1 /* 2 * Glue code for SHA-1 implementation for SPE instructions (PPC) 3 * 4 * Based on generic implementation. 5 * 6 * Copyright (c) 2015 Markus Stockhausen <stockhausen@collogia.de> 7 * 8 * This program is free software; you can redistribute it and/or modify it 9 * under the terms of the GNU General Public License as published by the Free 10 * Software Foundation; either version 2 of the License, or (at your option) 11 * any later version. 12 * 13 */ 14 15 #include <crypto/internal/hash.h> 16 #include <linux/init.h> 17 #include <linux/module.h> 18 #include <linux/mm.h> 19 #include <linux/cryptohash.h> 20 #include <linux/types.h> 21 #include <crypto/sha.h> 22 #include <asm/byteorder.h> 23 #include <asm/switch_to.h> 24 #include <linux/hardirq.h> 25 26 /* 27 * MAX_BYTES defines the number of bytes that are allowed to be processed 28 * between preempt_disable() and preempt_enable(). SHA1 takes ~1000 29 * operations per 64 bytes. e500 cores can issue two arithmetic instructions 30 * per clock cycle using one 32/64 bit unit (SU1) and one 32 bit unit (SU2). 31 * Thus 2KB of input data will need an estimated maximum of 18,000 cycles. 32 * Headroom for cache misses included. Even with the low end model clocked 33 * at 667 MHz this equals to a critical time window of less than 27us. 34 * 35 */ 36 #define MAX_BYTES 2048 37 38 extern void ppc_spe_sha1_transform(u32 *state, const u8 *src, u32 blocks); 39 40 static void spe_begin(void) 41 { 42 /* We just start SPE operations and will save SPE registers later. */ 43 preempt_disable(); 44 enable_kernel_spe(); 45 } 46 47 static void spe_end(void) 48 { 49 disable_kernel_spe(); 50 /* reenable preemption */ 51 preempt_enable(); 52 } 53 54 static inline void ppc_sha1_clear_context(struct sha1_state *sctx) 55 { 56 int count = sizeof(struct sha1_state) >> 2; 57 u32 *ptr = (u32 *)sctx; 58 59 /* make sure we can clear the fast way */ 60 BUILD_BUG_ON(sizeof(struct sha1_state) % 4); 61 do { *ptr++ = 0; } while (--count); 62 } 63 64 static int ppc_spe_sha1_init(struct shash_desc *desc) 65 { 66 struct sha1_state *sctx = shash_desc_ctx(desc); 67 68 sctx->state[0] = SHA1_H0; 69 sctx->state[1] = SHA1_H1; 70 sctx->state[2] = SHA1_H2; 71 sctx->state[3] = SHA1_H3; 72 sctx->state[4] = SHA1_H4; 73 sctx->count = 0; 74 75 return 0; 76 } 77 78 static int ppc_spe_sha1_update(struct shash_desc *desc, const u8 *data, 79 unsigned int len) 80 { 81 struct sha1_state *sctx = shash_desc_ctx(desc); 82 const unsigned int offset = sctx->count & 0x3f; 83 const unsigned int avail = 64 - offset; 84 unsigned int bytes; 85 const u8 *src = data; 86 87 if (avail > len) { 88 sctx->count += len; 89 memcpy((char *)sctx->buffer + offset, src, len); 90 return 0; 91 } 92 93 sctx->count += len; 94 95 if (offset) { 96 memcpy((char *)sctx->buffer + offset, src, avail); 97 98 spe_begin(); 99 ppc_spe_sha1_transform(sctx->state, (const u8 *)sctx->buffer, 1); 100 spe_end(); 101 102 len -= avail; 103 src += avail; 104 } 105 106 while (len > 63) { 107 bytes = (len > MAX_BYTES) ? MAX_BYTES : len; 108 bytes = bytes & ~0x3f; 109 110 spe_begin(); 111 ppc_spe_sha1_transform(sctx->state, src, bytes >> 6); 112 spe_end(); 113 114 src += bytes; 115 len -= bytes; 116 }; 117 118 memcpy((char *)sctx->buffer, src, len); 119 return 0; 120 } 121 122 static int ppc_spe_sha1_final(struct shash_desc *desc, u8 *out) 123 { 124 struct sha1_state *sctx = shash_desc_ctx(desc); 125 const unsigned int offset = sctx->count & 0x3f; 126 char *p = (char *)sctx->buffer + offset; 127 int padlen; 128 __be64 *pbits = (__be64 *)(((char *)&sctx->buffer) + 56); 129 __be32 *dst = (__be32 *)out; 130 131 padlen = 55 - offset; 132 *p++ = 0x80; 133 134 spe_begin(); 135 136 if (padlen < 0) { 137 memset(p, 0x00, padlen + sizeof (u64)); 138 ppc_spe_sha1_transform(sctx->state, sctx->buffer, 1); 139 p = (char *)sctx->buffer; 140 padlen = 56; 141 } 142 143 memset(p, 0, padlen); 144 *pbits = cpu_to_be64(sctx->count << 3); 145 ppc_spe_sha1_transform(sctx->state, sctx->buffer, 1); 146 147 spe_end(); 148 149 dst[0] = cpu_to_be32(sctx->state[0]); 150 dst[1] = cpu_to_be32(sctx->state[1]); 151 dst[2] = cpu_to_be32(sctx->state[2]); 152 dst[3] = cpu_to_be32(sctx->state[3]); 153 dst[4] = cpu_to_be32(sctx->state[4]); 154 155 ppc_sha1_clear_context(sctx); 156 return 0; 157 } 158 159 static int ppc_spe_sha1_export(struct shash_desc *desc, void *out) 160 { 161 struct sha1_state *sctx = shash_desc_ctx(desc); 162 163 memcpy(out, sctx, sizeof(*sctx)); 164 return 0; 165 } 166 167 static int ppc_spe_sha1_import(struct shash_desc *desc, const void *in) 168 { 169 struct sha1_state *sctx = shash_desc_ctx(desc); 170 171 memcpy(sctx, in, sizeof(*sctx)); 172 return 0; 173 } 174 175 static struct shash_alg alg = { 176 .digestsize = SHA1_DIGEST_SIZE, 177 .init = ppc_spe_sha1_init, 178 .update = ppc_spe_sha1_update, 179 .final = ppc_spe_sha1_final, 180 .export = ppc_spe_sha1_export, 181 .import = ppc_spe_sha1_import, 182 .descsize = sizeof(struct sha1_state), 183 .statesize = sizeof(struct sha1_state), 184 .base = { 185 .cra_name = "sha1", 186 .cra_driver_name= "sha1-ppc-spe", 187 .cra_priority = 300, 188 .cra_flags = CRYPTO_ALG_TYPE_SHASH, 189 .cra_blocksize = SHA1_BLOCK_SIZE, 190 .cra_module = THIS_MODULE, 191 } 192 }; 193 194 static int __init ppc_spe_sha1_mod_init(void) 195 { 196 return crypto_register_shash(&alg); 197 } 198 199 static void __exit ppc_spe_sha1_mod_fini(void) 200 { 201 crypto_unregister_shash(&alg); 202 } 203 204 module_init(ppc_spe_sha1_mod_init); 205 module_exit(ppc_spe_sha1_mod_fini); 206 207 MODULE_LICENSE("GPL"); 208 MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm, SPE optimized"); 209 210 MODULE_ALIAS_CRYPTO("sha1"); 211 MODULE_ALIAS_CRYPTO("sha1-ppc-spe"); 212