1 /** 2 * AMCC SoC PPC4xx Crypto Driver 3 * 4 * Copyright (c) 2008 Applied Micro Circuits Corporation. 5 * All rights reserved. James Hsiao <jhsiao@amcc.com> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * This file implements AMCC crypto offload Linux device driver for use with 18 * Linux CryptoAPI. 19 */ 20 21 #include <linux/kernel.h> 22 #include <linux/interrupt.h> 23 #include <linux/spinlock_types.h> 24 #include <linux/random.h> 25 #include <linux/scatterlist.h> 26 #include <linux/crypto.h> 27 #include <linux/dma-mapping.h> 28 #include <linux/platform_device.h> 29 #include <linux/init.h> 30 #include <linux/module.h> 31 #include <linux/of_address.h> 32 #include <linux/of_irq.h> 33 #include <linux/of_platform.h> 34 #include <linux/slab.h> 35 #include <asm/dcr.h> 36 #include <asm/dcr-regs.h> 37 #include <asm/cacheflush.h> 38 #include <crypto/aead.h> 39 #include <crypto/aes.h> 40 #include <crypto/ctr.h> 41 #include <crypto/gcm.h> 42 #include <crypto/sha.h> 43 #include <crypto/rng.h> 44 #include <crypto/scatterwalk.h> 45 #include <crypto/skcipher.h> 46 #include <crypto/internal/aead.h> 47 #include <crypto/internal/rng.h> 48 #include <crypto/internal/skcipher.h> 49 #include "crypto4xx_reg_def.h" 50 #include "crypto4xx_core.h" 51 #include "crypto4xx_sa.h" 52 #include "crypto4xx_trng.h" 53 54 #define PPC4XX_SEC_VERSION_STR "0.5" 55 56 /** 57 * PPC4xx Crypto Engine Initialization Routine 58 */ 59 static void crypto4xx_hw_init(struct crypto4xx_device *dev) 60 { 61 union ce_ring_size ring_size; 62 union ce_ring_control ring_ctrl; 63 union ce_part_ring_size part_ring_size; 64 union ce_io_threshold io_threshold; 65 u32 rand_num; 66 union ce_pe_dma_cfg pe_dma_cfg; 67 u32 device_ctrl; 68 69 writel(PPC4XX_BYTE_ORDER, dev->ce_base + CRYPTO4XX_BYTE_ORDER_CFG); 70 /* setup pe dma, include reset sg, pdr and pe, then release reset */ 71 pe_dma_cfg.w = 0; 72 pe_dma_cfg.bf.bo_sgpd_en = 1; 73 pe_dma_cfg.bf.bo_data_en = 0; 74 pe_dma_cfg.bf.bo_sa_en = 1; 75 pe_dma_cfg.bf.bo_pd_en = 1; 76 pe_dma_cfg.bf.dynamic_sa_en = 1; 77 pe_dma_cfg.bf.reset_sg = 1; 78 pe_dma_cfg.bf.reset_pdr = 1; 79 pe_dma_cfg.bf.reset_pe = 1; 80 writel(pe_dma_cfg.w, dev->ce_base + CRYPTO4XX_PE_DMA_CFG); 81 /* un reset pe,sg and pdr */ 82 pe_dma_cfg.bf.pe_mode = 0; 83 pe_dma_cfg.bf.reset_sg = 0; 84 pe_dma_cfg.bf.reset_pdr = 0; 85 pe_dma_cfg.bf.reset_pe = 0; 86 pe_dma_cfg.bf.bo_td_en = 0; 87 writel(pe_dma_cfg.w, dev->ce_base + CRYPTO4XX_PE_DMA_CFG); 88 writel(dev->pdr_pa, dev->ce_base + CRYPTO4XX_PDR_BASE); 89 writel(dev->pdr_pa, dev->ce_base + CRYPTO4XX_RDR_BASE); 90 writel(PPC4XX_PRNG_CTRL_AUTO_EN, dev->ce_base + CRYPTO4XX_PRNG_CTRL); 91 get_random_bytes(&rand_num, sizeof(rand_num)); 92 writel(rand_num, dev->ce_base + CRYPTO4XX_PRNG_SEED_L); 93 get_random_bytes(&rand_num, sizeof(rand_num)); 94 writel(rand_num, dev->ce_base + CRYPTO4XX_PRNG_SEED_H); 95 ring_size.w = 0; 96 ring_size.bf.ring_offset = PPC4XX_PD_SIZE; 97 ring_size.bf.ring_size = PPC4XX_NUM_PD; 98 writel(ring_size.w, dev->ce_base + CRYPTO4XX_RING_SIZE); 99 ring_ctrl.w = 0; 100 writel(ring_ctrl.w, dev->ce_base + CRYPTO4XX_RING_CTRL); 101 device_ctrl = readl(dev->ce_base + CRYPTO4XX_DEVICE_CTRL); 102 device_ctrl |= PPC4XX_DC_3DES_EN; 103 writel(device_ctrl, dev->ce_base + CRYPTO4XX_DEVICE_CTRL); 104 writel(dev->gdr_pa, dev->ce_base + CRYPTO4XX_GATH_RING_BASE); 105 writel(dev->sdr_pa, dev->ce_base + CRYPTO4XX_SCAT_RING_BASE); 106 part_ring_size.w = 0; 107 part_ring_size.bf.sdr_size = PPC4XX_SDR_SIZE; 108 part_ring_size.bf.gdr_size = PPC4XX_GDR_SIZE; 109 writel(part_ring_size.w, dev->ce_base + CRYPTO4XX_PART_RING_SIZE); 110 writel(PPC4XX_SD_BUFFER_SIZE, dev->ce_base + CRYPTO4XX_PART_RING_CFG); 111 io_threshold.w = 0; 112 io_threshold.bf.output_threshold = PPC4XX_OUTPUT_THRESHOLD; 113 io_threshold.bf.input_threshold = PPC4XX_INPUT_THRESHOLD; 114 writel(io_threshold.w, dev->ce_base + CRYPTO4XX_IO_THRESHOLD); 115 writel(0, dev->ce_base + CRYPTO4XX_PDR_BASE_UADDR); 116 writel(0, dev->ce_base + CRYPTO4XX_RDR_BASE_UADDR); 117 writel(0, dev->ce_base + CRYPTO4XX_PKT_SRC_UADDR); 118 writel(0, dev->ce_base + CRYPTO4XX_PKT_DEST_UADDR); 119 writel(0, dev->ce_base + CRYPTO4XX_SA_UADDR); 120 writel(0, dev->ce_base + CRYPTO4XX_GATH_RING_BASE_UADDR); 121 writel(0, dev->ce_base + CRYPTO4XX_SCAT_RING_BASE_UADDR); 122 /* un reset pe,sg and pdr */ 123 pe_dma_cfg.bf.pe_mode = 1; 124 pe_dma_cfg.bf.reset_sg = 0; 125 pe_dma_cfg.bf.reset_pdr = 0; 126 pe_dma_cfg.bf.reset_pe = 0; 127 pe_dma_cfg.bf.bo_td_en = 0; 128 writel(pe_dma_cfg.w, dev->ce_base + CRYPTO4XX_PE_DMA_CFG); 129 /*clear all pending interrupt*/ 130 writel(PPC4XX_INTERRUPT_CLR, dev->ce_base + CRYPTO4XX_INT_CLR); 131 writel(PPC4XX_INT_DESCR_CNT, dev->ce_base + CRYPTO4XX_INT_DESCR_CNT); 132 writel(PPC4XX_INT_DESCR_CNT, dev->ce_base + CRYPTO4XX_INT_DESCR_CNT); 133 writel(PPC4XX_INT_CFG, dev->ce_base + CRYPTO4XX_INT_CFG); 134 if (dev->is_revb) { 135 writel(PPC4XX_INT_TIMEOUT_CNT_REVB << 10, 136 dev->ce_base + CRYPTO4XX_INT_TIMEOUT_CNT); 137 writel(PPC4XX_PD_DONE_INT | PPC4XX_TMO_ERR_INT, 138 dev->ce_base + CRYPTO4XX_INT_EN); 139 } else { 140 writel(PPC4XX_PD_DONE_INT, dev->ce_base + CRYPTO4XX_INT_EN); 141 } 142 } 143 144 int crypto4xx_alloc_sa(struct crypto4xx_ctx *ctx, u32 size) 145 { 146 ctx->sa_in = kcalloc(size, 4, GFP_ATOMIC); 147 if (ctx->sa_in == NULL) 148 return -ENOMEM; 149 150 ctx->sa_out = kcalloc(size, 4, GFP_ATOMIC); 151 if (ctx->sa_out == NULL) { 152 kfree(ctx->sa_in); 153 ctx->sa_in = NULL; 154 return -ENOMEM; 155 } 156 157 ctx->sa_len = size; 158 159 return 0; 160 } 161 162 void crypto4xx_free_sa(struct crypto4xx_ctx *ctx) 163 { 164 kfree(ctx->sa_in); 165 ctx->sa_in = NULL; 166 kfree(ctx->sa_out); 167 ctx->sa_out = NULL; 168 ctx->sa_len = 0; 169 } 170 171 /** 172 * alloc memory for the gather ring 173 * no need to alloc buf for the ring 174 * gdr_tail, gdr_head and gdr_count are initialized by this function 175 */ 176 static u32 crypto4xx_build_pdr(struct crypto4xx_device *dev) 177 { 178 int i; 179 dev->pdr = dma_alloc_coherent(dev->core_dev->device, 180 sizeof(struct ce_pd) * PPC4XX_NUM_PD, 181 &dev->pdr_pa, GFP_ATOMIC); 182 if (!dev->pdr) 183 return -ENOMEM; 184 185 dev->pdr_uinfo = kcalloc(PPC4XX_NUM_PD, sizeof(struct pd_uinfo), 186 GFP_KERNEL); 187 if (!dev->pdr_uinfo) { 188 dma_free_coherent(dev->core_dev->device, 189 sizeof(struct ce_pd) * PPC4XX_NUM_PD, 190 dev->pdr, 191 dev->pdr_pa); 192 return -ENOMEM; 193 } 194 memset(dev->pdr, 0, sizeof(struct ce_pd) * PPC4XX_NUM_PD); 195 dev->shadow_sa_pool = dma_alloc_coherent(dev->core_dev->device, 196 sizeof(union shadow_sa_buf) * PPC4XX_NUM_PD, 197 &dev->shadow_sa_pool_pa, 198 GFP_ATOMIC); 199 if (!dev->shadow_sa_pool) 200 return -ENOMEM; 201 202 dev->shadow_sr_pool = dma_alloc_coherent(dev->core_dev->device, 203 sizeof(struct sa_state_record) * PPC4XX_NUM_PD, 204 &dev->shadow_sr_pool_pa, GFP_ATOMIC); 205 if (!dev->shadow_sr_pool) 206 return -ENOMEM; 207 for (i = 0; i < PPC4XX_NUM_PD; i++) { 208 struct ce_pd *pd = &dev->pdr[i]; 209 struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[i]; 210 211 pd->sa = dev->shadow_sa_pool_pa + 212 sizeof(union shadow_sa_buf) * i; 213 214 /* alloc 256 bytes which is enough for any kind of dynamic sa */ 215 pd_uinfo->sa_va = &dev->shadow_sa_pool[i].sa; 216 217 /* alloc state record */ 218 pd_uinfo->sr_va = &dev->shadow_sr_pool[i]; 219 pd_uinfo->sr_pa = dev->shadow_sr_pool_pa + 220 sizeof(struct sa_state_record) * i; 221 } 222 223 return 0; 224 } 225 226 static void crypto4xx_destroy_pdr(struct crypto4xx_device *dev) 227 { 228 if (dev->pdr) 229 dma_free_coherent(dev->core_dev->device, 230 sizeof(struct ce_pd) * PPC4XX_NUM_PD, 231 dev->pdr, dev->pdr_pa); 232 233 if (dev->shadow_sa_pool) 234 dma_free_coherent(dev->core_dev->device, 235 sizeof(union shadow_sa_buf) * PPC4XX_NUM_PD, 236 dev->shadow_sa_pool, dev->shadow_sa_pool_pa); 237 238 if (dev->shadow_sr_pool) 239 dma_free_coherent(dev->core_dev->device, 240 sizeof(struct sa_state_record) * PPC4XX_NUM_PD, 241 dev->shadow_sr_pool, dev->shadow_sr_pool_pa); 242 243 kfree(dev->pdr_uinfo); 244 } 245 246 static u32 crypto4xx_get_pd_from_pdr_nolock(struct crypto4xx_device *dev) 247 { 248 u32 retval; 249 u32 tmp; 250 251 retval = dev->pdr_head; 252 tmp = (dev->pdr_head + 1) % PPC4XX_NUM_PD; 253 254 if (tmp == dev->pdr_tail) 255 return ERING_WAS_FULL; 256 257 dev->pdr_head = tmp; 258 259 return retval; 260 } 261 262 static u32 crypto4xx_put_pd_to_pdr(struct crypto4xx_device *dev, u32 idx) 263 { 264 struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[idx]; 265 u32 tail; 266 unsigned long flags; 267 268 spin_lock_irqsave(&dev->core_dev->lock, flags); 269 pd_uinfo->state = PD_ENTRY_FREE; 270 271 if (dev->pdr_tail != PPC4XX_LAST_PD) 272 dev->pdr_tail++; 273 else 274 dev->pdr_tail = 0; 275 tail = dev->pdr_tail; 276 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 277 278 return tail; 279 } 280 281 /** 282 * alloc memory for the gather ring 283 * no need to alloc buf for the ring 284 * gdr_tail, gdr_head and gdr_count are initialized by this function 285 */ 286 static u32 crypto4xx_build_gdr(struct crypto4xx_device *dev) 287 { 288 dev->gdr = dma_alloc_coherent(dev->core_dev->device, 289 sizeof(struct ce_gd) * PPC4XX_NUM_GD, 290 &dev->gdr_pa, GFP_ATOMIC); 291 if (!dev->gdr) 292 return -ENOMEM; 293 294 return 0; 295 } 296 297 static inline void crypto4xx_destroy_gdr(struct crypto4xx_device *dev) 298 { 299 dma_free_coherent(dev->core_dev->device, 300 sizeof(struct ce_gd) * PPC4XX_NUM_GD, 301 dev->gdr, dev->gdr_pa); 302 } 303 304 /* 305 * when this function is called. 306 * preemption or interrupt must be disabled 307 */ 308 static u32 crypto4xx_get_n_gd(struct crypto4xx_device *dev, int n) 309 { 310 u32 retval; 311 u32 tmp; 312 313 if (n >= PPC4XX_NUM_GD) 314 return ERING_WAS_FULL; 315 316 retval = dev->gdr_head; 317 tmp = (dev->gdr_head + n) % PPC4XX_NUM_GD; 318 if (dev->gdr_head > dev->gdr_tail) { 319 if (tmp < dev->gdr_head && tmp >= dev->gdr_tail) 320 return ERING_WAS_FULL; 321 } else if (dev->gdr_head < dev->gdr_tail) { 322 if (tmp < dev->gdr_head || tmp >= dev->gdr_tail) 323 return ERING_WAS_FULL; 324 } 325 dev->gdr_head = tmp; 326 327 return retval; 328 } 329 330 static u32 crypto4xx_put_gd_to_gdr(struct crypto4xx_device *dev) 331 { 332 unsigned long flags; 333 334 spin_lock_irqsave(&dev->core_dev->lock, flags); 335 if (dev->gdr_tail == dev->gdr_head) { 336 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 337 return 0; 338 } 339 340 if (dev->gdr_tail != PPC4XX_LAST_GD) 341 dev->gdr_tail++; 342 else 343 dev->gdr_tail = 0; 344 345 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 346 347 return 0; 348 } 349 350 static inline struct ce_gd *crypto4xx_get_gdp(struct crypto4xx_device *dev, 351 dma_addr_t *gd_dma, u32 idx) 352 { 353 *gd_dma = dev->gdr_pa + sizeof(struct ce_gd) * idx; 354 355 return &dev->gdr[idx]; 356 } 357 358 /** 359 * alloc memory for the scatter ring 360 * need to alloc buf for the ring 361 * sdr_tail, sdr_head and sdr_count are initialized by this function 362 */ 363 static u32 crypto4xx_build_sdr(struct crypto4xx_device *dev) 364 { 365 int i; 366 367 /* alloc memory for scatter descriptor ring */ 368 dev->sdr = dma_alloc_coherent(dev->core_dev->device, 369 sizeof(struct ce_sd) * PPC4XX_NUM_SD, 370 &dev->sdr_pa, GFP_ATOMIC); 371 if (!dev->sdr) 372 return -ENOMEM; 373 374 dev->scatter_buffer_va = 375 dma_alloc_coherent(dev->core_dev->device, 376 PPC4XX_SD_BUFFER_SIZE * PPC4XX_NUM_SD, 377 &dev->scatter_buffer_pa, GFP_ATOMIC); 378 if (!dev->scatter_buffer_va) { 379 dma_free_coherent(dev->core_dev->device, 380 sizeof(struct ce_sd) * PPC4XX_NUM_SD, 381 dev->sdr, dev->sdr_pa); 382 return -ENOMEM; 383 } 384 385 for (i = 0; i < PPC4XX_NUM_SD; i++) { 386 dev->sdr[i].ptr = dev->scatter_buffer_pa + 387 PPC4XX_SD_BUFFER_SIZE * i; 388 } 389 390 return 0; 391 } 392 393 static void crypto4xx_destroy_sdr(struct crypto4xx_device *dev) 394 { 395 if (dev->sdr) 396 dma_free_coherent(dev->core_dev->device, 397 sizeof(struct ce_sd) * PPC4XX_NUM_SD, 398 dev->sdr, dev->sdr_pa); 399 400 if (dev->scatter_buffer_va) 401 dma_free_coherent(dev->core_dev->device, 402 PPC4XX_SD_BUFFER_SIZE * PPC4XX_NUM_SD, 403 dev->scatter_buffer_va, 404 dev->scatter_buffer_pa); 405 } 406 407 /* 408 * when this function is called. 409 * preemption or interrupt must be disabled 410 */ 411 static u32 crypto4xx_get_n_sd(struct crypto4xx_device *dev, int n) 412 { 413 u32 retval; 414 u32 tmp; 415 416 if (n >= PPC4XX_NUM_SD) 417 return ERING_WAS_FULL; 418 419 retval = dev->sdr_head; 420 tmp = (dev->sdr_head + n) % PPC4XX_NUM_SD; 421 if (dev->sdr_head > dev->gdr_tail) { 422 if (tmp < dev->sdr_head && tmp >= dev->sdr_tail) 423 return ERING_WAS_FULL; 424 } else if (dev->sdr_head < dev->sdr_tail) { 425 if (tmp < dev->sdr_head || tmp >= dev->sdr_tail) 426 return ERING_WAS_FULL; 427 } /* the head = tail, or empty case is already take cared */ 428 dev->sdr_head = tmp; 429 430 return retval; 431 } 432 433 static u32 crypto4xx_put_sd_to_sdr(struct crypto4xx_device *dev) 434 { 435 unsigned long flags; 436 437 spin_lock_irqsave(&dev->core_dev->lock, flags); 438 if (dev->sdr_tail == dev->sdr_head) { 439 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 440 return 0; 441 } 442 if (dev->sdr_tail != PPC4XX_LAST_SD) 443 dev->sdr_tail++; 444 else 445 dev->sdr_tail = 0; 446 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 447 448 return 0; 449 } 450 451 static inline struct ce_sd *crypto4xx_get_sdp(struct crypto4xx_device *dev, 452 dma_addr_t *sd_dma, u32 idx) 453 { 454 *sd_dma = dev->sdr_pa + sizeof(struct ce_sd) * idx; 455 456 return &dev->sdr[idx]; 457 } 458 459 static void crypto4xx_copy_pkt_to_dst(struct crypto4xx_device *dev, 460 struct ce_pd *pd, 461 struct pd_uinfo *pd_uinfo, 462 u32 nbytes, 463 struct scatterlist *dst) 464 { 465 unsigned int first_sd = pd_uinfo->first_sd; 466 unsigned int last_sd; 467 unsigned int overflow = 0; 468 unsigned int to_copy; 469 unsigned int dst_start = 0; 470 471 /* 472 * Because the scatter buffers are all neatly organized in one 473 * big continuous ringbuffer; scatterwalk_map_and_copy() can 474 * be instructed to copy a range of buffers in one go. 475 */ 476 477 last_sd = (first_sd + pd_uinfo->num_sd); 478 if (last_sd > PPC4XX_LAST_SD) { 479 last_sd = PPC4XX_LAST_SD; 480 overflow = last_sd % PPC4XX_NUM_SD; 481 } 482 483 while (nbytes) { 484 void *buf = dev->scatter_buffer_va + 485 first_sd * PPC4XX_SD_BUFFER_SIZE; 486 487 to_copy = min(nbytes, PPC4XX_SD_BUFFER_SIZE * 488 (1 + last_sd - first_sd)); 489 scatterwalk_map_and_copy(buf, dst, dst_start, to_copy, 1); 490 nbytes -= to_copy; 491 492 if (overflow) { 493 first_sd = 0; 494 last_sd = overflow; 495 dst_start += to_copy; 496 overflow = 0; 497 } 498 } 499 } 500 501 static void crypto4xx_copy_digest_to_dst(void *dst, 502 struct pd_uinfo *pd_uinfo, 503 struct crypto4xx_ctx *ctx) 504 { 505 struct dynamic_sa_ctl *sa = (struct dynamic_sa_ctl *) ctx->sa_in; 506 507 if (sa->sa_command_0.bf.hash_alg == SA_HASH_ALG_SHA1) { 508 memcpy(dst, pd_uinfo->sr_va->save_digest, 509 SA_HASH_ALG_SHA1_DIGEST_SIZE); 510 } 511 } 512 513 static void crypto4xx_ret_sg_desc(struct crypto4xx_device *dev, 514 struct pd_uinfo *pd_uinfo) 515 { 516 int i; 517 if (pd_uinfo->num_gd) { 518 for (i = 0; i < pd_uinfo->num_gd; i++) 519 crypto4xx_put_gd_to_gdr(dev); 520 pd_uinfo->first_gd = 0xffffffff; 521 pd_uinfo->num_gd = 0; 522 } 523 if (pd_uinfo->num_sd) { 524 for (i = 0; i < pd_uinfo->num_sd; i++) 525 crypto4xx_put_sd_to_sdr(dev); 526 527 pd_uinfo->first_sd = 0xffffffff; 528 pd_uinfo->num_sd = 0; 529 } 530 } 531 532 static void crypto4xx_cipher_done(struct crypto4xx_device *dev, 533 struct pd_uinfo *pd_uinfo, 534 struct ce_pd *pd) 535 { 536 struct skcipher_request *req; 537 struct scatterlist *dst; 538 dma_addr_t addr; 539 540 req = skcipher_request_cast(pd_uinfo->async_req); 541 542 if (pd_uinfo->using_sd) { 543 crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo, 544 req->cryptlen, req->dst); 545 } else { 546 dst = pd_uinfo->dest_va; 547 addr = dma_map_page(dev->core_dev->device, sg_page(dst), 548 dst->offset, dst->length, DMA_FROM_DEVICE); 549 } 550 551 if (pd_uinfo->sa_va->sa_command_0.bf.save_iv == SA_SAVE_IV) { 552 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); 553 554 crypto4xx_memcpy_from_le32((u32 *)req->iv, 555 pd_uinfo->sr_va->save_iv, 556 crypto_skcipher_ivsize(skcipher)); 557 } 558 559 crypto4xx_ret_sg_desc(dev, pd_uinfo); 560 561 if (pd_uinfo->state & PD_ENTRY_BUSY) 562 skcipher_request_complete(req, -EINPROGRESS); 563 skcipher_request_complete(req, 0); 564 } 565 566 static void crypto4xx_ahash_done(struct crypto4xx_device *dev, 567 struct pd_uinfo *pd_uinfo) 568 { 569 struct crypto4xx_ctx *ctx; 570 struct ahash_request *ahash_req; 571 572 ahash_req = ahash_request_cast(pd_uinfo->async_req); 573 ctx = crypto_tfm_ctx(ahash_req->base.tfm); 574 575 crypto4xx_copy_digest_to_dst(ahash_req->result, pd_uinfo, 576 crypto_tfm_ctx(ahash_req->base.tfm)); 577 crypto4xx_ret_sg_desc(dev, pd_uinfo); 578 579 if (pd_uinfo->state & PD_ENTRY_BUSY) 580 ahash_request_complete(ahash_req, -EINPROGRESS); 581 ahash_request_complete(ahash_req, 0); 582 } 583 584 static void crypto4xx_aead_done(struct crypto4xx_device *dev, 585 struct pd_uinfo *pd_uinfo, 586 struct ce_pd *pd) 587 { 588 struct aead_request *aead_req = container_of(pd_uinfo->async_req, 589 struct aead_request, base); 590 struct scatterlist *dst = pd_uinfo->dest_va; 591 size_t cp_len = crypto_aead_authsize( 592 crypto_aead_reqtfm(aead_req)); 593 u32 icv[AES_BLOCK_SIZE]; 594 int err = 0; 595 596 if (pd_uinfo->using_sd) { 597 crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo, 598 pd->pd_ctl_len.bf.pkt_len, 599 dst); 600 } else { 601 dma_unmap_page(dev->core_dev->device, pd->dest, dst->length, 602 DMA_FROM_DEVICE); 603 } 604 605 if (pd_uinfo->sa_va->sa_command_0.bf.dir == DIR_OUTBOUND) { 606 /* append icv at the end */ 607 crypto4xx_memcpy_from_le32(icv, pd_uinfo->sr_va->save_digest, 608 sizeof(icv)); 609 610 scatterwalk_map_and_copy(icv, dst, aead_req->cryptlen, 611 cp_len, 1); 612 } else { 613 /* check icv at the end */ 614 scatterwalk_map_and_copy(icv, aead_req->src, 615 aead_req->assoclen + aead_req->cryptlen - 616 cp_len, cp_len, 0); 617 618 crypto4xx_memcpy_from_le32(icv, icv, sizeof(icv)); 619 620 if (crypto_memneq(icv, pd_uinfo->sr_va->save_digest, cp_len)) 621 err = -EBADMSG; 622 } 623 624 crypto4xx_ret_sg_desc(dev, pd_uinfo); 625 626 if (pd->pd_ctl.bf.status & 0xff) { 627 if (!__ratelimit(&dev->aead_ratelimit)) { 628 if (pd->pd_ctl.bf.status & 2) 629 pr_err("pad fail error\n"); 630 if (pd->pd_ctl.bf.status & 4) 631 pr_err("seqnum fail\n"); 632 if (pd->pd_ctl.bf.status & 8) 633 pr_err("error _notify\n"); 634 pr_err("aead return err status = 0x%02x\n", 635 pd->pd_ctl.bf.status & 0xff); 636 pr_err("pd pad_ctl = 0x%08x\n", 637 pd->pd_ctl.bf.pd_pad_ctl); 638 } 639 err = -EINVAL; 640 } 641 642 if (pd_uinfo->state & PD_ENTRY_BUSY) 643 aead_request_complete(aead_req, -EINPROGRESS); 644 645 aead_request_complete(aead_req, err); 646 } 647 648 static void crypto4xx_pd_done(struct crypto4xx_device *dev, u32 idx) 649 { 650 struct ce_pd *pd = &dev->pdr[idx]; 651 struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[idx]; 652 653 switch (crypto_tfm_alg_type(pd_uinfo->async_req->tfm)) { 654 case CRYPTO_ALG_TYPE_SKCIPHER: 655 crypto4xx_cipher_done(dev, pd_uinfo, pd); 656 break; 657 case CRYPTO_ALG_TYPE_AEAD: 658 crypto4xx_aead_done(dev, pd_uinfo, pd); 659 break; 660 case CRYPTO_ALG_TYPE_AHASH: 661 crypto4xx_ahash_done(dev, pd_uinfo); 662 break; 663 } 664 } 665 666 static void crypto4xx_stop_all(struct crypto4xx_core_device *core_dev) 667 { 668 crypto4xx_destroy_pdr(core_dev->dev); 669 crypto4xx_destroy_gdr(core_dev->dev); 670 crypto4xx_destroy_sdr(core_dev->dev); 671 iounmap(core_dev->dev->ce_base); 672 kfree(core_dev->dev); 673 kfree(core_dev); 674 } 675 676 static u32 get_next_gd(u32 current) 677 { 678 if (current != PPC4XX_LAST_GD) 679 return current + 1; 680 else 681 return 0; 682 } 683 684 static u32 get_next_sd(u32 current) 685 { 686 if (current != PPC4XX_LAST_SD) 687 return current + 1; 688 else 689 return 0; 690 } 691 692 int crypto4xx_build_pd(struct crypto_async_request *req, 693 struct crypto4xx_ctx *ctx, 694 struct scatterlist *src, 695 struct scatterlist *dst, 696 const unsigned int datalen, 697 const __le32 *iv, const u32 iv_len, 698 const struct dynamic_sa_ctl *req_sa, 699 const unsigned int sa_len, 700 const unsigned int assoclen, 701 struct scatterlist *_dst) 702 { 703 struct crypto4xx_device *dev = ctx->dev; 704 struct dynamic_sa_ctl *sa; 705 struct ce_gd *gd; 706 struct ce_pd *pd; 707 u32 num_gd, num_sd; 708 u32 fst_gd = 0xffffffff; 709 u32 fst_sd = 0xffffffff; 710 u32 pd_entry; 711 unsigned long flags; 712 struct pd_uinfo *pd_uinfo; 713 unsigned int nbytes = datalen; 714 size_t offset_to_sr_ptr; 715 u32 gd_idx = 0; 716 int tmp; 717 bool is_busy, force_sd; 718 719 /* 720 * There's a very subtile/disguised "bug" in the hardware that 721 * gets indirectly mentioned in 18.1.3.5 Encryption/Decryption 722 * of the hardware spec: 723 * *drum roll* the AES/(T)DES OFB and CFB modes are listed as 724 * operation modes for >>> "Block ciphers" <<<. 725 * 726 * To workaround this issue and stop the hardware from causing 727 * "overran dst buffer" on crypttexts that are not a multiple 728 * of 16 (AES_BLOCK_SIZE), we force the driver to use the 729 * scatter buffers. 730 */ 731 force_sd = (req_sa->sa_command_1.bf.crypto_mode9_8 == CRYPTO_MODE_CFB 732 || req_sa->sa_command_1.bf.crypto_mode9_8 == CRYPTO_MODE_OFB) 733 && (datalen % AES_BLOCK_SIZE); 734 735 /* figure how many gd are needed */ 736 tmp = sg_nents_for_len(src, assoclen + datalen); 737 if (tmp < 0) { 738 dev_err(dev->core_dev->device, "Invalid number of src SG.\n"); 739 return tmp; 740 } 741 if (tmp == 1) 742 tmp = 0; 743 num_gd = tmp; 744 745 if (assoclen) { 746 nbytes += assoclen; 747 dst = scatterwalk_ffwd(_dst, dst, assoclen); 748 } 749 750 /* figure how many sd are needed */ 751 if (sg_is_last(dst) && force_sd == false) { 752 num_sd = 0; 753 } else { 754 if (datalen > PPC4XX_SD_BUFFER_SIZE) { 755 num_sd = datalen / PPC4XX_SD_BUFFER_SIZE; 756 if (datalen % PPC4XX_SD_BUFFER_SIZE) 757 num_sd++; 758 } else { 759 num_sd = 1; 760 } 761 } 762 763 /* 764 * The follow section of code needs to be protected 765 * The gather ring and scatter ring needs to be consecutive 766 * In case of run out of any kind of descriptor, the descriptor 767 * already got must be return the original place. 768 */ 769 spin_lock_irqsave(&dev->core_dev->lock, flags); 770 /* 771 * Let the caller know to slow down, once more than 13/16ths = 81% 772 * of the available data contexts are being used simultaneously. 773 * 774 * With PPC4XX_NUM_PD = 256, this will leave a "backlog queue" for 775 * 31 more contexts. Before new requests have to be rejected. 776 */ 777 if (req->flags & CRYPTO_TFM_REQ_MAY_BACKLOG) { 778 is_busy = ((dev->pdr_head - dev->pdr_tail) % PPC4XX_NUM_PD) >= 779 ((PPC4XX_NUM_PD * 13) / 16); 780 } else { 781 /* 782 * To fix contention issues between ipsec (no blacklog) and 783 * dm-crypto (backlog) reserve 32 entries for "no backlog" 784 * data contexts. 785 */ 786 is_busy = ((dev->pdr_head - dev->pdr_tail) % PPC4XX_NUM_PD) >= 787 ((PPC4XX_NUM_PD * 15) / 16); 788 789 if (is_busy) { 790 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 791 return -EBUSY; 792 } 793 } 794 795 if (num_gd) { 796 fst_gd = crypto4xx_get_n_gd(dev, num_gd); 797 if (fst_gd == ERING_WAS_FULL) { 798 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 799 return -EAGAIN; 800 } 801 } 802 if (num_sd) { 803 fst_sd = crypto4xx_get_n_sd(dev, num_sd); 804 if (fst_sd == ERING_WAS_FULL) { 805 if (num_gd) 806 dev->gdr_head = fst_gd; 807 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 808 return -EAGAIN; 809 } 810 } 811 pd_entry = crypto4xx_get_pd_from_pdr_nolock(dev); 812 if (pd_entry == ERING_WAS_FULL) { 813 if (num_gd) 814 dev->gdr_head = fst_gd; 815 if (num_sd) 816 dev->sdr_head = fst_sd; 817 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 818 return -EAGAIN; 819 } 820 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 821 822 pd = &dev->pdr[pd_entry]; 823 pd->sa_len = sa_len; 824 825 pd_uinfo = &dev->pdr_uinfo[pd_entry]; 826 pd_uinfo->num_gd = num_gd; 827 pd_uinfo->num_sd = num_sd; 828 pd_uinfo->dest_va = dst; 829 pd_uinfo->async_req = req; 830 831 if (iv_len) 832 memcpy(pd_uinfo->sr_va->save_iv, iv, iv_len); 833 834 sa = pd_uinfo->sa_va; 835 memcpy(sa, req_sa, sa_len * 4); 836 837 sa->sa_command_1.bf.hash_crypto_offset = (assoclen >> 2); 838 offset_to_sr_ptr = get_dynamic_sa_offset_state_ptr_field(sa); 839 *(u32 *)((unsigned long)sa + offset_to_sr_ptr) = pd_uinfo->sr_pa; 840 841 if (num_gd) { 842 dma_addr_t gd_dma; 843 struct scatterlist *sg; 844 845 /* get first gd we are going to use */ 846 gd_idx = fst_gd; 847 pd_uinfo->first_gd = fst_gd; 848 gd = crypto4xx_get_gdp(dev, &gd_dma, gd_idx); 849 pd->src = gd_dma; 850 /* enable gather */ 851 sa->sa_command_0.bf.gather = 1; 852 /* walk the sg, and setup gather array */ 853 854 sg = src; 855 while (nbytes) { 856 size_t len; 857 858 len = min(sg->length, nbytes); 859 gd->ptr = dma_map_page(dev->core_dev->device, 860 sg_page(sg), sg->offset, len, DMA_TO_DEVICE); 861 gd->ctl_len.len = len; 862 gd->ctl_len.done = 0; 863 gd->ctl_len.ready = 1; 864 if (len >= nbytes) 865 break; 866 867 nbytes -= sg->length; 868 gd_idx = get_next_gd(gd_idx); 869 gd = crypto4xx_get_gdp(dev, &gd_dma, gd_idx); 870 sg = sg_next(sg); 871 } 872 } else { 873 pd->src = (u32)dma_map_page(dev->core_dev->device, sg_page(src), 874 src->offset, min(nbytes, src->length), 875 DMA_TO_DEVICE); 876 /* 877 * Disable gather in sa command 878 */ 879 sa->sa_command_0.bf.gather = 0; 880 /* 881 * Indicate gather array is not used 882 */ 883 pd_uinfo->first_gd = 0xffffffff; 884 } 885 if (!num_sd) { 886 /* 887 * we know application give us dst a whole piece of memory 888 * no need to use scatter ring. 889 */ 890 pd_uinfo->using_sd = 0; 891 pd_uinfo->first_sd = 0xffffffff; 892 sa->sa_command_0.bf.scatter = 0; 893 pd->dest = (u32)dma_map_page(dev->core_dev->device, 894 sg_page(dst), dst->offset, 895 min(datalen, dst->length), 896 DMA_TO_DEVICE); 897 } else { 898 dma_addr_t sd_dma; 899 struct ce_sd *sd = NULL; 900 901 u32 sd_idx = fst_sd; 902 nbytes = datalen; 903 sa->sa_command_0.bf.scatter = 1; 904 pd_uinfo->using_sd = 1; 905 pd_uinfo->first_sd = fst_sd; 906 sd = crypto4xx_get_sdp(dev, &sd_dma, sd_idx); 907 pd->dest = sd_dma; 908 /* setup scatter descriptor */ 909 sd->ctl.done = 0; 910 sd->ctl.rdy = 1; 911 /* sd->ptr should be setup by sd_init routine*/ 912 if (nbytes >= PPC4XX_SD_BUFFER_SIZE) 913 nbytes -= PPC4XX_SD_BUFFER_SIZE; 914 else 915 nbytes = 0; 916 while (nbytes) { 917 sd_idx = get_next_sd(sd_idx); 918 sd = crypto4xx_get_sdp(dev, &sd_dma, sd_idx); 919 /* setup scatter descriptor */ 920 sd->ctl.done = 0; 921 sd->ctl.rdy = 1; 922 if (nbytes >= PPC4XX_SD_BUFFER_SIZE) { 923 nbytes -= PPC4XX_SD_BUFFER_SIZE; 924 } else { 925 /* 926 * SD entry can hold PPC4XX_SD_BUFFER_SIZE, 927 * which is more than nbytes, so done. 928 */ 929 nbytes = 0; 930 } 931 } 932 } 933 934 pd->pd_ctl.w = PD_CTL_HOST_READY | 935 ((crypto_tfm_alg_type(req->tfm) == CRYPTO_ALG_TYPE_AHASH) | 936 (crypto_tfm_alg_type(req->tfm) == CRYPTO_ALG_TYPE_AEAD) ? 937 PD_CTL_HASH_FINAL : 0); 938 pd->pd_ctl_len.w = 0x00400000 | (assoclen + datalen); 939 pd_uinfo->state = PD_ENTRY_INUSE | (is_busy ? PD_ENTRY_BUSY : 0); 940 941 wmb(); 942 /* write any value to push engine to read a pd */ 943 writel(0, dev->ce_base + CRYPTO4XX_INT_DESCR_RD); 944 writel(1, dev->ce_base + CRYPTO4XX_INT_DESCR_RD); 945 return is_busy ? -EBUSY : -EINPROGRESS; 946 } 947 948 /** 949 * Algorithm Registration Functions 950 */ 951 static void crypto4xx_ctx_init(struct crypto4xx_alg *amcc_alg, 952 struct crypto4xx_ctx *ctx) 953 { 954 ctx->dev = amcc_alg->dev; 955 ctx->sa_in = NULL; 956 ctx->sa_out = NULL; 957 ctx->sa_len = 0; 958 } 959 960 static int crypto4xx_sk_init(struct crypto_skcipher *sk) 961 { 962 struct skcipher_alg *alg = crypto_skcipher_alg(sk); 963 struct crypto4xx_alg *amcc_alg; 964 struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(sk); 965 966 if (alg->base.cra_flags & CRYPTO_ALG_NEED_FALLBACK) { 967 ctx->sw_cipher.cipher = 968 crypto_alloc_skcipher(alg->base.cra_name, 0, 969 CRYPTO_ALG_NEED_FALLBACK | 970 CRYPTO_ALG_ASYNC); 971 if (IS_ERR(ctx->sw_cipher.cipher)) 972 return PTR_ERR(ctx->sw_cipher.cipher); 973 974 crypto_skcipher_set_reqsize(sk, 975 sizeof(struct skcipher_request) + 32 + 976 crypto_skcipher_reqsize(ctx->sw_cipher.cipher)); 977 } 978 979 amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.cipher); 980 crypto4xx_ctx_init(amcc_alg, ctx); 981 return 0; 982 } 983 984 static void crypto4xx_common_exit(struct crypto4xx_ctx *ctx) 985 { 986 crypto4xx_free_sa(ctx); 987 } 988 989 static void crypto4xx_sk_exit(struct crypto_skcipher *sk) 990 { 991 struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(sk); 992 993 crypto4xx_common_exit(ctx); 994 if (ctx->sw_cipher.cipher) 995 crypto_free_skcipher(ctx->sw_cipher.cipher); 996 } 997 998 static int crypto4xx_aead_init(struct crypto_aead *tfm) 999 { 1000 struct aead_alg *alg = crypto_aead_alg(tfm); 1001 struct crypto4xx_ctx *ctx = crypto_aead_ctx(tfm); 1002 struct crypto4xx_alg *amcc_alg; 1003 1004 ctx->sw_cipher.aead = crypto_alloc_aead(alg->base.cra_name, 0, 1005 CRYPTO_ALG_NEED_FALLBACK | 1006 CRYPTO_ALG_ASYNC); 1007 if (IS_ERR(ctx->sw_cipher.aead)) 1008 return PTR_ERR(ctx->sw_cipher.aead); 1009 1010 amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.aead); 1011 crypto4xx_ctx_init(amcc_alg, ctx); 1012 crypto_aead_set_reqsize(tfm, max(sizeof(struct aead_request) + 32 + 1013 crypto_aead_reqsize(ctx->sw_cipher.aead), 1014 sizeof(struct crypto4xx_aead_reqctx))); 1015 return 0; 1016 } 1017 1018 static void crypto4xx_aead_exit(struct crypto_aead *tfm) 1019 { 1020 struct crypto4xx_ctx *ctx = crypto_aead_ctx(tfm); 1021 1022 crypto4xx_common_exit(ctx); 1023 crypto_free_aead(ctx->sw_cipher.aead); 1024 } 1025 1026 static int crypto4xx_register_alg(struct crypto4xx_device *sec_dev, 1027 struct crypto4xx_alg_common *crypto_alg, 1028 int array_size) 1029 { 1030 struct crypto4xx_alg *alg; 1031 int i; 1032 int rc = 0; 1033 1034 for (i = 0; i < array_size; i++) { 1035 alg = kzalloc(sizeof(struct crypto4xx_alg), GFP_KERNEL); 1036 if (!alg) 1037 return -ENOMEM; 1038 1039 alg->alg = crypto_alg[i]; 1040 alg->dev = sec_dev; 1041 1042 switch (alg->alg.type) { 1043 case CRYPTO_ALG_TYPE_AEAD: 1044 rc = crypto_register_aead(&alg->alg.u.aead); 1045 break; 1046 1047 case CRYPTO_ALG_TYPE_AHASH: 1048 rc = crypto_register_ahash(&alg->alg.u.hash); 1049 break; 1050 1051 case CRYPTO_ALG_TYPE_RNG: 1052 rc = crypto_register_rng(&alg->alg.u.rng); 1053 break; 1054 1055 default: 1056 rc = crypto_register_skcipher(&alg->alg.u.cipher); 1057 break; 1058 } 1059 1060 if (rc) 1061 kfree(alg); 1062 else 1063 list_add_tail(&alg->entry, &sec_dev->alg_list); 1064 } 1065 1066 return 0; 1067 } 1068 1069 static void crypto4xx_unregister_alg(struct crypto4xx_device *sec_dev) 1070 { 1071 struct crypto4xx_alg *alg, *tmp; 1072 1073 list_for_each_entry_safe(alg, tmp, &sec_dev->alg_list, entry) { 1074 list_del(&alg->entry); 1075 switch (alg->alg.type) { 1076 case CRYPTO_ALG_TYPE_AHASH: 1077 crypto_unregister_ahash(&alg->alg.u.hash); 1078 break; 1079 1080 case CRYPTO_ALG_TYPE_AEAD: 1081 crypto_unregister_aead(&alg->alg.u.aead); 1082 break; 1083 1084 case CRYPTO_ALG_TYPE_RNG: 1085 crypto_unregister_rng(&alg->alg.u.rng); 1086 break; 1087 1088 default: 1089 crypto_unregister_skcipher(&alg->alg.u.cipher); 1090 } 1091 kfree(alg); 1092 } 1093 } 1094 1095 static void crypto4xx_bh_tasklet_cb(unsigned long data) 1096 { 1097 struct device *dev = (struct device *)data; 1098 struct crypto4xx_core_device *core_dev = dev_get_drvdata(dev); 1099 struct pd_uinfo *pd_uinfo; 1100 struct ce_pd *pd; 1101 u32 tail = core_dev->dev->pdr_tail; 1102 u32 head = core_dev->dev->pdr_head; 1103 1104 do { 1105 pd_uinfo = &core_dev->dev->pdr_uinfo[tail]; 1106 pd = &core_dev->dev->pdr[tail]; 1107 if ((pd_uinfo->state & PD_ENTRY_INUSE) && 1108 ((READ_ONCE(pd->pd_ctl.w) & 1109 (PD_CTL_PE_DONE | PD_CTL_HOST_READY)) == 1110 PD_CTL_PE_DONE)) { 1111 crypto4xx_pd_done(core_dev->dev, tail); 1112 tail = crypto4xx_put_pd_to_pdr(core_dev->dev, tail); 1113 } else { 1114 /* if tail not done, break */ 1115 break; 1116 } 1117 } while (head != tail); 1118 } 1119 1120 /** 1121 * Top Half of isr. 1122 */ 1123 static inline irqreturn_t crypto4xx_interrupt_handler(int irq, void *data, 1124 u32 clr_val) 1125 { 1126 struct device *dev = (struct device *)data; 1127 struct crypto4xx_core_device *core_dev = dev_get_drvdata(dev); 1128 1129 writel(clr_val, core_dev->dev->ce_base + CRYPTO4XX_INT_CLR); 1130 tasklet_schedule(&core_dev->tasklet); 1131 1132 return IRQ_HANDLED; 1133 } 1134 1135 static irqreturn_t crypto4xx_ce_interrupt_handler(int irq, void *data) 1136 { 1137 return crypto4xx_interrupt_handler(irq, data, PPC4XX_INTERRUPT_CLR); 1138 } 1139 1140 static irqreturn_t crypto4xx_ce_interrupt_handler_revb(int irq, void *data) 1141 { 1142 return crypto4xx_interrupt_handler(irq, data, PPC4XX_INTERRUPT_CLR | 1143 PPC4XX_TMO_ERR_INT); 1144 } 1145 1146 static int ppc4xx_prng_data_read(struct crypto4xx_device *dev, 1147 u8 *data, unsigned int max) 1148 { 1149 unsigned int i, curr = 0; 1150 u32 val[2]; 1151 1152 do { 1153 /* trigger PRN generation */ 1154 writel(PPC4XX_PRNG_CTRL_AUTO_EN, 1155 dev->ce_base + CRYPTO4XX_PRNG_CTRL); 1156 1157 for (i = 0; i < 1024; i++) { 1158 /* usually 19 iterations are enough */ 1159 if ((readl(dev->ce_base + CRYPTO4XX_PRNG_STAT) & 1160 CRYPTO4XX_PRNG_STAT_BUSY)) 1161 continue; 1162 1163 val[0] = readl_be(dev->ce_base + CRYPTO4XX_PRNG_RES_0); 1164 val[1] = readl_be(dev->ce_base + CRYPTO4XX_PRNG_RES_1); 1165 break; 1166 } 1167 if (i == 1024) 1168 return -ETIMEDOUT; 1169 1170 if ((max - curr) >= 8) { 1171 memcpy(data, &val, 8); 1172 data += 8; 1173 curr += 8; 1174 } else { 1175 /* copy only remaining bytes */ 1176 memcpy(data, &val, max - curr); 1177 break; 1178 } 1179 } while (curr < max); 1180 1181 return curr; 1182 } 1183 1184 static int crypto4xx_prng_generate(struct crypto_rng *tfm, 1185 const u8 *src, unsigned int slen, 1186 u8 *dstn, unsigned int dlen) 1187 { 1188 struct rng_alg *alg = crypto_rng_alg(tfm); 1189 struct crypto4xx_alg *amcc_alg; 1190 struct crypto4xx_device *dev; 1191 int ret; 1192 1193 amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.rng); 1194 dev = amcc_alg->dev; 1195 1196 mutex_lock(&dev->core_dev->rng_lock); 1197 ret = ppc4xx_prng_data_read(dev, dstn, dlen); 1198 mutex_unlock(&dev->core_dev->rng_lock); 1199 return ret; 1200 } 1201 1202 1203 static int crypto4xx_prng_seed(struct crypto_rng *tfm, const u8 *seed, 1204 unsigned int slen) 1205 { 1206 return 0; 1207 } 1208 1209 /** 1210 * Supported Crypto Algorithms 1211 */ 1212 static struct crypto4xx_alg_common crypto4xx_alg[] = { 1213 /* Crypto AES modes */ 1214 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1215 .base = { 1216 .cra_name = "cbc(aes)", 1217 .cra_driver_name = "cbc-aes-ppc4xx", 1218 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1219 .cra_flags = CRYPTO_ALG_ASYNC | 1220 CRYPTO_ALG_KERN_DRIVER_ONLY, 1221 .cra_blocksize = AES_BLOCK_SIZE, 1222 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1223 .cra_module = THIS_MODULE, 1224 }, 1225 .min_keysize = AES_MIN_KEY_SIZE, 1226 .max_keysize = AES_MAX_KEY_SIZE, 1227 .ivsize = AES_IV_SIZE, 1228 .setkey = crypto4xx_setkey_aes_cbc, 1229 .encrypt = crypto4xx_encrypt_iv, 1230 .decrypt = crypto4xx_decrypt_iv, 1231 .init = crypto4xx_sk_init, 1232 .exit = crypto4xx_sk_exit, 1233 } }, 1234 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1235 .base = { 1236 .cra_name = "cfb(aes)", 1237 .cra_driver_name = "cfb-aes-ppc4xx", 1238 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1239 .cra_flags = CRYPTO_ALG_ASYNC | 1240 CRYPTO_ALG_KERN_DRIVER_ONLY, 1241 .cra_blocksize = AES_BLOCK_SIZE, 1242 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1243 .cra_module = THIS_MODULE, 1244 }, 1245 .min_keysize = AES_MIN_KEY_SIZE, 1246 .max_keysize = AES_MAX_KEY_SIZE, 1247 .ivsize = AES_IV_SIZE, 1248 .setkey = crypto4xx_setkey_aes_cfb, 1249 .encrypt = crypto4xx_encrypt_iv, 1250 .decrypt = crypto4xx_decrypt_iv, 1251 .init = crypto4xx_sk_init, 1252 .exit = crypto4xx_sk_exit, 1253 } }, 1254 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1255 .base = { 1256 .cra_name = "ctr(aes)", 1257 .cra_driver_name = "ctr-aes-ppc4xx", 1258 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1259 .cra_flags = CRYPTO_ALG_NEED_FALLBACK | 1260 CRYPTO_ALG_ASYNC | 1261 CRYPTO_ALG_KERN_DRIVER_ONLY, 1262 .cra_blocksize = AES_BLOCK_SIZE, 1263 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1264 .cra_module = THIS_MODULE, 1265 }, 1266 .min_keysize = AES_MIN_KEY_SIZE, 1267 .max_keysize = AES_MAX_KEY_SIZE, 1268 .ivsize = AES_IV_SIZE, 1269 .setkey = crypto4xx_setkey_aes_ctr, 1270 .encrypt = crypto4xx_encrypt_ctr, 1271 .decrypt = crypto4xx_decrypt_ctr, 1272 .init = crypto4xx_sk_init, 1273 .exit = crypto4xx_sk_exit, 1274 } }, 1275 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1276 .base = { 1277 .cra_name = "rfc3686(ctr(aes))", 1278 .cra_driver_name = "rfc3686-ctr-aes-ppc4xx", 1279 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1280 .cra_flags = CRYPTO_ALG_ASYNC | 1281 CRYPTO_ALG_KERN_DRIVER_ONLY, 1282 .cra_blocksize = AES_BLOCK_SIZE, 1283 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1284 .cra_module = THIS_MODULE, 1285 }, 1286 .min_keysize = AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, 1287 .max_keysize = AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, 1288 .ivsize = CTR_RFC3686_IV_SIZE, 1289 .setkey = crypto4xx_setkey_rfc3686, 1290 .encrypt = crypto4xx_rfc3686_encrypt, 1291 .decrypt = crypto4xx_rfc3686_decrypt, 1292 .init = crypto4xx_sk_init, 1293 .exit = crypto4xx_sk_exit, 1294 } }, 1295 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1296 .base = { 1297 .cra_name = "ecb(aes)", 1298 .cra_driver_name = "ecb-aes-ppc4xx", 1299 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1300 .cra_flags = CRYPTO_ALG_ASYNC | 1301 CRYPTO_ALG_KERN_DRIVER_ONLY, 1302 .cra_blocksize = AES_BLOCK_SIZE, 1303 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1304 .cra_module = THIS_MODULE, 1305 }, 1306 .min_keysize = AES_MIN_KEY_SIZE, 1307 .max_keysize = AES_MAX_KEY_SIZE, 1308 .setkey = crypto4xx_setkey_aes_ecb, 1309 .encrypt = crypto4xx_encrypt_noiv, 1310 .decrypt = crypto4xx_decrypt_noiv, 1311 .init = crypto4xx_sk_init, 1312 .exit = crypto4xx_sk_exit, 1313 } }, 1314 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1315 .base = { 1316 .cra_name = "ofb(aes)", 1317 .cra_driver_name = "ofb-aes-ppc4xx", 1318 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1319 .cra_flags = CRYPTO_ALG_ASYNC | 1320 CRYPTO_ALG_KERN_DRIVER_ONLY, 1321 .cra_blocksize = AES_BLOCK_SIZE, 1322 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1323 .cra_module = THIS_MODULE, 1324 }, 1325 .min_keysize = AES_MIN_KEY_SIZE, 1326 .max_keysize = AES_MAX_KEY_SIZE, 1327 .ivsize = AES_IV_SIZE, 1328 .setkey = crypto4xx_setkey_aes_ofb, 1329 .encrypt = crypto4xx_encrypt_iv, 1330 .decrypt = crypto4xx_decrypt_iv, 1331 .init = crypto4xx_sk_init, 1332 .exit = crypto4xx_sk_exit, 1333 } }, 1334 1335 /* AEAD */ 1336 { .type = CRYPTO_ALG_TYPE_AEAD, .u.aead = { 1337 .setkey = crypto4xx_setkey_aes_ccm, 1338 .setauthsize = crypto4xx_setauthsize_aead, 1339 .encrypt = crypto4xx_encrypt_aes_ccm, 1340 .decrypt = crypto4xx_decrypt_aes_ccm, 1341 .init = crypto4xx_aead_init, 1342 .exit = crypto4xx_aead_exit, 1343 .ivsize = AES_BLOCK_SIZE, 1344 .maxauthsize = 16, 1345 .base = { 1346 .cra_name = "ccm(aes)", 1347 .cra_driver_name = "ccm-aes-ppc4xx", 1348 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1349 .cra_flags = CRYPTO_ALG_ASYNC | 1350 CRYPTO_ALG_NEED_FALLBACK | 1351 CRYPTO_ALG_KERN_DRIVER_ONLY, 1352 .cra_blocksize = 1, 1353 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1354 .cra_module = THIS_MODULE, 1355 }, 1356 } }, 1357 { .type = CRYPTO_ALG_TYPE_AEAD, .u.aead = { 1358 .setkey = crypto4xx_setkey_aes_gcm, 1359 .setauthsize = crypto4xx_setauthsize_aead, 1360 .encrypt = crypto4xx_encrypt_aes_gcm, 1361 .decrypt = crypto4xx_decrypt_aes_gcm, 1362 .init = crypto4xx_aead_init, 1363 .exit = crypto4xx_aead_exit, 1364 .ivsize = GCM_AES_IV_SIZE, 1365 .maxauthsize = 16, 1366 .base = { 1367 .cra_name = "gcm(aes)", 1368 .cra_driver_name = "gcm-aes-ppc4xx", 1369 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1370 .cra_flags = CRYPTO_ALG_ASYNC | 1371 CRYPTO_ALG_NEED_FALLBACK | 1372 CRYPTO_ALG_KERN_DRIVER_ONLY, 1373 .cra_blocksize = 1, 1374 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1375 .cra_module = THIS_MODULE, 1376 }, 1377 } }, 1378 { .type = CRYPTO_ALG_TYPE_RNG, .u.rng = { 1379 .base = { 1380 .cra_name = "stdrng", 1381 .cra_driver_name = "crypto4xx_rng", 1382 .cra_priority = 300, 1383 .cra_ctxsize = 0, 1384 .cra_module = THIS_MODULE, 1385 }, 1386 .generate = crypto4xx_prng_generate, 1387 .seed = crypto4xx_prng_seed, 1388 .seedsize = 0, 1389 } }, 1390 }; 1391 1392 /** 1393 * Module Initialization Routine 1394 */ 1395 static int crypto4xx_probe(struct platform_device *ofdev) 1396 { 1397 int rc; 1398 struct resource res; 1399 struct device *dev = &ofdev->dev; 1400 struct crypto4xx_core_device *core_dev; 1401 u32 pvr; 1402 bool is_revb = true; 1403 1404 rc = of_address_to_resource(ofdev->dev.of_node, 0, &res); 1405 if (rc) 1406 return -ENODEV; 1407 1408 if (of_find_compatible_node(NULL, NULL, "amcc,ppc460ex-crypto")) { 1409 mtdcri(SDR0, PPC460EX_SDR0_SRST, 1410 mfdcri(SDR0, PPC460EX_SDR0_SRST) | PPC460EX_CE_RESET); 1411 mtdcri(SDR0, PPC460EX_SDR0_SRST, 1412 mfdcri(SDR0, PPC460EX_SDR0_SRST) & ~PPC460EX_CE_RESET); 1413 } else if (of_find_compatible_node(NULL, NULL, 1414 "amcc,ppc405ex-crypto")) { 1415 mtdcri(SDR0, PPC405EX_SDR0_SRST, 1416 mfdcri(SDR0, PPC405EX_SDR0_SRST) | PPC405EX_CE_RESET); 1417 mtdcri(SDR0, PPC405EX_SDR0_SRST, 1418 mfdcri(SDR0, PPC405EX_SDR0_SRST) & ~PPC405EX_CE_RESET); 1419 is_revb = false; 1420 } else if (of_find_compatible_node(NULL, NULL, 1421 "amcc,ppc460sx-crypto")) { 1422 mtdcri(SDR0, PPC460SX_SDR0_SRST, 1423 mfdcri(SDR0, PPC460SX_SDR0_SRST) | PPC460SX_CE_RESET); 1424 mtdcri(SDR0, PPC460SX_SDR0_SRST, 1425 mfdcri(SDR0, PPC460SX_SDR0_SRST) & ~PPC460SX_CE_RESET); 1426 } else { 1427 printk(KERN_ERR "Crypto Function Not supported!\n"); 1428 return -EINVAL; 1429 } 1430 1431 core_dev = kzalloc(sizeof(struct crypto4xx_core_device), GFP_KERNEL); 1432 if (!core_dev) 1433 return -ENOMEM; 1434 1435 dev_set_drvdata(dev, core_dev); 1436 core_dev->ofdev = ofdev; 1437 core_dev->dev = kzalloc(sizeof(struct crypto4xx_device), GFP_KERNEL); 1438 rc = -ENOMEM; 1439 if (!core_dev->dev) 1440 goto err_alloc_dev; 1441 1442 /* 1443 * Older version of 460EX/GT have a hardware bug. 1444 * Hence they do not support H/W based security intr coalescing 1445 */ 1446 pvr = mfspr(SPRN_PVR); 1447 if (is_revb && ((pvr >> 4) == 0x130218A)) { 1448 u32 min = PVR_MIN(pvr); 1449 1450 if (min < 4) { 1451 dev_info(dev, "RevA detected - disable interrupt coalescing\n"); 1452 is_revb = false; 1453 } 1454 } 1455 1456 core_dev->dev->core_dev = core_dev; 1457 core_dev->dev->is_revb = is_revb; 1458 core_dev->device = dev; 1459 mutex_init(&core_dev->rng_lock); 1460 spin_lock_init(&core_dev->lock); 1461 INIT_LIST_HEAD(&core_dev->dev->alg_list); 1462 ratelimit_default_init(&core_dev->dev->aead_ratelimit); 1463 rc = crypto4xx_build_pdr(core_dev->dev); 1464 if (rc) 1465 goto err_build_pdr; 1466 1467 rc = crypto4xx_build_gdr(core_dev->dev); 1468 if (rc) 1469 goto err_build_pdr; 1470 1471 rc = crypto4xx_build_sdr(core_dev->dev); 1472 if (rc) 1473 goto err_build_sdr; 1474 1475 /* Init tasklet for bottom half processing */ 1476 tasklet_init(&core_dev->tasklet, crypto4xx_bh_tasklet_cb, 1477 (unsigned long) dev); 1478 1479 core_dev->dev->ce_base = of_iomap(ofdev->dev.of_node, 0); 1480 if (!core_dev->dev->ce_base) { 1481 dev_err(dev, "failed to of_iomap\n"); 1482 rc = -ENOMEM; 1483 goto err_iomap; 1484 } 1485 1486 /* Register for Crypto isr, Crypto Engine IRQ */ 1487 core_dev->irq = irq_of_parse_and_map(ofdev->dev.of_node, 0); 1488 rc = request_irq(core_dev->irq, is_revb ? 1489 crypto4xx_ce_interrupt_handler_revb : 1490 crypto4xx_ce_interrupt_handler, 0, 1491 KBUILD_MODNAME, dev); 1492 if (rc) 1493 goto err_request_irq; 1494 1495 /* need to setup pdr, rdr, gdr and sdr before this */ 1496 crypto4xx_hw_init(core_dev->dev); 1497 1498 /* Register security algorithms with Linux CryptoAPI */ 1499 rc = crypto4xx_register_alg(core_dev->dev, crypto4xx_alg, 1500 ARRAY_SIZE(crypto4xx_alg)); 1501 if (rc) 1502 goto err_start_dev; 1503 1504 ppc4xx_trng_probe(core_dev); 1505 return 0; 1506 1507 err_start_dev: 1508 free_irq(core_dev->irq, dev); 1509 err_request_irq: 1510 irq_dispose_mapping(core_dev->irq); 1511 iounmap(core_dev->dev->ce_base); 1512 err_iomap: 1513 tasklet_kill(&core_dev->tasklet); 1514 err_build_sdr: 1515 crypto4xx_destroy_sdr(core_dev->dev); 1516 crypto4xx_destroy_gdr(core_dev->dev); 1517 err_build_pdr: 1518 crypto4xx_destroy_pdr(core_dev->dev); 1519 kfree(core_dev->dev); 1520 err_alloc_dev: 1521 kfree(core_dev); 1522 1523 return rc; 1524 } 1525 1526 static int crypto4xx_remove(struct platform_device *ofdev) 1527 { 1528 struct device *dev = &ofdev->dev; 1529 struct crypto4xx_core_device *core_dev = dev_get_drvdata(dev); 1530 1531 ppc4xx_trng_remove(core_dev); 1532 1533 free_irq(core_dev->irq, dev); 1534 irq_dispose_mapping(core_dev->irq); 1535 1536 tasklet_kill(&core_dev->tasklet); 1537 /* Un-register with Linux CryptoAPI */ 1538 crypto4xx_unregister_alg(core_dev->dev); 1539 mutex_destroy(&core_dev->rng_lock); 1540 /* Free all allocated memory */ 1541 crypto4xx_stop_all(core_dev); 1542 1543 return 0; 1544 } 1545 1546 static const struct of_device_id crypto4xx_match[] = { 1547 { .compatible = "amcc,ppc4xx-crypto",}, 1548 { }, 1549 }; 1550 MODULE_DEVICE_TABLE(of, crypto4xx_match); 1551 1552 static struct platform_driver crypto4xx_driver = { 1553 .driver = { 1554 .name = KBUILD_MODNAME, 1555 .of_match_table = crypto4xx_match, 1556 }, 1557 .probe = crypto4xx_probe, 1558 .remove = crypto4xx_remove, 1559 }; 1560 1561 module_platform_driver(crypto4xx_driver); 1562 1563 MODULE_LICENSE("GPL"); 1564 MODULE_AUTHOR("James Hsiao <jhsiao@amcc.com>"); 1565 MODULE_DESCRIPTION("Driver for AMCC PPC4xx crypto accelerator"); 1566