2 * Copyright (c) 2010-2011 Picochip Ltd., Jamie Iles
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 #include <crypto/internal/aead.h>
19 #include <crypto/aes.h>
20 #include <crypto/algapi.h>
21 #include <crypto/authenc.h>
22 #include <crypto/des.h>
23 #include <crypto/md5.h>
24 #include <crypto/sha.h>
25 #include <crypto/internal/skcipher.h>
26 #include <linux/clk.h>
27 #include <linux/crypto.h>
28 #include <linux/delay.h>
29 #include <linux/dma-mapping.h>
30 #include <linux/dmapool.h>
31 #include <linux/err.h>
32 #include <linux/init.h>
33 #include <linux/interrupt.h>
35 #include <linux/list.h>
36 #include <linux/module.h>
38 #include <linux/platform_device.h>
40 #include <linux/rtnetlink.h>
41 #include <linux/scatterlist.h>
42 #include <linux/sched.h>
43 #include <linux/sizes.h>
44 #include <linux/slab.h>
45 #include <linux/timer.h>
47 #include "picoxcell_crypto_regs.h"
50 * The threshold for the number of entries in the CMD FIFO available before
51 * the CMD0_CNT interrupt is raised. Increasing this value will reduce the
52 * number of interrupts raised to the CPU.
54 #define CMD0_IRQ_THRESHOLD 1
57 * The timeout period (in jiffies) for a PDU. When the the number of PDUs in
58 * flight is greater than the STAT_IRQ_THRESHOLD or 0 the timer is disabled.
59 * When there are packets in flight but lower than the threshold, we enable
60 * the timer and at expiry, attempt to remove any processed packets from the
61 * queue and if there are still packets left, schedule the timer again.
63 #define PACKET_TIMEOUT 1
65 /* The priority to register each algorithm with. */
66 #define SPACC_CRYPTO_ALG_PRIORITY 10000
68 #define SPACC_CRYPTO_KASUMI_F8_KEY_LEN 16
69 #define SPACC_CRYPTO_IPSEC_CIPHER_PG_SZ 64
70 #define SPACC_CRYPTO_IPSEC_HASH_PG_SZ 64
71 #define SPACC_CRYPTO_IPSEC_MAX_CTXS 32
72 #define SPACC_CRYPTO_IPSEC_FIFO_SZ 32
73 #define SPACC_CRYPTO_L2_CIPHER_PG_SZ 64
74 #define SPACC_CRYPTO_L2_HASH_PG_SZ 64
75 #define SPACC_CRYPTO_L2_MAX_CTXS 128
76 #define SPACC_CRYPTO_L2_FIFO_SZ 128
78 #define MAX_DDT_LEN 16
80 /* DDT format. This must match the hardware DDT format exactly. */
87 * Asynchronous crypto request structure.
89 * This structure defines a request that is either queued for processing or
93 struct list_head list
;
94 struct spacc_engine
*engine
;
95 struct crypto_async_request
*req
;
99 dma_addr_t src_addr
, dst_addr
;
100 struct spacc_ddt
*src_ddt
, *dst_ddt
;
101 void (*complete
)(struct spacc_req
*req
);
105 unsigned long ctrl_default
;
108 struct spacc_engine
*engine
;
109 struct list_head entry
;
114 struct spacc_engine
{
116 struct list_head pending
;
120 struct list_head completed
;
121 struct list_head in_progress
;
122 struct tasklet_struct complete
;
123 unsigned long fifo_sz
;
124 void __iomem
*cipher_ctx_base
;
125 void __iomem
*hash_key_base
;
126 struct spacc_alg
*algs
;
128 struct list_head registered_algs
;
129 struct spacc_aead
*aeads
;
131 struct list_head registered_aeads
;
138 struct timer_list packet_timeout
;
139 unsigned stat_irq_thresh
;
140 struct dma_pool
*req_pool
;
143 /* Algorithm type mask. */
144 #define SPACC_CRYPTO_ALG_MASK 0x7
146 /* SPACC definition of a crypto algorithm. */
148 unsigned long ctrl_default
;
150 struct crypto_alg alg
;
151 struct spacc_engine
*engine
;
152 struct list_head entry
;
157 /* Generic context structure for any algorithm type. */
158 struct spacc_generic_ctx
{
159 struct spacc_engine
*engine
;
165 /* Block cipher context. */
166 struct spacc_ablk_ctx
{
167 struct spacc_generic_ctx generic
;
168 u8 key
[AES_MAX_KEY_SIZE
];
171 * The fallback cipher. If the operation can't be done in hardware,
172 * fallback to a software version.
174 struct crypto_skcipher
*sw_cipher
;
177 /* AEAD cipher context. */
178 struct spacc_aead_ctx
{
179 struct spacc_generic_ctx generic
;
180 u8 cipher_key
[AES_MAX_KEY_SIZE
];
181 u8 hash_ctx
[SPACC_CRYPTO_IPSEC_HASH_PG_SZ
];
184 struct crypto_aead
*sw_cipher
;
187 static int spacc_ablk_submit(struct spacc_req
*req
);
189 static inline struct spacc_alg
*to_spacc_alg(struct crypto_alg
*alg
)
191 return alg
? container_of(alg
, struct spacc_alg
, alg
) : NULL
;
194 static inline struct spacc_aead
*to_spacc_aead(struct aead_alg
*alg
)
196 return container_of(alg
, struct spacc_aead
, alg
);
199 static inline int spacc_fifo_cmd_full(struct spacc_engine
*engine
)
201 u32 fifo_stat
= readl(engine
->regs
+ SPA_FIFO_STAT_REG_OFFSET
);
203 return fifo_stat
& SPA_FIFO_CMD_FULL
;
207 * Given a cipher context, and a context number, get the base address of the
210 * Returns the address of the context page where the key/context may
213 static inline void __iomem
*spacc_ctx_page_addr(struct spacc_generic_ctx
*ctx
,
217 return is_cipher_ctx
? ctx
->engine
->cipher_ctx_base
+
218 (indx
* ctx
->engine
->cipher_pg_sz
) :
219 ctx
->engine
->hash_key_base
+ (indx
* ctx
->engine
->hash_pg_sz
);
222 /* The context pages can only be written with 32-bit accesses. */
223 static inline void memcpy_toio32(u32 __iomem
*dst
, const void *src
,
226 const u32
*src32
= (const u32
*) src
;
229 writel(*src32
++, dst
++);
232 static void spacc_cipher_write_ctx(struct spacc_generic_ctx
*ctx
,
233 void __iomem
*page_addr
, const u8
*key
,
234 size_t key_len
, const u8
*iv
, size_t iv_len
)
236 void __iomem
*key_ptr
= page_addr
+ ctx
->key_offs
;
237 void __iomem
*iv_ptr
= page_addr
+ ctx
->iv_offs
;
239 memcpy_toio32(key_ptr
, key
, key_len
/ 4);
240 memcpy_toio32(iv_ptr
, iv
, iv_len
/ 4);
244 * Load a context into the engines context memory.
246 * Returns the index of the context page where the context was loaded.
248 static unsigned spacc_load_ctx(struct spacc_generic_ctx
*ctx
,
249 const u8
*ciph_key
, size_t ciph_len
,
250 const u8
*iv
, size_t ivlen
, const u8
*hash_key
,
253 unsigned indx
= ctx
->engine
->next_ctx
++;
254 void __iomem
*ciph_page_addr
, *hash_page_addr
;
256 ciph_page_addr
= spacc_ctx_page_addr(ctx
, indx
, 1);
257 hash_page_addr
= spacc_ctx_page_addr(ctx
, indx
, 0);
259 ctx
->engine
->next_ctx
&= ctx
->engine
->fifo_sz
- 1;
260 spacc_cipher_write_ctx(ctx
, ciph_page_addr
, ciph_key
, ciph_len
, iv
,
262 writel(ciph_len
| (indx
<< SPA_KEY_SZ_CTX_INDEX_OFFSET
) |
263 (1 << SPA_KEY_SZ_CIPHER_OFFSET
),
264 ctx
->engine
->regs
+ SPA_KEY_SZ_REG_OFFSET
);
267 memcpy_toio32(hash_page_addr
, hash_key
, hash_len
/ 4);
268 writel(hash_len
| (indx
<< SPA_KEY_SZ_CTX_INDEX_OFFSET
),
269 ctx
->engine
->regs
+ SPA_KEY_SZ_REG_OFFSET
);
275 static inline void ddt_set(struct spacc_ddt
*ddt
, dma_addr_t phys
, size_t len
)
282 * Take a crypto request and scatterlists for the data and turn them into DDTs
283 * for passing to the crypto engines. This also DMA maps the data so that the
284 * crypto engines can DMA to/from them.
286 static struct spacc_ddt
*spacc_sg_to_ddt(struct spacc_engine
*engine
,
287 struct scatterlist
*payload
,
289 enum dma_data_direction dir
,
290 dma_addr_t
*ddt_phys
)
292 unsigned mapped_ents
;
293 struct scatterlist
*cur
;
294 struct spacc_ddt
*ddt
;
298 nents
= sg_nents_for_len(payload
, nbytes
);
300 dev_err(engine
->dev
, "Invalid numbers of SG.\n");
303 mapped_ents
= dma_map_sg(engine
->dev
, payload
, nents
, dir
);
305 if (mapped_ents
+ 1 > MAX_DDT_LEN
)
308 ddt
= dma_pool_alloc(engine
->req_pool
, GFP_ATOMIC
, ddt_phys
);
312 for_each_sg(payload
, cur
, mapped_ents
, i
)
313 ddt_set(&ddt
[i
], sg_dma_address(cur
), sg_dma_len(cur
));
314 ddt_set(&ddt
[mapped_ents
], 0, 0);
319 dma_unmap_sg(engine
->dev
, payload
, nents
, dir
);
323 static int spacc_aead_make_ddts(struct aead_request
*areq
)
325 struct crypto_aead
*aead
= crypto_aead_reqtfm(areq
);
326 struct spacc_req
*req
= aead_request_ctx(areq
);
327 struct spacc_engine
*engine
= req
->engine
;
328 struct spacc_ddt
*src_ddt
, *dst_ddt
;
330 int src_nents
, dst_nents
;
331 struct scatterlist
*cur
;
332 int i
, dst_ents
, src_ents
;
334 total
= areq
->assoclen
+ areq
->cryptlen
;
336 total
+= crypto_aead_authsize(aead
);
338 src_nents
= sg_nents_for_len(areq
->src
, total
);
340 dev_err(engine
->dev
, "Invalid numbers of src SG.\n");
343 if (src_nents
+ 1 > MAX_DDT_LEN
)
347 if (areq
->src
!= areq
->dst
) {
348 dst_nents
= sg_nents_for_len(areq
->dst
, total
);
350 dev_err(engine
->dev
, "Invalid numbers of dst SG.\n");
353 if (src_nents
+ 1 > MAX_DDT_LEN
)
357 src_ddt
= dma_pool_alloc(engine
->req_pool
, GFP_ATOMIC
, &req
->src_addr
);
361 dst_ddt
= dma_pool_alloc(engine
->req_pool
, GFP_ATOMIC
, &req
->dst_addr
);
365 req
->src_ddt
= src_ddt
;
366 req
->dst_ddt
= dst_ddt
;
369 src_ents
= dma_map_sg(engine
->dev
, areq
->src
, src_nents
,
374 dst_ents
= dma_map_sg(engine
->dev
, areq
->dst
, dst_nents
,
378 dma_unmap_sg(engine
->dev
, areq
->src
, src_nents
,
383 src_ents
= dma_map_sg(engine
->dev
, areq
->src
, src_nents
,
391 * Now map in the payload for the source and destination and terminate
392 * with the NULL pointers.
394 for_each_sg(areq
->src
, cur
, src_ents
, i
)
395 ddt_set(src_ddt
++, sg_dma_address(cur
), sg_dma_len(cur
));
397 /* For decryption we need to skip the associated data. */
398 total
= req
->is_encrypt
? 0 : areq
->assoclen
;
399 for_each_sg(areq
->dst
, cur
, dst_ents
, i
) {
400 unsigned len
= sg_dma_len(cur
);
407 ddt_set(dst_ddt
++, sg_dma_address(cur
) + total
, len
- total
);
410 ddt_set(src_ddt
, 0, 0);
411 ddt_set(dst_ddt
, 0, 0);
416 dma_pool_free(engine
->req_pool
, dst_ddt
, req
->dst_addr
);
418 dma_pool_free(engine
->req_pool
, src_ddt
, req
->src_addr
);
423 static void spacc_aead_free_ddts(struct spacc_req
*req
)
425 struct aead_request
*areq
= container_of(req
->req
, struct aead_request
,
427 struct crypto_aead
*aead
= crypto_aead_reqtfm(areq
);
428 unsigned total
= areq
->assoclen
+ areq
->cryptlen
+
429 (req
->is_encrypt
? crypto_aead_authsize(aead
) : 0);
430 struct spacc_aead_ctx
*aead_ctx
= crypto_aead_ctx(aead
);
431 struct spacc_engine
*engine
= aead_ctx
->generic
.engine
;
432 int nents
= sg_nents_for_len(areq
->src
, total
);
434 /* sg_nents_for_len should not fail since it works when mapping sg */
435 if (unlikely(nents
< 0)) {
436 dev_err(engine
->dev
, "Invalid numbers of src SG.\n");
440 if (areq
->src
!= areq
->dst
) {
441 dma_unmap_sg(engine
->dev
, areq
->src
, nents
, DMA_TO_DEVICE
);
442 nents
= sg_nents_for_len(areq
->dst
, total
);
443 if (unlikely(nents
< 0)) {
444 dev_err(engine
->dev
, "Invalid numbers of dst SG.\n");
447 dma_unmap_sg(engine
->dev
, areq
->dst
, nents
, DMA_FROM_DEVICE
);
449 dma_unmap_sg(engine
->dev
, areq
->src
, nents
, DMA_BIDIRECTIONAL
);
451 dma_pool_free(engine
->req_pool
, req
->src_ddt
, req
->src_addr
);
452 dma_pool_free(engine
->req_pool
, req
->dst_ddt
, req
->dst_addr
);
455 static void spacc_free_ddt(struct spacc_req
*req
, struct spacc_ddt
*ddt
,
456 dma_addr_t ddt_addr
, struct scatterlist
*payload
,
457 unsigned nbytes
, enum dma_data_direction dir
)
459 int nents
= sg_nents_for_len(payload
, nbytes
);
462 dev_err(req
->engine
->dev
, "Invalid numbers of SG.\n");
466 dma_unmap_sg(req
->engine
->dev
, payload
, nents
, dir
);
467 dma_pool_free(req
->engine
->req_pool
, ddt
, ddt_addr
);
470 static int spacc_aead_setkey(struct crypto_aead
*tfm
, const u8
*key
,
473 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(tfm
);
474 struct crypto_authenc_keys keys
;
477 crypto_aead_clear_flags(ctx
->sw_cipher
, CRYPTO_TFM_REQ_MASK
);
478 crypto_aead_set_flags(ctx
->sw_cipher
, crypto_aead_get_flags(tfm
) &
479 CRYPTO_TFM_REQ_MASK
);
480 err
= crypto_aead_setkey(ctx
->sw_cipher
, key
, keylen
);
481 crypto_aead_clear_flags(tfm
, CRYPTO_TFM_RES_MASK
);
482 crypto_aead_set_flags(tfm
, crypto_aead_get_flags(ctx
->sw_cipher
) &
483 CRYPTO_TFM_RES_MASK
);
487 if (crypto_authenc_extractkeys(&keys
, key
, keylen
) != 0)
490 if (keys
.enckeylen
> AES_MAX_KEY_SIZE
)
493 if (keys
.authkeylen
> sizeof(ctx
->hash_ctx
))
496 memcpy(ctx
->cipher_key
, keys
.enckey
, keys
.enckeylen
);
497 ctx
->cipher_key_len
= keys
.enckeylen
;
499 memcpy(ctx
->hash_ctx
, keys
.authkey
, keys
.authkeylen
);
500 ctx
->hash_key_len
= keys
.authkeylen
;
505 crypto_aead_set_flags(tfm
, CRYPTO_TFM_RES_BAD_KEY_LEN
);
509 static int spacc_aead_setauthsize(struct crypto_aead
*tfm
,
510 unsigned int authsize
)
512 struct spacc_aead_ctx
*ctx
= crypto_tfm_ctx(crypto_aead_tfm(tfm
));
514 return crypto_aead_setauthsize(ctx
->sw_cipher
, authsize
);
518 * Check if an AEAD request requires a fallback operation. Some requests can't
519 * be completed in hardware because the hardware may not support certain key
520 * sizes. In these cases we need to complete the request in software.
522 static int spacc_aead_need_fallback(struct aead_request
*aead_req
)
524 struct crypto_aead
*aead
= crypto_aead_reqtfm(aead_req
);
525 struct aead_alg
*alg
= crypto_aead_alg(aead
);
526 struct spacc_aead
*spacc_alg
= to_spacc_aead(alg
);
527 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(aead
);
530 * If we have a non-supported key-length, then we need to do a
533 if ((spacc_alg
->ctrl_default
& SPACC_CRYPTO_ALG_MASK
) ==
534 SPA_CTRL_CIPH_ALG_AES
&&
535 ctx
->cipher_key_len
!= AES_KEYSIZE_128
&&
536 ctx
->cipher_key_len
!= AES_KEYSIZE_256
)
542 static int spacc_aead_do_fallback(struct aead_request
*req
, unsigned alg_type
,
545 struct crypto_tfm
*old_tfm
= crypto_aead_tfm(crypto_aead_reqtfm(req
));
546 struct spacc_aead_ctx
*ctx
= crypto_tfm_ctx(old_tfm
);
547 struct aead_request
*subreq
= aead_request_ctx(req
);
549 aead_request_set_tfm(subreq
, ctx
->sw_cipher
);
550 aead_request_set_callback(subreq
, req
->base
.flags
,
551 req
->base
.complete
, req
->base
.data
);
552 aead_request_set_crypt(subreq
, req
->src
, req
->dst
, req
->cryptlen
,
554 aead_request_set_ad(subreq
, req
->assoclen
);
556 return is_encrypt
? crypto_aead_encrypt(subreq
) :
557 crypto_aead_decrypt(subreq
);
560 static void spacc_aead_complete(struct spacc_req
*req
)
562 spacc_aead_free_ddts(req
);
563 req
->req
->complete(req
->req
, req
->result
);
566 static int spacc_aead_submit(struct spacc_req
*req
)
568 struct aead_request
*aead_req
=
569 container_of(req
->req
, struct aead_request
, base
);
570 struct crypto_aead
*aead
= crypto_aead_reqtfm(aead_req
);
571 unsigned int authsize
= crypto_aead_authsize(aead
);
572 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(aead
);
573 struct aead_alg
*alg
= crypto_aead_alg(aead
);
574 struct spacc_aead
*spacc_alg
= to_spacc_aead(alg
);
575 struct spacc_engine
*engine
= ctx
->generic
.engine
;
576 u32 ctrl
, proc_len
, assoc_len
;
578 req
->result
= -EINPROGRESS
;
579 req
->ctx_id
= spacc_load_ctx(&ctx
->generic
, ctx
->cipher_key
,
580 ctx
->cipher_key_len
, aead_req
->iv
, crypto_aead_ivsize(aead
),
581 ctx
->hash_ctx
, ctx
->hash_key_len
);
583 /* Set the source and destination DDT pointers. */
584 writel(req
->src_addr
, engine
->regs
+ SPA_SRC_PTR_REG_OFFSET
);
585 writel(req
->dst_addr
, engine
->regs
+ SPA_DST_PTR_REG_OFFSET
);
586 writel(0, engine
->regs
+ SPA_OFFSET_REG_OFFSET
);
588 assoc_len
= aead_req
->assoclen
;
589 proc_len
= aead_req
->cryptlen
+ assoc_len
;
592 * If we are decrypting, we need to take the length of the ICV out of
593 * the processing length.
595 if (!req
->is_encrypt
)
596 proc_len
-= authsize
;
598 writel(proc_len
, engine
->regs
+ SPA_PROC_LEN_REG_OFFSET
);
599 writel(assoc_len
, engine
->regs
+ SPA_AAD_LEN_REG_OFFSET
);
600 writel(authsize
, engine
->regs
+ SPA_ICV_LEN_REG_OFFSET
);
601 writel(0, engine
->regs
+ SPA_ICV_OFFSET_REG_OFFSET
);
602 writel(0, engine
->regs
+ SPA_AUX_INFO_REG_OFFSET
);
604 ctrl
= spacc_alg
->ctrl_default
| (req
->ctx_id
<< SPA_CTRL_CTX_IDX
) |
605 (1 << SPA_CTRL_ICV_APPEND
);
607 ctrl
|= (1 << SPA_CTRL_ENCRYPT_IDX
) | (1 << SPA_CTRL_AAD_COPY
);
609 ctrl
|= (1 << SPA_CTRL_KEY_EXP
);
611 mod_timer(&engine
->packet_timeout
, jiffies
+ PACKET_TIMEOUT
);
613 writel(ctrl
, engine
->regs
+ SPA_CTRL_REG_OFFSET
);
618 static int spacc_req_submit(struct spacc_req
*req
);
620 static void spacc_push(struct spacc_engine
*engine
)
622 struct spacc_req
*req
;
624 while (!list_empty(&engine
->pending
) &&
625 engine
->in_flight
+ 1 <= engine
->fifo_sz
) {
628 req
= list_first_entry(&engine
->pending
, struct spacc_req
,
630 list_move_tail(&req
->list
, &engine
->in_progress
);
632 req
->result
= spacc_req_submit(req
);
637 * Setup an AEAD request for processing. This will configure the engine, load
638 * the context and then start the packet processing.
640 static int spacc_aead_setup(struct aead_request
*req
,
641 unsigned alg_type
, bool is_encrypt
)
643 struct crypto_aead
*aead
= crypto_aead_reqtfm(req
);
644 struct aead_alg
*alg
= crypto_aead_alg(aead
);
645 struct spacc_engine
*engine
= to_spacc_aead(alg
)->engine
;
646 struct spacc_req
*dev_req
= aead_request_ctx(req
);
650 dev_req
->req
= &req
->base
;
651 dev_req
->is_encrypt
= is_encrypt
;
652 dev_req
->result
= -EBUSY
;
653 dev_req
->engine
= engine
;
654 dev_req
->complete
= spacc_aead_complete
;
656 if (unlikely(spacc_aead_need_fallback(req
) ||
657 ((err
= spacc_aead_make_ddts(req
)) == -E2BIG
)))
658 return spacc_aead_do_fallback(req
, alg_type
, is_encrypt
);
664 spin_lock_irqsave(&engine
->hw_lock
, flags
);
665 if (unlikely(spacc_fifo_cmd_full(engine
)) ||
666 engine
->in_flight
+ 1 > engine
->fifo_sz
) {
667 if (!(req
->base
.flags
& CRYPTO_TFM_REQ_MAY_BACKLOG
)) {
669 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
672 list_add_tail(&dev_req
->list
, &engine
->pending
);
674 list_add_tail(&dev_req
->list
, &engine
->pending
);
677 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
682 spacc_aead_free_ddts(dev_req
);
687 static int spacc_aead_encrypt(struct aead_request
*req
)
689 struct crypto_aead
*aead
= crypto_aead_reqtfm(req
);
690 struct spacc_aead
*alg
= to_spacc_aead(crypto_aead_alg(aead
));
692 return spacc_aead_setup(req
, alg
->type
, 1);
695 static int spacc_aead_decrypt(struct aead_request
*req
)
697 struct crypto_aead
*aead
= crypto_aead_reqtfm(req
);
698 struct spacc_aead
*alg
= to_spacc_aead(crypto_aead_alg(aead
));
700 return spacc_aead_setup(req
, alg
->type
, 0);
704 * Initialise a new AEAD context. This is responsible for allocating the
705 * fallback cipher and initialising the context.
707 static int spacc_aead_cra_init(struct crypto_aead
*tfm
)
709 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(tfm
);
710 struct aead_alg
*alg
= crypto_aead_alg(tfm
);
711 struct spacc_aead
*spacc_alg
= to_spacc_aead(alg
);
712 struct spacc_engine
*engine
= spacc_alg
->engine
;
714 ctx
->generic
.flags
= spacc_alg
->type
;
715 ctx
->generic
.engine
= engine
;
716 ctx
->sw_cipher
= crypto_alloc_aead(alg
->base
.cra_name
, 0,
717 CRYPTO_ALG_NEED_FALLBACK
);
718 if (IS_ERR(ctx
->sw_cipher
))
719 return PTR_ERR(ctx
->sw_cipher
);
720 ctx
->generic
.key_offs
= spacc_alg
->key_offs
;
721 ctx
->generic
.iv_offs
= spacc_alg
->iv_offs
;
723 crypto_aead_set_reqsize(
725 max(sizeof(struct spacc_req
),
726 sizeof(struct aead_request
) +
727 crypto_aead_reqsize(ctx
->sw_cipher
)));
733 * Destructor for an AEAD context. This is called when the transform is freed
734 * and must free the fallback cipher.
736 static void spacc_aead_cra_exit(struct crypto_aead
*tfm
)
738 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(tfm
);
740 crypto_free_aead(ctx
->sw_cipher
);
744 * Set the DES key for a block cipher transform. This also performs weak key
745 * checking if the transform has requested it.
747 static int spacc_des_setkey(struct crypto_ablkcipher
*cipher
, const u8
*key
,
750 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
751 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
752 u32 tmp
[DES_EXPKEY_WORDS
];
754 if (len
> DES3_EDE_KEY_SIZE
) {
755 crypto_ablkcipher_set_flags(cipher
, CRYPTO_TFM_RES_BAD_KEY_LEN
);
759 if (unlikely(!des_ekey(tmp
, key
)) &&
760 (crypto_ablkcipher_get_flags(cipher
) & CRYPTO_TFM_REQ_WEAK_KEY
)) {
761 tfm
->crt_flags
|= CRYPTO_TFM_RES_WEAK_KEY
;
765 memcpy(ctx
->key
, key
, len
);
772 * Set the key for an AES block cipher. Some key lengths are not supported in
773 * hardware so this must also check whether a fallback is needed.
775 static int spacc_aes_setkey(struct crypto_ablkcipher
*cipher
, const u8
*key
,
778 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
779 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
782 if (len
> AES_MAX_KEY_SIZE
) {
783 crypto_ablkcipher_set_flags(cipher
, CRYPTO_TFM_RES_BAD_KEY_LEN
);
788 * IPSec engine only supports 128 and 256 bit AES keys. If we get a
789 * request for any other size (192 bits) then we need to do a software
792 if (len
!= AES_KEYSIZE_128
&& len
!= AES_KEYSIZE_256
) {
797 * Set the fallback transform to use the same request flags as
798 * the hardware transform.
800 crypto_skcipher_clear_flags(ctx
->sw_cipher
,
801 CRYPTO_TFM_REQ_MASK
);
802 crypto_skcipher_set_flags(ctx
->sw_cipher
,
803 cipher
->base
.crt_flags
&
804 CRYPTO_TFM_REQ_MASK
);
806 err
= crypto_skcipher_setkey(ctx
->sw_cipher
, key
, len
);
808 tfm
->crt_flags
&= ~CRYPTO_TFM_RES_MASK
;
810 crypto_skcipher_get_flags(ctx
->sw_cipher
) &
814 goto sw_setkey_failed
;
817 memcpy(ctx
->key
, key
, len
);
824 static int spacc_kasumi_f8_setkey(struct crypto_ablkcipher
*cipher
,
825 const u8
*key
, unsigned int len
)
827 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
828 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
831 if (len
> AES_MAX_KEY_SIZE
) {
832 crypto_ablkcipher_set_flags(cipher
, CRYPTO_TFM_RES_BAD_KEY_LEN
);
837 memcpy(ctx
->key
, key
, len
);
844 static int spacc_ablk_need_fallback(struct spacc_req
*req
)
846 struct spacc_ablk_ctx
*ctx
;
847 struct crypto_tfm
*tfm
= req
->req
->tfm
;
848 struct crypto_alg
*alg
= req
->req
->tfm
->__crt_alg
;
849 struct spacc_alg
*spacc_alg
= to_spacc_alg(alg
);
851 ctx
= crypto_tfm_ctx(tfm
);
853 return (spacc_alg
->ctrl_default
& SPACC_CRYPTO_ALG_MASK
) ==
854 SPA_CTRL_CIPH_ALG_AES
&&
855 ctx
->key_len
!= AES_KEYSIZE_128
&&
856 ctx
->key_len
!= AES_KEYSIZE_256
;
859 static void spacc_ablk_complete(struct spacc_req
*req
)
861 struct ablkcipher_request
*ablk_req
= ablkcipher_request_cast(req
->req
);
863 if (ablk_req
->src
!= ablk_req
->dst
) {
864 spacc_free_ddt(req
, req
->src_ddt
, req
->src_addr
, ablk_req
->src
,
865 ablk_req
->nbytes
, DMA_TO_DEVICE
);
866 spacc_free_ddt(req
, req
->dst_ddt
, req
->dst_addr
, ablk_req
->dst
,
867 ablk_req
->nbytes
, DMA_FROM_DEVICE
);
869 spacc_free_ddt(req
, req
->dst_ddt
, req
->dst_addr
, ablk_req
->dst
,
870 ablk_req
->nbytes
, DMA_BIDIRECTIONAL
);
872 req
->req
->complete(req
->req
, req
->result
);
875 static int spacc_ablk_submit(struct spacc_req
*req
)
877 struct crypto_tfm
*tfm
= req
->req
->tfm
;
878 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
879 struct ablkcipher_request
*ablk_req
= ablkcipher_request_cast(req
->req
);
880 struct crypto_alg
*alg
= req
->req
->tfm
->__crt_alg
;
881 struct spacc_alg
*spacc_alg
= to_spacc_alg(alg
);
882 struct spacc_engine
*engine
= ctx
->generic
.engine
;
885 req
->ctx_id
= spacc_load_ctx(&ctx
->generic
, ctx
->key
,
886 ctx
->key_len
, ablk_req
->info
, alg
->cra_ablkcipher
.ivsize
,
889 writel(req
->src_addr
, engine
->regs
+ SPA_SRC_PTR_REG_OFFSET
);
890 writel(req
->dst_addr
, engine
->regs
+ SPA_DST_PTR_REG_OFFSET
);
891 writel(0, engine
->regs
+ SPA_OFFSET_REG_OFFSET
);
893 writel(ablk_req
->nbytes
, engine
->regs
+ SPA_PROC_LEN_REG_OFFSET
);
894 writel(0, engine
->regs
+ SPA_ICV_OFFSET_REG_OFFSET
);
895 writel(0, engine
->regs
+ SPA_AUX_INFO_REG_OFFSET
);
896 writel(0, engine
->regs
+ SPA_AAD_LEN_REG_OFFSET
);
898 ctrl
= spacc_alg
->ctrl_default
| (req
->ctx_id
<< SPA_CTRL_CTX_IDX
) |
899 (req
->is_encrypt
? (1 << SPA_CTRL_ENCRYPT_IDX
) :
900 (1 << SPA_CTRL_KEY_EXP
));
902 mod_timer(&engine
->packet_timeout
, jiffies
+ PACKET_TIMEOUT
);
904 writel(ctrl
, engine
->regs
+ SPA_CTRL_REG_OFFSET
);
909 static int spacc_ablk_do_fallback(struct ablkcipher_request
*req
,
910 unsigned alg_type
, bool is_encrypt
)
912 struct crypto_tfm
*old_tfm
=
913 crypto_ablkcipher_tfm(crypto_ablkcipher_reqtfm(req
));
914 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(old_tfm
);
915 SKCIPHER_REQUEST_ON_STACK(subreq
, ctx
->sw_cipher
);
919 * Change the request to use the software fallback transform, and once
920 * the ciphering has completed, put the old transform back into the
923 skcipher_request_set_tfm(subreq
, ctx
->sw_cipher
);
924 skcipher_request_set_callback(subreq
, req
->base
.flags
, NULL
, NULL
);
925 skcipher_request_set_crypt(subreq
, req
->src
, req
->dst
,
926 req
->nbytes
, req
->info
);
927 err
= is_encrypt
? crypto_skcipher_encrypt(subreq
) :
928 crypto_skcipher_decrypt(subreq
);
929 skcipher_request_zero(subreq
);
934 static int spacc_ablk_setup(struct ablkcipher_request
*req
, unsigned alg_type
,
937 struct crypto_alg
*alg
= req
->base
.tfm
->__crt_alg
;
938 struct spacc_engine
*engine
= to_spacc_alg(alg
)->engine
;
939 struct spacc_req
*dev_req
= ablkcipher_request_ctx(req
);
943 dev_req
->req
= &req
->base
;
944 dev_req
->is_encrypt
= is_encrypt
;
945 dev_req
->engine
= engine
;
946 dev_req
->complete
= spacc_ablk_complete
;
947 dev_req
->result
= -EINPROGRESS
;
949 if (unlikely(spacc_ablk_need_fallback(dev_req
)))
950 return spacc_ablk_do_fallback(req
, alg_type
, is_encrypt
);
953 * Create the DDT's for the engine. If we share the same source and
954 * destination then we can optimize by reusing the DDT's.
956 if (req
->src
!= req
->dst
) {
957 dev_req
->src_ddt
= spacc_sg_to_ddt(engine
, req
->src
,
958 req
->nbytes
, DMA_TO_DEVICE
, &dev_req
->src_addr
);
959 if (!dev_req
->src_ddt
)
962 dev_req
->dst_ddt
= spacc_sg_to_ddt(engine
, req
->dst
,
963 req
->nbytes
, DMA_FROM_DEVICE
, &dev_req
->dst_addr
);
964 if (!dev_req
->dst_ddt
)
967 dev_req
->dst_ddt
= spacc_sg_to_ddt(engine
, req
->dst
,
968 req
->nbytes
, DMA_BIDIRECTIONAL
, &dev_req
->dst_addr
);
969 if (!dev_req
->dst_ddt
)
972 dev_req
->src_ddt
= NULL
;
973 dev_req
->src_addr
= dev_req
->dst_addr
;
977 spin_lock_irqsave(&engine
->hw_lock
, flags
);
979 * Check if the engine will accept the operation now. If it won't then
980 * we either stick it on the end of a pending list if we can backlog,
981 * or bailout with an error if not.
983 if (unlikely(spacc_fifo_cmd_full(engine
)) ||
984 engine
->in_flight
+ 1 > engine
->fifo_sz
) {
985 if (!(req
->base
.flags
& CRYPTO_TFM_REQ_MAY_BACKLOG
)) {
987 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
990 list_add_tail(&dev_req
->list
, &engine
->pending
);
992 list_add_tail(&dev_req
->list
, &engine
->pending
);
995 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
1000 spacc_free_ddt(dev_req
, dev_req
->dst_ddt
, dev_req
->dst_addr
, req
->dst
,
1001 req
->nbytes
, req
->src
== req
->dst
?
1002 DMA_BIDIRECTIONAL
: DMA_FROM_DEVICE
);
1004 if (req
->src
!= req
->dst
)
1005 spacc_free_ddt(dev_req
, dev_req
->src_ddt
, dev_req
->src_addr
,
1006 req
->src
, req
->nbytes
, DMA_TO_DEVICE
);
1011 static int spacc_ablk_cra_init(struct crypto_tfm
*tfm
)
1013 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
1014 struct crypto_alg
*alg
= tfm
->__crt_alg
;
1015 struct spacc_alg
*spacc_alg
= to_spacc_alg(alg
);
1016 struct spacc_engine
*engine
= spacc_alg
->engine
;
1018 ctx
->generic
.flags
= spacc_alg
->type
;
1019 ctx
->generic
.engine
= engine
;
1020 if (alg
->cra_flags
& CRYPTO_ALG_NEED_FALLBACK
) {
1021 ctx
->sw_cipher
= crypto_alloc_skcipher(
1022 alg
->cra_name
, 0, CRYPTO_ALG_ASYNC
|
1023 CRYPTO_ALG_NEED_FALLBACK
);
1024 if (IS_ERR(ctx
->sw_cipher
)) {
1025 dev_warn(engine
->dev
, "failed to allocate fallback for %s\n",
1027 return PTR_ERR(ctx
->sw_cipher
);
1030 ctx
->generic
.key_offs
= spacc_alg
->key_offs
;
1031 ctx
->generic
.iv_offs
= spacc_alg
->iv_offs
;
1033 tfm
->crt_ablkcipher
.reqsize
= sizeof(struct spacc_req
);
1038 static void spacc_ablk_cra_exit(struct crypto_tfm
*tfm
)
1040 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
1042 crypto_free_skcipher(ctx
->sw_cipher
);
1045 static int spacc_ablk_encrypt(struct ablkcipher_request
*req
)
1047 struct crypto_ablkcipher
*cipher
= crypto_ablkcipher_reqtfm(req
);
1048 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
1049 struct spacc_alg
*alg
= to_spacc_alg(tfm
->__crt_alg
);
1051 return spacc_ablk_setup(req
, alg
->type
, 1);
1054 static int spacc_ablk_decrypt(struct ablkcipher_request
*req
)
1056 struct crypto_ablkcipher
*cipher
= crypto_ablkcipher_reqtfm(req
);
1057 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
1058 struct spacc_alg
*alg
= to_spacc_alg(tfm
->__crt_alg
);
1060 return spacc_ablk_setup(req
, alg
->type
, 0);
1063 static inline int spacc_fifo_stat_empty(struct spacc_engine
*engine
)
1065 return readl(engine
->regs
+ SPA_FIFO_STAT_REG_OFFSET
) &
1066 SPA_FIFO_STAT_EMPTY
;
1069 static void spacc_process_done(struct spacc_engine
*engine
)
1071 struct spacc_req
*req
;
1072 unsigned long flags
;
1074 spin_lock_irqsave(&engine
->hw_lock
, flags
);
1076 while (!spacc_fifo_stat_empty(engine
)) {
1077 req
= list_first_entry(&engine
->in_progress
, struct spacc_req
,
1079 list_move_tail(&req
->list
, &engine
->completed
);
1080 --engine
->in_flight
;
1082 /* POP the status register. */
1083 writel(~0, engine
->regs
+ SPA_STAT_POP_REG_OFFSET
);
1084 req
->result
= (readl(engine
->regs
+ SPA_STATUS_REG_OFFSET
) &
1085 SPA_STATUS_RES_CODE_MASK
) >> SPA_STATUS_RES_CODE_OFFSET
;
1088 * Convert the SPAcc error status into the standard POSIX error
1091 if (unlikely(req
->result
)) {
1092 switch (req
->result
) {
1093 case SPA_STATUS_ICV_FAIL
:
1094 req
->result
= -EBADMSG
;
1097 case SPA_STATUS_MEMORY_ERROR
:
1098 dev_warn(engine
->dev
,
1099 "memory error triggered\n");
1100 req
->result
= -EFAULT
;
1103 case SPA_STATUS_BLOCK_ERROR
:
1104 dev_warn(engine
->dev
,
1105 "block error triggered\n");
1112 tasklet_schedule(&engine
->complete
);
1114 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
1117 static irqreturn_t
spacc_spacc_irq(int irq
, void *dev
)
1119 struct spacc_engine
*engine
= (struct spacc_engine
*)dev
;
1120 u32 spacc_irq_stat
= readl(engine
->regs
+ SPA_IRQ_STAT_REG_OFFSET
);
1122 writel(spacc_irq_stat
, engine
->regs
+ SPA_IRQ_STAT_REG_OFFSET
);
1123 spacc_process_done(engine
);
1128 static void spacc_packet_timeout(struct timer_list
*t
)
1130 struct spacc_engine
*engine
= from_timer(engine
, t
, packet_timeout
);
1132 spacc_process_done(engine
);
1135 static int spacc_req_submit(struct spacc_req
*req
)
1137 struct crypto_alg
*alg
= req
->req
->tfm
->__crt_alg
;
1139 if (CRYPTO_ALG_TYPE_AEAD
== (CRYPTO_ALG_TYPE_MASK
& alg
->cra_flags
))
1140 return spacc_aead_submit(req
);
1142 return spacc_ablk_submit(req
);
1145 static void spacc_spacc_complete(unsigned long data
)
1147 struct spacc_engine
*engine
= (struct spacc_engine
*)data
;
1148 struct spacc_req
*req
, *tmp
;
1149 unsigned long flags
;
1150 LIST_HEAD(completed
);
1152 spin_lock_irqsave(&engine
->hw_lock
, flags
);
1154 list_splice_init(&engine
->completed
, &completed
);
1156 if (engine
->in_flight
)
1157 mod_timer(&engine
->packet_timeout
, jiffies
+ PACKET_TIMEOUT
);
1159 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
1161 list_for_each_entry_safe(req
, tmp
, &completed
, list
) {
1162 list_del(&req
->list
);
1168 static int spacc_suspend(struct device
*dev
)
1170 struct platform_device
*pdev
= to_platform_device(dev
);
1171 struct spacc_engine
*engine
= platform_get_drvdata(pdev
);
1174 * We only support standby mode. All we have to do is gate the clock to
1175 * the spacc. The hardware will preserve state until we turn it back
1178 clk_disable(engine
->clk
);
1183 static int spacc_resume(struct device
*dev
)
1185 struct platform_device
*pdev
= to_platform_device(dev
);
1186 struct spacc_engine
*engine
= platform_get_drvdata(pdev
);
1188 return clk_enable(engine
->clk
);
1191 static const struct dev_pm_ops spacc_pm_ops
= {
1192 .suspend
= spacc_suspend
,
1193 .resume
= spacc_resume
,
1195 #endif /* CONFIG_PM */
1197 static inline struct spacc_engine
*spacc_dev_to_engine(struct device
*dev
)
1199 return dev
? platform_get_drvdata(to_platform_device(dev
)) : NULL
;
1202 static ssize_t
spacc_stat_irq_thresh_show(struct device
*dev
,
1203 struct device_attribute
*attr
,
1206 struct spacc_engine
*engine
= spacc_dev_to_engine(dev
);
1208 return snprintf(buf
, PAGE_SIZE
, "%u\n", engine
->stat_irq_thresh
);
1211 static ssize_t
spacc_stat_irq_thresh_store(struct device
*dev
,
1212 struct device_attribute
*attr
,
1213 const char *buf
, size_t len
)
1215 struct spacc_engine
*engine
= spacc_dev_to_engine(dev
);
1216 unsigned long thresh
;
1218 if (kstrtoul(buf
, 0, &thresh
))
1221 thresh
= clamp(thresh
, 1UL, engine
->fifo_sz
- 1);
1223 engine
->stat_irq_thresh
= thresh
;
1224 writel(engine
->stat_irq_thresh
<< SPA_IRQ_CTRL_STAT_CNT_OFFSET
,
1225 engine
->regs
+ SPA_IRQ_CTRL_REG_OFFSET
);
1229 static DEVICE_ATTR(stat_irq_thresh
, 0644, spacc_stat_irq_thresh_show
,
1230 spacc_stat_irq_thresh_store
);
1232 static struct spacc_alg ipsec_engine_algs
[] = {
1234 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
| SPA_CTRL_CIPH_MODE_CBC
,
1236 .iv_offs
= AES_MAX_KEY_SIZE
,
1238 .cra_name
= "cbc(aes)",
1239 .cra_driver_name
= "cbc-aes-picoxcell",
1240 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1241 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1242 CRYPTO_ALG_KERN_DRIVER_ONLY
|
1244 CRYPTO_ALG_NEED_FALLBACK
,
1245 .cra_blocksize
= AES_BLOCK_SIZE
,
1246 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1247 .cra_type
= &crypto_ablkcipher_type
,
1248 .cra_module
= THIS_MODULE
,
1250 .setkey
= spacc_aes_setkey
,
1251 .encrypt
= spacc_ablk_encrypt
,
1252 .decrypt
= spacc_ablk_decrypt
,
1253 .min_keysize
= AES_MIN_KEY_SIZE
,
1254 .max_keysize
= AES_MAX_KEY_SIZE
,
1255 .ivsize
= AES_BLOCK_SIZE
,
1257 .cra_init
= spacc_ablk_cra_init
,
1258 .cra_exit
= spacc_ablk_cra_exit
,
1263 .iv_offs
= AES_MAX_KEY_SIZE
,
1264 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
| SPA_CTRL_CIPH_MODE_ECB
,
1266 .cra_name
= "ecb(aes)",
1267 .cra_driver_name
= "ecb-aes-picoxcell",
1268 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1269 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1270 CRYPTO_ALG_KERN_DRIVER_ONLY
|
1271 CRYPTO_ALG_ASYNC
| CRYPTO_ALG_NEED_FALLBACK
,
1272 .cra_blocksize
= AES_BLOCK_SIZE
,
1273 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1274 .cra_type
= &crypto_ablkcipher_type
,
1275 .cra_module
= THIS_MODULE
,
1277 .setkey
= spacc_aes_setkey
,
1278 .encrypt
= spacc_ablk_encrypt
,
1279 .decrypt
= spacc_ablk_decrypt
,
1280 .min_keysize
= AES_MIN_KEY_SIZE
,
1281 .max_keysize
= AES_MAX_KEY_SIZE
,
1283 .cra_init
= spacc_ablk_cra_init
,
1284 .cra_exit
= spacc_ablk_cra_exit
,
1288 .key_offs
= DES_BLOCK_SIZE
,
1290 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
| SPA_CTRL_CIPH_MODE_CBC
,
1292 .cra_name
= "cbc(des)",
1293 .cra_driver_name
= "cbc-des-picoxcell",
1294 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1295 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1297 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1298 .cra_blocksize
= DES_BLOCK_SIZE
,
1299 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1300 .cra_type
= &crypto_ablkcipher_type
,
1301 .cra_module
= THIS_MODULE
,
1303 .setkey
= spacc_des_setkey
,
1304 .encrypt
= spacc_ablk_encrypt
,
1305 .decrypt
= spacc_ablk_decrypt
,
1306 .min_keysize
= DES_KEY_SIZE
,
1307 .max_keysize
= DES_KEY_SIZE
,
1308 .ivsize
= DES_BLOCK_SIZE
,
1310 .cra_init
= spacc_ablk_cra_init
,
1311 .cra_exit
= spacc_ablk_cra_exit
,
1315 .key_offs
= DES_BLOCK_SIZE
,
1317 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
| SPA_CTRL_CIPH_MODE_ECB
,
1319 .cra_name
= "ecb(des)",
1320 .cra_driver_name
= "ecb-des-picoxcell",
1321 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1322 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1324 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1325 .cra_blocksize
= DES_BLOCK_SIZE
,
1326 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1327 .cra_type
= &crypto_ablkcipher_type
,
1328 .cra_module
= THIS_MODULE
,
1330 .setkey
= spacc_des_setkey
,
1331 .encrypt
= spacc_ablk_encrypt
,
1332 .decrypt
= spacc_ablk_decrypt
,
1333 .min_keysize
= DES_KEY_SIZE
,
1334 .max_keysize
= DES_KEY_SIZE
,
1336 .cra_init
= spacc_ablk_cra_init
,
1337 .cra_exit
= spacc_ablk_cra_exit
,
1341 .key_offs
= DES_BLOCK_SIZE
,
1343 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
| SPA_CTRL_CIPH_MODE_CBC
,
1345 .cra_name
= "cbc(des3_ede)",
1346 .cra_driver_name
= "cbc-des3-ede-picoxcell",
1347 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1348 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1350 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1351 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1352 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1353 .cra_type
= &crypto_ablkcipher_type
,
1354 .cra_module
= THIS_MODULE
,
1356 .setkey
= spacc_des_setkey
,
1357 .encrypt
= spacc_ablk_encrypt
,
1358 .decrypt
= spacc_ablk_decrypt
,
1359 .min_keysize
= DES3_EDE_KEY_SIZE
,
1360 .max_keysize
= DES3_EDE_KEY_SIZE
,
1361 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1363 .cra_init
= spacc_ablk_cra_init
,
1364 .cra_exit
= spacc_ablk_cra_exit
,
1368 .key_offs
= DES_BLOCK_SIZE
,
1370 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
| SPA_CTRL_CIPH_MODE_ECB
,
1372 .cra_name
= "ecb(des3_ede)",
1373 .cra_driver_name
= "ecb-des3-ede-picoxcell",
1374 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1375 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1377 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1378 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1379 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1380 .cra_type
= &crypto_ablkcipher_type
,
1381 .cra_module
= THIS_MODULE
,
1383 .setkey
= spacc_des_setkey
,
1384 .encrypt
= spacc_ablk_encrypt
,
1385 .decrypt
= spacc_ablk_decrypt
,
1386 .min_keysize
= DES3_EDE_KEY_SIZE
,
1387 .max_keysize
= DES3_EDE_KEY_SIZE
,
1389 .cra_init
= spacc_ablk_cra_init
,
1390 .cra_exit
= spacc_ablk_cra_exit
,
1395 static struct spacc_aead ipsec_engine_aeads
[] = {
1397 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
|
1398 SPA_CTRL_CIPH_MODE_CBC
|
1399 SPA_CTRL_HASH_ALG_SHA
|
1400 SPA_CTRL_HASH_MODE_HMAC
,
1402 .iv_offs
= AES_MAX_KEY_SIZE
,
1405 .cra_name
= "authenc(hmac(sha1),cbc(aes))",
1406 .cra_driver_name
= "authenc-hmac-sha1-"
1407 "cbc-aes-picoxcell",
1408 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1409 .cra_flags
= CRYPTO_ALG_ASYNC
|
1410 CRYPTO_ALG_NEED_FALLBACK
|
1411 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1412 .cra_blocksize
= AES_BLOCK_SIZE
,
1413 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1414 .cra_module
= THIS_MODULE
,
1416 .setkey
= spacc_aead_setkey
,
1417 .setauthsize
= spacc_aead_setauthsize
,
1418 .encrypt
= spacc_aead_encrypt
,
1419 .decrypt
= spacc_aead_decrypt
,
1420 .ivsize
= AES_BLOCK_SIZE
,
1421 .maxauthsize
= SHA1_DIGEST_SIZE
,
1422 .init
= spacc_aead_cra_init
,
1423 .exit
= spacc_aead_cra_exit
,
1427 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
|
1428 SPA_CTRL_CIPH_MODE_CBC
|
1429 SPA_CTRL_HASH_ALG_SHA256
|
1430 SPA_CTRL_HASH_MODE_HMAC
,
1432 .iv_offs
= AES_MAX_KEY_SIZE
,
1435 .cra_name
= "authenc(hmac(sha256),cbc(aes))",
1436 .cra_driver_name
= "authenc-hmac-sha256-"
1437 "cbc-aes-picoxcell",
1438 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1439 .cra_flags
= CRYPTO_ALG_ASYNC
|
1440 CRYPTO_ALG_NEED_FALLBACK
|
1441 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1442 .cra_blocksize
= AES_BLOCK_SIZE
,
1443 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1444 .cra_module
= THIS_MODULE
,
1446 .setkey
= spacc_aead_setkey
,
1447 .setauthsize
= spacc_aead_setauthsize
,
1448 .encrypt
= spacc_aead_encrypt
,
1449 .decrypt
= spacc_aead_decrypt
,
1450 .ivsize
= AES_BLOCK_SIZE
,
1451 .maxauthsize
= SHA256_DIGEST_SIZE
,
1452 .init
= spacc_aead_cra_init
,
1453 .exit
= spacc_aead_cra_exit
,
1458 .iv_offs
= AES_MAX_KEY_SIZE
,
1459 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
|
1460 SPA_CTRL_CIPH_MODE_CBC
|
1461 SPA_CTRL_HASH_ALG_MD5
|
1462 SPA_CTRL_HASH_MODE_HMAC
,
1465 .cra_name
= "authenc(hmac(md5),cbc(aes))",
1466 .cra_driver_name
= "authenc-hmac-md5-"
1467 "cbc-aes-picoxcell",
1468 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1469 .cra_flags
= CRYPTO_ALG_ASYNC
|
1470 CRYPTO_ALG_NEED_FALLBACK
|
1471 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1472 .cra_blocksize
= AES_BLOCK_SIZE
,
1473 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1474 .cra_module
= THIS_MODULE
,
1476 .setkey
= spacc_aead_setkey
,
1477 .setauthsize
= spacc_aead_setauthsize
,
1478 .encrypt
= spacc_aead_encrypt
,
1479 .decrypt
= spacc_aead_decrypt
,
1480 .ivsize
= AES_BLOCK_SIZE
,
1481 .maxauthsize
= MD5_DIGEST_SIZE
,
1482 .init
= spacc_aead_cra_init
,
1483 .exit
= spacc_aead_cra_exit
,
1487 .key_offs
= DES_BLOCK_SIZE
,
1489 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
|
1490 SPA_CTRL_CIPH_MODE_CBC
|
1491 SPA_CTRL_HASH_ALG_SHA
|
1492 SPA_CTRL_HASH_MODE_HMAC
,
1495 .cra_name
= "authenc(hmac(sha1),cbc(des3_ede))",
1496 .cra_driver_name
= "authenc-hmac-sha1-"
1497 "cbc-3des-picoxcell",
1498 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1499 .cra_flags
= CRYPTO_ALG_ASYNC
|
1500 CRYPTO_ALG_NEED_FALLBACK
|
1501 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1502 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1503 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1504 .cra_module
= THIS_MODULE
,
1506 .setkey
= spacc_aead_setkey
,
1507 .setauthsize
= spacc_aead_setauthsize
,
1508 .encrypt
= spacc_aead_encrypt
,
1509 .decrypt
= spacc_aead_decrypt
,
1510 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1511 .maxauthsize
= SHA1_DIGEST_SIZE
,
1512 .init
= spacc_aead_cra_init
,
1513 .exit
= spacc_aead_cra_exit
,
1517 .key_offs
= DES_BLOCK_SIZE
,
1519 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
|
1520 SPA_CTRL_CIPH_MODE_CBC
|
1521 SPA_CTRL_HASH_ALG_SHA256
|
1522 SPA_CTRL_HASH_MODE_HMAC
,
1525 .cra_name
= "authenc(hmac(sha256),"
1527 .cra_driver_name
= "authenc-hmac-sha256-"
1528 "cbc-3des-picoxcell",
1529 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1530 .cra_flags
= CRYPTO_ALG_ASYNC
|
1531 CRYPTO_ALG_NEED_FALLBACK
|
1532 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1533 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1534 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1535 .cra_module
= THIS_MODULE
,
1537 .setkey
= spacc_aead_setkey
,
1538 .setauthsize
= spacc_aead_setauthsize
,
1539 .encrypt
= spacc_aead_encrypt
,
1540 .decrypt
= spacc_aead_decrypt
,
1541 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1542 .maxauthsize
= SHA256_DIGEST_SIZE
,
1543 .init
= spacc_aead_cra_init
,
1544 .exit
= spacc_aead_cra_exit
,
1548 .key_offs
= DES_BLOCK_SIZE
,
1550 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
|
1551 SPA_CTRL_CIPH_MODE_CBC
|
1552 SPA_CTRL_HASH_ALG_MD5
|
1553 SPA_CTRL_HASH_MODE_HMAC
,
1556 .cra_name
= "authenc(hmac(md5),cbc(des3_ede))",
1557 .cra_driver_name
= "authenc-hmac-md5-"
1558 "cbc-3des-picoxcell",
1559 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1560 .cra_flags
= CRYPTO_ALG_ASYNC
|
1561 CRYPTO_ALG_NEED_FALLBACK
|
1562 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1563 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1564 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1565 .cra_module
= THIS_MODULE
,
1567 .setkey
= spacc_aead_setkey
,
1568 .setauthsize
= spacc_aead_setauthsize
,
1569 .encrypt
= spacc_aead_encrypt
,
1570 .decrypt
= spacc_aead_decrypt
,
1571 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1572 .maxauthsize
= MD5_DIGEST_SIZE
,
1573 .init
= spacc_aead_cra_init
,
1574 .exit
= spacc_aead_cra_exit
,
1579 static struct spacc_alg l2_engine_algs
[] = {
1582 .iv_offs
= SPACC_CRYPTO_KASUMI_F8_KEY_LEN
,
1583 .ctrl_default
= SPA_CTRL_CIPH_ALG_KASUMI
|
1584 SPA_CTRL_CIPH_MODE_F8
,
1586 .cra_name
= "f8(kasumi)",
1587 .cra_driver_name
= "f8-kasumi-picoxcell",
1588 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1589 .cra_flags
= CRYPTO_ALG_TYPE_GIVCIPHER
|
1591 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1593 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1594 .cra_type
= &crypto_ablkcipher_type
,
1595 .cra_module
= THIS_MODULE
,
1597 .setkey
= spacc_kasumi_f8_setkey
,
1598 .encrypt
= spacc_ablk_encrypt
,
1599 .decrypt
= spacc_ablk_decrypt
,
1604 .cra_init
= spacc_ablk_cra_init
,
1605 .cra_exit
= spacc_ablk_cra_exit
,
1611 static const struct of_device_id spacc_of_id_table
[] = {
1612 { .compatible
= "picochip,spacc-ipsec" },
1613 { .compatible
= "picochip,spacc-l2" },
1616 MODULE_DEVICE_TABLE(of
, spacc_of_id_table
);
1617 #endif /* CONFIG_OF */
1619 static int spacc_probe(struct platform_device
*pdev
)
1621 int i
, err
, ret
= -EINVAL
;
1622 struct resource
*mem
, *irq
;
1623 struct device_node
*np
= pdev
->dev
.of_node
;
1624 struct spacc_engine
*engine
= devm_kzalloc(&pdev
->dev
, sizeof(*engine
),
1629 if (of_device_is_compatible(np
, "picochip,spacc-ipsec")) {
1630 engine
->max_ctxs
= SPACC_CRYPTO_IPSEC_MAX_CTXS
;
1631 engine
->cipher_pg_sz
= SPACC_CRYPTO_IPSEC_CIPHER_PG_SZ
;
1632 engine
->hash_pg_sz
= SPACC_CRYPTO_IPSEC_HASH_PG_SZ
;
1633 engine
->fifo_sz
= SPACC_CRYPTO_IPSEC_FIFO_SZ
;
1634 engine
->algs
= ipsec_engine_algs
;
1635 engine
->num_algs
= ARRAY_SIZE(ipsec_engine_algs
);
1636 engine
->aeads
= ipsec_engine_aeads
;
1637 engine
->num_aeads
= ARRAY_SIZE(ipsec_engine_aeads
);
1638 } else if (of_device_is_compatible(np
, "picochip,spacc-l2")) {
1639 engine
->max_ctxs
= SPACC_CRYPTO_L2_MAX_CTXS
;
1640 engine
->cipher_pg_sz
= SPACC_CRYPTO_L2_CIPHER_PG_SZ
;
1641 engine
->hash_pg_sz
= SPACC_CRYPTO_L2_HASH_PG_SZ
;
1642 engine
->fifo_sz
= SPACC_CRYPTO_L2_FIFO_SZ
;
1643 engine
->algs
= l2_engine_algs
;
1644 engine
->num_algs
= ARRAY_SIZE(l2_engine_algs
);
1649 engine
->name
= dev_name(&pdev
->dev
);
1651 mem
= platform_get_resource(pdev
, IORESOURCE_MEM
, 0);
1652 engine
->regs
= devm_ioremap_resource(&pdev
->dev
, mem
);
1653 if (IS_ERR(engine
->regs
))
1654 return PTR_ERR(engine
->regs
);
1656 irq
= platform_get_resource(pdev
, IORESOURCE_IRQ
, 0);
1658 dev_err(&pdev
->dev
, "no memory/irq resource for engine\n");
1662 if (devm_request_irq(&pdev
->dev
, irq
->start
, spacc_spacc_irq
, 0,
1663 engine
->name
, engine
)) {
1664 dev_err(engine
->dev
, "failed to request IRQ\n");
1668 engine
->dev
= &pdev
->dev
;
1669 engine
->cipher_ctx_base
= engine
->regs
+ SPA_CIPH_KEY_BASE_REG_OFFSET
;
1670 engine
->hash_key_base
= engine
->regs
+ SPA_HASH_KEY_BASE_REG_OFFSET
;
1672 engine
->req_pool
= dmam_pool_create(engine
->name
, engine
->dev
,
1673 MAX_DDT_LEN
* sizeof(struct spacc_ddt
), 8, SZ_64K
);
1674 if (!engine
->req_pool
)
1677 spin_lock_init(&engine
->hw_lock
);
1679 engine
->clk
= clk_get(&pdev
->dev
, "ref");
1680 if (IS_ERR(engine
->clk
)) {
1681 dev_info(&pdev
->dev
, "clk unavailable\n");
1682 device_remove_file(&pdev
->dev
, &dev_attr_stat_irq_thresh
);
1683 return PTR_ERR(engine
->clk
);
1686 if (clk_prepare_enable(engine
->clk
)) {
1687 dev_info(&pdev
->dev
, "unable to prepare/enable clk\n");
1688 clk_put(engine
->clk
);
1692 err
= device_create_file(&pdev
->dev
, &dev_attr_stat_irq_thresh
);
1694 clk_disable_unprepare(engine
->clk
);
1695 clk_put(engine
->clk
);
1701 * Use an IRQ threshold of 50% as a default. This seems to be a
1702 * reasonable trade off of latency against throughput but can be
1703 * changed at runtime.
1705 engine
->stat_irq_thresh
= (engine
->fifo_sz
/ 2);
1708 * Configure the interrupts. We only use the STAT_CNT interrupt as we
1709 * only submit a new packet for processing when we complete another in
1710 * the queue. This minimizes time spent in the interrupt handler.
1712 writel(engine
->stat_irq_thresh
<< SPA_IRQ_CTRL_STAT_CNT_OFFSET
,
1713 engine
->regs
+ SPA_IRQ_CTRL_REG_OFFSET
);
1714 writel(SPA_IRQ_EN_STAT_EN
| SPA_IRQ_EN_GLBL_EN
,
1715 engine
->regs
+ SPA_IRQ_EN_REG_OFFSET
);
1717 timer_setup(&engine
->packet_timeout
, spacc_packet_timeout
, 0);
1719 INIT_LIST_HEAD(&engine
->pending
);
1720 INIT_LIST_HEAD(&engine
->completed
);
1721 INIT_LIST_HEAD(&engine
->in_progress
);
1722 engine
->in_flight
= 0;
1723 tasklet_init(&engine
->complete
, spacc_spacc_complete
,
1724 (unsigned long)engine
);
1726 platform_set_drvdata(pdev
, engine
);
1728 INIT_LIST_HEAD(&engine
->registered_algs
);
1729 for (i
= 0; i
< engine
->num_algs
; ++i
) {
1730 engine
->algs
[i
].engine
= engine
;
1731 err
= crypto_register_alg(&engine
->algs
[i
].alg
);
1733 list_add_tail(&engine
->algs
[i
].entry
,
1734 &engine
->registered_algs
);
1738 dev_err(engine
->dev
, "failed to register alg \"%s\"\n",
1739 engine
->algs
[i
].alg
.cra_name
);
1741 dev_dbg(engine
->dev
, "registered alg \"%s\"\n",
1742 engine
->algs
[i
].alg
.cra_name
);
1745 INIT_LIST_HEAD(&engine
->registered_aeads
);
1746 for (i
= 0; i
< engine
->num_aeads
; ++i
) {
1747 engine
->aeads
[i
].engine
= engine
;
1748 err
= crypto_register_aead(&engine
->aeads
[i
].alg
);
1750 list_add_tail(&engine
->aeads
[i
].entry
,
1751 &engine
->registered_aeads
);
1755 dev_err(engine
->dev
, "failed to register alg \"%s\"\n",
1756 engine
->aeads
[i
].alg
.base
.cra_name
);
1758 dev_dbg(engine
->dev
, "registered alg \"%s\"\n",
1759 engine
->aeads
[i
].alg
.base
.cra_name
);
1765 static int spacc_remove(struct platform_device
*pdev
)
1767 struct spacc_aead
*aead
, *an
;
1768 struct spacc_alg
*alg
, *next
;
1769 struct spacc_engine
*engine
= platform_get_drvdata(pdev
);
1771 del_timer_sync(&engine
->packet_timeout
);
1772 device_remove_file(&pdev
->dev
, &dev_attr_stat_irq_thresh
);
1774 list_for_each_entry_safe(aead
, an
, &engine
->registered_aeads
, entry
) {
1775 list_del(&aead
->entry
);
1776 crypto_unregister_aead(&aead
->alg
);
1779 list_for_each_entry_safe(alg
, next
, &engine
->registered_algs
, entry
) {
1780 list_del(&alg
->entry
);
1781 crypto_unregister_alg(&alg
->alg
);
1784 clk_disable_unprepare(engine
->clk
);
1785 clk_put(engine
->clk
);
1790 static struct platform_driver spacc_driver
= {
1791 .probe
= spacc_probe
,
1792 .remove
= spacc_remove
,
1794 .name
= "picochip,spacc",
1796 .pm
= &spacc_pm_ops
,
1797 #endif /* CONFIG_PM */
1798 .of_match_table
= of_match_ptr(spacc_of_id_table
),
1802 module_platform_driver(spacc_driver
);
1804 MODULE_LICENSE("GPL");
1805 MODULE_AUTHOR("Jamie Iles");