xref: /openbmc/linux/drivers/crypto/nx/nx.c (revision 24b1944f)
1 /**
2  * Routines supporting the Power 7+ Nest Accelerators driver
3  *
4  * Copyright (C) 2011-2012 International Business Machines Inc.
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; version 2 only.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18  *
19  * Author: Kent Yoder <yoder1@us.ibm.com>
20  */
21 
22 #include <crypto/internal/hash.h>
23 #include <crypto/hash.h>
24 #include <crypto/aes.h>
25 #include <crypto/sha.h>
26 #include <crypto/algapi.h>
27 #include <crypto/scatterwalk.h>
28 #include <linux/module.h>
29 #include <linux/moduleparam.h>
30 #include <linux/types.h>
31 #include <linux/mm.h>
32 #include <linux/crypto.h>
33 #include <linux/scatterlist.h>
34 #include <linux/device.h>
35 #include <linux/of.h>
36 #include <asm/hvcall.h>
37 #include <asm/vio.h>
38 
39 #include "nx_csbcpb.h"
40 #include "nx.h"
41 
42 
43 /**
44  * nx_hcall_sync - make an H_COP_OP hcall for the passed in op structure
45  *
46  * @nx_ctx: the crypto context handle
47  * @op: PFO operation struct to pass in
48  * @may_sleep: flag indicating the request can sleep
49  *
50  * Make the hcall, retrying while the hardware is busy. If we cannot yield
51  * the thread, limit the number of retries to 10 here.
52  */
53 int nx_hcall_sync(struct nx_crypto_ctx *nx_ctx,
54 		  struct vio_pfo_op    *op,
55 		  u32                   may_sleep)
56 {
57 	int rc, retries = 10;
58 	struct vio_dev *viodev = nx_driver.viodev;
59 
60 	atomic_inc(&(nx_ctx->stats->sync_ops));
61 
62 	do {
63 		rc = vio_h_cop_sync(viodev, op);
64 	} while ((rc == -EBUSY && !may_sleep && retries--) ||
65 	         (rc == -EBUSY && may_sleep && cond_resched()));
66 
67 	if (rc) {
68 		dev_dbg(&viodev->dev, "vio_h_cop_sync failed: rc: %d "
69 			"hcall rc: %ld\n", rc, op->hcall_err);
70 		atomic_inc(&(nx_ctx->stats->errors));
71 		atomic_set(&(nx_ctx->stats->last_error), op->hcall_err);
72 		atomic_set(&(nx_ctx->stats->last_error_pid), current->pid);
73 	}
74 
75 	return rc;
76 }
77 
78 /**
79  * nx_build_sg_list - build an NX scatter list describing a single  buffer
80  *
81  * @sg_head: pointer to the first scatter list element to build
82  * @start_addr: pointer to the linear buffer
83  * @len: length of the data at @start_addr
84  * @sgmax: the largest number of scatter list elements we're allowed to create
85  *
86  * This function will start writing nx_sg elements at @sg_head and keep
87  * writing them until all of the data from @start_addr is described or
88  * until sgmax elements have been written. Scatter list elements will be
89  * created such that none of the elements describes a buffer that crosses a 4K
90  * boundary.
91  */
92 struct nx_sg *nx_build_sg_list(struct nx_sg *sg_head,
93 			       u8           *start_addr,
94 			       unsigned int  len,
95 			       u32           sgmax)
96 {
97 	unsigned int sg_len = 0;
98 	struct nx_sg *sg;
99 	u64 sg_addr = (u64)start_addr;
100 	u64 end_addr;
101 
102 	/* determine the start and end for this address range - slightly
103 	 * different if this is in VMALLOC_REGION */
104 	if (is_vmalloc_addr(start_addr))
105 		sg_addr = page_to_phys(vmalloc_to_page(start_addr))
106 			  + offset_in_page(sg_addr);
107 	else
108 		sg_addr = __pa(sg_addr);
109 
110 	end_addr = sg_addr + len;
111 
112 	/* each iteration will write one struct nx_sg element and add the
113 	 * length of data described by that element to sg_len. Once @len bytes
114 	 * have been described (or @sgmax elements have been written), the
115 	 * loop ends. min_t is used to ensure @end_addr falls on the same page
116 	 * as sg_addr, if not, we need to create another nx_sg element for the
117 	 * data on the next page */
118 	for (sg = sg_head; sg_len < len; sg++) {
119 		sg->addr = sg_addr;
120 		sg_addr = min_t(u64, NX_PAGE_NUM(sg_addr + NX_PAGE_SIZE), end_addr);
121 		sg->len = sg_addr - sg->addr;
122 		sg_len += sg->len;
123 
124 		if ((sg - sg_head) == sgmax) {
125 			pr_err("nx: scatter/gather list overflow, pid: %d\n",
126 			       current->pid);
127 			return NULL;
128 		}
129 	}
130 
131 	/* return the moved sg_head pointer */
132 	return sg;
133 }
134 
135 /**
136  * nx_walk_and_build - walk a linux scatterlist and build an nx scatterlist
137  *
138  * @nx_dst: pointer to the first nx_sg element to write
139  * @sglen: max number of nx_sg entries we're allowed to write
140  * @sg_src: pointer to the source linux scatterlist to walk
141  * @start: number of bytes to fast-forward past at the beginning of @sg_src
142  * @src_len: number of bytes to walk in @sg_src
143  */
144 struct nx_sg *nx_walk_and_build(struct nx_sg       *nx_dst,
145 				unsigned int        sglen,
146 				struct scatterlist *sg_src,
147 				unsigned int        start,
148 				unsigned int        src_len)
149 {
150 	struct scatter_walk walk;
151 	struct nx_sg *nx_sg = nx_dst;
152 	unsigned int n, offset = 0, len = src_len;
153 	char *dst;
154 
155 	/* we need to fast forward through @start bytes first */
156 	for (;;) {
157 		scatterwalk_start(&walk, sg_src);
158 
159 		if (start < offset + sg_src->length)
160 			break;
161 
162 		offset += sg_src->length;
163 		sg_src = scatterwalk_sg_next(sg_src);
164 	}
165 
166 	/* start - offset is the number of bytes to advance in the scatterlist
167 	 * element we're currently looking at */
168 	scatterwalk_advance(&walk, start - offset);
169 
170 	while (len && nx_sg) {
171 		n = scatterwalk_clamp(&walk, len);
172 		if (!n) {
173 			scatterwalk_start(&walk, sg_next(walk.sg));
174 			n = scatterwalk_clamp(&walk, len);
175 		}
176 		dst = scatterwalk_map(&walk);
177 
178 		nx_sg = nx_build_sg_list(nx_sg, dst, n, sglen);
179 		len -= n;
180 
181 		scatterwalk_unmap(dst);
182 		scatterwalk_advance(&walk, n);
183 		scatterwalk_done(&walk, SCATTERWALK_FROM_SG, len);
184 	}
185 
186 	/* return the moved destination pointer */
187 	return nx_sg;
188 }
189 
190 /**
191  * nx_build_sg_lists - walk the input scatterlists and build arrays of NX
192  *                     scatterlists based on them.
193  *
194  * @nx_ctx: NX crypto context for the lists we're building
195  * @desc: the block cipher descriptor for the operation
196  * @dst: destination scatterlist
197  * @src: source scatterlist
198  * @nbytes: length of data described in the scatterlists
199  * @iv: destination for the iv data, if the algorithm requires it
200  *
201  * This is common code shared by all the AES algorithms. It uses the block
202  * cipher walk routines to traverse input and output scatterlists, building
203  * corresponding NX scatterlists
204  */
205 int nx_build_sg_lists(struct nx_crypto_ctx  *nx_ctx,
206 		      struct blkcipher_desc *desc,
207 		      struct scatterlist    *dst,
208 		      struct scatterlist    *src,
209 		      unsigned int           nbytes,
210 		      u8                    *iv)
211 {
212 	struct nx_sg *nx_insg = nx_ctx->in_sg;
213 	struct nx_sg *nx_outsg = nx_ctx->out_sg;
214 
215 	if (iv)
216 		memcpy(iv, desc->info, AES_BLOCK_SIZE);
217 
218 	nx_insg = nx_walk_and_build(nx_insg, nx_ctx->ap->sglen, src, 0, nbytes);
219 	nx_outsg = nx_walk_and_build(nx_outsg, nx_ctx->ap->sglen, dst, 0, nbytes);
220 
221 	/* these lengths should be negative, which will indicate to phyp that
222 	 * the input and output parameters are scatterlists, not linear
223 	 * buffers */
224 	nx_ctx->op.inlen = (nx_ctx->in_sg - nx_insg) * sizeof(struct nx_sg);
225 	nx_ctx->op.outlen = (nx_ctx->out_sg - nx_outsg) * sizeof(struct nx_sg);
226 
227 	return 0;
228 }
229 
230 /**
231  * nx_ctx_init - initialize an nx_ctx's vio_pfo_op struct
232  *
233  * @nx_ctx: the nx context to initialize
234  * @function: the function code for the op
235  */
236 void nx_ctx_init(struct nx_crypto_ctx *nx_ctx, unsigned int function)
237 {
238 	memset(nx_ctx->kmem, 0, nx_ctx->kmem_len);
239 	nx_ctx->csbcpb->csb.valid |= NX_CSB_VALID_BIT;
240 
241 	nx_ctx->op.flags = function;
242 	nx_ctx->op.csbcpb = __pa(nx_ctx->csbcpb);
243 	nx_ctx->op.in = __pa(nx_ctx->in_sg);
244 	nx_ctx->op.out = __pa(nx_ctx->out_sg);
245 
246 	if (nx_ctx->csbcpb_aead) {
247 		nx_ctx->csbcpb_aead->csb.valid |= NX_CSB_VALID_BIT;
248 
249 		nx_ctx->op_aead.flags = function;
250 		nx_ctx->op_aead.csbcpb = __pa(nx_ctx->csbcpb_aead);
251 		nx_ctx->op_aead.in = __pa(nx_ctx->in_sg);
252 		nx_ctx->op_aead.out = __pa(nx_ctx->out_sg);
253 	}
254 }
255 
256 static void nx_of_update_status(struct device   *dev,
257 			       struct property *p,
258 			       struct nx_of    *props)
259 {
260 	if (!strncmp(p->value, "okay", p->length)) {
261 		props->status = NX_WAITING;
262 		props->flags |= NX_OF_FLAG_STATUS_SET;
263 	} else {
264 		dev_info(dev, "%s: status '%s' is not 'okay'\n", __func__,
265 			 (char *)p->value);
266 	}
267 }
268 
269 static void nx_of_update_sglen(struct device   *dev,
270 			       struct property *p,
271 			       struct nx_of    *props)
272 {
273 	if (p->length != sizeof(props->max_sg_len)) {
274 		dev_err(dev, "%s: unexpected format for "
275 			"ibm,max-sg-len property\n", __func__);
276 		dev_dbg(dev, "%s: ibm,max-sg-len is %d bytes "
277 			"long, expected %zd bytes\n", __func__,
278 			p->length, sizeof(props->max_sg_len));
279 		return;
280 	}
281 
282 	props->max_sg_len = *(u32 *)p->value;
283 	props->flags |= NX_OF_FLAG_MAXSGLEN_SET;
284 }
285 
286 static void nx_of_update_msc(struct device   *dev,
287 			     struct property *p,
288 			     struct nx_of    *props)
289 {
290 	struct msc_triplet *trip;
291 	struct max_sync_cop *msc;
292 	unsigned int bytes_so_far, i, lenp;
293 
294 	msc = (struct max_sync_cop *)p->value;
295 	lenp = p->length;
296 
297 	/* You can't tell if the data read in for this property is sane by its
298 	 * size alone. This is because there are sizes embedded in the data
299 	 * structure. The best we can do is check lengths as we parse and bail
300 	 * as soon as a length error is detected. */
301 	bytes_so_far = 0;
302 
303 	while ((bytes_so_far + sizeof(struct max_sync_cop)) <= lenp) {
304 		bytes_so_far += sizeof(struct max_sync_cop);
305 
306 		trip = msc->trip;
307 
308 		for (i = 0;
309 		     ((bytes_so_far + sizeof(struct msc_triplet)) <= lenp) &&
310 		     i < msc->triplets;
311 		     i++) {
312 			if (msc->fc > NX_MAX_FC || msc->mode > NX_MAX_MODE) {
313 				dev_err(dev, "unknown function code/mode "
314 					"combo: %d/%d (ignored)\n", msc->fc,
315 					msc->mode);
316 				goto next_loop;
317 			}
318 
319 			switch (trip->keybitlen) {
320 			case 128:
321 			case 160:
322 				props->ap[msc->fc][msc->mode][0].databytelen =
323 					trip->databytelen;
324 				props->ap[msc->fc][msc->mode][0].sglen =
325 					trip->sglen;
326 				break;
327 			case 192:
328 				props->ap[msc->fc][msc->mode][1].databytelen =
329 					trip->databytelen;
330 				props->ap[msc->fc][msc->mode][1].sglen =
331 					trip->sglen;
332 				break;
333 			case 256:
334 				if (msc->fc == NX_FC_AES) {
335 					props->ap[msc->fc][msc->mode][2].
336 						databytelen = trip->databytelen;
337 					props->ap[msc->fc][msc->mode][2].sglen =
338 						trip->sglen;
339 				} else if (msc->fc == NX_FC_AES_HMAC ||
340 					   msc->fc == NX_FC_SHA) {
341 					props->ap[msc->fc][msc->mode][1].
342 						databytelen = trip->databytelen;
343 					props->ap[msc->fc][msc->mode][1].sglen =
344 						trip->sglen;
345 				} else {
346 					dev_warn(dev, "unknown function "
347 						"code/key bit len combo"
348 						": (%u/256)\n", msc->fc);
349 				}
350 				break;
351 			case 512:
352 				props->ap[msc->fc][msc->mode][2].databytelen =
353 					trip->databytelen;
354 				props->ap[msc->fc][msc->mode][2].sglen =
355 					trip->sglen;
356 				break;
357 			default:
358 				dev_warn(dev, "unknown function code/key bit "
359 					 "len combo: (%u/%u)\n", msc->fc,
360 					 trip->keybitlen);
361 				break;
362 			}
363 next_loop:
364 			bytes_so_far += sizeof(struct msc_triplet);
365 			trip++;
366 		}
367 
368 		msc = (struct max_sync_cop *)trip;
369 	}
370 
371 	props->flags |= NX_OF_FLAG_MAXSYNCCOP_SET;
372 }
373 
374 /**
375  * nx_of_init - read openFirmware values from the device tree
376  *
377  * @dev: device handle
378  * @props: pointer to struct to hold the properties values
379  *
380  * Called once at driver probe time, this function will read out the
381  * openFirmware properties we use at runtime. If all the OF properties are
382  * acceptable, when we exit this function props->flags will indicate that
383  * we're ready to register our crypto algorithms.
384  */
385 static void nx_of_init(struct device *dev, struct nx_of *props)
386 {
387 	struct device_node *base_node = dev->of_node;
388 	struct property *p;
389 
390 	p = of_find_property(base_node, "status", NULL);
391 	if (!p)
392 		dev_info(dev, "%s: property 'status' not found\n", __func__);
393 	else
394 		nx_of_update_status(dev, p, props);
395 
396 	p = of_find_property(base_node, "ibm,max-sg-len", NULL);
397 	if (!p)
398 		dev_info(dev, "%s: property 'ibm,max-sg-len' not found\n",
399 			 __func__);
400 	else
401 		nx_of_update_sglen(dev, p, props);
402 
403 	p = of_find_property(base_node, "ibm,max-sync-cop", NULL);
404 	if (!p)
405 		dev_info(dev, "%s: property 'ibm,max-sync-cop' not found\n",
406 			 __func__);
407 	else
408 		nx_of_update_msc(dev, p, props);
409 }
410 
411 /**
412  * nx_register_algs - register algorithms with the crypto API
413  *
414  * Called from nx_probe()
415  *
416  * If all OF properties are in an acceptable state, the driver flags will
417  * indicate that we're ready and we'll create our debugfs files and register
418  * out crypto algorithms.
419  */
420 static int nx_register_algs(void)
421 {
422 	int rc = -1;
423 
424 	if (nx_driver.of.flags != NX_OF_FLAG_MASK_READY)
425 		goto out;
426 
427 	memset(&nx_driver.stats, 0, sizeof(struct nx_stats));
428 
429 	rc = NX_DEBUGFS_INIT(&nx_driver);
430 	if (rc)
431 		goto out;
432 
433 	nx_driver.of.status = NX_OKAY;
434 
435 	rc = crypto_register_alg(&nx_ecb_aes_alg);
436 	if (rc)
437 		goto out;
438 
439 	rc = crypto_register_alg(&nx_cbc_aes_alg);
440 	if (rc)
441 		goto out_unreg_ecb;
442 
443 	rc = crypto_register_alg(&nx_ctr_aes_alg);
444 	if (rc)
445 		goto out_unreg_cbc;
446 
447 	rc = crypto_register_alg(&nx_ctr3686_aes_alg);
448 	if (rc)
449 		goto out_unreg_ctr;
450 
451 	rc = crypto_register_alg(&nx_gcm_aes_alg);
452 	if (rc)
453 		goto out_unreg_ctr3686;
454 
455 	rc = crypto_register_alg(&nx_gcm4106_aes_alg);
456 	if (rc)
457 		goto out_unreg_gcm;
458 
459 	rc = crypto_register_alg(&nx_ccm_aes_alg);
460 	if (rc)
461 		goto out_unreg_gcm4106;
462 
463 	rc = crypto_register_alg(&nx_ccm4309_aes_alg);
464 	if (rc)
465 		goto out_unreg_ccm;
466 
467 	rc = crypto_register_shash(&nx_shash_sha256_alg);
468 	if (rc)
469 		goto out_unreg_ccm4309;
470 
471 	rc = crypto_register_shash(&nx_shash_sha512_alg);
472 	if (rc)
473 		goto out_unreg_s256;
474 
475 	rc = crypto_register_shash(&nx_shash_aes_xcbc_alg);
476 	if (rc)
477 		goto out_unreg_s512;
478 
479 	goto out;
480 
481 out_unreg_s512:
482 	crypto_unregister_shash(&nx_shash_sha512_alg);
483 out_unreg_s256:
484 	crypto_unregister_shash(&nx_shash_sha256_alg);
485 out_unreg_ccm4309:
486 	crypto_unregister_alg(&nx_ccm4309_aes_alg);
487 out_unreg_ccm:
488 	crypto_unregister_alg(&nx_ccm_aes_alg);
489 out_unreg_gcm4106:
490 	crypto_unregister_alg(&nx_gcm4106_aes_alg);
491 out_unreg_gcm:
492 	crypto_unregister_alg(&nx_gcm_aes_alg);
493 out_unreg_ctr3686:
494 	crypto_unregister_alg(&nx_ctr3686_aes_alg);
495 out_unreg_ctr:
496 	crypto_unregister_alg(&nx_ctr_aes_alg);
497 out_unreg_cbc:
498 	crypto_unregister_alg(&nx_cbc_aes_alg);
499 out_unreg_ecb:
500 	crypto_unregister_alg(&nx_ecb_aes_alg);
501 out:
502 	return rc;
503 }
504 
505 /**
506  * nx_crypto_ctx_init - create and initialize a crypto api context
507  *
508  * @nx_ctx: the crypto api context
509  * @fc: function code for the context
510  * @mode: the function code specific mode for this context
511  */
512 static int nx_crypto_ctx_init(struct nx_crypto_ctx *nx_ctx, u32 fc, u32 mode)
513 {
514 	if (nx_driver.of.status != NX_OKAY) {
515 		pr_err("Attempt to initialize NX crypto context while device "
516 		       "is not available!\n");
517 		return -ENODEV;
518 	}
519 
520 	/* we need an extra page for csbcpb_aead for these modes */
521 	if (mode == NX_MODE_AES_GCM || mode == NX_MODE_AES_CCM)
522 		nx_ctx->kmem_len = (4 * NX_PAGE_SIZE) +
523 				   sizeof(struct nx_csbcpb);
524 	else
525 		nx_ctx->kmem_len = (3 * NX_PAGE_SIZE) +
526 				   sizeof(struct nx_csbcpb);
527 
528 	nx_ctx->kmem = kmalloc(nx_ctx->kmem_len, GFP_KERNEL);
529 	if (!nx_ctx->kmem)
530 		return -ENOMEM;
531 
532 	/* the csbcpb and scatterlists must be 4K aligned pages */
533 	nx_ctx->csbcpb = (struct nx_csbcpb *)(round_up((u64)nx_ctx->kmem,
534 						       (u64)NX_PAGE_SIZE));
535 	nx_ctx->in_sg = (struct nx_sg *)((u8 *)nx_ctx->csbcpb + NX_PAGE_SIZE);
536 	nx_ctx->out_sg = (struct nx_sg *)((u8 *)nx_ctx->in_sg + NX_PAGE_SIZE);
537 
538 	if (mode == NX_MODE_AES_GCM || mode == NX_MODE_AES_CCM)
539 		nx_ctx->csbcpb_aead =
540 			(struct nx_csbcpb *)((u8 *)nx_ctx->out_sg +
541 					     NX_PAGE_SIZE);
542 
543 	/* give each context a pointer to global stats and their OF
544 	 * properties */
545 	nx_ctx->stats = &nx_driver.stats;
546 	memcpy(nx_ctx->props, nx_driver.of.ap[fc][mode],
547 	       sizeof(struct alg_props) * 3);
548 
549 	return 0;
550 }
551 
552 /* entry points from the crypto tfm initializers */
553 int nx_crypto_ctx_aes_ccm_init(struct crypto_tfm *tfm)
554 {
555 	return nx_crypto_ctx_init(crypto_tfm_ctx(tfm), NX_FC_AES,
556 				  NX_MODE_AES_CCM);
557 }
558 
559 int nx_crypto_ctx_aes_gcm_init(struct crypto_tfm *tfm)
560 {
561 	return nx_crypto_ctx_init(crypto_tfm_ctx(tfm), NX_FC_AES,
562 				  NX_MODE_AES_GCM);
563 }
564 
565 int nx_crypto_ctx_aes_ctr_init(struct crypto_tfm *tfm)
566 {
567 	return nx_crypto_ctx_init(crypto_tfm_ctx(tfm), NX_FC_AES,
568 				  NX_MODE_AES_CTR);
569 }
570 
571 int nx_crypto_ctx_aes_cbc_init(struct crypto_tfm *tfm)
572 {
573 	return nx_crypto_ctx_init(crypto_tfm_ctx(tfm), NX_FC_AES,
574 				  NX_MODE_AES_CBC);
575 }
576 
577 int nx_crypto_ctx_aes_ecb_init(struct crypto_tfm *tfm)
578 {
579 	return nx_crypto_ctx_init(crypto_tfm_ctx(tfm), NX_FC_AES,
580 				  NX_MODE_AES_ECB);
581 }
582 
583 int nx_crypto_ctx_sha_init(struct crypto_tfm *tfm)
584 {
585 	return nx_crypto_ctx_init(crypto_tfm_ctx(tfm), NX_FC_SHA, NX_MODE_SHA);
586 }
587 
588 int nx_crypto_ctx_aes_xcbc_init(struct crypto_tfm *tfm)
589 {
590 	return nx_crypto_ctx_init(crypto_tfm_ctx(tfm), NX_FC_AES,
591 				  NX_MODE_AES_XCBC_MAC);
592 }
593 
594 /**
595  * nx_crypto_ctx_exit - destroy a crypto api context
596  *
597  * @tfm: the crypto transform pointer for the context
598  *
599  * As crypto API contexts are destroyed, this exit hook is called to free the
600  * memory associated with it.
601  */
602 void nx_crypto_ctx_exit(struct crypto_tfm *tfm)
603 {
604 	struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(tfm);
605 
606 	kzfree(nx_ctx->kmem);
607 	nx_ctx->csbcpb = NULL;
608 	nx_ctx->csbcpb_aead = NULL;
609 	nx_ctx->in_sg = NULL;
610 	nx_ctx->out_sg = NULL;
611 }
612 
613 static int nx_probe(struct vio_dev *viodev, const struct vio_device_id *id)
614 {
615 	dev_dbg(&viodev->dev, "driver probed: %s resource id: 0x%x\n",
616 		viodev->name, viodev->resource_id);
617 
618 	if (nx_driver.viodev) {
619 		dev_err(&viodev->dev, "%s: Attempt to register more than one "
620 			"instance of the hardware\n", __func__);
621 		return -EINVAL;
622 	}
623 
624 	nx_driver.viodev = viodev;
625 
626 	nx_of_init(&viodev->dev, &nx_driver.of);
627 
628 	return nx_register_algs();
629 }
630 
631 static int nx_remove(struct vio_dev *viodev)
632 {
633 	dev_dbg(&viodev->dev, "entering nx_remove for UA 0x%x\n",
634 		viodev->unit_address);
635 
636 	if (nx_driver.of.status == NX_OKAY) {
637 		NX_DEBUGFS_FINI(&nx_driver);
638 
639 		crypto_unregister_alg(&nx_ccm_aes_alg);
640 		crypto_unregister_alg(&nx_ccm4309_aes_alg);
641 		crypto_unregister_alg(&nx_gcm_aes_alg);
642 		crypto_unregister_alg(&nx_gcm4106_aes_alg);
643 		crypto_unregister_alg(&nx_ctr_aes_alg);
644 		crypto_unregister_alg(&nx_ctr3686_aes_alg);
645 		crypto_unregister_alg(&nx_cbc_aes_alg);
646 		crypto_unregister_alg(&nx_ecb_aes_alg);
647 		crypto_unregister_shash(&nx_shash_sha256_alg);
648 		crypto_unregister_shash(&nx_shash_sha512_alg);
649 		crypto_unregister_shash(&nx_shash_aes_xcbc_alg);
650 	}
651 
652 	return 0;
653 }
654 
655 
656 /* module wide initialization/cleanup */
657 static int __init nx_init(void)
658 {
659 	return vio_register_driver(&nx_driver.viodriver);
660 }
661 
662 static void __exit nx_fini(void)
663 {
664 	vio_unregister_driver(&nx_driver.viodriver);
665 }
666 
667 static struct vio_device_id nx_crypto_driver_ids[] = {
668 	{ "ibm,sym-encryption-v1", "ibm,sym-encryption" },
669 	{ "", "" }
670 };
671 MODULE_DEVICE_TABLE(vio, nx_crypto_driver_ids);
672 
673 /* driver state structure */
674 struct nx_crypto_driver nx_driver = {
675 	.viodriver = {
676 		.id_table = nx_crypto_driver_ids,
677 		.probe = nx_probe,
678 		.remove = nx_remove,
679 		.name  = NX_NAME,
680 	},
681 };
682 
683 module_init(nx_init);
684 module_exit(nx_fini);
685 
686 MODULE_AUTHOR("Kent Yoder <yoder1@us.ibm.com>");
687 MODULE_DESCRIPTION(NX_STRING);
688 MODULE_LICENSE("GPL");
689 MODULE_VERSION(NX_VERSION);
690