1 /* 2 * talitos - Freescale Integrated Security Engine (SEC) device driver 3 * 4 * Copyright (c) 2008-2011 Freescale Semiconductor, Inc. 5 * 6 * Scatterlist Crypto API glue code copied from files with the following: 7 * Copyright (c) 2006-2007 Herbert Xu <herbert@gondor.apana.org.au> 8 * 9 * Crypto algorithm registration code copied from hifn driver: 10 * 2007+ Copyright (c) Evgeniy Polyakov <johnpol@2ka.mipt.ru> 11 * All rights reserved. 12 * 13 * This program is free software; you can redistribute it and/or modify 14 * it under the terms of the GNU General Public License as published by 15 * the Free Software Foundation; either version 2 of the License, or 16 * (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 * GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with this program; if not, write to the Free Software 25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 26 */ 27 28 #include <linux/kernel.h> 29 #include <linux/module.h> 30 #include <linux/mod_devicetable.h> 31 #include <linux/device.h> 32 #include <linux/interrupt.h> 33 #include <linux/crypto.h> 34 #include <linux/hw_random.h> 35 #include <linux/of_platform.h> 36 #include <linux/dma-mapping.h> 37 #include <linux/io.h> 38 #include <linux/spinlock.h> 39 #include <linux/rtnetlink.h> 40 #include <linux/slab.h> 41 42 #include <crypto/algapi.h> 43 #include <crypto/aes.h> 44 #include <crypto/des.h> 45 #include <crypto/sha.h> 46 #include <crypto/md5.h> 47 #include <crypto/aead.h> 48 #include <crypto/authenc.h> 49 #include <crypto/skcipher.h> 50 #include <crypto/hash.h> 51 #include <crypto/internal/hash.h> 52 #include <crypto/scatterwalk.h> 53 54 #include "talitos.h" 55 56 #define TALITOS_TIMEOUT 100000 57 #define TALITOS_MAX_DATA_LEN 65535 58 59 #define DESC_TYPE(desc_hdr) ((be32_to_cpu(desc_hdr) >> 3) & 0x1f) 60 #define PRIMARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 28) & 0xf) 61 #define SECONDARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 16) & 0xf) 62 63 /* descriptor pointer entry */ 64 struct talitos_ptr { 65 __be16 len; /* length */ 66 u8 j_extent; /* jump to sg link table and/or extent */ 67 u8 eptr; /* extended address */ 68 __be32 ptr; /* address */ 69 }; 70 71 static const struct talitos_ptr zero_entry = { 72 .len = 0, 73 .j_extent = 0, 74 .eptr = 0, 75 .ptr = 0 76 }; 77 78 /* descriptor */ 79 struct talitos_desc { 80 __be32 hdr; /* header high bits */ 81 __be32 hdr_lo; /* header low bits */ 82 struct talitos_ptr ptr[7]; /* ptr/len pair array */ 83 }; 84 85 /** 86 * talitos_request - descriptor submission request 87 * @desc: descriptor pointer (kernel virtual) 88 * @dma_desc: descriptor's physical bus address 89 * @callback: whom to call when descriptor processing is done 90 * @context: caller context (optional) 91 */ 92 struct talitos_request { 93 struct talitos_desc *desc; 94 dma_addr_t dma_desc; 95 void (*callback) (struct device *dev, struct talitos_desc *desc, 96 void *context, int error); 97 void *context; 98 }; 99 100 /* per-channel fifo management */ 101 struct talitos_channel { 102 /* request fifo */ 103 struct talitos_request *fifo; 104 105 /* number of requests pending in channel h/w fifo */ 106 atomic_t submit_count ____cacheline_aligned; 107 108 /* request submission (head) lock */ 109 spinlock_t head_lock ____cacheline_aligned; 110 /* index to next free descriptor request */ 111 int head; 112 113 /* request release (tail) lock */ 114 spinlock_t tail_lock ____cacheline_aligned; 115 /* index to next in-progress/done descriptor request */ 116 int tail; 117 }; 118 119 struct talitos_private { 120 struct device *dev; 121 struct platform_device *ofdev; 122 void __iomem *reg; 123 int irq; 124 125 /* SEC version geometry (from device tree node) */ 126 unsigned int num_channels; 127 unsigned int chfifo_len; 128 unsigned int exec_units; 129 unsigned int desc_types; 130 131 /* SEC Compatibility info */ 132 unsigned long features; 133 134 /* 135 * length of the request fifo 136 * fifo_len is chfifo_len rounded up to next power of 2 137 * so we can use bitwise ops to wrap 138 */ 139 unsigned int fifo_len; 140 141 struct talitos_channel *chan; 142 143 /* next channel to be assigned next incoming descriptor */ 144 atomic_t last_chan ____cacheline_aligned; 145 146 /* request callback tasklet */ 147 struct tasklet_struct done_task; 148 149 /* list of registered algorithms */ 150 struct list_head alg_list; 151 152 /* hwrng device */ 153 struct hwrng rng; 154 }; 155 156 /* .features flag */ 157 #define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x00000001 158 #define TALITOS_FTR_HW_AUTH_CHECK 0x00000002 159 #define TALITOS_FTR_SHA224_HWINIT 0x00000004 160 161 static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t dma_addr) 162 { 163 talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr)); 164 talitos_ptr->eptr = upper_32_bits(dma_addr); 165 } 166 167 /* 168 * map virtual single (contiguous) pointer to h/w descriptor pointer 169 */ 170 static void map_single_talitos_ptr(struct device *dev, 171 struct talitos_ptr *talitos_ptr, 172 unsigned short len, void *data, 173 unsigned char extent, 174 enum dma_data_direction dir) 175 { 176 dma_addr_t dma_addr = dma_map_single(dev, data, len, dir); 177 178 talitos_ptr->len = cpu_to_be16(len); 179 to_talitos_ptr(talitos_ptr, dma_addr); 180 talitos_ptr->j_extent = extent; 181 } 182 183 /* 184 * unmap bus single (contiguous) h/w descriptor pointer 185 */ 186 static void unmap_single_talitos_ptr(struct device *dev, 187 struct talitos_ptr *talitos_ptr, 188 enum dma_data_direction dir) 189 { 190 dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr), 191 be16_to_cpu(talitos_ptr->len), dir); 192 } 193 194 static int reset_channel(struct device *dev, int ch) 195 { 196 struct talitos_private *priv = dev_get_drvdata(dev); 197 unsigned int timeout = TALITOS_TIMEOUT; 198 199 setbits32(priv->reg + TALITOS_CCCR(ch), TALITOS_CCCR_RESET); 200 201 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & TALITOS_CCCR_RESET) 202 && --timeout) 203 cpu_relax(); 204 205 if (timeout == 0) { 206 dev_err(dev, "failed to reset channel %d\n", ch); 207 return -EIO; 208 } 209 210 /* set 36-bit addressing, done writeback enable and done IRQ enable */ 211 setbits32(priv->reg + TALITOS_CCCR_LO(ch), TALITOS_CCCR_LO_EAE | 212 TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE); 213 214 /* and ICCR writeback, if available */ 215 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK) 216 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 217 TALITOS_CCCR_LO_IWSE); 218 219 return 0; 220 } 221 222 static int reset_device(struct device *dev) 223 { 224 struct talitos_private *priv = dev_get_drvdata(dev); 225 unsigned int timeout = TALITOS_TIMEOUT; 226 227 setbits32(priv->reg + TALITOS_MCR, TALITOS_MCR_SWR); 228 229 while ((in_be32(priv->reg + TALITOS_MCR) & TALITOS_MCR_SWR) 230 && --timeout) 231 cpu_relax(); 232 233 if (timeout == 0) { 234 dev_err(dev, "failed to reset device\n"); 235 return -EIO; 236 } 237 238 return 0; 239 } 240 241 /* 242 * Reset and initialize the device 243 */ 244 static int init_device(struct device *dev) 245 { 246 struct talitos_private *priv = dev_get_drvdata(dev); 247 int ch, err; 248 249 /* 250 * Master reset 251 * errata documentation: warning: certain SEC interrupts 252 * are not fully cleared by writing the MCR:SWR bit, 253 * set bit twice to completely reset 254 */ 255 err = reset_device(dev); 256 if (err) 257 return err; 258 259 err = reset_device(dev); 260 if (err) 261 return err; 262 263 /* reset channels */ 264 for (ch = 0; ch < priv->num_channels; ch++) { 265 err = reset_channel(dev, ch); 266 if (err) 267 return err; 268 } 269 270 /* enable channel done and error interrupts */ 271 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT); 272 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); 273 274 /* disable integrity check error interrupts (use writeback instead) */ 275 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK) 276 setbits32(priv->reg + TALITOS_MDEUICR_LO, 277 TALITOS_MDEUICR_LO_ICE); 278 279 return 0; 280 } 281 282 /** 283 * talitos_submit - submits a descriptor to the device for processing 284 * @dev: the SEC device to be used 285 * @ch: the SEC device channel to be used 286 * @desc: the descriptor to be processed by the device 287 * @callback: whom to call when processing is complete 288 * @context: a handle for use by caller (optional) 289 * 290 * desc must contain valid dma-mapped (bus physical) address pointers. 291 * callback must check err and feedback in descriptor header 292 * for device processing status. 293 */ 294 static int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc, 295 void (*callback)(struct device *dev, 296 struct talitos_desc *desc, 297 void *context, int error), 298 void *context) 299 { 300 struct talitos_private *priv = dev_get_drvdata(dev); 301 struct talitos_request *request; 302 unsigned long flags; 303 int head; 304 305 spin_lock_irqsave(&priv->chan[ch].head_lock, flags); 306 307 if (!atomic_inc_not_zero(&priv->chan[ch].submit_count)) { 308 /* h/w fifo is full */ 309 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags); 310 return -EAGAIN; 311 } 312 313 head = priv->chan[ch].head; 314 request = &priv->chan[ch].fifo[head]; 315 316 /* map descriptor and save caller data */ 317 request->dma_desc = dma_map_single(dev, desc, sizeof(*desc), 318 DMA_BIDIRECTIONAL); 319 request->callback = callback; 320 request->context = context; 321 322 /* increment fifo head */ 323 priv->chan[ch].head = (priv->chan[ch].head + 1) & (priv->fifo_len - 1); 324 325 smp_wmb(); 326 request->desc = desc; 327 328 /* GO! */ 329 wmb(); 330 out_be32(priv->reg + TALITOS_FF(ch), upper_32_bits(request->dma_desc)); 331 out_be32(priv->reg + TALITOS_FF_LO(ch), 332 lower_32_bits(request->dma_desc)); 333 334 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags); 335 336 return -EINPROGRESS; 337 } 338 339 /* 340 * process what was done, notify callback of error if not 341 */ 342 static void flush_channel(struct device *dev, int ch, int error, int reset_ch) 343 { 344 struct talitos_private *priv = dev_get_drvdata(dev); 345 struct talitos_request *request, saved_req; 346 unsigned long flags; 347 int tail, status; 348 349 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags); 350 351 tail = priv->chan[ch].tail; 352 while (priv->chan[ch].fifo[tail].desc) { 353 request = &priv->chan[ch].fifo[tail]; 354 355 /* descriptors with their done bits set don't get the error */ 356 rmb(); 357 if ((request->desc->hdr & DESC_HDR_DONE) == DESC_HDR_DONE) 358 status = 0; 359 else 360 if (!error) 361 break; 362 else 363 status = error; 364 365 dma_unmap_single(dev, request->dma_desc, 366 sizeof(struct talitos_desc), 367 DMA_BIDIRECTIONAL); 368 369 /* copy entries so we can call callback outside lock */ 370 saved_req.desc = request->desc; 371 saved_req.callback = request->callback; 372 saved_req.context = request->context; 373 374 /* release request entry in fifo */ 375 smp_wmb(); 376 request->desc = NULL; 377 378 /* increment fifo tail */ 379 priv->chan[ch].tail = (tail + 1) & (priv->fifo_len - 1); 380 381 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags); 382 383 atomic_dec(&priv->chan[ch].submit_count); 384 385 saved_req.callback(dev, saved_req.desc, saved_req.context, 386 status); 387 /* channel may resume processing in single desc error case */ 388 if (error && !reset_ch && status == error) 389 return; 390 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags); 391 tail = priv->chan[ch].tail; 392 } 393 394 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags); 395 } 396 397 /* 398 * process completed requests for channels that have done status 399 */ 400 static void talitos_done(unsigned long data) 401 { 402 struct device *dev = (struct device *)data; 403 struct talitos_private *priv = dev_get_drvdata(dev); 404 int ch; 405 406 for (ch = 0; ch < priv->num_channels; ch++) 407 flush_channel(dev, ch, 0, 0); 408 409 /* At this point, all completed channels have been processed. 410 * Unmask done interrupts for channels completed later on. 411 */ 412 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT); 413 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); 414 } 415 416 /* 417 * locate current (offending) descriptor 418 */ 419 static u32 current_desc_hdr(struct device *dev, int ch) 420 { 421 struct talitos_private *priv = dev_get_drvdata(dev); 422 int tail = priv->chan[ch].tail; 423 dma_addr_t cur_desc; 424 425 cur_desc = in_be32(priv->reg + TALITOS_CDPR_LO(ch)); 426 427 while (priv->chan[ch].fifo[tail].dma_desc != cur_desc) { 428 tail = (tail + 1) & (priv->fifo_len - 1); 429 if (tail == priv->chan[ch].tail) { 430 dev_err(dev, "couldn't locate current descriptor\n"); 431 return 0; 432 } 433 } 434 435 return priv->chan[ch].fifo[tail].desc->hdr; 436 } 437 438 /* 439 * user diagnostics; report root cause of error based on execution unit status 440 */ 441 static void report_eu_error(struct device *dev, int ch, u32 desc_hdr) 442 { 443 struct talitos_private *priv = dev_get_drvdata(dev); 444 int i; 445 446 if (!desc_hdr) 447 desc_hdr = in_be32(priv->reg + TALITOS_DESCBUF(ch)); 448 449 switch (desc_hdr & DESC_HDR_SEL0_MASK) { 450 case DESC_HDR_SEL0_AFEU: 451 dev_err(dev, "AFEUISR 0x%08x_%08x\n", 452 in_be32(priv->reg + TALITOS_AFEUISR), 453 in_be32(priv->reg + TALITOS_AFEUISR_LO)); 454 break; 455 case DESC_HDR_SEL0_DEU: 456 dev_err(dev, "DEUISR 0x%08x_%08x\n", 457 in_be32(priv->reg + TALITOS_DEUISR), 458 in_be32(priv->reg + TALITOS_DEUISR_LO)); 459 break; 460 case DESC_HDR_SEL0_MDEUA: 461 case DESC_HDR_SEL0_MDEUB: 462 dev_err(dev, "MDEUISR 0x%08x_%08x\n", 463 in_be32(priv->reg + TALITOS_MDEUISR), 464 in_be32(priv->reg + TALITOS_MDEUISR_LO)); 465 break; 466 case DESC_HDR_SEL0_RNG: 467 dev_err(dev, "RNGUISR 0x%08x_%08x\n", 468 in_be32(priv->reg + TALITOS_RNGUISR), 469 in_be32(priv->reg + TALITOS_RNGUISR_LO)); 470 break; 471 case DESC_HDR_SEL0_PKEU: 472 dev_err(dev, "PKEUISR 0x%08x_%08x\n", 473 in_be32(priv->reg + TALITOS_PKEUISR), 474 in_be32(priv->reg + TALITOS_PKEUISR_LO)); 475 break; 476 case DESC_HDR_SEL0_AESU: 477 dev_err(dev, "AESUISR 0x%08x_%08x\n", 478 in_be32(priv->reg + TALITOS_AESUISR), 479 in_be32(priv->reg + TALITOS_AESUISR_LO)); 480 break; 481 case DESC_HDR_SEL0_CRCU: 482 dev_err(dev, "CRCUISR 0x%08x_%08x\n", 483 in_be32(priv->reg + TALITOS_CRCUISR), 484 in_be32(priv->reg + TALITOS_CRCUISR_LO)); 485 break; 486 case DESC_HDR_SEL0_KEU: 487 dev_err(dev, "KEUISR 0x%08x_%08x\n", 488 in_be32(priv->reg + TALITOS_KEUISR), 489 in_be32(priv->reg + TALITOS_KEUISR_LO)); 490 break; 491 } 492 493 switch (desc_hdr & DESC_HDR_SEL1_MASK) { 494 case DESC_HDR_SEL1_MDEUA: 495 case DESC_HDR_SEL1_MDEUB: 496 dev_err(dev, "MDEUISR 0x%08x_%08x\n", 497 in_be32(priv->reg + TALITOS_MDEUISR), 498 in_be32(priv->reg + TALITOS_MDEUISR_LO)); 499 break; 500 case DESC_HDR_SEL1_CRCU: 501 dev_err(dev, "CRCUISR 0x%08x_%08x\n", 502 in_be32(priv->reg + TALITOS_CRCUISR), 503 in_be32(priv->reg + TALITOS_CRCUISR_LO)); 504 break; 505 } 506 507 for (i = 0; i < 8; i++) 508 dev_err(dev, "DESCBUF 0x%08x_%08x\n", 509 in_be32(priv->reg + TALITOS_DESCBUF(ch) + 8*i), 510 in_be32(priv->reg + TALITOS_DESCBUF_LO(ch) + 8*i)); 511 } 512 513 /* 514 * recover from error interrupts 515 */ 516 static void talitos_error(unsigned long data, u32 isr, u32 isr_lo) 517 { 518 struct device *dev = (struct device *)data; 519 struct talitos_private *priv = dev_get_drvdata(dev); 520 unsigned int timeout = TALITOS_TIMEOUT; 521 int ch, error, reset_dev = 0, reset_ch = 0; 522 u32 v, v_lo; 523 524 for (ch = 0; ch < priv->num_channels; ch++) { 525 /* skip channels without errors */ 526 if (!(isr & (1 << (ch * 2 + 1)))) 527 continue; 528 529 error = -EINVAL; 530 531 v = in_be32(priv->reg + TALITOS_CCPSR(ch)); 532 v_lo = in_be32(priv->reg + TALITOS_CCPSR_LO(ch)); 533 534 if (v_lo & TALITOS_CCPSR_LO_DOF) { 535 dev_err(dev, "double fetch fifo overflow error\n"); 536 error = -EAGAIN; 537 reset_ch = 1; 538 } 539 if (v_lo & TALITOS_CCPSR_LO_SOF) { 540 /* h/w dropped descriptor */ 541 dev_err(dev, "single fetch fifo overflow error\n"); 542 error = -EAGAIN; 543 } 544 if (v_lo & TALITOS_CCPSR_LO_MDTE) 545 dev_err(dev, "master data transfer error\n"); 546 if (v_lo & TALITOS_CCPSR_LO_SGDLZ) 547 dev_err(dev, "s/g data length zero error\n"); 548 if (v_lo & TALITOS_CCPSR_LO_FPZ) 549 dev_err(dev, "fetch pointer zero error\n"); 550 if (v_lo & TALITOS_CCPSR_LO_IDH) 551 dev_err(dev, "illegal descriptor header error\n"); 552 if (v_lo & TALITOS_CCPSR_LO_IEU) 553 dev_err(dev, "invalid execution unit error\n"); 554 if (v_lo & TALITOS_CCPSR_LO_EU) 555 report_eu_error(dev, ch, current_desc_hdr(dev, ch)); 556 if (v_lo & TALITOS_CCPSR_LO_GB) 557 dev_err(dev, "gather boundary error\n"); 558 if (v_lo & TALITOS_CCPSR_LO_GRL) 559 dev_err(dev, "gather return/length error\n"); 560 if (v_lo & TALITOS_CCPSR_LO_SB) 561 dev_err(dev, "scatter boundary error\n"); 562 if (v_lo & TALITOS_CCPSR_LO_SRL) 563 dev_err(dev, "scatter return/length error\n"); 564 565 flush_channel(dev, ch, error, reset_ch); 566 567 if (reset_ch) { 568 reset_channel(dev, ch); 569 } else { 570 setbits32(priv->reg + TALITOS_CCCR(ch), 571 TALITOS_CCCR_CONT); 572 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 0); 573 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & 574 TALITOS_CCCR_CONT) && --timeout) 575 cpu_relax(); 576 if (timeout == 0) { 577 dev_err(dev, "failed to restart channel %d\n", 578 ch); 579 reset_dev = 1; 580 } 581 } 582 } 583 if (reset_dev || isr & ~TALITOS_ISR_CHERR || isr_lo) { 584 dev_err(dev, "done overflow, internal time out, or rngu error: " 585 "ISR 0x%08x_%08x\n", isr, isr_lo); 586 587 /* purge request queues */ 588 for (ch = 0; ch < priv->num_channels; ch++) 589 flush_channel(dev, ch, -EIO, 1); 590 591 /* reset and reinitialize the device */ 592 init_device(dev); 593 } 594 } 595 596 static irqreturn_t talitos_interrupt(int irq, void *data) 597 { 598 struct device *dev = data; 599 struct talitos_private *priv = dev_get_drvdata(dev); 600 u32 isr, isr_lo; 601 602 isr = in_be32(priv->reg + TALITOS_ISR); 603 isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); 604 /* Acknowledge interrupt */ 605 out_be32(priv->reg + TALITOS_ICR, isr); 606 out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); 607 608 if (unlikely((isr & ~TALITOS_ISR_CHDONE) || isr_lo)) 609 talitos_error((unsigned long)data, isr, isr_lo); 610 else 611 if (likely(isr & TALITOS_ISR_CHDONE)) { 612 /* mask further done interrupts. */ 613 clrbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_DONE); 614 /* done_task will unmask done interrupts at exit */ 615 tasklet_schedule(&priv->done_task); 616 } 617 618 return (isr || isr_lo) ? IRQ_HANDLED : IRQ_NONE; 619 } 620 621 /* 622 * hwrng 623 */ 624 static int talitos_rng_data_present(struct hwrng *rng, int wait) 625 { 626 struct device *dev = (struct device *)rng->priv; 627 struct talitos_private *priv = dev_get_drvdata(dev); 628 u32 ofl; 629 int i; 630 631 for (i = 0; i < 20; i++) { 632 ofl = in_be32(priv->reg + TALITOS_RNGUSR_LO) & 633 TALITOS_RNGUSR_LO_OFL; 634 if (ofl || !wait) 635 break; 636 udelay(10); 637 } 638 639 return !!ofl; 640 } 641 642 static int talitos_rng_data_read(struct hwrng *rng, u32 *data) 643 { 644 struct device *dev = (struct device *)rng->priv; 645 struct talitos_private *priv = dev_get_drvdata(dev); 646 647 /* rng fifo requires 64-bit accesses */ 648 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO); 649 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO_LO); 650 651 return sizeof(u32); 652 } 653 654 static int talitos_rng_init(struct hwrng *rng) 655 { 656 struct device *dev = (struct device *)rng->priv; 657 struct talitos_private *priv = dev_get_drvdata(dev); 658 unsigned int timeout = TALITOS_TIMEOUT; 659 660 setbits32(priv->reg + TALITOS_RNGURCR_LO, TALITOS_RNGURCR_LO_SR); 661 while (!(in_be32(priv->reg + TALITOS_RNGUSR_LO) & TALITOS_RNGUSR_LO_RD) 662 && --timeout) 663 cpu_relax(); 664 if (timeout == 0) { 665 dev_err(dev, "failed to reset rng hw\n"); 666 return -ENODEV; 667 } 668 669 /* start generating */ 670 setbits32(priv->reg + TALITOS_RNGUDSR_LO, 0); 671 672 return 0; 673 } 674 675 static int talitos_register_rng(struct device *dev) 676 { 677 struct talitos_private *priv = dev_get_drvdata(dev); 678 679 priv->rng.name = dev_driver_string(dev), 680 priv->rng.init = talitos_rng_init, 681 priv->rng.data_present = talitos_rng_data_present, 682 priv->rng.data_read = talitos_rng_data_read, 683 priv->rng.priv = (unsigned long)dev; 684 685 return hwrng_register(&priv->rng); 686 } 687 688 static void talitos_unregister_rng(struct device *dev) 689 { 690 struct talitos_private *priv = dev_get_drvdata(dev); 691 692 hwrng_unregister(&priv->rng); 693 } 694 695 /* 696 * crypto alg 697 */ 698 #define TALITOS_CRA_PRIORITY 3000 699 #define TALITOS_MAX_KEY_SIZE 64 700 #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */ 701 702 #define MD5_BLOCK_SIZE 64 703 704 struct talitos_ctx { 705 struct device *dev; 706 int ch; 707 __be32 desc_hdr_template; 708 u8 key[TALITOS_MAX_KEY_SIZE]; 709 u8 iv[TALITOS_MAX_IV_LENGTH]; 710 unsigned int keylen; 711 unsigned int enckeylen; 712 unsigned int authkeylen; 713 unsigned int authsize; 714 }; 715 716 #define HASH_MAX_BLOCK_SIZE SHA512_BLOCK_SIZE 717 #define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512 718 719 struct talitos_ahash_req_ctx { 720 u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)]; 721 unsigned int hw_context_size; 722 u8 buf[HASH_MAX_BLOCK_SIZE]; 723 u8 bufnext[HASH_MAX_BLOCK_SIZE]; 724 unsigned int swinit; 725 unsigned int first; 726 unsigned int last; 727 unsigned int to_hash_later; 728 u64 nbuf; 729 struct scatterlist bufsl[2]; 730 struct scatterlist *psrc; 731 }; 732 733 static int aead_setauthsize(struct crypto_aead *authenc, 734 unsigned int authsize) 735 { 736 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 737 738 ctx->authsize = authsize; 739 740 return 0; 741 } 742 743 static int aead_setkey(struct crypto_aead *authenc, 744 const u8 *key, unsigned int keylen) 745 { 746 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 747 struct rtattr *rta = (void *)key; 748 struct crypto_authenc_key_param *param; 749 unsigned int authkeylen; 750 unsigned int enckeylen; 751 752 if (!RTA_OK(rta, keylen)) 753 goto badkey; 754 755 if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM) 756 goto badkey; 757 758 if (RTA_PAYLOAD(rta) < sizeof(*param)) 759 goto badkey; 760 761 param = RTA_DATA(rta); 762 enckeylen = be32_to_cpu(param->enckeylen); 763 764 key += RTA_ALIGN(rta->rta_len); 765 keylen -= RTA_ALIGN(rta->rta_len); 766 767 if (keylen < enckeylen) 768 goto badkey; 769 770 authkeylen = keylen - enckeylen; 771 772 if (keylen > TALITOS_MAX_KEY_SIZE) 773 goto badkey; 774 775 memcpy(&ctx->key, key, keylen); 776 777 ctx->keylen = keylen; 778 ctx->enckeylen = enckeylen; 779 ctx->authkeylen = authkeylen; 780 781 return 0; 782 783 badkey: 784 crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN); 785 return -EINVAL; 786 } 787 788 /* 789 * talitos_edesc - s/w-extended descriptor 790 * @src_nents: number of segments in input scatterlist 791 * @dst_nents: number of segments in output scatterlist 792 * @dma_len: length of dma mapped link_tbl space 793 * @dma_link_tbl: bus physical address of link_tbl 794 * @desc: h/w descriptor 795 * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1) 796 * 797 * if decrypting (with authcheck), or either one of src_nents or dst_nents 798 * is greater than 1, an integrity check value is concatenated to the end 799 * of link_tbl data 800 */ 801 struct talitos_edesc { 802 int src_nents; 803 int dst_nents; 804 int src_is_chained; 805 int dst_is_chained; 806 int dma_len; 807 dma_addr_t dma_link_tbl; 808 struct talitos_desc desc; 809 struct talitos_ptr link_tbl[0]; 810 }; 811 812 static int talitos_map_sg(struct device *dev, struct scatterlist *sg, 813 unsigned int nents, enum dma_data_direction dir, 814 int chained) 815 { 816 if (unlikely(chained)) 817 while (sg) { 818 dma_map_sg(dev, sg, 1, dir); 819 sg = scatterwalk_sg_next(sg); 820 } 821 else 822 dma_map_sg(dev, sg, nents, dir); 823 return nents; 824 } 825 826 static void talitos_unmap_sg_chain(struct device *dev, struct scatterlist *sg, 827 enum dma_data_direction dir) 828 { 829 while (sg) { 830 dma_unmap_sg(dev, sg, 1, dir); 831 sg = scatterwalk_sg_next(sg); 832 } 833 } 834 835 static void talitos_sg_unmap(struct device *dev, 836 struct talitos_edesc *edesc, 837 struct scatterlist *src, 838 struct scatterlist *dst) 839 { 840 unsigned int src_nents = edesc->src_nents ? : 1; 841 unsigned int dst_nents = edesc->dst_nents ? : 1; 842 843 if (src != dst) { 844 if (edesc->src_is_chained) 845 talitos_unmap_sg_chain(dev, src, DMA_TO_DEVICE); 846 else 847 dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE); 848 849 if (dst) { 850 if (edesc->dst_is_chained) 851 talitos_unmap_sg_chain(dev, dst, 852 DMA_FROM_DEVICE); 853 else 854 dma_unmap_sg(dev, dst, dst_nents, 855 DMA_FROM_DEVICE); 856 } 857 } else 858 if (edesc->src_is_chained) 859 talitos_unmap_sg_chain(dev, src, DMA_BIDIRECTIONAL); 860 else 861 dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL); 862 } 863 864 static void ipsec_esp_unmap(struct device *dev, 865 struct talitos_edesc *edesc, 866 struct aead_request *areq) 867 { 868 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6], DMA_FROM_DEVICE); 869 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[3], DMA_TO_DEVICE); 870 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE); 871 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[0], DMA_TO_DEVICE); 872 873 dma_unmap_sg(dev, areq->assoc, 1, DMA_TO_DEVICE); 874 875 talitos_sg_unmap(dev, edesc, areq->src, areq->dst); 876 877 if (edesc->dma_len) 878 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 879 DMA_BIDIRECTIONAL); 880 } 881 882 /* 883 * ipsec_esp descriptor callbacks 884 */ 885 static void ipsec_esp_encrypt_done(struct device *dev, 886 struct talitos_desc *desc, void *context, 887 int err) 888 { 889 struct aead_request *areq = context; 890 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 891 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 892 struct talitos_edesc *edesc; 893 struct scatterlist *sg; 894 void *icvdata; 895 896 edesc = container_of(desc, struct talitos_edesc, desc); 897 898 ipsec_esp_unmap(dev, edesc, areq); 899 900 /* copy the generated ICV to dst */ 901 if (edesc->dma_len) { 902 icvdata = &edesc->link_tbl[edesc->src_nents + 903 edesc->dst_nents + 2]; 904 sg = sg_last(areq->dst, edesc->dst_nents); 905 memcpy((char *)sg_virt(sg) + sg->length - ctx->authsize, 906 icvdata, ctx->authsize); 907 } 908 909 kfree(edesc); 910 911 aead_request_complete(areq, err); 912 } 913 914 static void ipsec_esp_decrypt_swauth_done(struct device *dev, 915 struct talitos_desc *desc, 916 void *context, int err) 917 { 918 struct aead_request *req = context; 919 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 920 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 921 struct talitos_edesc *edesc; 922 struct scatterlist *sg; 923 void *icvdata; 924 925 edesc = container_of(desc, struct talitos_edesc, desc); 926 927 ipsec_esp_unmap(dev, edesc, req); 928 929 if (!err) { 930 /* auth check */ 931 if (edesc->dma_len) 932 icvdata = &edesc->link_tbl[edesc->src_nents + 933 edesc->dst_nents + 2]; 934 else 935 icvdata = &edesc->link_tbl[0]; 936 937 sg = sg_last(req->dst, edesc->dst_nents ? : 1); 938 err = memcmp(icvdata, (char *)sg_virt(sg) + sg->length - 939 ctx->authsize, ctx->authsize) ? -EBADMSG : 0; 940 } 941 942 kfree(edesc); 943 944 aead_request_complete(req, err); 945 } 946 947 static void ipsec_esp_decrypt_hwauth_done(struct device *dev, 948 struct talitos_desc *desc, 949 void *context, int err) 950 { 951 struct aead_request *req = context; 952 struct talitos_edesc *edesc; 953 954 edesc = container_of(desc, struct talitos_edesc, desc); 955 956 ipsec_esp_unmap(dev, edesc, req); 957 958 /* check ICV auth status */ 959 if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) != 960 DESC_HDR_LO_ICCR1_PASS)) 961 err = -EBADMSG; 962 963 kfree(edesc); 964 965 aead_request_complete(req, err); 966 } 967 968 /* 969 * convert scatterlist to SEC h/w link table format 970 * stop at cryptlen bytes 971 */ 972 static int sg_to_link_tbl(struct scatterlist *sg, int sg_count, 973 int cryptlen, struct talitos_ptr *link_tbl_ptr) 974 { 975 int n_sg = sg_count; 976 977 while (n_sg--) { 978 to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg)); 979 link_tbl_ptr->len = cpu_to_be16(sg_dma_len(sg)); 980 link_tbl_ptr->j_extent = 0; 981 link_tbl_ptr++; 982 cryptlen -= sg_dma_len(sg); 983 sg = scatterwalk_sg_next(sg); 984 } 985 986 /* adjust (decrease) last one (or two) entry's len to cryptlen */ 987 link_tbl_ptr--; 988 while (be16_to_cpu(link_tbl_ptr->len) <= (-cryptlen)) { 989 /* Empty this entry, and move to previous one */ 990 cryptlen += be16_to_cpu(link_tbl_ptr->len); 991 link_tbl_ptr->len = 0; 992 sg_count--; 993 link_tbl_ptr--; 994 } 995 link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len) 996 + cryptlen); 997 998 /* tag end of link table */ 999 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; 1000 1001 return sg_count; 1002 } 1003 1004 /* 1005 * fill in and submit ipsec_esp descriptor 1006 */ 1007 static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq, 1008 u8 *giv, u64 seq, 1009 void (*callback) (struct device *dev, 1010 struct talitos_desc *desc, 1011 void *context, int error)) 1012 { 1013 struct crypto_aead *aead = crypto_aead_reqtfm(areq); 1014 struct talitos_ctx *ctx = crypto_aead_ctx(aead); 1015 struct device *dev = ctx->dev; 1016 struct talitos_desc *desc = &edesc->desc; 1017 unsigned int cryptlen = areq->cryptlen; 1018 unsigned int authsize = ctx->authsize; 1019 unsigned int ivsize = crypto_aead_ivsize(aead); 1020 int sg_count, ret; 1021 int sg_link_tbl_len; 1022 1023 /* hmac key */ 1024 map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key, 1025 0, DMA_TO_DEVICE); 1026 /* hmac data */ 1027 map_single_talitos_ptr(dev, &desc->ptr[1], areq->assoclen + ivsize, 1028 sg_virt(areq->assoc), 0, DMA_TO_DEVICE); 1029 /* cipher iv */ 1030 map_single_talitos_ptr(dev, &desc->ptr[2], ivsize, giv ?: areq->iv, 0, 1031 DMA_TO_DEVICE); 1032 1033 /* cipher key */ 1034 map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen, 1035 (char *)&ctx->key + ctx->authkeylen, 0, 1036 DMA_TO_DEVICE); 1037 1038 /* 1039 * cipher in 1040 * map and adjust cipher len to aead request cryptlen. 1041 * extent is bytes of HMAC postpended to ciphertext, 1042 * typically 12 for ipsec 1043 */ 1044 desc->ptr[4].len = cpu_to_be16(cryptlen); 1045 desc->ptr[4].j_extent = authsize; 1046 1047 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1, 1048 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL 1049 : DMA_TO_DEVICE, 1050 edesc->src_is_chained); 1051 1052 if (sg_count == 1) { 1053 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->src)); 1054 } else { 1055 sg_link_tbl_len = cryptlen; 1056 1057 if (edesc->desc.hdr & DESC_HDR_MODE1_MDEU_CICV) 1058 sg_link_tbl_len = cryptlen + authsize; 1059 1060 sg_count = sg_to_link_tbl(areq->src, sg_count, sg_link_tbl_len, 1061 &edesc->link_tbl[0]); 1062 if (sg_count > 1) { 1063 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; 1064 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl); 1065 dma_sync_single_for_device(dev, edesc->dma_link_tbl, 1066 edesc->dma_len, 1067 DMA_BIDIRECTIONAL); 1068 } else { 1069 /* Only one segment now, so no link tbl needed */ 1070 to_talitos_ptr(&desc->ptr[4], 1071 sg_dma_address(areq->src)); 1072 } 1073 } 1074 1075 /* cipher out */ 1076 desc->ptr[5].len = cpu_to_be16(cryptlen); 1077 desc->ptr[5].j_extent = authsize; 1078 1079 if (areq->src != areq->dst) 1080 sg_count = talitos_map_sg(dev, areq->dst, 1081 edesc->dst_nents ? : 1, 1082 DMA_FROM_DEVICE, 1083 edesc->dst_is_chained); 1084 1085 if (sg_count == 1) { 1086 to_talitos_ptr(&desc->ptr[5], sg_dma_address(areq->dst)); 1087 } else { 1088 struct talitos_ptr *link_tbl_ptr = 1089 &edesc->link_tbl[edesc->src_nents + 1]; 1090 1091 to_talitos_ptr(&desc->ptr[5], edesc->dma_link_tbl + 1092 (edesc->src_nents + 1) * 1093 sizeof(struct talitos_ptr)); 1094 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, 1095 link_tbl_ptr); 1096 1097 /* Add an entry to the link table for ICV data */ 1098 link_tbl_ptr += sg_count - 1; 1099 link_tbl_ptr->j_extent = 0; 1100 sg_count++; 1101 link_tbl_ptr++; 1102 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; 1103 link_tbl_ptr->len = cpu_to_be16(authsize); 1104 1105 /* icv data follows link tables */ 1106 to_talitos_ptr(link_tbl_ptr, edesc->dma_link_tbl + 1107 (edesc->src_nents + edesc->dst_nents + 2) * 1108 sizeof(struct talitos_ptr)); 1109 desc->ptr[5].j_extent |= DESC_PTR_LNKTBL_JUMP; 1110 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, 1111 edesc->dma_len, DMA_BIDIRECTIONAL); 1112 } 1113 1114 /* iv out */ 1115 map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, 0, 1116 DMA_FROM_DEVICE); 1117 1118 ret = talitos_submit(dev, ctx->ch, desc, callback, areq); 1119 if (ret != -EINPROGRESS) { 1120 ipsec_esp_unmap(dev, edesc, areq); 1121 kfree(edesc); 1122 } 1123 return ret; 1124 } 1125 1126 /* 1127 * derive number of elements in scatterlist 1128 */ 1129 static int sg_count(struct scatterlist *sg_list, int nbytes, int *chained) 1130 { 1131 struct scatterlist *sg = sg_list; 1132 int sg_nents = 0; 1133 1134 *chained = 0; 1135 while (nbytes > 0) { 1136 sg_nents++; 1137 nbytes -= sg->length; 1138 if (!sg_is_last(sg) && (sg + 1)->length == 0) 1139 *chained = 1; 1140 sg = scatterwalk_sg_next(sg); 1141 } 1142 1143 return sg_nents; 1144 } 1145 1146 /** 1147 * sg_copy_end_to_buffer - Copy end data from SG list to a linear buffer 1148 * @sgl: The SG list 1149 * @nents: Number of SG entries 1150 * @buf: Where to copy to 1151 * @buflen: The number of bytes to copy 1152 * @skip: The number of bytes to skip before copying. 1153 * Note: skip + buflen should equal SG total size. 1154 * 1155 * Returns the number of copied bytes. 1156 * 1157 **/ 1158 static size_t sg_copy_end_to_buffer(struct scatterlist *sgl, unsigned int nents, 1159 void *buf, size_t buflen, unsigned int skip) 1160 { 1161 unsigned int offset = 0; 1162 unsigned int boffset = 0; 1163 struct sg_mapping_iter miter; 1164 unsigned long flags; 1165 unsigned int sg_flags = SG_MITER_ATOMIC; 1166 size_t total_buffer = buflen + skip; 1167 1168 sg_flags |= SG_MITER_FROM_SG; 1169 1170 sg_miter_start(&miter, sgl, nents, sg_flags); 1171 1172 local_irq_save(flags); 1173 1174 while (sg_miter_next(&miter) && offset < total_buffer) { 1175 unsigned int len; 1176 unsigned int ignore; 1177 1178 if ((offset + miter.length) > skip) { 1179 if (offset < skip) { 1180 /* Copy part of this segment */ 1181 ignore = skip - offset; 1182 len = miter.length - ignore; 1183 if (boffset + len > buflen) 1184 len = buflen - boffset; 1185 memcpy(buf + boffset, miter.addr + ignore, len); 1186 } else { 1187 /* Copy all of this segment (up to buflen) */ 1188 len = miter.length; 1189 if (boffset + len > buflen) 1190 len = buflen - boffset; 1191 memcpy(buf + boffset, miter.addr, len); 1192 } 1193 boffset += len; 1194 } 1195 offset += miter.length; 1196 } 1197 1198 sg_miter_stop(&miter); 1199 1200 local_irq_restore(flags); 1201 return boffset; 1202 } 1203 1204 /* 1205 * allocate and map the extended descriptor 1206 */ 1207 static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, 1208 struct scatterlist *src, 1209 struct scatterlist *dst, 1210 int hash_result, 1211 unsigned int cryptlen, 1212 unsigned int authsize, 1213 int icv_stashing, 1214 u32 cryptoflags) 1215 { 1216 struct talitos_edesc *edesc; 1217 int src_nents, dst_nents, alloc_len, dma_len; 1218 int src_chained, dst_chained = 0; 1219 gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : 1220 GFP_ATOMIC; 1221 1222 if (cryptlen + authsize > TALITOS_MAX_DATA_LEN) { 1223 dev_err(dev, "length exceeds h/w max limit\n"); 1224 return ERR_PTR(-EINVAL); 1225 } 1226 1227 src_nents = sg_count(src, cryptlen + authsize, &src_chained); 1228 src_nents = (src_nents == 1) ? 0 : src_nents; 1229 1230 if (hash_result) { 1231 dst_nents = 0; 1232 } else { 1233 if (dst == src) { 1234 dst_nents = src_nents; 1235 } else { 1236 dst_nents = sg_count(dst, cryptlen + authsize, 1237 &dst_chained); 1238 dst_nents = (dst_nents == 1) ? 0 : dst_nents; 1239 } 1240 } 1241 1242 /* 1243 * allocate space for base edesc plus the link tables, 1244 * allowing for two separate entries for ICV and generated ICV (+ 2), 1245 * and the ICV data itself 1246 */ 1247 alloc_len = sizeof(struct talitos_edesc); 1248 if (src_nents || dst_nents) { 1249 dma_len = (src_nents + dst_nents + 2) * 1250 sizeof(struct talitos_ptr) + authsize; 1251 alloc_len += dma_len; 1252 } else { 1253 dma_len = 0; 1254 alloc_len += icv_stashing ? authsize : 0; 1255 } 1256 1257 edesc = kmalloc(alloc_len, GFP_DMA | flags); 1258 if (!edesc) { 1259 dev_err(dev, "could not allocate edescriptor\n"); 1260 return ERR_PTR(-ENOMEM); 1261 } 1262 1263 edesc->src_nents = src_nents; 1264 edesc->dst_nents = dst_nents; 1265 edesc->src_is_chained = src_chained; 1266 edesc->dst_is_chained = dst_chained; 1267 edesc->dma_len = dma_len; 1268 if (dma_len) 1269 edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0], 1270 edesc->dma_len, 1271 DMA_BIDIRECTIONAL); 1272 1273 return edesc; 1274 } 1275 1276 static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, 1277 int icv_stashing) 1278 { 1279 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 1280 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1281 1282 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 0, 1283 areq->cryptlen, ctx->authsize, icv_stashing, 1284 areq->base.flags); 1285 } 1286 1287 static int aead_encrypt(struct aead_request *req) 1288 { 1289 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 1290 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1291 struct talitos_edesc *edesc; 1292 1293 /* allocate extended descriptor */ 1294 edesc = aead_edesc_alloc(req, 0); 1295 if (IS_ERR(edesc)) 1296 return PTR_ERR(edesc); 1297 1298 /* set encrypt */ 1299 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1300 1301 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_encrypt_done); 1302 } 1303 1304 static int aead_decrypt(struct aead_request *req) 1305 { 1306 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 1307 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1308 unsigned int authsize = ctx->authsize; 1309 struct talitos_private *priv = dev_get_drvdata(ctx->dev); 1310 struct talitos_edesc *edesc; 1311 struct scatterlist *sg; 1312 void *icvdata; 1313 1314 req->cryptlen -= authsize; 1315 1316 /* allocate extended descriptor */ 1317 edesc = aead_edesc_alloc(req, 1); 1318 if (IS_ERR(edesc)) 1319 return PTR_ERR(edesc); 1320 1321 if ((priv->features & TALITOS_FTR_HW_AUTH_CHECK) && 1322 ((!edesc->src_nents && !edesc->dst_nents) || 1323 priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) { 1324 1325 /* decrypt and check the ICV */ 1326 edesc->desc.hdr = ctx->desc_hdr_template | 1327 DESC_HDR_DIR_INBOUND | 1328 DESC_HDR_MODE1_MDEU_CICV; 1329 1330 /* reset integrity check result bits */ 1331 edesc->desc.hdr_lo = 0; 1332 1333 return ipsec_esp(edesc, req, NULL, 0, 1334 ipsec_esp_decrypt_hwauth_done); 1335 1336 } 1337 1338 /* Have to check the ICV with software */ 1339 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND; 1340 1341 /* stash incoming ICV for later cmp with ICV generated by the h/w */ 1342 if (edesc->dma_len) 1343 icvdata = &edesc->link_tbl[edesc->src_nents + 1344 edesc->dst_nents + 2]; 1345 else 1346 icvdata = &edesc->link_tbl[0]; 1347 1348 sg = sg_last(req->src, edesc->src_nents ? : 1); 1349 1350 memcpy(icvdata, (char *)sg_virt(sg) + sg->length - ctx->authsize, 1351 ctx->authsize); 1352 1353 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_decrypt_swauth_done); 1354 } 1355 1356 static int aead_givencrypt(struct aead_givcrypt_request *req) 1357 { 1358 struct aead_request *areq = &req->areq; 1359 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 1360 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1361 struct talitos_edesc *edesc; 1362 1363 /* allocate extended descriptor */ 1364 edesc = aead_edesc_alloc(areq, 0); 1365 if (IS_ERR(edesc)) 1366 return PTR_ERR(edesc); 1367 1368 /* set encrypt */ 1369 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1370 1371 memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc)); 1372 /* avoid consecutive packets going out with same IV */ 1373 *(__be64 *)req->giv ^= cpu_to_be64(req->seq); 1374 1375 return ipsec_esp(edesc, areq, req->giv, req->seq, 1376 ipsec_esp_encrypt_done); 1377 } 1378 1379 static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, 1380 const u8 *key, unsigned int keylen) 1381 { 1382 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1383 1384 memcpy(&ctx->key, key, keylen); 1385 ctx->keylen = keylen; 1386 1387 return 0; 1388 } 1389 1390 static void common_nonsnoop_unmap(struct device *dev, 1391 struct talitos_edesc *edesc, 1392 struct ablkcipher_request *areq) 1393 { 1394 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE); 1395 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE); 1396 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE); 1397 1398 talitos_sg_unmap(dev, edesc, areq->src, areq->dst); 1399 1400 if (edesc->dma_len) 1401 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 1402 DMA_BIDIRECTIONAL); 1403 } 1404 1405 static void ablkcipher_done(struct device *dev, 1406 struct talitos_desc *desc, void *context, 1407 int err) 1408 { 1409 struct ablkcipher_request *areq = context; 1410 struct talitos_edesc *edesc; 1411 1412 edesc = container_of(desc, struct talitos_edesc, desc); 1413 1414 common_nonsnoop_unmap(dev, edesc, areq); 1415 1416 kfree(edesc); 1417 1418 areq->base.complete(&areq->base, err); 1419 } 1420 1421 static int common_nonsnoop(struct talitos_edesc *edesc, 1422 struct ablkcipher_request *areq, 1423 void (*callback) (struct device *dev, 1424 struct talitos_desc *desc, 1425 void *context, int error)) 1426 { 1427 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1428 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1429 struct device *dev = ctx->dev; 1430 struct talitos_desc *desc = &edesc->desc; 1431 unsigned int cryptlen = areq->nbytes; 1432 unsigned int ivsize; 1433 int sg_count, ret; 1434 1435 /* first DWORD empty */ 1436 desc->ptr[0].len = 0; 1437 to_talitos_ptr(&desc->ptr[0], 0); 1438 desc->ptr[0].j_extent = 0; 1439 1440 /* cipher iv */ 1441 ivsize = crypto_ablkcipher_ivsize(cipher); 1442 map_single_talitos_ptr(dev, &desc->ptr[1], ivsize, areq->info, 0, 1443 DMA_TO_DEVICE); 1444 1445 /* cipher key */ 1446 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen, 1447 (char *)&ctx->key, 0, DMA_TO_DEVICE); 1448 1449 /* 1450 * cipher in 1451 */ 1452 desc->ptr[3].len = cpu_to_be16(cryptlen); 1453 desc->ptr[3].j_extent = 0; 1454 1455 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1, 1456 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL 1457 : DMA_TO_DEVICE, 1458 edesc->src_is_chained); 1459 1460 if (sg_count == 1) { 1461 to_talitos_ptr(&desc->ptr[3], sg_dma_address(areq->src)); 1462 } else { 1463 sg_count = sg_to_link_tbl(areq->src, sg_count, cryptlen, 1464 &edesc->link_tbl[0]); 1465 if (sg_count > 1) { 1466 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl); 1467 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP; 1468 dma_sync_single_for_device(dev, edesc->dma_link_tbl, 1469 edesc->dma_len, 1470 DMA_BIDIRECTIONAL); 1471 } else { 1472 /* Only one segment now, so no link tbl needed */ 1473 to_talitos_ptr(&desc->ptr[3], 1474 sg_dma_address(areq->src)); 1475 } 1476 } 1477 1478 /* cipher out */ 1479 desc->ptr[4].len = cpu_to_be16(cryptlen); 1480 desc->ptr[4].j_extent = 0; 1481 1482 if (areq->src != areq->dst) 1483 sg_count = talitos_map_sg(dev, areq->dst, 1484 edesc->dst_nents ? : 1, 1485 DMA_FROM_DEVICE, 1486 edesc->dst_is_chained); 1487 1488 if (sg_count == 1) { 1489 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->dst)); 1490 } else { 1491 struct talitos_ptr *link_tbl_ptr = 1492 &edesc->link_tbl[edesc->src_nents + 1]; 1493 1494 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl + 1495 (edesc->src_nents + 1) * 1496 sizeof(struct talitos_ptr)); 1497 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; 1498 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, 1499 link_tbl_ptr); 1500 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, 1501 edesc->dma_len, DMA_BIDIRECTIONAL); 1502 } 1503 1504 /* iv out */ 1505 map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv, 0, 1506 DMA_FROM_DEVICE); 1507 1508 /* last DWORD empty */ 1509 desc->ptr[6].len = 0; 1510 to_talitos_ptr(&desc->ptr[6], 0); 1511 desc->ptr[6].j_extent = 0; 1512 1513 ret = talitos_submit(dev, ctx->ch, desc, callback, areq); 1514 if (ret != -EINPROGRESS) { 1515 common_nonsnoop_unmap(dev, edesc, areq); 1516 kfree(edesc); 1517 } 1518 return ret; 1519 } 1520 1521 static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request * 1522 areq) 1523 { 1524 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1525 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1526 1527 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 0, 1528 areq->nbytes, 0, 0, areq->base.flags); 1529 } 1530 1531 static int ablkcipher_encrypt(struct ablkcipher_request *areq) 1532 { 1533 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1534 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1535 struct talitos_edesc *edesc; 1536 1537 /* allocate extended descriptor */ 1538 edesc = ablkcipher_edesc_alloc(areq); 1539 if (IS_ERR(edesc)) 1540 return PTR_ERR(edesc); 1541 1542 /* set encrypt */ 1543 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1544 1545 return common_nonsnoop(edesc, areq, ablkcipher_done); 1546 } 1547 1548 static int ablkcipher_decrypt(struct ablkcipher_request *areq) 1549 { 1550 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1551 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1552 struct talitos_edesc *edesc; 1553 1554 /* allocate extended descriptor */ 1555 edesc = ablkcipher_edesc_alloc(areq); 1556 if (IS_ERR(edesc)) 1557 return PTR_ERR(edesc); 1558 1559 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND; 1560 1561 return common_nonsnoop(edesc, areq, ablkcipher_done); 1562 } 1563 1564 static void common_nonsnoop_hash_unmap(struct device *dev, 1565 struct talitos_edesc *edesc, 1566 struct ahash_request *areq) 1567 { 1568 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1569 1570 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE); 1571 1572 /* When using hashctx-in, must unmap it. */ 1573 if (edesc->desc.ptr[1].len) 1574 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], 1575 DMA_TO_DEVICE); 1576 1577 if (edesc->desc.ptr[2].len) 1578 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], 1579 DMA_TO_DEVICE); 1580 1581 talitos_sg_unmap(dev, edesc, req_ctx->psrc, NULL); 1582 1583 if (edesc->dma_len) 1584 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 1585 DMA_BIDIRECTIONAL); 1586 1587 } 1588 1589 static void ahash_done(struct device *dev, 1590 struct talitos_desc *desc, void *context, 1591 int err) 1592 { 1593 struct ahash_request *areq = context; 1594 struct talitos_edesc *edesc = 1595 container_of(desc, struct talitos_edesc, desc); 1596 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1597 1598 if (!req_ctx->last && req_ctx->to_hash_later) { 1599 /* Position any partial block for next update/final/finup */ 1600 memcpy(req_ctx->buf, req_ctx->bufnext, req_ctx->to_hash_later); 1601 req_ctx->nbuf = req_ctx->to_hash_later; 1602 } 1603 common_nonsnoop_hash_unmap(dev, edesc, areq); 1604 1605 kfree(edesc); 1606 1607 areq->base.complete(&areq->base, err); 1608 } 1609 1610 static int common_nonsnoop_hash(struct talitos_edesc *edesc, 1611 struct ahash_request *areq, unsigned int length, 1612 void (*callback) (struct device *dev, 1613 struct talitos_desc *desc, 1614 void *context, int error)) 1615 { 1616 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); 1617 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm); 1618 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1619 struct device *dev = ctx->dev; 1620 struct talitos_desc *desc = &edesc->desc; 1621 int sg_count, ret; 1622 1623 /* first DWORD empty */ 1624 desc->ptr[0] = zero_entry; 1625 1626 /* hash context in */ 1627 if (!req_ctx->first || req_ctx->swinit) { 1628 map_single_talitos_ptr(dev, &desc->ptr[1], 1629 req_ctx->hw_context_size, 1630 (char *)req_ctx->hw_context, 0, 1631 DMA_TO_DEVICE); 1632 req_ctx->swinit = 0; 1633 } else { 1634 desc->ptr[1] = zero_entry; 1635 /* Indicate next op is not the first. */ 1636 req_ctx->first = 0; 1637 } 1638 1639 /* HMAC key */ 1640 if (ctx->keylen) 1641 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen, 1642 (char *)&ctx->key, 0, DMA_TO_DEVICE); 1643 else 1644 desc->ptr[2] = zero_entry; 1645 1646 /* 1647 * data in 1648 */ 1649 desc->ptr[3].len = cpu_to_be16(length); 1650 desc->ptr[3].j_extent = 0; 1651 1652 sg_count = talitos_map_sg(dev, req_ctx->psrc, 1653 edesc->src_nents ? : 1, 1654 DMA_TO_DEVICE, 1655 edesc->src_is_chained); 1656 1657 if (sg_count == 1) { 1658 to_talitos_ptr(&desc->ptr[3], sg_dma_address(req_ctx->psrc)); 1659 } else { 1660 sg_count = sg_to_link_tbl(req_ctx->psrc, sg_count, length, 1661 &edesc->link_tbl[0]); 1662 if (sg_count > 1) { 1663 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP; 1664 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl); 1665 dma_sync_single_for_device(ctx->dev, 1666 edesc->dma_link_tbl, 1667 edesc->dma_len, 1668 DMA_BIDIRECTIONAL); 1669 } else { 1670 /* Only one segment now, so no link tbl needed */ 1671 to_talitos_ptr(&desc->ptr[3], 1672 sg_dma_address(req_ctx->psrc)); 1673 } 1674 } 1675 1676 /* fifth DWORD empty */ 1677 desc->ptr[4] = zero_entry; 1678 1679 /* hash/HMAC out -or- hash context out */ 1680 if (req_ctx->last) 1681 map_single_talitos_ptr(dev, &desc->ptr[5], 1682 crypto_ahash_digestsize(tfm), 1683 areq->result, 0, DMA_FROM_DEVICE); 1684 else 1685 map_single_talitos_ptr(dev, &desc->ptr[5], 1686 req_ctx->hw_context_size, 1687 req_ctx->hw_context, 0, DMA_FROM_DEVICE); 1688 1689 /* last DWORD empty */ 1690 desc->ptr[6] = zero_entry; 1691 1692 ret = talitos_submit(dev, ctx->ch, desc, callback, areq); 1693 if (ret != -EINPROGRESS) { 1694 common_nonsnoop_hash_unmap(dev, edesc, areq); 1695 kfree(edesc); 1696 } 1697 return ret; 1698 } 1699 1700 static struct talitos_edesc *ahash_edesc_alloc(struct ahash_request *areq, 1701 unsigned int nbytes) 1702 { 1703 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); 1704 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm); 1705 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1706 1707 return talitos_edesc_alloc(ctx->dev, req_ctx->psrc, NULL, 1, 1708 nbytes, 0, 0, areq->base.flags); 1709 } 1710 1711 static int ahash_init(struct ahash_request *areq) 1712 { 1713 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); 1714 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1715 1716 /* Initialize the context */ 1717 req_ctx->nbuf = 0; 1718 req_ctx->first = 1; /* first indicates h/w must init its context */ 1719 req_ctx->swinit = 0; /* assume h/w init of context */ 1720 req_ctx->hw_context_size = 1721 (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE) 1722 ? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256 1723 : TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512; 1724 1725 return 0; 1726 } 1727 1728 /* 1729 * on h/w without explicit sha224 support, we initialize h/w context 1730 * manually with sha224 constants, and tell it to run sha256. 1731 */ 1732 static int ahash_init_sha224_swinit(struct ahash_request *areq) 1733 { 1734 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1735 1736 ahash_init(areq); 1737 req_ctx->swinit = 1;/* prevent h/w initting context with sha256 values*/ 1738 1739 req_ctx->hw_context[0] = SHA224_H0; 1740 req_ctx->hw_context[1] = SHA224_H1; 1741 req_ctx->hw_context[2] = SHA224_H2; 1742 req_ctx->hw_context[3] = SHA224_H3; 1743 req_ctx->hw_context[4] = SHA224_H4; 1744 req_ctx->hw_context[5] = SHA224_H5; 1745 req_ctx->hw_context[6] = SHA224_H6; 1746 req_ctx->hw_context[7] = SHA224_H7; 1747 1748 /* init 64-bit count */ 1749 req_ctx->hw_context[8] = 0; 1750 req_ctx->hw_context[9] = 0; 1751 1752 return 0; 1753 } 1754 1755 static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes) 1756 { 1757 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); 1758 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm); 1759 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1760 struct talitos_edesc *edesc; 1761 unsigned int blocksize = 1762 crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm)); 1763 unsigned int nbytes_to_hash; 1764 unsigned int to_hash_later; 1765 unsigned int nsg; 1766 int chained; 1767 1768 if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) { 1769 /* Buffer up to one whole block */ 1770 sg_copy_to_buffer(areq->src, 1771 sg_count(areq->src, nbytes, &chained), 1772 req_ctx->buf + req_ctx->nbuf, nbytes); 1773 req_ctx->nbuf += nbytes; 1774 return 0; 1775 } 1776 1777 /* At least (blocksize + 1) bytes are available to hash */ 1778 nbytes_to_hash = nbytes + req_ctx->nbuf; 1779 to_hash_later = nbytes_to_hash & (blocksize - 1); 1780 1781 if (req_ctx->last) 1782 to_hash_later = 0; 1783 else if (to_hash_later) 1784 /* There is a partial block. Hash the full block(s) now */ 1785 nbytes_to_hash -= to_hash_later; 1786 else { 1787 /* Keep one block buffered */ 1788 nbytes_to_hash -= blocksize; 1789 to_hash_later = blocksize; 1790 } 1791 1792 /* Chain in any previously buffered data */ 1793 if (req_ctx->nbuf) { 1794 nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1; 1795 sg_init_table(req_ctx->bufsl, nsg); 1796 sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf); 1797 if (nsg > 1) 1798 scatterwalk_sg_chain(req_ctx->bufsl, 2, areq->src); 1799 req_ctx->psrc = req_ctx->bufsl; 1800 } else 1801 req_ctx->psrc = areq->src; 1802 1803 if (to_hash_later) { 1804 int nents = sg_count(areq->src, nbytes, &chained); 1805 sg_copy_end_to_buffer(areq->src, nents, 1806 req_ctx->bufnext, 1807 to_hash_later, 1808 nbytes - to_hash_later); 1809 } 1810 req_ctx->to_hash_later = to_hash_later; 1811 1812 /* Allocate extended descriptor */ 1813 edesc = ahash_edesc_alloc(areq, nbytes_to_hash); 1814 if (IS_ERR(edesc)) 1815 return PTR_ERR(edesc); 1816 1817 edesc->desc.hdr = ctx->desc_hdr_template; 1818 1819 /* On last one, request SEC to pad; otherwise continue */ 1820 if (req_ctx->last) 1821 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_PAD; 1822 else 1823 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_CONT; 1824 1825 /* request SEC to INIT hash. */ 1826 if (req_ctx->first && !req_ctx->swinit) 1827 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_INIT; 1828 1829 /* When the tfm context has a keylen, it's an HMAC. 1830 * A first or last (ie. not middle) descriptor must request HMAC. 1831 */ 1832 if (ctx->keylen && (req_ctx->first || req_ctx->last)) 1833 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_HMAC; 1834 1835 return common_nonsnoop_hash(edesc, areq, nbytes_to_hash, 1836 ahash_done); 1837 } 1838 1839 static int ahash_update(struct ahash_request *areq) 1840 { 1841 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1842 1843 req_ctx->last = 0; 1844 1845 return ahash_process_req(areq, areq->nbytes); 1846 } 1847 1848 static int ahash_final(struct ahash_request *areq) 1849 { 1850 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1851 1852 req_ctx->last = 1; 1853 1854 return ahash_process_req(areq, 0); 1855 } 1856 1857 static int ahash_finup(struct ahash_request *areq) 1858 { 1859 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1860 1861 req_ctx->last = 1; 1862 1863 return ahash_process_req(areq, areq->nbytes); 1864 } 1865 1866 static int ahash_digest(struct ahash_request *areq) 1867 { 1868 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1869 struct crypto_ahash *ahash = crypto_ahash_reqtfm(areq); 1870 1871 ahash->init(areq); 1872 req_ctx->last = 1; 1873 1874 return ahash_process_req(areq, areq->nbytes); 1875 } 1876 1877 struct talitos_alg_template { 1878 u32 type; 1879 union { 1880 struct crypto_alg crypto; 1881 struct ahash_alg hash; 1882 } alg; 1883 __be32 desc_hdr_template; 1884 }; 1885 1886 static struct talitos_alg_template driver_algs[] = { 1887 /* AEAD algorithms. These use a single-pass ipsec_esp descriptor */ 1888 { .type = CRYPTO_ALG_TYPE_AEAD, 1889 .alg.crypto = { 1890 .cra_name = "authenc(hmac(sha1),cbc(aes))", 1891 .cra_driver_name = "authenc-hmac-sha1-cbc-aes-talitos", 1892 .cra_blocksize = AES_BLOCK_SIZE, 1893 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1894 .cra_type = &crypto_aead_type, 1895 .cra_aead = { 1896 .setkey = aead_setkey, 1897 .setauthsize = aead_setauthsize, 1898 .encrypt = aead_encrypt, 1899 .decrypt = aead_decrypt, 1900 .givencrypt = aead_givencrypt, 1901 .geniv = "<built-in>", 1902 .ivsize = AES_BLOCK_SIZE, 1903 .maxauthsize = SHA1_DIGEST_SIZE, 1904 } 1905 }, 1906 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1907 DESC_HDR_SEL0_AESU | 1908 DESC_HDR_MODE0_AESU_CBC | 1909 DESC_HDR_SEL1_MDEUA | 1910 DESC_HDR_MODE1_MDEU_INIT | 1911 DESC_HDR_MODE1_MDEU_PAD | 1912 DESC_HDR_MODE1_MDEU_SHA1_HMAC, 1913 }, 1914 { .type = CRYPTO_ALG_TYPE_AEAD, 1915 .alg.crypto = { 1916 .cra_name = "authenc(hmac(sha1),cbc(des3_ede))", 1917 .cra_driver_name = "authenc-hmac-sha1-cbc-3des-talitos", 1918 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1919 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1920 .cra_type = &crypto_aead_type, 1921 .cra_aead = { 1922 .setkey = aead_setkey, 1923 .setauthsize = aead_setauthsize, 1924 .encrypt = aead_encrypt, 1925 .decrypt = aead_decrypt, 1926 .givencrypt = aead_givencrypt, 1927 .geniv = "<built-in>", 1928 .ivsize = DES3_EDE_BLOCK_SIZE, 1929 .maxauthsize = SHA1_DIGEST_SIZE, 1930 } 1931 }, 1932 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1933 DESC_HDR_SEL0_DEU | 1934 DESC_HDR_MODE0_DEU_CBC | 1935 DESC_HDR_MODE0_DEU_3DES | 1936 DESC_HDR_SEL1_MDEUA | 1937 DESC_HDR_MODE1_MDEU_INIT | 1938 DESC_HDR_MODE1_MDEU_PAD | 1939 DESC_HDR_MODE1_MDEU_SHA1_HMAC, 1940 }, 1941 { .type = CRYPTO_ALG_TYPE_AEAD, 1942 .alg.crypto = { 1943 .cra_name = "authenc(hmac(sha256),cbc(aes))", 1944 .cra_driver_name = "authenc-hmac-sha256-cbc-aes-talitos", 1945 .cra_blocksize = AES_BLOCK_SIZE, 1946 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1947 .cra_type = &crypto_aead_type, 1948 .cra_aead = { 1949 .setkey = aead_setkey, 1950 .setauthsize = aead_setauthsize, 1951 .encrypt = aead_encrypt, 1952 .decrypt = aead_decrypt, 1953 .givencrypt = aead_givencrypt, 1954 .geniv = "<built-in>", 1955 .ivsize = AES_BLOCK_SIZE, 1956 .maxauthsize = SHA256_DIGEST_SIZE, 1957 } 1958 }, 1959 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1960 DESC_HDR_SEL0_AESU | 1961 DESC_HDR_MODE0_AESU_CBC | 1962 DESC_HDR_SEL1_MDEUA | 1963 DESC_HDR_MODE1_MDEU_INIT | 1964 DESC_HDR_MODE1_MDEU_PAD | 1965 DESC_HDR_MODE1_MDEU_SHA256_HMAC, 1966 }, 1967 { .type = CRYPTO_ALG_TYPE_AEAD, 1968 .alg.crypto = { 1969 .cra_name = "authenc(hmac(sha256),cbc(des3_ede))", 1970 .cra_driver_name = "authenc-hmac-sha256-cbc-3des-talitos", 1971 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1972 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1973 .cra_type = &crypto_aead_type, 1974 .cra_aead = { 1975 .setkey = aead_setkey, 1976 .setauthsize = aead_setauthsize, 1977 .encrypt = aead_encrypt, 1978 .decrypt = aead_decrypt, 1979 .givencrypt = aead_givencrypt, 1980 .geniv = "<built-in>", 1981 .ivsize = DES3_EDE_BLOCK_SIZE, 1982 .maxauthsize = SHA256_DIGEST_SIZE, 1983 } 1984 }, 1985 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1986 DESC_HDR_SEL0_DEU | 1987 DESC_HDR_MODE0_DEU_CBC | 1988 DESC_HDR_MODE0_DEU_3DES | 1989 DESC_HDR_SEL1_MDEUA | 1990 DESC_HDR_MODE1_MDEU_INIT | 1991 DESC_HDR_MODE1_MDEU_PAD | 1992 DESC_HDR_MODE1_MDEU_SHA256_HMAC, 1993 }, 1994 { .type = CRYPTO_ALG_TYPE_AEAD, 1995 .alg.crypto = { 1996 .cra_name = "authenc(hmac(md5),cbc(aes))", 1997 .cra_driver_name = "authenc-hmac-md5-cbc-aes-talitos", 1998 .cra_blocksize = AES_BLOCK_SIZE, 1999 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 2000 .cra_type = &crypto_aead_type, 2001 .cra_aead = { 2002 .setkey = aead_setkey, 2003 .setauthsize = aead_setauthsize, 2004 .encrypt = aead_encrypt, 2005 .decrypt = aead_decrypt, 2006 .givencrypt = aead_givencrypt, 2007 .geniv = "<built-in>", 2008 .ivsize = AES_BLOCK_SIZE, 2009 .maxauthsize = MD5_DIGEST_SIZE, 2010 } 2011 }, 2012 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 2013 DESC_HDR_SEL0_AESU | 2014 DESC_HDR_MODE0_AESU_CBC | 2015 DESC_HDR_SEL1_MDEUA | 2016 DESC_HDR_MODE1_MDEU_INIT | 2017 DESC_HDR_MODE1_MDEU_PAD | 2018 DESC_HDR_MODE1_MDEU_MD5_HMAC, 2019 }, 2020 { .type = CRYPTO_ALG_TYPE_AEAD, 2021 .alg.crypto = { 2022 .cra_name = "authenc(hmac(md5),cbc(des3_ede))", 2023 .cra_driver_name = "authenc-hmac-md5-cbc-3des-talitos", 2024 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 2025 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 2026 .cra_type = &crypto_aead_type, 2027 .cra_aead = { 2028 .setkey = aead_setkey, 2029 .setauthsize = aead_setauthsize, 2030 .encrypt = aead_encrypt, 2031 .decrypt = aead_decrypt, 2032 .givencrypt = aead_givencrypt, 2033 .geniv = "<built-in>", 2034 .ivsize = DES3_EDE_BLOCK_SIZE, 2035 .maxauthsize = MD5_DIGEST_SIZE, 2036 } 2037 }, 2038 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 2039 DESC_HDR_SEL0_DEU | 2040 DESC_HDR_MODE0_DEU_CBC | 2041 DESC_HDR_MODE0_DEU_3DES | 2042 DESC_HDR_SEL1_MDEUA | 2043 DESC_HDR_MODE1_MDEU_INIT | 2044 DESC_HDR_MODE1_MDEU_PAD | 2045 DESC_HDR_MODE1_MDEU_MD5_HMAC, 2046 }, 2047 /* ABLKCIPHER algorithms. */ 2048 { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, 2049 .alg.crypto = { 2050 .cra_name = "cbc(aes)", 2051 .cra_driver_name = "cbc-aes-talitos", 2052 .cra_blocksize = AES_BLOCK_SIZE, 2053 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 2054 CRYPTO_ALG_ASYNC, 2055 .cra_type = &crypto_ablkcipher_type, 2056 .cra_ablkcipher = { 2057 .setkey = ablkcipher_setkey, 2058 .encrypt = ablkcipher_encrypt, 2059 .decrypt = ablkcipher_decrypt, 2060 .geniv = "eseqiv", 2061 .min_keysize = AES_MIN_KEY_SIZE, 2062 .max_keysize = AES_MAX_KEY_SIZE, 2063 .ivsize = AES_BLOCK_SIZE, 2064 } 2065 }, 2066 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2067 DESC_HDR_SEL0_AESU | 2068 DESC_HDR_MODE0_AESU_CBC, 2069 }, 2070 { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, 2071 .alg.crypto = { 2072 .cra_name = "cbc(des3_ede)", 2073 .cra_driver_name = "cbc-3des-talitos", 2074 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 2075 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 2076 CRYPTO_ALG_ASYNC, 2077 .cra_type = &crypto_ablkcipher_type, 2078 .cra_ablkcipher = { 2079 .setkey = ablkcipher_setkey, 2080 .encrypt = ablkcipher_encrypt, 2081 .decrypt = ablkcipher_decrypt, 2082 .geniv = "eseqiv", 2083 .min_keysize = DES3_EDE_KEY_SIZE, 2084 .max_keysize = DES3_EDE_KEY_SIZE, 2085 .ivsize = DES3_EDE_BLOCK_SIZE, 2086 } 2087 }, 2088 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2089 DESC_HDR_SEL0_DEU | 2090 DESC_HDR_MODE0_DEU_CBC | 2091 DESC_HDR_MODE0_DEU_3DES, 2092 }, 2093 /* AHASH algorithms. */ 2094 { .type = CRYPTO_ALG_TYPE_AHASH, 2095 .alg.hash = { 2096 .init = ahash_init, 2097 .update = ahash_update, 2098 .final = ahash_final, 2099 .finup = ahash_finup, 2100 .digest = ahash_digest, 2101 .halg.digestsize = MD5_DIGEST_SIZE, 2102 .halg.base = { 2103 .cra_name = "md5", 2104 .cra_driver_name = "md5-talitos", 2105 .cra_blocksize = MD5_BLOCK_SIZE, 2106 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2107 CRYPTO_ALG_ASYNC, 2108 .cra_type = &crypto_ahash_type 2109 } 2110 }, 2111 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2112 DESC_HDR_SEL0_MDEUA | 2113 DESC_HDR_MODE0_MDEU_MD5, 2114 }, 2115 { .type = CRYPTO_ALG_TYPE_AHASH, 2116 .alg.hash = { 2117 .init = ahash_init, 2118 .update = ahash_update, 2119 .final = ahash_final, 2120 .finup = ahash_finup, 2121 .digest = ahash_digest, 2122 .halg.digestsize = SHA1_DIGEST_SIZE, 2123 .halg.base = { 2124 .cra_name = "sha1", 2125 .cra_driver_name = "sha1-talitos", 2126 .cra_blocksize = SHA1_BLOCK_SIZE, 2127 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2128 CRYPTO_ALG_ASYNC, 2129 .cra_type = &crypto_ahash_type 2130 } 2131 }, 2132 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2133 DESC_HDR_SEL0_MDEUA | 2134 DESC_HDR_MODE0_MDEU_SHA1, 2135 }, 2136 { .type = CRYPTO_ALG_TYPE_AHASH, 2137 .alg.hash = { 2138 .init = ahash_init, 2139 .update = ahash_update, 2140 .final = ahash_final, 2141 .finup = ahash_finup, 2142 .digest = ahash_digest, 2143 .halg.digestsize = SHA224_DIGEST_SIZE, 2144 .halg.base = { 2145 .cra_name = "sha224", 2146 .cra_driver_name = "sha224-talitos", 2147 .cra_blocksize = SHA224_BLOCK_SIZE, 2148 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2149 CRYPTO_ALG_ASYNC, 2150 .cra_type = &crypto_ahash_type 2151 } 2152 }, 2153 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2154 DESC_HDR_SEL0_MDEUA | 2155 DESC_HDR_MODE0_MDEU_SHA224, 2156 }, 2157 { .type = CRYPTO_ALG_TYPE_AHASH, 2158 .alg.hash = { 2159 .init = ahash_init, 2160 .update = ahash_update, 2161 .final = ahash_final, 2162 .finup = ahash_finup, 2163 .digest = ahash_digest, 2164 .halg.digestsize = SHA256_DIGEST_SIZE, 2165 .halg.base = { 2166 .cra_name = "sha256", 2167 .cra_driver_name = "sha256-talitos", 2168 .cra_blocksize = SHA256_BLOCK_SIZE, 2169 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2170 CRYPTO_ALG_ASYNC, 2171 .cra_type = &crypto_ahash_type 2172 } 2173 }, 2174 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2175 DESC_HDR_SEL0_MDEUA | 2176 DESC_HDR_MODE0_MDEU_SHA256, 2177 }, 2178 { .type = CRYPTO_ALG_TYPE_AHASH, 2179 .alg.hash = { 2180 .init = ahash_init, 2181 .update = ahash_update, 2182 .final = ahash_final, 2183 .finup = ahash_finup, 2184 .digest = ahash_digest, 2185 .halg.digestsize = SHA384_DIGEST_SIZE, 2186 .halg.base = { 2187 .cra_name = "sha384", 2188 .cra_driver_name = "sha384-talitos", 2189 .cra_blocksize = SHA384_BLOCK_SIZE, 2190 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2191 CRYPTO_ALG_ASYNC, 2192 .cra_type = &crypto_ahash_type 2193 } 2194 }, 2195 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2196 DESC_HDR_SEL0_MDEUB | 2197 DESC_HDR_MODE0_MDEUB_SHA384, 2198 }, 2199 { .type = CRYPTO_ALG_TYPE_AHASH, 2200 .alg.hash = { 2201 .init = ahash_init, 2202 .update = ahash_update, 2203 .final = ahash_final, 2204 .finup = ahash_finup, 2205 .digest = ahash_digest, 2206 .halg.digestsize = SHA512_DIGEST_SIZE, 2207 .halg.base = { 2208 .cra_name = "sha512", 2209 .cra_driver_name = "sha512-talitos", 2210 .cra_blocksize = SHA512_BLOCK_SIZE, 2211 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2212 CRYPTO_ALG_ASYNC, 2213 .cra_type = &crypto_ahash_type 2214 } 2215 }, 2216 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2217 DESC_HDR_SEL0_MDEUB | 2218 DESC_HDR_MODE0_MDEUB_SHA512, 2219 }, 2220 }; 2221 2222 struct talitos_crypto_alg { 2223 struct list_head entry; 2224 struct device *dev; 2225 struct talitos_alg_template algt; 2226 }; 2227 2228 static int talitos_cra_init(struct crypto_tfm *tfm) 2229 { 2230 struct crypto_alg *alg = tfm->__crt_alg; 2231 struct talitos_crypto_alg *talitos_alg; 2232 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm); 2233 struct talitos_private *priv; 2234 2235 if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_AHASH) 2236 talitos_alg = container_of(__crypto_ahash_alg(alg), 2237 struct talitos_crypto_alg, 2238 algt.alg.hash); 2239 else 2240 talitos_alg = container_of(alg, struct talitos_crypto_alg, 2241 algt.alg.crypto); 2242 2243 /* update context with ptr to dev */ 2244 ctx->dev = talitos_alg->dev; 2245 2246 /* assign SEC channel to tfm in round-robin fashion */ 2247 priv = dev_get_drvdata(ctx->dev); 2248 ctx->ch = atomic_inc_return(&priv->last_chan) & 2249 (priv->num_channels - 1); 2250 2251 /* copy descriptor header template value */ 2252 ctx->desc_hdr_template = talitos_alg->algt.desc_hdr_template; 2253 2254 /* select done notification */ 2255 ctx->desc_hdr_template |= DESC_HDR_DONE_NOTIFY; 2256 2257 return 0; 2258 } 2259 2260 static int talitos_cra_init_aead(struct crypto_tfm *tfm) 2261 { 2262 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm); 2263 2264 talitos_cra_init(tfm); 2265 2266 /* random first IV */ 2267 get_random_bytes(ctx->iv, TALITOS_MAX_IV_LENGTH); 2268 2269 return 0; 2270 } 2271 2272 static int talitos_cra_init_ahash(struct crypto_tfm *tfm) 2273 { 2274 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm); 2275 2276 talitos_cra_init(tfm); 2277 2278 ctx->keylen = 0; 2279 crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm), 2280 sizeof(struct talitos_ahash_req_ctx)); 2281 2282 return 0; 2283 } 2284 2285 /* 2286 * given the alg's descriptor header template, determine whether descriptor 2287 * type and primary/secondary execution units required match the hw 2288 * capabilities description provided in the device tree node. 2289 */ 2290 static int hw_supports(struct device *dev, __be32 desc_hdr_template) 2291 { 2292 struct talitos_private *priv = dev_get_drvdata(dev); 2293 int ret; 2294 2295 ret = (1 << DESC_TYPE(desc_hdr_template) & priv->desc_types) && 2296 (1 << PRIMARY_EU(desc_hdr_template) & priv->exec_units); 2297 2298 if (SECONDARY_EU(desc_hdr_template)) 2299 ret = ret && (1 << SECONDARY_EU(desc_hdr_template) 2300 & priv->exec_units); 2301 2302 return ret; 2303 } 2304 2305 static int talitos_remove(struct platform_device *ofdev) 2306 { 2307 struct device *dev = &ofdev->dev; 2308 struct talitos_private *priv = dev_get_drvdata(dev); 2309 struct talitos_crypto_alg *t_alg, *n; 2310 int i; 2311 2312 list_for_each_entry_safe(t_alg, n, &priv->alg_list, entry) { 2313 switch (t_alg->algt.type) { 2314 case CRYPTO_ALG_TYPE_ABLKCIPHER: 2315 case CRYPTO_ALG_TYPE_AEAD: 2316 crypto_unregister_alg(&t_alg->algt.alg.crypto); 2317 break; 2318 case CRYPTO_ALG_TYPE_AHASH: 2319 crypto_unregister_ahash(&t_alg->algt.alg.hash); 2320 break; 2321 } 2322 list_del(&t_alg->entry); 2323 kfree(t_alg); 2324 } 2325 2326 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) 2327 talitos_unregister_rng(dev); 2328 2329 for (i = 0; i < priv->num_channels; i++) 2330 kfree(priv->chan[i].fifo); 2331 2332 kfree(priv->chan); 2333 2334 if (priv->irq != NO_IRQ) { 2335 free_irq(priv->irq, dev); 2336 irq_dispose_mapping(priv->irq); 2337 } 2338 2339 tasklet_kill(&priv->done_task); 2340 2341 iounmap(priv->reg); 2342 2343 dev_set_drvdata(dev, NULL); 2344 2345 kfree(priv); 2346 2347 return 0; 2348 } 2349 2350 static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev, 2351 struct talitos_alg_template 2352 *template) 2353 { 2354 struct talitos_private *priv = dev_get_drvdata(dev); 2355 struct talitos_crypto_alg *t_alg; 2356 struct crypto_alg *alg; 2357 2358 t_alg = kzalloc(sizeof(struct talitos_crypto_alg), GFP_KERNEL); 2359 if (!t_alg) 2360 return ERR_PTR(-ENOMEM); 2361 2362 t_alg->algt = *template; 2363 2364 switch (t_alg->algt.type) { 2365 case CRYPTO_ALG_TYPE_ABLKCIPHER: 2366 alg = &t_alg->algt.alg.crypto; 2367 alg->cra_init = talitos_cra_init; 2368 break; 2369 case CRYPTO_ALG_TYPE_AEAD: 2370 alg = &t_alg->algt.alg.crypto; 2371 alg->cra_init = talitos_cra_init_aead; 2372 break; 2373 case CRYPTO_ALG_TYPE_AHASH: 2374 alg = &t_alg->algt.alg.hash.halg.base; 2375 alg->cra_init = talitos_cra_init_ahash; 2376 if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) && 2377 !strcmp(alg->cra_name, "sha224")) { 2378 t_alg->algt.alg.hash.init = ahash_init_sha224_swinit; 2379 t_alg->algt.desc_hdr_template = 2380 DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2381 DESC_HDR_SEL0_MDEUA | 2382 DESC_HDR_MODE0_MDEU_SHA256; 2383 } 2384 break; 2385 default: 2386 dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type); 2387 return ERR_PTR(-EINVAL); 2388 } 2389 2390 alg->cra_module = THIS_MODULE; 2391 alg->cra_priority = TALITOS_CRA_PRIORITY; 2392 alg->cra_alignmask = 0; 2393 alg->cra_ctxsize = sizeof(struct talitos_ctx); 2394 2395 t_alg->dev = dev; 2396 2397 return t_alg; 2398 } 2399 2400 static int talitos_probe(struct platform_device *ofdev) 2401 { 2402 struct device *dev = &ofdev->dev; 2403 struct device_node *np = ofdev->dev.of_node; 2404 struct talitos_private *priv; 2405 const unsigned int *prop; 2406 int i, err; 2407 2408 priv = kzalloc(sizeof(struct talitos_private), GFP_KERNEL); 2409 if (!priv) 2410 return -ENOMEM; 2411 2412 dev_set_drvdata(dev, priv); 2413 2414 priv->ofdev = ofdev; 2415 2416 tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev); 2417 2418 INIT_LIST_HEAD(&priv->alg_list); 2419 2420 priv->irq = irq_of_parse_and_map(np, 0); 2421 2422 if (priv->irq == NO_IRQ) { 2423 dev_err(dev, "failed to map irq\n"); 2424 err = -EINVAL; 2425 goto err_out; 2426 } 2427 2428 /* get the irq line */ 2429 err = request_irq(priv->irq, talitos_interrupt, 0, 2430 dev_driver_string(dev), dev); 2431 if (err) { 2432 dev_err(dev, "failed to request irq %d\n", priv->irq); 2433 irq_dispose_mapping(priv->irq); 2434 priv->irq = NO_IRQ; 2435 goto err_out; 2436 } 2437 2438 priv->reg = of_iomap(np, 0); 2439 if (!priv->reg) { 2440 dev_err(dev, "failed to of_iomap\n"); 2441 err = -ENOMEM; 2442 goto err_out; 2443 } 2444 2445 /* get SEC version capabilities from device tree */ 2446 prop = of_get_property(np, "fsl,num-channels", NULL); 2447 if (prop) 2448 priv->num_channels = *prop; 2449 2450 prop = of_get_property(np, "fsl,channel-fifo-len", NULL); 2451 if (prop) 2452 priv->chfifo_len = *prop; 2453 2454 prop = of_get_property(np, "fsl,exec-units-mask", NULL); 2455 if (prop) 2456 priv->exec_units = *prop; 2457 2458 prop = of_get_property(np, "fsl,descriptor-types-mask", NULL); 2459 if (prop) 2460 priv->desc_types = *prop; 2461 2462 if (!is_power_of_2(priv->num_channels) || !priv->chfifo_len || 2463 !priv->exec_units || !priv->desc_types) { 2464 dev_err(dev, "invalid property data in device tree node\n"); 2465 err = -EINVAL; 2466 goto err_out; 2467 } 2468 2469 if (of_device_is_compatible(np, "fsl,sec3.0")) 2470 priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT; 2471 2472 if (of_device_is_compatible(np, "fsl,sec2.1")) 2473 priv->features |= TALITOS_FTR_HW_AUTH_CHECK | 2474 TALITOS_FTR_SHA224_HWINIT; 2475 2476 priv->chan = kzalloc(sizeof(struct talitos_channel) * 2477 priv->num_channels, GFP_KERNEL); 2478 if (!priv->chan) { 2479 dev_err(dev, "failed to allocate channel management space\n"); 2480 err = -ENOMEM; 2481 goto err_out; 2482 } 2483 2484 for (i = 0; i < priv->num_channels; i++) { 2485 spin_lock_init(&priv->chan[i].head_lock); 2486 spin_lock_init(&priv->chan[i].tail_lock); 2487 } 2488 2489 priv->fifo_len = roundup_pow_of_two(priv->chfifo_len); 2490 2491 for (i = 0; i < priv->num_channels; i++) { 2492 priv->chan[i].fifo = kzalloc(sizeof(struct talitos_request) * 2493 priv->fifo_len, GFP_KERNEL); 2494 if (!priv->chan[i].fifo) { 2495 dev_err(dev, "failed to allocate request fifo %d\n", i); 2496 err = -ENOMEM; 2497 goto err_out; 2498 } 2499 } 2500 2501 for (i = 0; i < priv->num_channels; i++) 2502 atomic_set(&priv->chan[i].submit_count, 2503 -(priv->chfifo_len - 1)); 2504 2505 dma_set_mask(dev, DMA_BIT_MASK(36)); 2506 2507 /* reset and initialize the h/w */ 2508 err = init_device(dev); 2509 if (err) { 2510 dev_err(dev, "failed to initialize device\n"); 2511 goto err_out; 2512 } 2513 2514 /* register the RNG, if available */ 2515 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) { 2516 err = talitos_register_rng(dev); 2517 if (err) { 2518 dev_err(dev, "failed to register hwrng: %d\n", err); 2519 goto err_out; 2520 } else 2521 dev_info(dev, "hwrng\n"); 2522 } 2523 2524 /* register crypto algorithms the device supports */ 2525 for (i = 0; i < ARRAY_SIZE(driver_algs); i++) { 2526 if (hw_supports(dev, driver_algs[i].desc_hdr_template)) { 2527 struct talitos_crypto_alg *t_alg; 2528 char *name = NULL; 2529 2530 t_alg = talitos_alg_alloc(dev, &driver_algs[i]); 2531 if (IS_ERR(t_alg)) { 2532 err = PTR_ERR(t_alg); 2533 goto err_out; 2534 } 2535 2536 switch (t_alg->algt.type) { 2537 case CRYPTO_ALG_TYPE_ABLKCIPHER: 2538 case CRYPTO_ALG_TYPE_AEAD: 2539 err = crypto_register_alg( 2540 &t_alg->algt.alg.crypto); 2541 name = t_alg->algt.alg.crypto.cra_driver_name; 2542 break; 2543 case CRYPTO_ALG_TYPE_AHASH: 2544 err = crypto_register_ahash( 2545 &t_alg->algt.alg.hash); 2546 name = 2547 t_alg->algt.alg.hash.halg.base.cra_driver_name; 2548 break; 2549 } 2550 if (err) { 2551 dev_err(dev, "%s alg registration failed\n", 2552 name); 2553 kfree(t_alg); 2554 } else { 2555 list_add_tail(&t_alg->entry, &priv->alg_list); 2556 dev_info(dev, "%s\n", name); 2557 } 2558 } 2559 } 2560 2561 return 0; 2562 2563 err_out: 2564 talitos_remove(ofdev); 2565 2566 return err; 2567 } 2568 2569 static const struct of_device_id talitos_match[] = { 2570 { 2571 .compatible = "fsl,sec2.0", 2572 }, 2573 {}, 2574 }; 2575 MODULE_DEVICE_TABLE(of, talitos_match); 2576 2577 static struct platform_driver talitos_driver = { 2578 .driver = { 2579 .name = "talitos", 2580 .owner = THIS_MODULE, 2581 .of_match_table = talitos_match, 2582 }, 2583 .probe = talitos_probe, 2584 .remove = talitos_remove, 2585 }; 2586 2587 static int __init talitos_init(void) 2588 { 2589 return platform_driver_register(&talitos_driver); 2590 } 2591 module_init(talitos_init); 2592 2593 static void __exit talitos_exit(void) 2594 { 2595 platform_driver_unregister(&talitos_driver); 2596 } 2597 module_exit(talitos_exit); 2598 2599 MODULE_LICENSE("GPL"); 2600 MODULE_AUTHOR("Kim Phillips <kim.phillips@freescale.com>"); 2601 MODULE_DESCRIPTION("Freescale integrated security engine (SEC) driver"); 2602