring size 4-512).
|
|
Examples:
|
|
2 => 4
|
|
3 => 8
|
|
4 => 16
|
|
5 => 32
|
|
6 => 64
|
|
7 => 128
|
|
8 => 256
|
|
9 => 512
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_INTC
|
|
bool "Job Ring interrupt coalescing"
|
|
help
|
|
Enable the Job Ring's interrupt coalescing feature.
|
|
|
|
Note: the driver already provides adequate
|
|
interrupt coalescing in software.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_INTC_COUNT_THLD
|
|
int "Job Ring interrupt coalescing count threshold"
|
|
depends on CRYPTO_DEV_FSL_CAAM_INTC
|
|
range 1 255
|
|
default 255
|
|
help
|
|
Select number of descriptor completions to queue before
|
|
raising an interrupt, in the range 1-255. Note that a selection
|
|
of 1 functionally defeats the coalescing feature, and a selection
|
|
equal or greater than the job ring size will force timeouts.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_INTC_TIME_THLD
|
|
int "Job Ring interrupt coalescing timer threshold"
|
|
depends on CRYPTO_DEV_FSL_CAAM_INTC
|
|
range 1 65535
|
|
default 2048
|
|
help
|
|
Select number of bus clocks/64 to timeout in the case that one or
|
|
more descriptor completions are queued without reaching the count
|
|
threshold. Range is 1-65535.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_CRYPTO_API
|
|
bool "Register algorithm implementations with the Crypto API"
|
|
default y
|
|
select CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC
|
|
select CRYPTO_AEAD
|
|
select CRYPTO_AUTHENC
|
|
select CRYPTO_BLKCIPHER
|
|
select CRYPTO_LIB_DES
|
|
help
|
|
Selecting this will offload crypto for users of the
|
|
scatterlist crypto API (such as the linux native IPSec
|
|
stack) to the SEC4 via job ring.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_CRYPTO_API_QI
|
|
bool "Queue Interface as Crypto API backend"
|
|
depends on FSL_SDK_DPA && NET
|
|
default y
|
|
select CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC
|
|
select CRYPTO_AUTHENC
|
|
select CRYPTO_BLKCIPHER
|
|
select CRYPTO_DES
|
|
select CRYPTO_XTS
|
|
help
|
|
Selecting this will use CAAM Queue Interface (QI) for sending
|
|
& receiving crypto jobs to/from CAAM. This gives better performance
|
|
than job ring interface when the number of cores are more than the
|
|
number of job rings assigned to the kernel. The number of portals
|
|
assigned to the kernel should also be more than the number of
|
|
job rings.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_AHASH_API
|
|
bool "Register hash algorithm implementations with Crypto API"
|
|
default y
|
|
select CRYPTO_DEV_FSL_CAAM_AHASH_API_DESC
|
|
select CRYPTO_HASH
|
|
help
|
|
Selecting this will offload ahash for users of the
|
|
scatterlist crypto API to the SEC4 via job ring.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_PKC_API
|
|
bool "Register public key cryptography implementations with Crypto API"
|
|
default y
|
|
select CRYPTO_RSA
|
|
help
|
|
Selecting this will allow SEC Public key support for RSA.
|
|
Supported cryptographic primitives: encryption, decryption,
|
|
signature and verification.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_RNG_API
|
|
bool "Register caam device for hwrng API"
|
|
default y
|
|
select CRYPTO_RNG
|
|
select HW_RANDOM
|
|
help
|
|
Selecting this will register the SEC4 hardware rng to
|
|
the hw_random API for suppying the kernel entropy pool.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_TK_API
|
|
bool "Register tagged key cryptography implementations with Crypto API"
|
|
default y
|
|
select CRYPTO_DEV_FSL_CAAM_CRYPTO_API
|
|
select CRYPTO_DEV_FSL_CAAM_KEYBLOB_API_DESC
|
|
help
|
|
Selecting this will register algorithms supporting tagged key and
|
|
generate black keys and encapsulate them into black blobs.
|
|
|
|
Tagged keys are black keys that contain metadata indicating what
|
|
they are and how to handle them.
|
|
CAAM protects data in a data structure called a Blob, which provides
|
|
both confidentiality and integrity protection.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_TK_API_TEST
|
|
tristate "CAAM keys and blobs test"
|
|
depends on CRYPTO_DEV_FSL_CAAM_TK_API
|
|
depends on m
|
|
help
|
|
Test to exercise black key generation and blob encapsulation and
|
|
decapsulation.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_RNG_TEST
|
|
bool "Test caam rng"
|
|
depends on CRYPTO_DEV_FSL_CAAM_RNG_API
|
|
help
|
|
Selecting this will enable a self-test to run for the
|
|
caam RNG. This test is several minutes long and executes
|
|
just before the RNG is registered with the hw_random API.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_SM
|
|
bool "CAAM Secure Memory / Keystore API (EXPERIMENTAL)"
|
|
help
|
|
Enables use of a prototype kernel-level Keystore API with CAAM
|
|
Secure Memory for insertion/extraction of bus-protected secrets.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_SM_SLOTSIZE
|
|
int "Size of each keystore slot in Secure Memory"
|
|
depends on CRYPTO_DEV_FSL_CAAM_SM
|
|
range 5 9
|
|
default 7
|
|
help
|
|
Select size of allocation units to divide Secure Memory pages into
|
|
(the size of a "slot" as referenced inside the API code).
|
|
Established as powers of two.
|
|
Examples:
|
|
5 => 32 bytes
|
|
6 => 64 bytes
|
|
7 => 128 bytes
|
|
8 => 256 bytes
|
|
9 => 512 bytes
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_SM_TEST
|
|
tristate "CAAM Secure Memory - Keystore Test/Example (EXPERIMENTAL)"
|
|
depends on CRYPTO_DEV_FSL_CAAM_SM
|
|
depends on m
|
|
help
|
|
Example thread to exercise the Keystore API and to verify that
|
|
stored and recovered secrets can be used for general purpose
|
|
encryption/decryption.
|
|
|
|
config CRYPTO_DEV_FSL_CAAM_JR_UIO
|
|
tristate "Freescale Job Ring UIO support"
|
|
depends on UIO
|
|
default y
|
|
help
|
|
Selecting this will allow job ring UIO support for
|
|
Userspace drivers
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called fsl_jr_uio.
|
|
|
|
endif # CRYPTO_DEV_FSL_CAAM_JR
|
|
|
|
endif # CRYPTO_DEV_FSL_CAAM
|
|
|
|
config CRYPTO_DEV_FSL_DPAA2_CAAM
|
|
tristate "QorIQ DPAA2 CAAM (DPSECI) driver"
|
|
depends on FSL_MC_DPIO
|
|
depends on NETDEVICES
|
|
select CRYPTO_DEV_FSL_CAAM_COMMON
|
|
select CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC
|
|
select CRYPTO_DEV_FSL_CAAM_AHASH_API_DESC
|
|
select CRYPTO_BLKCIPHER
|
|
select CRYPTO_AUTHENC
|
|
select CRYPTO_AEAD
|
|
select CRYPTO_HASH
|
|
select CRYPTO_DES
|
|
help
|
|
CAAM driver for QorIQ Data Path Acceleration Architecture 2.
|
|
It handles DPSECI DPAA2 objects that sit on the Management Complex
|
|
(MC) fsl-mc bus.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called dpaa2_caam.
|