ixp4xx_crypto.c 37 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * Intel IXP4xx NPE-C crypto driver
  4. *
  5. * Copyright (C) 2008 Christian Hohnstaedt <chohnstaedt@innominate.com>
  6. */
  7. #include <linux/platform_device.h>
  8. #include <linux/dma-mapping.h>
  9. #include <linux/dmapool.h>
  10. #include <linux/crypto.h>
  11. #include <linux/kernel.h>
  12. #include <linux/rtnetlink.h>
  13. #include <linux/interrupt.h>
  14. #include <linux/spinlock.h>
  15. #include <linux/gfp.h>
  16. #include <linux/module.h>
  17. #include <crypto/ctr.h>
  18. #include <crypto/internal/des.h>
  19. #include <crypto/aes.h>
  20. #include <crypto/hmac.h>
  21. #include <crypto/sha.h>
  22. #include <crypto/algapi.h>
  23. #include <crypto/internal/aead.h>
  24. #include <crypto/authenc.h>
  25. #include <crypto/scatterwalk.h>
  26. #include <linux/soc/ixp4xx/npe.h>
  27. #include <linux/soc/ixp4xx/qmgr.h>
  28. #define MAX_KEYLEN 32
  29. /* hash: cfgword + 2 * digestlen; crypt: keylen + cfgword */
  30. #define NPE_CTX_LEN 80
  31. #define AES_BLOCK128 16
  32. #define NPE_OP_HASH_VERIFY 0x01
  33. #define NPE_OP_CCM_ENABLE 0x04
  34. #define NPE_OP_CRYPT_ENABLE 0x08
  35. #define NPE_OP_HASH_ENABLE 0x10
  36. #define NPE_OP_NOT_IN_PLACE 0x20
  37. #define NPE_OP_HMAC_DISABLE 0x40
  38. #define NPE_OP_CRYPT_ENCRYPT 0x80
  39. #define NPE_OP_CCM_GEN_MIC 0xcc
  40. #define NPE_OP_HASH_GEN_ICV 0x50
  41. #define NPE_OP_ENC_GEN_KEY 0xc9
  42. #define MOD_ECB 0x0000
  43. #define MOD_CTR 0x1000
  44. #define MOD_CBC_ENC 0x2000
  45. #define MOD_CBC_DEC 0x3000
  46. #define MOD_CCM_ENC 0x4000
  47. #define MOD_CCM_DEC 0x5000
  48. #define KEYLEN_128 4
  49. #define KEYLEN_192 6
  50. #define KEYLEN_256 8
  51. #define CIPH_DECR 0x0000
  52. #define CIPH_ENCR 0x0400
  53. #define MOD_DES 0x0000
  54. #define MOD_TDEA2 0x0100
  55. #define MOD_3DES 0x0200
  56. #define MOD_AES 0x0800
  57. #define MOD_AES128 (0x0800 | KEYLEN_128)
  58. #define MOD_AES192 (0x0900 | KEYLEN_192)
  59. #define MOD_AES256 (0x0a00 | KEYLEN_256)
  60. #define MAX_IVLEN 16
  61. #define NPE_ID 2 /* NPE C */
  62. #define NPE_QLEN 16
  63. /* Space for registering when the first
  64. * NPE_QLEN crypt_ctl are busy */
  65. #define NPE_QLEN_TOTAL 64
  66. #define SEND_QID 29
  67. #define RECV_QID 30
  68. #define CTL_FLAG_UNUSED 0x0000
  69. #define CTL_FLAG_USED 0x1000
  70. #define CTL_FLAG_PERFORM_ABLK 0x0001
  71. #define CTL_FLAG_GEN_ICV 0x0002
  72. #define CTL_FLAG_GEN_REVAES 0x0004
  73. #define CTL_FLAG_PERFORM_AEAD 0x0008
  74. #define CTL_FLAG_MASK 0x000f
  75. #define HMAC_PAD_BLOCKLEN SHA1_BLOCK_SIZE
  76. #define MD5_DIGEST_SIZE 16
  77. struct buffer_desc {
  78. u32 phys_next;
  79. #ifdef __ARMEB__
  80. u16 buf_len;
  81. u16 pkt_len;
  82. #else
  83. u16 pkt_len;
  84. u16 buf_len;
  85. #endif
  86. dma_addr_t phys_addr;
  87. u32 __reserved[4];
  88. struct buffer_desc *next;
  89. enum dma_data_direction dir;
  90. };
  91. struct crypt_ctl {
  92. #ifdef __ARMEB__
  93. u8 mode; /* NPE_OP_* operation mode */
  94. u8 init_len;
  95. u16 reserved;
  96. #else
  97. u16 reserved;
  98. u8 init_len;
  99. u8 mode; /* NPE_OP_* operation mode */
  100. #endif
  101. u8 iv[MAX_IVLEN]; /* IV for CBC mode or CTR IV for CTR mode */
  102. dma_addr_t icv_rev_aes; /* icv or rev aes */
  103. dma_addr_t src_buf;
  104. dma_addr_t dst_buf;
  105. #ifdef __ARMEB__
  106. u16 auth_offs; /* Authentication start offset */
  107. u16 auth_len; /* Authentication data length */
  108. u16 crypt_offs; /* Cryption start offset */
  109. u16 crypt_len; /* Cryption data length */
  110. #else
  111. u16 auth_len; /* Authentication data length */
  112. u16 auth_offs; /* Authentication start offset */
  113. u16 crypt_len; /* Cryption data length */
  114. u16 crypt_offs; /* Cryption start offset */
  115. #endif
  116. u32 aadAddr; /* Additional Auth Data Addr for CCM mode */
  117. u32 crypto_ctx; /* NPE Crypto Param structure address */
  118. /* Used by Host: 4*4 bytes*/
  119. unsigned ctl_flags;
  120. union {
  121. struct ablkcipher_request *ablk_req;
  122. struct aead_request *aead_req;
  123. struct crypto_tfm *tfm;
  124. } data;
  125. struct buffer_desc *regist_buf;
  126. u8 *regist_ptr;
  127. };
  128. struct ablk_ctx {
  129. struct buffer_desc *src;
  130. struct buffer_desc *dst;
  131. };
  132. struct aead_ctx {
  133. struct buffer_desc *src;
  134. struct buffer_desc *dst;
  135. struct scatterlist ivlist;
  136. /* used when the hmac is not on one sg entry */
  137. u8 *hmac_virt;
  138. int encrypt;
  139. };
  140. struct ix_hash_algo {
  141. u32 cfgword;
  142. unsigned char *icv;
  143. };
  144. struct ix_sa_dir {
  145. unsigned char *npe_ctx;
  146. dma_addr_t npe_ctx_phys;
  147. int npe_ctx_idx;
  148. u8 npe_mode;
  149. };
  150. struct ixp_ctx {
  151. struct ix_sa_dir encrypt;
  152. struct ix_sa_dir decrypt;
  153. int authkey_len;
  154. u8 authkey[MAX_KEYLEN];
  155. int enckey_len;
  156. u8 enckey[MAX_KEYLEN];
  157. u8 salt[MAX_IVLEN];
  158. u8 nonce[CTR_RFC3686_NONCE_SIZE];
  159. unsigned salted;
  160. atomic_t configuring;
  161. struct completion completion;
  162. };
  163. struct ixp_alg {
  164. struct crypto_alg crypto;
  165. const struct ix_hash_algo *hash;
  166. u32 cfg_enc;
  167. u32 cfg_dec;
  168. int registered;
  169. };
  170. struct ixp_aead_alg {
  171. struct aead_alg crypto;
  172. const struct ix_hash_algo *hash;
  173. u32 cfg_enc;
  174. u32 cfg_dec;
  175. int registered;
  176. };
  177. static const struct ix_hash_algo hash_alg_md5 = {
  178. .cfgword = 0xAA010004,
  179. .icv = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
  180. "\xFE\xDC\xBA\x98\x76\x54\x32\x10",
  181. };
  182. static const struct ix_hash_algo hash_alg_sha1 = {
  183. .cfgword = 0x00000005,
  184. .icv = "\x67\x45\x23\x01\xEF\xCD\xAB\x89\x98\xBA"
  185. "\xDC\xFE\x10\x32\x54\x76\xC3\xD2\xE1\xF0",
  186. };
  187. static struct npe *npe_c;
  188. static struct dma_pool *buffer_pool = NULL;
  189. static struct dma_pool *ctx_pool = NULL;
  190. static struct crypt_ctl *crypt_virt = NULL;
  191. static dma_addr_t crypt_phys;
  192. static int support_aes = 1;
  193. #define DRIVER_NAME "ixp4xx_crypto"
  194. static struct platform_device *pdev;
  195. static inline dma_addr_t crypt_virt2phys(struct crypt_ctl *virt)
  196. {
  197. return crypt_phys + (virt - crypt_virt) * sizeof(struct crypt_ctl);
  198. }
  199. static inline struct crypt_ctl *crypt_phys2virt(dma_addr_t phys)
  200. {
  201. return crypt_virt + (phys - crypt_phys) / sizeof(struct crypt_ctl);
  202. }
  203. static inline u32 cipher_cfg_enc(struct crypto_tfm *tfm)
  204. {
  205. return container_of(tfm->__crt_alg, struct ixp_alg,crypto)->cfg_enc;
  206. }
  207. static inline u32 cipher_cfg_dec(struct crypto_tfm *tfm)
  208. {
  209. return container_of(tfm->__crt_alg, struct ixp_alg,crypto)->cfg_dec;
  210. }
  211. static inline const struct ix_hash_algo *ix_hash(struct crypto_tfm *tfm)
  212. {
  213. return container_of(tfm->__crt_alg, struct ixp_alg, crypto)->hash;
  214. }
  215. static int setup_crypt_desc(void)
  216. {
  217. struct device *dev = &pdev->dev;
  218. BUILD_BUG_ON(sizeof(struct crypt_ctl) != 64);
  219. crypt_virt = dma_alloc_coherent(dev,
  220. NPE_QLEN * sizeof(struct crypt_ctl),
  221. &crypt_phys, GFP_ATOMIC);
  222. if (!crypt_virt)
  223. return -ENOMEM;
  224. return 0;
  225. }
  226. static spinlock_t desc_lock;
  227. static struct crypt_ctl *get_crypt_desc(void)
  228. {
  229. int i;
  230. static int idx = 0;
  231. unsigned long flags;
  232. spin_lock_irqsave(&desc_lock, flags);
  233. if (unlikely(!crypt_virt))
  234. setup_crypt_desc();
  235. if (unlikely(!crypt_virt)) {
  236. spin_unlock_irqrestore(&desc_lock, flags);
  237. return NULL;
  238. }
  239. i = idx;
  240. if (crypt_virt[i].ctl_flags == CTL_FLAG_UNUSED) {
  241. if (++idx >= NPE_QLEN)
  242. idx = 0;
  243. crypt_virt[i].ctl_flags = CTL_FLAG_USED;
  244. spin_unlock_irqrestore(&desc_lock, flags);
  245. return crypt_virt +i;
  246. } else {
  247. spin_unlock_irqrestore(&desc_lock, flags);
  248. return NULL;
  249. }
  250. }
  251. static spinlock_t emerg_lock;
  252. static struct crypt_ctl *get_crypt_desc_emerg(void)
  253. {
  254. int i;
  255. static int idx = NPE_QLEN;
  256. struct crypt_ctl *desc;
  257. unsigned long flags;
  258. desc = get_crypt_desc();
  259. if (desc)
  260. return desc;
  261. if (unlikely(!crypt_virt))
  262. return NULL;
  263. spin_lock_irqsave(&emerg_lock, flags);
  264. i = idx;
  265. if (crypt_virt[i].ctl_flags == CTL_FLAG_UNUSED) {
  266. if (++idx >= NPE_QLEN_TOTAL)
  267. idx = NPE_QLEN;
  268. crypt_virt[i].ctl_flags = CTL_FLAG_USED;
  269. spin_unlock_irqrestore(&emerg_lock, flags);
  270. return crypt_virt +i;
  271. } else {
  272. spin_unlock_irqrestore(&emerg_lock, flags);
  273. return NULL;
  274. }
  275. }
  276. static void free_buf_chain(struct device *dev, struct buffer_desc *buf,
  277. dma_addr_t phys)
  278. {
  279. while (buf) {
  280. struct buffer_desc *buf1;
  281. u32 phys1;
  282. buf1 = buf->next;
  283. phys1 = buf->phys_next;
  284. dma_unmap_single(dev, buf->phys_addr, buf->buf_len, buf->dir);
  285. dma_pool_free(buffer_pool, buf, phys);
  286. buf = buf1;
  287. phys = phys1;
  288. }
  289. }
  290. static struct tasklet_struct crypto_done_tasklet;
  291. static void finish_scattered_hmac(struct crypt_ctl *crypt)
  292. {
  293. struct aead_request *req = crypt->data.aead_req;
  294. struct aead_ctx *req_ctx = aead_request_ctx(req);
  295. struct crypto_aead *tfm = crypto_aead_reqtfm(req);
  296. int authsize = crypto_aead_authsize(tfm);
  297. int decryptlen = req->assoclen + req->cryptlen - authsize;
  298. if (req_ctx->encrypt) {
  299. scatterwalk_map_and_copy(req_ctx->hmac_virt,
  300. req->dst, decryptlen, authsize, 1);
  301. }
  302. dma_pool_free(buffer_pool, req_ctx->hmac_virt, crypt->icv_rev_aes);
  303. }
  304. static void one_packet(dma_addr_t phys)
  305. {
  306. struct device *dev = &pdev->dev;
  307. struct crypt_ctl *crypt;
  308. struct ixp_ctx *ctx;
  309. int failed;
  310. failed = phys & 0x1 ? -EBADMSG : 0;
  311. phys &= ~0x3;
  312. crypt = crypt_phys2virt(phys);
  313. switch (crypt->ctl_flags & CTL_FLAG_MASK) {
  314. case CTL_FLAG_PERFORM_AEAD: {
  315. struct aead_request *req = crypt->data.aead_req;
  316. struct aead_ctx *req_ctx = aead_request_ctx(req);
  317. free_buf_chain(dev, req_ctx->src, crypt->src_buf);
  318. free_buf_chain(dev, req_ctx->dst, crypt->dst_buf);
  319. if (req_ctx->hmac_virt) {
  320. finish_scattered_hmac(crypt);
  321. }
  322. req->base.complete(&req->base, failed);
  323. break;
  324. }
  325. case CTL_FLAG_PERFORM_ABLK: {
  326. struct ablkcipher_request *req = crypt->data.ablk_req;
  327. struct ablk_ctx *req_ctx = ablkcipher_request_ctx(req);
  328. if (req_ctx->dst) {
  329. free_buf_chain(dev, req_ctx->dst, crypt->dst_buf);
  330. }
  331. free_buf_chain(dev, req_ctx->src, crypt->src_buf);
  332. req->base.complete(&req->base, failed);
  333. break;
  334. }
  335. case CTL_FLAG_GEN_ICV:
  336. ctx = crypto_tfm_ctx(crypt->data.tfm);
  337. dma_pool_free(ctx_pool, crypt->regist_ptr,
  338. crypt->regist_buf->phys_addr);
  339. dma_pool_free(buffer_pool, crypt->regist_buf, crypt->src_buf);
  340. if (atomic_dec_and_test(&ctx->configuring))
  341. complete(&ctx->completion);
  342. break;
  343. case CTL_FLAG_GEN_REVAES:
  344. ctx = crypto_tfm_ctx(crypt->data.tfm);
  345. *(u32*)ctx->decrypt.npe_ctx &= cpu_to_be32(~CIPH_ENCR);
  346. if (atomic_dec_and_test(&ctx->configuring))
  347. complete(&ctx->completion);
  348. break;
  349. default:
  350. BUG();
  351. }
  352. crypt->ctl_flags = CTL_FLAG_UNUSED;
  353. }
  354. static void irqhandler(void *_unused)
  355. {
  356. tasklet_schedule(&crypto_done_tasklet);
  357. }
  358. static void crypto_done_action(unsigned long arg)
  359. {
  360. int i;
  361. for(i=0; i<4; i++) {
  362. dma_addr_t phys = qmgr_get_entry(RECV_QID);
  363. if (!phys)
  364. return;
  365. one_packet(phys);
  366. }
  367. tasklet_schedule(&crypto_done_tasklet);
  368. }
  369. static int init_ixp_crypto(struct device *dev)
  370. {
  371. int ret = -ENODEV;
  372. u32 msg[2] = { 0, 0 };
  373. if (! ( ~(*IXP4XX_EXP_CFG2) & (IXP4XX_FEATURE_HASH |
  374. IXP4XX_FEATURE_AES | IXP4XX_FEATURE_DES))) {
  375. printk(KERN_ERR "ixp_crypto: No HW crypto available\n");
  376. return ret;
  377. }
  378. npe_c = npe_request(NPE_ID);
  379. if (!npe_c)
  380. return ret;
  381. if (!npe_running(npe_c)) {
  382. ret = npe_load_firmware(npe_c, npe_name(npe_c), dev);
  383. if (ret)
  384. goto npe_release;
  385. if (npe_recv_message(npe_c, msg, "STATUS_MSG"))
  386. goto npe_error;
  387. } else {
  388. if (npe_send_message(npe_c, msg, "STATUS_MSG"))
  389. goto npe_error;
  390. if (npe_recv_message(npe_c, msg, "STATUS_MSG"))
  391. goto npe_error;
  392. }
  393. switch ((msg[1]>>16) & 0xff) {
  394. case 3:
  395. printk(KERN_WARNING "Firmware of %s lacks AES support\n",
  396. npe_name(npe_c));
  397. support_aes = 0;
  398. break;
  399. case 4:
  400. case 5:
  401. support_aes = 1;
  402. break;
  403. default:
  404. printk(KERN_ERR "Firmware of %s lacks crypto support\n",
  405. npe_name(npe_c));
  406. ret = -ENODEV;
  407. goto npe_release;
  408. }
  409. /* buffer_pool will also be used to sometimes store the hmac,
  410. * so assure it is large enough
  411. */
  412. BUILD_BUG_ON(SHA1_DIGEST_SIZE > sizeof(struct buffer_desc));
  413. buffer_pool = dma_pool_create("buffer", dev,
  414. sizeof(struct buffer_desc), 32, 0);
  415. ret = -ENOMEM;
  416. if (!buffer_pool) {
  417. goto err;
  418. }
  419. ctx_pool = dma_pool_create("context", dev,
  420. NPE_CTX_LEN, 16, 0);
  421. if (!ctx_pool) {
  422. goto err;
  423. }
  424. ret = qmgr_request_queue(SEND_QID, NPE_QLEN_TOTAL, 0, 0,
  425. "ixp_crypto:out", NULL);
  426. if (ret)
  427. goto err;
  428. ret = qmgr_request_queue(RECV_QID, NPE_QLEN, 0, 0,
  429. "ixp_crypto:in", NULL);
  430. if (ret) {
  431. qmgr_release_queue(SEND_QID);
  432. goto err;
  433. }
  434. qmgr_set_irq(RECV_QID, QUEUE_IRQ_SRC_NOT_EMPTY, irqhandler, NULL);
  435. tasklet_init(&crypto_done_tasklet, crypto_done_action, 0);
  436. qmgr_enable_irq(RECV_QID);
  437. return 0;
  438. npe_error:
  439. printk(KERN_ERR "%s not responding\n", npe_name(npe_c));
  440. ret = -EIO;
  441. err:
  442. dma_pool_destroy(ctx_pool);
  443. dma_pool_destroy(buffer_pool);
  444. npe_release:
  445. npe_release(npe_c);
  446. return ret;
  447. }
  448. static void release_ixp_crypto(struct device *dev)
  449. {
  450. qmgr_disable_irq(RECV_QID);
  451. tasklet_kill(&crypto_done_tasklet);
  452. qmgr_release_queue(SEND_QID);
  453. qmgr_release_queue(RECV_QID);
  454. dma_pool_destroy(ctx_pool);
  455. dma_pool_destroy(buffer_pool);
  456. npe_release(npe_c);
  457. if (crypt_virt) {
  458. dma_free_coherent(dev,
  459. NPE_QLEN * sizeof(struct crypt_ctl),
  460. crypt_virt, crypt_phys);
  461. }
  462. }
  463. static void reset_sa_dir(struct ix_sa_dir *dir)
  464. {
  465. memset(dir->npe_ctx, 0, NPE_CTX_LEN);
  466. dir->npe_ctx_idx = 0;
  467. dir->npe_mode = 0;
  468. }
  469. static int init_sa_dir(struct ix_sa_dir *dir)
  470. {
  471. dir->npe_ctx = dma_pool_alloc(ctx_pool, GFP_KERNEL, &dir->npe_ctx_phys);
  472. if (!dir->npe_ctx) {
  473. return -ENOMEM;
  474. }
  475. reset_sa_dir(dir);
  476. return 0;
  477. }
  478. static void free_sa_dir(struct ix_sa_dir *dir)
  479. {
  480. memset(dir->npe_ctx, 0, NPE_CTX_LEN);
  481. dma_pool_free(ctx_pool, dir->npe_ctx, dir->npe_ctx_phys);
  482. }
  483. static int init_tfm(struct crypto_tfm *tfm)
  484. {
  485. struct ixp_ctx *ctx = crypto_tfm_ctx(tfm);
  486. int ret;
  487. atomic_set(&ctx->configuring, 0);
  488. ret = init_sa_dir(&ctx->encrypt);
  489. if (ret)
  490. return ret;
  491. ret = init_sa_dir(&ctx->decrypt);
  492. if (ret) {
  493. free_sa_dir(&ctx->encrypt);
  494. }
  495. return ret;
  496. }
  497. static int init_tfm_ablk(struct crypto_tfm *tfm)
  498. {
  499. tfm->crt_ablkcipher.reqsize = sizeof(struct ablk_ctx);
  500. return init_tfm(tfm);
  501. }
  502. static int init_tfm_aead(struct crypto_aead *tfm)
  503. {
  504. crypto_aead_set_reqsize(tfm, sizeof(struct aead_ctx));
  505. return init_tfm(crypto_aead_tfm(tfm));
  506. }
  507. static void exit_tfm(struct crypto_tfm *tfm)
  508. {
  509. struct ixp_ctx *ctx = crypto_tfm_ctx(tfm);
  510. free_sa_dir(&ctx->encrypt);
  511. free_sa_dir(&ctx->decrypt);
  512. }
  513. static void exit_tfm_aead(struct crypto_aead *tfm)
  514. {
  515. exit_tfm(crypto_aead_tfm(tfm));
  516. }
  517. static int register_chain_var(struct crypto_tfm *tfm, u8 xpad, u32 target,
  518. int init_len, u32 ctx_addr, const u8 *key, int key_len)
  519. {
  520. struct ixp_ctx *ctx = crypto_tfm_ctx(tfm);
  521. struct crypt_ctl *crypt;
  522. struct buffer_desc *buf;
  523. int i;
  524. u8 *pad;
  525. dma_addr_t pad_phys, buf_phys;
  526. BUILD_BUG_ON(NPE_CTX_LEN < HMAC_PAD_BLOCKLEN);
  527. pad = dma_pool_alloc(ctx_pool, GFP_KERNEL, &pad_phys);
  528. if (!pad)
  529. return -ENOMEM;
  530. buf = dma_pool_alloc(buffer_pool, GFP_KERNEL, &buf_phys);
  531. if (!buf) {
  532. dma_pool_free(ctx_pool, pad, pad_phys);
  533. return -ENOMEM;
  534. }
  535. crypt = get_crypt_desc_emerg();
  536. if (!crypt) {
  537. dma_pool_free(ctx_pool, pad, pad_phys);
  538. dma_pool_free(buffer_pool, buf, buf_phys);
  539. return -EAGAIN;
  540. }
  541. memcpy(pad, key, key_len);
  542. memset(pad + key_len, 0, HMAC_PAD_BLOCKLEN - key_len);
  543. for (i = 0; i < HMAC_PAD_BLOCKLEN; i++) {
  544. pad[i] ^= xpad;
  545. }
  546. crypt->data.tfm = tfm;
  547. crypt->regist_ptr = pad;
  548. crypt->regist_buf = buf;
  549. crypt->auth_offs = 0;
  550. crypt->auth_len = HMAC_PAD_BLOCKLEN;
  551. crypt->crypto_ctx = ctx_addr;
  552. crypt->src_buf = buf_phys;
  553. crypt->icv_rev_aes = target;
  554. crypt->mode = NPE_OP_HASH_GEN_ICV;
  555. crypt->init_len = init_len;
  556. crypt->ctl_flags |= CTL_FLAG_GEN_ICV;
  557. buf->next = 0;
  558. buf->buf_len = HMAC_PAD_BLOCKLEN;
  559. buf->pkt_len = 0;
  560. buf->phys_addr = pad_phys;
  561. atomic_inc(&ctx->configuring);
  562. qmgr_put_entry(SEND_QID, crypt_virt2phys(crypt));
  563. BUG_ON(qmgr_stat_overflow(SEND_QID));
  564. return 0;
  565. }
  566. static int setup_auth(struct crypto_tfm *tfm, int encrypt, unsigned authsize,
  567. const u8 *key, int key_len, unsigned digest_len)
  568. {
  569. u32 itarget, otarget, npe_ctx_addr;
  570. unsigned char *cinfo;
  571. int init_len, ret = 0;
  572. u32 cfgword;
  573. struct ix_sa_dir *dir;
  574. struct ixp_ctx *ctx = crypto_tfm_ctx(tfm);
  575. const struct ix_hash_algo *algo;
  576. dir = encrypt ? &ctx->encrypt : &ctx->decrypt;
  577. cinfo = dir->npe_ctx + dir->npe_ctx_idx;
  578. algo = ix_hash(tfm);
  579. /* write cfg word to cryptinfo */
  580. cfgword = algo->cfgword | ( authsize << 6); /* (authsize/4) << 8 */
  581. #ifndef __ARMEB__
  582. cfgword ^= 0xAA000000; /* change the "byte swap" flags */
  583. #endif
  584. *(u32*)cinfo = cpu_to_be32(cfgword);
  585. cinfo += sizeof(cfgword);
  586. /* write ICV to cryptinfo */
  587. memcpy(cinfo, algo->icv, digest_len);
  588. cinfo += digest_len;
  589. itarget = dir->npe_ctx_phys + dir->npe_ctx_idx
  590. + sizeof(algo->cfgword);
  591. otarget = itarget + digest_len;
  592. init_len = cinfo - (dir->npe_ctx + dir->npe_ctx_idx);
  593. npe_ctx_addr = dir->npe_ctx_phys + dir->npe_ctx_idx;
  594. dir->npe_ctx_idx += init_len;
  595. dir->npe_mode |= NPE_OP_HASH_ENABLE;
  596. if (!encrypt)
  597. dir->npe_mode |= NPE_OP_HASH_VERIFY;
  598. ret = register_chain_var(tfm, HMAC_OPAD_VALUE, otarget,
  599. init_len, npe_ctx_addr, key, key_len);
  600. if (ret)
  601. return ret;
  602. return register_chain_var(tfm, HMAC_IPAD_VALUE, itarget,
  603. init_len, npe_ctx_addr, key, key_len);
  604. }
  605. static int gen_rev_aes_key(struct crypto_tfm *tfm)
  606. {
  607. struct crypt_ctl *crypt;
  608. struct ixp_ctx *ctx = crypto_tfm_ctx(tfm);
  609. struct ix_sa_dir *dir = &ctx->decrypt;
  610. crypt = get_crypt_desc_emerg();
  611. if (!crypt) {
  612. return -EAGAIN;
  613. }
  614. *(u32*)dir->npe_ctx |= cpu_to_be32(CIPH_ENCR);
  615. crypt->data.tfm = tfm;
  616. crypt->crypt_offs = 0;
  617. crypt->crypt_len = AES_BLOCK128;
  618. crypt->src_buf = 0;
  619. crypt->crypto_ctx = dir->npe_ctx_phys;
  620. crypt->icv_rev_aes = dir->npe_ctx_phys + sizeof(u32);
  621. crypt->mode = NPE_OP_ENC_GEN_KEY;
  622. crypt->init_len = dir->npe_ctx_idx;
  623. crypt->ctl_flags |= CTL_FLAG_GEN_REVAES;
  624. atomic_inc(&ctx->configuring);
  625. qmgr_put_entry(SEND_QID, crypt_virt2phys(crypt));
  626. BUG_ON(qmgr_stat_overflow(SEND_QID));
  627. return 0;
  628. }
  629. static int setup_cipher(struct crypto_tfm *tfm, int encrypt,
  630. const u8 *key, int key_len)
  631. {
  632. u8 *cinfo;
  633. u32 cipher_cfg;
  634. u32 keylen_cfg = 0;
  635. struct ix_sa_dir *dir;
  636. struct ixp_ctx *ctx = crypto_tfm_ctx(tfm);
  637. u32 *flags = &tfm->crt_flags;
  638. dir = encrypt ? &ctx->encrypt : &ctx->decrypt;
  639. cinfo = dir->npe_ctx;
  640. if (encrypt) {
  641. cipher_cfg = cipher_cfg_enc(tfm);
  642. dir->npe_mode |= NPE_OP_CRYPT_ENCRYPT;
  643. } else {
  644. cipher_cfg = cipher_cfg_dec(tfm);
  645. }
  646. if (cipher_cfg & MOD_AES) {
  647. switch (key_len) {
  648. case 16: keylen_cfg = MOD_AES128; break;
  649. case 24: keylen_cfg = MOD_AES192; break;
  650. case 32: keylen_cfg = MOD_AES256; break;
  651. default:
  652. *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
  653. return -EINVAL;
  654. }
  655. cipher_cfg |= keylen_cfg;
  656. } else {
  657. crypto_des_verify_key(tfm, key);
  658. }
  659. /* write cfg word to cryptinfo */
  660. *(u32*)cinfo = cpu_to_be32(cipher_cfg);
  661. cinfo += sizeof(cipher_cfg);
  662. /* write cipher key to cryptinfo */
  663. memcpy(cinfo, key, key_len);
  664. /* NPE wants keylen set to DES3_EDE_KEY_SIZE even for single DES */
  665. if (key_len < DES3_EDE_KEY_SIZE && !(cipher_cfg & MOD_AES)) {
  666. memset(cinfo + key_len, 0, DES3_EDE_KEY_SIZE -key_len);
  667. key_len = DES3_EDE_KEY_SIZE;
  668. }
  669. dir->npe_ctx_idx = sizeof(cipher_cfg) + key_len;
  670. dir->npe_mode |= NPE_OP_CRYPT_ENABLE;
  671. if ((cipher_cfg & MOD_AES) && !encrypt) {
  672. return gen_rev_aes_key(tfm);
  673. }
  674. return 0;
  675. }
  676. static struct buffer_desc *chainup_buffers(struct device *dev,
  677. struct scatterlist *sg, unsigned nbytes,
  678. struct buffer_desc *buf, gfp_t flags,
  679. enum dma_data_direction dir)
  680. {
  681. for (; nbytes > 0; sg = sg_next(sg)) {
  682. unsigned len = min(nbytes, sg->length);
  683. struct buffer_desc *next_buf;
  684. dma_addr_t next_buf_phys;
  685. void *ptr;
  686. nbytes -= len;
  687. ptr = sg_virt(sg);
  688. next_buf = dma_pool_alloc(buffer_pool, flags, &next_buf_phys);
  689. if (!next_buf) {
  690. buf = NULL;
  691. break;
  692. }
  693. sg_dma_address(sg) = dma_map_single(dev, ptr, len, dir);
  694. buf->next = next_buf;
  695. buf->phys_next = next_buf_phys;
  696. buf = next_buf;
  697. buf->phys_addr = sg_dma_address(sg);
  698. buf->buf_len = len;
  699. buf->dir = dir;
  700. }
  701. buf->next = NULL;
  702. buf->phys_next = 0;
  703. return buf;
  704. }
  705. static int ablk_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
  706. unsigned int key_len)
  707. {
  708. struct ixp_ctx *ctx = crypto_ablkcipher_ctx(tfm);
  709. u32 *flags = &tfm->base.crt_flags;
  710. int ret;
  711. init_completion(&ctx->completion);
  712. atomic_inc(&ctx->configuring);
  713. reset_sa_dir(&ctx->encrypt);
  714. reset_sa_dir(&ctx->decrypt);
  715. ctx->encrypt.npe_mode = NPE_OP_HMAC_DISABLE;
  716. ctx->decrypt.npe_mode = NPE_OP_HMAC_DISABLE;
  717. ret = setup_cipher(&tfm->base, 0, key, key_len);
  718. if (ret)
  719. goto out;
  720. ret = setup_cipher(&tfm->base, 1, key, key_len);
  721. if (ret)
  722. goto out;
  723. if (*flags & CRYPTO_TFM_RES_WEAK_KEY) {
  724. if (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) {
  725. ret = -EINVAL;
  726. } else {
  727. *flags &= ~CRYPTO_TFM_RES_WEAK_KEY;
  728. }
  729. }
  730. out:
  731. if (!atomic_dec_and_test(&ctx->configuring))
  732. wait_for_completion(&ctx->completion);
  733. return ret;
  734. }
  735. static int ablk_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
  736. unsigned int key_len)
  737. {
  738. return verify_ablkcipher_des3_key(tfm, key) ?:
  739. ablk_setkey(tfm, key, key_len);
  740. }
  741. static int ablk_rfc3686_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
  742. unsigned int key_len)
  743. {
  744. struct ixp_ctx *ctx = crypto_ablkcipher_ctx(tfm);
  745. /* the nonce is stored in bytes at end of key */
  746. if (key_len < CTR_RFC3686_NONCE_SIZE)
  747. return -EINVAL;
  748. memcpy(ctx->nonce, key + (key_len - CTR_RFC3686_NONCE_SIZE),
  749. CTR_RFC3686_NONCE_SIZE);
  750. key_len -= CTR_RFC3686_NONCE_SIZE;
  751. return ablk_setkey(tfm, key, key_len);
  752. }
  753. static int ablk_perform(struct ablkcipher_request *req, int encrypt)
  754. {
  755. struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req);
  756. struct ixp_ctx *ctx = crypto_ablkcipher_ctx(tfm);
  757. unsigned ivsize = crypto_ablkcipher_ivsize(tfm);
  758. struct ix_sa_dir *dir;
  759. struct crypt_ctl *crypt;
  760. unsigned int nbytes = req->nbytes;
  761. enum dma_data_direction src_direction = DMA_BIDIRECTIONAL;
  762. struct ablk_ctx *req_ctx = ablkcipher_request_ctx(req);
  763. struct buffer_desc src_hook;
  764. struct device *dev = &pdev->dev;
  765. gfp_t flags = req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP ?
  766. GFP_KERNEL : GFP_ATOMIC;
  767. if (qmgr_stat_full(SEND_QID))
  768. return -EAGAIN;
  769. if (atomic_read(&ctx->configuring))
  770. return -EAGAIN;
  771. dir = encrypt ? &ctx->encrypt : &ctx->decrypt;
  772. crypt = get_crypt_desc();
  773. if (!crypt)
  774. return -ENOMEM;
  775. crypt->data.ablk_req = req;
  776. crypt->crypto_ctx = dir->npe_ctx_phys;
  777. crypt->mode = dir->npe_mode;
  778. crypt->init_len = dir->npe_ctx_idx;
  779. crypt->crypt_offs = 0;
  780. crypt->crypt_len = nbytes;
  781. BUG_ON(ivsize && !req->info);
  782. memcpy(crypt->iv, req->info, ivsize);
  783. if (req->src != req->dst) {
  784. struct buffer_desc dst_hook;
  785. crypt->mode |= NPE_OP_NOT_IN_PLACE;
  786. /* This was never tested by Intel
  787. * for more than one dst buffer, I think. */
  788. req_ctx->dst = NULL;
  789. if (!chainup_buffers(dev, req->dst, nbytes, &dst_hook,
  790. flags, DMA_FROM_DEVICE))
  791. goto free_buf_dest;
  792. src_direction = DMA_TO_DEVICE;
  793. req_ctx->dst = dst_hook.next;
  794. crypt->dst_buf = dst_hook.phys_next;
  795. } else {
  796. req_ctx->dst = NULL;
  797. }
  798. req_ctx->src = NULL;
  799. if (!chainup_buffers(dev, req->src, nbytes, &src_hook,
  800. flags, src_direction))
  801. goto free_buf_src;
  802. req_ctx->src = src_hook.next;
  803. crypt->src_buf = src_hook.phys_next;
  804. crypt->ctl_flags |= CTL_FLAG_PERFORM_ABLK;
  805. qmgr_put_entry(SEND_QID, crypt_virt2phys(crypt));
  806. BUG_ON(qmgr_stat_overflow(SEND_QID));
  807. return -EINPROGRESS;
  808. free_buf_src:
  809. free_buf_chain(dev, req_ctx->src, crypt->src_buf);
  810. free_buf_dest:
  811. if (req->src != req->dst) {
  812. free_buf_chain(dev, req_ctx->dst, crypt->dst_buf);
  813. }
  814. crypt->ctl_flags = CTL_FLAG_UNUSED;
  815. return -ENOMEM;
  816. }
  817. static int ablk_encrypt(struct ablkcipher_request *req)
  818. {
  819. return ablk_perform(req, 1);
  820. }
  821. static int ablk_decrypt(struct ablkcipher_request *req)
  822. {
  823. return ablk_perform(req, 0);
  824. }
  825. static int ablk_rfc3686_crypt(struct ablkcipher_request *req)
  826. {
  827. struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req);
  828. struct ixp_ctx *ctx = crypto_ablkcipher_ctx(tfm);
  829. u8 iv[CTR_RFC3686_BLOCK_SIZE];
  830. u8 *info = req->info;
  831. int ret;
  832. /* set up counter block */
  833. memcpy(iv, ctx->nonce, CTR_RFC3686_NONCE_SIZE);
  834. memcpy(iv + CTR_RFC3686_NONCE_SIZE, info, CTR_RFC3686_IV_SIZE);
  835. /* initialize counter portion of counter block */
  836. *(__be32 *)(iv + CTR_RFC3686_NONCE_SIZE + CTR_RFC3686_IV_SIZE) =
  837. cpu_to_be32(1);
  838. req->info = iv;
  839. ret = ablk_perform(req, 1);
  840. req->info = info;
  841. return ret;
  842. }
  843. static int aead_perform(struct aead_request *req, int encrypt,
  844. int cryptoffset, int eff_cryptlen, u8 *iv)
  845. {
  846. struct crypto_aead *tfm = crypto_aead_reqtfm(req);
  847. struct ixp_ctx *ctx = crypto_aead_ctx(tfm);
  848. unsigned ivsize = crypto_aead_ivsize(tfm);
  849. unsigned authsize = crypto_aead_authsize(tfm);
  850. struct ix_sa_dir *dir;
  851. struct crypt_ctl *crypt;
  852. unsigned int cryptlen;
  853. struct buffer_desc *buf, src_hook;
  854. struct aead_ctx *req_ctx = aead_request_ctx(req);
  855. struct device *dev = &pdev->dev;
  856. gfp_t flags = req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP ?
  857. GFP_KERNEL : GFP_ATOMIC;
  858. enum dma_data_direction src_direction = DMA_BIDIRECTIONAL;
  859. unsigned int lastlen;
  860. if (qmgr_stat_full(SEND_QID))
  861. return -EAGAIN;
  862. if (atomic_read(&ctx->configuring))
  863. return -EAGAIN;
  864. if (encrypt) {
  865. dir = &ctx->encrypt;
  866. cryptlen = req->cryptlen;
  867. } else {
  868. dir = &ctx->decrypt;
  869. /* req->cryptlen includes the authsize when decrypting */
  870. cryptlen = req->cryptlen -authsize;
  871. eff_cryptlen -= authsize;
  872. }
  873. crypt = get_crypt_desc();
  874. if (!crypt)
  875. return -ENOMEM;
  876. crypt->data.aead_req = req;
  877. crypt->crypto_ctx = dir->npe_ctx_phys;
  878. crypt->mode = dir->npe_mode;
  879. crypt->init_len = dir->npe_ctx_idx;
  880. crypt->crypt_offs = cryptoffset;
  881. crypt->crypt_len = eff_cryptlen;
  882. crypt->auth_offs = 0;
  883. crypt->auth_len = req->assoclen + cryptlen;
  884. BUG_ON(ivsize && !req->iv);
  885. memcpy(crypt->iv, req->iv, ivsize);
  886. buf = chainup_buffers(dev, req->src, crypt->auth_len,
  887. &src_hook, flags, src_direction);
  888. req_ctx->src = src_hook.next;
  889. crypt->src_buf = src_hook.phys_next;
  890. if (!buf)
  891. goto free_buf_src;
  892. lastlen = buf->buf_len;
  893. if (lastlen >= authsize)
  894. crypt->icv_rev_aes = buf->phys_addr +
  895. buf->buf_len - authsize;
  896. req_ctx->dst = NULL;
  897. if (req->src != req->dst) {
  898. struct buffer_desc dst_hook;
  899. crypt->mode |= NPE_OP_NOT_IN_PLACE;
  900. src_direction = DMA_TO_DEVICE;
  901. buf = chainup_buffers(dev, req->dst, crypt->auth_len,
  902. &dst_hook, flags, DMA_FROM_DEVICE);
  903. req_ctx->dst = dst_hook.next;
  904. crypt->dst_buf = dst_hook.phys_next;
  905. if (!buf)
  906. goto free_buf_dst;
  907. if (encrypt) {
  908. lastlen = buf->buf_len;
  909. if (lastlen >= authsize)
  910. crypt->icv_rev_aes = buf->phys_addr +
  911. buf->buf_len - authsize;
  912. }
  913. }
  914. if (unlikely(lastlen < authsize)) {
  915. /* The 12 hmac bytes are scattered,
  916. * we need to copy them into a safe buffer */
  917. req_ctx->hmac_virt = dma_pool_alloc(buffer_pool, flags,
  918. &crypt->icv_rev_aes);
  919. if (unlikely(!req_ctx->hmac_virt))
  920. goto free_buf_dst;
  921. if (!encrypt) {
  922. scatterwalk_map_and_copy(req_ctx->hmac_virt,
  923. req->src, cryptlen, authsize, 0);
  924. }
  925. req_ctx->encrypt = encrypt;
  926. } else {
  927. req_ctx->hmac_virt = NULL;
  928. }
  929. crypt->ctl_flags |= CTL_FLAG_PERFORM_AEAD;
  930. qmgr_put_entry(SEND_QID, crypt_virt2phys(crypt));
  931. BUG_ON(qmgr_stat_overflow(SEND_QID));
  932. return -EINPROGRESS;
  933. free_buf_dst:
  934. free_buf_chain(dev, req_ctx->dst, crypt->dst_buf);
  935. free_buf_src:
  936. free_buf_chain(dev, req_ctx->src, crypt->src_buf);
  937. crypt->ctl_flags = CTL_FLAG_UNUSED;
  938. return -ENOMEM;
  939. }
  940. static int aead_setup(struct crypto_aead *tfm, unsigned int authsize)
  941. {
  942. struct ixp_ctx *ctx = crypto_aead_ctx(tfm);
  943. u32 *flags = &tfm->base.crt_flags;
  944. unsigned digest_len = crypto_aead_maxauthsize(tfm);
  945. int ret;
  946. if (!ctx->enckey_len && !ctx->authkey_len)
  947. return 0;
  948. init_completion(&ctx->completion);
  949. atomic_inc(&ctx->configuring);
  950. reset_sa_dir(&ctx->encrypt);
  951. reset_sa_dir(&ctx->decrypt);
  952. ret = setup_cipher(&tfm->base, 0, ctx->enckey, ctx->enckey_len);
  953. if (ret)
  954. goto out;
  955. ret = setup_cipher(&tfm->base, 1, ctx->enckey, ctx->enckey_len);
  956. if (ret)
  957. goto out;
  958. ret = setup_auth(&tfm->base, 0, authsize, ctx->authkey,
  959. ctx->authkey_len, digest_len);
  960. if (ret)
  961. goto out;
  962. ret = setup_auth(&tfm->base, 1, authsize, ctx->authkey,
  963. ctx->authkey_len, digest_len);
  964. if (ret)
  965. goto out;
  966. if (*flags & CRYPTO_TFM_RES_WEAK_KEY) {
  967. if (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) {
  968. ret = -EINVAL;
  969. goto out;
  970. } else {
  971. *flags &= ~CRYPTO_TFM_RES_WEAK_KEY;
  972. }
  973. }
  974. out:
  975. if (!atomic_dec_and_test(&ctx->configuring))
  976. wait_for_completion(&ctx->completion);
  977. return ret;
  978. }
  979. static int aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize)
  980. {
  981. int max = crypto_aead_maxauthsize(tfm) >> 2;
  982. if ((authsize>>2) < 1 || (authsize>>2) > max || (authsize & 3))
  983. return -EINVAL;
  984. return aead_setup(tfm, authsize);
  985. }
  986. static int aead_setkey(struct crypto_aead *tfm, const u8 *key,
  987. unsigned int keylen)
  988. {
  989. struct ixp_ctx *ctx = crypto_aead_ctx(tfm);
  990. struct crypto_authenc_keys keys;
  991. if (crypto_authenc_extractkeys(&keys, key, keylen) != 0)
  992. goto badkey;
  993. if (keys.authkeylen > sizeof(ctx->authkey))
  994. goto badkey;
  995. if (keys.enckeylen > sizeof(ctx->enckey))
  996. goto badkey;
  997. memcpy(ctx->authkey, keys.authkey, keys.authkeylen);
  998. memcpy(ctx->enckey, keys.enckey, keys.enckeylen);
  999. ctx->authkey_len = keys.authkeylen;
  1000. ctx->enckey_len = keys.enckeylen;
  1001. memzero_explicit(&keys, sizeof(keys));
  1002. return aead_setup(tfm, crypto_aead_authsize(tfm));
  1003. badkey:
  1004. crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
  1005. memzero_explicit(&keys, sizeof(keys));
  1006. return -EINVAL;
  1007. }
  1008. static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key,
  1009. unsigned int keylen)
  1010. {
  1011. struct ixp_ctx *ctx = crypto_aead_ctx(tfm);
  1012. struct crypto_authenc_keys keys;
  1013. int err;
  1014. err = crypto_authenc_extractkeys(&keys, key, keylen);
  1015. if (unlikely(err))
  1016. goto badkey;
  1017. err = -EINVAL;
  1018. if (keys.authkeylen > sizeof(ctx->authkey))
  1019. goto badkey;
  1020. err = verify_aead_des3_key(tfm, keys.enckey, keys.enckeylen);
  1021. if (err)
  1022. goto badkey;
  1023. memcpy(ctx->authkey, keys.authkey, keys.authkeylen);
  1024. memcpy(ctx->enckey, keys.enckey, keys.enckeylen);
  1025. ctx->authkey_len = keys.authkeylen;
  1026. ctx->enckey_len = keys.enckeylen;
  1027. memzero_explicit(&keys, sizeof(keys));
  1028. return aead_setup(tfm, crypto_aead_authsize(tfm));
  1029. badkey:
  1030. memzero_explicit(&keys, sizeof(keys));
  1031. return err;
  1032. }
  1033. static int aead_encrypt(struct aead_request *req)
  1034. {
  1035. return aead_perform(req, 1, req->assoclen, req->cryptlen, req->iv);
  1036. }
  1037. static int aead_decrypt(struct aead_request *req)
  1038. {
  1039. return aead_perform(req, 0, req->assoclen, req->cryptlen, req->iv);
  1040. }
  1041. static struct ixp_alg ixp4xx_algos[] = {
  1042. {
  1043. .crypto = {
  1044. .cra_name = "cbc(des)",
  1045. .cra_blocksize = DES_BLOCK_SIZE,
  1046. .cra_u = { .ablkcipher = {
  1047. .min_keysize = DES_KEY_SIZE,
  1048. .max_keysize = DES_KEY_SIZE,
  1049. .ivsize = DES_BLOCK_SIZE,
  1050. }
  1051. }
  1052. },
  1053. .cfg_enc = CIPH_ENCR | MOD_DES | MOD_CBC_ENC | KEYLEN_192,
  1054. .cfg_dec = CIPH_DECR | MOD_DES | MOD_CBC_DEC | KEYLEN_192,
  1055. }, {
  1056. .crypto = {
  1057. .cra_name = "ecb(des)",
  1058. .cra_blocksize = DES_BLOCK_SIZE,
  1059. .cra_u = { .ablkcipher = {
  1060. .min_keysize = DES_KEY_SIZE,
  1061. .max_keysize = DES_KEY_SIZE,
  1062. }
  1063. }
  1064. },
  1065. .cfg_enc = CIPH_ENCR | MOD_DES | MOD_ECB | KEYLEN_192,
  1066. .cfg_dec = CIPH_DECR | MOD_DES | MOD_ECB | KEYLEN_192,
  1067. }, {
  1068. .crypto = {
  1069. .cra_name = "cbc(des3_ede)",
  1070. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  1071. .cra_u = { .ablkcipher = {
  1072. .min_keysize = DES3_EDE_KEY_SIZE,
  1073. .max_keysize = DES3_EDE_KEY_SIZE,
  1074. .ivsize = DES3_EDE_BLOCK_SIZE,
  1075. .setkey = ablk_des3_setkey,
  1076. }
  1077. }
  1078. },
  1079. .cfg_enc = CIPH_ENCR | MOD_3DES | MOD_CBC_ENC | KEYLEN_192,
  1080. .cfg_dec = CIPH_DECR | MOD_3DES | MOD_CBC_DEC | KEYLEN_192,
  1081. }, {
  1082. .crypto = {
  1083. .cra_name = "ecb(des3_ede)",
  1084. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  1085. .cra_u = { .ablkcipher = {
  1086. .min_keysize = DES3_EDE_KEY_SIZE,
  1087. .max_keysize = DES3_EDE_KEY_SIZE,
  1088. .setkey = ablk_des3_setkey,
  1089. }
  1090. }
  1091. },
  1092. .cfg_enc = CIPH_ENCR | MOD_3DES | MOD_ECB | KEYLEN_192,
  1093. .cfg_dec = CIPH_DECR | MOD_3DES | MOD_ECB | KEYLEN_192,
  1094. }, {
  1095. .crypto = {
  1096. .cra_name = "cbc(aes)",
  1097. .cra_blocksize = AES_BLOCK_SIZE,
  1098. .cra_u = { .ablkcipher = {
  1099. .min_keysize = AES_MIN_KEY_SIZE,
  1100. .max_keysize = AES_MAX_KEY_SIZE,
  1101. .ivsize = AES_BLOCK_SIZE,
  1102. }
  1103. }
  1104. },
  1105. .cfg_enc = CIPH_ENCR | MOD_AES | MOD_CBC_ENC,
  1106. .cfg_dec = CIPH_DECR | MOD_AES | MOD_CBC_DEC,
  1107. }, {
  1108. .crypto = {
  1109. .cra_name = "ecb(aes)",
  1110. .cra_blocksize = AES_BLOCK_SIZE,
  1111. .cra_u = { .ablkcipher = {
  1112. .min_keysize = AES_MIN_KEY_SIZE,
  1113. .max_keysize = AES_MAX_KEY_SIZE,
  1114. }
  1115. }
  1116. },
  1117. .cfg_enc = CIPH_ENCR | MOD_AES | MOD_ECB,
  1118. .cfg_dec = CIPH_DECR | MOD_AES | MOD_ECB,
  1119. }, {
  1120. .crypto = {
  1121. .cra_name = "ctr(aes)",
  1122. .cra_blocksize = AES_BLOCK_SIZE,
  1123. .cra_u = { .ablkcipher = {
  1124. .min_keysize = AES_MIN_KEY_SIZE,
  1125. .max_keysize = AES_MAX_KEY_SIZE,
  1126. .ivsize = AES_BLOCK_SIZE,
  1127. }
  1128. }
  1129. },
  1130. .cfg_enc = CIPH_ENCR | MOD_AES | MOD_CTR,
  1131. .cfg_dec = CIPH_ENCR | MOD_AES | MOD_CTR,
  1132. }, {
  1133. .crypto = {
  1134. .cra_name = "rfc3686(ctr(aes))",
  1135. .cra_blocksize = AES_BLOCK_SIZE,
  1136. .cra_u = { .ablkcipher = {
  1137. .min_keysize = AES_MIN_KEY_SIZE,
  1138. .max_keysize = AES_MAX_KEY_SIZE,
  1139. .ivsize = AES_BLOCK_SIZE,
  1140. .setkey = ablk_rfc3686_setkey,
  1141. .encrypt = ablk_rfc3686_crypt,
  1142. .decrypt = ablk_rfc3686_crypt }
  1143. }
  1144. },
  1145. .cfg_enc = CIPH_ENCR | MOD_AES | MOD_CTR,
  1146. .cfg_dec = CIPH_ENCR | MOD_AES | MOD_CTR,
  1147. } };
  1148. static struct ixp_aead_alg ixp4xx_aeads[] = {
  1149. {
  1150. .crypto = {
  1151. .base = {
  1152. .cra_name = "authenc(hmac(md5),cbc(des))",
  1153. .cra_blocksize = DES_BLOCK_SIZE,
  1154. },
  1155. .ivsize = DES_BLOCK_SIZE,
  1156. .maxauthsize = MD5_DIGEST_SIZE,
  1157. },
  1158. .hash = &hash_alg_md5,
  1159. .cfg_enc = CIPH_ENCR | MOD_DES | MOD_CBC_ENC | KEYLEN_192,
  1160. .cfg_dec = CIPH_DECR | MOD_DES | MOD_CBC_DEC | KEYLEN_192,
  1161. }, {
  1162. .crypto = {
  1163. .base = {
  1164. .cra_name = "authenc(hmac(md5),cbc(des3_ede))",
  1165. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  1166. },
  1167. .ivsize = DES3_EDE_BLOCK_SIZE,
  1168. .maxauthsize = MD5_DIGEST_SIZE,
  1169. .setkey = des3_aead_setkey,
  1170. },
  1171. .hash = &hash_alg_md5,
  1172. .cfg_enc = CIPH_ENCR | MOD_3DES | MOD_CBC_ENC | KEYLEN_192,
  1173. .cfg_dec = CIPH_DECR | MOD_3DES | MOD_CBC_DEC | KEYLEN_192,
  1174. }, {
  1175. .crypto = {
  1176. .base = {
  1177. .cra_name = "authenc(hmac(sha1),cbc(des))",
  1178. .cra_blocksize = DES_BLOCK_SIZE,
  1179. },
  1180. .ivsize = DES_BLOCK_SIZE,
  1181. .maxauthsize = SHA1_DIGEST_SIZE,
  1182. },
  1183. .hash = &hash_alg_sha1,
  1184. .cfg_enc = CIPH_ENCR | MOD_DES | MOD_CBC_ENC | KEYLEN_192,
  1185. .cfg_dec = CIPH_DECR | MOD_DES | MOD_CBC_DEC | KEYLEN_192,
  1186. }, {
  1187. .crypto = {
  1188. .base = {
  1189. .cra_name = "authenc(hmac(sha1),cbc(des3_ede))",
  1190. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  1191. },
  1192. .ivsize = DES3_EDE_BLOCK_SIZE,
  1193. .maxauthsize = SHA1_DIGEST_SIZE,
  1194. .setkey = des3_aead_setkey,
  1195. },
  1196. .hash = &hash_alg_sha1,
  1197. .cfg_enc = CIPH_ENCR | MOD_3DES | MOD_CBC_ENC | KEYLEN_192,
  1198. .cfg_dec = CIPH_DECR | MOD_3DES | MOD_CBC_DEC | KEYLEN_192,
  1199. }, {
  1200. .crypto = {
  1201. .base = {
  1202. .cra_name = "authenc(hmac(md5),cbc(aes))",
  1203. .cra_blocksize = AES_BLOCK_SIZE,
  1204. },
  1205. .ivsize = AES_BLOCK_SIZE,
  1206. .maxauthsize = MD5_DIGEST_SIZE,
  1207. },
  1208. .hash = &hash_alg_md5,
  1209. .cfg_enc = CIPH_ENCR | MOD_AES | MOD_CBC_ENC,
  1210. .cfg_dec = CIPH_DECR | MOD_AES | MOD_CBC_DEC,
  1211. }, {
  1212. .crypto = {
  1213. .base = {
  1214. .cra_name = "authenc(hmac(sha1),cbc(aes))",
  1215. .cra_blocksize = AES_BLOCK_SIZE,
  1216. },
  1217. .ivsize = AES_BLOCK_SIZE,
  1218. .maxauthsize = SHA1_DIGEST_SIZE,
  1219. },
  1220. .hash = &hash_alg_sha1,
  1221. .cfg_enc = CIPH_ENCR | MOD_AES | MOD_CBC_ENC,
  1222. .cfg_dec = CIPH_DECR | MOD_AES | MOD_CBC_DEC,
  1223. } };
  1224. #define IXP_POSTFIX "-ixp4xx"
  1225. static const struct platform_device_info ixp_dev_info __initdata = {
  1226. .name = DRIVER_NAME,
  1227. .id = 0,
  1228. .dma_mask = DMA_BIT_MASK(32),
  1229. };
  1230. static int __init ixp_module_init(void)
  1231. {
  1232. int num = ARRAY_SIZE(ixp4xx_algos);
  1233. int i, err;
  1234. pdev = platform_device_register_full(&ixp_dev_info);
  1235. if (IS_ERR(pdev))
  1236. return PTR_ERR(pdev);
  1237. spin_lock_init(&desc_lock);
  1238. spin_lock_init(&emerg_lock);
  1239. err = init_ixp_crypto(&pdev->dev);
  1240. if (err) {
  1241. platform_device_unregister(pdev);
  1242. return err;
  1243. }
  1244. for (i=0; i< num; i++) {
  1245. struct crypto_alg *cra = &ixp4xx_algos[i].crypto;
  1246. if (snprintf(cra->cra_driver_name, CRYPTO_MAX_ALG_NAME,
  1247. "%s"IXP_POSTFIX, cra->cra_name) >=
  1248. CRYPTO_MAX_ALG_NAME)
  1249. {
  1250. continue;
  1251. }
  1252. if (!support_aes && (ixp4xx_algos[i].cfg_enc & MOD_AES)) {
  1253. continue;
  1254. }
  1255. /* block ciphers */
  1256. cra->cra_type = &crypto_ablkcipher_type;
  1257. cra->cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
  1258. CRYPTO_ALG_KERN_DRIVER_ONLY |
  1259. CRYPTO_ALG_ASYNC;
  1260. if (!cra->cra_ablkcipher.setkey)
  1261. cra->cra_ablkcipher.setkey = ablk_setkey;
  1262. if (!cra->cra_ablkcipher.encrypt)
  1263. cra->cra_ablkcipher.encrypt = ablk_encrypt;
  1264. if (!cra->cra_ablkcipher.decrypt)
  1265. cra->cra_ablkcipher.decrypt = ablk_decrypt;
  1266. cra->cra_init = init_tfm_ablk;
  1267. cra->cra_ctxsize = sizeof(struct ixp_ctx);
  1268. cra->cra_module = THIS_MODULE;
  1269. cra->cra_alignmask = 3;
  1270. cra->cra_priority = 300;
  1271. cra->cra_exit = exit_tfm;
  1272. if (crypto_register_alg(cra))
  1273. printk(KERN_ERR "Failed to register '%s'\n",
  1274. cra->cra_name);
  1275. else
  1276. ixp4xx_algos[i].registered = 1;
  1277. }
  1278. for (i = 0; i < ARRAY_SIZE(ixp4xx_aeads); i++) {
  1279. struct aead_alg *cra = &ixp4xx_aeads[i].crypto;
  1280. if (snprintf(cra->base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
  1281. "%s"IXP_POSTFIX, cra->base.cra_name) >=
  1282. CRYPTO_MAX_ALG_NAME)
  1283. continue;
  1284. if (!support_aes && (ixp4xx_algos[i].cfg_enc & MOD_AES))
  1285. continue;
  1286. /* authenc */
  1287. cra->base.cra_flags = CRYPTO_ALG_KERN_DRIVER_ONLY |
  1288. CRYPTO_ALG_ASYNC;
  1289. cra->setkey = cra->setkey ?: aead_setkey;
  1290. cra->setauthsize = aead_setauthsize;
  1291. cra->encrypt = aead_encrypt;
  1292. cra->decrypt = aead_decrypt;
  1293. cra->init = init_tfm_aead;
  1294. cra->exit = exit_tfm_aead;
  1295. cra->base.cra_ctxsize = sizeof(struct ixp_ctx);
  1296. cra->base.cra_module = THIS_MODULE;
  1297. cra->base.cra_alignmask = 3;
  1298. cra->base.cra_priority = 300;
  1299. if (crypto_register_aead(cra))
  1300. printk(KERN_ERR "Failed to register '%s'\n",
  1301. cra->base.cra_driver_name);
  1302. else
  1303. ixp4xx_aeads[i].registered = 1;
  1304. }
  1305. return 0;
  1306. }
  1307. static void __exit ixp_module_exit(void)
  1308. {
  1309. int num = ARRAY_SIZE(ixp4xx_algos);
  1310. int i;
  1311. for (i = 0; i < ARRAY_SIZE(ixp4xx_aeads); i++) {
  1312. if (ixp4xx_aeads[i].registered)
  1313. crypto_unregister_aead(&ixp4xx_aeads[i].crypto);
  1314. }
  1315. for (i=0; i< num; i++) {
  1316. if (ixp4xx_algos[i].registered)
  1317. crypto_unregister_alg(&ixp4xx_algos[i].crypto);
  1318. }
  1319. release_ixp_crypto(&pdev->dev);
  1320. platform_device_unregister(pdev);
  1321. }
  1322. module_init(ixp_module_init);
  1323. module_exit(ixp_module_exit);
  1324. MODULE_LICENSE("GPL");
  1325. MODULE_AUTHOR("Christian Hohnstaedt <chohnstaedt@innominate.com>");
  1326. MODULE_DESCRIPTION("IXP4xx hardware crypto");