1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Handle async block request by crypto hardware engine. 4 * 5 * Copyright (C) 2016 Linaro, Inc. 6 * 7 * Author: Baolin Wang <baolin.wang@linaro.org> 8 */ 9 10 #include <linux/err.h> 11 #include <linux/delay.h> 12 #include <linux/device.h> 13 #include <crypto/engine.h> 14 #include <uapi/linux/sched/types.h> 15 #include "internal.h" 16 17 #define CRYPTO_ENGINE_MAX_QLEN 10 18 19 /** 20 * crypto_finalize_request - finalize one request if the request is done 21 * @engine: the hardware engine 22 * @req: the request need to be finalized 23 * @err: error number 24 */ 25 static void crypto_finalize_request(struct crypto_engine *engine, 26 struct crypto_async_request *req, int err) 27 { 28 unsigned long flags; 29 bool finalize_req = false; 30 int ret; 31 struct crypto_engine_ctx *enginectx; 32 33 /* 34 * If hardware cannot enqueue more requests 35 * and retry mechanism is not supported 36 * make sure we are completing the current request 37 */ 38 if (!engine->retry_support) { 39 spin_lock_irqsave(&engine->queue_lock, flags); 40 if (engine->cur_req == req) { 41 finalize_req = true; 42 engine->cur_req = NULL; 43 } 44 spin_unlock_irqrestore(&engine->queue_lock, flags); 45 } 46 47 if (finalize_req || engine->retry_support) { 48 enginectx = crypto_tfm_ctx(req->tfm); 49 if (enginectx->op.prepare_request && 50 enginectx->op.unprepare_request) { 51 ret = enginectx->op.unprepare_request(engine, req); 52 if (ret) 53 dev_err(engine->dev, "failed to unprepare request\n"); 54 } 55 } 56 lockdep_assert_in_softirq(); 57 crypto_request_complete(req, err); 58 59 kthread_queue_work(engine->kworker, &engine->pump_requests); 60 } 61 62 /** 63 * crypto_pump_requests - dequeue one request from engine queue to process 64 * @engine: the hardware engine 65 * @in_kthread: true if we are in the context of the request pump thread 66 * 67 * This function checks if there is any request in the engine queue that 68 * needs processing and if so call out to the driver to initialize hardware 69 * and handle each request. 70 */ 71 static void crypto_pump_requests(struct crypto_engine *engine, 72 bool in_kthread) 73 { 74 struct crypto_async_request *async_req, *backlog; 75 unsigned long flags; 76 bool was_busy = false; 77 int ret; 78 struct crypto_engine_ctx *enginectx; 79 80 spin_lock_irqsave(&engine->queue_lock, flags); 81 82 /* Make sure we are not already running a request */ 83 if (!engine->retry_support && engine->cur_req) 84 goto out; 85 86 /* If another context is idling then defer */ 87 if (engine->idling) { 88 kthread_queue_work(engine->kworker, &engine->pump_requests); 89 goto out; 90 } 91 92 /* Check if the engine queue is idle */ 93 if (!crypto_queue_len(&engine->queue) || !engine->running) { 94 if (!engine->busy) 95 goto out; 96 97 /* Only do teardown in the thread */ 98 if (!in_kthread) { 99 kthread_queue_work(engine->kworker, 100 &engine->pump_requests); 101 goto out; 102 } 103 104 engine->busy = false; 105 engine->idling = true; 106 spin_unlock_irqrestore(&engine->queue_lock, flags); 107 108 if (engine->unprepare_crypt_hardware && 109 engine->unprepare_crypt_hardware(engine)) 110 dev_err(engine->dev, "failed to unprepare crypt hardware\n"); 111 112 spin_lock_irqsave(&engine->queue_lock, flags); 113 engine->idling = false; 114 goto out; 115 } 116 117 start_request: 118 /* Get the fist request from the engine queue to handle */ 119 backlog = crypto_get_backlog(&engine->queue); 120 async_req = crypto_dequeue_request(&engine->queue); 121 if (!async_req) 122 goto out; 123 124 /* 125 * If hardware doesn't support the retry mechanism, 126 * keep track of the request we are processing now. 127 * We'll need it on completion (crypto_finalize_request). 128 */ 129 if (!engine->retry_support) 130 engine->cur_req = async_req; 131 132 if (engine->busy) 133 was_busy = true; 134 else 135 engine->busy = true; 136 137 spin_unlock_irqrestore(&engine->queue_lock, flags); 138 139 /* Until here we get the request need to be encrypted successfully */ 140 if (!was_busy && engine->prepare_crypt_hardware) { 141 ret = engine->prepare_crypt_hardware(engine); 142 if (ret) { 143 dev_err(engine->dev, "failed to prepare crypt hardware\n"); 144 goto req_err_2; 145 } 146 } 147 148 enginectx = crypto_tfm_ctx(async_req->tfm); 149 150 if (enginectx->op.prepare_request) { 151 ret = enginectx->op.prepare_request(engine, async_req); 152 if (ret) { 153 dev_err(engine->dev, "failed to prepare request: %d\n", 154 ret); 155 goto req_err_2; 156 } 157 } 158 if (!enginectx->op.do_one_request) { 159 dev_err(engine->dev, "failed to do request\n"); 160 ret = -EINVAL; 161 goto req_err_1; 162 } 163 164 ret = enginectx->op.do_one_request(engine, async_req); 165 166 /* Request unsuccessfully executed by hardware */ 167 if (ret < 0) { 168 /* 169 * If hardware queue is full (-ENOSPC), requeue request 170 * regardless of backlog flag. 171 * Otherwise, unprepare and complete the request. 172 */ 173 if (!engine->retry_support || 174 (ret != -ENOSPC)) { 175 dev_err(engine->dev, 176 "Failed to do one request from queue: %d\n", 177 ret); 178 goto req_err_1; 179 } 180 /* 181 * If retry mechanism is supported, 182 * unprepare current request and 183 * enqueue it back into crypto-engine queue. 184 */ 185 if (enginectx->op.unprepare_request) { 186 ret = enginectx->op.unprepare_request(engine, 187 async_req); 188 if (ret) 189 dev_err(engine->dev, 190 "failed to unprepare request\n"); 191 } 192 spin_lock_irqsave(&engine->queue_lock, flags); 193 /* 194 * If hardware was unable to execute request, enqueue it 195 * back in front of crypto-engine queue, to keep the order 196 * of requests. 197 */ 198 crypto_enqueue_request_head(&engine->queue, async_req); 199 200 kthread_queue_work(engine->kworker, &engine->pump_requests); 201 goto out; 202 } 203 204 goto retry; 205 206 req_err_1: 207 if (enginectx->op.unprepare_request) { 208 ret = enginectx->op.unprepare_request(engine, async_req); 209 if (ret) 210 dev_err(engine->dev, "failed to unprepare request\n"); 211 } 212 213 req_err_2: 214 crypto_request_complete(async_req, ret); 215 216 retry: 217 if (backlog) 218 crypto_request_complete(backlog, -EINPROGRESS); 219 220 /* If retry mechanism is supported, send new requests to engine */ 221 if (engine->retry_support) { 222 spin_lock_irqsave(&engine->queue_lock, flags); 223 goto start_request; 224 } 225 return; 226 227 out: 228 spin_unlock_irqrestore(&engine->queue_lock, flags); 229 230 /* 231 * Batch requests is possible only if 232 * hardware can enqueue multiple requests 233 */ 234 if (engine->do_batch_requests) { 235 ret = engine->do_batch_requests(engine); 236 if (ret) 237 dev_err(engine->dev, "failed to do batch requests: %d\n", 238 ret); 239 } 240 241 return; 242 } 243 244 static void crypto_pump_work(struct kthread_work *work) 245 { 246 struct crypto_engine *engine = 247 container_of(work, struct crypto_engine, pump_requests); 248 249 crypto_pump_requests(engine, true); 250 } 251 252 /** 253 * crypto_transfer_request - transfer the new request into the engine queue 254 * @engine: the hardware engine 255 * @req: the request need to be listed into the engine queue 256 * @need_pump: indicates whether queue the pump of request to kthread_work 257 */ 258 static int crypto_transfer_request(struct crypto_engine *engine, 259 struct crypto_async_request *req, 260 bool need_pump) 261 { 262 unsigned long flags; 263 int ret; 264 265 spin_lock_irqsave(&engine->queue_lock, flags); 266 267 if (!engine->running) { 268 spin_unlock_irqrestore(&engine->queue_lock, flags); 269 return -ESHUTDOWN; 270 } 271 272 ret = crypto_enqueue_request(&engine->queue, req); 273 274 if (!engine->busy && need_pump) 275 kthread_queue_work(engine->kworker, &engine->pump_requests); 276 277 spin_unlock_irqrestore(&engine->queue_lock, flags); 278 return ret; 279 } 280 281 /** 282 * crypto_transfer_request_to_engine - transfer one request to list 283 * into the engine queue 284 * @engine: the hardware engine 285 * @req: the request need to be listed into the engine queue 286 */ 287 static int crypto_transfer_request_to_engine(struct crypto_engine *engine, 288 struct crypto_async_request *req) 289 { 290 return crypto_transfer_request(engine, req, true); 291 } 292 293 /** 294 * crypto_transfer_aead_request_to_engine - transfer one aead_request 295 * to list into the engine queue 296 * @engine: the hardware engine 297 * @req: the request need to be listed into the engine queue 298 */ 299 int crypto_transfer_aead_request_to_engine(struct crypto_engine *engine, 300 struct aead_request *req) 301 { 302 return crypto_transfer_request_to_engine(engine, &req->base); 303 } 304 EXPORT_SYMBOL_GPL(crypto_transfer_aead_request_to_engine); 305 306 /** 307 * crypto_transfer_akcipher_request_to_engine - transfer one akcipher_request 308 * to list into the engine queue 309 * @engine: the hardware engine 310 * @req: the request need to be listed into the engine queue 311 */ 312 int crypto_transfer_akcipher_request_to_engine(struct crypto_engine *engine, 313 struct akcipher_request *req) 314 { 315 return crypto_transfer_request_to_engine(engine, &req->base); 316 } 317 EXPORT_SYMBOL_GPL(crypto_transfer_akcipher_request_to_engine); 318 319 /** 320 * crypto_transfer_hash_request_to_engine - transfer one ahash_request 321 * to list into the engine queue 322 * @engine: the hardware engine 323 * @req: the request need to be listed into the engine queue 324 */ 325 int crypto_transfer_hash_request_to_engine(struct crypto_engine *engine, 326 struct ahash_request *req) 327 { 328 return crypto_transfer_request_to_engine(engine, &req->base); 329 } 330 EXPORT_SYMBOL_GPL(crypto_transfer_hash_request_to_engine); 331 332 /** 333 * crypto_transfer_kpp_request_to_engine - transfer one kpp_request to list 334 * into the engine queue 335 * @engine: the hardware engine 336 * @req: the request need to be listed into the engine queue 337 */ 338 int crypto_transfer_kpp_request_to_engine(struct crypto_engine *engine, 339 struct kpp_request *req) 340 { 341 return crypto_transfer_request_to_engine(engine, &req->base); 342 } 343 EXPORT_SYMBOL_GPL(crypto_transfer_kpp_request_to_engine); 344 345 /** 346 * crypto_transfer_skcipher_request_to_engine - transfer one skcipher_request 347 * to list into the engine queue 348 * @engine: the hardware engine 349 * @req: the request need to be listed into the engine queue 350 */ 351 int crypto_transfer_skcipher_request_to_engine(struct crypto_engine *engine, 352 struct skcipher_request *req) 353 { 354 return crypto_transfer_request_to_engine(engine, &req->base); 355 } 356 EXPORT_SYMBOL_GPL(crypto_transfer_skcipher_request_to_engine); 357 358 /** 359 * crypto_finalize_aead_request - finalize one aead_request if 360 * the request is done 361 * @engine: the hardware engine 362 * @req: the request need to be finalized 363 * @err: error number 364 */ 365 void crypto_finalize_aead_request(struct crypto_engine *engine, 366 struct aead_request *req, int err) 367 { 368 return crypto_finalize_request(engine, &req->base, err); 369 } 370 EXPORT_SYMBOL_GPL(crypto_finalize_aead_request); 371 372 /** 373 * crypto_finalize_akcipher_request - finalize one akcipher_request if 374 * the request is done 375 * @engine: the hardware engine 376 * @req: the request need to be finalized 377 * @err: error number 378 */ 379 void crypto_finalize_akcipher_request(struct crypto_engine *engine, 380 struct akcipher_request *req, int err) 381 { 382 return crypto_finalize_request(engine, &req->base, err); 383 } 384 EXPORT_SYMBOL_GPL(crypto_finalize_akcipher_request); 385 386 /** 387 * crypto_finalize_hash_request - finalize one ahash_request if 388 * the request is done 389 * @engine: the hardware engine 390 * @req: the request need to be finalized 391 * @err: error number 392 */ 393 void crypto_finalize_hash_request(struct crypto_engine *engine, 394 struct ahash_request *req, int err) 395 { 396 return crypto_finalize_request(engine, &req->base, err); 397 } 398 EXPORT_SYMBOL_GPL(crypto_finalize_hash_request); 399 400 /** 401 * crypto_finalize_kpp_request - finalize one kpp_request if the request is done 402 * @engine: the hardware engine 403 * @req: the request need to be finalized 404 * @err: error number 405 */ 406 void crypto_finalize_kpp_request(struct crypto_engine *engine, 407 struct kpp_request *req, int err) 408 { 409 return crypto_finalize_request(engine, &req->base, err); 410 } 411 EXPORT_SYMBOL_GPL(crypto_finalize_kpp_request); 412 413 /** 414 * crypto_finalize_skcipher_request - finalize one skcipher_request if 415 * the request is done 416 * @engine: the hardware engine 417 * @req: the request need to be finalized 418 * @err: error number 419 */ 420 void crypto_finalize_skcipher_request(struct crypto_engine *engine, 421 struct skcipher_request *req, int err) 422 { 423 return crypto_finalize_request(engine, &req->base, err); 424 } 425 EXPORT_SYMBOL_GPL(crypto_finalize_skcipher_request); 426 427 /** 428 * crypto_engine_start - start the hardware engine 429 * @engine: the hardware engine need to be started 430 * 431 * Return 0 on success, else on fail. 432 */ 433 int crypto_engine_start(struct crypto_engine *engine) 434 { 435 unsigned long flags; 436 437 spin_lock_irqsave(&engine->queue_lock, flags); 438 439 if (engine->running || engine->busy) { 440 spin_unlock_irqrestore(&engine->queue_lock, flags); 441 return -EBUSY; 442 } 443 444 engine->running = true; 445 spin_unlock_irqrestore(&engine->queue_lock, flags); 446 447 kthread_queue_work(engine->kworker, &engine->pump_requests); 448 449 return 0; 450 } 451 EXPORT_SYMBOL_GPL(crypto_engine_start); 452 453 /** 454 * crypto_engine_stop - stop the hardware engine 455 * @engine: the hardware engine need to be stopped 456 * 457 * Return 0 on success, else on fail. 458 */ 459 int crypto_engine_stop(struct crypto_engine *engine) 460 { 461 unsigned long flags; 462 unsigned int limit = 500; 463 int ret = 0; 464 465 spin_lock_irqsave(&engine->queue_lock, flags); 466 467 /* 468 * If the engine queue is not empty or the engine is on busy state, 469 * we need to wait for a while to pump the requests of engine queue. 470 */ 471 while ((crypto_queue_len(&engine->queue) || engine->busy) && limit--) { 472 spin_unlock_irqrestore(&engine->queue_lock, flags); 473 msleep(20); 474 spin_lock_irqsave(&engine->queue_lock, flags); 475 } 476 477 if (crypto_queue_len(&engine->queue) || engine->busy) 478 ret = -EBUSY; 479 else 480 engine->running = false; 481 482 spin_unlock_irqrestore(&engine->queue_lock, flags); 483 484 if (ret) 485 dev_warn(engine->dev, "could not stop engine\n"); 486 487 return ret; 488 } 489 EXPORT_SYMBOL_GPL(crypto_engine_stop); 490 491 /** 492 * crypto_engine_alloc_init_and_set - allocate crypto hardware engine structure 493 * and initialize it by setting the maximum number of entries in the software 494 * crypto-engine queue. 495 * @dev: the device attached with one hardware engine 496 * @retry_support: whether hardware has support for retry mechanism 497 * @cbk_do_batch: pointer to a callback function to be invoked when executing 498 * a batch of requests. 499 * This has the form: 500 * callback(struct crypto_engine *engine) 501 * where: 502 * engine: the crypto engine structure. 503 * @rt: whether this queue is set to run as a realtime task 504 * @qlen: maximum size of the crypto-engine queue 505 * 506 * This must be called from context that can sleep. 507 * Return: the crypto engine structure on success, else NULL. 508 */ 509 struct crypto_engine *crypto_engine_alloc_init_and_set(struct device *dev, 510 bool retry_support, 511 int (*cbk_do_batch)(struct crypto_engine *engine), 512 bool rt, int qlen) 513 { 514 struct crypto_engine *engine; 515 516 if (!dev) 517 return NULL; 518 519 engine = devm_kzalloc(dev, sizeof(*engine), GFP_KERNEL); 520 if (!engine) 521 return NULL; 522 523 engine->dev = dev; 524 engine->rt = rt; 525 engine->running = false; 526 engine->busy = false; 527 engine->idling = false; 528 engine->retry_support = retry_support; 529 engine->priv_data = dev; 530 /* 531 * Batch requests is possible only if 532 * hardware has support for retry mechanism. 533 */ 534 engine->do_batch_requests = retry_support ? cbk_do_batch : NULL; 535 536 snprintf(engine->name, sizeof(engine->name), 537 "%s-engine", dev_name(dev)); 538 539 crypto_init_queue(&engine->queue, qlen); 540 spin_lock_init(&engine->queue_lock); 541 542 engine->kworker = kthread_create_worker(0, "%s", engine->name); 543 if (IS_ERR(engine->kworker)) { 544 dev_err(dev, "failed to create crypto request pump task\n"); 545 return NULL; 546 } 547 kthread_init_work(&engine->pump_requests, crypto_pump_work); 548 549 if (engine->rt) { 550 dev_info(dev, "will run requests pump with realtime priority\n"); 551 sched_set_fifo(engine->kworker->task); 552 } 553 554 return engine; 555 } 556 EXPORT_SYMBOL_GPL(crypto_engine_alloc_init_and_set); 557 558 /** 559 * crypto_engine_alloc_init - allocate crypto hardware engine structure and 560 * initialize it. 561 * @dev: the device attached with one hardware engine 562 * @rt: whether this queue is set to run as a realtime task 563 * 564 * This must be called from context that can sleep. 565 * Return: the crypto engine structure on success, else NULL. 566 */ 567 struct crypto_engine *crypto_engine_alloc_init(struct device *dev, bool rt) 568 { 569 return crypto_engine_alloc_init_and_set(dev, false, NULL, rt, 570 CRYPTO_ENGINE_MAX_QLEN); 571 } 572 EXPORT_SYMBOL_GPL(crypto_engine_alloc_init); 573 574 /** 575 * crypto_engine_exit - free the resources of hardware engine when exit 576 * @engine: the hardware engine need to be freed 577 * 578 * Return 0 for success. 579 */ 580 int crypto_engine_exit(struct crypto_engine *engine) 581 { 582 int ret; 583 584 ret = crypto_engine_stop(engine); 585 if (ret) 586 return ret; 587 588 kthread_destroy_worker(engine->kworker); 589 590 return 0; 591 } 592 EXPORT_SYMBOL_GPL(crypto_engine_exit); 593 594 MODULE_LICENSE("GPL"); 595 MODULE_DESCRIPTION("Crypto hardware engine framework"); 596