talitos.c 98 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459
  1. /*
  2. * talitos - Freescale Integrated Security Engine (SEC) device driver
  3. *
  4. * Copyright (c) 2008-2011 Freescale Semiconductor, Inc.
  5. *
  6. * Scatterlist Crypto API glue code copied from files with the following:
  7. * Copyright (c) 2006-2007 Herbert Xu <[email protected]>
  8. *
  9. * Crypto algorithm registration code copied from hifn driver:
  10. * 2007+ Copyright (c) Evgeniy Polyakov <[email protected]>
  11. * All rights reserved.
  12. *
  13. * This program is free software; you can redistribute it and/or modify
  14. * it under the terms of the GNU General Public License as published by
  15. * the Free Software Foundation; either version 2 of the License, or
  16. * (at your option) any later version.
  17. *
  18. * This program is distributed in the hope that it will be useful,
  19. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  20. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  21. * GNU General Public License for more details.
  22. *
  23. * You should have received a copy of the GNU General Public License
  24. * along with this program; if not, write to the Free Software
  25. * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  26. */
  27. #include <linux/kernel.h>
  28. #include <linux/module.h>
  29. #include <linux/mod_devicetable.h>
  30. #include <linux/device.h>
  31. #include <linux/interrupt.h>
  32. #include <linux/crypto.h>
  33. #include <linux/hw_random.h>
  34. #include <linux/of_address.h>
  35. #include <linux/of_irq.h>
  36. #include <linux/of_platform.h>
  37. #include <linux/dma-mapping.h>
  38. #include <linux/io.h>
  39. #include <linux/spinlock.h>
  40. #include <linux/rtnetlink.h>
  41. #include <linux/slab.h>
  42. #include <crypto/algapi.h>
  43. #include <crypto/aes.h>
  44. #include <crypto/des.h>
  45. #include <crypto/sha.h>
  46. #include <crypto/md5.h>
  47. #include <crypto/internal/aead.h>
  48. #include <crypto/authenc.h>
  49. #include <crypto/skcipher.h>
  50. #include <crypto/hash.h>
  51. #include <crypto/internal/hash.h>
  52. #include <crypto/scatterwalk.h>
  53. #include "talitos.h"
  54. static void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr,
  55. bool is_sec1)
  56. {
  57. ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
  58. if (!is_sec1)
  59. ptr->eptr = upper_32_bits(dma_addr);
  60. }
  61. static void copy_talitos_ptr(struct talitos_ptr *dst_ptr,
  62. struct talitos_ptr *src_ptr, bool is_sec1)
  63. {
  64. dst_ptr->ptr = src_ptr->ptr;
  65. if (!is_sec1)
  66. dst_ptr->eptr = src_ptr->eptr;
  67. }
  68. static void to_talitos_ptr_len(struct talitos_ptr *ptr, unsigned int len,
  69. bool is_sec1)
  70. {
  71. if (is_sec1) {
  72. ptr->res = 0;
  73. ptr->len1 = cpu_to_be16(len);
  74. } else {
  75. ptr->len = cpu_to_be16(len);
  76. }
  77. }
  78. static unsigned short from_talitos_ptr_len(struct talitos_ptr *ptr,
  79. bool is_sec1)
  80. {
  81. if (is_sec1)
  82. return be16_to_cpu(ptr->len1);
  83. else
  84. return be16_to_cpu(ptr->len);
  85. }
  86. static void to_talitos_ptr_ext_set(struct talitos_ptr *ptr, u8 val,
  87. bool is_sec1)
  88. {
  89. if (!is_sec1)
  90. ptr->j_extent = val;
  91. }
  92. static void to_talitos_ptr_ext_or(struct talitos_ptr *ptr, u8 val, bool is_sec1)
  93. {
  94. if (!is_sec1)
  95. ptr->j_extent |= val;
  96. }
  97. /*
  98. * map virtual single (contiguous) pointer to h/w descriptor pointer
  99. */
  100. static void map_single_talitos_ptr(struct device *dev,
  101. struct talitos_ptr *ptr,
  102. unsigned int len, void *data,
  103. enum dma_data_direction dir)
  104. {
  105. dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
  106. struct talitos_private *priv = dev_get_drvdata(dev);
  107. bool is_sec1 = has_ftr_sec1(priv);
  108. to_talitos_ptr_len(ptr, len, is_sec1);
  109. to_talitos_ptr(ptr, dma_addr, is_sec1);
  110. to_talitos_ptr_ext_set(ptr, 0, is_sec1);
  111. }
  112. /*
  113. * unmap bus single (contiguous) h/w descriptor pointer
  114. */
  115. static void unmap_single_talitos_ptr(struct device *dev,
  116. struct talitos_ptr *ptr,
  117. enum dma_data_direction dir)
  118. {
  119. struct talitos_private *priv = dev_get_drvdata(dev);
  120. bool is_sec1 = has_ftr_sec1(priv);
  121. dma_unmap_single(dev, be32_to_cpu(ptr->ptr),
  122. from_talitos_ptr_len(ptr, is_sec1), dir);
  123. }
  124. static int reset_channel(struct device *dev, int ch)
  125. {
  126. struct talitos_private *priv = dev_get_drvdata(dev);
  127. unsigned int timeout = TALITOS_TIMEOUT;
  128. bool is_sec1 = has_ftr_sec1(priv);
  129. if (is_sec1) {
  130. setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO,
  131. TALITOS1_CCCR_LO_RESET);
  132. while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR_LO) &
  133. TALITOS1_CCCR_LO_RESET) && --timeout)
  134. cpu_relax();
  135. } else {
  136. setbits32(priv->chan[ch].reg + TALITOS_CCCR,
  137. TALITOS2_CCCR_RESET);
  138. while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) &
  139. TALITOS2_CCCR_RESET) && --timeout)
  140. cpu_relax();
  141. }
  142. if (timeout == 0) {
  143. dev_err(dev, "failed to reset channel %d\n", ch);
  144. return -EIO;
  145. }
  146. /* set 36-bit addressing, done writeback enable and done IRQ enable */
  147. setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO, TALITOS_CCCR_LO_EAE |
  148. TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE);
  149. /* and ICCR writeback, if available */
  150. if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
  151. setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO,
  152. TALITOS_CCCR_LO_IWSE);
  153. return 0;
  154. }
  155. static int reset_device(struct device *dev)
  156. {
  157. struct talitos_private *priv = dev_get_drvdata(dev);
  158. unsigned int timeout = TALITOS_TIMEOUT;
  159. bool is_sec1 = has_ftr_sec1(priv);
  160. u32 mcr = is_sec1 ? TALITOS1_MCR_SWR : TALITOS2_MCR_SWR;
  161. setbits32(priv->reg + TALITOS_MCR, mcr);
  162. while ((in_be32(priv->reg + TALITOS_MCR) & mcr)
  163. && --timeout)
  164. cpu_relax();
  165. if (priv->irq[1]) {
  166. mcr = TALITOS_MCR_RCA1 | TALITOS_MCR_RCA3;
  167. setbits32(priv->reg + TALITOS_MCR, mcr);
  168. }
  169. if (timeout == 0) {
  170. dev_err(dev, "failed to reset device\n");
  171. return -EIO;
  172. }
  173. return 0;
  174. }
  175. /*
  176. * Reset and initialize the device
  177. */
  178. static int init_device(struct device *dev)
  179. {
  180. struct talitos_private *priv = dev_get_drvdata(dev);
  181. int ch, err;
  182. bool is_sec1 = has_ftr_sec1(priv);
  183. /*
  184. * Master reset
  185. * errata documentation: warning: certain SEC interrupts
  186. * are not fully cleared by writing the MCR:SWR bit,
  187. * set bit twice to completely reset
  188. */
  189. err = reset_device(dev);
  190. if (err)
  191. return err;
  192. err = reset_device(dev);
  193. if (err)
  194. return err;
  195. /* reset channels */
  196. for (ch = 0; ch < priv->num_channels; ch++) {
  197. err = reset_channel(dev, ch);
  198. if (err)
  199. return err;
  200. }
  201. /* enable channel done and error interrupts */
  202. if (is_sec1) {
  203. clrbits32(priv->reg + TALITOS_IMR, TALITOS1_IMR_INIT);
  204. clrbits32(priv->reg + TALITOS_IMR_LO, TALITOS1_IMR_LO_INIT);
  205. /* disable parity error check in DEU (erroneous? test vect.) */
  206. setbits32(priv->reg_deu + TALITOS_EUICR, TALITOS1_DEUICR_KPE);
  207. } else {
  208. setbits32(priv->reg + TALITOS_IMR, TALITOS2_IMR_INIT);
  209. setbits32(priv->reg + TALITOS_IMR_LO, TALITOS2_IMR_LO_INIT);
  210. }
  211. /* disable integrity check error interrupts (use writeback instead) */
  212. if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
  213. setbits32(priv->reg_mdeu + TALITOS_EUICR_LO,
  214. TALITOS_MDEUICR_LO_ICE);
  215. return 0;
  216. }
  217. /**
  218. * talitos_submit - submits a descriptor to the device for processing
  219. * @dev: the SEC device to be used
  220. * @ch: the SEC device channel to be used
  221. * @desc: the descriptor to be processed by the device
  222. * @callback: whom to call when processing is complete
  223. * @context: a handle for use by caller (optional)
  224. *
  225. * desc must contain valid dma-mapped (bus physical) address pointers.
  226. * callback must check err and feedback in descriptor header
  227. * for device processing status.
  228. */
  229. int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc,
  230. void (*callback)(struct device *dev,
  231. struct talitos_desc *desc,
  232. void *context, int error),
  233. void *context)
  234. {
  235. struct talitos_private *priv = dev_get_drvdata(dev);
  236. struct talitos_request *request;
  237. unsigned long flags;
  238. int head;
  239. bool is_sec1 = has_ftr_sec1(priv);
  240. spin_lock_irqsave(&priv->chan[ch].head_lock, flags);
  241. if (!atomic_inc_not_zero(&priv->chan[ch].submit_count)) {
  242. /* h/w fifo is full */
  243. spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
  244. return -EAGAIN;
  245. }
  246. head = priv->chan[ch].head;
  247. request = &priv->chan[ch].fifo[head];
  248. /* map descriptor and save caller data */
  249. if (is_sec1) {
  250. desc->hdr1 = desc->hdr;
  251. desc->next_desc = 0;
  252. request->dma_desc = dma_map_single(dev, &desc->hdr1,
  253. TALITOS_DESC_SIZE,
  254. DMA_BIDIRECTIONAL);
  255. } else {
  256. request->dma_desc = dma_map_single(dev, desc,
  257. TALITOS_DESC_SIZE,
  258. DMA_BIDIRECTIONAL);
  259. }
  260. request->callback = callback;
  261. request->context = context;
  262. /* increment fifo head */
  263. priv->chan[ch].head = (priv->chan[ch].head + 1) & (priv->fifo_len - 1);
  264. smp_wmb();
  265. request->desc = desc;
  266. /* GO! */
  267. wmb();
  268. out_be32(priv->chan[ch].reg + TALITOS_FF,
  269. upper_32_bits(request->dma_desc));
  270. out_be32(priv->chan[ch].reg + TALITOS_FF_LO,
  271. lower_32_bits(request->dma_desc));
  272. spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
  273. return -EINPROGRESS;
  274. }
  275. EXPORT_SYMBOL(talitos_submit);
  276. /*
  277. * process what was done, notify callback of error if not
  278. */
  279. static void flush_channel(struct device *dev, int ch, int error, int reset_ch)
  280. {
  281. struct talitos_private *priv = dev_get_drvdata(dev);
  282. struct talitos_request *request, saved_req;
  283. unsigned long flags;
  284. int tail, status;
  285. bool is_sec1 = has_ftr_sec1(priv);
  286. spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
  287. tail = priv->chan[ch].tail;
  288. while (priv->chan[ch].fifo[tail].desc) {
  289. __be32 hdr;
  290. request = &priv->chan[ch].fifo[tail];
  291. /* descriptors with their done bits set don't get the error */
  292. rmb();
  293. hdr = is_sec1 ? request->desc->hdr1 : request->desc->hdr;
  294. if ((hdr & DESC_HDR_DONE) == DESC_HDR_DONE)
  295. status = 0;
  296. else
  297. if (!error)
  298. break;
  299. else
  300. status = error;
  301. dma_unmap_single(dev, request->dma_desc,
  302. TALITOS_DESC_SIZE,
  303. DMA_BIDIRECTIONAL);
  304. /* copy entries so we can call callback outside lock */
  305. saved_req.desc = request->desc;
  306. saved_req.callback = request->callback;
  307. saved_req.context = request->context;
  308. /* release request entry in fifo */
  309. smp_wmb();
  310. request->desc = NULL;
  311. /* increment fifo tail */
  312. priv->chan[ch].tail = (tail + 1) & (priv->fifo_len - 1);
  313. spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
  314. atomic_dec(&priv->chan[ch].submit_count);
  315. saved_req.callback(dev, saved_req.desc, saved_req.context,
  316. status);
  317. /* channel may resume processing in single desc error case */
  318. if (error && !reset_ch && status == error)
  319. return;
  320. spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
  321. tail = priv->chan[ch].tail;
  322. }
  323. spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
  324. }
  325. /*
  326. * process completed requests for channels that have done status
  327. */
  328. #define DEF_TALITOS1_DONE(name, ch_done_mask) \
  329. static void talitos1_done_##name(unsigned long data) \
  330. { \
  331. struct device *dev = (struct device *)data; \
  332. struct talitos_private *priv = dev_get_drvdata(dev); \
  333. unsigned long flags; \
  334. \
  335. if (ch_done_mask & 0x10000000) \
  336. flush_channel(dev, 0, 0, 0); \
  337. if (priv->num_channels == 1) \
  338. goto out; \
  339. if (ch_done_mask & 0x40000000) \
  340. flush_channel(dev, 1, 0, 0); \
  341. if (ch_done_mask & 0x00010000) \
  342. flush_channel(dev, 2, 0, 0); \
  343. if (ch_done_mask & 0x00040000) \
  344. flush_channel(dev, 3, 0, 0); \
  345. \
  346. out: \
  347. /* At this point, all completed channels have been processed */ \
  348. /* Unmask done interrupts for channels completed later on. */ \
  349. spin_lock_irqsave(&priv->reg_lock, flags); \
  350. clrbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
  351. clrbits32(priv->reg + TALITOS_IMR_LO, TALITOS1_IMR_LO_INIT); \
  352. spin_unlock_irqrestore(&priv->reg_lock, flags); \
  353. }
  354. DEF_TALITOS1_DONE(4ch, TALITOS1_ISR_4CHDONE)
  355. #define DEF_TALITOS2_DONE(name, ch_done_mask) \
  356. static void talitos2_done_##name(unsigned long data) \
  357. { \
  358. struct device *dev = (struct device *)data; \
  359. struct talitos_private *priv = dev_get_drvdata(dev); \
  360. unsigned long flags; \
  361. \
  362. if (ch_done_mask & 1) \
  363. flush_channel(dev, 0, 0, 0); \
  364. if (priv->num_channels == 1) \
  365. goto out; \
  366. if (ch_done_mask & (1 << 2)) \
  367. flush_channel(dev, 1, 0, 0); \
  368. if (ch_done_mask & (1 << 4)) \
  369. flush_channel(dev, 2, 0, 0); \
  370. if (ch_done_mask & (1 << 6)) \
  371. flush_channel(dev, 3, 0, 0); \
  372. \
  373. out: \
  374. /* At this point, all completed channels have been processed */ \
  375. /* Unmask done interrupts for channels completed later on. */ \
  376. spin_lock_irqsave(&priv->reg_lock, flags); \
  377. setbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
  378. setbits32(priv->reg + TALITOS_IMR_LO, TALITOS2_IMR_LO_INIT); \
  379. spin_unlock_irqrestore(&priv->reg_lock, flags); \
  380. }
  381. DEF_TALITOS2_DONE(4ch, TALITOS2_ISR_4CHDONE)
  382. DEF_TALITOS2_DONE(ch0_2, TALITOS2_ISR_CH_0_2_DONE)
  383. DEF_TALITOS2_DONE(ch1_3, TALITOS2_ISR_CH_1_3_DONE)
  384. /*
  385. * locate current (offending) descriptor
  386. */
  387. static u32 current_desc_hdr(struct device *dev, int ch)
  388. {
  389. struct talitos_private *priv = dev_get_drvdata(dev);
  390. int tail, iter;
  391. dma_addr_t cur_desc;
  392. cur_desc = ((u64)in_be32(priv->chan[ch].reg + TALITOS_CDPR)) << 32;
  393. cur_desc |= in_be32(priv->chan[ch].reg + TALITOS_CDPR_LO);
  394. if (!cur_desc) {
  395. dev_err(dev, "CDPR is NULL, giving up search for offending descriptor\n");
  396. return 0;
  397. }
  398. tail = priv->chan[ch].tail;
  399. iter = tail;
  400. while (priv->chan[ch].fifo[iter].dma_desc != cur_desc) {
  401. iter = (iter + 1) & (priv->fifo_len - 1);
  402. if (iter == tail) {
  403. dev_err(dev, "couldn't locate current descriptor\n");
  404. return 0;
  405. }
  406. }
  407. return priv->chan[ch].fifo[iter].desc->hdr;
  408. }
  409. /*
  410. * user diagnostics; report root cause of error based on execution unit status
  411. */
  412. static void report_eu_error(struct device *dev, int ch, u32 desc_hdr)
  413. {
  414. struct talitos_private *priv = dev_get_drvdata(dev);
  415. int i;
  416. if (!desc_hdr)
  417. desc_hdr = in_be32(priv->chan[ch].reg + TALITOS_DESCBUF);
  418. switch (desc_hdr & DESC_HDR_SEL0_MASK) {
  419. case DESC_HDR_SEL0_AFEU:
  420. dev_err(dev, "AFEUISR 0x%08x_%08x\n",
  421. in_be32(priv->reg_afeu + TALITOS_EUISR),
  422. in_be32(priv->reg_afeu + TALITOS_EUISR_LO));
  423. break;
  424. case DESC_HDR_SEL0_DEU:
  425. dev_err(dev, "DEUISR 0x%08x_%08x\n",
  426. in_be32(priv->reg_deu + TALITOS_EUISR),
  427. in_be32(priv->reg_deu + TALITOS_EUISR_LO));
  428. break;
  429. case DESC_HDR_SEL0_MDEUA:
  430. case DESC_HDR_SEL0_MDEUB:
  431. dev_err(dev, "MDEUISR 0x%08x_%08x\n",
  432. in_be32(priv->reg_mdeu + TALITOS_EUISR),
  433. in_be32(priv->reg_mdeu + TALITOS_EUISR_LO));
  434. break;
  435. case DESC_HDR_SEL0_RNG:
  436. dev_err(dev, "RNGUISR 0x%08x_%08x\n",
  437. in_be32(priv->reg_rngu + TALITOS_ISR),
  438. in_be32(priv->reg_rngu + TALITOS_ISR_LO));
  439. break;
  440. case DESC_HDR_SEL0_PKEU:
  441. dev_err(dev, "PKEUISR 0x%08x_%08x\n",
  442. in_be32(priv->reg_pkeu + TALITOS_EUISR),
  443. in_be32(priv->reg_pkeu + TALITOS_EUISR_LO));
  444. break;
  445. case DESC_HDR_SEL0_AESU:
  446. dev_err(dev, "AESUISR 0x%08x_%08x\n",
  447. in_be32(priv->reg_aesu + TALITOS_EUISR),
  448. in_be32(priv->reg_aesu + TALITOS_EUISR_LO));
  449. break;
  450. case DESC_HDR_SEL0_CRCU:
  451. dev_err(dev, "CRCUISR 0x%08x_%08x\n",
  452. in_be32(priv->reg_crcu + TALITOS_EUISR),
  453. in_be32(priv->reg_crcu + TALITOS_EUISR_LO));
  454. break;
  455. case DESC_HDR_SEL0_KEU:
  456. dev_err(dev, "KEUISR 0x%08x_%08x\n",
  457. in_be32(priv->reg_pkeu + TALITOS_EUISR),
  458. in_be32(priv->reg_pkeu + TALITOS_EUISR_LO));
  459. break;
  460. }
  461. switch (desc_hdr & DESC_HDR_SEL1_MASK) {
  462. case DESC_HDR_SEL1_MDEUA:
  463. case DESC_HDR_SEL1_MDEUB:
  464. dev_err(dev, "MDEUISR 0x%08x_%08x\n",
  465. in_be32(priv->reg_mdeu + TALITOS_EUISR),
  466. in_be32(priv->reg_mdeu + TALITOS_EUISR_LO));
  467. break;
  468. case DESC_HDR_SEL1_CRCU:
  469. dev_err(dev, "CRCUISR 0x%08x_%08x\n",
  470. in_be32(priv->reg_crcu + TALITOS_EUISR),
  471. in_be32(priv->reg_crcu + TALITOS_EUISR_LO));
  472. break;
  473. }
  474. for (i = 0; i < 8; i++)
  475. dev_err(dev, "DESCBUF 0x%08x_%08x\n",
  476. in_be32(priv->chan[ch].reg + TALITOS_DESCBUF + 8*i),
  477. in_be32(priv->chan[ch].reg + TALITOS_DESCBUF_LO + 8*i));
  478. }
  479. /*
  480. * recover from error interrupts
  481. */
  482. static void talitos_error(struct device *dev, u32 isr, u32 isr_lo)
  483. {
  484. struct talitos_private *priv = dev_get_drvdata(dev);
  485. unsigned int timeout = TALITOS_TIMEOUT;
  486. int ch, error, reset_dev = 0;
  487. u32 v_lo;
  488. bool is_sec1 = has_ftr_sec1(priv);
  489. int reset_ch = is_sec1 ? 1 : 0; /* only SEC2 supports continuation */
  490. for (ch = 0; ch < priv->num_channels; ch++) {
  491. /* skip channels without errors */
  492. if (is_sec1) {
  493. /* bits 29, 31, 17, 19 */
  494. if (!(isr & (1 << (29 + (ch & 1) * 2 - (ch & 2) * 6))))
  495. continue;
  496. } else {
  497. if (!(isr & (1 << (ch * 2 + 1))))
  498. continue;
  499. }
  500. error = -EINVAL;
  501. v_lo = in_be32(priv->chan[ch].reg + TALITOS_CCPSR_LO);
  502. if (v_lo & TALITOS_CCPSR_LO_DOF) {
  503. dev_err(dev, "double fetch fifo overflow error\n");
  504. error = -EAGAIN;
  505. reset_ch = 1;
  506. }
  507. if (v_lo & TALITOS_CCPSR_LO_SOF) {
  508. /* h/w dropped descriptor */
  509. dev_err(dev, "single fetch fifo overflow error\n");
  510. error = -EAGAIN;
  511. }
  512. if (v_lo & TALITOS_CCPSR_LO_MDTE)
  513. dev_err(dev, "master data transfer error\n");
  514. if (v_lo & TALITOS_CCPSR_LO_SGDLZ)
  515. dev_err(dev, is_sec1 ? "pointeur not complete error\n"
  516. : "s/g data length zero error\n");
  517. if (v_lo & TALITOS_CCPSR_LO_FPZ)
  518. dev_err(dev, is_sec1 ? "parity error\n"
  519. : "fetch pointer zero error\n");
  520. if (v_lo & TALITOS_CCPSR_LO_IDH)
  521. dev_err(dev, "illegal descriptor header error\n");
  522. if (v_lo & TALITOS_CCPSR_LO_IEU)
  523. dev_err(dev, is_sec1 ? "static assignment error\n"
  524. : "invalid exec unit error\n");
  525. if (v_lo & TALITOS_CCPSR_LO_EU)
  526. report_eu_error(dev, ch, current_desc_hdr(dev, ch));
  527. if (!is_sec1) {
  528. if (v_lo & TALITOS_CCPSR_LO_GB)
  529. dev_err(dev, "gather boundary error\n");
  530. if (v_lo & TALITOS_CCPSR_LO_GRL)
  531. dev_err(dev, "gather return/length error\n");
  532. if (v_lo & TALITOS_CCPSR_LO_SB)
  533. dev_err(dev, "scatter boundary error\n");
  534. if (v_lo & TALITOS_CCPSR_LO_SRL)
  535. dev_err(dev, "scatter return/length error\n");
  536. }
  537. flush_channel(dev, ch, error, reset_ch);
  538. if (reset_ch) {
  539. reset_channel(dev, ch);
  540. } else {
  541. setbits32(priv->chan[ch].reg + TALITOS_CCCR,
  542. TALITOS2_CCCR_CONT);
  543. setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO, 0);
  544. while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) &
  545. TALITOS2_CCCR_CONT) && --timeout)
  546. cpu_relax();
  547. if (timeout == 0) {
  548. dev_err(dev, "failed to restart channel %d\n",
  549. ch);
  550. reset_dev = 1;
  551. }
  552. }
  553. }
  554. if (reset_dev || (is_sec1 && isr & ~TALITOS1_ISR_4CHERR) ||
  555. (!is_sec1 && isr & ~TALITOS2_ISR_4CHERR) || isr_lo) {
  556. if (is_sec1 && (isr_lo & TALITOS1_ISR_TEA_ERR))
  557. dev_err(dev, "TEA error: ISR 0x%08x_%08x\n",
  558. isr, isr_lo);
  559. else
  560. dev_err(dev, "done overflow, internal time out, or "
  561. "rngu error: ISR 0x%08x_%08x\n", isr, isr_lo);
  562. /* purge request queues */
  563. for (ch = 0; ch < priv->num_channels; ch++)
  564. flush_channel(dev, ch, -EIO, 1);
  565. /* reset and reinitialize the device */
  566. init_device(dev);
  567. }
  568. }
  569. #define DEF_TALITOS1_INTERRUPT(name, ch_done_mask, ch_err_mask, tlet) \
  570. static irqreturn_t talitos1_interrupt_##name(int irq, void *data) \
  571. { \
  572. struct device *dev = data; \
  573. struct talitos_private *priv = dev_get_drvdata(dev); \
  574. u32 isr, isr_lo; \
  575. unsigned long flags; \
  576. \
  577. spin_lock_irqsave(&priv->reg_lock, flags); \
  578. isr = in_be32(priv->reg + TALITOS_ISR); \
  579. isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); \
  580. /* Acknowledge interrupt */ \
  581. out_be32(priv->reg + TALITOS_ICR, isr & (ch_done_mask | ch_err_mask)); \
  582. out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); \
  583. \
  584. if (unlikely(isr & ch_err_mask || isr_lo & TALITOS1_IMR_LO_INIT)) { \
  585. spin_unlock_irqrestore(&priv->reg_lock, flags); \
  586. talitos_error(dev, isr & ch_err_mask, isr_lo); \
  587. } \
  588. else { \
  589. if (likely(isr & ch_done_mask)) { \
  590. /* mask further done interrupts. */ \
  591. setbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
  592. /* done_task will unmask done interrupts at exit */ \
  593. tasklet_schedule(&priv->done_task[tlet]); \
  594. } \
  595. spin_unlock_irqrestore(&priv->reg_lock, flags); \
  596. } \
  597. \
  598. return (isr & (ch_done_mask | ch_err_mask) || isr_lo) ? IRQ_HANDLED : \
  599. IRQ_NONE; \
  600. }
  601. DEF_TALITOS1_INTERRUPT(4ch, TALITOS1_ISR_4CHDONE, TALITOS1_ISR_4CHERR, 0)
  602. #define DEF_TALITOS2_INTERRUPT(name, ch_done_mask, ch_err_mask, tlet) \
  603. static irqreturn_t talitos2_interrupt_##name(int irq, void *data) \
  604. { \
  605. struct device *dev = data; \
  606. struct talitos_private *priv = dev_get_drvdata(dev); \
  607. u32 isr, isr_lo; \
  608. unsigned long flags; \
  609. \
  610. spin_lock_irqsave(&priv->reg_lock, flags); \
  611. isr = in_be32(priv->reg + TALITOS_ISR); \
  612. isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); \
  613. /* Acknowledge interrupt */ \
  614. out_be32(priv->reg + TALITOS_ICR, isr & (ch_done_mask | ch_err_mask)); \
  615. out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); \
  616. \
  617. if (unlikely(isr & ch_err_mask || isr_lo)) { \
  618. spin_unlock_irqrestore(&priv->reg_lock, flags); \
  619. talitos_error(dev, isr & ch_err_mask, isr_lo); \
  620. } \
  621. else { \
  622. if (likely(isr & ch_done_mask)) { \
  623. /* mask further done interrupts. */ \
  624. clrbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
  625. /* done_task will unmask done interrupts at exit */ \
  626. tasklet_schedule(&priv->done_task[tlet]); \
  627. } \
  628. spin_unlock_irqrestore(&priv->reg_lock, flags); \
  629. } \
  630. \
  631. return (isr & (ch_done_mask | ch_err_mask) || isr_lo) ? IRQ_HANDLED : \
  632. IRQ_NONE; \
  633. }
  634. DEF_TALITOS2_INTERRUPT(4ch, TALITOS2_ISR_4CHDONE, TALITOS2_ISR_4CHERR, 0)
  635. DEF_TALITOS2_INTERRUPT(ch0_2, TALITOS2_ISR_CH_0_2_DONE, TALITOS2_ISR_CH_0_2_ERR,
  636. 0)
  637. DEF_TALITOS2_INTERRUPT(ch1_3, TALITOS2_ISR_CH_1_3_DONE, TALITOS2_ISR_CH_1_3_ERR,
  638. 1)
  639. /*
  640. * hwrng
  641. */
  642. static int talitos_rng_data_present(struct hwrng *rng, int wait)
  643. {
  644. struct device *dev = (struct device *)rng->priv;
  645. struct talitos_private *priv = dev_get_drvdata(dev);
  646. u32 ofl;
  647. int i;
  648. for (i = 0; i < 20; i++) {
  649. ofl = in_be32(priv->reg_rngu + TALITOS_EUSR_LO) &
  650. TALITOS_RNGUSR_LO_OFL;
  651. if (ofl || !wait)
  652. break;
  653. udelay(10);
  654. }
  655. return !!ofl;
  656. }
  657. static int talitos_rng_data_read(struct hwrng *rng, u32 *data)
  658. {
  659. struct device *dev = (struct device *)rng->priv;
  660. struct talitos_private *priv = dev_get_drvdata(dev);
  661. /* rng fifo requires 64-bit accesses */
  662. *data = in_be32(priv->reg_rngu + TALITOS_EU_FIFO);
  663. *data = in_be32(priv->reg_rngu + TALITOS_EU_FIFO_LO);
  664. return sizeof(u32);
  665. }
  666. static int talitos_rng_init(struct hwrng *rng)
  667. {
  668. struct device *dev = (struct device *)rng->priv;
  669. struct talitos_private *priv = dev_get_drvdata(dev);
  670. unsigned int timeout = TALITOS_TIMEOUT;
  671. setbits32(priv->reg_rngu + TALITOS_EURCR_LO, TALITOS_RNGURCR_LO_SR);
  672. while (!(in_be32(priv->reg_rngu + TALITOS_EUSR_LO)
  673. & TALITOS_RNGUSR_LO_RD)
  674. && --timeout)
  675. cpu_relax();
  676. if (timeout == 0) {
  677. dev_err(dev, "failed to reset rng hw\n");
  678. return -ENODEV;
  679. }
  680. /* start generating */
  681. setbits32(priv->reg_rngu + TALITOS_EUDSR_LO, 0);
  682. return 0;
  683. }
  684. static int talitos_register_rng(struct device *dev)
  685. {
  686. struct talitos_private *priv = dev_get_drvdata(dev);
  687. int err;
  688. priv->rng.name = dev_driver_string(dev),
  689. priv->rng.init = talitos_rng_init,
  690. priv->rng.data_present = talitos_rng_data_present,
  691. priv->rng.data_read = talitos_rng_data_read,
  692. priv->rng.priv = (unsigned long)dev;
  693. err = hwrng_register(&priv->rng);
  694. if (!err)
  695. priv->rng_registered = true;
  696. return err;
  697. }
  698. static void talitos_unregister_rng(struct device *dev)
  699. {
  700. struct talitos_private *priv = dev_get_drvdata(dev);
  701. if (!priv->rng_registered)
  702. return;
  703. hwrng_unregister(&priv->rng);
  704. priv->rng_registered = false;
  705. }
  706. /*
  707. * crypto alg
  708. */
  709. #define TALITOS_CRA_PRIORITY 3000
  710. /*
  711. * Defines a priority for doing AEAD with descriptors type
  712. * HMAC_SNOOP_NO_AFEA (HSNA) instead of type IPSEC_ESP
  713. */
  714. #define TALITOS_CRA_PRIORITY_AEAD_HSNA (TALITOS_CRA_PRIORITY - 1)
  715. #define TALITOS_MAX_KEY_SIZE (AES_MAX_KEY_SIZE + SHA512_BLOCK_SIZE)
  716. #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */
  717. struct talitos_ctx {
  718. struct device *dev;
  719. int ch;
  720. __be32 desc_hdr_template;
  721. u8 key[TALITOS_MAX_KEY_SIZE];
  722. u8 iv[TALITOS_MAX_IV_LENGTH];
  723. unsigned int keylen;
  724. unsigned int enckeylen;
  725. unsigned int authkeylen;
  726. };
  727. #define HASH_MAX_BLOCK_SIZE SHA512_BLOCK_SIZE
  728. #define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
  729. struct talitos_ahash_req_ctx {
  730. u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
  731. unsigned int hw_context_size;
  732. u8 buf[HASH_MAX_BLOCK_SIZE];
  733. u8 bufnext[HASH_MAX_BLOCK_SIZE];
  734. unsigned int swinit;
  735. unsigned int first;
  736. unsigned int last;
  737. unsigned int to_hash_later;
  738. unsigned int nbuf;
  739. struct scatterlist bufsl[2];
  740. struct scatterlist *psrc;
  741. };
  742. struct talitos_export_state {
  743. u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
  744. u8 buf[HASH_MAX_BLOCK_SIZE];
  745. unsigned int swinit;
  746. unsigned int first;
  747. unsigned int last;
  748. unsigned int to_hash_later;
  749. unsigned int nbuf;
  750. };
  751. static int aead_setkey(struct crypto_aead *authenc,
  752. const u8 *key, unsigned int keylen)
  753. {
  754. struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
  755. struct crypto_authenc_keys keys;
  756. if (crypto_authenc_extractkeys(&keys, key, keylen) != 0)
  757. goto badkey;
  758. if (keys.authkeylen + keys.enckeylen > TALITOS_MAX_KEY_SIZE)
  759. goto badkey;
  760. memcpy(ctx->key, keys.authkey, keys.authkeylen);
  761. memcpy(&ctx->key[keys.authkeylen], keys.enckey, keys.enckeylen);
  762. ctx->keylen = keys.authkeylen + keys.enckeylen;
  763. ctx->enckeylen = keys.enckeylen;
  764. ctx->authkeylen = keys.authkeylen;
  765. return 0;
  766. badkey:
  767. crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN);
  768. return -EINVAL;
  769. }
  770. /*
  771. * talitos_edesc - s/w-extended descriptor
  772. * @src_nents: number of segments in input scatterlist
  773. * @dst_nents: number of segments in output scatterlist
  774. * @icv_ool: whether ICV is out-of-line
  775. * @iv_dma: dma address of iv for checking continuity and link table
  776. * @dma_len: length of dma mapped link_tbl space
  777. * @dma_link_tbl: bus physical address of link_tbl/buf
  778. * @desc: h/w descriptor
  779. * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1) (SEC2)
  780. * @buf: input and output buffeur (if {src,dst}_nents > 1) (SEC1)
  781. *
  782. * if decrypting (with authcheck), or either one of src_nents or dst_nents
  783. * is greater than 1, an integrity check value is concatenated to the end
  784. * of link_tbl data
  785. */
  786. struct talitos_edesc {
  787. int src_nents;
  788. int dst_nents;
  789. bool icv_ool;
  790. dma_addr_t iv_dma;
  791. int dma_len;
  792. dma_addr_t dma_link_tbl;
  793. struct talitos_desc desc;
  794. union {
  795. struct talitos_ptr link_tbl[0];
  796. u8 buf[0];
  797. };
  798. };
  799. static void talitos_sg_unmap(struct device *dev,
  800. struct talitos_edesc *edesc,
  801. struct scatterlist *src,
  802. struct scatterlist *dst,
  803. unsigned int len, unsigned int offset)
  804. {
  805. struct talitos_private *priv = dev_get_drvdata(dev);
  806. bool is_sec1 = has_ftr_sec1(priv);
  807. unsigned int src_nents = edesc->src_nents ? : 1;
  808. unsigned int dst_nents = edesc->dst_nents ? : 1;
  809. if (is_sec1 && dst && dst_nents > 1) {
  810. dma_sync_single_for_device(dev, edesc->dma_link_tbl + offset,
  811. len, DMA_FROM_DEVICE);
  812. sg_pcopy_from_buffer(dst, dst_nents, edesc->buf + offset, len,
  813. offset);
  814. }
  815. if (src != dst) {
  816. if (src_nents == 1 || !is_sec1)
  817. dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE);
  818. if (dst && (dst_nents == 1 || !is_sec1))
  819. dma_unmap_sg(dev, dst, dst_nents, DMA_FROM_DEVICE);
  820. } else if (src_nents == 1 || !is_sec1) {
  821. dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL);
  822. }
  823. }
  824. static void ipsec_esp_unmap(struct device *dev,
  825. struct talitos_edesc *edesc,
  826. struct aead_request *areq, bool encrypt)
  827. {
  828. struct crypto_aead *aead = crypto_aead_reqtfm(areq);
  829. struct talitos_ctx *ctx = crypto_aead_ctx(aead);
  830. unsigned int ivsize = crypto_aead_ivsize(aead);
  831. unsigned int authsize = crypto_aead_authsize(aead);
  832. unsigned int cryptlen = areq->cryptlen - (encrypt ? 0 : authsize);
  833. if (edesc->desc.hdr & DESC_HDR_TYPE_IPSEC_ESP)
  834. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6],
  835. DMA_FROM_DEVICE);
  836. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[3], DMA_TO_DEVICE);
  837. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
  838. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[0], DMA_TO_DEVICE);
  839. talitos_sg_unmap(dev, edesc, areq->src, areq->dst, cryptlen,
  840. areq->assoclen);
  841. if (edesc->dma_len)
  842. dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
  843. DMA_BIDIRECTIONAL);
  844. if (!(edesc->desc.hdr & DESC_HDR_TYPE_IPSEC_ESP)) {
  845. unsigned int dst_nents = edesc->dst_nents ? : 1;
  846. sg_pcopy_to_buffer(areq->dst, dst_nents, ctx->iv, ivsize,
  847. areq->assoclen + cryptlen - ivsize);
  848. }
  849. }
  850. /*
  851. * ipsec_esp descriptor callbacks
  852. */
  853. static void ipsec_esp_encrypt_done(struct device *dev,
  854. struct talitos_desc *desc, void *context,
  855. int err)
  856. {
  857. struct talitos_private *priv = dev_get_drvdata(dev);
  858. bool is_sec1 = has_ftr_sec1(priv);
  859. struct aead_request *areq = context;
  860. struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
  861. unsigned int authsize = crypto_aead_authsize(authenc);
  862. struct talitos_edesc *edesc;
  863. void *icvdata;
  864. edesc = container_of(desc, struct talitos_edesc, desc);
  865. ipsec_esp_unmap(dev, edesc, areq, true);
  866. /* copy the generated ICV to dst */
  867. if (edesc->icv_ool) {
  868. if (is_sec1)
  869. icvdata = edesc->buf + areq->assoclen + areq->cryptlen;
  870. else
  871. icvdata = &edesc->link_tbl[edesc->src_nents +
  872. edesc->dst_nents + 2];
  873. sg_pcopy_from_buffer(areq->dst, edesc->dst_nents ? : 1, icvdata,
  874. authsize, areq->assoclen + areq->cryptlen);
  875. }
  876. kfree(edesc);
  877. aead_request_complete(areq, err);
  878. }
  879. static void ipsec_esp_decrypt_swauth_done(struct device *dev,
  880. struct talitos_desc *desc,
  881. void *context, int err)
  882. {
  883. struct aead_request *req = context;
  884. struct crypto_aead *authenc = crypto_aead_reqtfm(req);
  885. unsigned int authsize = crypto_aead_authsize(authenc);
  886. struct talitos_edesc *edesc;
  887. char *oicv, *icv;
  888. struct talitos_private *priv = dev_get_drvdata(dev);
  889. bool is_sec1 = has_ftr_sec1(priv);
  890. edesc = container_of(desc, struct talitos_edesc, desc);
  891. ipsec_esp_unmap(dev, edesc, req, false);
  892. if (!err) {
  893. char icvdata[SHA512_DIGEST_SIZE];
  894. int nents = edesc->dst_nents ? : 1;
  895. unsigned int len = req->assoclen + req->cryptlen;
  896. /* auth check */
  897. if (nents > 1) {
  898. sg_pcopy_to_buffer(req->dst, nents, icvdata, authsize,
  899. len - authsize);
  900. icv = icvdata;
  901. } else {
  902. icv = (char *)sg_virt(req->dst) + len - authsize;
  903. }
  904. if (edesc->dma_len) {
  905. if (is_sec1)
  906. oicv = (char *)&edesc->dma_link_tbl +
  907. req->assoclen + req->cryptlen;
  908. else
  909. oicv = (char *)
  910. &edesc->link_tbl[edesc->src_nents +
  911. edesc->dst_nents + 2];
  912. if (edesc->icv_ool)
  913. icv = oicv + authsize;
  914. } else
  915. oicv = (char *)&edesc->link_tbl[0];
  916. err = crypto_memneq(oicv, icv, authsize) ? -EBADMSG : 0;
  917. }
  918. kfree(edesc);
  919. aead_request_complete(req, err);
  920. }
  921. static void ipsec_esp_decrypt_hwauth_done(struct device *dev,
  922. struct talitos_desc *desc,
  923. void *context, int err)
  924. {
  925. struct aead_request *req = context;
  926. struct talitos_edesc *edesc;
  927. edesc = container_of(desc, struct talitos_edesc, desc);
  928. ipsec_esp_unmap(dev, edesc, req, false);
  929. /* check ICV auth status */
  930. if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) !=
  931. DESC_HDR_LO_ICCR1_PASS))
  932. err = -EBADMSG;
  933. kfree(edesc);
  934. aead_request_complete(req, err);
  935. }
  936. /*
  937. * convert scatterlist to SEC h/w link table format
  938. * stop at cryptlen bytes
  939. */
  940. static int sg_to_link_tbl_offset(struct scatterlist *sg, int sg_count,
  941. unsigned int offset, int cryptlen,
  942. struct talitos_ptr *link_tbl_ptr)
  943. {
  944. int n_sg = sg_count;
  945. int count = 0;
  946. while (cryptlen && sg && n_sg--) {
  947. unsigned int len = sg_dma_len(sg);
  948. if (offset >= len) {
  949. offset -= len;
  950. goto next;
  951. }
  952. len -= offset;
  953. if (len > cryptlen)
  954. len = cryptlen;
  955. to_talitos_ptr(link_tbl_ptr + count,
  956. sg_dma_address(sg) + offset, 0);
  957. to_talitos_ptr_len(link_tbl_ptr + count, len, 0);
  958. to_talitos_ptr_ext_set(link_tbl_ptr + count, 0, 0);
  959. count++;
  960. cryptlen -= len;
  961. offset = 0;
  962. next:
  963. sg = sg_next(sg);
  964. }
  965. /* tag end of link table */
  966. if (count > 0)
  967. to_talitos_ptr_ext_set(link_tbl_ptr + count - 1,
  968. DESC_PTR_LNKTBL_RETURN, 0);
  969. return count;
  970. }
  971. static int talitos_sg_map_ext(struct device *dev, struct scatterlist *src,
  972. unsigned int len, struct talitos_edesc *edesc,
  973. struct talitos_ptr *ptr, int sg_count,
  974. unsigned int offset, int tbl_off, int elen)
  975. {
  976. struct talitos_private *priv = dev_get_drvdata(dev);
  977. bool is_sec1 = has_ftr_sec1(priv);
  978. if (!src) {
  979. *ptr = zero_entry;
  980. return 1;
  981. }
  982. to_talitos_ptr_len(ptr, len, is_sec1);
  983. to_talitos_ptr_ext_set(ptr, elen, is_sec1);
  984. if (sg_count == 1) {
  985. to_talitos_ptr(ptr, sg_dma_address(src) + offset, is_sec1);
  986. return sg_count;
  987. }
  988. if (is_sec1) {
  989. to_talitos_ptr(ptr, edesc->dma_link_tbl + offset, is_sec1);
  990. return sg_count;
  991. }
  992. sg_count = sg_to_link_tbl_offset(src, sg_count, offset, len + elen,
  993. &edesc->link_tbl[tbl_off]);
  994. if (sg_count == 1) {
  995. /* Only one segment now, so no link tbl needed*/
  996. copy_talitos_ptr(ptr, &edesc->link_tbl[tbl_off], is_sec1);
  997. return sg_count;
  998. }
  999. to_talitos_ptr(ptr, edesc->dma_link_tbl +
  1000. tbl_off * sizeof(struct talitos_ptr), is_sec1);
  1001. to_talitos_ptr_ext_or(ptr, DESC_PTR_LNKTBL_JUMP, is_sec1);
  1002. return sg_count;
  1003. }
  1004. static int talitos_sg_map(struct device *dev, struct scatterlist *src,
  1005. unsigned int len, struct talitos_edesc *edesc,
  1006. struct talitos_ptr *ptr, int sg_count,
  1007. unsigned int offset, int tbl_off)
  1008. {
  1009. return talitos_sg_map_ext(dev, src, len, edesc, ptr, sg_count, offset,
  1010. tbl_off, 0);
  1011. }
  1012. /*
  1013. * fill in and submit ipsec_esp descriptor
  1014. */
  1015. static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq,
  1016. bool encrypt,
  1017. void (*callback)(struct device *dev,
  1018. struct talitos_desc *desc,
  1019. void *context, int error))
  1020. {
  1021. struct crypto_aead *aead = crypto_aead_reqtfm(areq);
  1022. unsigned int authsize = crypto_aead_authsize(aead);
  1023. struct talitos_ctx *ctx = crypto_aead_ctx(aead);
  1024. struct device *dev = ctx->dev;
  1025. struct talitos_desc *desc = &edesc->desc;
  1026. unsigned int cryptlen = areq->cryptlen - (encrypt ? 0 : authsize);
  1027. unsigned int ivsize = crypto_aead_ivsize(aead);
  1028. int tbl_off = 0;
  1029. int sg_count, ret;
  1030. int elen = 0;
  1031. bool sync_needed = false;
  1032. struct talitos_private *priv = dev_get_drvdata(dev);
  1033. bool is_sec1 = has_ftr_sec1(priv);
  1034. /* hmac key */
  1035. map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key,
  1036. DMA_TO_DEVICE);
  1037. sg_count = edesc->src_nents ?: 1;
  1038. if (is_sec1 && sg_count > 1)
  1039. sg_copy_to_buffer(areq->src, sg_count, edesc->buf,
  1040. areq->assoclen + cryptlen);
  1041. else
  1042. sg_count = dma_map_sg(dev, areq->src, sg_count,
  1043. (areq->src == areq->dst) ?
  1044. DMA_BIDIRECTIONAL : DMA_TO_DEVICE);
  1045. /* hmac data */
  1046. ret = talitos_sg_map(dev, areq->src, areq->assoclen, edesc,
  1047. &desc->ptr[1], sg_count, 0, tbl_off);
  1048. if (ret > 1) {
  1049. tbl_off += ret;
  1050. sync_needed = true;
  1051. }
  1052. /* cipher iv */
  1053. if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP) {
  1054. to_talitos_ptr(&desc->ptr[2], edesc->iv_dma, is_sec1);
  1055. to_talitos_ptr_len(&desc->ptr[2], ivsize, is_sec1);
  1056. to_talitos_ptr_ext_set(&desc->ptr[2], 0, is_sec1);
  1057. } else {
  1058. to_talitos_ptr(&desc->ptr[3], edesc->iv_dma, is_sec1);
  1059. to_talitos_ptr_len(&desc->ptr[3], ivsize, is_sec1);
  1060. to_talitos_ptr_ext_set(&desc->ptr[3], 0, is_sec1);
  1061. }
  1062. /* cipher key */
  1063. if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP)
  1064. map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen,
  1065. (char *)&ctx->key + ctx->authkeylen,
  1066. DMA_TO_DEVICE);
  1067. else
  1068. map_single_talitos_ptr(dev, &desc->ptr[2], ctx->enckeylen,
  1069. (char *)&ctx->key + ctx->authkeylen,
  1070. DMA_TO_DEVICE);
  1071. /*
  1072. * cipher in
  1073. * map and adjust cipher len to aead request cryptlen.
  1074. * extent is bytes of HMAC postpended to ciphertext,
  1075. * typically 12 for ipsec
  1076. */
  1077. if ((desc->hdr & DESC_HDR_TYPE_IPSEC_ESP) &&
  1078. (desc->hdr & DESC_HDR_MODE1_MDEU_CICV))
  1079. elen = authsize;
  1080. ret = talitos_sg_map_ext(dev, areq->src, cryptlen, edesc, &desc->ptr[4],
  1081. sg_count, areq->assoclen, tbl_off, elen);
  1082. if (ret > 1) {
  1083. tbl_off += ret;
  1084. sync_needed = true;
  1085. }
  1086. /* cipher out */
  1087. if (areq->src != areq->dst) {
  1088. sg_count = edesc->dst_nents ? : 1;
  1089. if (!is_sec1 || sg_count == 1)
  1090. dma_map_sg(dev, areq->dst, sg_count, DMA_FROM_DEVICE);
  1091. }
  1092. ret = talitos_sg_map(dev, areq->dst, cryptlen, edesc, &desc->ptr[5],
  1093. sg_count, areq->assoclen, tbl_off);
  1094. if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP)
  1095. to_talitos_ptr_ext_or(&desc->ptr[5], authsize, is_sec1);
  1096. /* ICV data */
  1097. if (ret > 1) {
  1098. tbl_off += ret;
  1099. edesc->icv_ool = true;
  1100. sync_needed = true;
  1101. if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP) {
  1102. struct talitos_ptr *tbl_ptr = &edesc->link_tbl[tbl_off];
  1103. int offset = (edesc->src_nents + edesc->dst_nents + 2) *
  1104. sizeof(struct talitos_ptr) + authsize;
  1105. /* Add an entry to the link table for ICV data */
  1106. to_talitos_ptr_ext_set(tbl_ptr - 1, 0, is_sec1);
  1107. to_talitos_ptr_ext_set(tbl_ptr, DESC_PTR_LNKTBL_RETURN,
  1108. is_sec1);
  1109. to_talitos_ptr_len(tbl_ptr, authsize, is_sec1);
  1110. /* icv data follows link tables */
  1111. to_talitos_ptr(tbl_ptr, edesc->dma_link_tbl + offset,
  1112. is_sec1);
  1113. } else {
  1114. dma_addr_t addr = edesc->dma_link_tbl;
  1115. if (is_sec1)
  1116. addr += areq->assoclen + cryptlen;
  1117. else
  1118. addr += sizeof(struct talitos_ptr) * tbl_off;
  1119. to_talitos_ptr(&desc->ptr[6], addr, is_sec1);
  1120. to_talitos_ptr_len(&desc->ptr[6], authsize, is_sec1);
  1121. }
  1122. } else if (!(desc->hdr & DESC_HDR_TYPE_IPSEC_ESP)) {
  1123. ret = talitos_sg_map(dev, areq->dst, authsize, edesc,
  1124. &desc->ptr[6], sg_count, areq->assoclen +
  1125. cryptlen,
  1126. tbl_off);
  1127. if (ret > 1) {
  1128. tbl_off += ret;
  1129. edesc->icv_ool = true;
  1130. sync_needed = true;
  1131. } else {
  1132. edesc->icv_ool = false;
  1133. }
  1134. } else {
  1135. edesc->icv_ool = false;
  1136. }
  1137. /* iv out */
  1138. if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP)
  1139. map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv,
  1140. DMA_FROM_DEVICE);
  1141. if (sync_needed)
  1142. dma_sync_single_for_device(dev, edesc->dma_link_tbl,
  1143. edesc->dma_len,
  1144. DMA_BIDIRECTIONAL);
  1145. ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
  1146. if (ret != -EINPROGRESS) {
  1147. ipsec_esp_unmap(dev, edesc, areq, encrypt);
  1148. kfree(edesc);
  1149. }
  1150. return ret;
  1151. }
  1152. /*
  1153. * allocate and map the extended descriptor
  1154. */
  1155. static struct talitos_edesc *talitos_edesc_alloc(struct device *dev,
  1156. struct scatterlist *src,
  1157. struct scatterlist *dst,
  1158. u8 *iv,
  1159. unsigned int assoclen,
  1160. unsigned int cryptlen,
  1161. unsigned int authsize,
  1162. unsigned int ivsize,
  1163. int icv_stashing,
  1164. u32 cryptoflags,
  1165. bool encrypt)
  1166. {
  1167. struct talitos_edesc *edesc;
  1168. int src_nents, dst_nents, alloc_len, dma_len, src_len, dst_len;
  1169. dma_addr_t iv_dma = 0;
  1170. gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL :
  1171. GFP_ATOMIC;
  1172. struct talitos_private *priv = dev_get_drvdata(dev);
  1173. bool is_sec1 = has_ftr_sec1(priv);
  1174. int max_len = is_sec1 ? TALITOS1_MAX_DATA_LEN : TALITOS2_MAX_DATA_LEN;
  1175. if (cryptlen + authsize > max_len) {
  1176. dev_err(dev, "length exceeds h/w max limit\n");
  1177. return ERR_PTR(-EINVAL);
  1178. }
  1179. if (!dst || dst == src) {
  1180. src_len = assoclen + cryptlen + authsize;
  1181. src_nents = sg_nents_for_len(src, src_len);
  1182. if (src_nents < 0) {
  1183. dev_err(dev, "Invalid number of src SG.\n");
  1184. return ERR_PTR(-EINVAL);
  1185. }
  1186. src_nents = (src_nents == 1) ? 0 : src_nents;
  1187. dst_nents = dst ? src_nents : 0;
  1188. dst_len = 0;
  1189. } else { /* dst && dst != src*/
  1190. src_len = assoclen + cryptlen + (encrypt ? 0 : authsize);
  1191. src_nents = sg_nents_for_len(src, src_len);
  1192. if (src_nents < 0) {
  1193. dev_err(dev, "Invalid number of src SG.\n");
  1194. return ERR_PTR(-EINVAL);
  1195. }
  1196. src_nents = (src_nents == 1) ? 0 : src_nents;
  1197. dst_len = assoclen + cryptlen + (encrypt ? authsize : 0);
  1198. dst_nents = sg_nents_for_len(dst, dst_len);
  1199. if (dst_nents < 0) {
  1200. dev_err(dev, "Invalid number of dst SG.\n");
  1201. return ERR_PTR(-EINVAL);
  1202. }
  1203. dst_nents = (dst_nents == 1) ? 0 : dst_nents;
  1204. }
  1205. /*
  1206. * allocate space for base edesc plus the link tables,
  1207. * allowing for two separate entries for AD and generated ICV (+ 2),
  1208. * and space for two sets of ICVs (stashed and generated)
  1209. */
  1210. alloc_len = sizeof(struct talitos_edesc);
  1211. if (src_nents || dst_nents) {
  1212. if (is_sec1)
  1213. dma_len = (src_nents ? src_len : 0) +
  1214. (dst_nents ? dst_len : 0);
  1215. else
  1216. dma_len = (src_nents + dst_nents + 2) *
  1217. sizeof(struct talitos_ptr) + authsize * 2;
  1218. alloc_len += dma_len;
  1219. } else {
  1220. dma_len = 0;
  1221. alloc_len += icv_stashing ? authsize : 0;
  1222. }
  1223. alloc_len += ivsize;
  1224. edesc = kmalloc(alloc_len, GFP_DMA | flags);
  1225. if (!edesc)
  1226. return ERR_PTR(-ENOMEM);
  1227. if (ivsize) {
  1228. iv = memcpy(((u8 *)edesc) + alloc_len - ivsize, iv, ivsize);
  1229. iv_dma = dma_map_single(dev, iv, ivsize, DMA_TO_DEVICE);
  1230. }
  1231. edesc->src_nents = src_nents;
  1232. edesc->dst_nents = dst_nents;
  1233. edesc->iv_dma = iv_dma;
  1234. edesc->dma_len = dma_len;
  1235. if (dma_len)
  1236. edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0],
  1237. edesc->dma_len,
  1238. DMA_BIDIRECTIONAL);
  1239. return edesc;
  1240. }
  1241. static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, u8 *iv,
  1242. int icv_stashing, bool encrypt)
  1243. {
  1244. struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
  1245. unsigned int authsize = crypto_aead_authsize(authenc);
  1246. struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
  1247. unsigned int ivsize = crypto_aead_ivsize(authenc);
  1248. unsigned int cryptlen = areq->cryptlen - (encrypt ? 0 : authsize);
  1249. return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst,
  1250. iv, areq->assoclen, cryptlen,
  1251. authsize, ivsize, icv_stashing,
  1252. areq->base.flags, encrypt);
  1253. }
  1254. static int aead_encrypt(struct aead_request *req)
  1255. {
  1256. struct crypto_aead *authenc = crypto_aead_reqtfm(req);
  1257. struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
  1258. struct talitos_edesc *edesc;
  1259. /* allocate extended descriptor */
  1260. edesc = aead_edesc_alloc(req, req->iv, 0, true);
  1261. if (IS_ERR(edesc))
  1262. return PTR_ERR(edesc);
  1263. /* set encrypt */
  1264. edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
  1265. return ipsec_esp(edesc, req, true, ipsec_esp_encrypt_done);
  1266. }
  1267. static int aead_decrypt(struct aead_request *req)
  1268. {
  1269. struct crypto_aead *authenc = crypto_aead_reqtfm(req);
  1270. unsigned int authsize = crypto_aead_authsize(authenc);
  1271. struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
  1272. struct talitos_private *priv = dev_get_drvdata(ctx->dev);
  1273. struct talitos_edesc *edesc;
  1274. void *icvdata;
  1275. /* allocate extended descriptor */
  1276. edesc = aead_edesc_alloc(req, req->iv, 1, false);
  1277. if (IS_ERR(edesc))
  1278. return PTR_ERR(edesc);
  1279. if ((edesc->desc.hdr & DESC_HDR_TYPE_IPSEC_ESP) &&
  1280. (priv->features & TALITOS_FTR_HW_AUTH_CHECK) &&
  1281. ((!edesc->src_nents && !edesc->dst_nents) ||
  1282. priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) {
  1283. /* decrypt and check the ICV */
  1284. edesc->desc.hdr = ctx->desc_hdr_template |
  1285. DESC_HDR_DIR_INBOUND |
  1286. DESC_HDR_MODE1_MDEU_CICV;
  1287. /* reset integrity check result bits */
  1288. edesc->desc.hdr_lo = 0;
  1289. return ipsec_esp(edesc, req, false,
  1290. ipsec_esp_decrypt_hwauth_done);
  1291. }
  1292. /* Have to check the ICV with software */
  1293. edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
  1294. /* stash incoming ICV for later cmp with ICV generated by the h/w */
  1295. if (edesc->dma_len)
  1296. icvdata = (char *)&edesc->link_tbl[edesc->src_nents +
  1297. edesc->dst_nents + 2];
  1298. else
  1299. icvdata = &edesc->link_tbl[0];
  1300. sg_pcopy_to_buffer(req->src, edesc->src_nents ? : 1, icvdata, authsize,
  1301. req->assoclen + req->cryptlen - authsize);
  1302. return ipsec_esp(edesc, req, false, ipsec_esp_decrypt_swauth_done);
  1303. }
  1304. static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
  1305. const u8 *key, unsigned int keylen)
  1306. {
  1307. struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
  1308. u32 tmp[DES_EXPKEY_WORDS];
  1309. if (keylen > TALITOS_MAX_KEY_SIZE) {
  1310. crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
  1311. return -EINVAL;
  1312. }
  1313. if (unlikely(crypto_ablkcipher_get_flags(cipher) &
  1314. CRYPTO_TFM_REQ_WEAK_KEY) &&
  1315. !des_ekey(tmp, key)) {
  1316. crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);
  1317. return -EINVAL;
  1318. }
  1319. memcpy(&ctx->key, key, keylen);
  1320. ctx->keylen = keylen;
  1321. return 0;
  1322. }
  1323. static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher,
  1324. const u8 *key, unsigned int keylen)
  1325. {
  1326. if (keylen == AES_KEYSIZE_128 || keylen == AES_KEYSIZE_192 ||
  1327. keylen == AES_KEYSIZE_256)
  1328. return ablkcipher_setkey(cipher, key, keylen);
  1329. crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
  1330. return -EINVAL;
  1331. }
  1332. static void common_nonsnoop_unmap(struct device *dev,
  1333. struct talitos_edesc *edesc,
  1334. struct ablkcipher_request *areq)
  1335. {
  1336. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
  1337. talitos_sg_unmap(dev, edesc, areq->src, areq->dst, areq->nbytes, 0);
  1338. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
  1339. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE);
  1340. if (edesc->dma_len)
  1341. dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
  1342. DMA_BIDIRECTIONAL);
  1343. }
  1344. static void ablkcipher_done(struct device *dev,
  1345. struct talitos_desc *desc, void *context,
  1346. int err)
  1347. {
  1348. struct ablkcipher_request *areq = context;
  1349. struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
  1350. struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
  1351. unsigned int ivsize = crypto_ablkcipher_ivsize(cipher);
  1352. struct talitos_edesc *edesc;
  1353. edesc = container_of(desc, struct talitos_edesc, desc);
  1354. common_nonsnoop_unmap(dev, edesc, areq);
  1355. memcpy(areq->info, ctx->iv, ivsize);
  1356. kfree(edesc);
  1357. areq->base.complete(&areq->base, err);
  1358. }
  1359. static int common_nonsnoop(struct talitos_edesc *edesc,
  1360. struct ablkcipher_request *areq,
  1361. void (*callback) (struct device *dev,
  1362. struct talitos_desc *desc,
  1363. void *context, int error))
  1364. {
  1365. struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
  1366. struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
  1367. struct device *dev = ctx->dev;
  1368. struct talitos_desc *desc = &edesc->desc;
  1369. unsigned int cryptlen = areq->nbytes;
  1370. unsigned int ivsize = crypto_ablkcipher_ivsize(cipher);
  1371. int sg_count, ret;
  1372. bool sync_needed = false;
  1373. struct talitos_private *priv = dev_get_drvdata(dev);
  1374. bool is_sec1 = has_ftr_sec1(priv);
  1375. /* first DWORD empty */
  1376. desc->ptr[0] = zero_entry;
  1377. /* cipher iv */
  1378. to_talitos_ptr(&desc->ptr[1], edesc->iv_dma, is_sec1);
  1379. to_talitos_ptr_len(&desc->ptr[1], ivsize, is_sec1);
  1380. to_talitos_ptr_ext_set(&desc->ptr[1], 0, is_sec1);
  1381. /* cipher key */
  1382. map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
  1383. (char *)&ctx->key, DMA_TO_DEVICE);
  1384. sg_count = edesc->src_nents ?: 1;
  1385. if (is_sec1 && sg_count > 1)
  1386. sg_copy_to_buffer(areq->src, sg_count, edesc->buf,
  1387. cryptlen);
  1388. else
  1389. sg_count = dma_map_sg(dev, areq->src, sg_count,
  1390. (areq->src == areq->dst) ?
  1391. DMA_BIDIRECTIONAL : DMA_TO_DEVICE);
  1392. /*
  1393. * cipher in
  1394. */
  1395. sg_count = talitos_sg_map(dev, areq->src, cryptlen, edesc,
  1396. &desc->ptr[3], sg_count, 0, 0);
  1397. if (sg_count > 1)
  1398. sync_needed = true;
  1399. /* cipher out */
  1400. if (areq->src != areq->dst) {
  1401. sg_count = edesc->dst_nents ? : 1;
  1402. if (!is_sec1 || sg_count == 1)
  1403. dma_map_sg(dev, areq->dst, sg_count, DMA_FROM_DEVICE);
  1404. }
  1405. ret = talitos_sg_map(dev, areq->dst, cryptlen, edesc, &desc->ptr[4],
  1406. sg_count, 0, (edesc->src_nents + 1));
  1407. if (ret > 1)
  1408. sync_needed = true;
  1409. /* iv out */
  1410. map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv,
  1411. DMA_FROM_DEVICE);
  1412. /* last DWORD empty */
  1413. desc->ptr[6] = zero_entry;
  1414. if (sync_needed)
  1415. dma_sync_single_for_device(dev, edesc->dma_link_tbl,
  1416. edesc->dma_len, DMA_BIDIRECTIONAL);
  1417. ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
  1418. if (ret != -EINPROGRESS) {
  1419. common_nonsnoop_unmap(dev, edesc, areq);
  1420. kfree(edesc);
  1421. }
  1422. return ret;
  1423. }
  1424. static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request *
  1425. areq, bool encrypt)
  1426. {
  1427. struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
  1428. struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
  1429. unsigned int ivsize = crypto_ablkcipher_ivsize(cipher);
  1430. return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst,
  1431. areq->info, 0, areq->nbytes, 0, ivsize, 0,
  1432. areq->base.flags, encrypt);
  1433. }
  1434. static int ablkcipher_encrypt(struct ablkcipher_request *areq)
  1435. {
  1436. struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
  1437. struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
  1438. struct talitos_edesc *edesc;
  1439. unsigned int blocksize =
  1440. crypto_tfm_alg_blocksize(crypto_ablkcipher_tfm(cipher));
  1441. if (!areq->nbytes)
  1442. return 0;
  1443. if (areq->nbytes % blocksize)
  1444. return -EINVAL;
  1445. /* allocate extended descriptor */
  1446. edesc = ablkcipher_edesc_alloc(areq, true);
  1447. if (IS_ERR(edesc))
  1448. return PTR_ERR(edesc);
  1449. /* set encrypt */
  1450. edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
  1451. return common_nonsnoop(edesc, areq, ablkcipher_done);
  1452. }
  1453. static int ablkcipher_decrypt(struct ablkcipher_request *areq)
  1454. {
  1455. struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
  1456. struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
  1457. struct talitos_edesc *edesc;
  1458. unsigned int blocksize =
  1459. crypto_tfm_alg_blocksize(crypto_ablkcipher_tfm(cipher));
  1460. if (!areq->nbytes)
  1461. return 0;
  1462. if (areq->nbytes % blocksize)
  1463. return -EINVAL;
  1464. /* allocate extended descriptor */
  1465. edesc = ablkcipher_edesc_alloc(areq, false);
  1466. if (IS_ERR(edesc))
  1467. return PTR_ERR(edesc);
  1468. edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
  1469. return common_nonsnoop(edesc, areq, ablkcipher_done);
  1470. }
  1471. static void common_nonsnoop_hash_unmap(struct device *dev,
  1472. struct talitos_edesc *edesc,
  1473. struct ahash_request *areq)
  1474. {
  1475. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1476. struct talitos_private *priv = dev_get_drvdata(dev);
  1477. bool is_sec1 = has_ftr_sec1(priv);
  1478. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
  1479. talitos_sg_unmap(dev, edesc, req_ctx->psrc, NULL, 0, 0);
  1480. /* When using hashctx-in, must unmap it. */
  1481. if (from_talitos_ptr_len(&edesc->desc.ptr[1], is_sec1))
  1482. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1],
  1483. DMA_TO_DEVICE);
  1484. if (from_talitos_ptr_len(&edesc->desc.ptr[2], is_sec1))
  1485. unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2],
  1486. DMA_TO_DEVICE);
  1487. if (edesc->dma_len)
  1488. dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
  1489. DMA_BIDIRECTIONAL);
  1490. }
  1491. static void ahash_done(struct device *dev,
  1492. struct talitos_desc *desc, void *context,
  1493. int err)
  1494. {
  1495. struct ahash_request *areq = context;
  1496. struct talitos_edesc *edesc =
  1497. container_of(desc, struct talitos_edesc, desc);
  1498. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1499. if (!req_ctx->last && req_ctx->to_hash_later) {
  1500. /* Position any partial block for next update/final/finup */
  1501. memcpy(req_ctx->buf, req_ctx->bufnext, req_ctx->to_hash_later);
  1502. req_ctx->nbuf = req_ctx->to_hash_later;
  1503. }
  1504. common_nonsnoop_hash_unmap(dev, edesc, areq);
  1505. kfree(edesc);
  1506. areq->base.complete(&areq->base, err);
  1507. }
  1508. /*
  1509. * SEC1 doesn't like hashing of 0 sized message, so we do the padding
  1510. * ourself and submit a padded block
  1511. */
  1512. void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
  1513. struct talitos_edesc *edesc,
  1514. struct talitos_ptr *ptr)
  1515. {
  1516. static u8 padded_hash[64] = {
  1517. 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  1518. 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  1519. 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  1520. 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  1521. };
  1522. pr_err_once("Bug in SEC1, padding ourself\n");
  1523. edesc->desc.hdr &= ~DESC_HDR_MODE0_MDEU_PAD;
  1524. map_single_talitos_ptr(ctx->dev, ptr, sizeof(padded_hash),
  1525. (char *)padded_hash, DMA_TO_DEVICE);
  1526. }
  1527. static int common_nonsnoop_hash(struct talitos_edesc *edesc,
  1528. struct ahash_request *areq, unsigned int length,
  1529. void (*callback) (struct device *dev,
  1530. struct talitos_desc *desc,
  1531. void *context, int error))
  1532. {
  1533. struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
  1534. struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
  1535. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1536. struct device *dev = ctx->dev;
  1537. struct talitos_desc *desc = &edesc->desc;
  1538. int ret;
  1539. bool sync_needed = false;
  1540. struct talitos_private *priv = dev_get_drvdata(dev);
  1541. bool is_sec1 = has_ftr_sec1(priv);
  1542. int sg_count;
  1543. /* first DWORD empty */
  1544. desc->ptr[0] = zero_entry;
  1545. /* hash context in */
  1546. if (!req_ctx->first || req_ctx->swinit) {
  1547. map_single_talitos_ptr(dev, &desc->ptr[1],
  1548. req_ctx->hw_context_size,
  1549. (char *)req_ctx->hw_context,
  1550. DMA_TO_DEVICE);
  1551. req_ctx->swinit = 0;
  1552. } else {
  1553. desc->ptr[1] = zero_entry;
  1554. }
  1555. /* Indicate next op is not the first. */
  1556. req_ctx->first = 0;
  1557. /* HMAC key */
  1558. if (ctx->keylen)
  1559. map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
  1560. (char *)&ctx->key, DMA_TO_DEVICE);
  1561. else
  1562. desc->ptr[2] = zero_entry;
  1563. sg_count = edesc->src_nents ?: 1;
  1564. if (is_sec1 && sg_count > 1)
  1565. sg_copy_to_buffer(req_ctx->psrc, sg_count, edesc->buf, length);
  1566. else
  1567. sg_count = dma_map_sg(dev, req_ctx->psrc, sg_count,
  1568. DMA_TO_DEVICE);
  1569. /*
  1570. * data in
  1571. */
  1572. sg_count = talitos_sg_map(dev, req_ctx->psrc, length, edesc,
  1573. &desc->ptr[3], sg_count, 0, 0);
  1574. if (sg_count > 1)
  1575. sync_needed = true;
  1576. /* fifth DWORD empty */
  1577. desc->ptr[4] = zero_entry;
  1578. /* hash/HMAC out -or- hash context out */
  1579. if (req_ctx->last)
  1580. map_single_talitos_ptr(dev, &desc->ptr[5],
  1581. crypto_ahash_digestsize(tfm),
  1582. areq->result, DMA_FROM_DEVICE);
  1583. else
  1584. map_single_talitos_ptr(dev, &desc->ptr[5],
  1585. req_ctx->hw_context_size,
  1586. req_ctx->hw_context, DMA_FROM_DEVICE);
  1587. /* last DWORD empty */
  1588. desc->ptr[6] = zero_entry;
  1589. if (is_sec1 && from_talitos_ptr_len(&desc->ptr[3], true) == 0)
  1590. talitos_handle_buggy_hash(ctx, edesc, &desc->ptr[3]);
  1591. if (sync_needed)
  1592. dma_sync_single_for_device(dev, edesc->dma_link_tbl,
  1593. edesc->dma_len, DMA_BIDIRECTIONAL);
  1594. ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
  1595. if (ret != -EINPROGRESS) {
  1596. common_nonsnoop_hash_unmap(dev, edesc, areq);
  1597. kfree(edesc);
  1598. }
  1599. return ret;
  1600. }
  1601. static struct talitos_edesc *ahash_edesc_alloc(struct ahash_request *areq,
  1602. unsigned int nbytes)
  1603. {
  1604. struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
  1605. struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
  1606. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1607. return talitos_edesc_alloc(ctx->dev, req_ctx->psrc, NULL, NULL, 0,
  1608. nbytes, 0, 0, 0, areq->base.flags, false);
  1609. }
  1610. static int ahash_init(struct ahash_request *areq)
  1611. {
  1612. struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
  1613. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1614. /* Initialize the context */
  1615. req_ctx->nbuf = 0;
  1616. req_ctx->first = 1; /* first indicates h/w must init its context */
  1617. req_ctx->swinit = 0; /* assume h/w init of context */
  1618. req_ctx->hw_context_size =
  1619. (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE)
  1620. ? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256
  1621. : TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512;
  1622. return 0;
  1623. }
  1624. /*
  1625. * on h/w without explicit sha224 support, we initialize h/w context
  1626. * manually with sha224 constants, and tell it to run sha256.
  1627. */
  1628. static int ahash_init_sha224_swinit(struct ahash_request *areq)
  1629. {
  1630. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1631. ahash_init(areq);
  1632. req_ctx->swinit = 1;/* prevent h/w initting context with sha256 values*/
  1633. req_ctx->hw_context[0] = SHA224_H0;
  1634. req_ctx->hw_context[1] = SHA224_H1;
  1635. req_ctx->hw_context[2] = SHA224_H2;
  1636. req_ctx->hw_context[3] = SHA224_H3;
  1637. req_ctx->hw_context[4] = SHA224_H4;
  1638. req_ctx->hw_context[5] = SHA224_H5;
  1639. req_ctx->hw_context[6] = SHA224_H6;
  1640. req_ctx->hw_context[7] = SHA224_H7;
  1641. /* init 64-bit count */
  1642. req_ctx->hw_context[8] = 0;
  1643. req_ctx->hw_context[9] = 0;
  1644. return 0;
  1645. }
  1646. static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
  1647. {
  1648. struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
  1649. struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
  1650. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1651. struct talitos_edesc *edesc;
  1652. unsigned int blocksize =
  1653. crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
  1654. unsigned int nbytes_to_hash;
  1655. unsigned int to_hash_later;
  1656. unsigned int nsg;
  1657. int nents;
  1658. if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) {
  1659. /* Buffer up to one whole block */
  1660. nents = sg_nents_for_len(areq->src, nbytes);
  1661. if (nents < 0) {
  1662. dev_err(ctx->dev, "Invalid number of src SG.\n");
  1663. return nents;
  1664. }
  1665. sg_copy_to_buffer(areq->src, nents,
  1666. req_ctx->buf + req_ctx->nbuf, nbytes);
  1667. req_ctx->nbuf += nbytes;
  1668. return 0;
  1669. }
  1670. /* At least (blocksize + 1) bytes are available to hash */
  1671. nbytes_to_hash = nbytes + req_ctx->nbuf;
  1672. to_hash_later = nbytes_to_hash & (blocksize - 1);
  1673. if (req_ctx->last)
  1674. to_hash_later = 0;
  1675. else if (to_hash_later)
  1676. /* There is a partial block. Hash the full block(s) now */
  1677. nbytes_to_hash -= to_hash_later;
  1678. else {
  1679. /* Keep one block buffered */
  1680. nbytes_to_hash -= blocksize;
  1681. to_hash_later = blocksize;
  1682. }
  1683. /* Chain in any previously buffered data */
  1684. if (req_ctx->nbuf) {
  1685. nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
  1686. sg_init_table(req_ctx->bufsl, nsg);
  1687. sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
  1688. if (nsg > 1)
  1689. sg_chain(req_ctx->bufsl, 2, areq->src);
  1690. req_ctx->psrc = req_ctx->bufsl;
  1691. } else
  1692. req_ctx->psrc = areq->src;
  1693. if (to_hash_later) {
  1694. nents = sg_nents_for_len(areq->src, nbytes);
  1695. if (nents < 0) {
  1696. dev_err(ctx->dev, "Invalid number of src SG.\n");
  1697. return nents;
  1698. }
  1699. sg_pcopy_to_buffer(areq->src, nents,
  1700. req_ctx->bufnext,
  1701. to_hash_later,
  1702. nbytes - to_hash_later);
  1703. }
  1704. req_ctx->to_hash_later = to_hash_later;
  1705. /* Allocate extended descriptor */
  1706. edesc = ahash_edesc_alloc(areq, nbytes_to_hash);
  1707. if (IS_ERR(edesc))
  1708. return PTR_ERR(edesc);
  1709. edesc->desc.hdr = ctx->desc_hdr_template;
  1710. /* On last one, request SEC to pad; otherwise continue */
  1711. if (req_ctx->last)
  1712. edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_PAD;
  1713. else
  1714. edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_CONT;
  1715. /* request SEC to INIT hash. */
  1716. if (req_ctx->first && !req_ctx->swinit)
  1717. edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_INIT;
  1718. /* When the tfm context has a keylen, it's an HMAC.
  1719. * A first or last (ie. not middle) descriptor must request HMAC.
  1720. */
  1721. if (ctx->keylen && (req_ctx->first || req_ctx->last))
  1722. edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_HMAC;
  1723. return common_nonsnoop_hash(edesc, areq, nbytes_to_hash,
  1724. ahash_done);
  1725. }
  1726. static int ahash_update(struct ahash_request *areq)
  1727. {
  1728. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1729. req_ctx->last = 0;
  1730. return ahash_process_req(areq, areq->nbytes);
  1731. }
  1732. static int ahash_final(struct ahash_request *areq)
  1733. {
  1734. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1735. req_ctx->last = 1;
  1736. return ahash_process_req(areq, 0);
  1737. }
  1738. static int ahash_finup(struct ahash_request *areq)
  1739. {
  1740. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1741. req_ctx->last = 1;
  1742. return ahash_process_req(areq, areq->nbytes);
  1743. }
  1744. static int ahash_digest(struct ahash_request *areq)
  1745. {
  1746. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1747. struct crypto_ahash *ahash = crypto_ahash_reqtfm(areq);
  1748. ahash->init(areq);
  1749. req_ctx->last = 1;
  1750. return ahash_process_req(areq, areq->nbytes);
  1751. }
  1752. static int ahash_export(struct ahash_request *areq, void *out)
  1753. {
  1754. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1755. struct talitos_export_state *export = out;
  1756. memcpy(export->hw_context, req_ctx->hw_context,
  1757. req_ctx->hw_context_size);
  1758. memcpy(export->buf, req_ctx->buf, req_ctx->nbuf);
  1759. export->swinit = req_ctx->swinit;
  1760. export->first = req_ctx->first;
  1761. export->last = req_ctx->last;
  1762. export->to_hash_later = req_ctx->to_hash_later;
  1763. export->nbuf = req_ctx->nbuf;
  1764. return 0;
  1765. }
  1766. static int ahash_import(struct ahash_request *areq, const void *in)
  1767. {
  1768. struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
  1769. struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
  1770. const struct talitos_export_state *export = in;
  1771. memset(req_ctx, 0, sizeof(*req_ctx));
  1772. req_ctx->hw_context_size =
  1773. (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE)
  1774. ? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256
  1775. : TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512;
  1776. memcpy(req_ctx->hw_context, export->hw_context,
  1777. req_ctx->hw_context_size);
  1778. memcpy(req_ctx->buf, export->buf, export->nbuf);
  1779. req_ctx->swinit = export->swinit;
  1780. req_ctx->first = export->first;
  1781. req_ctx->last = export->last;
  1782. req_ctx->to_hash_later = export->to_hash_later;
  1783. req_ctx->nbuf = export->nbuf;
  1784. return 0;
  1785. }
  1786. struct keyhash_result {
  1787. struct completion completion;
  1788. int err;
  1789. };
  1790. static void keyhash_complete(struct crypto_async_request *req, int err)
  1791. {
  1792. struct keyhash_result *res = req->data;
  1793. if (err == -EINPROGRESS)
  1794. return;
  1795. res->err = err;
  1796. complete(&res->completion);
  1797. }
  1798. static int keyhash(struct crypto_ahash *tfm, const u8 *key, unsigned int keylen,
  1799. u8 *hash)
  1800. {
  1801. struct talitos_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm));
  1802. struct scatterlist sg[1];
  1803. struct ahash_request *req;
  1804. struct keyhash_result hresult;
  1805. int ret;
  1806. init_completion(&hresult.completion);
  1807. req = ahash_request_alloc(tfm, GFP_KERNEL);
  1808. if (!req)
  1809. return -ENOMEM;
  1810. /* Keep tfm keylen == 0 during hash of the long key */
  1811. ctx->keylen = 0;
  1812. ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
  1813. keyhash_complete, &hresult);
  1814. sg_init_one(&sg[0], key, keylen);
  1815. ahash_request_set_crypt(req, sg, hash, keylen);
  1816. ret = crypto_ahash_digest(req);
  1817. switch (ret) {
  1818. case 0:
  1819. break;
  1820. case -EINPROGRESS:
  1821. case -EBUSY:
  1822. ret = wait_for_completion_interruptible(
  1823. &hresult.completion);
  1824. if (!ret)
  1825. ret = hresult.err;
  1826. break;
  1827. default:
  1828. break;
  1829. }
  1830. ahash_request_free(req);
  1831. return ret;
  1832. }
  1833. static int ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
  1834. unsigned int keylen)
  1835. {
  1836. struct talitos_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm));
  1837. unsigned int blocksize =
  1838. crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
  1839. unsigned int digestsize = crypto_ahash_digestsize(tfm);
  1840. unsigned int keysize = keylen;
  1841. u8 hash[SHA512_DIGEST_SIZE];
  1842. int ret;
  1843. if (keylen <= blocksize)
  1844. memcpy(ctx->key, key, keysize);
  1845. else {
  1846. /* Must get the hash of the long key */
  1847. ret = keyhash(tfm, key, keylen, hash);
  1848. if (ret) {
  1849. crypto_ahash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
  1850. return -EINVAL;
  1851. }
  1852. keysize = digestsize;
  1853. memcpy(ctx->key, hash, digestsize);
  1854. }
  1855. ctx->keylen = keysize;
  1856. return 0;
  1857. }
  1858. struct talitos_alg_template {
  1859. u32 type;
  1860. u32 priority;
  1861. union {
  1862. struct crypto_alg crypto;
  1863. struct ahash_alg hash;
  1864. struct aead_alg aead;
  1865. } alg;
  1866. __be32 desc_hdr_template;
  1867. };
  1868. static struct talitos_alg_template driver_algs[] = {
  1869. /* AEAD algorithms. These use a single-pass ipsec_esp descriptor */
  1870. { .type = CRYPTO_ALG_TYPE_AEAD,
  1871. .alg.aead = {
  1872. .base = {
  1873. .cra_name = "authenc(hmac(sha1),cbc(aes))",
  1874. .cra_driver_name = "authenc-hmac-sha1-"
  1875. "cbc-aes-talitos",
  1876. .cra_blocksize = AES_BLOCK_SIZE,
  1877. .cra_flags = CRYPTO_ALG_ASYNC,
  1878. },
  1879. .ivsize = AES_BLOCK_SIZE,
  1880. .maxauthsize = SHA1_DIGEST_SIZE,
  1881. },
  1882. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  1883. DESC_HDR_SEL0_AESU |
  1884. DESC_HDR_MODE0_AESU_CBC |
  1885. DESC_HDR_SEL1_MDEUA |
  1886. DESC_HDR_MODE1_MDEU_INIT |
  1887. DESC_HDR_MODE1_MDEU_PAD |
  1888. DESC_HDR_MODE1_MDEU_SHA1_HMAC,
  1889. },
  1890. { .type = CRYPTO_ALG_TYPE_AEAD,
  1891. .priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
  1892. .alg.aead = {
  1893. .base = {
  1894. .cra_name = "authenc(hmac(sha1),cbc(aes))",
  1895. .cra_driver_name = "authenc-hmac-sha1-"
  1896. "cbc-aes-talitos-hsna",
  1897. .cra_blocksize = AES_BLOCK_SIZE,
  1898. .cra_flags = CRYPTO_ALG_ASYNC,
  1899. },
  1900. .ivsize = AES_BLOCK_SIZE,
  1901. .maxauthsize = SHA1_DIGEST_SIZE,
  1902. },
  1903. .desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
  1904. DESC_HDR_SEL0_AESU |
  1905. DESC_HDR_MODE0_AESU_CBC |
  1906. DESC_HDR_SEL1_MDEUA |
  1907. DESC_HDR_MODE1_MDEU_INIT |
  1908. DESC_HDR_MODE1_MDEU_PAD |
  1909. DESC_HDR_MODE1_MDEU_SHA1_HMAC,
  1910. },
  1911. { .type = CRYPTO_ALG_TYPE_AEAD,
  1912. .alg.aead = {
  1913. .base = {
  1914. .cra_name = "authenc(hmac(sha1),"
  1915. "cbc(des3_ede))",
  1916. .cra_driver_name = "authenc-hmac-sha1-"
  1917. "cbc-3des-talitos",
  1918. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  1919. .cra_flags = CRYPTO_ALG_ASYNC,
  1920. },
  1921. .ivsize = DES3_EDE_BLOCK_SIZE,
  1922. .maxauthsize = SHA1_DIGEST_SIZE,
  1923. },
  1924. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  1925. DESC_HDR_SEL0_DEU |
  1926. DESC_HDR_MODE0_DEU_CBC |
  1927. DESC_HDR_MODE0_DEU_3DES |
  1928. DESC_HDR_SEL1_MDEUA |
  1929. DESC_HDR_MODE1_MDEU_INIT |
  1930. DESC_HDR_MODE1_MDEU_PAD |
  1931. DESC_HDR_MODE1_MDEU_SHA1_HMAC,
  1932. },
  1933. { .type = CRYPTO_ALG_TYPE_AEAD,
  1934. .priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
  1935. .alg.aead = {
  1936. .base = {
  1937. .cra_name = "authenc(hmac(sha1),"
  1938. "cbc(des3_ede))",
  1939. .cra_driver_name = "authenc-hmac-sha1-"
  1940. "cbc-3des-talitos-hsna",
  1941. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  1942. .cra_flags = CRYPTO_ALG_ASYNC,
  1943. },
  1944. .ivsize = DES3_EDE_BLOCK_SIZE,
  1945. .maxauthsize = SHA1_DIGEST_SIZE,
  1946. },
  1947. .desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
  1948. DESC_HDR_SEL0_DEU |
  1949. DESC_HDR_MODE0_DEU_CBC |
  1950. DESC_HDR_MODE0_DEU_3DES |
  1951. DESC_HDR_SEL1_MDEUA |
  1952. DESC_HDR_MODE1_MDEU_INIT |
  1953. DESC_HDR_MODE1_MDEU_PAD |
  1954. DESC_HDR_MODE1_MDEU_SHA1_HMAC,
  1955. },
  1956. { .type = CRYPTO_ALG_TYPE_AEAD,
  1957. .alg.aead = {
  1958. .base = {
  1959. .cra_name = "authenc(hmac(sha224),cbc(aes))",
  1960. .cra_driver_name = "authenc-hmac-sha224-"
  1961. "cbc-aes-talitos",
  1962. .cra_blocksize = AES_BLOCK_SIZE,
  1963. .cra_flags = CRYPTO_ALG_ASYNC,
  1964. },
  1965. .ivsize = AES_BLOCK_SIZE,
  1966. .maxauthsize = SHA224_DIGEST_SIZE,
  1967. },
  1968. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  1969. DESC_HDR_SEL0_AESU |
  1970. DESC_HDR_MODE0_AESU_CBC |
  1971. DESC_HDR_SEL1_MDEUA |
  1972. DESC_HDR_MODE1_MDEU_INIT |
  1973. DESC_HDR_MODE1_MDEU_PAD |
  1974. DESC_HDR_MODE1_MDEU_SHA224_HMAC,
  1975. },
  1976. { .type = CRYPTO_ALG_TYPE_AEAD,
  1977. .priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
  1978. .alg.aead = {
  1979. .base = {
  1980. .cra_name = "authenc(hmac(sha224),cbc(aes))",
  1981. .cra_driver_name = "authenc-hmac-sha224-"
  1982. "cbc-aes-talitos-hsna",
  1983. .cra_blocksize = AES_BLOCK_SIZE,
  1984. .cra_flags = CRYPTO_ALG_ASYNC,
  1985. },
  1986. .ivsize = AES_BLOCK_SIZE,
  1987. .maxauthsize = SHA224_DIGEST_SIZE,
  1988. },
  1989. .desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
  1990. DESC_HDR_SEL0_AESU |
  1991. DESC_HDR_MODE0_AESU_CBC |
  1992. DESC_HDR_SEL1_MDEUA |
  1993. DESC_HDR_MODE1_MDEU_INIT |
  1994. DESC_HDR_MODE1_MDEU_PAD |
  1995. DESC_HDR_MODE1_MDEU_SHA224_HMAC,
  1996. },
  1997. { .type = CRYPTO_ALG_TYPE_AEAD,
  1998. .alg.aead = {
  1999. .base = {
  2000. .cra_name = "authenc(hmac(sha224),"
  2001. "cbc(des3_ede))",
  2002. .cra_driver_name = "authenc-hmac-sha224-"
  2003. "cbc-3des-talitos",
  2004. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2005. .cra_flags = CRYPTO_ALG_ASYNC,
  2006. },
  2007. .ivsize = DES3_EDE_BLOCK_SIZE,
  2008. .maxauthsize = SHA224_DIGEST_SIZE,
  2009. },
  2010. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  2011. DESC_HDR_SEL0_DEU |
  2012. DESC_HDR_MODE0_DEU_CBC |
  2013. DESC_HDR_MODE0_DEU_3DES |
  2014. DESC_HDR_SEL1_MDEUA |
  2015. DESC_HDR_MODE1_MDEU_INIT |
  2016. DESC_HDR_MODE1_MDEU_PAD |
  2017. DESC_HDR_MODE1_MDEU_SHA224_HMAC,
  2018. },
  2019. { .type = CRYPTO_ALG_TYPE_AEAD,
  2020. .priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
  2021. .alg.aead = {
  2022. .base = {
  2023. .cra_name = "authenc(hmac(sha224),"
  2024. "cbc(des3_ede))",
  2025. .cra_driver_name = "authenc-hmac-sha224-"
  2026. "cbc-3des-talitos-hsna",
  2027. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2028. .cra_flags = CRYPTO_ALG_ASYNC,
  2029. },
  2030. .ivsize = DES3_EDE_BLOCK_SIZE,
  2031. .maxauthsize = SHA224_DIGEST_SIZE,
  2032. },
  2033. .desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
  2034. DESC_HDR_SEL0_DEU |
  2035. DESC_HDR_MODE0_DEU_CBC |
  2036. DESC_HDR_MODE0_DEU_3DES |
  2037. DESC_HDR_SEL1_MDEUA |
  2038. DESC_HDR_MODE1_MDEU_INIT |
  2039. DESC_HDR_MODE1_MDEU_PAD |
  2040. DESC_HDR_MODE1_MDEU_SHA224_HMAC,
  2041. },
  2042. { .type = CRYPTO_ALG_TYPE_AEAD,
  2043. .alg.aead = {
  2044. .base = {
  2045. .cra_name = "authenc(hmac(sha256),cbc(aes))",
  2046. .cra_driver_name = "authenc-hmac-sha256-"
  2047. "cbc-aes-talitos",
  2048. .cra_blocksize = AES_BLOCK_SIZE,
  2049. .cra_flags = CRYPTO_ALG_ASYNC,
  2050. },
  2051. .ivsize = AES_BLOCK_SIZE,
  2052. .maxauthsize = SHA256_DIGEST_SIZE,
  2053. },
  2054. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  2055. DESC_HDR_SEL0_AESU |
  2056. DESC_HDR_MODE0_AESU_CBC |
  2057. DESC_HDR_SEL1_MDEUA |
  2058. DESC_HDR_MODE1_MDEU_INIT |
  2059. DESC_HDR_MODE1_MDEU_PAD |
  2060. DESC_HDR_MODE1_MDEU_SHA256_HMAC,
  2061. },
  2062. { .type = CRYPTO_ALG_TYPE_AEAD,
  2063. .priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
  2064. .alg.aead = {
  2065. .base = {
  2066. .cra_name = "authenc(hmac(sha256),cbc(aes))",
  2067. .cra_driver_name = "authenc-hmac-sha256-"
  2068. "cbc-aes-talitos-hsna",
  2069. .cra_blocksize = AES_BLOCK_SIZE,
  2070. .cra_flags = CRYPTO_ALG_ASYNC,
  2071. },
  2072. .ivsize = AES_BLOCK_SIZE,
  2073. .maxauthsize = SHA256_DIGEST_SIZE,
  2074. },
  2075. .desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
  2076. DESC_HDR_SEL0_AESU |
  2077. DESC_HDR_MODE0_AESU_CBC |
  2078. DESC_HDR_SEL1_MDEUA |
  2079. DESC_HDR_MODE1_MDEU_INIT |
  2080. DESC_HDR_MODE1_MDEU_PAD |
  2081. DESC_HDR_MODE1_MDEU_SHA256_HMAC,
  2082. },
  2083. { .type = CRYPTO_ALG_TYPE_AEAD,
  2084. .alg.aead = {
  2085. .base = {
  2086. .cra_name = "authenc(hmac(sha256),"
  2087. "cbc(des3_ede))",
  2088. .cra_driver_name = "authenc-hmac-sha256-"
  2089. "cbc-3des-talitos",
  2090. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2091. .cra_flags = CRYPTO_ALG_ASYNC,
  2092. },
  2093. .ivsize = DES3_EDE_BLOCK_SIZE,
  2094. .maxauthsize = SHA256_DIGEST_SIZE,
  2095. },
  2096. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  2097. DESC_HDR_SEL0_DEU |
  2098. DESC_HDR_MODE0_DEU_CBC |
  2099. DESC_HDR_MODE0_DEU_3DES |
  2100. DESC_HDR_SEL1_MDEUA |
  2101. DESC_HDR_MODE1_MDEU_INIT |
  2102. DESC_HDR_MODE1_MDEU_PAD |
  2103. DESC_HDR_MODE1_MDEU_SHA256_HMAC,
  2104. },
  2105. { .type = CRYPTO_ALG_TYPE_AEAD,
  2106. .priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
  2107. .alg.aead = {
  2108. .base = {
  2109. .cra_name = "authenc(hmac(sha256),"
  2110. "cbc(des3_ede))",
  2111. .cra_driver_name = "authenc-hmac-sha256-"
  2112. "cbc-3des-talitos-hsna",
  2113. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2114. .cra_flags = CRYPTO_ALG_ASYNC,
  2115. },
  2116. .ivsize = DES3_EDE_BLOCK_SIZE,
  2117. .maxauthsize = SHA256_DIGEST_SIZE,
  2118. },
  2119. .desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
  2120. DESC_HDR_SEL0_DEU |
  2121. DESC_HDR_MODE0_DEU_CBC |
  2122. DESC_HDR_MODE0_DEU_3DES |
  2123. DESC_HDR_SEL1_MDEUA |
  2124. DESC_HDR_MODE1_MDEU_INIT |
  2125. DESC_HDR_MODE1_MDEU_PAD |
  2126. DESC_HDR_MODE1_MDEU_SHA256_HMAC,
  2127. },
  2128. { .type = CRYPTO_ALG_TYPE_AEAD,
  2129. .alg.aead = {
  2130. .base = {
  2131. .cra_name = "authenc(hmac(sha384),cbc(aes))",
  2132. .cra_driver_name = "authenc-hmac-sha384-"
  2133. "cbc-aes-talitos",
  2134. .cra_blocksize = AES_BLOCK_SIZE,
  2135. .cra_flags = CRYPTO_ALG_ASYNC,
  2136. },
  2137. .ivsize = AES_BLOCK_SIZE,
  2138. .maxauthsize = SHA384_DIGEST_SIZE,
  2139. },
  2140. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  2141. DESC_HDR_SEL0_AESU |
  2142. DESC_HDR_MODE0_AESU_CBC |
  2143. DESC_HDR_SEL1_MDEUB |
  2144. DESC_HDR_MODE1_MDEU_INIT |
  2145. DESC_HDR_MODE1_MDEU_PAD |
  2146. DESC_HDR_MODE1_MDEUB_SHA384_HMAC,
  2147. },
  2148. { .type = CRYPTO_ALG_TYPE_AEAD,
  2149. .alg.aead = {
  2150. .base = {
  2151. .cra_name = "authenc(hmac(sha384),"
  2152. "cbc(des3_ede))",
  2153. .cra_driver_name = "authenc-hmac-sha384-"
  2154. "cbc-3des-talitos",
  2155. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2156. .cra_flags = CRYPTO_ALG_ASYNC,
  2157. },
  2158. .ivsize = DES3_EDE_BLOCK_SIZE,
  2159. .maxauthsize = SHA384_DIGEST_SIZE,
  2160. },
  2161. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  2162. DESC_HDR_SEL0_DEU |
  2163. DESC_HDR_MODE0_DEU_CBC |
  2164. DESC_HDR_MODE0_DEU_3DES |
  2165. DESC_HDR_SEL1_MDEUB |
  2166. DESC_HDR_MODE1_MDEU_INIT |
  2167. DESC_HDR_MODE1_MDEU_PAD |
  2168. DESC_HDR_MODE1_MDEUB_SHA384_HMAC,
  2169. },
  2170. { .type = CRYPTO_ALG_TYPE_AEAD,
  2171. .alg.aead = {
  2172. .base = {
  2173. .cra_name = "authenc(hmac(sha512),cbc(aes))",
  2174. .cra_driver_name = "authenc-hmac-sha512-"
  2175. "cbc-aes-talitos",
  2176. .cra_blocksize = AES_BLOCK_SIZE,
  2177. .cra_flags = CRYPTO_ALG_ASYNC,
  2178. },
  2179. .ivsize = AES_BLOCK_SIZE,
  2180. .maxauthsize = SHA512_DIGEST_SIZE,
  2181. },
  2182. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  2183. DESC_HDR_SEL0_AESU |
  2184. DESC_HDR_MODE0_AESU_CBC |
  2185. DESC_HDR_SEL1_MDEUB |
  2186. DESC_HDR_MODE1_MDEU_INIT |
  2187. DESC_HDR_MODE1_MDEU_PAD |
  2188. DESC_HDR_MODE1_MDEUB_SHA512_HMAC,
  2189. },
  2190. { .type = CRYPTO_ALG_TYPE_AEAD,
  2191. .alg.aead = {
  2192. .base = {
  2193. .cra_name = "authenc(hmac(sha512),"
  2194. "cbc(des3_ede))",
  2195. .cra_driver_name = "authenc-hmac-sha512-"
  2196. "cbc-3des-talitos",
  2197. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2198. .cra_flags = CRYPTO_ALG_ASYNC,
  2199. },
  2200. .ivsize = DES3_EDE_BLOCK_SIZE,
  2201. .maxauthsize = SHA512_DIGEST_SIZE,
  2202. },
  2203. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  2204. DESC_HDR_SEL0_DEU |
  2205. DESC_HDR_MODE0_DEU_CBC |
  2206. DESC_HDR_MODE0_DEU_3DES |
  2207. DESC_HDR_SEL1_MDEUB |
  2208. DESC_HDR_MODE1_MDEU_INIT |
  2209. DESC_HDR_MODE1_MDEU_PAD |
  2210. DESC_HDR_MODE1_MDEUB_SHA512_HMAC,
  2211. },
  2212. { .type = CRYPTO_ALG_TYPE_AEAD,
  2213. .alg.aead = {
  2214. .base = {
  2215. .cra_name = "authenc(hmac(md5),cbc(aes))",
  2216. .cra_driver_name = "authenc-hmac-md5-"
  2217. "cbc-aes-talitos",
  2218. .cra_blocksize = AES_BLOCK_SIZE,
  2219. .cra_flags = CRYPTO_ALG_ASYNC,
  2220. },
  2221. .ivsize = AES_BLOCK_SIZE,
  2222. .maxauthsize = MD5_DIGEST_SIZE,
  2223. },
  2224. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  2225. DESC_HDR_SEL0_AESU |
  2226. DESC_HDR_MODE0_AESU_CBC |
  2227. DESC_HDR_SEL1_MDEUA |
  2228. DESC_HDR_MODE1_MDEU_INIT |
  2229. DESC_HDR_MODE1_MDEU_PAD |
  2230. DESC_HDR_MODE1_MDEU_MD5_HMAC,
  2231. },
  2232. { .type = CRYPTO_ALG_TYPE_AEAD,
  2233. .priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
  2234. .alg.aead = {
  2235. .base = {
  2236. .cra_name = "authenc(hmac(md5),cbc(aes))",
  2237. .cra_driver_name = "authenc-hmac-md5-"
  2238. "cbc-aes-talitos-hsna",
  2239. .cra_blocksize = AES_BLOCK_SIZE,
  2240. .cra_flags = CRYPTO_ALG_ASYNC,
  2241. },
  2242. .ivsize = AES_BLOCK_SIZE,
  2243. .maxauthsize = MD5_DIGEST_SIZE,
  2244. },
  2245. .desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
  2246. DESC_HDR_SEL0_AESU |
  2247. DESC_HDR_MODE0_AESU_CBC |
  2248. DESC_HDR_SEL1_MDEUA |
  2249. DESC_HDR_MODE1_MDEU_INIT |
  2250. DESC_HDR_MODE1_MDEU_PAD |
  2251. DESC_HDR_MODE1_MDEU_MD5_HMAC,
  2252. },
  2253. { .type = CRYPTO_ALG_TYPE_AEAD,
  2254. .alg.aead = {
  2255. .base = {
  2256. .cra_name = "authenc(hmac(md5),cbc(des3_ede))",
  2257. .cra_driver_name = "authenc-hmac-md5-"
  2258. "cbc-3des-talitos",
  2259. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2260. .cra_flags = CRYPTO_ALG_ASYNC,
  2261. },
  2262. .ivsize = DES3_EDE_BLOCK_SIZE,
  2263. .maxauthsize = MD5_DIGEST_SIZE,
  2264. },
  2265. .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
  2266. DESC_HDR_SEL0_DEU |
  2267. DESC_HDR_MODE0_DEU_CBC |
  2268. DESC_HDR_MODE0_DEU_3DES |
  2269. DESC_HDR_SEL1_MDEUA |
  2270. DESC_HDR_MODE1_MDEU_INIT |
  2271. DESC_HDR_MODE1_MDEU_PAD |
  2272. DESC_HDR_MODE1_MDEU_MD5_HMAC,
  2273. },
  2274. { .type = CRYPTO_ALG_TYPE_AEAD,
  2275. .priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
  2276. .alg.aead = {
  2277. .base = {
  2278. .cra_name = "authenc(hmac(md5),cbc(des3_ede))",
  2279. .cra_driver_name = "authenc-hmac-md5-"
  2280. "cbc-3des-talitos-hsna",
  2281. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2282. .cra_flags = CRYPTO_ALG_ASYNC,
  2283. },
  2284. .ivsize = DES3_EDE_BLOCK_SIZE,
  2285. .maxauthsize = MD5_DIGEST_SIZE,
  2286. },
  2287. .desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
  2288. DESC_HDR_SEL0_DEU |
  2289. DESC_HDR_MODE0_DEU_CBC |
  2290. DESC_HDR_MODE0_DEU_3DES |
  2291. DESC_HDR_SEL1_MDEUA |
  2292. DESC_HDR_MODE1_MDEU_INIT |
  2293. DESC_HDR_MODE1_MDEU_PAD |
  2294. DESC_HDR_MODE1_MDEU_MD5_HMAC,
  2295. },
  2296. /* ABLKCIPHER algorithms. */
  2297. { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
  2298. .alg.crypto = {
  2299. .cra_name = "ecb(aes)",
  2300. .cra_driver_name = "ecb-aes-talitos",
  2301. .cra_blocksize = AES_BLOCK_SIZE,
  2302. .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
  2303. CRYPTO_ALG_ASYNC,
  2304. .cra_ablkcipher = {
  2305. .min_keysize = AES_MIN_KEY_SIZE,
  2306. .max_keysize = AES_MAX_KEY_SIZE,
  2307. .ivsize = AES_BLOCK_SIZE,
  2308. }
  2309. },
  2310. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2311. DESC_HDR_SEL0_AESU,
  2312. },
  2313. { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
  2314. .alg.crypto = {
  2315. .cra_name = "cbc(aes)",
  2316. .cra_driver_name = "cbc-aes-talitos",
  2317. .cra_blocksize = AES_BLOCK_SIZE,
  2318. .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
  2319. CRYPTO_ALG_ASYNC,
  2320. .cra_ablkcipher = {
  2321. .min_keysize = AES_MIN_KEY_SIZE,
  2322. .max_keysize = AES_MAX_KEY_SIZE,
  2323. .ivsize = AES_BLOCK_SIZE,
  2324. .setkey = ablkcipher_aes_setkey,
  2325. }
  2326. },
  2327. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2328. DESC_HDR_SEL0_AESU |
  2329. DESC_HDR_MODE0_AESU_CBC,
  2330. },
  2331. { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
  2332. .alg.crypto = {
  2333. .cra_name = "ctr(aes)",
  2334. .cra_driver_name = "ctr-aes-talitos",
  2335. .cra_blocksize = 1,
  2336. .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
  2337. CRYPTO_ALG_ASYNC,
  2338. .cra_ablkcipher = {
  2339. .min_keysize = AES_MIN_KEY_SIZE,
  2340. .max_keysize = AES_MAX_KEY_SIZE,
  2341. .setkey = ablkcipher_aes_setkey,
  2342. }
  2343. },
  2344. .desc_hdr_template = DESC_HDR_TYPE_AESU_CTR_NONSNOOP |
  2345. DESC_HDR_SEL0_AESU |
  2346. DESC_HDR_MODE0_AESU_CTR,
  2347. },
  2348. { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
  2349. .alg.crypto = {
  2350. .cra_name = "ecb(des)",
  2351. .cra_driver_name = "ecb-des-talitos",
  2352. .cra_blocksize = DES_BLOCK_SIZE,
  2353. .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
  2354. CRYPTO_ALG_ASYNC,
  2355. .cra_ablkcipher = {
  2356. .min_keysize = DES_KEY_SIZE,
  2357. .max_keysize = DES_KEY_SIZE,
  2358. .ivsize = DES_BLOCK_SIZE,
  2359. }
  2360. },
  2361. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2362. DESC_HDR_SEL0_DEU,
  2363. },
  2364. { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
  2365. .alg.crypto = {
  2366. .cra_name = "cbc(des)",
  2367. .cra_driver_name = "cbc-des-talitos",
  2368. .cra_blocksize = DES_BLOCK_SIZE,
  2369. .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
  2370. CRYPTO_ALG_ASYNC,
  2371. .cra_ablkcipher = {
  2372. .min_keysize = DES_KEY_SIZE,
  2373. .max_keysize = DES_KEY_SIZE,
  2374. .ivsize = DES_BLOCK_SIZE,
  2375. }
  2376. },
  2377. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2378. DESC_HDR_SEL0_DEU |
  2379. DESC_HDR_MODE0_DEU_CBC,
  2380. },
  2381. { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
  2382. .alg.crypto = {
  2383. .cra_name = "ecb(des3_ede)",
  2384. .cra_driver_name = "ecb-3des-talitos",
  2385. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2386. .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
  2387. CRYPTO_ALG_ASYNC,
  2388. .cra_ablkcipher = {
  2389. .min_keysize = DES3_EDE_KEY_SIZE,
  2390. .max_keysize = DES3_EDE_KEY_SIZE,
  2391. .ivsize = DES3_EDE_BLOCK_SIZE,
  2392. }
  2393. },
  2394. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2395. DESC_HDR_SEL0_DEU |
  2396. DESC_HDR_MODE0_DEU_3DES,
  2397. },
  2398. { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
  2399. .alg.crypto = {
  2400. .cra_name = "cbc(des3_ede)",
  2401. .cra_driver_name = "cbc-3des-talitos",
  2402. .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  2403. .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
  2404. CRYPTO_ALG_ASYNC,
  2405. .cra_ablkcipher = {
  2406. .min_keysize = DES3_EDE_KEY_SIZE,
  2407. .max_keysize = DES3_EDE_KEY_SIZE,
  2408. .ivsize = DES3_EDE_BLOCK_SIZE,
  2409. }
  2410. },
  2411. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2412. DESC_HDR_SEL0_DEU |
  2413. DESC_HDR_MODE0_DEU_CBC |
  2414. DESC_HDR_MODE0_DEU_3DES,
  2415. },
  2416. /* AHASH algorithms. */
  2417. { .type = CRYPTO_ALG_TYPE_AHASH,
  2418. .alg.hash = {
  2419. .halg.digestsize = MD5_DIGEST_SIZE,
  2420. .halg.statesize = sizeof(struct talitos_export_state),
  2421. .halg.base = {
  2422. .cra_name = "md5",
  2423. .cra_driver_name = "md5-talitos",
  2424. .cra_blocksize = MD5_HMAC_BLOCK_SIZE,
  2425. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2426. CRYPTO_ALG_ASYNC,
  2427. }
  2428. },
  2429. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2430. DESC_HDR_SEL0_MDEUA |
  2431. DESC_HDR_MODE0_MDEU_MD5,
  2432. },
  2433. { .type = CRYPTO_ALG_TYPE_AHASH,
  2434. .alg.hash = {
  2435. .halg.digestsize = SHA1_DIGEST_SIZE,
  2436. .halg.statesize = sizeof(struct talitos_export_state),
  2437. .halg.base = {
  2438. .cra_name = "sha1",
  2439. .cra_driver_name = "sha1-talitos",
  2440. .cra_blocksize = SHA1_BLOCK_SIZE,
  2441. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2442. CRYPTO_ALG_ASYNC,
  2443. }
  2444. },
  2445. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2446. DESC_HDR_SEL0_MDEUA |
  2447. DESC_HDR_MODE0_MDEU_SHA1,
  2448. },
  2449. { .type = CRYPTO_ALG_TYPE_AHASH,
  2450. .alg.hash = {
  2451. .halg.digestsize = SHA224_DIGEST_SIZE,
  2452. .halg.statesize = sizeof(struct talitos_export_state),
  2453. .halg.base = {
  2454. .cra_name = "sha224",
  2455. .cra_driver_name = "sha224-talitos",
  2456. .cra_blocksize = SHA224_BLOCK_SIZE,
  2457. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2458. CRYPTO_ALG_ASYNC,
  2459. }
  2460. },
  2461. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2462. DESC_HDR_SEL0_MDEUA |
  2463. DESC_HDR_MODE0_MDEU_SHA224,
  2464. },
  2465. { .type = CRYPTO_ALG_TYPE_AHASH,
  2466. .alg.hash = {
  2467. .halg.digestsize = SHA256_DIGEST_SIZE,
  2468. .halg.statesize = sizeof(struct talitos_export_state),
  2469. .halg.base = {
  2470. .cra_name = "sha256",
  2471. .cra_driver_name = "sha256-talitos",
  2472. .cra_blocksize = SHA256_BLOCK_SIZE,
  2473. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2474. CRYPTO_ALG_ASYNC,
  2475. }
  2476. },
  2477. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2478. DESC_HDR_SEL0_MDEUA |
  2479. DESC_HDR_MODE0_MDEU_SHA256,
  2480. },
  2481. { .type = CRYPTO_ALG_TYPE_AHASH,
  2482. .alg.hash = {
  2483. .halg.digestsize = SHA384_DIGEST_SIZE,
  2484. .halg.statesize = sizeof(struct talitos_export_state),
  2485. .halg.base = {
  2486. .cra_name = "sha384",
  2487. .cra_driver_name = "sha384-talitos",
  2488. .cra_blocksize = SHA384_BLOCK_SIZE,
  2489. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2490. CRYPTO_ALG_ASYNC,
  2491. }
  2492. },
  2493. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2494. DESC_HDR_SEL0_MDEUB |
  2495. DESC_HDR_MODE0_MDEUB_SHA384,
  2496. },
  2497. { .type = CRYPTO_ALG_TYPE_AHASH,
  2498. .alg.hash = {
  2499. .halg.digestsize = SHA512_DIGEST_SIZE,
  2500. .halg.statesize = sizeof(struct talitos_export_state),
  2501. .halg.base = {
  2502. .cra_name = "sha512",
  2503. .cra_driver_name = "sha512-talitos",
  2504. .cra_blocksize = SHA512_BLOCK_SIZE,
  2505. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2506. CRYPTO_ALG_ASYNC,
  2507. }
  2508. },
  2509. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2510. DESC_HDR_SEL0_MDEUB |
  2511. DESC_HDR_MODE0_MDEUB_SHA512,
  2512. },
  2513. { .type = CRYPTO_ALG_TYPE_AHASH,
  2514. .alg.hash = {
  2515. .halg.digestsize = MD5_DIGEST_SIZE,
  2516. .halg.statesize = sizeof(struct talitos_export_state),
  2517. .halg.base = {
  2518. .cra_name = "hmac(md5)",
  2519. .cra_driver_name = "hmac-md5-talitos",
  2520. .cra_blocksize = MD5_HMAC_BLOCK_SIZE,
  2521. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2522. CRYPTO_ALG_ASYNC,
  2523. }
  2524. },
  2525. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2526. DESC_HDR_SEL0_MDEUA |
  2527. DESC_HDR_MODE0_MDEU_MD5,
  2528. },
  2529. { .type = CRYPTO_ALG_TYPE_AHASH,
  2530. .alg.hash = {
  2531. .halg.digestsize = SHA1_DIGEST_SIZE,
  2532. .halg.statesize = sizeof(struct talitos_export_state),
  2533. .halg.base = {
  2534. .cra_name = "hmac(sha1)",
  2535. .cra_driver_name = "hmac-sha1-talitos",
  2536. .cra_blocksize = SHA1_BLOCK_SIZE,
  2537. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2538. CRYPTO_ALG_ASYNC,
  2539. }
  2540. },
  2541. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2542. DESC_HDR_SEL0_MDEUA |
  2543. DESC_HDR_MODE0_MDEU_SHA1,
  2544. },
  2545. { .type = CRYPTO_ALG_TYPE_AHASH,
  2546. .alg.hash = {
  2547. .halg.digestsize = SHA224_DIGEST_SIZE,
  2548. .halg.statesize = sizeof(struct talitos_export_state),
  2549. .halg.base = {
  2550. .cra_name = "hmac(sha224)",
  2551. .cra_driver_name = "hmac-sha224-talitos",
  2552. .cra_blocksize = SHA224_BLOCK_SIZE,
  2553. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2554. CRYPTO_ALG_ASYNC,
  2555. }
  2556. },
  2557. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2558. DESC_HDR_SEL0_MDEUA |
  2559. DESC_HDR_MODE0_MDEU_SHA224,
  2560. },
  2561. { .type = CRYPTO_ALG_TYPE_AHASH,
  2562. .alg.hash = {
  2563. .halg.digestsize = SHA256_DIGEST_SIZE,
  2564. .halg.statesize = sizeof(struct talitos_export_state),
  2565. .halg.base = {
  2566. .cra_name = "hmac(sha256)",
  2567. .cra_driver_name = "hmac-sha256-talitos",
  2568. .cra_blocksize = SHA256_BLOCK_SIZE,
  2569. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2570. CRYPTO_ALG_ASYNC,
  2571. }
  2572. },
  2573. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2574. DESC_HDR_SEL0_MDEUA |
  2575. DESC_HDR_MODE0_MDEU_SHA256,
  2576. },
  2577. { .type = CRYPTO_ALG_TYPE_AHASH,
  2578. .alg.hash = {
  2579. .halg.digestsize = SHA384_DIGEST_SIZE,
  2580. .halg.statesize = sizeof(struct talitos_export_state),
  2581. .halg.base = {
  2582. .cra_name = "hmac(sha384)",
  2583. .cra_driver_name = "hmac-sha384-talitos",
  2584. .cra_blocksize = SHA384_BLOCK_SIZE,
  2585. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2586. CRYPTO_ALG_ASYNC,
  2587. }
  2588. },
  2589. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2590. DESC_HDR_SEL0_MDEUB |
  2591. DESC_HDR_MODE0_MDEUB_SHA384,
  2592. },
  2593. { .type = CRYPTO_ALG_TYPE_AHASH,
  2594. .alg.hash = {
  2595. .halg.digestsize = SHA512_DIGEST_SIZE,
  2596. .halg.statesize = sizeof(struct talitos_export_state),
  2597. .halg.base = {
  2598. .cra_name = "hmac(sha512)",
  2599. .cra_driver_name = "hmac-sha512-talitos",
  2600. .cra_blocksize = SHA512_BLOCK_SIZE,
  2601. .cra_flags = CRYPTO_ALG_TYPE_AHASH |
  2602. CRYPTO_ALG_ASYNC,
  2603. }
  2604. },
  2605. .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2606. DESC_HDR_SEL0_MDEUB |
  2607. DESC_HDR_MODE0_MDEUB_SHA512,
  2608. }
  2609. };
  2610. struct talitos_crypto_alg {
  2611. struct list_head entry;
  2612. struct device *dev;
  2613. struct talitos_alg_template algt;
  2614. };
  2615. static int talitos_init_common(struct talitos_ctx *ctx,
  2616. struct talitos_crypto_alg *talitos_alg)
  2617. {
  2618. struct talitos_private *priv;
  2619. /* update context with ptr to dev */
  2620. ctx->dev = talitos_alg->dev;
  2621. /* assign SEC channel to tfm in round-robin fashion */
  2622. priv = dev_get_drvdata(ctx->dev);
  2623. ctx->ch = atomic_inc_return(&priv->last_chan) &
  2624. (priv->num_channels - 1);
  2625. /* copy descriptor header template value */
  2626. ctx->desc_hdr_template = talitos_alg->algt.desc_hdr_template;
  2627. /* select done notification */
  2628. ctx->desc_hdr_template |= DESC_HDR_DONE_NOTIFY;
  2629. return 0;
  2630. }
  2631. static int talitos_cra_init(struct crypto_tfm *tfm)
  2632. {
  2633. struct crypto_alg *alg = tfm->__crt_alg;
  2634. struct talitos_crypto_alg *talitos_alg;
  2635. struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
  2636. if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_AHASH)
  2637. talitos_alg = container_of(__crypto_ahash_alg(alg),
  2638. struct talitos_crypto_alg,
  2639. algt.alg.hash);
  2640. else
  2641. talitos_alg = container_of(alg, struct talitos_crypto_alg,
  2642. algt.alg.crypto);
  2643. return talitos_init_common(ctx, talitos_alg);
  2644. }
  2645. static int talitos_cra_init_aead(struct crypto_aead *tfm)
  2646. {
  2647. struct aead_alg *alg = crypto_aead_alg(tfm);
  2648. struct talitos_crypto_alg *talitos_alg;
  2649. struct talitos_ctx *ctx = crypto_aead_ctx(tfm);
  2650. talitos_alg = container_of(alg, struct talitos_crypto_alg,
  2651. algt.alg.aead);
  2652. return talitos_init_common(ctx, talitos_alg);
  2653. }
  2654. static int talitos_cra_init_ahash(struct crypto_tfm *tfm)
  2655. {
  2656. struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
  2657. talitos_cra_init(tfm);
  2658. ctx->keylen = 0;
  2659. crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
  2660. sizeof(struct talitos_ahash_req_ctx));
  2661. return 0;
  2662. }
  2663. /*
  2664. * given the alg's descriptor header template, determine whether descriptor
  2665. * type and primary/secondary execution units required match the hw
  2666. * capabilities description provided in the device tree node.
  2667. */
  2668. static int hw_supports(struct device *dev, __be32 desc_hdr_template)
  2669. {
  2670. struct talitos_private *priv = dev_get_drvdata(dev);
  2671. int ret;
  2672. ret = (1 << DESC_TYPE(desc_hdr_template) & priv->desc_types) &&
  2673. (1 << PRIMARY_EU(desc_hdr_template) & priv->exec_units);
  2674. if (SECONDARY_EU(desc_hdr_template))
  2675. ret = ret && (1 << SECONDARY_EU(desc_hdr_template)
  2676. & priv->exec_units);
  2677. return ret;
  2678. }
  2679. static int talitos_remove(struct platform_device *ofdev)
  2680. {
  2681. struct device *dev = &ofdev->dev;
  2682. struct talitos_private *priv = dev_get_drvdata(dev);
  2683. struct talitos_crypto_alg *t_alg, *n;
  2684. int i;
  2685. list_for_each_entry_safe(t_alg, n, &priv->alg_list, entry) {
  2686. switch (t_alg->algt.type) {
  2687. case CRYPTO_ALG_TYPE_ABLKCIPHER:
  2688. break;
  2689. case CRYPTO_ALG_TYPE_AEAD:
  2690. crypto_unregister_aead(&t_alg->algt.alg.aead);
  2691. break;
  2692. case CRYPTO_ALG_TYPE_AHASH:
  2693. crypto_unregister_ahash(&t_alg->algt.alg.hash);
  2694. break;
  2695. }
  2696. list_del(&t_alg->entry);
  2697. kfree(t_alg);
  2698. }
  2699. if (hw_supports(dev, DESC_HDR_SEL0_RNG))
  2700. talitos_unregister_rng(dev);
  2701. for (i = 0; priv->chan && i < priv->num_channels; i++)
  2702. kfree(priv->chan[i].fifo);
  2703. kfree(priv->chan);
  2704. for (i = 0; i < 2; i++)
  2705. if (priv->irq[i]) {
  2706. free_irq(priv->irq[i], dev);
  2707. irq_dispose_mapping(priv->irq[i]);
  2708. }
  2709. tasklet_kill(&priv->done_task[0]);
  2710. if (priv->irq[1])
  2711. tasklet_kill(&priv->done_task[1]);
  2712. iounmap(priv->reg);
  2713. kfree(priv);
  2714. return 0;
  2715. }
  2716. static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev,
  2717. struct talitos_alg_template
  2718. *template)
  2719. {
  2720. struct talitos_private *priv = dev_get_drvdata(dev);
  2721. struct talitos_crypto_alg *t_alg;
  2722. struct crypto_alg *alg;
  2723. t_alg = kzalloc(sizeof(struct talitos_crypto_alg), GFP_KERNEL);
  2724. if (!t_alg)
  2725. return ERR_PTR(-ENOMEM);
  2726. t_alg->algt = *template;
  2727. switch (t_alg->algt.type) {
  2728. case CRYPTO_ALG_TYPE_ABLKCIPHER:
  2729. alg = &t_alg->algt.alg.crypto;
  2730. alg->cra_init = talitos_cra_init;
  2731. alg->cra_type = &crypto_ablkcipher_type;
  2732. alg->cra_ablkcipher.setkey = ablkcipher_setkey;
  2733. alg->cra_ablkcipher.encrypt = ablkcipher_encrypt;
  2734. alg->cra_ablkcipher.decrypt = ablkcipher_decrypt;
  2735. alg->cra_ablkcipher.geniv = "eseqiv";
  2736. break;
  2737. case CRYPTO_ALG_TYPE_AEAD:
  2738. alg = &t_alg->algt.alg.aead.base;
  2739. t_alg->algt.alg.aead.init = talitos_cra_init_aead;
  2740. t_alg->algt.alg.aead.setkey = aead_setkey;
  2741. t_alg->algt.alg.aead.encrypt = aead_encrypt;
  2742. t_alg->algt.alg.aead.decrypt = aead_decrypt;
  2743. if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) &&
  2744. !strncmp(alg->cra_name, "authenc(hmac(sha224)", 20)) {
  2745. kfree(t_alg);
  2746. return ERR_PTR(-ENOTSUPP);
  2747. }
  2748. break;
  2749. case CRYPTO_ALG_TYPE_AHASH:
  2750. alg = &t_alg->algt.alg.hash.halg.base;
  2751. alg->cra_init = talitos_cra_init_ahash;
  2752. alg->cra_type = &crypto_ahash_type;
  2753. t_alg->algt.alg.hash.init = ahash_init;
  2754. t_alg->algt.alg.hash.update = ahash_update;
  2755. t_alg->algt.alg.hash.final = ahash_final;
  2756. t_alg->algt.alg.hash.finup = ahash_finup;
  2757. t_alg->algt.alg.hash.digest = ahash_digest;
  2758. if (!strncmp(alg->cra_name, "hmac", 4))
  2759. t_alg->algt.alg.hash.setkey = ahash_setkey;
  2760. t_alg->algt.alg.hash.import = ahash_import;
  2761. t_alg->algt.alg.hash.export = ahash_export;
  2762. if (!(priv->features & TALITOS_FTR_HMAC_OK) &&
  2763. !strncmp(alg->cra_name, "hmac", 4)) {
  2764. kfree(t_alg);
  2765. return ERR_PTR(-ENOTSUPP);
  2766. }
  2767. if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) &&
  2768. (!strcmp(alg->cra_name, "sha224") ||
  2769. !strcmp(alg->cra_name, "hmac(sha224)"))) {
  2770. t_alg->algt.alg.hash.init = ahash_init_sha224_swinit;
  2771. t_alg->algt.desc_hdr_template =
  2772. DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
  2773. DESC_HDR_SEL0_MDEUA |
  2774. DESC_HDR_MODE0_MDEU_SHA256;
  2775. }
  2776. break;
  2777. default:
  2778. dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type);
  2779. kfree(t_alg);
  2780. return ERR_PTR(-EINVAL);
  2781. }
  2782. alg->cra_module = THIS_MODULE;
  2783. if (t_alg->algt.priority)
  2784. alg->cra_priority = t_alg->algt.priority;
  2785. else
  2786. alg->cra_priority = TALITOS_CRA_PRIORITY;
  2787. if (has_ftr_sec1(priv))
  2788. alg->cra_alignmask = 3;
  2789. else
  2790. alg->cra_alignmask = 0;
  2791. alg->cra_ctxsize = sizeof(struct talitos_ctx);
  2792. alg->cra_flags |= CRYPTO_ALG_KERN_DRIVER_ONLY;
  2793. t_alg->dev = dev;
  2794. return t_alg;
  2795. }
  2796. static int talitos_probe_irq(struct platform_device *ofdev)
  2797. {
  2798. struct device *dev = &ofdev->dev;
  2799. struct device_node *np = ofdev->dev.of_node;
  2800. struct talitos_private *priv = dev_get_drvdata(dev);
  2801. int err;
  2802. bool is_sec1 = has_ftr_sec1(priv);
  2803. priv->irq[0] = irq_of_parse_and_map(np, 0);
  2804. if (!priv->irq[0]) {
  2805. dev_err(dev, "failed to map irq\n");
  2806. return -EINVAL;
  2807. }
  2808. if (is_sec1) {
  2809. err = request_irq(priv->irq[0], talitos1_interrupt_4ch, 0,
  2810. dev_driver_string(dev), dev);
  2811. goto primary_out;
  2812. }
  2813. priv->irq[1] = irq_of_parse_and_map(np, 1);
  2814. /* get the primary irq line */
  2815. if (!priv->irq[1]) {
  2816. err = request_irq(priv->irq[0], talitos2_interrupt_4ch, 0,
  2817. dev_driver_string(dev), dev);
  2818. goto primary_out;
  2819. }
  2820. err = request_irq(priv->irq[0], talitos2_interrupt_ch0_2, 0,
  2821. dev_driver_string(dev), dev);
  2822. if (err)
  2823. goto primary_out;
  2824. /* get the secondary irq line */
  2825. err = request_irq(priv->irq[1], talitos2_interrupt_ch1_3, 0,
  2826. dev_driver_string(dev), dev);
  2827. if (err) {
  2828. dev_err(dev, "failed to request secondary irq\n");
  2829. irq_dispose_mapping(priv->irq[1]);
  2830. priv->irq[1] = 0;
  2831. }
  2832. return err;
  2833. primary_out:
  2834. if (err) {
  2835. dev_err(dev, "failed to request primary irq\n");
  2836. irq_dispose_mapping(priv->irq[0]);
  2837. priv->irq[0] = 0;
  2838. }
  2839. return err;
  2840. }
  2841. static int talitos_probe(struct platform_device *ofdev)
  2842. {
  2843. struct device *dev = &ofdev->dev;
  2844. struct device_node *np = ofdev->dev.of_node;
  2845. struct talitos_private *priv;
  2846. const unsigned int *prop;
  2847. int i, err;
  2848. int stride;
  2849. priv = kzalloc(sizeof(struct talitos_private), GFP_KERNEL);
  2850. if (!priv)
  2851. return -ENOMEM;
  2852. INIT_LIST_HEAD(&priv->alg_list);
  2853. dev_set_drvdata(dev, priv);
  2854. priv->ofdev = ofdev;
  2855. spin_lock_init(&priv->reg_lock);
  2856. priv->reg = of_iomap(np, 0);
  2857. if (!priv->reg) {
  2858. dev_err(dev, "failed to of_iomap\n");
  2859. err = -ENOMEM;
  2860. goto err_out;
  2861. }
  2862. /* get SEC version capabilities from device tree */
  2863. prop = of_get_property(np, "fsl,num-channels", NULL);
  2864. if (prop)
  2865. priv->num_channels = *prop;
  2866. prop = of_get_property(np, "fsl,channel-fifo-len", NULL);
  2867. if (prop)
  2868. priv->chfifo_len = *prop;
  2869. prop = of_get_property(np, "fsl,exec-units-mask", NULL);
  2870. if (prop)
  2871. priv->exec_units = *prop;
  2872. prop = of_get_property(np, "fsl,descriptor-types-mask", NULL);
  2873. if (prop)
  2874. priv->desc_types = *prop;
  2875. if (!is_power_of_2(priv->num_channels) || !priv->chfifo_len ||
  2876. !priv->exec_units || !priv->desc_types) {
  2877. dev_err(dev, "invalid property data in device tree node\n");
  2878. err = -EINVAL;
  2879. goto err_out;
  2880. }
  2881. if (of_device_is_compatible(np, "fsl,sec3.0"))
  2882. priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT;
  2883. if (of_device_is_compatible(np, "fsl,sec2.1"))
  2884. priv->features |= TALITOS_FTR_HW_AUTH_CHECK |
  2885. TALITOS_FTR_SHA224_HWINIT |
  2886. TALITOS_FTR_HMAC_OK;
  2887. if (of_device_is_compatible(np, "fsl,sec1.0"))
  2888. priv->features |= TALITOS_FTR_SEC1;
  2889. if (of_device_is_compatible(np, "fsl,sec1.2")) {
  2890. priv->reg_deu = priv->reg + TALITOS12_DEU;
  2891. priv->reg_aesu = priv->reg + TALITOS12_AESU;
  2892. priv->reg_mdeu = priv->reg + TALITOS12_MDEU;
  2893. stride = TALITOS1_CH_STRIDE;
  2894. } else if (of_device_is_compatible(np, "fsl,sec1.0")) {
  2895. priv->reg_deu = priv->reg + TALITOS10_DEU;
  2896. priv->reg_aesu = priv->reg + TALITOS10_AESU;
  2897. priv->reg_mdeu = priv->reg + TALITOS10_MDEU;
  2898. priv->reg_afeu = priv->reg + TALITOS10_AFEU;
  2899. priv->reg_rngu = priv->reg + TALITOS10_RNGU;
  2900. priv->reg_pkeu = priv->reg + TALITOS10_PKEU;
  2901. stride = TALITOS1_CH_STRIDE;
  2902. } else {
  2903. priv->reg_deu = priv->reg + TALITOS2_DEU;
  2904. priv->reg_aesu = priv->reg + TALITOS2_AESU;
  2905. priv->reg_mdeu = priv->reg + TALITOS2_MDEU;
  2906. priv->reg_afeu = priv->reg + TALITOS2_AFEU;
  2907. priv->reg_rngu = priv->reg + TALITOS2_RNGU;
  2908. priv->reg_pkeu = priv->reg + TALITOS2_PKEU;
  2909. priv->reg_keu = priv->reg + TALITOS2_KEU;
  2910. priv->reg_crcu = priv->reg + TALITOS2_CRCU;
  2911. stride = TALITOS2_CH_STRIDE;
  2912. }
  2913. err = talitos_probe_irq(ofdev);
  2914. if (err)
  2915. goto err_out;
  2916. if (of_device_is_compatible(np, "fsl,sec1.0")) {
  2917. tasklet_init(&priv->done_task[0], talitos1_done_4ch,
  2918. (unsigned long)dev);
  2919. } else {
  2920. if (!priv->irq[1]) {
  2921. tasklet_init(&priv->done_task[0], talitos2_done_4ch,
  2922. (unsigned long)dev);
  2923. } else {
  2924. tasklet_init(&priv->done_task[0], talitos2_done_ch0_2,
  2925. (unsigned long)dev);
  2926. tasklet_init(&priv->done_task[1], talitos2_done_ch1_3,
  2927. (unsigned long)dev);
  2928. }
  2929. }
  2930. priv->chan = kzalloc(sizeof(struct talitos_channel) *
  2931. priv->num_channels, GFP_KERNEL);
  2932. if (!priv->chan) {
  2933. dev_err(dev, "failed to allocate channel management space\n");
  2934. err = -ENOMEM;
  2935. goto err_out;
  2936. }
  2937. priv->fifo_len = roundup_pow_of_two(priv->chfifo_len);
  2938. for (i = 0; i < priv->num_channels; i++) {
  2939. priv->chan[i].reg = priv->reg + stride * (i + 1);
  2940. if (!priv->irq[1] || !(i & 1))
  2941. priv->chan[i].reg += TALITOS_CH_BASE_OFFSET;
  2942. spin_lock_init(&priv->chan[i].head_lock);
  2943. spin_lock_init(&priv->chan[i].tail_lock);
  2944. priv->chan[i].fifo = kzalloc(sizeof(struct talitos_request) *
  2945. priv->fifo_len, GFP_KERNEL);
  2946. if (!priv->chan[i].fifo) {
  2947. dev_err(dev, "failed to allocate request fifo %d\n", i);
  2948. err = -ENOMEM;
  2949. goto err_out;
  2950. }
  2951. atomic_set(&priv->chan[i].submit_count,
  2952. -(priv->chfifo_len - 1));
  2953. }
  2954. dma_set_mask(dev, DMA_BIT_MASK(36));
  2955. /* reset and initialize the h/w */
  2956. err = init_device(dev);
  2957. if (err) {
  2958. dev_err(dev, "failed to initialize device\n");
  2959. goto err_out;
  2960. }
  2961. /* register the RNG, if available */
  2962. if (hw_supports(dev, DESC_HDR_SEL0_RNG)) {
  2963. err = talitos_register_rng(dev);
  2964. if (err) {
  2965. dev_err(dev, "failed to register hwrng: %d\n", err);
  2966. goto err_out;
  2967. } else
  2968. dev_info(dev, "hwrng\n");
  2969. }
  2970. /* register crypto algorithms the device supports */
  2971. for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {
  2972. if (hw_supports(dev, driver_algs[i].desc_hdr_template)) {
  2973. struct talitos_crypto_alg *t_alg;
  2974. struct crypto_alg *alg = NULL;
  2975. t_alg = talitos_alg_alloc(dev, &driver_algs[i]);
  2976. if (IS_ERR(t_alg)) {
  2977. err = PTR_ERR(t_alg);
  2978. if (err == -ENOTSUPP)
  2979. continue;
  2980. goto err_out;
  2981. }
  2982. switch (t_alg->algt.type) {
  2983. case CRYPTO_ALG_TYPE_ABLKCIPHER:
  2984. err = crypto_register_alg(
  2985. &t_alg->algt.alg.crypto);
  2986. alg = &t_alg->algt.alg.crypto;
  2987. break;
  2988. case CRYPTO_ALG_TYPE_AEAD:
  2989. err = crypto_register_aead(
  2990. &t_alg->algt.alg.aead);
  2991. alg = &t_alg->algt.alg.aead.base;
  2992. break;
  2993. case CRYPTO_ALG_TYPE_AHASH:
  2994. err = crypto_register_ahash(
  2995. &t_alg->algt.alg.hash);
  2996. alg = &t_alg->algt.alg.hash.halg.base;
  2997. break;
  2998. }
  2999. if (err) {
  3000. dev_err(dev, "%s alg registration failed\n",
  3001. alg->cra_driver_name);
  3002. kfree(t_alg);
  3003. } else
  3004. list_add_tail(&t_alg->entry, &priv->alg_list);
  3005. }
  3006. }
  3007. if (!list_empty(&priv->alg_list))
  3008. dev_info(dev, "%s algorithms registered in /proc/crypto\n",
  3009. (char *)of_get_property(np, "compatible", NULL));
  3010. return 0;
  3011. err_out:
  3012. talitos_remove(ofdev);
  3013. return err;
  3014. }
  3015. static const struct of_device_id talitos_match[] = {
  3016. #ifdef CONFIG_CRYPTO_DEV_TALITOS1
  3017. {
  3018. .compatible = "fsl,sec1.0",
  3019. },
  3020. #endif
  3021. #ifdef CONFIG_CRYPTO_DEV_TALITOS2
  3022. {
  3023. .compatible = "fsl,sec2.0",
  3024. },
  3025. #endif
  3026. {},
  3027. };
  3028. MODULE_DEVICE_TABLE(of, talitos_match);
  3029. static struct platform_driver talitos_driver = {
  3030. .driver = {
  3031. .name = "talitos",
  3032. .of_match_table = talitos_match,
  3033. },
  3034. .probe = talitos_probe,
  3035. .remove = talitos_remove,
  3036. };
  3037. module_platform_driver(talitos_driver);
  3038. MODULE_LICENSE("GPL");
  3039. MODULE_AUTHOR("Kim Phillips <[email protected]>");
  3040. MODULE_DESCRIPTION("Freescale integrated security engine (SEC) driver");