1 /* 2 * talitos - Freescale Integrated Security Engine (SEC) device driver 3 * 4 * Copyright (c) 2008 Freescale Semiconductor, Inc. 5 * 6 * Scatterlist Crypto API glue code copied from files with the following: 7 * Copyright (c) 2006-2007 Herbert Xu <herbert@gondor.apana.org.au> 8 * 9 * Crypto algorithm registration code copied from hifn driver: 10 * 2007+ Copyright (c) Evgeniy Polyakov <johnpol@2ka.mipt.ru> 11 * All rights reserved. 12 * 13 * This program is free software; you can redistribute it and/or modify 14 * it under the terms of the GNU General Public License as published by 15 * the Free Software Foundation; either version 2 of the License, or 16 * (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 * GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with this program; if not, write to the Free Software 25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 26 */ 27 28 #include <linux/kernel.h> 29 #include <linux/module.h> 30 #include <linux/mod_devicetable.h> 31 #include <linux/device.h> 32 #include <linux/interrupt.h> 33 #include <linux/crypto.h> 34 #include <linux/hw_random.h> 35 #include <linux/of_platform.h> 36 #include <linux/dma-mapping.h> 37 #include <linux/io.h> 38 #include <linux/spinlock.h> 39 #include <linux/rtnetlink.h> 40 41 #include <crypto/algapi.h> 42 #include <crypto/aes.h> 43 #include <crypto/des.h> 44 #include <crypto/sha.h> 45 #include <crypto/aead.h> 46 #include <crypto/authenc.h> 47 #include <crypto/skcipher.h> 48 #include <crypto/scatterwalk.h> 49 50 #include "talitos.h" 51 52 #define TALITOS_TIMEOUT 100000 53 #define TALITOS_MAX_DATA_LEN 65535 54 55 #define DESC_TYPE(desc_hdr) ((be32_to_cpu(desc_hdr) >> 3) & 0x1f) 56 #define PRIMARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 28) & 0xf) 57 #define SECONDARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 16) & 0xf) 58 59 /* descriptor pointer entry */ 60 struct talitos_ptr { 61 __be16 len; /* length */ 62 u8 j_extent; /* jump to sg link table and/or extent */ 63 u8 eptr; /* extended address */ 64 __be32 ptr; /* address */ 65 }; 66 67 /* descriptor */ 68 struct talitos_desc { 69 __be32 hdr; /* header high bits */ 70 __be32 hdr_lo; /* header low bits */ 71 struct talitos_ptr ptr[7]; /* ptr/len pair array */ 72 }; 73 74 /** 75 * talitos_request - descriptor submission request 76 * @desc: descriptor pointer (kernel virtual) 77 * @dma_desc: descriptor's physical bus address 78 * @callback: whom to call when descriptor processing is done 79 * @context: caller context (optional) 80 */ 81 struct talitos_request { 82 struct talitos_desc *desc; 83 dma_addr_t dma_desc; 84 void (*callback) (struct device *dev, struct talitos_desc *desc, 85 void *context, int error); 86 void *context; 87 }; 88 89 /* per-channel fifo management */ 90 struct talitos_channel { 91 /* request fifo */ 92 struct talitos_request *fifo; 93 94 /* number of requests pending in channel h/w fifo */ 95 atomic_t submit_count ____cacheline_aligned; 96 97 /* request submission (head) lock */ 98 spinlock_t head_lock ____cacheline_aligned; 99 /* index to next free descriptor request */ 100 int head; 101 102 /* request release (tail) lock */ 103 spinlock_t tail_lock ____cacheline_aligned; 104 /* index to next in-progress/done descriptor request */ 105 int tail; 106 }; 107 108 struct talitos_private { 109 struct device *dev; 110 struct of_device *ofdev; 111 void __iomem *reg; 112 int irq; 113 114 /* SEC version geometry (from device tree node) */ 115 unsigned int num_channels; 116 unsigned int chfifo_len; 117 unsigned int exec_units; 118 unsigned int desc_types; 119 120 /* SEC Compatibility info */ 121 unsigned long features; 122 123 /* 124 * length of the request fifo 125 * fifo_len is chfifo_len rounded up to next power of 2 126 * so we can use bitwise ops to wrap 127 */ 128 unsigned int fifo_len; 129 130 struct talitos_channel *chan; 131 132 /* next channel to be assigned next incoming descriptor */ 133 atomic_t last_chan ____cacheline_aligned; 134 135 /* request callback tasklet */ 136 struct tasklet_struct done_task; 137 138 /* list of registered algorithms */ 139 struct list_head alg_list; 140 141 /* hwrng device */ 142 struct hwrng rng; 143 }; 144 145 /* .features flag */ 146 #define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x00000001 147 #define TALITOS_FTR_HW_AUTH_CHECK 0x00000002 148 149 static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t dma_addr) 150 { 151 talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr)); 152 talitos_ptr->eptr = cpu_to_be32(upper_32_bits(dma_addr)); 153 } 154 155 /* 156 * map virtual single (contiguous) pointer to h/w descriptor pointer 157 */ 158 static void map_single_talitos_ptr(struct device *dev, 159 struct talitos_ptr *talitos_ptr, 160 unsigned short len, void *data, 161 unsigned char extent, 162 enum dma_data_direction dir) 163 { 164 dma_addr_t dma_addr = dma_map_single(dev, data, len, dir); 165 166 talitos_ptr->len = cpu_to_be16(len); 167 to_talitos_ptr(talitos_ptr, dma_addr); 168 talitos_ptr->j_extent = extent; 169 } 170 171 /* 172 * unmap bus single (contiguous) h/w descriptor pointer 173 */ 174 static void unmap_single_talitos_ptr(struct device *dev, 175 struct talitos_ptr *talitos_ptr, 176 enum dma_data_direction dir) 177 { 178 dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr), 179 be16_to_cpu(talitos_ptr->len), dir); 180 } 181 182 static int reset_channel(struct device *dev, int ch) 183 { 184 struct talitos_private *priv = dev_get_drvdata(dev); 185 unsigned int timeout = TALITOS_TIMEOUT; 186 187 setbits32(priv->reg + TALITOS_CCCR(ch), TALITOS_CCCR_RESET); 188 189 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & TALITOS_CCCR_RESET) 190 && --timeout) 191 cpu_relax(); 192 193 if (timeout == 0) { 194 dev_err(dev, "failed to reset channel %d\n", ch); 195 return -EIO; 196 } 197 198 /* set 36-bit addressing, done writeback enable and done IRQ enable */ 199 setbits32(priv->reg + TALITOS_CCCR_LO(ch), TALITOS_CCCR_LO_EAE | 200 TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE); 201 202 /* and ICCR writeback, if available */ 203 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK) 204 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 205 TALITOS_CCCR_LO_IWSE); 206 207 return 0; 208 } 209 210 static int reset_device(struct device *dev) 211 { 212 struct talitos_private *priv = dev_get_drvdata(dev); 213 unsigned int timeout = TALITOS_TIMEOUT; 214 215 setbits32(priv->reg + TALITOS_MCR, TALITOS_MCR_SWR); 216 217 while ((in_be32(priv->reg + TALITOS_MCR) & TALITOS_MCR_SWR) 218 && --timeout) 219 cpu_relax(); 220 221 if (timeout == 0) { 222 dev_err(dev, "failed to reset device\n"); 223 return -EIO; 224 } 225 226 return 0; 227 } 228 229 /* 230 * Reset and initialize the device 231 */ 232 static int init_device(struct device *dev) 233 { 234 struct talitos_private *priv = dev_get_drvdata(dev); 235 int ch, err; 236 237 /* 238 * Master reset 239 * errata documentation: warning: certain SEC interrupts 240 * are not fully cleared by writing the MCR:SWR bit, 241 * set bit twice to completely reset 242 */ 243 err = reset_device(dev); 244 if (err) 245 return err; 246 247 err = reset_device(dev); 248 if (err) 249 return err; 250 251 /* reset channels */ 252 for (ch = 0; ch < priv->num_channels; ch++) { 253 err = reset_channel(dev, ch); 254 if (err) 255 return err; 256 } 257 258 /* enable channel done and error interrupts */ 259 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT); 260 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); 261 262 /* disable integrity check error interrupts (use writeback instead) */ 263 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK) 264 setbits32(priv->reg + TALITOS_MDEUICR_LO, 265 TALITOS_MDEUICR_LO_ICE); 266 267 return 0; 268 } 269 270 /** 271 * talitos_submit - submits a descriptor to the device for processing 272 * @dev: the SEC device to be used 273 * @desc: the descriptor to be processed by the device 274 * @callback: whom to call when processing is complete 275 * @context: a handle for use by caller (optional) 276 * 277 * desc must contain valid dma-mapped (bus physical) address pointers. 278 * callback must check err and feedback in descriptor header 279 * for device processing status. 280 */ 281 static int talitos_submit(struct device *dev, struct talitos_desc *desc, 282 void (*callback)(struct device *dev, 283 struct talitos_desc *desc, 284 void *context, int error), 285 void *context) 286 { 287 struct talitos_private *priv = dev_get_drvdata(dev); 288 struct talitos_request *request; 289 unsigned long flags, ch; 290 int head; 291 292 /* select done notification */ 293 desc->hdr |= DESC_HDR_DONE_NOTIFY; 294 295 /* emulate SEC's round-robin channel fifo polling scheme */ 296 ch = atomic_inc_return(&priv->last_chan) & (priv->num_channels - 1); 297 298 spin_lock_irqsave(&priv->chan[ch].head_lock, flags); 299 300 if (!atomic_inc_not_zero(&priv->chan[ch].submit_count)) { 301 /* h/w fifo is full */ 302 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags); 303 return -EAGAIN; 304 } 305 306 head = priv->chan[ch].head; 307 request = &priv->chan[ch].fifo[head]; 308 309 /* map descriptor and save caller data */ 310 request->dma_desc = dma_map_single(dev, desc, sizeof(*desc), 311 DMA_BIDIRECTIONAL); 312 request->callback = callback; 313 request->context = context; 314 315 /* increment fifo head */ 316 priv->chan[ch].head = (priv->chan[ch].head + 1) & (priv->fifo_len - 1); 317 318 smp_wmb(); 319 request->desc = desc; 320 321 /* GO! */ 322 wmb(); 323 out_be32(priv->reg + TALITOS_FF(ch), 324 cpu_to_be32(upper_32_bits(request->dma_desc))); 325 out_be32(priv->reg + TALITOS_FF_LO(ch), 326 cpu_to_be32(lower_32_bits(request->dma_desc))); 327 328 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags); 329 330 return -EINPROGRESS; 331 } 332 333 /* 334 * process what was done, notify callback of error if not 335 */ 336 static void flush_channel(struct device *dev, int ch, int error, int reset_ch) 337 { 338 struct talitos_private *priv = dev_get_drvdata(dev); 339 struct talitos_request *request, saved_req; 340 unsigned long flags; 341 int tail, status; 342 343 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags); 344 345 tail = priv->chan[ch].tail; 346 while (priv->chan[ch].fifo[tail].desc) { 347 request = &priv->chan[ch].fifo[tail]; 348 349 /* descriptors with their done bits set don't get the error */ 350 rmb(); 351 if ((request->desc->hdr & DESC_HDR_DONE) == DESC_HDR_DONE) 352 status = 0; 353 else 354 if (!error) 355 break; 356 else 357 status = error; 358 359 dma_unmap_single(dev, request->dma_desc, 360 sizeof(struct talitos_desc), 361 DMA_BIDIRECTIONAL); 362 363 /* copy entries so we can call callback outside lock */ 364 saved_req.desc = request->desc; 365 saved_req.callback = request->callback; 366 saved_req.context = request->context; 367 368 /* release request entry in fifo */ 369 smp_wmb(); 370 request->desc = NULL; 371 372 /* increment fifo tail */ 373 priv->chan[ch].tail = (tail + 1) & (priv->fifo_len - 1); 374 375 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags); 376 377 atomic_dec(&priv->chan[ch].submit_count); 378 379 saved_req.callback(dev, saved_req.desc, saved_req.context, 380 status); 381 /* channel may resume processing in single desc error case */ 382 if (error && !reset_ch && status == error) 383 return; 384 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags); 385 tail = priv->chan[ch].tail; 386 } 387 388 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags); 389 } 390 391 /* 392 * process completed requests for channels that have done status 393 */ 394 static void talitos_done(unsigned long data) 395 { 396 struct device *dev = (struct device *)data; 397 struct talitos_private *priv = dev_get_drvdata(dev); 398 int ch; 399 400 for (ch = 0; ch < priv->num_channels; ch++) 401 flush_channel(dev, ch, 0, 0); 402 403 /* At this point, all completed channels have been processed. 404 * Unmask done interrupts for channels completed later on. 405 */ 406 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT); 407 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); 408 } 409 410 /* 411 * locate current (offending) descriptor 412 */ 413 static struct talitos_desc *current_desc(struct device *dev, int ch) 414 { 415 struct talitos_private *priv = dev_get_drvdata(dev); 416 int tail = priv->chan[ch].tail; 417 dma_addr_t cur_desc; 418 419 cur_desc = in_be32(priv->reg + TALITOS_CDPR_LO(ch)); 420 421 while (priv->chan[ch].fifo[tail].dma_desc != cur_desc) { 422 tail = (tail + 1) & (priv->fifo_len - 1); 423 if (tail == priv->chan[ch].tail) { 424 dev_err(dev, "couldn't locate current descriptor\n"); 425 return NULL; 426 } 427 } 428 429 return priv->chan[ch].fifo[tail].desc; 430 } 431 432 /* 433 * user diagnostics; report root cause of error based on execution unit status 434 */ 435 static void report_eu_error(struct device *dev, int ch, 436 struct talitos_desc *desc) 437 { 438 struct talitos_private *priv = dev_get_drvdata(dev); 439 int i; 440 441 switch (desc->hdr & DESC_HDR_SEL0_MASK) { 442 case DESC_HDR_SEL0_AFEU: 443 dev_err(dev, "AFEUISR 0x%08x_%08x\n", 444 in_be32(priv->reg + TALITOS_AFEUISR), 445 in_be32(priv->reg + TALITOS_AFEUISR_LO)); 446 break; 447 case DESC_HDR_SEL0_DEU: 448 dev_err(dev, "DEUISR 0x%08x_%08x\n", 449 in_be32(priv->reg + TALITOS_DEUISR), 450 in_be32(priv->reg + TALITOS_DEUISR_LO)); 451 break; 452 case DESC_HDR_SEL0_MDEUA: 453 case DESC_HDR_SEL0_MDEUB: 454 dev_err(dev, "MDEUISR 0x%08x_%08x\n", 455 in_be32(priv->reg + TALITOS_MDEUISR), 456 in_be32(priv->reg + TALITOS_MDEUISR_LO)); 457 break; 458 case DESC_HDR_SEL0_RNG: 459 dev_err(dev, "RNGUISR 0x%08x_%08x\n", 460 in_be32(priv->reg + TALITOS_RNGUISR), 461 in_be32(priv->reg + TALITOS_RNGUISR_LO)); 462 break; 463 case DESC_HDR_SEL0_PKEU: 464 dev_err(dev, "PKEUISR 0x%08x_%08x\n", 465 in_be32(priv->reg + TALITOS_PKEUISR), 466 in_be32(priv->reg + TALITOS_PKEUISR_LO)); 467 break; 468 case DESC_HDR_SEL0_AESU: 469 dev_err(dev, "AESUISR 0x%08x_%08x\n", 470 in_be32(priv->reg + TALITOS_AESUISR), 471 in_be32(priv->reg + TALITOS_AESUISR_LO)); 472 break; 473 case DESC_HDR_SEL0_CRCU: 474 dev_err(dev, "CRCUISR 0x%08x_%08x\n", 475 in_be32(priv->reg + TALITOS_CRCUISR), 476 in_be32(priv->reg + TALITOS_CRCUISR_LO)); 477 break; 478 case DESC_HDR_SEL0_KEU: 479 dev_err(dev, "KEUISR 0x%08x_%08x\n", 480 in_be32(priv->reg + TALITOS_KEUISR), 481 in_be32(priv->reg + TALITOS_KEUISR_LO)); 482 break; 483 } 484 485 switch (desc->hdr & DESC_HDR_SEL1_MASK) { 486 case DESC_HDR_SEL1_MDEUA: 487 case DESC_HDR_SEL1_MDEUB: 488 dev_err(dev, "MDEUISR 0x%08x_%08x\n", 489 in_be32(priv->reg + TALITOS_MDEUISR), 490 in_be32(priv->reg + TALITOS_MDEUISR_LO)); 491 break; 492 case DESC_HDR_SEL1_CRCU: 493 dev_err(dev, "CRCUISR 0x%08x_%08x\n", 494 in_be32(priv->reg + TALITOS_CRCUISR), 495 in_be32(priv->reg + TALITOS_CRCUISR_LO)); 496 break; 497 } 498 499 for (i = 0; i < 8; i++) 500 dev_err(dev, "DESCBUF 0x%08x_%08x\n", 501 in_be32(priv->reg + TALITOS_DESCBUF(ch) + 8*i), 502 in_be32(priv->reg + TALITOS_DESCBUF_LO(ch) + 8*i)); 503 } 504 505 /* 506 * recover from error interrupts 507 */ 508 static void talitos_error(unsigned long data, u32 isr, u32 isr_lo) 509 { 510 struct device *dev = (struct device *)data; 511 struct talitos_private *priv = dev_get_drvdata(dev); 512 unsigned int timeout = TALITOS_TIMEOUT; 513 int ch, error, reset_dev = 0, reset_ch = 0; 514 u32 v, v_lo; 515 516 for (ch = 0; ch < priv->num_channels; ch++) { 517 /* skip channels without errors */ 518 if (!(isr & (1 << (ch * 2 + 1)))) 519 continue; 520 521 error = -EINVAL; 522 523 v = in_be32(priv->reg + TALITOS_CCPSR(ch)); 524 v_lo = in_be32(priv->reg + TALITOS_CCPSR_LO(ch)); 525 526 if (v_lo & TALITOS_CCPSR_LO_DOF) { 527 dev_err(dev, "double fetch fifo overflow error\n"); 528 error = -EAGAIN; 529 reset_ch = 1; 530 } 531 if (v_lo & TALITOS_CCPSR_LO_SOF) { 532 /* h/w dropped descriptor */ 533 dev_err(dev, "single fetch fifo overflow error\n"); 534 error = -EAGAIN; 535 } 536 if (v_lo & TALITOS_CCPSR_LO_MDTE) 537 dev_err(dev, "master data transfer error\n"); 538 if (v_lo & TALITOS_CCPSR_LO_SGDLZ) 539 dev_err(dev, "s/g data length zero error\n"); 540 if (v_lo & TALITOS_CCPSR_LO_FPZ) 541 dev_err(dev, "fetch pointer zero error\n"); 542 if (v_lo & TALITOS_CCPSR_LO_IDH) 543 dev_err(dev, "illegal descriptor header error\n"); 544 if (v_lo & TALITOS_CCPSR_LO_IEU) 545 dev_err(dev, "invalid execution unit error\n"); 546 if (v_lo & TALITOS_CCPSR_LO_EU) 547 report_eu_error(dev, ch, current_desc(dev, ch)); 548 if (v_lo & TALITOS_CCPSR_LO_GB) 549 dev_err(dev, "gather boundary error\n"); 550 if (v_lo & TALITOS_CCPSR_LO_GRL) 551 dev_err(dev, "gather return/length error\n"); 552 if (v_lo & TALITOS_CCPSR_LO_SB) 553 dev_err(dev, "scatter boundary error\n"); 554 if (v_lo & TALITOS_CCPSR_LO_SRL) 555 dev_err(dev, "scatter return/length error\n"); 556 557 flush_channel(dev, ch, error, reset_ch); 558 559 if (reset_ch) { 560 reset_channel(dev, ch); 561 } else { 562 setbits32(priv->reg + TALITOS_CCCR(ch), 563 TALITOS_CCCR_CONT); 564 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 0); 565 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & 566 TALITOS_CCCR_CONT) && --timeout) 567 cpu_relax(); 568 if (timeout == 0) { 569 dev_err(dev, "failed to restart channel %d\n", 570 ch); 571 reset_dev = 1; 572 } 573 } 574 } 575 if (reset_dev || isr & ~TALITOS_ISR_CHERR || isr_lo) { 576 dev_err(dev, "done overflow, internal time out, or rngu error: " 577 "ISR 0x%08x_%08x\n", isr, isr_lo); 578 579 /* purge request queues */ 580 for (ch = 0; ch < priv->num_channels; ch++) 581 flush_channel(dev, ch, -EIO, 1); 582 583 /* reset and reinitialize the device */ 584 init_device(dev); 585 } 586 } 587 588 static irqreturn_t talitos_interrupt(int irq, void *data) 589 { 590 struct device *dev = data; 591 struct talitos_private *priv = dev_get_drvdata(dev); 592 u32 isr, isr_lo; 593 594 isr = in_be32(priv->reg + TALITOS_ISR); 595 isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); 596 /* Acknowledge interrupt */ 597 out_be32(priv->reg + TALITOS_ICR, isr); 598 out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); 599 600 if (unlikely((isr & ~TALITOS_ISR_CHDONE) || isr_lo)) 601 talitos_error((unsigned long)data, isr, isr_lo); 602 else 603 if (likely(isr & TALITOS_ISR_CHDONE)) { 604 /* mask further done interrupts. */ 605 clrbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_DONE); 606 /* done_task will unmask done interrupts at exit */ 607 tasklet_schedule(&priv->done_task); 608 } 609 610 return (isr || isr_lo) ? IRQ_HANDLED : IRQ_NONE; 611 } 612 613 /* 614 * hwrng 615 */ 616 static int talitos_rng_data_present(struct hwrng *rng, int wait) 617 { 618 struct device *dev = (struct device *)rng->priv; 619 struct talitos_private *priv = dev_get_drvdata(dev); 620 u32 ofl; 621 int i; 622 623 for (i = 0; i < 20; i++) { 624 ofl = in_be32(priv->reg + TALITOS_RNGUSR_LO) & 625 TALITOS_RNGUSR_LO_OFL; 626 if (ofl || !wait) 627 break; 628 udelay(10); 629 } 630 631 return !!ofl; 632 } 633 634 static int talitos_rng_data_read(struct hwrng *rng, u32 *data) 635 { 636 struct device *dev = (struct device *)rng->priv; 637 struct talitos_private *priv = dev_get_drvdata(dev); 638 639 /* rng fifo requires 64-bit accesses */ 640 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO); 641 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO_LO); 642 643 return sizeof(u32); 644 } 645 646 static int talitos_rng_init(struct hwrng *rng) 647 { 648 struct device *dev = (struct device *)rng->priv; 649 struct talitos_private *priv = dev_get_drvdata(dev); 650 unsigned int timeout = TALITOS_TIMEOUT; 651 652 setbits32(priv->reg + TALITOS_RNGURCR_LO, TALITOS_RNGURCR_LO_SR); 653 while (!(in_be32(priv->reg + TALITOS_RNGUSR_LO) & TALITOS_RNGUSR_LO_RD) 654 && --timeout) 655 cpu_relax(); 656 if (timeout == 0) { 657 dev_err(dev, "failed to reset rng hw\n"); 658 return -ENODEV; 659 } 660 661 /* start generating */ 662 setbits32(priv->reg + TALITOS_RNGUDSR_LO, 0); 663 664 return 0; 665 } 666 667 static int talitos_register_rng(struct device *dev) 668 { 669 struct talitos_private *priv = dev_get_drvdata(dev); 670 671 priv->rng.name = dev_driver_string(dev), 672 priv->rng.init = talitos_rng_init, 673 priv->rng.data_present = talitos_rng_data_present, 674 priv->rng.data_read = talitos_rng_data_read, 675 priv->rng.priv = (unsigned long)dev; 676 677 return hwrng_register(&priv->rng); 678 } 679 680 static void talitos_unregister_rng(struct device *dev) 681 { 682 struct talitos_private *priv = dev_get_drvdata(dev); 683 684 hwrng_unregister(&priv->rng); 685 } 686 687 /* 688 * crypto alg 689 */ 690 #define TALITOS_CRA_PRIORITY 3000 691 #define TALITOS_MAX_KEY_SIZE 64 692 #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */ 693 694 #define MD5_DIGEST_SIZE 16 695 696 struct talitos_ctx { 697 struct device *dev; 698 __be32 desc_hdr_template; 699 u8 key[TALITOS_MAX_KEY_SIZE]; 700 u8 iv[TALITOS_MAX_IV_LENGTH]; 701 unsigned int keylen; 702 unsigned int enckeylen; 703 unsigned int authkeylen; 704 unsigned int authsize; 705 }; 706 707 static int aead_setauthsize(struct crypto_aead *authenc, 708 unsigned int authsize) 709 { 710 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 711 712 ctx->authsize = authsize; 713 714 return 0; 715 } 716 717 static int aead_setkey(struct crypto_aead *authenc, 718 const u8 *key, unsigned int keylen) 719 { 720 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 721 struct rtattr *rta = (void *)key; 722 struct crypto_authenc_key_param *param; 723 unsigned int authkeylen; 724 unsigned int enckeylen; 725 726 if (!RTA_OK(rta, keylen)) 727 goto badkey; 728 729 if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM) 730 goto badkey; 731 732 if (RTA_PAYLOAD(rta) < sizeof(*param)) 733 goto badkey; 734 735 param = RTA_DATA(rta); 736 enckeylen = be32_to_cpu(param->enckeylen); 737 738 key += RTA_ALIGN(rta->rta_len); 739 keylen -= RTA_ALIGN(rta->rta_len); 740 741 if (keylen < enckeylen) 742 goto badkey; 743 744 authkeylen = keylen - enckeylen; 745 746 if (keylen > TALITOS_MAX_KEY_SIZE) 747 goto badkey; 748 749 memcpy(&ctx->key, key, keylen); 750 751 ctx->keylen = keylen; 752 ctx->enckeylen = enckeylen; 753 ctx->authkeylen = authkeylen; 754 755 return 0; 756 757 badkey: 758 crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN); 759 return -EINVAL; 760 } 761 762 /* 763 * talitos_edesc - s/w-extended descriptor 764 * @src_nents: number of segments in input scatterlist 765 * @dst_nents: number of segments in output scatterlist 766 * @dma_len: length of dma mapped link_tbl space 767 * @dma_link_tbl: bus physical address of link_tbl 768 * @desc: h/w descriptor 769 * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1) 770 * 771 * if decrypting (with authcheck), or either one of src_nents or dst_nents 772 * is greater than 1, an integrity check value is concatenated to the end 773 * of link_tbl data 774 */ 775 struct talitos_edesc { 776 int src_nents; 777 int dst_nents; 778 int src_is_chained; 779 int dst_is_chained; 780 int dma_len; 781 dma_addr_t dma_link_tbl; 782 struct talitos_desc desc; 783 struct talitos_ptr link_tbl[0]; 784 }; 785 786 static int talitos_map_sg(struct device *dev, struct scatterlist *sg, 787 unsigned int nents, enum dma_data_direction dir, 788 int chained) 789 { 790 if (unlikely(chained)) 791 while (sg) { 792 dma_map_sg(dev, sg, 1, dir); 793 sg = scatterwalk_sg_next(sg); 794 } 795 else 796 dma_map_sg(dev, sg, nents, dir); 797 return nents; 798 } 799 800 static void talitos_unmap_sg_chain(struct device *dev, struct scatterlist *sg, 801 enum dma_data_direction dir) 802 { 803 while (sg) { 804 dma_unmap_sg(dev, sg, 1, dir); 805 sg = scatterwalk_sg_next(sg); 806 } 807 } 808 809 static void talitos_sg_unmap(struct device *dev, 810 struct talitos_edesc *edesc, 811 struct scatterlist *src, 812 struct scatterlist *dst) 813 { 814 unsigned int src_nents = edesc->src_nents ? : 1; 815 unsigned int dst_nents = edesc->dst_nents ? : 1; 816 817 if (src != dst) { 818 if (edesc->src_is_chained) 819 talitos_unmap_sg_chain(dev, src, DMA_TO_DEVICE); 820 else 821 dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE); 822 823 if (edesc->dst_is_chained) 824 talitos_unmap_sg_chain(dev, dst, DMA_FROM_DEVICE); 825 else 826 dma_unmap_sg(dev, dst, dst_nents, DMA_FROM_DEVICE); 827 } else 828 if (edesc->src_is_chained) 829 talitos_unmap_sg_chain(dev, src, DMA_BIDIRECTIONAL); 830 else 831 dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL); 832 } 833 834 static void ipsec_esp_unmap(struct device *dev, 835 struct talitos_edesc *edesc, 836 struct aead_request *areq) 837 { 838 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6], DMA_FROM_DEVICE); 839 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[3], DMA_TO_DEVICE); 840 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE); 841 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[0], DMA_TO_DEVICE); 842 843 dma_unmap_sg(dev, areq->assoc, 1, DMA_TO_DEVICE); 844 845 talitos_sg_unmap(dev, edesc, areq->src, areq->dst); 846 847 if (edesc->dma_len) 848 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 849 DMA_BIDIRECTIONAL); 850 } 851 852 /* 853 * ipsec_esp descriptor callbacks 854 */ 855 static void ipsec_esp_encrypt_done(struct device *dev, 856 struct talitos_desc *desc, void *context, 857 int err) 858 { 859 struct aead_request *areq = context; 860 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 861 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 862 struct talitos_edesc *edesc; 863 struct scatterlist *sg; 864 void *icvdata; 865 866 edesc = container_of(desc, struct talitos_edesc, desc); 867 868 ipsec_esp_unmap(dev, edesc, areq); 869 870 /* copy the generated ICV to dst */ 871 if (edesc->dma_len) { 872 icvdata = &edesc->link_tbl[edesc->src_nents + 873 edesc->dst_nents + 2]; 874 sg = sg_last(areq->dst, edesc->dst_nents); 875 memcpy((char *)sg_virt(sg) + sg->length - ctx->authsize, 876 icvdata, ctx->authsize); 877 } 878 879 kfree(edesc); 880 881 aead_request_complete(areq, err); 882 } 883 884 static void ipsec_esp_decrypt_swauth_done(struct device *dev, 885 struct talitos_desc *desc, 886 void *context, int err) 887 { 888 struct aead_request *req = context; 889 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 890 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 891 struct talitos_edesc *edesc; 892 struct scatterlist *sg; 893 void *icvdata; 894 895 edesc = container_of(desc, struct talitos_edesc, desc); 896 897 ipsec_esp_unmap(dev, edesc, req); 898 899 if (!err) { 900 /* auth check */ 901 if (edesc->dma_len) 902 icvdata = &edesc->link_tbl[edesc->src_nents + 903 edesc->dst_nents + 2]; 904 else 905 icvdata = &edesc->link_tbl[0]; 906 907 sg = sg_last(req->dst, edesc->dst_nents ? : 1); 908 err = memcmp(icvdata, (char *)sg_virt(sg) + sg->length - 909 ctx->authsize, ctx->authsize) ? -EBADMSG : 0; 910 } 911 912 kfree(edesc); 913 914 aead_request_complete(req, err); 915 } 916 917 static void ipsec_esp_decrypt_hwauth_done(struct device *dev, 918 struct talitos_desc *desc, 919 void *context, int err) 920 { 921 struct aead_request *req = context; 922 struct talitos_edesc *edesc; 923 924 edesc = container_of(desc, struct talitos_edesc, desc); 925 926 ipsec_esp_unmap(dev, edesc, req); 927 928 /* check ICV auth status */ 929 if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) != 930 DESC_HDR_LO_ICCR1_PASS)) 931 err = -EBADMSG; 932 933 kfree(edesc); 934 935 aead_request_complete(req, err); 936 } 937 938 /* 939 * convert scatterlist to SEC h/w link table format 940 * stop at cryptlen bytes 941 */ 942 static int sg_to_link_tbl(struct scatterlist *sg, int sg_count, 943 int cryptlen, struct talitos_ptr *link_tbl_ptr) 944 { 945 int n_sg = sg_count; 946 947 while (n_sg--) { 948 to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg)); 949 link_tbl_ptr->len = cpu_to_be16(sg_dma_len(sg)); 950 link_tbl_ptr->j_extent = 0; 951 link_tbl_ptr++; 952 cryptlen -= sg_dma_len(sg); 953 sg = scatterwalk_sg_next(sg); 954 } 955 956 /* adjust (decrease) last one (or two) entry's len to cryptlen */ 957 link_tbl_ptr--; 958 while (be16_to_cpu(link_tbl_ptr->len) <= (-cryptlen)) { 959 /* Empty this entry, and move to previous one */ 960 cryptlen += be16_to_cpu(link_tbl_ptr->len); 961 link_tbl_ptr->len = 0; 962 sg_count--; 963 link_tbl_ptr--; 964 } 965 link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len) 966 + cryptlen); 967 968 /* tag end of link table */ 969 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; 970 971 return sg_count; 972 } 973 974 /* 975 * fill in and submit ipsec_esp descriptor 976 */ 977 static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq, 978 u8 *giv, u64 seq, 979 void (*callback) (struct device *dev, 980 struct talitos_desc *desc, 981 void *context, int error)) 982 { 983 struct crypto_aead *aead = crypto_aead_reqtfm(areq); 984 struct talitos_ctx *ctx = crypto_aead_ctx(aead); 985 struct device *dev = ctx->dev; 986 struct talitos_desc *desc = &edesc->desc; 987 unsigned int cryptlen = areq->cryptlen; 988 unsigned int authsize = ctx->authsize; 989 unsigned int ivsize = crypto_aead_ivsize(aead); 990 int sg_count, ret; 991 int sg_link_tbl_len; 992 993 /* hmac key */ 994 map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key, 995 0, DMA_TO_DEVICE); 996 /* hmac data */ 997 map_single_talitos_ptr(dev, &desc->ptr[1], areq->assoclen + ivsize, 998 sg_virt(areq->assoc), 0, DMA_TO_DEVICE); 999 /* cipher iv */ 1000 map_single_talitos_ptr(dev, &desc->ptr[2], ivsize, giv ?: areq->iv, 0, 1001 DMA_TO_DEVICE); 1002 1003 /* cipher key */ 1004 map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen, 1005 (char *)&ctx->key + ctx->authkeylen, 0, 1006 DMA_TO_DEVICE); 1007 1008 /* 1009 * cipher in 1010 * map and adjust cipher len to aead request cryptlen. 1011 * extent is bytes of HMAC postpended to ciphertext, 1012 * typically 12 for ipsec 1013 */ 1014 desc->ptr[4].len = cpu_to_be16(cryptlen); 1015 desc->ptr[4].j_extent = authsize; 1016 1017 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1, 1018 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL 1019 : DMA_TO_DEVICE, 1020 edesc->src_is_chained); 1021 1022 if (sg_count == 1) { 1023 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->src)); 1024 } else { 1025 sg_link_tbl_len = cryptlen; 1026 1027 if (edesc->desc.hdr & DESC_HDR_MODE1_MDEU_CICV) 1028 sg_link_tbl_len = cryptlen + authsize; 1029 1030 sg_count = sg_to_link_tbl(areq->src, sg_count, sg_link_tbl_len, 1031 &edesc->link_tbl[0]); 1032 if (sg_count > 1) { 1033 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; 1034 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl); 1035 dma_sync_single_for_device(dev, edesc->dma_link_tbl, 1036 edesc->dma_len, 1037 DMA_BIDIRECTIONAL); 1038 } else { 1039 /* Only one segment now, so no link tbl needed */ 1040 to_talitos_ptr(&desc->ptr[4], 1041 sg_dma_address(areq->src)); 1042 } 1043 } 1044 1045 /* cipher out */ 1046 desc->ptr[5].len = cpu_to_be16(cryptlen); 1047 desc->ptr[5].j_extent = authsize; 1048 1049 if (areq->src != areq->dst) 1050 sg_count = talitos_map_sg(dev, areq->dst, 1051 edesc->dst_nents ? : 1, 1052 DMA_FROM_DEVICE, 1053 edesc->dst_is_chained); 1054 1055 if (sg_count == 1) { 1056 to_talitos_ptr(&desc->ptr[5], sg_dma_address(areq->dst)); 1057 } else { 1058 struct talitos_ptr *link_tbl_ptr = 1059 &edesc->link_tbl[edesc->src_nents + 1]; 1060 1061 to_talitos_ptr(&desc->ptr[5], edesc->dma_link_tbl + 1062 (edesc->src_nents + 1) * 1063 sizeof(struct talitos_ptr)); 1064 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, 1065 link_tbl_ptr); 1066 1067 /* Add an entry to the link table for ICV data */ 1068 link_tbl_ptr += sg_count - 1; 1069 link_tbl_ptr->j_extent = 0; 1070 sg_count++; 1071 link_tbl_ptr++; 1072 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; 1073 link_tbl_ptr->len = cpu_to_be16(authsize); 1074 1075 /* icv data follows link tables */ 1076 to_talitos_ptr(link_tbl_ptr, edesc->dma_link_tbl + 1077 (edesc->src_nents + edesc->dst_nents + 2) * 1078 sizeof(struct talitos_ptr)); 1079 desc->ptr[5].j_extent |= DESC_PTR_LNKTBL_JUMP; 1080 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, 1081 edesc->dma_len, DMA_BIDIRECTIONAL); 1082 } 1083 1084 /* iv out */ 1085 map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, 0, 1086 DMA_FROM_DEVICE); 1087 1088 ret = talitos_submit(dev, desc, callback, areq); 1089 if (ret != -EINPROGRESS) { 1090 ipsec_esp_unmap(dev, edesc, areq); 1091 kfree(edesc); 1092 } 1093 return ret; 1094 } 1095 1096 /* 1097 * derive number of elements in scatterlist 1098 */ 1099 static int sg_count(struct scatterlist *sg_list, int nbytes, int *chained) 1100 { 1101 struct scatterlist *sg = sg_list; 1102 int sg_nents = 0; 1103 1104 *chained = 0; 1105 while (nbytes > 0) { 1106 sg_nents++; 1107 nbytes -= sg->length; 1108 if (!sg_is_last(sg) && (sg + 1)->length == 0) 1109 *chained = 1; 1110 sg = scatterwalk_sg_next(sg); 1111 } 1112 1113 return sg_nents; 1114 } 1115 1116 /* 1117 * allocate and map the extended descriptor 1118 */ 1119 static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, 1120 struct scatterlist *src, 1121 struct scatterlist *dst, 1122 unsigned int cryptlen, 1123 unsigned int authsize, 1124 int icv_stashing, 1125 u32 cryptoflags) 1126 { 1127 struct talitos_edesc *edesc; 1128 int src_nents, dst_nents, alloc_len, dma_len; 1129 int src_chained, dst_chained = 0; 1130 gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : 1131 GFP_ATOMIC; 1132 1133 if (cryptlen + authsize > TALITOS_MAX_DATA_LEN) { 1134 dev_err(dev, "length exceeds h/w max limit\n"); 1135 return ERR_PTR(-EINVAL); 1136 } 1137 1138 src_nents = sg_count(src, cryptlen + authsize, &src_chained); 1139 src_nents = (src_nents == 1) ? 0 : src_nents; 1140 1141 if (dst == src) { 1142 dst_nents = src_nents; 1143 } else { 1144 dst_nents = sg_count(dst, cryptlen + authsize, &dst_chained); 1145 dst_nents = (dst_nents == 1) ? 0 : dst_nents; 1146 } 1147 1148 /* 1149 * allocate space for base edesc plus the link tables, 1150 * allowing for two separate entries for ICV and generated ICV (+ 2), 1151 * and the ICV data itself 1152 */ 1153 alloc_len = sizeof(struct talitos_edesc); 1154 if (src_nents || dst_nents) { 1155 dma_len = (src_nents + dst_nents + 2) * 1156 sizeof(struct talitos_ptr) + authsize; 1157 alloc_len += dma_len; 1158 } else { 1159 dma_len = 0; 1160 alloc_len += icv_stashing ? authsize : 0; 1161 } 1162 1163 edesc = kmalloc(alloc_len, GFP_DMA | flags); 1164 if (!edesc) { 1165 dev_err(dev, "could not allocate edescriptor\n"); 1166 return ERR_PTR(-ENOMEM); 1167 } 1168 1169 edesc->src_nents = src_nents; 1170 edesc->dst_nents = dst_nents; 1171 edesc->src_is_chained = src_chained; 1172 edesc->dst_is_chained = dst_chained; 1173 edesc->dma_len = dma_len; 1174 edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0], 1175 edesc->dma_len, DMA_BIDIRECTIONAL); 1176 1177 return edesc; 1178 } 1179 1180 static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, 1181 int icv_stashing) 1182 { 1183 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 1184 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1185 1186 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 1187 areq->cryptlen, ctx->authsize, icv_stashing, 1188 areq->base.flags); 1189 } 1190 1191 static int aead_encrypt(struct aead_request *req) 1192 { 1193 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 1194 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1195 struct talitos_edesc *edesc; 1196 1197 /* allocate extended descriptor */ 1198 edesc = aead_edesc_alloc(req, 0); 1199 if (IS_ERR(edesc)) 1200 return PTR_ERR(edesc); 1201 1202 /* set encrypt */ 1203 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1204 1205 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_encrypt_done); 1206 } 1207 1208 static int aead_decrypt(struct aead_request *req) 1209 { 1210 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 1211 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1212 unsigned int authsize = ctx->authsize; 1213 struct talitos_private *priv = dev_get_drvdata(ctx->dev); 1214 struct talitos_edesc *edesc; 1215 struct scatterlist *sg; 1216 void *icvdata; 1217 1218 req->cryptlen -= authsize; 1219 1220 /* allocate extended descriptor */ 1221 edesc = aead_edesc_alloc(req, 1); 1222 if (IS_ERR(edesc)) 1223 return PTR_ERR(edesc); 1224 1225 if ((priv->features & TALITOS_FTR_HW_AUTH_CHECK) && 1226 ((!edesc->src_nents && !edesc->dst_nents) || 1227 priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) { 1228 1229 /* decrypt and check the ICV */ 1230 edesc->desc.hdr = ctx->desc_hdr_template | 1231 DESC_HDR_DIR_INBOUND | 1232 DESC_HDR_MODE1_MDEU_CICV; 1233 1234 /* reset integrity check result bits */ 1235 edesc->desc.hdr_lo = 0; 1236 1237 return ipsec_esp(edesc, req, NULL, 0, 1238 ipsec_esp_decrypt_hwauth_done); 1239 1240 } 1241 1242 /* Have to check the ICV with software */ 1243 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND; 1244 1245 /* stash incoming ICV for later cmp with ICV generated by the h/w */ 1246 if (edesc->dma_len) 1247 icvdata = &edesc->link_tbl[edesc->src_nents + 1248 edesc->dst_nents + 2]; 1249 else 1250 icvdata = &edesc->link_tbl[0]; 1251 1252 sg = sg_last(req->src, edesc->src_nents ? : 1); 1253 1254 memcpy(icvdata, (char *)sg_virt(sg) + sg->length - ctx->authsize, 1255 ctx->authsize); 1256 1257 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_decrypt_swauth_done); 1258 } 1259 1260 static int aead_givencrypt(struct aead_givcrypt_request *req) 1261 { 1262 struct aead_request *areq = &req->areq; 1263 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 1264 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1265 struct talitos_edesc *edesc; 1266 1267 /* allocate extended descriptor */ 1268 edesc = aead_edesc_alloc(areq, 0); 1269 if (IS_ERR(edesc)) 1270 return PTR_ERR(edesc); 1271 1272 /* set encrypt */ 1273 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1274 1275 memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc)); 1276 /* avoid consecutive packets going out with same IV */ 1277 *(__be64 *)req->giv ^= cpu_to_be64(req->seq); 1278 1279 return ipsec_esp(edesc, areq, req->giv, req->seq, 1280 ipsec_esp_encrypt_done); 1281 } 1282 1283 static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, 1284 const u8 *key, unsigned int keylen) 1285 { 1286 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1287 struct ablkcipher_alg *alg = crypto_ablkcipher_alg(cipher); 1288 1289 if (keylen > TALITOS_MAX_KEY_SIZE) 1290 goto badkey; 1291 1292 if (keylen < alg->min_keysize || keylen > alg->max_keysize) 1293 goto badkey; 1294 1295 memcpy(&ctx->key, key, keylen); 1296 ctx->keylen = keylen; 1297 1298 return 0; 1299 1300 badkey: 1301 crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); 1302 return -EINVAL; 1303 } 1304 1305 static void common_nonsnoop_unmap(struct device *dev, 1306 struct talitos_edesc *edesc, 1307 struct ablkcipher_request *areq) 1308 { 1309 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE); 1310 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE); 1311 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE); 1312 1313 talitos_sg_unmap(dev, edesc, areq->src, areq->dst); 1314 1315 if (edesc->dma_len) 1316 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 1317 DMA_BIDIRECTIONAL); 1318 } 1319 1320 static void ablkcipher_done(struct device *dev, 1321 struct talitos_desc *desc, void *context, 1322 int err) 1323 { 1324 struct ablkcipher_request *areq = context; 1325 struct talitos_edesc *edesc; 1326 1327 edesc = container_of(desc, struct talitos_edesc, desc); 1328 1329 common_nonsnoop_unmap(dev, edesc, areq); 1330 1331 kfree(edesc); 1332 1333 areq->base.complete(&areq->base, err); 1334 } 1335 1336 static int common_nonsnoop(struct talitos_edesc *edesc, 1337 struct ablkcipher_request *areq, 1338 u8 *giv, 1339 void (*callback) (struct device *dev, 1340 struct talitos_desc *desc, 1341 void *context, int error)) 1342 { 1343 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1344 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1345 struct device *dev = ctx->dev; 1346 struct talitos_desc *desc = &edesc->desc; 1347 unsigned int cryptlen = areq->nbytes; 1348 unsigned int ivsize; 1349 int sg_count, ret; 1350 1351 /* first DWORD empty */ 1352 desc->ptr[0].len = 0; 1353 to_talitos_ptr(&desc->ptr[0], 0); 1354 desc->ptr[0].j_extent = 0; 1355 1356 /* cipher iv */ 1357 ivsize = crypto_ablkcipher_ivsize(cipher); 1358 map_single_talitos_ptr(dev, &desc->ptr[1], ivsize, giv ?: areq->info, 0, 1359 DMA_TO_DEVICE); 1360 1361 /* cipher key */ 1362 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen, 1363 (char *)&ctx->key, 0, DMA_TO_DEVICE); 1364 1365 /* 1366 * cipher in 1367 */ 1368 desc->ptr[3].len = cpu_to_be16(cryptlen); 1369 desc->ptr[3].j_extent = 0; 1370 1371 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1, 1372 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL 1373 : DMA_TO_DEVICE, 1374 edesc->src_is_chained); 1375 1376 if (sg_count == 1) { 1377 to_talitos_ptr(&desc->ptr[3], sg_dma_address(areq->src)); 1378 } else { 1379 sg_count = sg_to_link_tbl(areq->src, sg_count, cryptlen, 1380 &edesc->link_tbl[0]); 1381 if (sg_count > 1) { 1382 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl); 1383 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP; 1384 dma_sync_single_for_device(dev, edesc->dma_link_tbl, 1385 edesc->dma_len, 1386 DMA_BIDIRECTIONAL); 1387 } else { 1388 /* Only one segment now, so no link tbl needed */ 1389 to_talitos_ptr(&desc->ptr[3], 1390 sg_dma_address(areq->src)); 1391 } 1392 } 1393 1394 /* cipher out */ 1395 desc->ptr[4].len = cpu_to_be16(cryptlen); 1396 desc->ptr[4].j_extent = 0; 1397 1398 if (areq->src != areq->dst) 1399 sg_count = talitos_map_sg(dev, areq->dst, 1400 edesc->dst_nents ? : 1, 1401 DMA_FROM_DEVICE, 1402 edesc->dst_is_chained); 1403 1404 if (sg_count == 1) { 1405 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->dst)); 1406 } else { 1407 struct talitos_ptr *link_tbl_ptr = 1408 &edesc->link_tbl[edesc->src_nents + 1]; 1409 1410 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl + 1411 (edesc->src_nents + 1) * 1412 sizeof(struct talitos_ptr)); 1413 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; 1414 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, 1415 link_tbl_ptr); 1416 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, 1417 edesc->dma_len, DMA_BIDIRECTIONAL); 1418 } 1419 1420 /* iv out */ 1421 map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv, 0, 1422 DMA_FROM_DEVICE); 1423 1424 /* last DWORD empty */ 1425 desc->ptr[6].len = 0; 1426 to_talitos_ptr(&desc->ptr[6], 0); 1427 desc->ptr[6].j_extent = 0; 1428 1429 ret = talitos_submit(dev, desc, callback, areq); 1430 if (ret != -EINPROGRESS) { 1431 common_nonsnoop_unmap(dev, edesc, areq); 1432 kfree(edesc); 1433 } 1434 return ret; 1435 } 1436 1437 static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request * 1438 areq) 1439 { 1440 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1441 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1442 1443 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, areq->nbytes, 1444 0, 0, areq->base.flags); 1445 } 1446 1447 static int ablkcipher_encrypt(struct ablkcipher_request *areq) 1448 { 1449 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1450 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1451 struct talitos_edesc *edesc; 1452 1453 /* allocate extended descriptor */ 1454 edesc = ablkcipher_edesc_alloc(areq); 1455 if (IS_ERR(edesc)) 1456 return PTR_ERR(edesc); 1457 1458 /* set encrypt */ 1459 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1460 1461 return common_nonsnoop(edesc, areq, NULL, ablkcipher_done); 1462 } 1463 1464 static int ablkcipher_decrypt(struct ablkcipher_request *areq) 1465 { 1466 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1467 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1468 struct talitos_edesc *edesc; 1469 1470 /* allocate extended descriptor */ 1471 edesc = ablkcipher_edesc_alloc(areq); 1472 if (IS_ERR(edesc)) 1473 return PTR_ERR(edesc); 1474 1475 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND; 1476 1477 return common_nonsnoop(edesc, areq, NULL, ablkcipher_done); 1478 } 1479 1480 struct talitos_alg_template { 1481 struct crypto_alg alg; 1482 __be32 desc_hdr_template; 1483 }; 1484 1485 static struct talitos_alg_template driver_algs[] = { 1486 /* AEAD algorithms. These use a single-pass ipsec_esp descriptor */ 1487 { 1488 .alg = { 1489 .cra_name = "authenc(hmac(sha1),cbc(aes))", 1490 .cra_driver_name = "authenc-hmac-sha1-cbc-aes-talitos", 1491 .cra_blocksize = AES_BLOCK_SIZE, 1492 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1493 .cra_type = &crypto_aead_type, 1494 .cra_aead = { 1495 .setkey = aead_setkey, 1496 .setauthsize = aead_setauthsize, 1497 .encrypt = aead_encrypt, 1498 .decrypt = aead_decrypt, 1499 .givencrypt = aead_givencrypt, 1500 .geniv = "<built-in>", 1501 .ivsize = AES_BLOCK_SIZE, 1502 .maxauthsize = SHA1_DIGEST_SIZE, 1503 } 1504 }, 1505 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1506 DESC_HDR_SEL0_AESU | 1507 DESC_HDR_MODE0_AESU_CBC | 1508 DESC_HDR_SEL1_MDEUA | 1509 DESC_HDR_MODE1_MDEU_INIT | 1510 DESC_HDR_MODE1_MDEU_PAD | 1511 DESC_HDR_MODE1_MDEU_SHA1_HMAC, 1512 }, 1513 { 1514 .alg = { 1515 .cra_name = "authenc(hmac(sha1),cbc(des3_ede))", 1516 .cra_driver_name = "authenc-hmac-sha1-cbc-3des-talitos", 1517 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1518 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1519 .cra_type = &crypto_aead_type, 1520 .cra_aead = { 1521 .setkey = aead_setkey, 1522 .setauthsize = aead_setauthsize, 1523 .encrypt = aead_encrypt, 1524 .decrypt = aead_decrypt, 1525 .givencrypt = aead_givencrypt, 1526 .geniv = "<built-in>", 1527 .ivsize = DES3_EDE_BLOCK_SIZE, 1528 .maxauthsize = SHA1_DIGEST_SIZE, 1529 } 1530 }, 1531 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1532 DESC_HDR_SEL0_DEU | 1533 DESC_HDR_MODE0_DEU_CBC | 1534 DESC_HDR_MODE0_DEU_3DES | 1535 DESC_HDR_SEL1_MDEUA | 1536 DESC_HDR_MODE1_MDEU_INIT | 1537 DESC_HDR_MODE1_MDEU_PAD | 1538 DESC_HDR_MODE1_MDEU_SHA1_HMAC, 1539 }, 1540 { 1541 .alg = { 1542 .cra_name = "authenc(hmac(sha256),cbc(aes))", 1543 .cra_driver_name = "authenc-hmac-sha256-cbc-aes-talitos", 1544 .cra_blocksize = AES_BLOCK_SIZE, 1545 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1546 .cra_type = &crypto_aead_type, 1547 .cra_aead = { 1548 .setkey = aead_setkey, 1549 .setauthsize = aead_setauthsize, 1550 .encrypt = aead_encrypt, 1551 .decrypt = aead_decrypt, 1552 .givencrypt = aead_givencrypt, 1553 .geniv = "<built-in>", 1554 .ivsize = AES_BLOCK_SIZE, 1555 .maxauthsize = SHA256_DIGEST_SIZE, 1556 } 1557 }, 1558 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1559 DESC_HDR_SEL0_AESU | 1560 DESC_HDR_MODE0_AESU_CBC | 1561 DESC_HDR_SEL1_MDEUA | 1562 DESC_HDR_MODE1_MDEU_INIT | 1563 DESC_HDR_MODE1_MDEU_PAD | 1564 DESC_HDR_MODE1_MDEU_SHA256_HMAC, 1565 }, 1566 { 1567 .alg = { 1568 .cra_name = "authenc(hmac(sha256),cbc(des3_ede))", 1569 .cra_driver_name = "authenc-hmac-sha256-cbc-3des-talitos", 1570 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1571 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1572 .cra_type = &crypto_aead_type, 1573 .cra_aead = { 1574 .setkey = aead_setkey, 1575 .setauthsize = aead_setauthsize, 1576 .encrypt = aead_encrypt, 1577 .decrypt = aead_decrypt, 1578 .givencrypt = aead_givencrypt, 1579 .geniv = "<built-in>", 1580 .ivsize = DES3_EDE_BLOCK_SIZE, 1581 .maxauthsize = SHA256_DIGEST_SIZE, 1582 } 1583 }, 1584 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1585 DESC_HDR_SEL0_DEU | 1586 DESC_HDR_MODE0_DEU_CBC | 1587 DESC_HDR_MODE0_DEU_3DES | 1588 DESC_HDR_SEL1_MDEUA | 1589 DESC_HDR_MODE1_MDEU_INIT | 1590 DESC_HDR_MODE1_MDEU_PAD | 1591 DESC_HDR_MODE1_MDEU_SHA256_HMAC, 1592 }, 1593 { 1594 .alg = { 1595 .cra_name = "authenc(hmac(md5),cbc(aes))", 1596 .cra_driver_name = "authenc-hmac-md5-cbc-aes-talitos", 1597 .cra_blocksize = AES_BLOCK_SIZE, 1598 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1599 .cra_type = &crypto_aead_type, 1600 .cra_aead = { 1601 .setkey = aead_setkey, 1602 .setauthsize = aead_setauthsize, 1603 .encrypt = aead_encrypt, 1604 .decrypt = aead_decrypt, 1605 .givencrypt = aead_givencrypt, 1606 .geniv = "<built-in>", 1607 .ivsize = AES_BLOCK_SIZE, 1608 .maxauthsize = MD5_DIGEST_SIZE, 1609 } 1610 }, 1611 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1612 DESC_HDR_SEL0_AESU | 1613 DESC_HDR_MODE0_AESU_CBC | 1614 DESC_HDR_SEL1_MDEUA | 1615 DESC_HDR_MODE1_MDEU_INIT | 1616 DESC_HDR_MODE1_MDEU_PAD | 1617 DESC_HDR_MODE1_MDEU_MD5_HMAC, 1618 }, 1619 { 1620 .alg = { 1621 .cra_name = "authenc(hmac(md5),cbc(des3_ede))", 1622 .cra_driver_name = "authenc-hmac-md5-cbc-3des-talitos", 1623 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1624 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1625 .cra_type = &crypto_aead_type, 1626 .cra_aead = { 1627 .setkey = aead_setkey, 1628 .setauthsize = aead_setauthsize, 1629 .encrypt = aead_encrypt, 1630 .decrypt = aead_decrypt, 1631 .givencrypt = aead_givencrypt, 1632 .geniv = "<built-in>", 1633 .ivsize = DES3_EDE_BLOCK_SIZE, 1634 .maxauthsize = MD5_DIGEST_SIZE, 1635 } 1636 }, 1637 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1638 DESC_HDR_SEL0_DEU | 1639 DESC_HDR_MODE0_DEU_CBC | 1640 DESC_HDR_MODE0_DEU_3DES | 1641 DESC_HDR_SEL1_MDEUA | 1642 DESC_HDR_MODE1_MDEU_INIT | 1643 DESC_HDR_MODE1_MDEU_PAD | 1644 DESC_HDR_MODE1_MDEU_MD5_HMAC, 1645 }, 1646 /* ABLKCIPHER algorithms. */ 1647 { 1648 .alg = { 1649 .cra_name = "cbc(aes)", 1650 .cra_driver_name = "cbc-aes-talitos", 1651 .cra_blocksize = AES_BLOCK_SIZE, 1652 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 1653 CRYPTO_ALG_ASYNC, 1654 .cra_type = &crypto_ablkcipher_type, 1655 .cra_ablkcipher = { 1656 .setkey = ablkcipher_setkey, 1657 .encrypt = ablkcipher_encrypt, 1658 .decrypt = ablkcipher_decrypt, 1659 .geniv = "eseqiv", 1660 .min_keysize = AES_MIN_KEY_SIZE, 1661 .max_keysize = AES_MAX_KEY_SIZE, 1662 .ivsize = AES_BLOCK_SIZE, 1663 } 1664 }, 1665 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 1666 DESC_HDR_SEL0_AESU | 1667 DESC_HDR_MODE0_AESU_CBC, 1668 }, 1669 { 1670 .alg = { 1671 .cra_name = "cbc(des3_ede)", 1672 .cra_driver_name = "cbc-3des-talitos", 1673 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1674 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 1675 CRYPTO_ALG_ASYNC, 1676 .cra_type = &crypto_ablkcipher_type, 1677 .cra_ablkcipher = { 1678 .setkey = ablkcipher_setkey, 1679 .encrypt = ablkcipher_encrypt, 1680 .decrypt = ablkcipher_decrypt, 1681 .geniv = "eseqiv", 1682 .min_keysize = DES3_EDE_KEY_SIZE, 1683 .max_keysize = DES3_EDE_KEY_SIZE, 1684 .ivsize = DES3_EDE_BLOCK_SIZE, 1685 } 1686 }, 1687 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 1688 DESC_HDR_SEL0_DEU | 1689 DESC_HDR_MODE0_DEU_CBC | 1690 DESC_HDR_MODE0_DEU_3DES, 1691 } 1692 }; 1693 1694 struct talitos_crypto_alg { 1695 struct list_head entry; 1696 struct device *dev; 1697 __be32 desc_hdr_template; 1698 struct crypto_alg crypto_alg; 1699 }; 1700 1701 static int talitos_cra_init(struct crypto_tfm *tfm) 1702 { 1703 struct crypto_alg *alg = tfm->__crt_alg; 1704 struct talitos_crypto_alg *talitos_alg; 1705 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm); 1706 1707 talitos_alg = container_of(alg, struct talitos_crypto_alg, crypto_alg); 1708 1709 /* update context with ptr to dev */ 1710 ctx->dev = talitos_alg->dev; 1711 1712 /* copy descriptor header template value */ 1713 ctx->desc_hdr_template = talitos_alg->desc_hdr_template; 1714 1715 /* random first IV */ 1716 get_random_bytes(ctx->iv, TALITOS_MAX_IV_LENGTH); 1717 1718 return 0; 1719 } 1720 1721 /* 1722 * given the alg's descriptor header template, determine whether descriptor 1723 * type and primary/secondary execution units required match the hw 1724 * capabilities description provided in the device tree node. 1725 */ 1726 static int hw_supports(struct device *dev, __be32 desc_hdr_template) 1727 { 1728 struct talitos_private *priv = dev_get_drvdata(dev); 1729 int ret; 1730 1731 ret = (1 << DESC_TYPE(desc_hdr_template) & priv->desc_types) && 1732 (1 << PRIMARY_EU(desc_hdr_template) & priv->exec_units); 1733 1734 if (SECONDARY_EU(desc_hdr_template)) 1735 ret = ret && (1 << SECONDARY_EU(desc_hdr_template) 1736 & priv->exec_units); 1737 1738 return ret; 1739 } 1740 1741 static int talitos_remove(struct of_device *ofdev) 1742 { 1743 struct device *dev = &ofdev->dev; 1744 struct talitos_private *priv = dev_get_drvdata(dev); 1745 struct talitos_crypto_alg *t_alg, *n; 1746 int i; 1747 1748 list_for_each_entry_safe(t_alg, n, &priv->alg_list, entry) { 1749 crypto_unregister_alg(&t_alg->crypto_alg); 1750 list_del(&t_alg->entry); 1751 kfree(t_alg); 1752 } 1753 1754 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) 1755 talitos_unregister_rng(dev); 1756 1757 for (i = 0; i < priv->num_channels; i++) 1758 if (priv->chan[i].fifo) 1759 kfree(priv->chan[i].fifo); 1760 1761 kfree(priv->chan); 1762 1763 if (priv->irq != NO_IRQ) { 1764 free_irq(priv->irq, dev); 1765 irq_dispose_mapping(priv->irq); 1766 } 1767 1768 tasklet_kill(&priv->done_task); 1769 1770 iounmap(priv->reg); 1771 1772 dev_set_drvdata(dev, NULL); 1773 1774 kfree(priv); 1775 1776 return 0; 1777 } 1778 1779 static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev, 1780 struct talitos_alg_template 1781 *template) 1782 { 1783 struct talitos_crypto_alg *t_alg; 1784 struct crypto_alg *alg; 1785 1786 t_alg = kzalloc(sizeof(struct talitos_crypto_alg), GFP_KERNEL); 1787 if (!t_alg) 1788 return ERR_PTR(-ENOMEM); 1789 1790 alg = &t_alg->crypto_alg; 1791 *alg = template->alg; 1792 1793 alg->cra_module = THIS_MODULE; 1794 alg->cra_init = talitos_cra_init; 1795 alg->cra_priority = TALITOS_CRA_PRIORITY; 1796 alg->cra_alignmask = 0; 1797 alg->cra_ctxsize = sizeof(struct talitos_ctx); 1798 1799 t_alg->desc_hdr_template = template->desc_hdr_template; 1800 t_alg->dev = dev; 1801 1802 return t_alg; 1803 } 1804 1805 static int talitos_probe(struct of_device *ofdev, 1806 const struct of_device_id *match) 1807 { 1808 struct device *dev = &ofdev->dev; 1809 struct device_node *np = ofdev->node; 1810 struct talitos_private *priv; 1811 const unsigned int *prop; 1812 int i, err; 1813 1814 priv = kzalloc(sizeof(struct talitos_private), GFP_KERNEL); 1815 if (!priv) 1816 return -ENOMEM; 1817 1818 dev_set_drvdata(dev, priv); 1819 1820 priv->ofdev = ofdev; 1821 1822 tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev); 1823 1824 INIT_LIST_HEAD(&priv->alg_list); 1825 1826 priv->irq = irq_of_parse_and_map(np, 0); 1827 1828 if (priv->irq == NO_IRQ) { 1829 dev_err(dev, "failed to map irq\n"); 1830 err = -EINVAL; 1831 goto err_out; 1832 } 1833 1834 /* get the irq line */ 1835 err = request_irq(priv->irq, talitos_interrupt, 0, 1836 dev_driver_string(dev), dev); 1837 if (err) { 1838 dev_err(dev, "failed to request irq %d\n", priv->irq); 1839 irq_dispose_mapping(priv->irq); 1840 priv->irq = NO_IRQ; 1841 goto err_out; 1842 } 1843 1844 priv->reg = of_iomap(np, 0); 1845 if (!priv->reg) { 1846 dev_err(dev, "failed to of_iomap\n"); 1847 err = -ENOMEM; 1848 goto err_out; 1849 } 1850 1851 /* get SEC version capabilities from device tree */ 1852 prop = of_get_property(np, "fsl,num-channels", NULL); 1853 if (prop) 1854 priv->num_channels = *prop; 1855 1856 prop = of_get_property(np, "fsl,channel-fifo-len", NULL); 1857 if (prop) 1858 priv->chfifo_len = *prop; 1859 1860 prop = of_get_property(np, "fsl,exec-units-mask", NULL); 1861 if (prop) 1862 priv->exec_units = *prop; 1863 1864 prop = of_get_property(np, "fsl,descriptor-types-mask", NULL); 1865 if (prop) 1866 priv->desc_types = *prop; 1867 1868 if (!is_power_of_2(priv->num_channels) || !priv->chfifo_len || 1869 !priv->exec_units || !priv->desc_types) { 1870 dev_err(dev, "invalid property data in device tree node\n"); 1871 err = -EINVAL; 1872 goto err_out; 1873 } 1874 1875 if (of_device_is_compatible(np, "fsl,sec3.0")) 1876 priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT; 1877 1878 if (of_device_is_compatible(np, "fsl,sec2.1")) 1879 priv->features |= TALITOS_FTR_HW_AUTH_CHECK; 1880 1881 priv->chan = kzalloc(sizeof(struct talitos_channel) * 1882 priv->num_channels, GFP_KERNEL); 1883 if (!priv->chan) { 1884 dev_err(dev, "failed to allocate channel management space\n"); 1885 err = -ENOMEM; 1886 goto err_out; 1887 } 1888 1889 for (i = 0; i < priv->num_channels; i++) { 1890 spin_lock_init(&priv->chan[i].head_lock); 1891 spin_lock_init(&priv->chan[i].tail_lock); 1892 } 1893 1894 priv->fifo_len = roundup_pow_of_two(priv->chfifo_len); 1895 1896 for (i = 0; i < priv->num_channels; i++) { 1897 priv->chan[i].fifo = kzalloc(sizeof(struct talitos_request) * 1898 priv->fifo_len, GFP_KERNEL); 1899 if (!priv->chan[i].fifo) { 1900 dev_err(dev, "failed to allocate request fifo %d\n", i); 1901 err = -ENOMEM; 1902 goto err_out; 1903 } 1904 } 1905 1906 for (i = 0; i < priv->num_channels; i++) 1907 atomic_set(&priv->chan[i].submit_count, 1908 -(priv->chfifo_len - 1)); 1909 1910 dma_set_mask(dev, DMA_BIT_MASK(36)); 1911 1912 /* reset and initialize the h/w */ 1913 err = init_device(dev); 1914 if (err) { 1915 dev_err(dev, "failed to initialize device\n"); 1916 goto err_out; 1917 } 1918 1919 /* register the RNG, if available */ 1920 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) { 1921 err = talitos_register_rng(dev); 1922 if (err) { 1923 dev_err(dev, "failed to register hwrng: %d\n", err); 1924 goto err_out; 1925 } else 1926 dev_info(dev, "hwrng\n"); 1927 } 1928 1929 /* register crypto algorithms the device supports */ 1930 for (i = 0; i < ARRAY_SIZE(driver_algs); i++) { 1931 if (hw_supports(dev, driver_algs[i].desc_hdr_template)) { 1932 struct talitos_crypto_alg *t_alg; 1933 1934 t_alg = talitos_alg_alloc(dev, &driver_algs[i]); 1935 if (IS_ERR(t_alg)) { 1936 err = PTR_ERR(t_alg); 1937 goto err_out; 1938 } 1939 1940 err = crypto_register_alg(&t_alg->crypto_alg); 1941 if (err) { 1942 dev_err(dev, "%s alg registration failed\n", 1943 t_alg->crypto_alg.cra_driver_name); 1944 kfree(t_alg); 1945 } else { 1946 list_add_tail(&t_alg->entry, &priv->alg_list); 1947 dev_info(dev, "%s\n", 1948 t_alg->crypto_alg.cra_driver_name); 1949 } 1950 } 1951 } 1952 1953 return 0; 1954 1955 err_out: 1956 talitos_remove(ofdev); 1957 1958 return err; 1959 } 1960 1961 static struct of_device_id talitos_match[] = { 1962 { 1963 .compatible = "fsl,sec2.0", 1964 }, 1965 {}, 1966 }; 1967 MODULE_DEVICE_TABLE(of, talitos_match); 1968 1969 static struct of_platform_driver talitos_driver = { 1970 .name = "talitos", 1971 .match_table = talitos_match, 1972 .probe = talitos_probe, 1973 .remove = talitos_remove, 1974 }; 1975 1976 static int __init talitos_init(void) 1977 { 1978 return of_register_platform_driver(&talitos_driver); 1979 } 1980 module_init(talitos_init); 1981 1982 static void __exit talitos_exit(void) 1983 { 1984 of_unregister_platform_driver(&talitos_driver); 1985 } 1986 module_exit(talitos_exit); 1987 1988 MODULE_LICENSE("GPL"); 1989 MODULE_AUTHOR("Kim Phillips <kim.phillips@freescale.com>"); 1990 MODULE_DESCRIPTION("Freescale integrated security engine (SEC) driver"); 1991