1 /* 2 * Glue code for SHA-1 implementation for SPE instructions (PPC) 3 * 4 * Based on generic implementation. 5 * 6 * Copyright (c) 2015 Markus Stockhausen <stockhausen@collogia.de> 7 * 8 * This program is free software; you can redistribute it and/or modify it 9 * under the terms of the GNU General Public License as published by the Free 10 * Software Foundation; either version 2 of the License, or (at your option) 11 * any later version. 12 * 13 */ 14 15 #include <crypto/internal/hash.h> 16 #include <linux/init.h> 17 #include <linux/module.h> 18 #include <linux/mm.h> 19 #include <linux/cryptohash.h> 20 #include <linux/types.h> 21 #include <crypto/sha.h> 22 #include <asm/byteorder.h> 23 #include <asm/switch_to.h> 24 #include <linux/hardirq.h> 25 26 /* 27 * MAX_BYTES defines the number of bytes that are allowed to be processed 28 * between preempt_disable() and preempt_enable(). SHA1 takes ~1000 29 * operations per 64 bytes. e500 cores can issue two arithmetic instructions 30 * per clock cycle using one 32/64 bit unit (SU1) and one 32 bit unit (SU2). 31 * Thus 2KB of input data will need an estimated maximum of 18,000 cycles. 32 * Headroom for cache misses included. Even with the low end model clocked 33 * at 667 MHz this equals to a critical time window of less than 27us. 34 * 35 */ 36 #define MAX_BYTES 2048 37 38 extern void ppc_spe_sha1_transform(u32 *state, const u8 *src, u32 blocks); 39 40 static void spe_begin(void) 41 { 42 /* We just start SPE operations and will save SPE registers later. */ 43 preempt_disable(); 44 enable_kernel_spe(); 45 } 46 47 static void spe_end(void) 48 { 49 /* reenable preemption */ 50 preempt_enable(); 51 } 52 53 static inline void ppc_sha1_clear_context(struct sha1_state *sctx) 54 { 55 int count = sizeof(struct sha1_state) >> 2; 56 u32 *ptr = (u32 *)sctx; 57 58 /* make sure we can clear the fast way */ 59 BUILD_BUG_ON(sizeof(struct sha1_state) % 4); 60 do { *ptr++ = 0; } while (--count); 61 } 62 63 static int ppc_spe_sha1_init(struct shash_desc *desc) 64 { 65 struct sha1_state *sctx = shash_desc_ctx(desc); 66 67 sctx->state[0] = SHA1_H0; 68 sctx->state[1] = SHA1_H1; 69 sctx->state[2] = SHA1_H2; 70 sctx->state[3] = SHA1_H3; 71 sctx->state[4] = SHA1_H4; 72 sctx->count = 0; 73 74 return 0; 75 } 76 77 static int ppc_spe_sha1_update(struct shash_desc *desc, const u8 *data, 78 unsigned int len) 79 { 80 struct sha1_state *sctx = shash_desc_ctx(desc); 81 const unsigned int offset = sctx->count & 0x3f; 82 const unsigned int avail = 64 - offset; 83 unsigned int bytes; 84 const u8 *src = data; 85 86 if (avail > len) { 87 sctx->count += len; 88 memcpy((char *)sctx->buffer + offset, src, len); 89 return 0; 90 } 91 92 sctx->count += len; 93 94 if (offset) { 95 memcpy((char *)sctx->buffer + offset, src, avail); 96 97 spe_begin(); 98 ppc_spe_sha1_transform(sctx->state, (const u8 *)sctx->buffer, 1); 99 spe_end(); 100 101 len -= avail; 102 src += avail; 103 } 104 105 while (len > 63) { 106 bytes = (len > MAX_BYTES) ? MAX_BYTES : len; 107 bytes = bytes & ~0x3f; 108 109 spe_begin(); 110 ppc_spe_sha1_transform(sctx->state, src, bytes >> 6); 111 spe_end(); 112 113 src += bytes; 114 len -= bytes; 115 }; 116 117 memcpy((char *)sctx->buffer, src, len); 118 return 0; 119 } 120 121 static int ppc_spe_sha1_final(struct shash_desc *desc, u8 *out) 122 { 123 struct sha1_state *sctx = shash_desc_ctx(desc); 124 const unsigned int offset = sctx->count & 0x3f; 125 char *p = (char *)sctx->buffer + offset; 126 int padlen; 127 __be64 *pbits = (__be64 *)(((char *)&sctx->buffer) + 56); 128 __be32 *dst = (__be32 *)out; 129 130 padlen = 55 - offset; 131 *p++ = 0x80; 132 133 spe_begin(); 134 135 if (padlen < 0) { 136 memset(p, 0x00, padlen + sizeof (u64)); 137 ppc_spe_sha1_transform(sctx->state, sctx->buffer, 1); 138 p = (char *)sctx->buffer; 139 padlen = 56; 140 } 141 142 memset(p, 0, padlen); 143 *pbits = cpu_to_be64(sctx->count << 3); 144 ppc_spe_sha1_transform(sctx->state, sctx->buffer, 1); 145 146 spe_end(); 147 148 dst[0] = cpu_to_be32(sctx->state[0]); 149 dst[1] = cpu_to_be32(sctx->state[1]); 150 dst[2] = cpu_to_be32(sctx->state[2]); 151 dst[3] = cpu_to_be32(sctx->state[3]); 152 dst[4] = cpu_to_be32(sctx->state[4]); 153 154 ppc_sha1_clear_context(sctx); 155 return 0; 156 } 157 158 static int ppc_spe_sha1_export(struct shash_desc *desc, void *out) 159 { 160 struct sha1_state *sctx = shash_desc_ctx(desc); 161 162 memcpy(out, sctx, sizeof(*sctx)); 163 return 0; 164 } 165 166 static int ppc_spe_sha1_import(struct shash_desc *desc, const void *in) 167 { 168 struct sha1_state *sctx = shash_desc_ctx(desc); 169 170 memcpy(sctx, in, sizeof(*sctx)); 171 return 0; 172 } 173 174 static struct shash_alg alg = { 175 .digestsize = SHA1_DIGEST_SIZE, 176 .init = ppc_spe_sha1_init, 177 .update = ppc_spe_sha1_update, 178 .final = ppc_spe_sha1_final, 179 .export = ppc_spe_sha1_export, 180 .import = ppc_spe_sha1_import, 181 .descsize = sizeof(struct sha1_state), 182 .statesize = sizeof(struct sha1_state), 183 .base = { 184 .cra_name = "sha1", 185 .cra_driver_name= "sha1-ppc-spe", 186 .cra_priority = 300, 187 .cra_flags = CRYPTO_ALG_TYPE_SHASH, 188 .cra_blocksize = SHA1_BLOCK_SIZE, 189 .cra_module = THIS_MODULE, 190 } 191 }; 192 193 static int __init ppc_spe_sha1_mod_init(void) 194 { 195 return crypto_register_shash(&alg); 196 } 197 198 static void __exit ppc_spe_sha1_mod_fini(void) 199 { 200 crypto_unregister_shash(&alg); 201 } 202 203 module_init(ppc_spe_sha1_mod_init); 204 module_exit(ppc_spe_sha1_mod_fini); 205 206 MODULE_LICENSE("GPL"); 207 MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm, SPE optimized"); 208 209 MODULE_ALIAS_CRYPTO("sha1"); 210 MODULE_ALIAS_CRYPTO("sha1-ppc-spe"); 211