1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * AMD Cryptographic Coprocessor (CCP) crypto API support
4  *
5  * Copyright (C) 2013,2017 Advanced Micro Devices, Inc.
6  *
7  * Author: Tom Lendacky <thomas.lendacky@amd.com>
8  */
9 
10 #include <linux/module.h>
11 #include <linux/moduleparam.h>
12 #include <linux/kernel.h>
13 #include <linux/list.h>
14 #include <linux/ccp.h>
15 #include <linux/scatterlist.h>
16 #include <crypto/internal/hash.h>
17 #include <crypto/internal/akcipher.h>
18 
19 #include "ccp-crypto.h"
20 
21 MODULE_AUTHOR("Tom Lendacky <thomas.lendacky@amd.com>");
22 MODULE_LICENSE("GPL");
23 MODULE_VERSION("1.0.0");
24 MODULE_DESCRIPTION("AMD Cryptographic Coprocessor crypto API support");
25 
26 static unsigned int aes_disable;
27 module_param(aes_disable, uint, 0444);
28 MODULE_PARM_DESC(aes_disable, "Disable use of AES - any non-zero value");
29 
30 static unsigned int sha_disable;
31 module_param(sha_disable, uint, 0444);
32 MODULE_PARM_DESC(sha_disable, "Disable use of SHA - any non-zero value");
33 
34 static unsigned int des3_disable;
35 module_param(des3_disable, uint, 0444);
36 MODULE_PARM_DESC(des3_disable, "Disable use of 3DES - any non-zero value");
37 
38 static unsigned int rsa_disable;
39 module_param(rsa_disable, uint, 0444);
40 MODULE_PARM_DESC(rsa_disable, "Disable use of RSA - any non-zero value");
41 
42 /* List heads for the supported algorithms */
43 static LIST_HEAD(hash_algs);
44 static LIST_HEAD(skcipher_algs);
45 static LIST_HEAD(aead_algs);
46 static LIST_HEAD(akcipher_algs);
47 
48 /* For any tfm, requests for that tfm must be returned on the order
49  * received.  With multiple queues available, the CCP can process more
50  * than one cmd at a time.  Therefore we must maintain a cmd list to insure
51  * the proper ordering of requests on a given tfm.
52  */
53 struct ccp_crypto_queue {
54 	struct list_head cmds;
55 	struct list_head *backlog;
56 	unsigned int cmd_count;
57 };
58 
59 #define CCP_CRYPTO_MAX_QLEN	100
60 
61 static struct ccp_crypto_queue req_queue;
62 static spinlock_t req_queue_lock;
63 
64 struct ccp_crypto_cmd {
65 	struct list_head entry;
66 
67 	struct ccp_cmd *cmd;
68 
69 	/* Save the crypto_tfm and crypto_async_request addresses
70 	 * separately to avoid any reference to a possibly invalid
71 	 * crypto_async_request structure after invoking the request
72 	 * callback
73 	 */
74 	struct crypto_async_request *req;
75 	struct crypto_tfm *tfm;
76 
77 	/* Used for held command processing to determine state */
78 	int ret;
79 };
80 
81 struct ccp_crypto_cpu {
82 	struct work_struct work;
83 	struct completion completion;
84 	struct ccp_crypto_cmd *crypto_cmd;
85 	int err;
86 };
87 
88 static inline bool ccp_crypto_success(int err)
89 {
90 	if (err && (err != -EINPROGRESS) && (err != -EBUSY))
91 		return false;
92 
93 	return true;
94 }
95 
96 static struct ccp_crypto_cmd *ccp_crypto_cmd_complete(
97 	struct ccp_crypto_cmd *crypto_cmd, struct ccp_crypto_cmd **backlog)
98 {
99 	struct ccp_crypto_cmd *held = NULL, *tmp;
100 	unsigned long flags;
101 
102 	*backlog = NULL;
103 
104 	spin_lock_irqsave(&req_queue_lock, flags);
105 
106 	/* Held cmds will be after the current cmd in the queue so start
107 	 * searching for a cmd with a matching tfm for submission.
108 	 */
109 	tmp = crypto_cmd;
110 	list_for_each_entry_continue(tmp, &req_queue.cmds, entry) {
111 		if (crypto_cmd->tfm != tmp->tfm)
112 			continue;
113 		held = tmp;
114 		break;
115 	}
116 
117 	/* Process the backlog:
118 	 *   Because cmds can be executed from any point in the cmd list
119 	 *   special precautions have to be taken when handling the backlog.
120 	 */
121 	if (req_queue.backlog != &req_queue.cmds) {
122 		/* Skip over this cmd if it is the next backlog cmd */
123 		if (req_queue.backlog == &crypto_cmd->entry)
124 			req_queue.backlog = crypto_cmd->entry.next;
125 
126 		*backlog = container_of(req_queue.backlog,
127 					struct ccp_crypto_cmd, entry);
128 		req_queue.backlog = req_queue.backlog->next;
129 
130 		/* Skip over this cmd if it is now the next backlog cmd */
131 		if (req_queue.backlog == &crypto_cmd->entry)
132 			req_queue.backlog = crypto_cmd->entry.next;
133 	}
134 
135 	/* Remove the cmd entry from the list of cmds */
136 	req_queue.cmd_count--;
137 	list_del(&crypto_cmd->entry);
138 
139 	spin_unlock_irqrestore(&req_queue_lock, flags);
140 
141 	return held;
142 }
143 
144 static void ccp_crypto_complete(void *data, int err)
145 {
146 	struct ccp_crypto_cmd *crypto_cmd = data;
147 	struct ccp_crypto_cmd *held, *next, *backlog;
148 	struct crypto_async_request *req = crypto_cmd->req;
149 	struct ccp_ctx *ctx = crypto_tfm_ctx(req->tfm);
150 	int ret;
151 
152 	if (err == -EINPROGRESS) {
153 		/* Only propagate the -EINPROGRESS if necessary */
154 		if (crypto_cmd->ret == -EBUSY) {
155 			crypto_cmd->ret = -EINPROGRESS;
156 			req->complete(req, -EINPROGRESS);
157 		}
158 
159 		return;
160 	}
161 
162 	/* Operation has completed - update the queue before invoking
163 	 * the completion callbacks and retrieve the next cmd (cmd with
164 	 * a matching tfm) that can be submitted to the CCP.
165 	 */
166 	held = ccp_crypto_cmd_complete(crypto_cmd, &backlog);
167 	if (backlog) {
168 		backlog->ret = -EINPROGRESS;
169 		backlog->req->complete(backlog->req, -EINPROGRESS);
170 	}
171 
172 	/* Transition the state from -EBUSY to -EINPROGRESS first */
173 	if (crypto_cmd->ret == -EBUSY)
174 		req->complete(req, -EINPROGRESS);
175 
176 	/* Completion callbacks */
177 	ret = err;
178 	if (ctx->complete)
179 		ret = ctx->complete(req, ret);
180 	req->complete(req, ret);
181 
182 	/* Submit the next cmd */
183 	while (held) {
184 		/* Since we have already queued the cmd, we must indicate that
185 		 * we can backlog so as not to "lose" this request.
186 		 */
187 		held->cmd->flags |= CCP_CMD_MAY_BACKLOG;
188 		ret = ccp_enqueue_cmd(held->cmd);
189 		if (ccp_crypto_success(ret))
190 			break;
191 
192 		/* Error occurred, report it and get the next entry */
193 		ctx = crypto_tfm_ctx(held->req->tfm);
194 		if (ctx->complete)
195 			ret = ctx->complete(held->req, ret);
196 		held->req->complete(held->req, ret);
197 
198 		next = ccp_crypto_cmd_complete(held, &backlog);
199 		if (backlog) {
200 			backlog->ret = -EINPROGRESS;
201 			backlog->req->complete(backlog->req, -EINPROGRESS);
202 		}
203 
204 		kfree(held);
205 		held = next;
206 	}
207 
208 	kfree(crypto_cmd);
209 }
210 
211 static int ccp_crypto_enqueue_cmd(struct ccp_crypto_cmd *crypto_cmd)
212 {
213 	struct ccp_crypto_cmd *active = NULL, *tmp;
214 	unsigned long flags;
215 	bool free_cmd = true;
216 	int ret;
217 
218 	spin_lock_irqsave(&req_queue_lock, flags);
219 
220 	/* Check if the cmd can/should be queued */
221 	if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) {
222 		if (!(crypto_cmd->cmd->flags & CCP_CMD_MAY_BACKLOG)) {
223 			ret = -ENOSPC;
224 			goto e_lock;
225 		}
226 	}
227 
228 	/* Look for an entry with the same tfm.  If there is a cmd
229 	 * with the same tfm in the list then the current cmd cannot
230 	 * be submitted to the CCP yet.
231 	 */
232 	list_for_each_entry(tmp, &req_queue.cmds, entry) {
233 		if (crypto_cmd->tfm != tmp->tfm)
234 			continue;
235 		active = tmp;
236 		break;
237 	}
238 
239 	ret = -EINPROGRESS;
240 	if (!active) {
241 		ret = ccp_enqueue_cmd(crypto_cmd->cmd);
242 		if (!ccp_crypto_success(ret))
243 			goto e_lock;	/* Error, don't queue it */
244 	}
245 
246 	if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) {
247 		ret = -EBUSY;
248 		if (req_queue.backlog == &req_queue.cmds)
249 			req_queue.backlog = &crypto_cmd->entry;
250 	}
251 	crypto_cmd->ret = ret;
252 
253 	req_queue.cmd_count++;
254 	list_add_tail(&crypto_cmd->entry, &req_queue.cmds);
255 
256 	free_cmd = false;
257 
258 e_lock:
259 	spin_unlock_irqrestore(&req_queue_lock, flags);
260 
261 	if (free_cmd)
262 		kfree(crypto_cmd);
263 
264 	return ret;
265 }
266 
267 /**
268  * ccp_crypto_enqueue_request - queue an crypto async request for processing
269  *				by the CCP
270  *
271  * @req: crypto_async_request struct to be processed
272  * @cmd: ccp_cmd struct to be sent to the CCP
273  */
274 int ccp_crypto_enqueue_request(struct crypto_async_request *req,
275 			       struct ccp_cmd *cmd)
276 {
277 	struct ccp_crypto_cmd *crypto_cmd;
278 	gfp_t gfp;
279 
280 	gfp = req->flags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : GFP_ATOMIC;
281 
282 	crypto_cmd = kzalloc(sizeof(*crypto_cmd), gfp);
283 	if (!crypto_cmd)
284 		return -ENOMEM;
285 
286 	/* The tfm pointer must be saved and not referenced from the
287 	 * crypto_async_request (req) pointer because it is used after
288 	 * completion callback for the request and the req pointer
289 	 * might not be valid anymore.
290 	 */
291 	crypto_cmd->cmd = cmd;
292 	crypto_cmd->req = req;
293 	crypto_cmd->tfm = req->tfm;
294 
295 	cmd->callback = ccp_crypto_complete;
296 	cmd->data = crypto_cmd;
297 
298 	if (req->flags & CRYPTO_TFM_REQ_MAY_BACKLOG)
299 		cmd->flags |= CCP_CMD_MAY_BACKLOG;
300 	else
301 		cmd->flags &= ~CCP_CMD_MAY_BACKLOG;
302 
303 	return ccp_crypto_enqueue_cmd(crypto_cmd);
304 }
305 
306 struct scatterlist *ccp_crypto_sg_table_add(struct sg_table *table,
307 					    struct scatterlist *sg_add)
308 {
309 	struct scatterlist *sg, *sg_last = NULL;
310 
311 	for (sg = table->sgl; sg; sg = sg_next(sg))
312 		if (!sg_page(sg))
313 			break;
314 	if (WARN_ON(!sg))
315 		return NULL;
316 
317 	for (; sg && sg_add; sg = sg_next(sg), sg_add = sg_next(sg_add)) {
318 		sg_set_page(sg, sg_page(sg_add), sg_add->length,
319 			    sg_add->offset);
320 		sg_last = sg;
321 	}
322 	if (WARN_ON(sg_add))
323 		return NULL;
324 
325 	return sg_last;
326 }
327 
328 static int ccp_register_algs(void)
329 {
330 	int ret;
331 
332 	if (!aes_disable) {
333 		ret = ccp_register_aes_algs(&skcipher_algs);
334 		if (ret)
335 			return ret;
336 
337 		ret = ccp_register_aes_cmac_algs(&hash_algs);
338 		if (ret)
339 			return ret;
340 
341 		ret = ccp_register_aes_xts_algs(&skcipher_algs);
342 		if (ret)
343 			return ret;
344 
345 		ret = ccp_register_aes_aeads(&aead_algs);
346 		if (ret)
347 			return ret;
348 	}
349 
350 	if (!des3_disable) {
351 		ret = ccp_register_des3_algs(&skcipher_algs);
352 		if (ret)
353 			return ret;
354 	}
355 
356 	if (!sha_disable) {
357 		ret = ccp_register_sha_algs(&hash_algs);
358 		if (ret)
359 			return ret;
360 	}
361 
362 	if (!rsa_disable) {
363 		ret = ccp_register_rsa_algs(&akcipher_algs);
364 		if (ret)
365 			return ret;
366 	}
367 
368 	return 0;
369 }
370 
371 static void ccp_unregister_algs(void)
372 {
373 	struct ccp_crypto_ahash_alg *ahash_alg, *ahash_tmp;
374 	struct ccp_crypto_skcipher_alg *ablk_alg, *ablk_tmp;
375 	struct ccp_crypto_aead *aead_alg, *aead_tmp;
376 	struct ccp_crypto_akcipher_alg *akc_alg, *akc_tmp;
377 
378 	list_for_each_entry_safe(ahash_alg, ahash_tmp, &hash_algs, entry) {
379 		crypto_unregister_ahash(&ahash_alg->alg);
380 		list_del(&ahash_alg->entry);
381 		kfree(ahash_alg);
382 	}
383 
384 	list_for_each_entry_safe(ablk_alg, ablk_tmp, &skcipher_algs, entry) {
385 		crypto_unregister_skcipher(&ablk_alg->alg);
386 		list_del(&ablk_alg->entry);
387 		kfree(ablk_alg);
388 	}
389 
390 	list_for_each_entry_safe(aead_alg, aead_tmp, &aead_algs, entry) {
391 		crypto_unregister_aead(&aead_alg->alg);
392 		list_del(&aead_alg->entry);
393 		kfree(aead_alg);
394 	}
395 
396 	list_for_each_entry_safe(akc_alg, akc_tmp, &akcipher_algs, entry) {
397 		crypto_unregister_akcipher(&akc_alg->alg);
398 		list_del(&akc_alg->entry);
399 		kfree(akc_alg);
400 	}
401 }
402 
403 static int ccp_crypto_init(void)
404 {
405 	int ret;
406 
407 	ret = ccp_present();
408 	if (ret) {
409 		pr_err("Cannot load: there are no available CCPs\n");
410 		return ret;
411 	}
412 
413 	spin_lock_init(&req_queue_lock);
414 	INIT_LIST_HEAD(&req_queue.cmds);
415 	req_queue.backlog = &req_queue.cmds;
416 	req_queue.cmd_count = 0;
417 
418 	ret = ccp_register_algs();
419 	if (ret)
420 		ccp_unregister_algs();
421 
422 	return ret;
423 }
424 
425 static void ccp_crypto_exit(void)
426 {
427 	ccp_unregister_algs();
428 }
429 
430 module_init(ccp_crypto_init);
431 module_exit(ccp_crypto_exit);
432