1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /** 3 * AMCC SoC PPC4xx Crypto Driver 4 * 5 * Copyright (c) 2008 Applied Micro Circuits Corporation. 6 * All rights reserved. James Hsiao <jhsiao@amcc.com> 7 * 8 * This file implements AMCC crypto offload Linux device driver for use with 9 * Linux CryptoAPI. 10 */ 11 12 #include <linux/kernel.h> 13 #include <linux/interrupt.h> 14 #include <linux/spinlock_types.h> 15 #include <linux/random.h> 16 #include <linux/scatterlist.h> 17 #include <linux/crypto.h> 18 #include <linux/dma-mapping.h> 19 #include <linux/platform_device.h> 20 #include <linux/init.h> 21 #include <linux/module.h> 22 #include <linux/of_address.h> 23 #include <linux/of_irq.h> 24 #include <linux/of_platform.h> 25 #include <linux/slab.h> 26 #include <asm/dcr.h> 27 #include <asm/dcr-regs.h> 28 #include <asm/cacheflush.h> 29 #include <crypto/aead.h> 30 #include <crypto/aes.h> 31 #include <crypto/ctr.h> 32 #include <crypto/gcm.h> 33 #include <crypto/sha.h> 34 #include <crypto/rng.h> 35 #include <crypto/scatterwalk.h> 36 #include <crypto/skcipher.h> 37 #include <crypto/internal/aead.h> 38 #include <crypto/internal/rng.h> 39 #include <crypto/internal/skcipher.h> 40 #include "crypto4xx_reg_def.h" 41 #include "crypto4xx_core.h" 42 #include "crypto4xx_sa.h" 43 #include "crypto4xx_trng.h" 44 45 #define PPC4XX_SEC_VERSION_STR "0.5" 46 47 /** 48 * PPC4xx Crypto Engine Initialization Routine 49 */ 50 static void crypto4xx_hw_init(struct crypto4xx_device *dev) 51 { 52 union ce_ring_size ring_size; 53 union ce_ring_control ring_ctrl; 54 union ce_part_ring_size part_ring_size; 55 union ce_io_threshold io_threshold; 56 u32 rand_num; 57 union ce_pe_dma_cfg pe_dma_cfg; 58 u32 device_ctrl; 59 60 writel(PPC4XX_BYTE_ORDER, dev->ce_base + CRYPTO4XX_BYTE_ORDER_CFG); 61 /* setup pe dma, include reset sg, pdr and pe, then release reset */ 62 pe_dma_cfg.w = 0; 63 pe_dma_cfg.bf.bo_sgpd_en = 1; 64 pe_dma_cfg.bf.bo_data_en = 0; 65 pe_dma_cfg.bf.bo_sa_en = 1; 66 pe_dma_cfg.bf.bo_pd_en = 1; 67 pe_dma_cfg.bf.dynamic_sa_en = 1; 68 pe_dma_cfg.bf.reset_sg = 1; 69 pe_dma_cfg.bf.reset_pdr = 1; 70 pe_dma_cfg.bf.reset_pe = 1; 71 writel(pe_dma_cfg.w, dev->ce_base + CRYPTO4XX_PE_DMA_CFG); 72 /* un reset pe,sg and pdr */ 73 pe_dma_cfg.bf.pe_mode = 0; 74 pe_dma_cfg.bf.reset_sg = 0; 75 pe_dma_cfg.bf.reset_pdr = 0; 76 pe_dma_cfg.bf.reset_pe = 0; 77 pe_dma_cfg.bf.bo_td_en = 0; 78 writel(pe_dma_cfg.w, dev->ce_base + CRYPTO4XX_PE_DMA_CFG); 79 writel(dev->pdr_pa, dev->ce_base + CRYPTO4XX_PDR_BASE); 80 writel(dev->pdr_pa, dev->ce_base + CRYPTO4XX_RDR_BASE); 81 writel(PPC4XX_PRNG_CTRL_AUTO_EN, dev->ce_base + CRYPTO4XX_PRNG_CTRL); 82 get_random_bytes(&rand_num, sizeof(rand_num)); 83 writel(rand_num, dev->ce_base + CRYPTO4XX_PRNG_SEED_L); 84 get_random_bytes(&rand_num, sizeof(rand_num)); 85 writel(rand_num, dev->ce_base + CRYPTO4XX_PRNG_SEED_H); 86 ring_size.w = 0; 87 ring_size.bf.ring_offset = PPC4XX_PD_SIZE; 88 ring_size.bf.ring_size = PPC4XX_NUM_PD; 89 writel(ring_size.w, dev->ce_base + CRYPTO4XX_RING_SIZE); 90 ring_ctrl.w = 0; 91 writel(ring_ctrl.w, dev->ce_base + CRYPTO4XX_RING_CTRL); 92 device_ctrl = readl(dev->ce_base + CRYPTO4XX_DEVICE_CTRL); 93 device_ctrl |= PPC4XX_DC_3DES_EN; 94 writel(device_ctrl, dev->ce_base + CRYPTO4XX_DEVICE_CTRL); 95 writel(dev->gdr_pa, dev->ce_base + CRYPTO4XX_GATH_RING_BASE); 96 writel(dev->sdr_pa, dev->ce_base + CRYPTO4XX_SCAT_RING_BASE); 97 part_ring_size.w = 0; 98 part_ring_size.bf.sdr_size = PPC4XX_SDR_SIZE; 99 part_ring_size.bf.gdr_size = PPC4XX_GDR_SIZE; 100 writel(part_ring_size.w, dev->ce_base + CRYPTO4XX_PART_RING_SIZE); 101 writel(PPC4XX_SD_BUFFER_SIZE, dev->ce_base + CRYPTO4XX_PART_RING_CFG); 102 io_threshold.w = 0; 103 io_threshold.bf.output_threshold = PPC4XX_OUTPUT_THRESHOLD; 104 io_threshold.bf.input_threshold = PPC4XX_INPUT_THRESHOLD; 105 writel(io_threshold.w, dev->ce_base + CRYPTO4XX_IO_THRESHOLD); 106 writel(0, dev->ce_base + CRYPTO4XX_PDR_BASE_UADDR); 107 writel(0, dev->ce_base + CRYPTO4XX_RDR_BASE_UADDR); 108 writel(0, dev->ce_base + CRYPTO4XX_PKT_SRC_UADDR); 109 writel(0, dev->ce_base + CRYPTO4XX_PKT_DEST_UADDR); 110 writel(0, dev->ce_base + CRYPTO4XX_SA_UADDR); 111 writel(0, dev->ce_base + CRYPTO4XX_GATH_RING_BASE_UADDR); 112 writel(0, dev->ce_base + CRYPTO4XX_SCAT_RING_BASE_UADDR); 113 /* un reset pe,sg and pdr */ 114 pe_dma_cfg.bf.pe_mode = 1; 115 pe_dma_cfg.bf.reset_sg = 0; 116 pe_dma_cfg.bf.reset_pdr = 0; 117 pe_dma_cfg.bf.reset_pe = 0; 118 pe_dma_cfg.bf.bo_td_en = 0; 119 writel(pe_dma_cfg.w, dev->ce_base + CRYPTO4XX_PE_DMA_CFG); 120 /*clear all pending interrupt*/ 121 writel(PPC4XX_INTERRUPT_CLR, dev->ce_base + CRYPTO4XX_INT_CLR); 122 writel(PPC4XX_INT_DESCR_CNT, dev->ce_base + CRYPTO4XX_INT_DESCR_CNT); 123 writel(PPC4XX_INT_DESCR_CNT, dev->ce_base + CRYPTO4XX_INT_DESCR_CNT); 124 writel(PPC4XX_INT_CFG, dev->ce_base + CRYPTO4XX_INT_CFG); 125 if (dev->is_revb) { 126 writel(PPC4XX_INT_TIMEOUT_CNT_REVB << 10, 127 dev->ce_base + CRYPTO4XX_INT_TIMEOUT_CNT); 128 writel(PPC4XX_PD_DONE_INT | PPC4XX_TMO_ERR_INT, 129 dev->ce_base + CRYPTO4XX_INT_EN); 130 } else { 131 writel(PPC4XX_PD_DONE_INT, dev->ce_base + CRYPTO4XX_INT_EN); 132 } 133 } 134 135 int crypto4xx_alloc_sa(struct crypto4xx_ctx *ctx, u32 size) 136 { 137 ctx->sa_in = kcalloc(size, 4, GFP_ATOMIC); 138 if (ctx->sa_in == NULL) 139 return -ENOMEM; 140 141 ctx->sa_out = kcalloc(size, 4, GFP_ATOMIC); 142 if (ctx->sa_out == NULL) { 143 kfree(ctx->sa_in); 144 ctx->sa_in = NULL; 145 return -ENOMEM; 146 } 147 148 ctx->sa_len = size; 149 150 return 0; 151 } 152 153 void crypto4xx_free_sa(struct crypto4xx_ctx *ctx) 154 { 155 kfree(ctx->sa_in); 156 ctx->sa_in = NULL; 157 kfree(ctx->sa_out); 158 ctx->sa_out = NULL; 159 ctx->sa_len = 0; 160 } 161 162 /** 163 * alloc memory for the gather ring 164 * no need to alloc buf for the ring 165 * gdr_tail, gdr_head and gdr_count are initialized by this function 166 */ 167 static u32 crypto4xx_build_pdr(struct crypto4xx_device *dev) 168 { 169 int i; 170 dev->pdr = dma_alloc_coherent(dev->core_dev->device, 171 sizeof(struct ce_pd) * PPC4XX_NUM_PD, 172 &dev->pdr_pa, GFP_ATOMIC); 173 if (!dev->pdr) 174 return -ENOMEM; 175 176 dev->pdr_uinfo = kcalloc(PPC4XX_NUM_PD, sizeof(struct pd_uinfo), 177 GFP_KERNEL); 178 if (!dev->pdr_uinfo) { 179 dma_free_coherent(dev->core_dev->device, 180 sizeof(struct ce_pd) * PPC4XX_NUM_PD, 181 dev->pdr, 182 dev->pdr_pa); 183 return -ENOMEM; 184 } 185 dev->shadow_sa_pool = dma_alloc_coherent(dev->core_dev->device, 186 sizeof(union shadow_sa_buf) * PPC4XX_NUM_PD, 187 &dev->shadow_sa_pool_pa, 188 GFP_ATOMIC); 189 if (!dev->shadow_sa_pool) 190 return -ENOMEM; 191 192 dev->shadow_sr_pool = dma_alloc_coherent(dev->core_dev->device, 193 sizeof(struct sa_state_record) * PPC4XX_NUM_PD, 194 &dev->shadow_sr_pool_pa, GFP_ATOMIC); 195 if (!dev->shadow_sr_pool) 196 return -ENOMEM; 197 for (i = 0; i < PPC4XX_NUM_PD; i++) { 198 struct ce_pd *pd = &dev->pdr[i]; 199 struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[i]; 200 201 pd->sa = dev->shadow_sa_pool_pa + 202 sizeof(union shadow_sa_buf) * i; 203 204 /* alloc 256 bytes which is enough for any kind of dynamic sa */ 205 pd_uinfo->sa_va = &dev->shadow_sa_pool[i].sa; 206 207 /* alloc state record */ 208 pd_uinfo->sr_va = &dev->shadow_sr_pool[i]; 209 pd_uinfo->sr_pa = dev->shadow_sr_pool_pa + 210 sizeof(struct sa_state_record) * i; 211 } 212 213 return 0; 214 } 215 216 static void crypto4xx_destroy_pdr(struct crypto4xx_device *dev) 217 { 218 if (dev->pdr) 219 dma_free_coherent(dev->core_dev->device, 220 sizeof(struct ce_pd) * PPC4XX_NUM_PD, 221 dev->pdr, dev->pdr_pa); 222 223 if (dev->shadow_sa_pool) 224 dma_free_coherent(dev->core_dev->device, 225 sizeof(union shadow_sa_buf) * PPC4XX_NUM_PD, 226 dev->shadow_sa_pool, dev->shadow_sa_pool_pa); 227 228 if (dev->shadow_sr_pool) 229 dma_free_coherent(dev->core_dev->device, 230 sizeof(struct sa_state_record) * PPC4XX_NUM_PD, 231 dev->shadow_sr_pool, dev->shadow_sr_pool_pa); 232 233 kfree(dev->pdr_uinfo); 234 } 235 236 static u32 crypto4xx_get_pd_from_pdr_nolock(struct crypto4xx_device *dev) 237 { 238 u32 retval; 239 u32 tmp; 240 241 retval = dev->pdr_head; 242 tmp = (dev->pdr_head + 1) % PPC4XX_NUM_PD; 243 244 if (tmp == dev->pdr_tail) 245 return ERING_WAS_FULL; 246 247 dev->pdr_head = tmp; 248 249 return retval; 250 } 251 252 static u32 crypto4xx_put_pd_to_pdr(struct crypto4xx_device *dev, u32 idx) 253 { 254 struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[idx]; 255 u32 tail; 256 unsigned long flags; 257 258 spin_lock_irqsave(&dev->core_dev->lock, flags); 259 pd_uinfo->state = PD_ENTRY_FREE; 260 261 if (dev->pdr_tail != PPC4XX_LAST_PD) 262 dev->pdr_tail++; 263 else 264 dev->pdr_tail = 0; 265 tail = dev->pdr_tail; 266 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 267 268 return tail; 269 } 270 271 /** 272 * alloc memory for the gather ring 273 * no need to alloc buf for the ring 274 * gdr_tail, gdr_head and gdr_count are initialized by this function 275 */ 276 static u32 crypto4xx_build_gdr(struct crypto4xx_device *dev) 277 { 278 dev->gdr = dma_alloc_coherent(dev->core_dev->device, 279 sizeof(struct ce_gd) * PPC4XX_NUM_GD, 280 &dev->gdr_pa, GFP_ATOMIC); 281 if (!dev->gdr) 282 return -ENOMEM; 283 284 return 0; 285 } 286 287 static inline void crypto4xx_destroy_gdr(struct crypto4xx_device *dev) 288 { 289 dma_free_coherent(dev->core_dev->device, 290 sizeof(struct ce_gd) * PPC4XX_NUM_GD, 291 dev->gdr, dev->gdr_pa); 292 } 293 294 /* 295 * when this function is called. 296 * preemption or interrupt must be disabled 297 */ 298 static u32 crypto4xx_get_n_gd(struct crypto4xx_device *dev, int n) 299 { 300 u32 retval; 301 u32 tmp; 302 303 if (n >= PPC4XX_NUM_GD) 304 return ERING_WAS_FULL; 305 306 retval = dev->gdr_head; 307 tmp = (dev->gdr_head + n) % PPC4XX_NUM_GD; 308 if (dev->gdr_head > dev->gdr_tail) { 309 if (tmp < dev->gdr_head && tmp >= dev->gdr_tail) 310 return ERING_WAS_FULL; 311 } else if (dev->gdr_head < dev->gdr_tail) { 312 if (tmp < dev->gdr_head || tmp >= dev->gdr_tail) 313 return ERING_WAS_FULL; 314 } 315 dev->gdr_head = tmp; 316 317 return retval; 318 } 319 320 static u32 crypto4xx_put_gd_to_gdr(struct crypto4xx_device *dev) 321 { 322 unsigned long flags; 323 324 spin_lock_irqsave(&dev->core_dev->lock, flags); 325 if (dev->gdr_tail == dev->gdr_head) { 326 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 327 return 0; 328 } 329 330 if (dev->gdr_tail != PPC4XX_LAST_GD) 331 dev->gdr_tail++; 332 else 333 dev->gdr_tail = 0; 334 335 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 336 337 return 0; 338 } 339 340 static inline struct ce_gd *crypto4xx_get_gdp(struct crypto4xx_device *dev, 341 dma_addr_t *gd_dma, u32 idx) 342 { 343 *gd_dma = dev->gdr_pa + sizeof(struct ce_gd) * idx; 344 345 return &dev->gdr[idx]; 346 } 347 348 /** 349 * alloc memory for the scatter ring 350 * need to alloc buf for the ring 351 * sdr_tail, sdr_head and sdr_count are initialized by this function 352 */ 353 static u32 crypto4xx_build_sdr(struct crypto4xx_device *dev) 354 { 355 int i; 356 357 /* alloc memory for scatter descriptor ring */ 358 dev->sdr = dma_alloc_coherent(dev->core_dev->device, 359 sizeof(struct ce_sd) * PPC4XX_NUM_SD, 360 &dev->sdr_pa, GFP_ATOMIC); 361 if (!dev->sdr) 362 return -ENOMEM; 363 364 dev->scatter_buffer_va = 365 dma_alloc_coherent(dev->core_dev->device, 366 PPC4XX_SD_BUFFER_SIZE * PPC4XX_NUM_SD, 367 &dev->scatter_buffer_pa, GFP_ATOMIC); 368 if (!dev->scatter_buffer_va) { 369 dma_free_coherent(dev->core_dev->device, 370 sizeof(struct ce_sd) * PPC4XX_NUM_SD, 371 dev->sdr, dev->sdr_pa); 372 return -ENOMEM; 373 } 374 375 for (i = 0; i < PPC4XX_NUM_SD; i++) { 376 dev->sdr[i].ptr = dev->scatter_buffer_pa + 377 PPC4XX_SD_BUFFER_SIZE * i; 378 } 379 380 return 0; 381 } 382 383 static void crypto4xx_destroy_sdr(struct crypto4xx_device *dev) 384 { 385 if (dev->sdr) 386 dma_free_coherent(dev->core_dev->device, 387 sizeof(struct ce_sd) * PPC4XX_NUM_SD, 388 dev->sdr, dev->sdr_pa); 389 390 if (dev->scatter_buffer_va) 391 dma_free_coherent(dev->core_dev->device, 392 PPC4XX_SD_BUFFER_SIZE * PPC4XX_NUM_SD, 393 dev->scatter_buffer_va, 394 dev->scatter_buffer_pa); 395 } 396 397 /* 398 * when this function is called. 399 * preemption or interrupt must be disabled 400 */ 401 static u32 crypto4xx_get_n_sd(struct crypto4xx_device *dev, int n) 402 { 403 u32 retval; 404 u32 tmp; 405 406 if (n >= PPC4XX_NUM_SD) 407 return ERING_WAS_FULL; 408 409 retval = dev->sdr_head; 410 tmp = (dev->sdr_head + n) % PPC4XX_NUM_SD; 411 if (dev->sdr_head > dev->gdr_tail) { 412 if (tmp < dev->sdr_head && tmp >= dev->sdr_tail) 413 return ERING_WAS_FULL; 414 } else if (dev->sdr_head < dev->sdr_tail) { 415 if (tmp < dev->sdr_head || tmp >= dev->sdr_tail) 416 return ERING_WAS_FULL; 417 } /* the head = tail, or empty case is already take cared */ 418 dev->sdr_head = tmp; 419 420 return retval; 421 } 422 423 static u32 crypto4xx_put_sd_to_sdr(struct crypto4xx_device *dev) 424 { 425 unsigned long flags; 426 427 spin_lock_irqsave(&dev->core_dev->lock, flags); 428 if (dev->sdr_tail == dev->sdr_head) { 429 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 430 return 0; 431 } 432 if (dev->sdr_tail != PPC4XX_LAST_SD) 433 dev->sdr_tail++; 434 else 435 dev->sdr_tail = 0; 436 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 437 438 return 0; 439 } 440 441 static inline struct ce_sd *crypto4xx_get_sdp(struct crypto4xx_device *dev, 442 dma_addr_t *sd_dma, u32 idx) 443 { 444 *sd_dma = dev->sdr_pa + sizeof(struct ce_sd) * idx; 445 446 return &dev->sdr[idx]; 447 } 448 449 static void crypto4xx_copy_pkt_to_dst(struct crypto4xx_device *dev, 450 struct ce_pd *pd, 451 struct pd_uinfo *pd_uinfo, 452 u32 nbytes, 453 struct scatterlist *dst) 454 { 455 unsigned int first_sd = pd_uinfo->first_sd; 456 unsigned int last_sd; 457 unsigned int overflow = 0; 458 unsigned int to_copy; 459 unsigned int dst_start = 0; 460 461 /* 462 * Because the scatter buffers are all neatly organized in one 463 * big continuous ringbuffer; scatterwalk_map_and_copy() can 464 * be instructed to copy a range of buffers in one go. 465 */ 466 467 last_sd = (first_sd + pd_uinfo->num_sd); 468 if (last_sd > PPC4XX_LAST_SD) { 469 last_sd = PPC4XX_LAST_SD; 470 overflow = last_sd % PPC4XX_NUM_SD; 471 } 472 473 while (nbytes) { 474 void *buf = dev->scatter_buffer_va + 475 first_sd * PPC4XX_SD_BUFFER_SIZE; 476 477 to_copy = min(nbytes, PPC4XX_SD_BUFFER_SIZE * 478 (1 + last_sd - first_sd)); 479 scatterwalk_map_and_copy(buf, dst, dst_start, to_copy, 1); 480 nbytes -= to_copy; 481 482 if (overflow) { 483 first_sd = 0; 484 last_sd = overflow; 485 dst_start += to_copy; 486 overflow = 0; 487 } 488 } 489 } 490 491 static void crypto4xx_copy_digest_to_dst(void *dst, 492 struct pd_uinfo *pd_uinfo, 493 struct crypto4xx_ctx *ctx) 494 { 495 struct dynamic_sa_ctl *sa = (struct dynamic_sa_ctl *) ctx->sa_in; 496 497 if (sa->sa_command_0.bf.hash_alg == SA_HASH_ALG_SHA1) { 498 memcpy(dst, pd_uinfo->sr_va->save_digest, 499 SA_HASH_ALG_SHA1_DIGEST_SIZE); 500 } 501 } 502 503 static void crypto4xx_ret_sg_desc(struct crypto4xx_device *dev, 504 struct pd_uinfo *pd_uinfo) 505 { 506 int i; 507 if (pd_uinfo->num_gd) { 508 for (i = 0; i < pd_uinfo->num_gd; i++) 509 crypto4xx_put_gd_to_gdr(dev); 510 pd_uinfo->first_gd = 0xffffffff; 511 pd_uinfo->num_gd = 0; 512 } 513 if (pd_uinfo->num_sd) { 514 for (i = 0; i < pd_uinfo->num_sd; i++) 515 crypto4xx_put_sd_to_sdr(dev); 516 517 pd_uinfo->first_sd = 0xffffffff; 518 pd_uinfo->num_sd = 0; 519 } 520 } 521 522 static void crypto4xx_cipher_done(struct crypto4xx_device *dev, 523 struct pd_uinfo *pd_uinfo, 524 struct ce_pd *pd) 525 { 526 struct skcipher_request *req; 527 struct scatterlist *dst; 528 dma_addr_t addr; 529 530 req = skcipher_request_cast(pd_uinfo->async_req); 531 532 if (pd_uinfo->sa_va->sa_command_0.bf.scatter) { 533 crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo, 534 req->cryptlen, req->dst); 535 } else { 536 dst = pd_uinfo->dest_va; 537 addr = dma_map_page(dev->core_dev->device, sg_page(dst), 538 dst->offset, dst->length, DMA_FROM_DEVICE); 539 } 540 541 if (pd_uinfo->sa_va->sa_command_0.bf.save_iv == SA_SAVE_IV) { 542 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); 543 544 crypto4xx_memcpy_from_le32((u32 *)req->iv, 545 pd_uinfo->sr_va->save_iv, 546 crypto_skcipher_ivsize(skcipher)); 547 } 548 549 crypto4xx_ret_sg_desc(dev, pd_uinfo); 550 551 if (pd_uinfo->state & PD_ENTRY_BUSY) 552 skcipher_request_complete(req, -EINPROGRESS); 553 skcipher_request_complete(req, 0); 554 } 555 556 static void crypto4xx_ahash_done(struct crypto4xx_device *dev, 557 struct pd_uinfo *pd_uinfo) 558 { 559 struct crypto4xx_ctx *ctx; 560 struct ahash_request *ahash_req; 561 562 ahash_req = ahash_request_cast(pd_uinfo->async_req); 563 ctx = crypto_tfm_ctx(ahash_req->base.tfm); 564 565 crypto4xx_copy_digest_to_dst(ahash_req->result, pd_uinfo, 566 crypto_tfm_ctx(ahash_req->base.tfm)); 567 crypto4xx_ret_sg_desc(dev, pd_uinfo); 568 569 if (pd_uinfo->state & PD_ENTRY_BUSY) 570 ahash_request_complete(ahash_req, -EINPROGRESS); 571 ahash_request_complete(ahash_req, 0); 572 } 573 574 static void crypto4xx_aead_done(struct crypto4xx_device *dev, 575 struct pd_uinfo *pd_uinfo, 576 struct ce_pd *pd) 577 { 578 struct aead_request *aead_req = container_of(pd_uinfo->async_req, 579 struct aead_request, base); 580 struct scatterlist *dst = pd_uinfo->dest_va; 581 size_t cp_len = crypto_aead_authsize( 582 crypto_aead_reqtfm(aead_req)); 583 u32 icv[AES_BLOCK_SIZE]; 584 int err = 0; 585 586 if (pd_uinfo->sa_va->sa_command_0.bf.scatter) { 587 crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo, 588 pd->pd_ctl_len.bf.pkt_len, 589 dst); 590 } else { 591 dma_unmap_page(dev->core_dev->device, pd->dest, dst->length, 592 DMA_FROM_DEVICE); 593 } 594 595 if (pd_uinfo->sa_va->sa_command_0.bf.dir == DIR_OUTBOUND) { 596 /* append icv at the end */ 597 crypto4xx_memcpy_from_le32(icv, pd_uinfo->sr_va->save_digest, 598 sizeof(icv)); 599 600 scatterwalk_map_and_copy(icv, dst, aead_req->cryptlen, 601 cp_len, 1); 602 } else { 603 /* check icv at the end */ 604 scatterwalk_map_and_copy(icv, aead_req->src, 605 aead_req->assoclen + aead_req->cryptlen - 606 cp_len, cp_len, 0); 607 608 crypto4xx_memcpy_from_le32(icv, icv, sizeof(icv)); 609 610 if (crypto_memneq(icv, pd_uinfo->sr_va->save_digest, cp_len)) 611 err = -EBADMSG; 612 } 613 614 crypto4xx_ret_sg_desc(dev, pd_uinfo); 615 616 if (pd->pd_ctl.bf.status & 0xff) { 617 if (!__ratelimit(&dev->aead_ratelimit)) { 618 if (pd->pd_ctl.bf.status & 2) 619 pr_err("pad fail error\n"); 620 if (pd->pd_ctl.bf.status & 4) 621 pr_err("seqnum fail\n"); 622 if (pd->pd_ctl.bf.status & 8) 623 pr_err("error _notify\n"); 624 pr_err("aead return err status = 0x%02x\n", 625 pd->pd_ctl.bf.status & 0xff); 626 pr_err("pd pad_ctl = 0x%08x\n", 627 pd->pd_ctl.bf.pd_pad_ctl); 628 } 629 err = -EINVAL; 630 } 631 632 if (pd_uinfo->state & PD_ENTRY_BUSY) 633 aead_request_complete(aead_req, -EINPROGRESS); 634 635 aead_request_complete(aead_req, err); 636 } 637 638 static void crypto4xx_pd_done(struct crypto4xx_device *dev, u32 idx) 639 { 640 struct ce_pd *pd = &dev->pdr[idx]; 641 struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[idx]; 642 643 switch (crypto_tfm_alg_type(pd_uinfo->async_req->tfm)) { 644 case CRYPTO_ALG_TYPE_SKCIPHER: 645 crypto4xx_cipher_done(dev, pd_uinfo, pd); 646 break; 647 case CRYPTO_ALG_TYPE_AEAD: 648 crypto4xx_aead_done(dev, pd_uinfo, pd); 649 break; 650 case CRYPTO_ALG_TYPE_AHASH: 651 crypto4xx_ahash_done(dev, pd_uinfo); 652 break; 653 } 654 } 655 656 static void crypto4xx_stop_all(struct crypto4xx_core_device *core_dev) 657 { 658 crypto4xx_destroy_pdr(core_dev->dev); 659 crypto4xx_destroy_gdr(core_dev->dev); 660 crypto4xx_destroy_sdr(core_dev->dev); 661 iounmap(core_dev->dev->ce_base); 662 kfree(core_dev->dev); 663 kfree(core_dev); 664 } 665 666 static u32 get_next_gd(u32 current) 667 { 668 if (current != PPC4XX_LAST_GD) 669 return current + 1; 670 else 671 return 0; 672 } 673 674 static u32 get_next_sd(u32 current) 675 { 676 if (current != PPC4XX_LAST_SD) 677 return current + 1; 678 else 679 return 0; 680 } 681 682 int crypto4xx_build_pd(struct crypto_async_request *req, 683 struct crypto4xx_ctx *ctx, 684 struct scatterlist *src, 685 struct scatterlist *dst, 686 const unsigned int datalen, 687 const __le32 *iv, const u32 iv_len, 688 const struct dynamic_sa_ctl *req_sa, 689 const unsigned int sa_len, 690 const unsigned int assoclen, 691 struct scatterlist *_dst) 692 { 693 struct crypto4xx_device *dev = ctx->dev; 694 struct dynamic_sa_ctl *sa; 695 struct ce_gd *gd; 696 struct ce_pd *pd; 697 u32 num_gd, num_sd; 698 u32 fst_gd = 0xffffffff; 699 u32 fst_sd = 0xffffffff; 700 u32 pd_entry; 701 unsigned long flags; 702 struct pd_uinfo *pd_uinfo; 703 unsigned int nbytes = datalen; 704 size_t offset_to_sr_ptr; 705 u32 gd_idx = 0; 706 int tmp; 707 bool is_busy, force_sd; 708 709 /* 710 * There's a very subtile/disguised "bug" in the hardware that 711 * gets indirectly mentioned in 18.1.3.5 Encryption/Decryption 712 * of the hardware spec: 713 * *drum roll* the AES/(T)DES OFB and CFB modes are listed as 714 * operation modes for >>> "Block ciphers" <<<. 715 * 716 * To workaround this issue and stop the hardware from causing 717 * "overran dst buffer" on crypttexts that are not a multiple 718 * of 16 (AES_BLOCK_SIZE), we force the driver to use the 719 * scatter buffers. 720 */ 721 force_sd = (req_sa->sa_command_1.bf.crypto_mode9_8 == CRYPTO_MODE_CFB 722 || req_sa->sa_command_1.bf.crypto_mode9_8 == CRYPTO_MODE_OFB) 723 && (datalen % AES_BLOCK_SIZE); 724 725 /* figure how many gd are needed */ 726 tmp = sg_nents_for_len(src, assoclen + datalen); 727 if (tmp < 0) { 728 dev_err(dev->core_dev->device, "Invalid number of src SG.\n"); 729 return tmp; 730 } 731 if (tmp == 1) 732 tmp = 0; 733 num_gd = tmp; 734 735 if (assoclen) { 736 nbytes += assoclen; 737 dst = scatterwalk_ffwd(_dst, dst, assoclen); 738 } 739 740 /* figure how many sd are needed */ 741 if (sg_is_last(dst) && force_sd == false) { 742 num_sd = 0; 743 } else { 744 if (datalen > PPC4XX_SD_BUFFER_SIZE) { 745 num_sd = datalen / PPC4XX_SD_BUFFER_SIZE; 746 if (datalen % PPC4XX_SD_BUFFER_SIZE) 747 num_sd++; 748 } else { 749 num_sd = 1; 750 } 751 } 752 753 /* 754 * The follow section of code needs to be protected 755 * The gather ring and scatter ring needs to be consecutive 756 * In case of run out of any kind of descriptor, the descriptor 757 * already got must be return the original place. 758 */ 759 spin_lock_irqsave(&dev->core_dev->lock, flags); 760 /* 761 * Let the caller know to slow down, once more than 13/16ths = 81% 762 * of the available data contexts are being used simultaneously. 763 * 764 * With PPC4XX_NUM_PD = 256, this will leave a "backlog queue" for 765 * 31 more contexts. Before new requests have to be rejected. 766 */ 767 if (req->flags & CRYPTO_TFM_REQ_MAY_BACKLOG) { 768 is_busy = ((dev->pdr_head - dev->pdr_tail) % PPC4XX_NUM_PD) >= 769 ((PPC4XX_NUM_PD * 13) / 16); 770 } else { 771 /* 772 * To fix contention issues between ipsec (no blacklog) and 773 * dm-crypto (backlog) reserve 32 entries for "no backlog" 774 * data contexts. 775 */ 776 is_busy = ((dev->pdr_head - dev->pdr_tail) % PPC4XX_NUM_PD) >= 777 ((PPC4XX_NUM_PD * 15) / 16); 778 779 if (is_busy) { 780 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 781 return -EBUSY; 782 } 783 } 784 785 if (num_gd) { 786 fst_gd = crypto4xx_get_n_gd(dev, num_gd); 787 if (fst_gd == ERING_WAS_FULL) { 788 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 789 return -EAGAIN; 790 } 791 } 792 if (num_sd) { 793 fst_sd = crypto4xx_get_n_sd(dev, num_sd); 794 if (fst_sd == ERING_WAS_FULL) { 795 if (num_gd) 796 dev->gdr_head = fst_gd; 797 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 798 return -EAGAIN; 799 } 800 } 801 pd_entry = crypto4xx_get_pd_from_pdr_nolock(dev); 802 if (pd_entry == ERING_WAS_FULL) { 803 if (num_gd) 804 dev->gdr_head = fst_gd; 805 if (num_sd) 806 dev->sdr_head = fst_sd; 807 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 808 return -EAGAIN; 809 } 810 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 811 812 pd = &dev->pdr[pd_entry]; 813 pd->sa_len = sa_len; 814 815 pd_uinfo = &dev->pdr_uinfo[pd_entry]; 816 pd_uinfo->num_gd = num_gd; 817 pd_uinfo->num_sd = num_sd; 818 pd_uinfo->dest_va = dst; 819 pd_uinfo->async_req = req; 820 821 if (iv_len) 822 memcpy(pd_uinfo->sr_va->save_iv, iv, iv_len); 823 824 sa = pd_uinfo->sa_va; 825 memcpy(sa, req_sa, sa_len * 4); 826 827 sa->sa_command_1.bf.hash_crypto_offset = (assoclen >> 2); 828 offset_to_sr_ptr = get_dynamic_sa_offset_state_ptr_field(sa); 829 *(u32 *)((unsigned long)sa + offset_to_sr_ptr) = pd_uinfo->sr_pa; 830 831 if (num_gd) { 832 dma_addr_t gd_dma; 833 struct scatterlist *sg; 834 835 /* get first gd we are going to use */ 836 gd_idx = fst_gd; 837 pd_uinfo->first_gd = fst_gd; 838 gd = crypto4xx_get_gdp(dev, &gd_dma, gd_idx); 839 pd->src = gd_dma; 840 /* enable gather */ 841 sa->sa_command_0.bf.gather = 1; 842 /* walk the sg, and setup gather array */ 843 844 sg = src; 845 while (nbytes) { 846 size_t len; 847 848 len = min(sg->length, nbytes); 849 gd->ptr = dma_map_page(dev->core_dev->device, 850 sg_page(sg), sg->offset, len, DMA_TO_DEVICE); 851 gd->ctl_len.len = len; 852 gd->ctl_len.done = 0; 853 gd->ctl_len.ready = 1; 854 if (len >= nbytes) 855 break; 856 857 nbytes -= sg->length; 858 gd_idx = get_next_gd(gd_idx); 859 gd = crypto4xx_get_gdp(dev, &gd_dma, gd_idx); 860 sg = sg_next(sg); 861 } 862 } else { 863 pd->src = (u32)dma_map_page(dev->core_dev->device, sg_page(src), 864 src->offset, min(nbytes, src->length), 865 DMA_TO_DEVICE); 866 /* 867 * Disable gather in sa command 868 */ 869 sa->sa_command_0.bf.gather = 0; 870 /* 871 * Indicate gather array is not used 872 */ 873 pd_uinfo->first_gd = 0xffffffff; 874 } 875 if (!num_sd) { 876 /* 877 * we know application give us dst a whole piece of memory 878 * no need to use scatter ring. 879 */ 880 pd_uinfo->first_sd = 0xffffffff; 881 sa->sa_command_0.bf.scatter = 0; 882 pd->dest = (u32)dma_map_page(dev->core_dev->device, 883 sg_page(dst), dst->offset, 884 min(datalen, dst->length), 885 DMA_TO_DEVICE); 886 } else { 887 dma_addr_t sd_dma; 888 struct ce_sd *sd = NULL; 889 890 u32 sd_idx = fst_sd; 891 nbytes = datalen; 892 sa->sa_command_0.bf.scatter = 1; 893 pd_uinfo->first_sd = fst_sd; 894 sd = crypto4xx_get_sdp(dev, &sd_dma, sd_idx); 895 pd->dest = sd_dma; 896 /* setup scatter descriptor */ 897 sd->ctl.done = 0; 898 sd->ctl.rdy = 1; 899 /* sd->ptr should be setup by sd_init routine*/ 900 if (nbytes >= PPC4XX_SD_BUFFER_SIZE) 901 nbytes -= PPC4XX_SD_BUFFER_SIZE; 902 else 903 nbytes = 0; 904 while (nbytes) { 905 sd_idx = get_next_sd(sd_idx); 906 sd = crypto4xx_get_sdp(dev, &sd_dma, sd_idx); 907 /* setup scatter descriptor */ 908 sd->ctl.done = 0; 909 sd->ctl.rdy = 1; 910 if (nbytes >= PPC4XX_SD_BUFFER_SIZE) { 911 nbytes -= PPC4XX_SD_BUFFER_SIZE; 912 } else { 913 /* 914 * SD entry can hold PPC4XX_SD_BUFFER_SIZE, 915 * which is more than nbytes, so done. 916 */ 917 nbytes = 0; 918 } 919 } 920 } 921 922 pd->pd_ctl.w = PD_CTL_HOST_READY | 923 ((crypto_tfm_alg_type(req->tfm) == CRYPTO_ALG_TYPE_AHASH) | 924 (crypto_tfm_alg_type(req->tfm) == CRYPTO_ALG_TYPE_AEAD) ? 925 PD_CTL_HASH_FINAL : 0); 926 pd->pd_ctl_len.w = 0x00400000 | (assoclen + datalen); 927 pd_uinfo->state = PD_ENTRY_INUSE | (is_busy ? PD_ENTRY_BUSY : 0); 928 929 wmb(); 930 /* write any value to push engine to read a pd */ 931 writel(0, dev->ce_base + CRYPTO4XX_INT_DESCR_RD); 932 writel(1, dev->ce_base + CRYPTO4XX_INT_DESCR_RD); 933 return is_busy ? -EBUSY : -EINPROGRESS; 934 } 935 936 /** 937 * Algorithm Registration Functions 938 */ 939 static void crypto4xx_ctx_init(struct crypto4xx_alg *amcc_alg, 940 struct crypto4xx_ctx *ctx) 941 { 942 ctx->dev = amcc_alg->dev; 943 ctx->sa_in = NULL; 944 ctx->sa_out = NULL; 945 ctx->sa_len = 0; 946 } 947 948 static int crypto4xx_sk_init(struct crypto_skcipher *sk) 949 { 950 struct skcipher_alg *alg = crypto_skcipher_alg(sk); 951 struct crypto4xx_alg *amcc_alg; 952 struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(sk); 953 954 if (alg->base.cra_flags & CRYPTO_ALG_NEED_FALLBACK) { 955 ctx->sw_cipher.cipher = 956 crypto_alloc_sync_skcipher(alg->base.cra_name, 0, 957 CRYPTO_ALG_NEED_FALLBACK); 958 if (IS_ERR(ctx->sw_cipher.cipher)) 959 return PTR_ERR(ctx->sw_cipher.cipher); 960 } 961 962 amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.cipher); 963 crypto4xx_ctx_init(amcc_alg, ctx); 964 return 0; 965 } 966 967 static void crypto4xx_common_exit(struct crypto4xx_ctx *ctx) 968 { 969 crypto4xx_free_sa(ctx); 970 } 971 972 static void crypto4xx_sk_exit(struct crypto_skcipher *sk) 973 { 974 struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(sk); 975 976 crypto4xx_common_exit(ctx); 977 if (ctx->sw_cipher.cipher) 978 crypto_free_sync_skcipher(ctx->sw_cipher.cipher); 979 } 980 981 static int crypto4xx_aead_init(struct crypto_aead *tfm) 982 { 983 struct aead_alg *alg = crypto_aead_alg(tfm); 984 struct crypto4xx_ctx *ctx = crypto_aead_ctx(tfm); 985 struct crypto4xx_alg *amcc_alg; 986 987 ctx->sw_cipher.aead = crypto_alloc_aead(alg->base.cra_name, 0, 988 CRYPTO_ALG_NEED_FALLBACK | 989 CRYPTO_ALG_ASYNC); 990 if (IS_ERR(ctx->sw_cipher.aead)) 991 return PTR_ERR(ctx->sw_cipher.aead); 992 993 amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.aead); 994 crypto4xx_ctx_init(amcc_alg, ctx); 995 crypto_aead_set_reqsize(tfm, max(sizeof(struct aead_request) + 32 + 996 crypto_aead_reqsize(ctx->sw_cipher.aead), 997 sizeof(struct crypto4xx_aead_reqctx))); 998 return 0; 999 } 1000 1001 static void crypto4xx_aead_exit(struct crypto_aead *tfm) 1002 { 1003 struct crypto4xx_ctx *ctx = crypto_aead_ctx(tfm); 1004 1005 crypto4xx_common_exit(ctx); 1006 crypto_free_aead(ctx->sw_cipher.aead); 1007 } 1008 1009 static int crypto4xx_register_alg(struct crypto4xx_device *sec_dev, 1010 struct crypto4xx_alg_common *crypto_alg, 1011 int array_size) 1012 { 1013 struct crypto4xx_alg *alg; 1014 int i; 1015 int rc = 0; 1016 1017 for (i = 0; i < array_size; i++) { 1018 alg = kzalloc(sizeof(struct crypto4xx_alg), GFP_KERNEL); 1019 if (!alg) 1020 return -ENOMEM; 1021 1022 alg->alg = crypto_alg[i]; 1023 alg->dev = sec_dev; 1024 1025 switch (alg->alg.type) { 1026 case CRYPTO_ALG_TYPE_AEAD: 1027 rc = crypto_register_aead(&alg->alg.u.aead); 1028 break; 1029 1030 case CRYPTO_ALG_TYPE_AHASH: 1031 rc = crypto_register_ahash(&alg->alg.u.hash); 1032 break; 1033 1034 case CRYPTO_ALG_TYPE_RNG: 1035 rc = crypto_register_rng(&alg->alg.u.rng); 1036 break; 1037 1038 default: 1039 rc = crypto_register_skcipher(&alg->alg.u.cipher); 1040 break; 1041 } 1042 1043 if (rc) 1044 kfree(alg); 1045 else 1046 list_add_tail(&alg->entry, &sec_dev->alg_list); 1047 } 1048 1049 return 0; 1050 } 1051 1052 static void crypto4xx_unregister_alg(struct crypto4xx_device *sec_dev) 1053 { 1054 struct crypto4xx_alg *alg, *tmp; 1055 1056 list_for_each_entry_safe(alg, tmp, &sec_dev->alg_list, entry) { 1057 list_del(&alg->entry); 1058 switch (alg->alg.type) { 1059 case CRYPTO_ALG_TYPE_AHASH: 1060 crypto_unregister_ahash(&alg->alg.u.hash); 1061 break; 1062 1063 case CRYPTO_ALG_TYPE_AEAD: 1064 crypto_unregister_aead(&alg->alg.u.aead); 1065 break; 1066 1067 case CRYPTO_ALG_TYPE_RNG: 1068 crypto_unregister_rng(&alg->alg.u.rng); 1069 break; 1070 1071 default: 1072 crypto_unregister_skcipher(&alg->alg.u.cipher); 1073 } 1074 kfree(alg); 1075 } 1076 } 1077 1078 static void crypto4xx_bh_tasklet_cb(unsigned long data) 1079 { 1080 struct device *dev = (struct device *)data; 1081 struct crypto4xx_core_device *core_dev = dev_get_drvdata(dev); 1082 struct pd_uinfo *pd_uinfo; 1083 struct ce_pd *pd; 1084 u32 tail = core_dev->dev->pdr_tail; 1085 u32 head = core_dev->dev->pdr_head; 1086 1087 do { 1088 pd_uinfo = &core_dev->dev->pdr_uinfo[tail]; 1089 pd = &core_dev->dev->pdr[tail]; 1090 if ((pd_uinfo->state & PD_ENTRY_INUSE) && 1091 ((READ_ONCE(pd->pd_ctl.w) & 1092 (PD_CTL_PE_DONE | PD_CTL_HOST_READY)) == 1093 PD_CTL_PE_DONE)) { 1094 crypto4xx_pd_done(core_dev->dev, tail); 1095 tail = crypto4xx_put_pd_to_pdr(core_dev->dev, tail); 1096 } else { 1097 /* if tail not done, break */ 1098 break; 1099 } 1100 } while (head != tail); 1101 } 1102 1103 /** 1104 * Top Half of isr. 1105 */ 1106 static inline irqreturn_t crypto4xx_interrupt_handler(int irq, void *data, 1107 u32 clr_val) 1108 { 1109 struct device *dev = (struct device *)data; 1110 struct crypto4xx_core_device *core_dev = dev_get_drvdata(dev); 1111 1112 writel(clr_val, core_dev->dev->ce_base + CRYPTO4XX_INT_CLR); 1113 tasklet_schedule(&core_dev->tasklet); 1114 1115 return IRQ_HANDLED; 1116 } 1117 1118 static irqreturn_t crypto4xx_ce_interrupt_handler(int irq, void *data) 1119 { 1120 return crypto4xx_interrupt_handler(irq, data, PPC4XX_INTERRUPT_CLR); 1121 } 1122 1123 static irqreturn_t crypto4xx_ce_interrupt_handler_revb(int irq, void *data) 1124 { 1125 return crypto4xx_interrupt_handler(irq, data, PPC4XX_INTERRUPT_CLR | 1126 PPC4XX_TMO_ERR_INT); 1127 } 1128 1129 static int ppc4xx_prng_data_read(struct crypto4xx_device *dev, 1130 u8 *data, unsigned int max) 1131 { 1132 unsigned int i, curr = 0; 1133 u32 val[2]; 1134 1135 do { 1136 /* trigger PRN generation */ 1137 writel(PPC4XX_PRNG_CTRL_AUTO_EN, 1138 dev->ce_base + CRYPTO4XX_PRNG_CTRL); 1139 1140 for (i = 0; i < 1024; i++) { 1141 /* usually 19 iterations are enough */ 1142 if ((readl(dev->ce_base + CRYPTO4XX_PRNG_STAT) & 1143 CRYPTO4XX_PRNG_STAT_BUSY)) 1144 continue; 1145 1146 val[0] = readl_be(dev->ce_base + CRYPTO4XX_PRNG_RES_0); 1147 val[1] = readl_be(dev->ce_base + CRYPTO4XX_PRNG_RES_1); 1148 break; 1149 } 1150 if (i == 1024) 1151 return -ETIMEDOUT; 1152 1153 if ((max - curr) >= 8) { 1154 memcpy(data, &val, 8); 1155 data += 8; 1156 curr += 8; 1157 } else { 1158 /* copy only remaining bytes */ 1159 memcpy(data, &val, max - curr); 1160 break; 1161 } 1162 } while (curr < max); 1163 1164 return curr; 1165 } 1166 1167 static int crypto4xx_prng_generate(struct crypto_rng *tfm, 1168 const u8 *src, unsigned int slen, 1169 u8 *dstn, unsigned int dlen) 1170 { 1171 struct rng_alg *alg = crypto_rng_alg(tfm); 1172 struct crypto4xx_alg *amcc_alg; 1173 struct crypto4xx_device *dev; 1174 int ret; 1175 1176 amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.rng); 1177 dev = amcc_alg->dev; 1178 1179 mutex_lock(&dev->core_dev->rng_lock); 1180 ret = ppc4xx_prng_data_read(dev, dstn, dlen); 1181 mutex_unlock(&dev->core_dev->rng_lock); 1182 return ret; 1183 } 1184 1185 1186 static int crypto4xx_prng_seed(struct crypto_rng *tfm, const u8 *seed, 1187 unsigned int slen) 1188 { 1189 return 0; 1190 } 1191 1192 /** 1193 * Supported Crypto Algorithms 1194 */ 1195 static struct crypto4xx_alg_common crypto4xx_alg[] = { 1196 /* Crypto AES modes */ 1197 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1198 .base = { 1199 .cra_name = "cbc(aes)", 1200 .cra_driver_name = "cbc-aes-ppc4xx", 1201 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1202 .cra_flags = CRYPTO_ALG_ASYNC | 1203 CRYPTO_ALG_KERN_DRIVER_ONLY, 1204 .cra_blocksize = AES_BLOCK_SIZE, 1205 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1206 .cra_module = THIS_MODULE, 1207 }, 1208 .min_keysize = AES_MIN_KEY_SIZE, 1209 .max_keysize = AES_MAX_KEY_SIZE, 1210 .ivsize = AES_IV_SIZE, 1211 .setkey = crypto4xx_setkey_aes_cbc, 1212 .encrypt = crypto4xx_encrypt_iv_block, 1213 .decrypt = crypto4xx_decrypt_iv_block, 1214 .init = crypto4xx_sk_init, 1215 .exit = crypto4xx_sk_exit, 1216 } }, 1217 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1218 .base = { 1219 .cra_name = "cfb(aes)", 1220 .cra_driver_name = "cfb-aes-ppc4xx", 1221 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1222 .cra_flags = CRYPTO_ALG_ASYNC | 1223 CRYPTO_ALG_KERN_DRIVER_ONLY, 1224 .cra_blocksize = 1, 1225 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1226 .cra_module = THIS_MODULE, 1227 }, 1228 .min_keysize = AES_MIN_KEY_SIZE, 1229 .max_keysize = AES_MAX_KEY_SIZE, 1230 .ivsize = AES_IV_SIZE, 1231 .setkey = crypto4xx_setkey_aes_cfb, 1232 .encrypt = crypto4xx_encrypt_iv_stream, 1233 .decrypt = crypto4xx_decrypt_iv_stream, 1234 .init = crypto4xx_sk_init, 1235 .exit = crypto4xx_sk_exit, 1236 } }, 1237 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1238 .base = { 1239 .cra_name = "ctr(aes)", 1240 .cra_driver_name = "ctr-aes-ppc4xx", 1241 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1242 .cra_flags = CRYPTO_ALG_NEED_FALLBACK | 1243 CRYPTO_ALG_ASYNC | 1244 CRYPTO_ALG_KERN_DRIVER_ONLY, 1245 .cra_blocksize = 1, 1246 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1247 .cra_module = THIS_MODULE, 1248 }, 1249 .min_keysize = AES_MIN_KEY_SIZE, 1250 .max_keysize = AES_MAX_KEY_SIZE, 1251 .ivsize = AES_IV_SIZE, 1252 .setkey = crypto4xx_setkey_aes_ctr, 1253 .encrypt = crypto4xx_encrypt_ctr, 1254 .decrypt = crypto4xx_decrypt_ctr, 1255 .init = crypto4xx_sk_init, 1256 .exit = crypto4xx_sk_exit, 1257 } }, 1258 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1259 .base = { 1260 .cra_name = "rfc3686(ctr(aes))", 1261 .cra_driver_name = "rfc3686-ctr-aes-ppc4xx", 1262 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1263 .cra_flags = CRYPTO_ALG_ASYNC | 1264 CRYPTO_ALG_KERN_DRIVER_ONLY, 1265 .cra_blocksize = 1, 1266 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1267 .cra_module = THIS_MODULE, 1268 }, 1269 .min_keysize = AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, 1270 .max_keysize = AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, 1271 .ivsize = CTR_RFC3686_IV_SIZE, 1272 .setkey = crypto4xx_setkey_rfc3686, 1273 .encrypt = crypto4xx_rfc3686_encrypt, 1274 .decrypt = crypto4xx_rfc3686_decrypt, 1275 .init = crypto4xx_sk_init, 1276 .exit = crypto4xx_sk_exit, 1277 } }, 1278 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1279 .base = { 1280 .cra_name = "ecb(aes)", 1281 .cra_driver_name = "ecb-aes-ppc4xx", 1282 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1283 .cra_flags = CRYPTO_ALG_ASYNC | 1284 CRYPTO_ALG_KERN_DRIVER_ONLY, 1285 .cra_blocksize = AES_BLOCK_SIZE, 1286 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1287 .cra_module = THIS_MODULE, 1288 }, 1289 .min_keysize = AES_MIN_KEY_SIZE, 1290 .max_keysize = AES_MAX_KEY_SIZE, 1291 .setkey = crypto4xx_setkey_aes_ecb, 1292 .encrypt = crypto4xx_encrypt_noiv_block, 1293 .decrypt = crypto4xx_decrypt_noiv_block, 1294 .init = crypto4xx_sk_init, 1295 .exit = crypto4xx_sk_exit, 1296 } }, 1297 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1298 .base = { 1299 .cra_name = "ofb(aes)", 1300 .cra_driver_name = "ofb-aes-ppc4xx", 1301 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1302 .cra_flags = CRYPTO_ALG_ASYNC | 1303 CRYPTO_ALG_KERN_DRIVER_ONLY, 1304 .cra_blocksize = 1, 1305 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1306 .cra_module = THIS_MODULE, 1307 }, 1308 .min_keysize = AES_MIN_KEY_SIZE, 1309 .max_keysize = AES_MAX_KEY_SIZE, 1310 .ivsize = AES_IV_SIZE, 1311 .setkey = crypto4xx_setkey_aes_ofb, 1312 .encrypt = crypto4xx_encrypt_iv_stream, 1313 .decrypt = crypto4xx_decrypt_iv_stream, 1314 .init = crypto4xx_sk_init, 1315 .exit = crypto4xx_sk_exit, 1316 } }, 1317 1318 /* AEAD */ 1319 { .type = CRYPTO_ALG_TYPE_AEAD, .u.aead = { 1320 .setkey = crypto4xx_setkey_aes_ccm, 1321 .setauthsize = crypto4xx_setauthsize_aead, 1322 .encrypt = crypto4xx_encrypt_aes_ccm, 1323 .decrypt = crypto4xx_decrypt_aes_ccm, 1324 .init = crypto4xx_aead_init, 1325 .exit = crypto4xx_aead_exit, 1326 .ivsize = AES_BLOCK_SIZE, 1327 .maxauthsize = 16, 1328 .base = { 1329 .cra_name = "ccm(aes)", 1330 .cra_driver_name = "ccm-aes-ppc4xx", 1331 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1332 .cra_flags = CRYPTO_ALG_ASYNC | 1333 CRYPTO_ALG_NEED_FALLBACK | 1334 CRYPTO_ALG_KERN_DRIVER_ONLY, 1335 .cra_blocksize = 1, 1336 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1337 .cra_module = THIS_MODULE, 1338 }, 1339 } }, 1340 { .type = CRYPTO_ALG_TYPE_AEAD, .u.aead = { 1341 .setkey = crypto4xx_setkey_aes_gcm, 1342 .setauthsize = crypto4xx_setauthsize_aead, 1343 .encrypt = crypto4xx_encrypt_aes_gcm, 1344 .decrypt = crypto4xx_decrypt_aes_gcm, 1345 .init = crypto4xx_aead_init, 1346 .exit = crypto4xx_aead_exit, 1347 .ivsize = GCM_AES_IV_SIZE, 1348 .maxauthsize = 16, 1349 .base = { 1350 .cra_name = "gcm(aes)", 1351 .cra_driver_name = "gcm-aes-ppc4xx", 1352 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1353 .cra_flags = CRYPTO_ALG_ASYNC | 1354 CRYPTO_ALG_NEED_FALLBACK | 1355 CRYPTO_ALG_KERN_DRIVER_ONLY, 1356 .cra_blocksize = 1, 1357 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1358 .cra_module = THIS_MODULE, 1359 }, 1360 } }, 1361 { .type = CRYPTO_ALG_TYPE_RNG, .u.rng = { 1362 .base = { 1363 .cra_name = "stdrng", 1364 .cra_driver_name = "crypto4xx_rng", 1365 .cra_priority = 300, 1366 .cra_ctxsize = 0, 1367 .cra_module = THIS_MODULE, 1368 }, 1369 .generate = crypto4xx_prng_generate, 1370 .seed = crypto4xx_prng_seed, 1371 .seedsize = 0, 1372 } }, 1373 }; 1374 1375 /** 1376 * Module Initialization Routine 1377 */ 1378 static int crypto4xx_probe(struct platform_device *ofdev) 1379 { 1380 int rc; 1381 struct resource res; 1382 struct device *dev = &ofdev->dev; 1383 struct crypto4xx_core_device *core_dev; 1384 u32 pvr; 1385 bool is_revb = true; 1386 1387 rc = of_address_to_resource(ofdev->dev.of_node, 0, &res); 1388 if (rc) 1389 return -ENODEV; 1390 1391 if (of_find_compatible_node(NULL, NULL, "amcc,ppc460ex-crypto")) { 1392 mtdcri(SDR0, PPC460EX_SDR0_SRST, 1393 mfdcri(SDR0, PPC460EX_SDR0_SRST) | PPC460EX_CE_RESET); 1394 mtdcri(SDR0, PPC460EX_SDR0_SRST, 1395 mfdcri(SDR0, PPC460EX_SDR0_SRST) & ~PPC460EX_CE_RESET); 1396 } else if (of_find_compatible_node(NULL, NULL, 1397 "amcc,ppc405ex-crypto")) { 1398 mtdcri(SDR0, PPC405EX_SDR0_SRST, 1399 mfdcri(SDR0, PPC405EX_SDR0_SRST) | PPC405EX_CE_RESET); 1400 mtdcri(SDR0, PPC405EX_SDR0_SRST, 1401 mfdcri(SDR0, PPC405EX_SDR0_SRST) & ~PPC405EX_CE_RESET); 1402 is_revb = false; 1403 } else if (of_find_compatible_node(NULL, NULL, 1404 "amcc,ppc460sx-crypto")) { 1405 mtdcri(SDR0, PPC460SX_SDR0_SRST, 1406 mfdcri(SDR0, PPC460SX_SDR0_SRST) | PPC460SX_CE_RESET); 1407 mtdcri(SDR0, PPC460SX_SDR0_SRST, 1408 mfdcri(SDR0, PPC460SX_SDR0_SRST) & ~PPC460SX_CE_RESET); 1409 } else { 1410 printk(KERN_ERR "Crypto Function Not supported!\n"); 1411 return -EINVAL; 1412 } 1413 1414 core_dev = kzalloc(sizeof(struct crypto4xx_core_device), GFP_KERNEL); 1415 if (!core_dev) 1416 return -ENOMEM; 1417 1418 dev_set_drvdata(dev, core_dev); 1419 core_dev->ofdev = ofdev; 1420 core_dev->dev = kzalloc(sizeof(struct crypto4xx_device), GFP_KERNEL); 1421 rc = -ENOMEM; 1422 if (!core_dev->dev) 1423 goto err_alloc_dev; 1424 1425 /* 1426 * Older version of 460EX/GT have a hardware bug. 1427 * Hence they do not support H/W based security intr coalescing 1428 */ 1429 pvr = mfspr(SPRN_PVR); 1430 if (is_revb && ((pvr >> 4) == 0x130218A)) { 1431 u32 min = PVR_MIN(pvr); 1432 1433 if (min < 4) { 1434 dev_info(dev, "RevA detected - disable interrupt coalescing\n"); 1435 is_revb = false; 1436 } 1437 } 1438 1439 core_dev->dev->core_dev = core_dev; 1440 core_dev->dev->is_revb = is_revb; 1441 core_dev->device = dev; 1442 mutex_init(&core_dev->rng_lock); 1443 spin_lock_init(&core_dev->lock); 1444 INIT_LIST_HEAD(&core_dev->dev->alg_list); 1445 ratelimit_default_init(&core_dev->dev->aead_ratelimit); 1446 rc = crypto4xx_build_pdr(core_dev->dev); 1447 if (rc) 1448 goto err_build_pdr; 1449 1450 rc = crypto4xx_build_gdr(core_dev->dev); 1451 if (rc) 1452 goto err_build_pdr; 1453 1454 rc = crypto4xx_build_sdr(core_dev->dev); 1455 if (rc) 1456 goto err_build_sdr; 1457 1458 /* Init tasklet for bottom half processing */ 1459 tasklet_init(&core_dev->tasklet, crypto4xx_bh_tasklet_cb, 1460 (unsigned long) dev); 1461 1462 core_dev->dev->ce_base = of_iomap(ofdev->dev.of_node, 0); 1463 if (!core_dev->dev->ce_base) { 1464 dev_err(dev, "failed to of_iomap\n"); 1465 rc = -ENOMEM; 1466 goto err_iomap; 1467 } 1468 1469 /* Register for Crypto isr, Crypto Engine IRQ */ 1470 core_dev->irq = irq_of_parse_and_map(ofdev->dev.of_node, 0); 1471 rc = request_irq(core_dev->irq, is_revb ? 1472 crypto4xx_ce_interrupt_handler_revb : 1473 crypto4xx_ce_interrupt_handler, 0, 1474 KBUILD_MODNAME, dev); 1475 if (rc) 1476 goto err_request_irq; 1477 1478 /* need to setup pdr, rdr, gdr and sdr before this */ 1479 crypto4xx_hw_init(core_dev->dev); 1480 1481 /* Register security algorithms with Linux CryptoAPI */ 1482 rc = crypto4xx_register_alg(core_dev->dev, crypto4xx_alg, 1483 ARRAY_SIZE(crypto4xx_alg)); 1484 if (rc) 1485 goto err_start_dev; 1486 1487 ppc4xx_trng_probe(core_dev); 1488 return 0; 1489 1490 err_start_dev: 1491 free_irq(core_dev->irq, dev); 1492 err_request_irq: 1493 irq_dispose_mapping(core_dev->irq); 1494 iounmap(core_dev->dev->ce_base); 1495 err_iomap: 1496 tasklet_kill(&core_dev->tasklet); 1497 err_build_sdr: 1498 crypto4xx_destroy_sdr(core_dev->dev); 1499 crypto4xx_destroy_gdr(core_dev->dev); 1500 err_build_pdr: 1501 crypto4xx_destroy_pdr(core_dev->dev); 1502 kfree(core_dev->dev); 1503 err_alloc_dev: 1504 kfree(core_dev); 1505 1506 return rc; 1507 } 1508 1509 static int crypto4xx_remove(struct platform_device *ofdev) 1510 { 1511 struct device *dev = &ofdev->dev; 1512 struct crypto4xx_core_device *core_dev = dev_get_drvdata(dev); 1513 1514 ppc4xx_trng_remove(core_dev); 1515 1516 free_irq(core_dev->irq, dev); 1517 irq_dispose_mapping(core_dev->irq); 1518 1519 tasklet_kill(&core_dev->tasklet); 1520 /* Un-register with Linux CryptoAPI */ 1521 crypto4xx_unregister_alg(core_dev->dev); 1522 mutex_destroy(&core_dev->rng_lock); 1523 /* Free all allocated memory */ 1524 crypto4xx_stop_all(core_dev); 1525 1526 return 0; 1527 } 1528 1529 static const struct of_device_id crypto4xx_match[] = { 1530 { .compatible = "amcc,ppc4xx-crypto",}, 1531 { }, 1532 }; 1533 MODULE_DEVICE_TABLE(of, crypto4xx_match); 1534 1535 static struct platform_driver crypto4xx_driver = { 1536 .driver = { 1537 .name = KBUILD_MODNAME, 1538 .of_match_table = crypto4xx_match, 1539 }, 1540 .probe = crypto4xx_probe, 1541 .remove = crypto4xx_remove, 1542 }; 1543 1544 module_platform_driver(crypto4xx_driver); 1545 1546 MODULE_LICENSE("GPL"); 1547 MODULE_AUTHOR("James Hsiao <jhsiao@amcc.com>"); 1548 MODULE_DESCRIPTION("Driver for AMCC PPC4xx crypto accelerator"); 1549