1 /*
2 * talitos - Freescale Integrated Security Engine (SEC) device driver
3 *
4 * Copyright (c) 2008-2010 Freescale Semiconductor, Inc.
5 *
6 * Scatterlist Crypto API glue code copied from files with the following:
7 * Copyright (c) 2006-2007 Herbert Xu <herbert@gondor.apana.org.au>
8 *
9 * Crypto algorithm registration code copied from hifn driver:
10 * 2007+ Copyright (c) Evgeniy Polyakov <johnpol@2ka.mipt.ru>
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26 */
27
28 #include <linux/kernel.h>
29 #include <linux/module.h>
30 #include <linux/mod_devicetable.h>
31 #include <linux/device.h>
32 #include <linux/interrupt.h>
33 #include <linux/crypto.h>
34 #include <linux/hw_random.h>
35 #include <linux/of_platform.h>
36 #include <linux/dma-mapping.h>
37 #include <linux/io.h>
38 #include <linux/spinlock.h>
39 #include <linux/rtnetlink.h>
40 #include <linux/slab.h>
41
42 #include <crypto/algapi.h>
43 #include <crypto/aes.h>
44 #include <crypto/des.h>
45 #include <crypto/sha.h>
46 #include <crypto/md5.h>
47 #include <crypto/aead.h>
48 #include <crypto/authenc.h>
49 #include <crypto/skcipher.h>
50 #include <crypto/hash.h>
51 #include <crypto/internal/hash.h>
52 #include <crypto/scatterwalk.h>
53
54 #include "talitos.h"
55
56 #define TALITOS_TIMEOUT 100000
57 #define TALITOS_MAX_DATA_LEN 65535
58
59 #define DESC_TYPE(desc_hdr) ((be32_to_cpu(desc_hdr) >> 3) & 0x1f)
60 #define PRIMARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 28) & 0xf)
61 #define SECONDARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 16) & 0xf)
62
63 /* descriptor pointer entry */
64 struct talitos_ptr {
65 __be16 len; /* length */
66 u8 j_extent; /* jump to sg link table and/or extent */
67 u8 eptr; /* extended address */
68 __be32 ptr; /* address */
69 };
70
71 static const struct talitos_ptr zero_entry = {
72 .len = 0,
73 .j_extent = 0,
74 .eptr = 0,
75 .ptr = 0
76 };
77
78 /* descriptor */
79 struct talitos_desc {
80 __be32 hdr; /* header high bits */
81 __be32 hdr_lo; /* header low bits */
82 struct talitos_ptr ptr[7]; /* ptr/len pair array */
83 };
84
85 /**
86 * talitos_request - descriptor submission request
87 * @desc: descriptor pointer (kernel virtual)
88 * @dma_desc: descriptor's physical bus address
89 * @callback: whom to call when descriptor processing is done
90 * @context: caller context (optional)
91 */
92 struct talitos_request {
93 struct talitos_desc *desc;
94 dma_addr_t dma_desc;
95 void (*callback) (struct device *dev, struct talitos_desc *desc,
96 void *context, int error);
97 void *context;
98 };
99
100 /* per-channel fifo management */
101 struct talitos_channel {
102 /* request fifo */
103 struct talitos_request *fifo;
104
105 /* number of requests pending in channel h/w fifo */
106 atomic_t submit_count ____cacheline_aligned;
107
108 /* request submission (head) lock */
109 spinlock_t head_lock ____cacheline_aligned;
110 /* index to next free descriptor request */
111 int head;
112
113 /* request release (tail) lock */
114 spinlock_t tail_lock ____cacheline_aligned;
115 /* index to next in-progress/done descriptor request */
116 int tail;
117 };
118
119 struct talitos_private {
120 struct device *dev;
121 struct platform_device *ofdev;
122 void __iomem *reg;
123 int irq;
124
125 /* SEC version geometry (from device tree node) */
126 unsigned int num_channels;
127 unsigned int chfifo_len;
128 unsigned int exec_units;
129 unsigned int desc_types;
130
131 /* SEC Compatibility info */
132 unsigned long features;
133
134 /*
135 * length of the request fifo
136 * fifo_len is chfifo_len rounded up to next power of 2
137 * so we can use bitwise ops to wrap
138 */
139 unsigned int fifo_len;
140
141 struct talitos_channel *chan;
142
143 /* next channel to be assigned next incoming descriptor */
144 atomic_t last_chan ____cacheline_aligned;
145
146 /* request callback tasklet */
147 struct tasklet_struct done_task;
148
149 /* list of registered algorithms */
150 struct list_head alg_list;
151
152 /* hwrng device */
153 struct hwrng rng;
154 };
155
156 /* .features flag */
157 #define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x00000001
158 #define TALITOS_FTR_HW_AUTH_CHECK 0x00000002
159 #define TALITOS_FTR_SHA224_HWINIT 0x00000004
160
to_talitos_ptr(struct talitos_ptr * talitos_ptr,dma_addr_t dma_addr)161 static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t dma_addr)
162 {
163 talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
164 talitos_ptr->eptr = upper_32_bits(dma_addr);
165 }
166
167 /*
168 * map virtual single (contiguous) pointer to h/w descriptor pointer
169 */
map_single_talitos_ptr(struct device * dev,struct talitos_ptr * talitos_ptr,unsigned short len,void * data,unsigned char extent,enum dma_data_direction dir)170 static void map_single_talitos_ptr(struct device *dev,
171 struct talitos_ptr *talitos_ptr,
172 unsigned short len, void *data,
173 unsigned char extent,
174 enum dma_data_direction dir)
175 {
176 dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
177
178 talitos_ptr->len = cpu_to_be16(len);
179 to_talitos_ptr(talitos_ptr, dma_addr);
180 talitos_ptr->j_extent = extent;
181 }
182
183 /*
184 * unmap bus single (contiguous) h/w descriptor pointer
185 */
unmap_single_talitos_ptr(struct device * dev,struct talitos_ptr * talitos_ptr,enum dma_data_direction dir)186 static void unmap_single_talitos_ptr(struct device *dev,
187 struct talitos_ptr *talitos_ptr,
188 enum dma_data_direction dir)
189 {
190 dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr),
191 be16_to_cpu(talitos_ptr->len), dir);
192 }
193
reset_channel(struct device * dev,int ch)194 static int reset_channel(struct device *dev, int ch)
195 {
196 struct talitos_private *priv = dev_get_drvdata(dev);
197 unsigned int timeout = TALITOS_TIMEOUT;
198
199 setbits32(priv->reg + TALITOS_CCCR(ch), TALITOS_CCCR_RESET);
200
201 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & TALITOS_CCCR_RESET)
202 && --timeout)
203 cpu_relax();
204
205 if (timeout == 0) {
206 dev_err(dev, "failed to reset channel %d\n", ch);
207 return -EIO;
208 }
209
210 /* set 36-bit addressing, done writeback enable and done IRQ enable */
211 setbits32(priv->reg + TALITOS_CCCR_LO(ch), TALITOS_CCCR_LO_EAE |
212 TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE);
213
214 /* and ICCR writeback, if available */
215 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
216 setbits32(priv->reg + TALITOS_CCCR_LO(ch),
217 TALITOS_CCCR_LO_IWSE);
218
219 return 0;
220 }
221
reset_device(struct device * dev)222 static int reset_device(struct device *dev)
223 {
224 struct talitos_private *priv = dev_get_drvdata(dev);
225 unsigned int timeout = TALITOS_TIMEOUT;
226
227 setbits32(priv->reg + TALITOS_MCR, TALITOS_MCR_SWR);
228
229 while ((in_be32(priv->reg + TALITOS_MCR) & TALITOS_MCR_SWR)
230 && --timeout)
231 cpu_relax();
232
233 if (timeout == 0) {
234 dev_err(dev, "failed to reset device\n");
235 return -EIO;
236 }
237
238 return 0;
239 }
240
241 /*
242 * Reset and initialize the device
243 */
init_device(struct device * dev)244 static int init_device(struct device *dev)
245 {
246 struct talitos_private *priv = dev_get_drvdata(dev);
247 int ch, err;
248
249 /*
250 * Master reset
251 * errata documentation: warning: certain SEC interrupts
252 * are not fully cleared by writing the MCR:SWR bit,
253 * set bit twice to completely reset
254 */
255 err = reset_device(dev);
256 if (err)
257 return err;
258
259 err = reset_device(dev);
260 if (err)
261 return err;
262
263 /* reset channels */
264 for (ch = 0; ch < priv->num_channels; ch++) {
265 err = reset_channel(dev, ch);
266 if (err)
267 return err;
268 }
269
270 /* enable channel done and error interrupts */
271 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
272 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
273
274 /* disable integrity check error interrupts (use writeback instead) */
275 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
276 setbits32(priv->reg + TALITOS_MDEUICR_LO,
277 TALITOS_MDEUICR_LO_ICE);
278
279 return 0;
280 }
281
282 /**
283 * talitos_submit - submits a descriptor to the device for processing
284 * @dev: the SEC device to be used
285 * @desc: the descriptor to be processed by the device
286 * @callback: whom to call when processing is complete
287 * @context: a handle for use by caller (optional)
288 *
289 * desc must contain valid dma-mapped (bus physical) address pointers.
290 * callback must check err and feedback in descriptor header
291 * for device processing status.
292 */
talitos_submit(struct device * dev,struct talitos_desc * desc,void (* callback)(struct device * dev,struct talitos_desc * desc,void * context,int error),void * context)293 static int talitos_submit(struct device *dev, struct talitos_desc *desc,
294 void (*callback)(struct device *dev,
295 struct talitos_desc *desc,
296 void *context, int error),
297 void *context)
298 {
299 struct talitos_private *priv = dev_get_drvdata(dev);
300 struct talitos_request *request;
301 unsigned long flags, ch;
302 int head;
303
304 /* select done notification */
305 desc->hdr |= DESC_HDR_DONE_NOTIFY;
306
307 /* emulate SEC's round-robin channel fifo polling scheme */
308 ch = atomic_inc_return(&priv->last_chan) & (priv->num_channels - 1);
309
310 spin_lock_irqsave(&priv->chan[ch].head_lock, flags);
311
312 if (!atomic_inc_not_zero(&priv->chan[ch].submit_count)) {
313 /* h/w fifo is full */
314 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
315 return -EAGAIN;
316 }
317
318 head = priv->chan[ch].head;
319 request = &priv->chan[ch].fifo[head];
320
321 /* map descriptor and save caller data */
322 request->dma_desc = dma_map_single(dev, desc, sizeof(*desc),
323 DMA_BIDIRECTIONAL);
324 request->callback = callback;
325 request->context = context;
326
327 /* increment fifo head */
328 priv->chan[ch].head = (priv->chan[ch].head + 1) & (priv->fifo_len - 1);
329
330 smp_wmb();
331 request->desc = desc;
332
333 /* GO! */
334 wmb();
335 out_be32(priv->reg + TALITOS_FF(ch), upper_32_bits(request->dma_desc));
336 out_be32(priv->reg + TALITOS_FF_LO(ch),
337 lower_32_bits(request->dma_desc));
338
339 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
340
341 return -EINPROGRESS;
342 }
343
344 /*
345 * process what was done, notify callback of error if not
346 */
flush_channel(struct device * dev,int ch,int error,int reset_ch)347 static void flush_channel(struct device *dev, int ch, int error, int reset_ch)
348 {
349 struct talitos_private *priv = dev_get_drvdata(dev);
350 struct talitos_request *request, saved_req;
351 unsigned long flags;
352 int tail, status;
353
354 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
355
356 tail = priv->chan[ch].tail;
357 while (priv->chan[ch].fifo[tail].desc) {
358 request = &priv->chan[ch].fifo[tail];
359
360 /* descriptors with their done bits set don't get the error */
361 rmb();
362 if ((request->desc->hdr & DESC_HDR_DONE) == DESC_HDR_DONE)
363 status = 0;
364 else
365 if (!error)
366 break;
367 else
368 status = error;
369
370 dma_unmap_single(dev, request->dma_desc,
371 sizeof(struct talitos_desc),
372 DMA_BIDIRECTIONAL);
373
374 /* copy entries so we can call callback outside lock */
375 saved_req.desc = request->desc;
376 saved_req.callback = request->callback;
377 saved_req.context = request->context;
378
379 /* release request entry in fifo */
380 smp_wmb();
381 request->desc = NULL;
382
383 /* increment fifo tail */
384 priv->chan[ch].tail = (tail + 1) & (priv->fifo_len - 1);
385
386 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
387
388 atomic_dec(&priv->chan[ch].submit_count);
389
390 saved_req.callback(dev, saved_req.desc, saved_req.context,
391 status);
392 /* channel may resume processing in single desc error case */
393 if (error && !reset_ch && status == error)
394 return;
395 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
396 tail = priv->chan[ch].tail;
397 }
398
399 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
400 }
401
402 /*
403 * process completed requests for channels that have done status
404 */
talitos_done(unsigned long data)405 static void talitos_done(unsigned long data)
406 {
407 struct device *dev = (struct device *)data;
408 struct talitos_private *priv = dev_get_drvdata(dev);
409 int ch;
410
411 for (ch = 0; ch < priv->num_channels; ch++)
412 flush_channel(dev, ch, 0, 0);
413
414 /* At this point, all completed channels have been processed.
415 * Unmask done interrupts for channels completed later on.
416 */
417 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
418 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
419 }
420
421 /*
422 * locate current (offending) descriptor
423 */
current_desc(struct device * dev,int ch)424 static struct talitos_desc *current_desc(struct device *dev, int ch)
425 {
426 struct talitos_private *priv = dev_get_drvdata(dev);
427 int tail = priv->chan[ch].tail;
428 dma_addr_t cur_desc;
429
430 cur_desc = in_be32(priv->reg + TALITOS_CDPR_LO(ch));
431
432 while (priv->chan[ch].fifo[tail].dma_desc != cur_desc) {
433 tail = (tail + 1) & (priv->fifo_len - 1);
434 if (tail == priv->chan[ch].tail) {
435 dev_err(dev, "couldn't locate current descriptor\n");
436 return NULL;
437 }
438 }
439
440 return priv->chan[ch].fifo[tail].desc;
441 }
442
443 /*
444 * user diagnostics; report root cause of error based on execution unit status
445 */
report_eu_error(struct device * dev,int ch,struct talitos_desc * desc)446 static void report_eu_error(struct device *dev, int ch,
447 struct talitos_desc *desc)
448 {
449 struct talitos_private *priv = dev_get_drvdata(dev);
450 int i;
451
452 switch (desc->hdr & DESC_HDR_SEL0_MASK) {
453 case DESC_HDR_SEL0_AFEU:
454 dev_err(dev, "AFEUISR 0x%08x_%08x\n",
455 in_be32(priv->reg + TALITOS_AFEUISR),
456 in_be32(priv->reg + TALITOS_AFEUISR_LO));
457 break;
458 case DESC_HDR_SEL0_DEU:
459 dev_err(dev, "DEUISR 0x%08x_%08x\n",
460 in_be32(priv->reg + TALITOS_DEUISR),
461 in_be32(priv->reg + TALITOS_DEUISR_LO));
462 break;
463 case DESC_HDR_SEL0_MDEUA:
464 case DESC_HDR_SEL0_MDEUB:
465 dev_err(dev, "MDEUISR 0x%08x_%08x\n",
466 in_be32(priv->reg + TALITOS_MDEUISR),
467 in_be32(priv->reg + TALITOS_MDEUISR_LO));
468 break;
469 case DESC_HDR_SEL0_RNG:
470 dev_err(dev, "RNGUISR 0x%08x_%08x\n",
471 in_be32(priv->reg + TALITOS_RNGUISR),
472 in_be32(priv->reg + TALITOS_RNGUISR_LO));
473 break;
474 case DESC_HDR_SEL0_PKEU:
475 dev_err(dev, "PKEUISR 0x%08x_%08x\n",
476 in_be32(priv->reg + TALITOS_PKEUISR),
477 in_be32(priv->reg + TALITOS_PKEUISR_LO));
478 break;
479 case DESC_HDR_SEL0_AESU:
480 dev_err(dev, "AESUISR 0x%08x_%08x\n",
481 in_be32(priv->reg + TALITOS_AESUISR),
482 in_be32(priv->reg + TALITOS_AESUISR_LO));
483 break;
484 case DESC_HDR_SEL0_CRCU:
485 dev_err(dev, "CRCUISR 0x%08x_%08x\n",
486 in_be32(priv->reg + TALITOS_CRCUISR),
487 in_be32(priv->reg + TALITOS_CRCUISR_LO));
488 break;
489 case DESC_HDR_SEL0_KEU:
490 dev_err(dev, "KEUISR 0x%08x_%08x\n",
491 in_be32(priv->reg + TALITOS_KEUISR),
492 in_be32(priv->reg + TALITOS_KEUISR_LO));
493 break;
494 }
495
496 switch (desc->hdr & DESC_HDR_SEL1_MASK) {
497 case DESC_HDR_SEL1_MDEUA:
498 case DESC_HDR_SEL1_MDEUB:
499 dev_err(dev, "MDEUISR 0x%08x_%08x\n",
500 in_be32(priv->reg + TALITOS_MDEUISR),
501 in_be32(priv->reg + TALITOS_MDEUISR_LO));
502 break;
503 case DESC_HDR_SEL1_CRCU:
504 dev_err(dev, "CRCUISR 0x%08x_%08x\n",
505 in_be32(priv->reg + TALITOS_CRCUISR),
506 in_be32(priv->reg + TALITOS_CRCUISR_LO));
507 break;
508 }
509
510 for (i = 0; i < 8; i++)
511 dev_err(dev, "DESCBUF 0x%08x_%08x\n",
512 in_be32(priv->reg + TALITOS_DESCBUF(ch) + 8*i),
513 in_be32(priv->reg + TALITOS_DESCBUF_LO(ch) + 8*i));
514 }
515
516 /*
517 * recover from error interrupts
518 */
talitos_error(unsigned long data,u32 isr,u32 isr_lo)519 static void talitos_error(unsigned long data, u32 isr, u32 isr_lo)
520 {
521 struct device *dev = (struct device *)data;
522 struct talitos_private *priv = dev_get_drvdata(dev);
523 unsigned int timeout = TALITOS_TIMEOUT;
524 int ch, error, reset_dev = 0, reset_ch = 0;
525 u32 v, v_lo;
526
527 for (ch = 0; ch < priv->num_channels; ch++) {
528 /* skip channels without errors */
529 if (!(isr & (1 << (ch * 2 + 1))))
530 continue;
531
532 error = -EINVAL;
533
534 v = in_be32(priv->reg + TALITOS_CCPSR(ch));
535 v_lo = in_be32(priv->reg + TALITOS_CCPSR_LO(ch));
536
537 if (v_lo & TALITOS_CCPSR_LO_DOF) {
538 dev_err(dev, "double fetch fifo overflow error\n");
539 error = -EAGAIN;
540 reset_ch = 1;
541 }
542 if (v_lo & TALITOS_CCPSR_LO_SOF) {
543 /* h/w dropped descriptor */
544 dev_err(dev, "single fetch fifo overflow error\n");
545 error = -EAGAIN;
546 }
547 if (v_lo & TALITOS_CCPSR_LO_MDTE)
548 dev_err(dev, "master data transfer error\n");
549 if (v_lo & TALITOS_CCPSR_LO_SGDLZ)
550 dev_err(dev, "s/g data length zero error\n");
551 if (v_lo & TALITOS_CCPSR_LO_FPZ)
552 dev_err(dev, "fetch pointer zero error\n");
553 if (v_lo & TALITOS_CCPSR_LO_IDH)
554 dev_err(dev, "illegal descriptor header error\n");
555 if (v_lo & TALITOS_CCPSR_LO_IEU)
556 dev_err(dev, "invalid execution unit error\n");
557 if (v_lo & TALITOS_CCPSR_LO_EU)
558 report_eu_error(dev, ch, current_desc(dev, ch));
559 if (v_lo & TALITOS_CCPSR_LO_GB)
560 dev_err(dev, "gather boundary error\n");
561 if (v_lo & TALITOS_CCPSR_LO_GRL)
562 dev_err(dev, "gather return/length error\n");
563 if (v_lo & TALITOS_CCPSR_LO_SB)
564 dev_err(dev, "scatter boundary error\n");
565 if (v_lo & TALITOS_CCPSR_LO_SRL)
566 dev_err(dev, "scatter return/length error\n");
567
568 flush_channel(dev, ch, error, reset_ch);
569
570 if (reset_ch) {
571 reset_channel(dev, ch);
572 } else {
573 setbits32(priv->reg + TALITOS_CCCR(ch),
574 TALITOS_CCCR_CONT);
575 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 0);
576 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) &
577 TALITOS_CCCR_CONT) && --timeout)
578 cpu_relax();
579 if (timeout == 0) {
580 dev_err(dev, "failed to restart channel %d\n",
581 ch);
582 reset_dev = 1;
583 }
584 }
585 }
586 if (reset_dev || isr & ~TALITOS_ISR_CHERR || isr_lo) {
587 dev_err(dev, "done overflow, internal time out, or rngu error: "
588 "ISR 0x%08x_%08x\n", isr, isr_lo);
589
590 /* purge request queues */
591 for (ch = 0; ch < priv->num_channels; ch++)
592 flush_channel(dev, ch, -EIO, 1);
593
594 /* reset and reinitialize the device */
595 init_device(dev);
596 }
597 }
598
talitos_interrupt(int irq,void * data)599 static irqreturn_t talitos_interrupt(int irq, void *data)
600 {
601 struct device *dev = data;
602 struct talitos_private *priv = dev_get_drvdata(dev);
603 u32 isr, isr_lo;
604
605 isr = in_be32(priv->reg + TALITOS_ISR);
606 isr_lo = in_be32(priv->reg + TALITOS_ISR_LO);
607 /* Acknowledge interrupt */
608 out_be32(priv->reg + TALITOS_ICR, isr);
609 out_be32(priv->reg + TALITOS_ICR_LO, isr_lo);
610
611 if (unlikely((isr & ~TALITOS_ISR_CHDONE) || isr_lo))
612 talitos_error((unsigned long)data, isr, isr_lo);
613 else
614 if (likely(isr & TALITOS_ISR_CHDONE)) {
615 /* mask further done interrupts. */
616 clrbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_DONE);
617 /* done_task will unmask done interrupts at exit */
618 tasklet_schedule(&priv->done_task);
619 }
620
621 return (isr || isr_lo) ? IRQ_HANDLED : IRQ_NONE;
622 }
623
624 /*
625 * hwrng
626 */
talitos_rng_data_present(struct hwrng * rng,int wait)627 static int talitos_rng_data_present(struct hwrng *rng, int wait)
628 {
629 struct device *dev = (struct device *)rng->priv;
630 struct talitos_private *priv = dev_get_drvdata(dev);
631 u32 ofl;
632 int i;
633
634 for (i = 0; i < 20; i++) {
635 ofl = in_be32(priv->reg + TALITOS_RNGUSR_LO) &
636 TALITOS_RNGUSR_LO_OFL;
637 if (ofl || !wait)
638 break;
639 udelay(10);
640 }
641
642 return !!ofl;
643 }
644
talitos_rng_data_read(struct hwrng * rng,u32 * data)645 static int talitos_rng_data_read(struct hwrng *rng, u32 *data)
646 {
647 struct device *dev = (struct device *)rng->priv;
648 struct talitos_private *priv = dev_get_drvdata(dev);
649
650 /* rng fifo requires 64-bit accesses */
651 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO);
652 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO_LO);
653
654 return sizeof(u32);
655 }
656
talitos_rng_init(struct hwrng * rng)657 static int talitos_rng_init(struct hwrng *rng)
658 {
659 struct device *dev = (struct device *)rng->priv;
660 struct talitos_private *priv = dev_get_drvdata(dev);
661 unsigned int timeout = TALITOS_TIMEOUT;
662
663 setbits32(priv->reg + TALITOS_RNGURCR_LO, TALITOS_RNGURCR_LO_SR);
664 while (!(in_be32(priv->reg + TALITOS_RNGUSR_LO) & TALITOS_RNGUSR_LO_RD)
665 && --timeout)
666 cpu_relax();
667 if (timeout == 0) {
668 dev_err(dev, "failed to reset rng hw\n");
669 return -ENODEV;
670 }
671
672 /* start generating */
673 setbits32(priv->reg + TALITOS_RNGUDSR_LO, 0);
674
675 return 0;
676 }
677
talitos_register_rng(struct device * dev)678 static int talitos_register_rng(struct device *dev)
679 {
680 struct talitos_private *priv = dev_get_drvdata(dev);
681
682 priv->rng.name = dev_driver_string(dev),
683 priv->rng.init = talitos_rng_init,
684 priv->rng.data_present = talitos_rng_data_present,
685 priv->rng.data_read = talitos_rng_data_read,
686 priv->rng.priv = (unsigned long)dev;
687
688 return hwrng_register(&priv->rng);
689 }
690
talitos_unregister_rng(struct device * dev)691 static void talitos_unregister_rng(struct device *dev)
692 {
693 struct talitos_private *priv = dev_get_drvdata(dev);
694
695 hwrng_unregister(&priv->rng);
696 }
697
698 /*
699 * crypto alg
700 */
701 #define TALITOS_CRA_PRIORITY 3000
702 #define TALITOS_MAX_KEY_SIZE 64
703 #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */
704
705 #define MD5_BLOCK_SIZE 64
706
707 struct talitos_ctx {
708 struct device *dev;
709 __be32 desc_hdr_template;
710 u8 key[TALITOS_MAX_KEY_SIZE];
711 u8 iv[TALITOS_MAX_IV_LENGTH];
712 unsigned int keylen;
713 unsigned int enckeylen;
714 unsigned int authkeylen;
715 unsigned int authsize;
716 };
717
718 #define HASH_MAX_BLOCK_SIZE SHA512_BLOCK_SIZE
719 #define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
720
721 struct talitos_ahash_req_ctx {
722 u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
723 unsigned int hw_context_size;
724 u8 buf[HASH_MAX_BLOCK_SIZE];
725 u8 bufnext[HASH_MAX_BLOCK_SIZE];
726 unsigned int swinit;
727 unsigned int first;
728 unsigned int last;
729 unsigned int to_hash_later;
730 u64 nbuf;
731 struct scatterlist bufsl[2];
732 struct scatterlist *psrc;
733 };
734
aead_setauthsize(struct crypto_aead * authenc,unsigned int authsize)735 static int aead_setauthsize(struct crypto_aead *authenc,
736 unsigned int authsize)
737 {
738 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
739
740 ctx->authsize = authsize;
741
742 return 0;
743 }
744
aead_setkey(struct crypto_aead * authenc,const u8 * key,unsigned int keylen)745 static int aead_setkey(struct crypto_aead *authenc,
746 const u8 *key, unsigned int keylen)
747 {
748 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
749 struct rtattr *rta = (void *)key;
750 struct crypto_authenc_key_param *param;
751 unsigned int authkeylen;
752 unsigned int enckeylen;
753
754 if (!RTA_OK(rta, keylen))
755 goto badkey;
756
757 if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
758 goto badkey;
759
760 if (RTA_PAYLOAD(rta) < sizeof(*param))
761 goto badkey;
762
763 param = RTA_DATA(rta);
764 enckeylen = be32_to_cpu(param->enckeylen);
765
766 key += RTA_ALIGN(rta->rta_len);
767 keylen -= RTA_ALIGN(rta->rta_len);
768
769 if (keylen < enckeylen)
770 goto badkey;
771
772 authkeylen = keylen - enckeylen;
773
774 if (keylen > TALITOS_MAX_KEY_SIZE)
775 goto badkey;
776
777 memcpy(&ctx->key, key, keylen);
778
779 ctx->keylen = keylen;
780 ctx->enckeylen = enckeylen;
781 ctx->authkeylen = authkeylen;
782
783 return 0;
784
785 badkey:
786 crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN);
787 return -EINVAL;
788 }
789
790 /*
791 * talitos_edesc - s/w-extended descriptor
792 * @src_nents: number of segments in input scatterlist
793 * @dst_nents: number of segments in output scatterlist
794 * @dma_len: length of dma mapped link_tbl space
795 * @dma_link_tbl: bus physical address of link_tbl
796 * @desc: h/w descriptor
797 * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1)
798 *
799 * if decrypting (with authcheck), or either one of src_nents or dst_nents
800 * is greater than 1, an integrity check value is concatenated to the end
801 * of link_tbl data
802 */
803 struct talitos_edesc {
804 int src_nents;
805 int dst_nents;
806 int src_is_chained;
807 int dst_is_chained;
808 int dma_len;
809 dma_addr_t dma_link_tbl;
810 struct talitos_desc desc;
811 struct talitos_ptr link_tbl[0];
812 };
813
talitos_map_sg(struct device * dev,struct scatterlist * sg,unsigned int nents,enum dma_data_direction dir,int chained)814 static int talitos_map_sg(struct device *dev, struct scatterlist *sg,
815 unsigned int nents, enum dma_data_direction dir,
816 int chained)
817 {
818 if (unlikely(chained))
819 while (sg) {
820 dma_map_sg(dev, sg, 1, dir);
821 sg = scatterwalk_sg_next(sg);
822 }
823 else
824 dma_map_sg(dev, sg, nents, dir);
825 return nents;
826 }
827
talitos_unmap_sg_chain(struct device * dev,struct scatterlist * sg,enum dma_data_direction dir)828 static void talitos_unmap_sg_chain(struct device *dev, struct scatterlist *sg,
829 enum dma_data_direction dir)
830 {
831 while (sg) {
832 dma_unmap_sg(dev, sg, 1, dir);
833 sg = scatterwalk_sg_next(sg);
834 }
835 }
836
talitos_sg_unmap(struct device * dev,struct talitos_edesc * edesc,struct scatterlist * src,struct scatterlist * dst)837 static void talitos_sg_unmap(struct device *dev,
838 struct talitos_edesc *edesc,
839 struct scatterlist *src,
840 struct scatterlist *dst)
841 {
842 unsigned int src_nents = edesc->src_nents ? : 1;
843 unsigned int dst_nents = edesc->dst_nents ? : 1;
844
845 if (src != dst) {
846 if (edesc->src_is_chained)
847 talitos_unmap_sg_chain(dev, src, DMA_TO_DEVICE);
848 else
849 dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE);
850
851 if (dst) {
852 if (edesc->dst_is_chained)
853 talitos_unmap_sg_chain(dev, dst,
854 DMA_FROM_DEVICE);
855 else
856 dma_unmap_sg(dev, dst, dst_nents,
857 DMA_FROM_DEVICE);
858 }
859 } else
860 if (edesc->src_is_chained)
861 talitos_unmap_sg_chain(dev, src, DMA_BIDIRECTIONAL);
862 else
863 dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL);
864 }
865
ipsec_esp_unmap(struct device * dev,struct talitos_edesc * edesc,struct aead_request * areq)866 static void ipsec_esp_unmap(struct device *dev,
867 struct talitos_edesc *edesc,
868 struct aead_request *areq)
869 {
870 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6], DMA_FROM_DEVICE);
871 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[3], DMA_TO_DEVICE);
872 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
873 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[0], DMA_TO_DEVICE);
874
875 dma_unmap_sg(dev, areq->assoc, 1, DMA_TO_DEVICE);
876
877 talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
878
879 if (edesc->dma_len)
880 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
881 DMA_BIDIRECTIONAL);
882 }
883
884 /*
885 * ipsec_esp descriptor callbacks
886 */
ipsec_esp_encrypt_done(struct device * dev,struct talitos_desc * desc,void * context,int err)887 static void ipsec_esp_encrypt_done(struct device *dev,
888 struct talitos_desc *desc, void *context,
889 int err)
890 {
891 struct aead_request *areq = context;
892 struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
893 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
894 struct talitos_edesc *edesc;
895 struct scatterlist *sg;
896 void *icvdata;
897
898 edesc = container_of(desc, struct talitos_edesc, desc);
899
900 ipsec_esp_unmap(dev, edesc, areq);
901
902 /* copy the generated ICV to dst */
903 if (edesc->dma_len) {
904 icvdata = &edesc->link_tbl[edesc->src_nents +
905 edesc->dst_nents + 2];
906 sg = sg_last(areq->dst, edesc->dst_nents);
907 memcpy((char *)sg_virt(sg) + sg->length - ctx->authsize,
908 icvdata, ctx->authsize);
909 }
910
911 kfree(edesc);
912
913 aead_request_complete(areq, err);
914 }
915
ipsec_esp_decrypt_swauth_done(struct device * dev,struct talitos_desc * desc,void * context,int err)916 static void ipsec_esp_decrypt_swauth_done(struct device *dev,
917 struct talitos_desc *desc,
918 void *context, int err)
919 {
920 struct aead_request *req = context;
921 struct crypto_aead *authenc = crypto_aead_reqtfm(req);
922 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
923 struct talitos_edesc *edesc;
924 struct scatterlist *sg;
925 void *icvdata;
926
927 edesc = container_of(desc, struct talitos_edesc, desc);
928
929 ipsec_esp_unmap(dev, edesc, req);
930
931 if (!err) {
932 /* auth check */
933 if (edesc->dma_len)
934 icvdata = &edesc->link_tbl[edesc->src_nents +
935 edesc->dst_nents + 2];
936 else
937 icvdata = &edesc->link_tbl[0];
938
939 sg = sg_last(req->dst, edesc->dst_nents ? : 1);
940 err = memcmp(icvdata, (char *)sg_virt(sg) + sg->length -
941 ctx->authsize, ctx->authsize) ? -EBADMSG : 0;
942 }
943
944 kfree(edesc);
945
946 aead_request_complete(req, err);
947 }
948
ipsec_esp_decrypt_hwauth_done(struct device * dev,struct talitos_desc * desc,void * context,int err)949 static void ipsec_esp_decrypt_hwauth_done(struct device *dev,
950 struct talitos_desc *desc,
951 void *context, int err)
952 {
953 struct aead_request *req = context;
954 struct talitos_edesc *edesc;
955
956 edesc = container_of(desc, struct talitos_edesc, desc);
957
958 ipsec_esp_unmap(dev, edesc, req);
959
960 /* check ICV auth status */
961 if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) !=
962 DESC_HDR_LO_ICCR1_PASS))
963 err = -EBADMSG;
964
965 kfree(edesc);
966
967 aead_request_complete(req, err);
968 }
969
970 /*
971 * convert scatterlist to SEC h/w link table format
972 * stop at cryptlen bytes
973 */
sg_to_link_tbl(struct scatterlist * sg,int sg_count,int cryptlen,struct talitos_ptr * link_tbl_ptr)974 static int sg_to_link_tbl(struct scatterlist *sg, int sg_count,
975 int cryptlen, struct talitos_ptr *link_tbl_ptr)
976 {
977 int n_sg = sg_count;
978
979 while (n_sg--) {
980 to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg));
981 link_tbl_ptr->len = cpu_to_be16(sg_dma_len(sg));
982 link_tbl_ptr->j_extent = 0;
983 link_tbl_ptr++;
984 cryptlen -= sg_dma_len(sg);
985 sg = scatterwalk_sg_next(sg);
986 }
987
988 /* adjust (decrease) last one (or two) entry's len to cryptlen */
989 link_tbl_ptr--;
990 while (be16_to_cpu(link_tbl_ptr->len) <= (-cryptlen)) {
991 /* Empty this entry, and move to previous one */
992 cryptlen += be16_to_cpu(link_tbl_ptr->len);
993 link_tbl_ptr->len = 0;
994 sg_count--;
995 link_tbl_ptr--;
996 }
997 link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len)
998 + cryptlen);
999
1000 /* tag end of link table */
1001 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
1002
1003 return sg_count;
1004 }
1005
1006 /*
1007 * fill in and submit ipsec_esp descriptor
1008 */
ipsec_esp(struct talitos_edesc * edesc,struct aead_request * areq,u8 * giv,u64 seq,void (* callback)(struct device * dev,struct talitos_desc * desc,void * context,int error))1009 static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq,
1010 u8 *giv, u64 seq,
1011 void (*callback) (struct device *dev,
1012 struct talitos_desc *desc,
1013 void *context, int error))
1014 {
1015 struct crypto_aead *aead = crypto_aead_reqtfm(areq);
1016 struct talitos_ctx *ctx = crypto_aead_ctx(aead);
1017 struct device *dev = ctx->dev;
1018 struct talitos_desc *desc = &edesc->desc;
1019 unsigned int cryptlen = areq->cryptlen;
1020 unsigned int authsize = ctx->authsize;
1021 unsigned int ivsize = crypto_aead_ivsize(aead);
1022 int sg_count, ret;
1023 int sg_link_tbl_len;
1024
1025 /* hmac key */
1026 map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key,
1027 0, DMA_TO_DEVICE);
1028 /* hmac data */
1029 map_single_talitos_ptr(dev, &desc->ptr[1], areq->assoclen + ivsize,
1030 sg_virt(areq->assoc), 0, DMA_TO_DEVICE);
1031 /* cipher iv */
1032 map_single_talitos_ptr(dev, &desc->ptr[2], ivsize, giv ?: areq->iv, 0,
1033 DMA_TO_DEVICE);
1034
1035 /* cipher key */
1036 map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen,
1037 (char *)&ctx->key + ctx->authkeylen, 0,
1038 DMA_TO_DEVICE);
1039
1040 /*
1041 * cipher in
1042 * map and adjust cipher len to aead request cryptlen.
1043 * extent is bytes of HMAC postpended to ciphertext,
1044 * typically 12 for ipsec
1045 */
1046 desc->ptr[4].len = cpu_to_be16(cryptlen);
1047 desc->ptr[4].j_extent = authsize;
1048
1049 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
1050 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL
1051 : DMA_TO_DEVICE,
1052 edesc->src_is_chained);
1053
1054 if (sg_count == 1) {
1055 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->src));
1056 } else {
1057 sg_link_tbl_len = cryptlen;
1058
1059 if (edesc->desc.hdr & DESC_HDR_MODE1_MDEU_CICV)
1060 sg_link_tbl_len = cryptlen + authsize;
1061
1062 sg_count = sg_to_link_tbl(areq->src, sg_count, sg_link_tbl_len,
1063 &edesc->link_tbl[0]);
1064 if (sg_count > 1) {
1065 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP;
1066 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl);
1067 dma_sync_single_for_device(dev, edesc->dma_link_tbl,
1068 edesc->dma_len,
1069 DMA_BIDIRECTIONAL);
1070 } else {
1071 /* Only one segment now, so no link tbl needed */
1072 to_talitos_ptr(&desc->ptr[4],
1073 sg_dma_address(areq->src));
1074 }
1075 }
1076
1077 /* cipher out */
1078 desc->ptr[5].len = cpu_to_be16(cryptlen);
1079 desc->ptr[5].j_extent = authsize;
1080
1081 if (areq->src != areq->dst)
1082 sg_count = talitos_map_sg(dev, areq->dst,
1083 edesc->dst_nents ? : 1,
1084 DMA_FROM_DEVICE,
1085 edesc->dst_is_chained);
1086
1087 if (sg_count == 1) {
1088 to_talitos_ptr(&desc->ptr[5], sg_dma_address(areq->dst));
1089 } else {
1090 struct talitos_ptr *link_tbl_ptr =
1091 &edesc->link_tbl[edesc->src_nents + 1];
1092
1093 to_talitos_ptr(&desc->ptr[5], edesc->dma_link_tbl +
1094 (edesc->src_nents + 1) *
1095 sizeof(struct talitos_ptr));
1096 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen,
1097 link_tbl_ptr);
1098
1099 /* Add an entry to the link table for ICV data */
1100 link_tbl_ptr += sg_count - 1;
1101 link_tbl_ptr->j_extent = 0;
1102 sg_count++;
1103 link_tbl_ptr++;
1104 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
1105 link_tbl_ptr->len = cpu_to_be16(authsize);
1106
1107 /* icv data follows link tables */
1108 to_talitos_ptr(link_tbl_ptr, edesc->dma_link_tbl +
1109 (edesc->src_nents + edesc->dst_nents + 2) *
1110 sizeof(struct talitos_ptr));
1111 desc->ptr[5].j_extent |= DESC_PTR_LNKTBL_JUMP;
1112 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl,
1113 edesc->dma_len, DMA_BIDIRECTIONAL);
1114 }
1115
1116 /* iv out */
1117 map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, 0,
1118 DMA_FROM_DEVICE);
1119
1120 ret = talitos_submit(dev, desc, callback, areq);
1121 if (ret != -EINPROGRESS) {
1122 ipsec_esp_unmap(dev, edesc, areq);
1123 kfree(edesc);
1124 }
1125 return ret;
1126 }
1127
1128 /*
1129 * derive number of elements in scatterlist
1130 */
sg_count(struct scatterlist * sg_list,int nbytes,int * chained)1131 static int sg_count(struct scatterlist *sg_list, int nbytes, int *chained)
1132 {
1133 struct scatterlist *sg = sg_list;
1134 int sg_nents = 0;
1135
1136 *chained = 0;
1137 while (nbytes > 0) {
1138 sg_nents++;
1139 nbytes -= sg->length;
1140 if (!sg_is_last(sg) && (sg + 1)->length == 0)
1141 *chained = 1;
1142 sg = scatterwalk_sg_next(sg);
1143 }
1144
1145 return sg_nents;
1146 }
1147
1148 /**
1149 * sg_copy_end_to_buffer - Copy end data from SG list to a linear buffer
1150 * @sgl: The SG list
1151 * @nents: Number of SG entries
1152 * @buf: Where to copy to
1153 * @buflen: The number of bytes to copy
1154 * @skip: The number of bytes to skip before copying.
1155 * Note: skip + buflen should equal SG total size.
1156 *
1157 * Returns the number of copied bytes.
1158 *
1159 **/
sg_copy_end_to_buffer(struct scatterlist * sgl,unsigned int nents,void * buf,size_t buflen,unsigned int skip)1160 static size_t sg_copy_end_to_buffer(struct scatterlist *sgl, unsigned int nents,
1161 void *buf, size_t buflen, unsigned int skip)
1162 {
1163 unsigned int offset = 0;
1164 unsigned int boffset = 0;
1165 struct sg_mapping_iter miter;
1166 unsigned long flags;
1167 unsigned int sg_flags = SG_MITER_ATOMIC;
1168 size_t total_buffer = buflen + skip;
1169
1170 sg_flags |= SG_MITER_FROM_SG;
1171
1172 sg_miter_start(&miter, sgl, nents, sg_flags);
1173
1174 local_irq_save(flags);
1175
1176 while (sg_miter_next(&miter) && offset < total_buffer) {
1177 unsigned int len;
1178 unsigned int ignore;
1179
1180 if ((offset + miter.length) > skip) {
1181 if (offset < skip) {
1182 /* Copy part of this segment */
1183 ignore = skip - offset;
1184 len = miter.length - ignore;
1185 if (boffset + len > buflen)
1186 len = buflen - boffset;
1187 memcpy(buf + boffset, miter.addr + ignore, len);
1188 } else {
1189 /* Copy all of this segment (up to buflen) */
1190 len = miter.length;
1191 if (boffset + len > buflen)
1192 len = buflen - boffset;
1193 memcpy(buf + boffset, miter.addr, len);
1194 }
1195 boffset += len;
1196 }
1197 offset += miter.length;
1198 }
1199
1200 sg_miter_stop(&miter);
1201
1202 local_irq_restore(flags);
1203 return boffset;
1204 }
1205
1206 /*
1207 * allocate and map the extended descriptor
1208 */
talitos_edesc_alloc(struct device * dev,struct scatterlist * src,struct scatterlist * dst,int hash_result,unsigned int cryptlen,unsigned int authsize,int icv_stashing,u32 cryptoflags)1209 static struct talitos_edesc *talitos_edesc_alloc(struct device *dev,
1210 struct scatterlist *src,
1211 struct scatterlist *dst,
1212 int hash_result,
1213 unsigned int cryptlen,
1214 unsigned int authsize,
1215 int icv_stashing,
1216 u32 cryptoflags)
1217 {
1218 struct talitos_edesc *edesc;
1219 int src_nents, dst_nents, alloc_len, dma_len;
1220 int src_chained, dst_chained = 0;
1221 gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL :
1222 GFP_ATOMIC;
1223
1224 if (cryptlen + authsize > TALITOS_MAX_DATA_LEN) {
1225 dev_err(dev, "length exceeds h/w max limit\n");
1226 return ERR_PTR(-EINVAL);
1227 }
1228
1229 src_nents = sg_count(src, cryptlen + authsize, &src_chained);
1230 src_nents = (src_nents == 1) ? 0 : src_nents;
1231
1232 if (hash_result) {
1233 dst_nents = 0;
1234 } else {
1235 if (dst == src) {
1236 dst_nents = src_nents;
1237 } else {
1238 dst_nents = sg_count(dst, cryptlen + authsize,
1239 &dst_chained);
1240 dst_nents = (dst_nents == 1) ? 0 : dst_nents;
1241 }
1242 }
1243
1244 /*
1245 * allocate space for base edesc plus the link tables,
1246 * allowing for two separate entries for ICV and generated ICV (+ 2),
1247 * and the ICV data itself
1248 */
1249 alloc_len = sizeof(struct talitos_edesc);
1250 if (src_nents || dst_nents) {
1251 dma_len = (src_nents + dst_nents + 2) *
1252 sizeof(struct talitos_ptr) + authsize;
1253 alloc_len += dma_len;
1254 } else {
1255 dma_len = 0;
1256 alloc_len += icv_stashing ? authsize : 0;
1257 }
1258
1259 edesc = kmalloc(alloc_len, GFP_DMA | flags);
1260 if (!edesc) {
1261 dev_err(dev, "could not allocate edescriptor\n");
1262 return ERR_PTR(-ENOMEM);
1263 }
1264
1265 edesc->src_nents = src_nents;
1266 edesc->dst_nents = dst_nents;
1267 edesc->src_is_chained = src_chained;
1268 edesc->dst_is_chained = dst_chained;
1269 edesc->dma_len = dma_len;
1270 if (dma_len)
1271 edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0],
1272 edesc->dma_len,
1273 DMA_BIDIRECTIONAL);
1274
1275 return edesc;
1276 }
1277
aead_edesc_alloc(struct aead_request * areq,int icv_stashing)1278 static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq,
1279 int icv_stashing)
1280 {
1281 struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
1282 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1283
1284 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 0,
1285 areq->cryptlen, ctx->authsize, icv_stashing,
1286 areq->base.flags);
1287 }
1288
aead_encrypt(struct aead_request * req)1289 static int aead_encrypt(struct aead_request *req)
1290 {
1291 struct crypto_aead *authenc = crypto_aead_reqtfm(req);
1292 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1293 struct talitos_edesc *edesc;
1294
1295 /* allocate extended descriptor */
1296 edesc = aead_edesc_alloc(req, 0);
1297 if (IS_ERR(edesc))
1298 return PTR_ERR(edesc);
1299
1300 /* set encrypt */
1301 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1302
1303 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_encrypt_done);
1304 }
1305
aead_decrypt(struct aead_request * req)1306 static int aead_decrypt(struct aead_request *req)
1307 {
1308 struct crypto_aead *authenc = crypto_aead_reqtfm(req);
1309 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1310 unsigned int authsize = ctx->authsize;
1311 struct talitos_private *priv = dev_get_drvdata(ctx->dev);
1312 struct talitos_edesc *edesc;
1313 struct scatterlist *sg;
1314 void *icvdata;
1315
1316 req->cryptlen -= authsize;
1317
1318 /* allocate extended descriptor */
1319 edesc = aead_edesc_alloc(req, 1);
1320 if (IS_ERR(edesc))
1321 return PTR_ERR(edesc);
1322
1323 if ((priv->features & TALITOS_FTR_HW_AUTH_CHECK) &&
1324 ((!edesc->src_nents && !edesc->dst_nents) ||
1325 priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) {
1326
1327 /* decrypt and check the ICV */
1328 edesc->desc.hdr = ctx->desc_hdr_template |
1329 DESC_HDR_DIR_INBOUND |
1330 DESC_HDR_MODE1_MDEU_CICV;
1331
1332 /* reset integrity check result bits */
1333 edesc->desc.hdr_lo = 0;
1334
1335 return ipsec_esp(edesc, req, NULL, 0,
1336 ipsec_esp_decrypt_hwauth_done);
1337
1338 }
1339
1340 /* Have to check the ICV with software */
1341 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
1342
1343 /* stash incoming ICV for later cmp with ICV generated by the h/w */
1344 if (edesc->dma_len)
1345 icvdata = &edesc->link_tbl[edesc->src_nents +
1346 edesc->dst_nents + 2];
1347 else
1348 icvdata = &edesc->link_tbl[0];
1349
1350 sg = sg_last(req->src, edesc->src_nents ? : 1);
1351
1352 memcpy(icvdata, (char *)sg_virt(sg) + sg->length - ctx->authsize,
1353 ctx->authsize);
1354
1355 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_decrypt_swauth_done);
1356 }
1357
aead_givencrypt(struct aead_givcrypt_request * req)1358 static int aead_givencrypt(struct aead_givcrypt_request *req)
1359 {
1360 struct aead_request *areq = &req->areq;
1361 struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
1362 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1363 struct talitos_edesc *edesc;
1364
1365 /* allocate extended descriptor */
1366 edesc = aead_edesc_alloc(areq, 0);
1367 if (IS_ERR(edesc))
1368 return PTR_ERR(edesc);
1369
1370 /* set encrypt */
1371 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1372
1373 memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc));
1374 /* avoid consecutive packets going out with same IV */
1375 *(__be64 *)req->giv ^= cpu_to_be64(req->seq);
1376
1377 return ipsec_esp(edesc, areq, req->giv, req->seq,
1378 ipsec_esp_encrypt_done);
1379 }
1380
ablkcipher_setkey(struct crypto_ablkcipher * cipher,const u8 * key,unsigned int keylen)1381 static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
1382 const u8 *key, unsigned int keylen)
1383 {
1384 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1385 struct ablkcipher_alg *alg = crypto_ablkcipher_alg(cipher);
1386
1387 if (keylen > TALITOS_MAX_KEY_SIZE)
1388 goto badkey;
1389
1390 if (keylen < alg->min_keysize || keylen > alg->max_keysize)
1391 goto badkey;
1392
1393 memcpy(&ctx->key, key, keylen);
1394 ctx->keylen = keylen;
1395
1396 return 0;
1397
1398 badkey:
1399 crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
1400 return -EINVAL;
1401 }
1402
common_nonsnoop_unmap(struct device * dev,struct talitos_edesc * edesc,struct ablkcipher_request * areq)1403 static void common_nonsnoop_unmap(struct device *dev,
1404 struct talitos_edesc *edesc,
1405 struct ablkcipher_request *areq)
1406 {
1407 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
1408 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
1409 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE);
1410
1411 talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
1412
1413 if (edesc->dma_len)
1414 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
1415 DMA_BIDIRECTIONAL);
1416 }
1417
ablkcipher_done(struct device * dev,struct talitos_desc * desc,void * context,int err)1418 static void ablkcipher_done(struct device *dev,
1419 struct talitos_desc *desc, void *context,
1420 int err)
1421 {
1422 struct ablkcipher_request *areq = context;
1423 struct talitos_edesc *edesc;
1424
1425 edesc = container_of(desc, struct talitos_edesc, desc);
1426
1427 common_nonsnoop_unmap(dev, edesc, areq);
1428
1429 kfree(edesc);
1430
1431 areq->base.complete(&areq->base, err);
1432 }
1433
common_nonsnoop(struct talitos_edesc * edesc,struct ablkcipher_request * areq,u8 * giv,void (* callback)(struct device * dev,struct talitos_desc * desc,void * context,int error))1434 static int common_nonsnoop(struct talitos_edesc *edesc,
1435 struct ablkcipher_request *areq,
1436 u8 *giv,
1437 void (*callback) (struct device *dev,
1438 struct talitos_desc *desc,
1439 void *context, int error))
1440 {
1441 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1442 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1443 struct device *dev = ctx->dev;
1444 struct talitos_desc *desc = &edesc->desc;
1445 unsigned int cryptlen = areq->nbytes;
1446 unsigned int ivsize;
1447 int sg_count, ret;
1448
1449 /* first DWORD empty */
1450 desc->ptr[0].len = 0;
1451 to_talitos_ptr(&desc->ptr[0], 0);
1452 desc->ptr[0].j_extent = 0;
1453
1454 /* cipher iv */
1455 ivsize = crypto_ablkcipher_ivsize(cipher);
1456 map_single_talitos_ptr(dev, &desc->ptr[1], ivsize, giv ?: areq->info, 0,
1457 DMA_TO_DEVICE);
1458
1459 /* cipher key */
1460 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
1461 (char *)&ctx->key, 0, DMA_TO_DEVICE);
1462
1463 /*
1464 * cipher in
1465 */
1466 desc->ptr[3].len = cpu_to_be16(cryptlen);
1467 desc->ptr[3].j_extent = 0;
1468
1469 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
1470 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL
1471 : DMA_TO_DEVICE,
1472 edesc->src_is_chained);
1473
1474 if (sg_count == 1) {
1475 to_talitos_ptr(&desc->ptr[3], sg_dma_address(areq->src));
1476 } else {
1477 sg_count = sg_to_link_tbl(areq->src, sg_count, cryptlen,
1478 &edesc->link_tbl[0]);
1479 if (sg_count > 1) {
1480 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl);
1481 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP;
1482 dma_sync_single_for_device(dev, edesc->dma_link_tbl,
1483 edesc->dma_len,
1484 DMA_BIDIRECTIONAL);
1485 } else {
1486 /* Only one segment now, so no link tbl needed */
1487 to_talitos_ptr(&desc->ptr[3],
1488 sg_dma_address(areq->src));
1489 }
1490 }
1491
1492 /* cipher out */
1493 desc->ptr[4].len = cpu_to_be16(cryptlen);
1494 desc->ptr[4].j_extent = 0;
1495
1496 if (areq->src != areq->dst)
1497 sg_count = talitos_map_sg(dev, areq->dst,
1498 edesc->dst_nents ? : 1,
1499 DMA_FROM_DEVICE,
1500 edesc->dst_is_chained);
1501
1502 if (sg_count == 1) {
1503 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->dst));
1504 } else {
1505 struct talitos_ptr *link_tbl_ptr =
1506 &edesc->link_tbl[edesc->src_nents + 1];
1507
1508 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl +
1509 (edesc->src_nents + 1) *
1510 sizeof(struct talitos_ptr));
1511 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP;
1512 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen,
1513 link_tbl_ptr);
1514 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl,
1515 edesc->dma_len, DMA_BIDIRECTIONAL);
1516 }
1517
1518 /* iv out */
1519 map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv, 0,
1520 DMA_FROM_DEVICE);
1521
1522 /* last DWORD empty */
1523 desc->ptr[6].len = 0;
1524 to_talitos_ptr(&desc->ptr[6], 0);
1525 desc->ptr[6].j_extent = 0;
1526
1527 ret = talitos_submit(dev, desc, callback, areq);
1528 if (ret != -EINPROGRESS) {
1529 common_nonsnoop_unmap(dev, edesc, areq);
1530 kfree(edesc);
1531 }
1532 return ret;
1533 }
1534
ablkcipher_edesc_alloc(struct ablkcipher_request * areq)1535 static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request *
1536 areq)
1537 {
1538 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1539 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1540
1541 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 0,
1542 areq->nbytes, 0, 0, areq->base.flags);
1543 }
1544
ablkcipher_encrypt(struct ablkcipher_request * areq)1545 static int ablkcipher_encrypt(struct ablkcipher_request *areq)
1546 {
1547 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1548 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1549 struct talitos_edesc *edesc;
1550
1551 /* allocate extended descriptor */
1552 edesc = ablkcipher_edesc_alloc(areq);
1553 if (IS_ERR(edesc))
1554 return PTR_ERR(edesc);
1555
1556 /* set encrypt */
1557 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1558
1559 return common_nonsnoop(edesc, areq, NULL, ablkcipher_done);
1560 }
1561
ablkcipher_decrypt(struct ablkcipher_request * areq)1562 static int ablkcipher_decrypt(struct ablkcipher_request *areq)
1563 {
1564 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1565 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1566 struct talitos_edesc *edesc;
1567
1568 /* allocate extended descriptor */
1569 edesc = ablkcipher_edesc_alloc(areq);
1570 if (IS_ERR(edesc))
1571 return PTR_ERR(edesc);
1572
1573 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
1574
1575 return common_nonsnoop(edesc, areq, NULL, ablkcipher_done);
1576 }
1577
common_nonsnoop_hash_unmap(struct device * dev,struct talitos_edesc * edesc,struct ahash_request * areq)1578 static void common_nonsnoop_hash_unmap(struct device *dev,
1579 struct talitos_edesc *edesc,
1580 struct ahash_request *areq)
1581 {
1582 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1583
1584 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
1585
1586 /* When using hashctx-in, must unmap it. */
1587 if (edesc->desc.ptr[1].len)
1588 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1],
1589 DMA_TO_DEVICE);
1590
1591 if (edesc->desc.ptr[2].len)
1592 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2],
1593 DMA_TO_DEVICE);
1594
1595 talitos_sg_unmap(dev, edesc, req_ctx->psrc, NULL);
1596
1597 if (edesc->dma_len)
1598 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
1599 DMA_BIDIRECTIONAL);
1600
1601 }
1602
ahash_done(struct device * dev,struct talitos_desc * desc,void * context,int err)1603 static void ahash_done(struct device *dev,
1604 struct talitos_desc *desc, void *context,
1605 int err)
1606 {
1607 struct ahash_request *areq = context;
1608 struct talitos_edesc *edesc =
1609 container_of(desc, struct talitos_edesc, desc);
1610 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1611
1612 if (!req_ctx->last && req_ctx->to_hash_later) {
1613 /* Position any partial block for next update/final/finup */
1614 memcpy(req_ctx->buf, req_ctx->bufnext, req_ctx->to_hash_later);
1615 req_ctx->nbuf = req_ctx->to_hash_later;
1616 }
1617 common_nonsnoop_hash_unmap(dev, edesc, areq);
1618
1619 kfree(edesc);
1620
1621 areq->base.complete(&areq->base, err);
1622 }
1623
common_nonsnoop_hash(struct talitos_edesc * edesc,struct ahash_request * areq,unsigned int length,void (* callback)(struct device * dev,struct talitos_desc * desc,void * context,int error))1624 static int common_nonsnoop_hash(struct talitos_edesc *edesc,
1625 struct ahash_request *areq, unsigned int length,
1626 void (*callback) (struct device *dev,
1627 struct talitos_desc *desc,
1628 void *context, int error))
1629 {
1630 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1631 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1632 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1633 struct device *dev = ctx->dev;
1634 struct talitos_desc *desc = &edesc->desc;
1635 int sg_count, ret;
1636
1637 /* first DWORD empty */
1638 desc->ptr[0] = zero_entry;
1639
1640 /* hash context in */
1641 if (!req_ctx->first || req_ctx->swinit) {
1642 map_single_talitos_ptr(dev, &desc->ptr[1],
1643 req_ctx->hw_context_size,
1644 (char *)req_ctx->hw_context, 0,
1645 DMA_TO_DEVICE);
1646 req_ctx->swinit = 0;
1647 } else {
1648 desc->ptr[1] = zero_entry;
1649 /* Indicate next op is not the first. */
1650 req_ctx->first = 0;
1651 }
1652
1653 /* HMAC key */
1654 if (ctx->keylen)
1655 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
1656 (char *)&ctx->key, 0, DMA_TO_DEVICE);
1657 else
1658 desc->ptr[2] = zero_entry;
1659
1660 /*
1661 * data in
1662 */
1663 desc->ptr[3].len = cpu_to_be16(length);
1664 desc->ptr[3].j_extent = 0;
1665
1666 sg_count = talitos_map_sg(dev, req_ctx->psrc,
1667 edesc->src_nents ? : 1,
1668 DMA_TO_DEVICE,
1669 edesc->src_is_chained);
1670
1671 if (sg_count == 1) {
1672 to_talitos_ptr(&desc->ptr[3], sg_dma_address(req_ctx->psrc));
1673 } else {
1674 sg_count = sg_to_link_tbl(req_ctx->psrc, sg_count, length,
1675 &edesc->link_tbl[0]);
1676 if (sg_count > 1) {
1677 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP;
1678 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl);
1679 dma_sync_single_for_device(ctx->dev,
1680 edesc->dma_link_tbl,
1681 edesc->dma_len,
1682 DMA_BIDIRECTIONAL);
1683 } else {
1684 /* Only one segment now, so no link tbl needed */
1685 to_talitos_ptr(&desc->ptr[3],
1686 sg_dma_address(req_ctx->psrc));
1687 }
1688 }
1689
1690 /* fifth DWORD empty */
1691 desc->ptr[4] = zero_entry;
1692
1693 /* hash/HMAC out -or- hash context out */
1694 if (req_ctx->last)
1695 map_single_talitos_ptr(dev, &desc->ptr[5],
1696 crypto_ahash_digestsize(tfm),
1697 areq->result, 0, DMA_FROM_DEVICE);
1698 else
1699 map_single_talitos_ptr(dev, &desc->ptr[5],
1700 req_ctx->hw_context_size,
1701 req_ctx->hw_context, 0, DMA_FROM_DEVICE);
1702
1703 /* last DWORD empty */
1704 desc->ptr[6] = zero_entry;
1705
1706 ret = talitos_submit(dev, desc, callback, areq);
1707 if (ret != -EINPROGRESS) {
1708 common_nonsnoop_hash_unmap(dev, edesc, areq);
1709 kfree(edesc);
1710 }
1711 return ret;
1712 }
1713
ahash_edesc_alloc(struct ahash_request * areq,unsigned int nbytes)1714 static struct talitos_edesc *ahash_edesc_alloc(struct ahash_request *areq,
1715 unsigned int nbytes)
1716 {
1717 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1718 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1719 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1720
1721 return talitos_edesc_alloc(ctx->dev, req_ctx->psrc, NULL, 1,
1722 nbytes, 0, 0, areq->base.flags);
1723 }
1724
ahash_init(struct ahash_request * areq)1725 static int ahash_init(struct ahash_request *areq)
1726 {
1727 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1728 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1729
1730 /* Initialize the context */
1731 req_ctx->nbuf = 0;
1732 req_ctx->first = 1; /* first indicates h/w must init its context */
1733 req_ctx->swinit = 0; /* assume h/w init of context */
1734 req_ctx->hw_context_size =
1735 (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE)
1736 ? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256
1737 : TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512;
1738
1739 return 0;
1740 }
1741
1742 /*
1743 * on h/w without explicit sha224 support, we initialize h/w context
1744 * manually with sha224 constants, and tell it to run sha256.
1745 */
ahash_init_sha224_swinit(struct ahash_request * areq)1746 static int ahash_init_sha224_swinit(struct ahash_request *areq)
1747 {
1748 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1749
1750 ahash_init(areq);
1751 req_ctx->swinit = 1;/* prevent h/w initting context with sha256 values*/
1752
1753 req_ctx->hw_context[0] = SHA224_H0;
1754 req_ctx->hw_context[1] = SHA224_H1;
1755 req_ctx->hw_context[2] = SHA224_H2;
1756 req_ctx->hw_context[3] = SHA224_H3;
1757 req_ctx->hw_context[4] = SHA224_H4;
1758 req_ctx->hw_context[5] = SHA224_H5;
1759 req_ctx->hw_context[6] = SHA224_H6;
1760 req_ctx->hw_context[7] = SHA224_H7;
1761
1762 /* init 64-bit count */
1763 req_ctx->hw_context[8] = 0;
1764 req_ctx->hw_context[9] = 0;
1765
1766 return 0;
1767 }
1768
ahash_process_req(struct ahash_request * areq,unsigned int nbytes)1769 static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
1770 {
1771 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1772 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1773 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1774 struct talitos_edesc *edesc;
1775 unsigned int blocksize =
1776 crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
1777 unsigned int nbytes_to_hash;
1778 unsigned int to_hash_later;
1779 unsigned int nsg;
1780 int chained;
1781
1782 if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) {
1783 /* Buffer up to one whole block */
1784 sg_copy_to_buffer(areq->src,
1785 sg_count(areq->src, nbytes, &chained),
1786 req_ctx->buf + req_ctx->nbuf, nbytes);
1787 req_ctx->nbuf += nbytes;
1788 return 0;
1789 }
1790
1791 /* At least (blocksize + 1) bytes are available to hash */
1792 nbytes_to_hash = nbytes + req_ctx->nbuf;
1793 to_hash_later = nbytes_to_hash & (blocksize - 1);
1794
1795 if (req_ctx->last)
1796 to_hash_later = 0;
1797 else if (to_hash_later)
1798 /* There is a partial block. Hash the full block(s) now */
1799 nbytes_to_hash -= to_hash_later;
1800 else {
1801 /* Keep one block buffered */
1802 nbytes_to_hash -= blocksize;
1803 to_hash_later = blocksize;
1804 }
1805
1806 /* Chain in any previously buffered data */
1807 if (req_ctx->nbuf) {
1808 nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
1809 sg_init_table(req_ctx->bufsl, nsg);
1810 sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
1811 if (nsg > 1)
1812 scatterwalk_sg_chain(req_ctx->bufsl, 2, areq->src);
1813 req_ctx->psrc = req_ctx->bufsl;
1814 } else
1815 req_ctx->psrc = areq->src;
1816
1817 if (to_hash_later) {
1818 int nents = sg_count(areq->src, nbytes, &chained);
1819 sg_copy_end_to_buffer(areq->src, nents,
1820 req_ctx->bufnext,
1821 to_hash_later,
1822 nbytes - to_hash_later);
1823 }
1824 req_ctx->to_hash_later = to_hash_later;
1825
1826 /* Allocate extended descriptor */
1827 edesc = ahash_edesc_alloc(areq, nbytes_to_hash);
1828 if (IS_ERR(edesc))
1829 return PTR_ERR(edesc);
1830
1831 edesc->desc.hdr = ctx->desc_hdr_template;
1832
1833 /* On last one, request SEC to pad; otherwise continue */
1834 if (req_ctx->last)
1835 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_PAD;
1836 else
1837 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_CONT;
1838
1839 /* request SEC to INIT hash. */
1840 if (req_ctx->first && !req_ctx->swinit)
1841 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_INIT;
1842
1843 /* When the tfm context has a keylen, it's an HMAC.
1844 * A first or last (ie. not middle) descriptor must request HMAC.
1845 */
1846 if (ctx->keylen && (req_ctx->first || req_ctx->last))
1847 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_HMAC;
1848
1849 return common_nonsnoop_hash(edesc, areq, nbytes_to_hash,
1850 ahash_done);
1851 }
1852
ahash_update(struct ahash_request * areq)1853 static int ahash_update(struct ahash_request *areq)
1854 {
1855 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1856
1857 req_ctx->last = 0;
1858
1859 return ahash_process_req(areq, areq->nbytes);
1860 }
1861
ahash_final(struct ahash_request * areq)1862 static int ahash_final(struct ahash_request *areq)
1863 {
1864 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1865
1866 req_ctx->last = 1;
1867
1868 return ahash_process_req(areq, 0);
1869 }
1870
ahash_finup(struct ahash_request * areq)1871 static int ahash_finup(struct ahash_request *areq)
1872 {
1873 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1874
1875 req_ctx->last = 1;
1876
1877 return ahash_process_req(areq, areq->nbytes);
1878 }
1879
ahash_digest(struct ahash_request * areq)1880 static int ahash_digest(struct ahash_request *areq)
1881 {
1882 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1883 struct crypto_ahash *ahash = crypto_ahash_reqtfm(areq);
1884
1885 ahash->init(areq);
1886 req_ctx->last = 1;
1887
1888 return ahash_process_req(areq, areq->nbytes);
1889 }
1890
1891 struct talitos_alg_template {
1892 u32 type;
1893 union {
1894 struct crypto_alg crypto;
1895 struct ahash_alg hash;
1896 } alg;
1897 __be32 desc_hdr_template;
1898 };
1899
1900 static struct talitos_alg_template driver_algs[] = {
1901 /* AEAD algorithms. These use a single-pass ipsec_esp descriptor */
1902 { .type = CRYPTO_ALG_TYPE_AEAD,
1903 .alg.crypto = {
1904 .cra_name = "authenc(hmac(sha1),cbc(aes))",
1905 .cra_driver_name = "authenc-hmac-sha1-cbc-aes-talitos",
1906 .cra_blocksize = AES_BLOCK_SIZE,
1907 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1908 .cra_type = &crypto_aead_type,
1909 .cra_aead = {
1910 .setkey = aead_setkey,
1911 .setauthsize = aead_setauthsize,
1912 .encrypt = aead_encrypt,
1913 .decrypt = aead_decrypt,
1914 .givencrypt = aead_givencrypt,
1915 .geniv = "<built-in>",
1916 .ivsize = AES_BLOCK_SIZE,
1917 .maxauthsize = SHA1_DIGEST_SIZE,
1918 }
1919 },
1920 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
1921 DESC_HDR_SEL0_AESU |
1922 DESC_HDR_MODE0_AESU_CBC |
1923 DESC_HDR_SEL1_MDEUA |
1924 DESC_HDR_MODE1_MDEU_INIT |
1925 DESC_HDR_MODE1_MDEU_PAD |
1926 DESC_HDR_MODE1_MDEU_SHA1_HMAC,
1927 },
1928 { .type = CRYPTO_ALG_TYPE_AEAD,
1929 .alg.crypto = {
1930 .cra_name = "authenc(hmac(sha1),cbc(des3_ede))",
1931 .cra_driver_name = "authenc-hmac-sha1-cbc-3des-talitos",
1932 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1933 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1934 .cra_type = &crypto_aead_type,
1935 .cra_aead = {
1936 .setkey = aead_setkey,
1937 .setauthsize = aead_setauthsize,
1938 .encrypt = aead_encrypt,
1939 .decrypt = aead_decrypt,
1940 .givencrypt = aead_givencrypt,
1941 .geniv = "<built-in>",
1942 .ivsize = DES3_EDE_BLOCK_SIZE,
1943 .maxauthsize = SHA1_DIGEST_SIZE,
1944 }
1945 },
1946 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
1947 DESC_HDR_SEL0_DEU |
1948 DESC_HDR_MODE0_DEU_CBC |
1949 DESC_HDR_MODE0_DEU_3DES |
1950 DESC_HDR_SEL1_MDEUA |
1951 DESC_HDR_MODE1_MDEU_INIT |
1952 DESC_HDR_MODE1_MDEU_PAD |
1953 DESC_HDR_MODE1_MDEU_SHA1_HMAC,
1954 },
1955 { .type = CRYPTO_ALG_TYPE_AEAD,
1956 .alg.crypto = {
1957 .cra_name = "authenc(hmac(sha256),cbc(aes))",
1958 .cra_driver_name = "authenc-hmac-sha256-cbc-aes-talitos",
1959 .cra_blocksize = AES_BLOCK_SIZE,
1960 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1961 .cra_type = &crypto_aead_type,
1962 .cra_aead = {
1963 .setkey = aead_setkey,
1964 .setauthsize = aead_setauthsize,
1965 .encrypt = aead_encrypt,
1966 .decrypt = aead_decrypt,
1967 .givencrypt = aead_givencrypt,
1968 .geniv = "<built-in>",
1969 .ivsize = AES_BLOCK_SIZE,
1970 .maxauthsize = SHA256_DIGEST_SIZE,
1971 }
1972 },
1973 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
1974 DESC_HDR_SEL0_AESU |
1975 DESC_HDR_MODE0_AESU_CBC |
1976 DESC_HDR_SEL1_MDEUA |
1977 DESC_HDR_MODE1_MDEU_INIT |
1978 DESC_HDR_MODE1_MDEU_PAD |
1979 DESC_HDR_MODE1_MDEU_SHA256_HMAC,
1980 },
1981 { .type = CRYPTO_ALG_TYPE_AEAD,
1982 .alg.crypto = {
1983 .cra_name = "authenc(hmac(sha256),cbc(des3_ede))",
1984 .cra_driver_name = "authenc-hmac-sha256-cbc-3des-talitos",
1985 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1986 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1987 .cra_type = &crypto_aead_type,
1988 .cra_aead = {
1989 .setkey = aead_setkey,
1990 .setauthsize = aead_setauthsize,
1991 .encrypt = aead_encrypt,
1992 .decrypt = aead_decrypt,
1993 .givencrypt = aead_givencrypt,
1994 .geniv = "<built-in>",
1995 .ivsize = DES3_EDE_BLOCK_SIZE,
1996 .maxauthsize = SHA256_DIGEST_SIZE,
1997 }
1998 },
1999 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2000 DESC_HDR_SEL0_DEU |
2001 DESC_HDR_MODE0_DEU_CBC |
2002 DESC_HDR_MODE0_DEU_3DES |
2003 DESC_HDR_SEL1_MDEUA |
2004 DESC_HDR_MODE1_MDEU_INIT |
2005 DESC_HDR_MODE1_MDEU_PAD |
2006 DESC_HDR_MODE1_MDEU_SHA256_HMAC,
2007 },
2008 { .type = CRYPTO_ALG_TYPE_AEAD,
2009 .alg.crypto = {
2010 .cra_name = "authenc(hmac(md5),cbc(aes))",
2011 .cra_driver_name = "authenc-hmac-md5-cbc-aes-talitos",
2012 .cra_blocksize = AES_BLOCK_SIZE,
2013 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2014 .cra_type = &crypto_aead_type,
2015 .cra_aead = {
2016 .setkey = aead_setkey,
2017 .setauthsize = aead_setauthsize,
2018 .encrypt = aead_encrypt,
2019 .decrypt = aead_decrypt,
2020 .givencrypt = aead_givencrypt,
2021 .geniv = "<built-in>",
2022 .ivsize = AES_BLOCK_SIZE,
2023 .maxauthsize = MD5_DIGEST_SIZE,
2024 }
2025 },
2026 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2027 DESC_HDR_SEL0_AESU |
2028 DESC_HDR_MODE0_AESU_CBC |
2029 DESC_HDR_SEL1_MDEUA |
2030 DESC_HDR_MODE1_MDEU_INIT |
2031 DESC_HDR_MODE1_MDEU_PAD |
2032 DESC_HDR_MODE1_MDEU_MD5_HMAC,
2033 },
2034 { .type = CRYPTO_ALG_TYPE_AEAD,
2035 .alg.crypto = {
2036 .cra_name = "authenc(hmac(md5),cbc(des3_ede))",
2037 .cra_driver_name = "authenc-hmac-md5-cbc-3des-talitos",
2038 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2039 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2040 .cra_type = &crypto_aead_type,
2041 .cra_aead = {
2042 .setkey = aead_setkey,
2043 .setauthsize = aead_setauthsize,
2044 .encrypt = aead_encrypt,
2045 .decrypt = aead_decrypt,
2046 .givencrypt = aead_givencrypt,
2047 .geniv = "<built-in>",
2048 .ivsize = DES3_EDE_BLOCK_SIZE,
2049 .maxauthsize = MD5_DIGEST_SIZE,
2050 }
2051 },
2052 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2053 DESC_HDR_SEL0_DEU |
2054 DESC_HDR_MODE0_DEU_CBC |
2055 DESC_HDR_MODE0_DEU_3DES |
2056 DESC_HDR_SEL1_MDEUA |
2057 DESC_HDR_MODE1_MDEU_INIT |
2058 DESC_HDR_MODE1_MDEU_PAD |
2059 DESC_HDR_MODE1_MDEU_MD5_HMAC,
2060 },
2061 /* ABLKCIPHER algorithms. */
2062 { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
2063 .alg.crypto = {
2064 .cra_name = "cbc(aes)",
2065 .cra_driver_name = "cbc-aes-talitos",
2066 .cra_blocksize = AES_BLOCK_SIZE,
2067 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
2068 CRYPTO_ALG_ASYNC,
2069 .cra_type = &crypto_ablkcipher_type,
2070 .cra_ablkcipher = {
2071 .setkey = ablkcipher_setkey,
2072 .encrypt = ablkcipher_encrypt,
2073 .decrypt = ablkcipher_decrypt,
2074 .geniv = "eseqiv",
2075 .min_keysize = AES_MIN_KEY_SIZE,
2076 .max_keysize = AES_MAX_KEY_SIZE,
2077 .ivsize = AES_BLOCK_SIZE,
2078 }
2079 },
2080 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2081 DESC_HDR_SEL0_AESU |
2082 DESC_HDR_MODE0_AESU_CBC,
2083 },
2084 { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
2085 .alg.crypto = {
2086 .cra_name = "cbc(des3_ede)",
2087 .cra_driver_name = "cbc-3des-talitos",
2088 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2089 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
2090 CRYPTO_ALG_ASYNC,
2091 .cra_type = &crypto_ablkcipher_type,
2092 .cra_ablkcipher = {
2093 .setkey = ablkcipher_setkey,
2094 .encrypt = ablkcipher_encrypt,
2095 .decrypt = ablkcipher_decrypt,
2096 .geniv = "eseqiv",
2097 .min_keysize = DES3_EDE_KEY_SIZE,
2098 .max_keysize = DES3_EDE_KEY_SIZE,
2099 .ivsize = DES3_EDE_BLOCK_SIZE,
2100 }
2101 },
2102 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2103 DESC_HDR_SEL0_DEU |
2104 DESC_HDR_MODE0_DEU_CBC |
2105 DESC_HDR_MODE0_DEU_3DES,
2106 },
2107 /* AHASH algorithms. */
2108 { .type = CRYPTO_ALG_TYPE_AHASH,
2109 .alg.hash = {
2110 .init = ahash_init,
2111 .update = ahash_update,
2112 .final = ahash_final,
2113 .finup = ahash_finup,
2114 .digest = ahash_digest,
2115 .halg.digestsize = MD5_DIGEST_SIZE,
2116 .halg.base = {
2117 .cra_name = "md5",
2118 .cra_driver_name = "md5-talitos",
2119 .cra_blocksize = MD5_BLOCK_SIZE,
2120 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2121 CRYPTO_ALG_ASYNC,
2122 .cra_type = &crypto_ahash_type
2123 }
2124 },
2125 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2126 DESC_HDR_SEL0_MDEUA |
2127 DESC_HDR_MODE0_MDEU_MD5,
2128 },
2129 { .type = CRYPTO_ALG_TYPE_AHASH,
2130 .alg.hash = {
2131 .init = ahash_init,
2132 .update = ahash_update,
2133 .final = ahash_final,
2134 .finup = ahash_finup,
2135 .digest = ahash_digest,
2136 .halg.digestsize = SHA1_DIGEST_SIZE,
2137 .halg.base = {
2138 .cra_name = "sha1",
2139 .cra_driver_name = "sha1-talitos",
2140 .cra_blocksize = SHA1_BLOCK_SIZE,
2141 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2142 CRYPTO_ALG_ASYNC,
2143 .cra_type = &crypto_ahash_type
2144 }
2145 },
2146 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2147 DESC_HDR_SEL0_MDEUA |
2148 DESC_HDR_MODE0_MDEU_SHA1,
2149 },
2150 { .type = CRYPTO_ALG_TYPE_AHASH,
2151 .alg.hash = {
2152 .init = ahash_init,
2153 .update = ahash_update,
2154 .final = ahash_final,
2155 .finup = ahash_finup,
2156 .digest = ahash_digest,
2157 .halg.digestsize = SHA224_DIGEST_SIZE,
2158 .halg.base = {
2159 .cra_name = "sha224",
2160 .cra_driver_name = "sha224-talitos",
2161 .cra_blocksize = SHA224_BLOCK_SIZE,
2162 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2163 CRYPTO_ALG_ASYNC,
2164 .cra_type = &crypto_ahash_type
2165 }
2166 },
2167 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2168 DESC_HDR_SEL0_MDEUA |
2169 DESC_HDR_MODE0_MDEU_SHA224,
2170 },
2171 { .type = CRYPTO_ALG_TYPE_AHASH,
2172 .alg.hash = {
2173 .init = ahash_init,
2174 .update = ahash_update,
2175 .final = ahash_final,
2176 .finup = ahash_finup,
2177 .digest = ahash_digest,
2178 .halg.digestsize = SHA256_DIGEST_SIZE,
2179 .halg.base = {
2180 .cra_name = "sha256",
2181 .cra_driver_name = "sha256-talitos",
2182 .cra_blocksize = SHA256_BLOCK_SIZE,
2183 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2184 CRYPTO_ALG_ASYNC,
2185 .cra_type = &crypto_ahash_type
2186 }
2187 },
2188 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2189 DESC_HDR_SEL0_MDEUA |
2190 DESC_HDR_MODE0_MDEU_SHA256,
2191 },
2192 { .type = CRYPTO_ALG_TYPE_AHASH,
2193 .alg.hash = {
2194 .init = ahash_init,
2195 .update = ahash_update,
2196 .final = ahash_final,
2197 .finup = ahash_finup,
2198 .digest = ahash_digest,
2199 .halg.digestsize = SHA384_DIGEST_SIZE,
2200 .halg.base = {
2201 .cra_name = "sha384",
2202 .cra_driver_name = "sha384-talitos",
2203 .cra_blocksize = SHA384_BLOCK_SIZE,
2204 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2205 CRYPTO_ALG_ASYNC,
2206 .cra_type = &crypto_ahash_type
2207 }
2208 },
2209 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2210 DESC_HDR_SEL0_MDEUB |
2211 DESC_HDR_MODE0_MDEUB_SHA384,
2212 },
2213 { .type = CRYPTO_ALG_TYPE_AHASH,
2214 .alg.hash = {
2215 .init = ahash_init,
2216 .update = ahash_update,
2217 .final = ahash_final,
2218 .finup = ahash_finup,
2219 .digest = ahash_digest,
2220 .halg.digestsize = SHA512_DIGEST_SIZE,
2221 .halg.base = {
2222 .cra_name = "sha512",
2223 .cra_driver_name = "sha512-talitos",
2224 .cra_blocksize = SHA512_BLOCK_SIZE,
2225 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2226 CRYPTO_ALG_ASYNC,
2227 .cra_type = &crypto_ahash_type
2228 }
2229 },
2230 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2231 DESC_HDR_SEL0_MDEUB |
2232 DESC_HDR_MODE0_MDEUB_SHA512,
2233 },
2234 };
2235
2236 struct talitos_crypto_alg {
2237 struct list_head entry;
2238 struct device *dev;
2239 struct talitos_alg_template algt;
2240 };
2241
talitos_cra_init(struct crypto_tfm * tfm)2242 static int talitos_cra_init(struct crypto_tfm *tfm)
2243 {
2244 struct crypto_alg *alg = tfm->__crt_alg;
2245 struct talitos_crypto_alg *talitos_alg;
2246 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
2247
2248 if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_AHASH)
2249 talitos_alg = container_of(__crypto_ahash_alg(alg),
2250 struct talitos_crypto_alg,
2251 algt.alg.hash);
2252 else
2253 talitos_alg = container_of(alg, struct talitos_crypto_alg,
2254 algt.alg.crypto);
2255
2256 /* update context with ptr to dev */
2257 ctx->dev = talitos_alg->dev;
2258
2259 /* copy descriptor header template value */
2260 ctx->desc_hdr_template = talitos_alg->algt.desc_hdr_template;
2261
2262 return 0;
2263 }
2264
talitos_cra_init_aead(struct crypto_tfm * tfm)2265 static int talitos_cra_init_aead(struct crypto_tfm *tfm)
2266 {
2267 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
2268
2269 talitos_cra_init(tfm);
2270
2271 /* random first IV */
2272 get_random_bytes(ctx->iv, TALITOS_MAX_IV_LENGTH);
2273
2274 return 0;
2275 }
2276
talitos_cra_init_ahash(struct crypto_tfm * tfm)2277 static int talitos_cra_init_ahash(struct crypto_tfm *tfm)
2278 {
2279 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
2280
2281 talitos_cra_init(tfm);
2282
2283 ctx->keylen = 0;
2284 crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
2285 sizeof(struct talitos_ahash_req_ctx));
2286
2287 return 0;
2288 }
2289
2290 /*
2291 * given the alg's descriptor header template, determine whether descriptor
2292 * type and primary/secondary execution units required match the hw
2293 * capabilities description provided in the device tree node.
2294 */
hw_supports(struct device * dev,__be32 desc_hdr_template)2295 static int hw_supports(struct device *dev, __be32 desc_hdr_template)
2296 {
2297 struct talitos_private *priv = dev_get_drvdata(dev);
2298 int ret;
2299
2300 ret = (1 << DESC_TYPE(desc_hdr_template) & priv->desc_types) &&
2301 (1 << PRIMARY_EU(desc_hdr_template) & priv->exec_units);
2302
2303 if (SECONDARY_EU(desc_hdr_template))
2304 ret = ret && (1 << SECONDARY_EU(desc_hdr_template)
2305 & priv->exec_units);
2306
2307 return ret;
2308 }
2309
talitos_remove(struct platform_device * ofdev)2310 static int talitos_remove(struct platform_device *ofdev)
2311 {
2312 struct device *dev = &ofdev->dev;
2313 struct talitos_private *priv = dev_get_drvdata(dev);
2314 struct talitos_crypto_alg *t_alg, *n;
2315 int i;
2316
2317 list_for_each_entry_safe(t_alg, n, &priv->alg_list, entry) {
2318 switch (t_alg->algt.type) {
2319 case CRYPTO_ALG_TYPE_ABLKCIPHER:
2320 case CRYPTO_ALG_TYPE_AEAD:
2321 crypto_unregister_alg(&t_alg->algt.alg.crypto);
2322 break;
2323 case CRYPTO_ALG_TYPE_AHASH:
2324 crypto_unregister_ahash(&t_alg->algt.alg.hash);
2325 break;
2326 }
2327 list_del(&t_alg->entry);
2328 kfree(t_alg);
2329 }
2330
2331 if (hw_supports(dev, DESC_HDR_SEL0_RNG))
2332 talitos_unregister_rng(dev);
2333
2334 for (i = 0; i < priv->num_channels; i++)
2335 kfree(priv->chan[i].fifo);
2336
2337 kfree(priv->chan);
2338
2339 if (priv->irq != NO_IRQ) {
2340 free_irq(priv->irq, dev);
2341 irq_dispose_mapping(priv->irq);
2342 }
2343
2344 tasklet_kill(&priv->done_task);
2345
2346 iounmap(priv->reg);
2347
2348 dev_set_drvdata(dev, NULL);
2349
2350 kfree(priv);
2351
2352 return 0;
2353 }
2354
talitos_alg_alloc(struct device * dev,struct talitos_alg_template * template)2355 static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev,
2356 struct talitos_alg_template
2357 *template)
2358 {
2359 struct talitos_private *priv = dev_get_drvdata(dev);
2360 struct talitos_crypto_alg *t_alg;
2361 struct crypto_alg *alg;
2362
2363 t_alg = kzalloc(sizeof(struct talitos_crypto_alg), GFP_KERNEL);
2364 if (!t_alg)
2365 return ERR_PTR(-ENOMEM);
2366
2367 t_alg->algt = *template;
2368
2369 switch (t_alg->algt.type) {
2370 case CRYPTO_ALG_TYPE_ABLKCIPHER:
2371 alg = &t_alg->algt.alg.crypto;
2372 alg->cra_init = talitos_cra_init;
2373 break;
2374 case CRYPTO_ALG_TYPE_AEAD:
2375 alg = &t_alg->algt.alg.crypto;
2376 alg->cra_init = talitos_cra_init_aead;
2377 break;
2378 case CRYPTO_ALG_TYPE_AHASH:
2379 alg = &t_alg->algt.alg.hash.halg.base;
2380 alg->cra_init = talitos_cra_init_ahash;
2381 if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) &&
2382 !strcmp(alg->cra_name, "sha224")) {
2383 t_alg->algt.alg.hash.init = ahash_init_sha224_swinit;
2384 t_alg->algt.desc_hdr_template =
2385 DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2386 DESC_HDR_SEL0_MDEUA |
2387 DESC_HDR_MODE0_MDEU_SHA256;
2388 }
2389 break;
2390 default:
2391 dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type);
2392 return ERR_PTR(-EINVAL);
2393 }
2394
2395 alg->cra_module = THIS_MODULE;
2396 alg->cra_priority = TALITOS_CRA_PRIORITY;
2397 alg->cra_alignmask = 0;
2398 alg->cra_ctxsize = sizeof(struct talitos_ctx);
2399
2400 t_alg->dev = dev;
2401
2402 return t_alg;
2403 }
2404
talitos_probe(struct platform_device * ofdev)2405 static int talitos_probe(struct platform_device *ofdev)
2406 {
2407 struct device *dev = &ofdev->dev;
2408 struct device_node *np = ofdev->dev.of_node;
2409 struct talitos_private *priv;
2410 const unsigned int *prop;
2411 int i, err;
2412
2413 priv = kzalloc(sizeof(struct talitos_private), GFP_KERNEL);
2414 if (!priv)
2415 return -ENOMEM;
2416
2417 dev_set_drvdata(dev, priv);
2418
2419 priv->ofdev = ofdev;
2420
2421 tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev);
2422
2423 INIT_LIST_HEAD(&priv->alg_list);
2424
2425 priv->irq = irq_of_parse_and_map(np, 0);
2426
2427 if (priv->irq == NO_IRQ) {
2428 dev_err(dev, "failed to map irq\n");
2429 err = -EINVAL;
2430 goto err_out;
2431 }
2432
2433 /* get the irq line */
2434 err = request_irq(priv->irq, talitos_interrupt, 0,
2435 dev_driver_string(dev), dev);
2436 if (err) {
2437 dev_err(dev, "failed to request irq %d\n", priv->irq);
2438 irq_dispose_mapping(priv->irq);
2439 priv->irq = NO_IRQ;
2440 goto err_out;
2441 }
2442
2443 priv->reg = of_iomap(np, 0);
2444 if (!priv->reg) {
2445 dev_err(dev, "failed to of_iomap\n");
2446 err = -ENOMEM;
2447 goto err_out;
2448 }
2449
2450 /* get SEC version capabilities from device tree */
2451 prop = of_get_property(np, "fsl,num-channels", NULL);
2452 if (prop)
2453 priv->num_channels = *prop;
2454
2455 prop = of_get_property(np, "fsl,channel-fifo-len", NULL);
2456 if (prop)
2457 priv->chfifo_len = *prop;
2458
2459 prop = of_get_property(np, "fsl,exec-units-mask", NULL);
2460 if (prop)
2461 priv->exec_units = *prop;
2462
2463 prop = of_get_property(np, "fsl,descriptor-types-mask", NULL);
2464 if (prop)
2465 priv->desc_types = *prop;
2466
2467 if (!is_power_of_2(priv->num_channels) || !priv->chfifo_len ||
2468 !priv->exec_units || !priv->desc_types) {
2469 dev_err(dev, "invalid property data in device tree node\n");
2470 err = -EINVAL;
2471 goto err_out;
2472 }
2473
2474 if (of_device_is_compatible(np, "fsl,sec3.0"))
2475 priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT;
2476
2477 if (of_device_is_compatible(np, "fsl,sec2.1"))
2478 priv->features |= TALITOS_FTR_HW_AUTH_CHECK |
2479 TALITOS_FTR_SHA224_HWINIT;
2480
2481 priv->chan = kzalloc(sizeof(struct talitos_channel) *
2482 priv->num_channels, GFP_KERNEL);
2483 if (!priv->chan) {
2484 dev_err(dev, "failed to allocate channel management space\n");
2485 err = -ENOMEM;
2486 goto err_out;
2487 }
2488
2489 for (i = 0; i < priv->num_channels; i++) {
2490 spin_lock_init(&priv->chan[i].head_lock);
2491 spin_lock_init(&priv->chan[i].tail_lock);
2492 }
2493
2494 priv->fifo_len = roundup_pow_of_two(priv->chfifo_len);
2495
2496 for (i = 0; i < priv->num_channels; i++) {
2497 priv->chan[i].fifo = kzalloc(sizeof(struct talitos_request) *
2498 priv->fifo_len, GFP_KERNEL);
2499 if (!priv->chan[i].fifo) {
2500 dev_err(dev, "failed to allocate request fifo %d\n", i);
2501 err = -ENOMEM;
2502 goto err_out;
2503 }
2504 }
2505
2506 for (i = 0; i < priv->num_channels; i++)
2507 atomic_set(&priv->chan[i].submit_count,
2508 -(priv->chfifo_len - 1));
2509
2510 dma_set_mask(dev, DMA_BIT_MASK(36));
2511
2512 /* reset and initialize the h/w */
2513 err = init_device(dev);
2514 if (err) {
2515 dev_err(dev, "failed to initialize device\n");
2516 goto err_out;
2517 }
2518
2519 /* register the RNG, if available */
2520 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) {
2521 err = talitos_register_rng(dev);
2522 if (err) {
2523 dev_err(dev, "failed to register hwrng: %d\n", err);
2524 goto err_out;
2525 } else
2526 dev_info(dev, "hwrng\n");
2527 }
2528
2529 /* register crypto algorithms the device supports */
2530 for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {
2531 if (hw_supports(dev, driver_algs[i].desc_hdr_template)) {
2532 struct talitos_crypto_alg *t_alg;
2533 char *name = NULL;
2534
2535 t_alg = talitos_alg_alloc(dev, &driver_algs[i]);
2536 if (IS_ERR(t_alg)) {
2537 err = PTR_ERR(t_alg);
2538 goto err_out;
2539 }
2540
2541 switch (t_alg->algt.type) {
2542 case CRYPTO_ALG_TYPE_ABLKCIPHER:
2543 case CRYPTO_ALG_TYPE_AEAD:
2544 err = crypto_register_alg(
2545 &t_alg->algt.alg.crypto);
2546 name = t_alg->algt.alg.crypto.cra_driver_name;
2547 break;
2548 case CRYPTO_ALG_TYPE_AHASH:
2549 err = crypto_register_ahash(
2550 &t_alg->algt.alg.hash);
2551 name =
2552 t_alg->algt.alg.hash.halg.base.cra_driver_name;
2553 break;
2554 }
2555 if (err) {
2556 dev_err(dev, "%s alg registration failed\n",
2557 name);
2558 kfree(t_alg);
2559 } else {
2560 list_add_tail(&t_alg->entry, &priv->alg_list);
2561 dev_info(dev, "%s\n", name);
2562 }
2563 }
2564 }
2565
2566 return 0;
2567
2568 err_out:
2569 talitos_remove(ofdev);
2570
2571 return err;
2572 }
2573
2574 static const struct of_device_id talitos_match[] = {
2575 {
2576 .compatible = "fsl,sec2.0",
2577 },
2578 {},
2579 };
2580 MODULE_DEVICE_TABLE(of, talitos_match);
2581
2582 static struct platform_driver talitos_driver = {
2583 .driver = {
2584 .name = "talitos",
2585 .owner = THIS_MODULE,
2586 .of_match_table = talitos_match,
2587 },
2588 .probe = talitos_probe,
2589 .remove = talitos_remove,
2590 };
2591
talitos_init(void)2592 static int __init talitos_init(void)
2593 {
2594 return platform_driver_register(&talitos_driver);
2595 }
2596 module_init(talitos_init);
2597
talitos_exit(void)2598 static void __exit talitos_exit(void)
2599 {
2600 platform_driver_unregister(&talitos_driver);
2601 }
2602 module_exit(talitos_exit);
2603
2604 MODULE_LICENSE("GPL");
2605 MODULE_AUTHOR("Kim Phillips <kim.phillips@freescale.com>");
2606 MODULE_DESCRIPTION("Freescale integrated security engine (SEC) driver");
2607