1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * AMD Cryptographic Coprocessor (CCP) crypto API support 4 * 5 * Copyright (C) 2013,2017 Advanced Micro Devices, Inc. 6 * 7 * Author: Tom Lendacky <thomas.lendacky@amd.com> 8 */ 9 10 #include <linux/module.h> 11 #include <linux/moduleparam.h> 12 #include <linux/kernel.h> 13 #include <linux/list.h> 14 #include <linux/ccp.h> 15 #include <linux/scatterlist.h> 16 #include <crypto/internal/hash.h> 17 #include <crypto/internal/akcipher.h> 18 19 #include "ccp-crypto.h" 20 21 MODULE_AUTHOR("Tom Lendacky <thomas.lendacky@amd.com>"); 22 MODULE_LICENSE("GPL"); 23 MODULE_VERSION("1.0.0"); 24 MODULE_DESCRIPTION("AMD Cryptographic Coprocessor crypto API support"); 25 26 static unsigned int aes_disable; 27 module_param(aes_disable, uint, 0444); 28 MODULE_PARM_DESC(aes_disable, "Disable use of AES - any non-zero value"); 29 30 static unsigned int sha_disable; 31 module_param(sha_disable, uint, 0444); 32 MODULE_PARM_DESC(sha_disable, "Disable use of SHA - any non-zero value"); 33 34 static unsigned int des3_disable; 35 module_param(des3_disable, uint, 0444); 36 MODULE_PARM_DESC(des3_disable, "Disable use of 3DES - any non-zero value"); 37 38 static unsigned int rsa_disable; 39 module_param(rsa_disable, uint, 0444); 40 MODULE_PARM_DESC(rsa_disable, "Disable use of RSA - any non-zero value"); 41 42 /* List heads for the supported algorithms */ 43 static LIST_HEAD(hash_algs); 44 static LIST_HEAD(cipher_algs); 45 static LIST_HEAD(aead_algs); 46 static LIST_HEAD(akcipher_algs); 47 48 /* For any tfm, requests for that tfm must be returned on the order 49 * received. With multiple queues available, the CCP can process more 50 * than one cmd at a time. Therefore we must maintain a cmd list to insure 51 * the proper ordering of requests on a given tfm. 52 */ 53 struct ccp_crypto_queue { 54 struct list_head cmds; 55 struct list_head *backlog; 56 unsigned int cmd_count; 57 }; 58 59 #define CCP_CRYPTO_MAX_QLEN 100 60 61 static struct ccp_crypto_queue req_queue; 62 static spinlock_t req_queue_lock; 63 64 struct ccp_crypto_cmd { 65 struct list_head entry; 66 67 struct ccp_cmd *cmd; 68 69 /* Save the crypto_tfm and crypto_async_request addresses 70 * separately to avoid any reference to a possibly invalid 71 * crypto_async_request structure after invoking the request 72 * callback 73 */ 74 struct crypto_async_request *req; 75 struct crypto_tfm *tfm; 76 77 /* Used for held command processing to determine state */ 78 int ret; 79 }; 80 81 struct ccp_crypto_cpu { 82 struct work_struct work; 83 struct completion completion; 84 struct ccp_crypto_cmd *crypto_cmd; 85 int err; 86 }; 87 88 static inline bool ccp_crypto_success(int err) 89 { 90 if (err && (err != -EINPROGRESS) && (err != -EBUSY)) 91 return false; 92 93 return true; 94 } 95 96 static struct ccp_crypto_cmd *ccp_crypto_cmd_complete( 97 struct ccp_crypto_cmd *crypto_cmd, struct ccp_crypto_cmd **backlog) 98 { 99 struct ccp_crypto_cmd *held = NULL, *tmp; 100 unsigned long flags; 101 102 *backlog = NULL; 103 104 spin_lock_irqsave(&req_queue_lock, flags); 105 106 /* Held cmds will be after the current cmd in the queue so start 107 * searching for a cmd with a matching tfm for submission. 108 */ 109 tmp = crypto_cmd; 110 list_for_each_entry_continue(tmp, &req_queue.cmds, entry) { 111 if (crypto_cmd->tfm != tmp->tfm) 112 continue; 113 held = tmp; 114 break; 115 } 116 117 /* Process the backlog: 118 * Because cmds can be executed from any point in the cmd list 119 * special precautions have to be taken when handling the backlog. 120 */ 121 if (req_queue.backlog != &req_queue.cmds) { 122 /* Skip over this cmd if it is the next backlog cmd */ 123 if (req_queue.backlog == &crypto_cmd->entry) 124 req_queue.backlog = crypto_cmd->entry.next; 125 126 *backlog = container_of(req_queue.backlog, 127 struct ccp_crypto_cmd, entry); 128 req_queue.backlog = req_queue.backlog->next; 129 130 /* Skip over this cmd if it is now the next backlog cmd */ 131 if (req_queue.backlog == &crypto_cmd->entry) 132 req_queue.backlog = crypto_cmd->entry.next; 133 } 134 135 /* Remove the cmd entry from the list of cmds */ 136 req_queue.cmd_count--; 137 list_del(&crypto_cmd->entry); 138 139 spin_unlock_irqrestore(&req_queue_lock, flags); 140 141 return held; 142 } 143 144 static void ccp_crypto_complete(void *data, int err) 145 { 146 struct ccp_crypto_cmd *crypto_cmd = data; 147 struct ccp_crypto_cmd *held, *next, *backlog; 148 struct crypto_async_request *req = crypto_cmd->req; 149 struct ccp_ctx *ctx = crypto_tfm_ctx(req->tfm); 150 int ret; 151 152 if (err == -EINPROGRESS) { 153 /* Only propagate the -EINPROGRESS if necessary */ 154 if (crypto_cmd->ret == -EBUSY) { 155 crypto_cmd->ret = -EINPROGRESS; 156 req->complete(req, -EINPROGRESS); 157 } 158 159 return; 160 } 161 162 /* Operation has completed - update the queue before invoking 163 * the completion callbacks and retrieve the next cmd (cmd with 164 * a matching tfm) that can be submitted to the CCP. 165 */ 166 held = ccp_crypto_cmd_complete(crypto_cmd, &backlog); 167 if (backlog) { 168 backlog->ret = -EINPROGRESS; 169 backlog->req->complete(backlog->req, -EINPROGRESS); 170 } 171 172 /* Transition the state from -EBUSY to -EINPROGRESS first */ 173 if (crypto_cmd->ret == -EBUSY) 174 req->complete(req, -EINPROGRESS); 175 176 /* Completion callbacks */ 177 ret = err; 178 if (ctx->complete) 179 ret = ctx->complete(req, ret); 180 req->complete(req, ret); 181 182 /* Submit the next cmd */ 183 while (held) { 184 /* Since we have already queued the cmd, we must indicate that 185 * we can backlog so as not to "lose" this request. 186 */ 187 held->cmd->flags |= CCP_CMD_MAY_BACKLOG; 188 ret = ccp_enqueue_cmd(held->cmd); 189 if (ccp_crypto_success(ret)) 190 break; 191 192 /* Error occurred, report it and get the next entry */ 193 ctx = crypto_tfm_ctx(held->req->tfm); 194 if (ctx->complete) 195 ret = ctx->complete(held->req, ret); 196 held->req->complete(held->req, ret); 197 198 next = ccp_crypto_cmd_complete(held, &backlog); 199 if (backlog) { 200 backlog->ret = -EINPROGRESS; 201 backlog->req->complete(backlog->req, -EINPROGRESS); 202 } 203 204 kfree(held); 205 held = next; 206 } 207 208 kfree(crypto_cmd); 209 } 210 211 static int ccp_crypto_enqueue_cmd(struct ccp_crypto_cmd *crypto_cmd) 212 { 213 struct ccp_crypto_cmd *active = NULL, *tmp; 214 unsigned long flags; 215 bool free_cmd = true; 216 int ret; 217 218 spin_lock_irqsave(&req_queue_lock, flags); 219 220 /* Check if the cmd can/should be queued */ 221 if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) { 222 if (!(crypto_cmd->cmd->flags & CCP_CMD_MAY_BACKLOG)) { 223 ret = -ENOSPC; 224 goto e_lock; 225 } 226 } 227 228 /* Look for an entry with the same tfm. If there is a cmd 229 * with the same tfm in the list then the current cmd cannot 230 * be submitted to the CCP yet. 231 */ 232 list_for_each_entry(tmp, &req_queue.cmds, entry) { 233 if (crypto_cmd->tfm != tmp->tfm) 234 continue; 235 active = tmp; 236 break; 237 } 238 239 ret = -EINPROGRESS; 240 if (!active) { 241 ret = ccp_enqueue_cmd(crypto_cmd->cmd); 242 if (!ccp_crypto_success(ret)) 243 goto e_lock; /* Error, don't queue it */ 244 } 245 246 if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) { 247 ret = -EBUSY; 248 if (req_queue.backlog == &req_queue.cmds) 249 req_queue.backlog = &crypto_cmd->entry; 250 } 251 crypto_cmd->ret = ret; 252 253 req_queue.cmd_count++; 254 list_add_tail(&crypto_cmd->entry, &req_queue.cmds); 255 256 free_cmd = false; 257 258 e_lock: 259 spin_unlock_irqrestore(&req_queue_lock, flags); 260 261 if (free_cmd) 262 kfree(crypto_cmd); 263 264 return ret; 265 } 266 267 /** 268 * ccp_crypto_enqueue_request - queue an crypto async request for processing 269 * by the CCP 270 * 271 * @req: crypto_async_request struct to be processed 272 * @cmd: ccp_cmd struct to be sent to the CCP 273 */ 274 int ccp_crypto_enqueue_request(struct crypto_async_request *req, 275 struct ccp_cmd *cmd) 276 { 277 struct ccp_crypto_cmd *crypto_cmd; 278 gfp_t gfp; 279 280 gfp = req->flags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : GFP_ATOMIC; 281 282 crypto_cmd = kzalloc(sizeof(*crypto_cmd), gfp); 283 if (!crypto_cmd) 284 return -ENOMEM; 285 286 /* The tfm pointer must be saved and not referenced from the 287 * crypto_async_request (req) pointer because it is used after 288 * completion callback for the request and the req pointer 289 * might not be valid anymore. 290 */ 291 crypto_cmd->cmd = cmd; 292 crypto_cmd->req = req; 293 crypto_cmd->tfm = req->tfm; 294 295 cmd->callback = ccp_crypto_complete; 296 cmd->data = crypto_cmd; 297 298 if (req->flags & CRYPTO_TFM_REQ_MAY_BACKLOG) 299 cmd->flags |= CCP_CMD_MAY_BACKLOG; 300 else 301 cmd->flags &= ~CCP_CMD_MAY_BACKLOG; 302 303 return ccp_crypto_enqueue_cmd(crypto_cmd); 304 } 305 306 struct scatterlist *ccp_crypto_sg_table_add(struct sg_table *table, 307 struct scatterlist *sg_add) 308 { 309 struct scatterlist *sg, *sg_last = NULL; 310 311 for (sg = table->sgl; sg; sg = sg_next(sg)) 312 if (!sg_page(sg)) 313 break; 314 if (WARN_ON(!sg)) 315 return NULL; 316 317 for (; sg && sg_add; sg = sg_next(sg), sg_add = sg_next(sg_add)) { 318 sg_set_page(sg, sg_page(sg_add), sg_add->length, 319 sg_add->offset); 320 sg_last = sg; 321 } 322 if (WARN_ON(sg_add)) 323 return NULL; 324 325 return sg_last; 326 } 327 328 static int ccp_register_algs(void) 329 { 330 int ret; 331 332 if (!aes_disable) { 333 ret = ccp_register_aes_algs(&cipher_algs); 334 if (ret) 335 return ret; 336 337 ret = ccp_register_aes_cmac_algs(&hash_algs); 338 if (ret) 339 return ret; 340 341 ret = ccp_register_aes_xts_algs(&cipher_algs); 342 if (ret) 343 return ret; 344 345 ret = ccp_register_aes_aeads(&aead_algs); 346 if (ret) 347 return ret; 348 } 349 350 if (!des3_disable) { 351 ret = ccp_register_des3_algs(&cipher_algs); 352 if (ret) 353 return ret; 354 } 355 356 if (!sha_disable) { 357 ret = ccp_register_sha_algs(&hash_algs); 358 if (ret) 359 return ret; 360 } 361 362 if (!rsa_disable) { 363 ret = ccp_register_rsa_algs(&akcipher_algs); 364 if (ret) 365 return ret; 366 } 367 368 return 0; 369 } 370 371 static void ccp_unregister_algs(void) 372 { 373 struct ccp_crypto_ahash_alg *ahash_alg, *ahash_tmp; 374 struct ccp_crypto_ablkcipher_alg *ablk_alg, *ablk_tmp; 375 struct ccp_crypto_aead *aead_alg, *aead_tmp; 376 struct ccp_crypto_akcipher_alg *akc_alg, *akc_tmp; 377 378 list_for_each_entry_safe(ahash_alg, ahash_tmp, &hash_algs, entry) { 379 crypto_unregister_ahash(&ahash_alg->alg); 380 list_del(&ahash_alg->entry); 381 kfree(ahash_alg); 382 } 383 384 list_for_each_entry_safe(ablk_alg, ablk_tmp, &cipher_algs, entry) { 385 crypto_unregister_alg(&ablk_alg->alg); 386 list_del(&ablk_alg->entry); 387 kfree(ablk_alg); 388 } 389 390 list_for_each_entry_safe(aead_alg, aead_tmp, &aead_algs, entry) { 391 crypto_unregister_aead(&aead_alg->alg); 392 list_del(&aead_alg->entry); 393 kfree(aead_alg); 394 } 395 396 list_for_each_entry_safe(akc_alg, akc_tmp, &akcipher_algs, entry) { 397 crypto_unregister_akcipher(&akc_alg->alg); 398 list_del(&akc_alg->entry); 399 kfree(akc_alg); 400 } 401 } 402 403 static int ccp_crypto_init(void) 404 { 405 int ret; 406 407 ret = ccp_present(); 408 if (ret) 409 return ret; 410 411 spin_lock_init(&req_queue_lock); 412 INIT_LIST_HEAD(&req_queue.cmds); 413 req_queue.backlog = &req_queue.cmds; 414 req_queue.cmd_count = 0; 415 416 ret = ccp_register_algs(); 417 if (ret) 418 ccp_unregister_algs(); 419 420 return ret; 421 } 422 423 static void ccp_crypto_exit(void) 424 { 425 ccp_unregister_algs(); 426 } 427 428 module_init(ccp_crypto_init); 429 module_exit(ccp_crypto_exit); 430