search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 4.19.133
[linux/fpc-iii.git] / drivers / crypto / hisilicon / sec / sec_algs.c
blobbf9658800bda5b0b55525b89e87fb1656cc5b401
1 // SPDX-License-Identifier: GPL-2.0
2 /* Copyright (c) 2016-2017 Hisilicon Limited. */
3 #include <linux/crypto.h>
4 #include <linux/dma-mapping.h>
5 #include <linux/dmapool.h>
6 #include <linux/module.h>
7 #include <linux/mutex.h>
8 #include <linux/slab.h>
9
10 #include <crypto/aes.h>
11 #include <crypto/algapi.h>
12 #include <crypto/des.h>
13 #include <crypto/skcipher.h>
14 #include <crypto/xts.h>
15 #include <crypto/internal/skcipher.h>
16
17 #include "sec_drv.h"
18
19 #define SEC_MAX_CIPHER_KEY 64
20 #define SEC_REQ_LIMIT SZ_32M
21
22 struct sec_c_alg_cfg {
23 unsigned c_alg : 3;
24 unsigned c_mode : 3;
25 unsigned key_len : 2;
26 unsigned c_width : 2;
27 };
28
29 static const struct sec_c_alg_cfg sec_c_alg_cfgs[] = {
30 [SEC_C_DES_ECB_64] = {
31 .c_alg = SEC_C_ALG_DES,
32 .c_mode = SEC_C_MODE_ECB,
33 .key_len = SEC_KEY_LEN_DES,
34 },
35 [SEC_C_DES_CBC_64] = {
36 .c_alg = SEC_C_ALG_DES,
37 .c_mode = SEC_C_MODE_CBC,
38 .key_len = SEC_KEY_LEN_DES,
39 },
40 [SEC_C_3DES_ECB_192_3KEY] = {
41 .c_alg = SEC_C_ALG_3DES,
42 .c_mode = SEC_C_MODE_ECB,
43 .key_len = SEC_KEY_LEN_3DES_3_KEY,
44 },
45 [SEC_C_3DES_ECB_192_2KEY] = {
46 .c_alg = SEC_C_ALG_3DES,
47 .c_mode = SEC_C_MODE_ECB,
48 .key_len = SEC_KEY_LEN_3DES_2_KEY,
49 },
50 [SEC_C_3DES_CBC_192_3KEY] = {
51 .c_alg = SEC_C_ALG_3DES,
52 .c_mode = SEC_C_MODE_CBC,
53 .key_len = SEC_KEY_LEN_3DES_3_KEY,
54 },
55 [SEC_C_3DES_CBC_192_2KEY] = {
56 .c_alg = SEC_C_ALG_3DES,
57 .c_mode = SEC_C_MODE_CBC,
58 .key_len = SEC_KEY_LEN_3DES_2_KEY,
59 },
60 [SEC_C_AES_ECB_128] = {
61 .c_alg = SEC_C_ALG_AES,
62 .c_mode = SEC_C_MODE_ECB,
63 .key_len = SEC_KEY_LEN_AES_128,
64 },
65 [SEC_C_AES_ECB_192] = {
66 .c_alg = SEC_C_ALG_AES,
67 .c_mode = SEC_C_MODE_ECB,
68 .key_len = SEC_KEY_LEN_AES_192,
69 },
70 [SEC_C_AES_ECB_256] = {
71 .c_alg = SEC_C_ALG_AES,
72 .c_mode = SEC_C_MODE_ECB,
73 .key_len = SEC_KEY_LEN_AES_256,
74 },
75 [SEC_C_AES_CBC_128] = {
76 .c_alg = SEC_C_ALG_AES,
77 .c_mode = SEC_C_MODE_CBC,
78 .key_len = SEC_KEY_LEN_AES_128,
79 },
80 [SEC_C_AES_CBC_192] = {
81 .c_alg = SEC_C_ALG_AES,
82 .c_mode = SEC_C_MODE_CBC,
83 .key_len = SEC_KEY_LEN_AES_192,
84 },
85 [SEC_C_AES_CBC_256] = {
86 .c_alg = SEC_C_ALG_AES,
87 .c_mode = SEC_C_MODE_CBC,
88 .key_len = SEC_KEY_LEN_AES_256,
89 },
90 [SEC_C_AES_CTR_128] = {
91 .c_alg = SEC_C_ALG_AES,
92 .c_mode = SEC_C_MODE_CTR,
93 .key_len = SEC_KEY_LEN_AES_128,
94 },
95 [SEC_C_AES_CTR_192] = {
96 .c_alg = SEC_C_ALG_AES,
97 .c_mode = SEC_C_MODE_CTR,
98 .key_len = SEC_KEY_LEN_AES_192,
99 },
100 [SEC_C_AES_CTR_256] = {
101 .c_alg = SEC_C_ALG_AES,
102 .c_mode = SEC_C_MODE_CTR,
103 .key_len = SEC_KEY_LEN_AES_256,
104 },
105 [SEC_C_AES_XTS_128] = {
106 .c_alg = SEC_C_ALG_AES,
107 .c_mode = SEC_C_MODE_XTS,
108 .key_len = SEC_KEY_LEN_AES_128,
109 },
110 [SEC_C_AES_XTS_256] = {
111 .c_alg = SEC_C_ALG_AES,
112 .c_mode = SEC_C_MODE_XTS,
113 .key_len = SEC_KEY_LEN_AES_256,
114 },
115 [SEC_C_NULL] = {
116 },
117 };
118
119 /*
120 * Mutex used to ensure safe operation of reference count of
121 * alg providers
122 */
123 static DEFINE_MUTEX(algs_lock);
124 static unsigned int active_devs;
125
126 static void sec_alg_skcipher_init_template(struct sec_alg_tfm_ctx *ctx,
127 struct sec_bd_info *req,
128 enum sec_cipher_alg alg)
129 {
130 const struct sec_c_alg_cfg *cfg = &sec_c_alg_cfgs[alg];
131
132 memset(req, 0, sizeof(*req));
133 req->w0 |= cfg->c_mode << SEC_BD_W0_C_MODE_S;
134 req->w1 |= cfg->c_alg << SEC_BD_W1_C_ALG_S;
135 req->w3 |= cfg->key_len << SEC_BD_W3_C_KEY_LEN_S;
136 req->w0 |= cfg->c_width << SEC_BD_W0_C_WIDTH_S;
137
138 req->cipher_key_addr_lo = lower_32_bits(ctx->pkey);
139 req->cipher_key_addr_hi = upper_32_bits(ctx->pkey);
140 }
141
142 static void sec_alg_skcipher_init_context(struct crypto_skcipher *atfm,
143 const u8 *key,
144 unsigned int keylen,
145 enum sec_cipher_alg alg)
146 {
147 struct crypto_tfm *tfm = crypto_skcipher_tfm(atfm);
148 struct sec_alg_tfm_ctx *ctx = crypto_tfm_ctx(tfm);
149
150 ctx->cipher_alg = alg;
151 memcpy(ctx->key, key, keylen);
152 sec_alg_skcipher_init_template(ctx, &ctx->req_template,
153 ctx->cipher_alg);
154 }
155
156 static void sec_free_hw_sgl(struct sec_hw_sgl *hw_sgl,
157 dma_addr_t psec_sgl, struct sec_dev_info *info)
158 {
159 struct sec_hw_sgl *sgl_current, *sgl_next;
160 dma_addr_t sgl_next_dma;
161
162 sgl_current = hw_sgl;
163 while (sgl_current) {
164 sgl_next = sgl_current->next;
165 sgl_next_dma = sgl_current->next_sgl;
166
167 dma_pool_free(info->hw_sgl_pool, sgl_current, psec_sgl);
168
169 sgl_current = sgl_next;
170 psec_sgl = sgl_next_dma;
171 }
172 }
173
174 static int sec_alloc_and_fill_hw_sgl(struct sec_hw_sgl **sec_sgl,
175 dma_addr_t *psec_sgl,
176 struct scatterlist *sgl,
177 int count,
178 struct sec_dev_info *info)
179 {
180 struct sec_hw_sgl *sgl_current = NULL;
181 struct sec_hw_sgl *sgl_next;
182 dma_addr_t sgl_next_dma;
183 struct scatterlist *sg;
184 int ret, sge_index, i;
185
186 if (!count)
187 return -EINVAL;
188
189 for_each_sg(sgl, sg, count, i) {
190 sge_index = i % SEC_MAX_SGE_NUM;
191 if (sge_index == 0) {
192 sgl_next = dma_pool_zalloc(info->hw_sgl_pool,
193 GFP_KERNEL, &sgl_next_dma);
194 if (!sgl_next) {
195 ret = -ENOMEM;
196 goto err_free_hw_sgls;
197 }
198
199 if (!sgl_current) { /* First one */
200 *psec_sgl = sgl_next_dma;
201 *sec_sgl = sgl_next;
202 } else { /* Chained */
203 sgl_current->entry_sum_in_sgl = SEC_MAX_SGE_NUM;
204 sgl_current->next_sgl = sgl_next_dma;
205 sgl_current->next = sgl_next;
206 }
207 sgl_current = sgl_next;
208 }
209 sgl_current->sge_entries[sge_index].buf = sg_dma_address(sg);
210 sgl_current->sge_entries[sge_index].len = sg_dma_len(sg);
211 sgl_current->data_bytes_in_sgl += sg_dma_len(sg);
212 }
213 sgl_current->entry_sum_in_sgl = count % SEC_MAX_SGE_NUM;
214 sgl_current->next_sgl = 0;
215 (*sec_sgl)->entry_sum_in_chain = count;
216
217 return 0;
218
219 err_free_hw_sgls:
220 sec_free_hw_sgl(*sec_sgl, *psec_sgl, info);
221 *psec_sgl = 0;
222
223 return ret;
224 }
225
226 static int sec_alg_skcipher_setkey(struct crypto_skcipher *tfm,
227 const u8 *key, unsigned int keylen,
228 enum sec_cipher_alg alg)
229 {
230 struct sec_alg_tfm_ctx *ctx = crypto_skcipher_ctx(tfm);
231 struct device *dev = ctx->queue->dev_info->dev;
232
233 mutex_lock(&ctx->lock);
234 if (ctx->key) {
235 /* rekeying */
236 memset(ctx->key, 0, SEC_MAX_CIPHER_KEY);
237 } else {
238 /* new key */
239 ctx->key = dma_zalloc_coherent(dev, SEC_MAX_CIPHER_KEY,
240 &ctx->pkey, GFP_KERNEL);
241 if (!ctx->key) {
242 mutex_unlock(&ctx->lock);
243 return -ENOMEM;
244 }
245 }
246 mutex_unlock(&ctx->lock);
247 sec_alg_skcipher_init_context(tfm, key, keylen, alg);
248
249 return 0;
250 }
251
252 static int sec_alg_skcipher_setkey_aes_ecb(struct crypto_skcipher *tfm,
253 const u8 *key, unsigned int keylen)
254 {
255 enum sec_cipher_alg alg;
256
257 switch (keylen) {
258 case AES_KEYSIZE_128:
259 alg = SEC_C_AES_ECB_128;
260 break;
261 case AES_KEYSIZE_192:
262 alg = SEC_C_AES_ECB_192;
263 break;
264 case AES_KEYSIZE_256:
265 alg = SEC_C_AES_ECB_256;
266 break;
267 default:
268 return -EINVAL;
269 }
270
271 return sec_alg_skcipher_setkey(tfm, key, keylen, alg);
272 }
273
274 static int sec_alg_skcipher_setkey_aes_cbc(struct crypto_skcipher *tfm,
275 const u8 *key, unsigned int keylen)
276 {
277 enum sec_cipher_alg alg;
278
279 switch (keylen) {
280 case AES_KEYSIZE_128:
281 alg = SEC_C_AES_CBC_128;
282 break;
283 case AES_KEYSIZE_192:
284 alg = SEC_C_AES_CBC_192;
285 break;
286 case AES_KEYSIZE_256:
287 alg = SEC_C_AES_CBC_256;
288 break;
289 default:
290 return -EINVAL;
291 }
292
293 return sec_alg_skcipher_setkey(tfm, key, keylen, alg);
294 }
295
296 static int sec_alg_skcipher_setkey_aes_ctr(struct crypto_skcipher *tfm,
297 const u8 *key, unsigned int keylen)
298 {
299 enum sec_cipher_alg alg;
300
301 switch (keylen) {
302 case AES_KEYSIZE_128:
303 alg = SEC_C_AES_CTR_128;
304 break;
305 case AES_KEYSIZE_192:
306 alg = SEC_C_AES_CTR_192;
307 break;
308 case AES_KEYSIZE_256:
309 alg = SEC_C_AES_CTR_256;
310 break;
311 default:
312 return -EINVAL;
313 }
314
315 return sec_alg_skcipher_setkey(tfm, key, keylen, alg);
316 }
317
318 static int sec_alg_skcipher_setkey_aes_xts(struct crypto_skcipher *tfm,
319 const u8 *key, unsigned int keylen)
320 {
321 enum sec_cipher_alg alg;
322 int ret;
323
324 ret = xts_verify_key(tfm, key, keylen);
325 if (ret)
326 return ret;
327
328 switch (keylen) {
329 case AES_KEYSIZE_128 * 2:
330 alg = SEC_C_AES_XTS_128;
331 break;
332 case AES_KEYSIZE_256 * 2:
333 alg = SEC_C_AES_XTS_256;
334 break;
335 default:
336 return -EINVAL;
337 }
338
339 return sec_alg_skcipher_setkey(tfm, key, keylen, alg);
340 }
341
342 static int sec_alg_skcipher_setkey_des_ecb(struct crypto_skcipher *tfm,
343 const u8 *key, unsigned int keylen)
344 {
345 if (keylen != DES_KEY_SIZE)
346 return -EINVAL;
347
348 return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_ECB_64);
349 }
350
351 static int sec_alg_skcipher_setkey_des_cbc(struct crypto_skcipher *tfm,
352 const u8 *key, unsigned int keylen)
353 {
354 if (keylen != DES_KEY_SIZE)
355 return -EINVAL;
356
357 return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_CBC_64);
358 }
359
360 static int sec_alg_skcipher_setkey_3des_ecb(struct crypto_skcipher *tfm,
361 const u8 *key, unsigned int keylen)
362 {
363 if (keylen != DES_KEY_SIZE * 3)
364 return -EINVAL;
365
366 return sec_alg_skcipher_setkey(tfm, key, keylen,
367 SEC_C_3DES_ECB_192_3KEY);
368 }
369
370 static int sec_alg_skcipher_setkey_3des_cbc(struct crypto_skcipher *tfm,
371 const u8 *key, unsigned int keylen)
372 {
373 if (keylen != DES3_EDE_KEY_SIZE)
374 return -EINVAL;
375
376 return sec_alg_skcipher_setkey(tfm, key, keylen,
377 SEC_C_3DES_CBC_192_3KEY);
378 }
379
380 static void sec_alg_free_el(struct sec_request_el *el,
381 struct sec_dev_info *info)
382 {
383 sec_free_hw_sgl(el->out, el->dma_out, info);
384 sec_free_hw_sgl(el->in, el->dma_in, info);
385 kfree(el->sgl_in);
386 kfree(el->sgl_out);
387 kfree(el);
388 }
389
390 /* queuelock must be held */
391 static int sec_send_request(struct sec_request *sec_req, struct sec_queue *queue)
392 {
393 struct sec_request_el *el, *temp;
394 int ret = 0;
395
396 mutex_lock(&sec_req->lock);
397 list_for_each_entry_safe(el, temp, &sec_req->elements, head) {
398 /*
399 * Add to hardware queue only under following circumstances
400 * 1) Software and hardware queue empty so no chain dependencies
401 * 2) No dependencies as new IV - (check software queue empty
402 * to maintain order)
403 * 3) No dependencies because the mode does no chaining.
404 *
405 * In other cases first insert onto the software queue which
406 * is then emptied as requests complete
407 */
408 if (!queue->havesoftqueue ||
409 (kfifo_is_empty(&queue->softqueue) &&
410 sec_queue_empty(queue))) {
411 ret = sec_queue_send(queue, &el->req, sec_req);
412 if (ret == -EAGAIN) {
413 /* Wait unti we can send then try again */
414 /* DEAD if here - should not happen */
415 ret = -EBUSY;
416 goto err_unlock;
417 }
418 } else {
419 kfifo_put(&queue->softqueue, el);
420 }
421 }
422 err_unlock:
423 mutex_unlock(&sec_req->lock);
424
425 return ret;
426 }
427
428 static void sec_skcipher_alg_callback(struct sec_bd_info *sec_resp,
429 struct crypto_async_request *req_base)
430 {
431 struct skcipher_request *skreq = container_of(req_base,
432 struct skcipher_request,
433 base);
434 struct sec_request *sec_req = skcipher_request_ctx(skreq);
435 struct sec_request *backlog_req;
436 struct sec_request_el *sec_req_el, *nextrequest;
437 struct sec_alg_tfm_ctx *ctx = sec_req->tfm_ctx;
438 struct crypto_skcipher *atfm = crypto_skcipher_reqtfm(skreq);
439 struct device *dev = ctx->queue->dev_info->dev;
440 int icv_or_skey_en, ret;
441 bool done;
442
443 sec_req_el = list_first_entry(&sec_req->elements, struct sec_request_el,
444 head);
445 icv_or_skey_en = (sec_resp->w0 & SEC_BD_W0_ICV_OR_SKEY_EN_M) >>
446 SEC_BD_W0_ICV_OR_SKEY_EN_S;
447 if (sec_resp->w1 & SEC_BD_W1_BD_INVALID || icv_or_skey_en == 3) {
448 dev_err(dev, "Got an invalid answer %lu %d\n",
449 sec_resp->w1 & SEC_BD_W1_BD_INVALID,
450 icv_or_skey_en);
451 sec_req->err = -EINVAL;
452 /*
453 * We need to muddle on to avoid getting stuck with elements
454 * on the queue. Error will be reported so requester so
455 * it should be able to handle appropriately.
456 */
457 }
458
459 mutex_lock(&ctx->queue->queuelock);
460 /* Put the IV in place for chained cases */
461 switch (ctx->cipher_alg) {
462 case SEC_C_AES_CBC_128:
463 case SEC_C_AES_CBC_192:
464 case SEC_C_AES_CBC_256:
465 if (sec_req_el->req.w0 & SEC_BD_W0_DE)
466 sg_pcopy_to_buffer(sec_req_el->sgl_out,
467 sg_nents(sec_req_el->sgl_out),
468 skreq->iv,
469 crypto_skcipher_ivsize(atfm),
470 sec_req_el->el_length -
471 crypto_skcipher_ivsize(atfm));
472 else
473 sg_pcopy_to_buffer(sec_req_el->sgl_in,
474 sg_nents(sec_req_el->sgl_in),
475 skreq->iv,
476 crypto_skcipher_ivsize(atfm),
477 sec_req_el->el_length -
478 crypto_skcipher_ivsize(atfm));
479 /* No need to sync to the device as coherent DMA */
480 break;
481 case SEC_C_AES_CTR_128:
482 case SEC_C_AES_CTR_192:
483 case SEC_C_AES_CTR_256:
484 crypto_inc(skreq->iv, 16);
485 break;
486 default:
487 /* Do not update */
488 break;
489 }
490
491 if (ctx->queue->havesoftqueue &&
492 !kfifo_is_empty(&ctx->queue->softqueue) &&
493 sec_queue_empty(ctx->queue)) {
494 ret = kfifo_get(&ctx->queue->softqueue, &nextrequest);
495 if (ret <= 0)
496 dev_err(dev,
497 "Error getting next element from kfifo %d\n",
498 ret);
499 else
500 /* We know there is space so this cannot fail */
501 sec_queue_send(ctx->queue, &nextrequest->req,
502 nextrequest->sec_req);
503 } else if (!list_empty(&ctx->backlog)) {
504 /* Need to verify there is room first */
505 backlog_req = list_first_entry(&ctx->backlog,
506 typeof(*backlog_req),
507 backlog_head);
508 if (sec_queue_can_enqueue(ctx->queue,
509 backlog_req->num_elements) ||
510 (ctx->queue->havesoftqueue &&
511 kfifo_avail(&ctx->queue->softqueue) >
512 backlog_req->num_elements)) {
513 sec_send_request(backlog_req, ctx->queue);
514 backlog_req->req_base->complete(backlog_req->req_base,
515 -EINPROGRESS);
516 list_del(&backlog_req->backlog_head);
517 }
518 }
519 mutex_unlock(&ctx->queue->queuelock);
520
521 mutex_lock(&sec_req->lock);
522 list_del(&sec_req_el->head);
523 mutex_unlock(&sec_req->lock);
524 sec_alg_free_el(sec_req_el, ctx->queue->dev_info);
525
526 /*
527 * Request is done.
528 * The dance is needed as the lock is freed in the completion
529 */
530 mutex_lock(&sec_req->lock);
531 done = list_empty(&sec_req->elements);
532 mutex_unlock(&sec_req->lock);
533 if (done) {
534 if (crypto_skcipher_ivsize(atfm)) {
535 dma_unmap_single(dev, sec_req->dma_iv,
536 crypto_skcipher_ivsize(atfm),
537 DMA_TO_DEVICE);
538 }
539 dma_unmap_sg(dev, skreq->src, sec_req->len_in,
540 DMA_BIDIRECTIONAL);
541 if (skreq->src != skreq->dst)
542 dma_unmap_sg(dev, skreq->dst, sec_req->len_out,
543 DMA_BIDIRECTIONAL);
544 skreq->base.complete(&skreq->base, sec_req->err);
545 }
546 }
547
548 void sec_alg_callback(struct sec_bd_info *resp, void *shadow)
549 {
550 struct sec_request *sec_req = shadow;
551
552 sec_req->cb(resp, sec_req->req_base);
553 }
554
555 static int sec_alg_alloc_and_calc_split_sizes(int length, size_t **split_sizes,
556 int *steps)
557 {
558 size_t *sizes;
559 int i;
560
561 /* Split into suitable sized blocks */
562 *steps = roundup(length, SEC_REQ_LIMIT) / SEC_REQ_LIMIT;
563 sizes = kcalloc(*steps, sizeof(*sizes), GFP_KERNEL);
564 if (!sizes)
565 return -ENOMEM;
566
567 for (i = 0; i < *steps - 1; i++)
568 sizes[i] = SEC_REQ_LIMIT;
569 sizes[*steps - 1] = length - SEC_REQ_LIMIT * (*steps - 1);
570 *split_sizes = sizes;
571
572 return 0;
573 }
574
575 static int sec_map_and_split_sg(struct scatterlist *sgl, size_t *split_sizes,
576 int steps, struct scatterlist ***splits,
577 int **splits_nents,
578 int sgl_len_in,
579 struct device *dev)
580 {
581 int ret, count;
582
583 count = dma_map_sg(dev, sgl, sgl_len_in, DMA_BIDIRECTIONAL);
584 if (!count)
585 return -EINVAL;
586
587 *splits = kcalloc(steps, sizeof(struct scatterlist *), GFP_KERNEL);
588 if (!*splits) {
589 ret = -ENOMEM;
590 goto err_unmap_sg;
591 }
592 *splits_nents = kcalloc(steps, sizeof(int), GFP_KERNEL);
593 if (!*splits_nents) {
594 ret = -ENOMEM;
595 goto err_free_splits;
596 }
597
598 /* output the scatter list before and after this */
599 ret = sg_split(sgl, count, 0, steps, split_sizes,
600 *splits, *splits_nents, GFP_KERNEL);
601 if (ret) {
602 ret = -ENOMEM;
603 goto err_free_splits_nents;
604 }
605
606 return 0;
607
608 err_free_splits_nents:
609 kfree(*splits_nents);
610 err_free_splits:
611 kfree(*splits);
612 err_unmap_sg:
613 dma_unmap_sg(dev, sgl, sgl_len_in, DMA_BIDIRECTIONAL);
614
615 return ret;
616 }
617
618 /*
619 * Reverses the sec_map_and_split_sg call for messages not yet added to
620 * the queues.
621 */
622 static void sec_unmap_sg_on_err(struct scatterlist *sgl, int steps,
623 struct scatterlist **splits, int *splits_nents,
624 int sgl_len_in, struct device *dev)
625 {
626 int i;
627
628 for (i = 0; i < steps; i++)
629 kfree(splits[i]);
630 kfree(splits_nents);
631 kfree(splits);
632
633 dma_unmap_sg(dev, sgl, sgl_len_in, DMA_BIDIRECTIONAL);
634 }
635
636 static struct sec_request_el
637 *sec_alg_alloc_and_fill_el(struct sec_bd_info *template, int encrypt,
638 int el_size, bool different_dest,
639 struct scatterlist *sgl_in, int n_ents_in,
640 struct scatterlist *sgl_out, int n_ents_out,
641 struct sec_dev_info *info)
642 {
643 struct sec_request_el *el;
644 struct sec_bd_info *req;
645 int ret;
646
647 el = kzalloc(sizeof(*el), GFP_KERNEL);
648 if (!el)
649 return ERR_PTR(-ENOMEM);
650 el->el_length = el_size;
651 req = &el->req;
652 memcpy(req, template, sizeof(*req));
653
654 req->w0 &= ~SEC_BD_W0_CIPHER_M;
655 if (encrypt)
656 req->w0 |= SEC_CIPHER_ENCRYPT << SEC_BD_W0_CIPHER_S;
657 else
658 req->w0 |= SEC_CIPHER_DECRYPT << SEC_BD_W0_CIPHER_S;
659
660 req->w0 &= ~SEC_BD_W0_C_GRAN_SIZE_19_16_M;
661 req->w0 |= ((el_size >> 16) << SEC_BD_W0_C_GRAN_SIZE_19_16_S) &
662 SEC_BD_W0_C_GRAN_SIZE_19_16_M;
663
664 req->w0 &= ~SEC_BD_W0_C_GRAN_SIZE_21_20_M;
665 req->w0 |= ((el_size >> 20) << SEC_BD_W0_C_GRAN_SIZE_21_20_S) &
666 SEC_BD_W0_C_GRAN_SIZE_21_20_M;
667
668 /* Writing whole u32 so no need to take care of masking */
669 req->w2 = ((1 << SEC_BD_W2_GRAN_NUM_S) & SEC_BD_W2_GRAN_NUM_M) |
670 ((el_size << SEC_BD_W2_C_GRAN_SIZE_15_0_S) &
671 SEC_BD_W2_C_GRAN_SIZE_15_0_M);
672
673 req->w3 &= ~SEC_BD_W3_CIPHER_LEN_OFFSET_M;
674 req->w1 |= SEC_BD_W1_ADDR_TYPE;
675
676 el->sgl_in = sgl_in;
677
678 ret = sec_alloc_and_fill_hw_sgl(&el->in, &el->dma_in, el->sgl_in,
679 n_ents_in, info);
680 if (ret)
681 goto err_free_el;
682
683 req->data_addr_lo = lower_32_bits(el->dma_in);
684 req->data_addr_hi = upper_32_bits(el->dma_in);
685
686 if (different_dest) {
687 el->sgl_out = sgl_out;
688 ret = sec_alloc_and_fill_hw_sgl(&el->out, &el->dma_out,
689 el->sgl_out,
690 n_ents_out, info);
691 if (ret)
692 goto err_free_hw_sgl_in;
693
694 req->w0 |= SEC_BD_W0_DE;
695 req->cipher_destin_addr_lo = lower_32_bits(el->dma_out);
696 req->cipher_destin_addr_hi = upper_32_bits(el->dma_out);
697
698 } else {
699 req->w0 &= ~SEC_BD_W0_DE;
700 req->cipher_destin_addr_lo = lower_32_bits(el->dma_in);
701 req->cipher_destin_addr_hi = upper_32_bits(el->dma_in);
702 }
703
704 return el;
705
706 err_free_hw_sgl_in:
707 sec_free_hw_sgl(el->in, el->dma_in, info);
708 err_free_el:
709 kfree(el);
710
711 return ERR_PTR(ret);
712 }
713
714 static int sec_alg_skcipher_crypto(struct skcipher_request *skreq,
715 bool encrypt)
716 {
717 struct crypto_skcipher *atfm = crypto_skcipher_reqtfm(skreq);
718 struct crypto_tfm *tfm = crypto_skcipher_tfm(atfm);
719 struct sec_alg_tfm_ctx *ctx = crypto_tfm_ctx(tfm);
720 struct sec_queue *queue = ctx->queue;
721 struct sec_request *sec_req = skcipher_request_ctx(skreq);
722 struct sec_dev_info *info = queue->dev_info;
723 int i, ret, steps;
724 size_t *split_sizes;
725 struct scatterlist **splits_in;
726 struct scatterlist **splits_out = NULL;
727 int *splits_in_nents;
728 int *splits_out_nents = NULL;
729 struct sec_request_el *el, *temp;
730 bool split = skreq->src != skreq->dst;
731
732 mutex_init(&sec_req->lock);
733 sec_req->req_base = &skreq->base;
734 sec_req->err = 0;
735 /* SGL mapping out here to allow us to break it up as necessary */
736 sec_req->len_in = sg_nents(skreq->src);
737
738 ret = sec_alg_alloc_and_calc_split_sizes(skreq->cryptlen, &split_sizes,
739 &steps);
740 if (ret)
741 return ret;
742 sec_req->num_elements = steps;
743 ret = sec_map_and_split_sg(skreq->src, split_sizes, steps, &splits_in,
744 &splits_in_nents, sec_req->len_in,
745 info->dev);
746 if (ret)
747 goto err_free_split_sizes;
748
749 if (split) {
750 sec_req->len_out = sg_nents(skreq->dst);
751 ret = sec_map_and_split_sg(skreq->dst, split_sizes, steps,
752 &splits_out, &splits_out_nents,
753 sec_req->len_out, info->dev);
754 if (ret)
755 goto err_unmap_in_sg;
756 }
757 /* Shared info stored in seq_req - applies to all BDs */
758 sec_req->tfm_ctx = ctx;
759 sec_req->cb = sec_skcipher_alg_callback;
760 INIT_LIST_HEAD(&sec_req->elements);
761
762 /*
763 * Future optimization.
764 * In the chaining case we can't use a dma pool bounce buffer
765 * but in the case where we know there is no chaining we can
766 */
767 if (crypto_skcipher_ivsize(atfm)) {
768 sec_req->dma_iv = dma_map_single(info->dev, skreq->iv,
769 crypto_skcipher_ivsize(atfm),
770 DMA_TO_DEVICE);
771 if (dma_mapping_error(info->dev, sec_req->dma_iv)) {
772 ret = -ENOMEM;
773 goto err_unmap_out_sg;
774 }
775 }
776
777 /* Set them all up then queue - cleaner error handling. */
778 for (i = 0; i < steps; i++) {
779 el = sec_alg_alloc_and_fill_el(&ctx->req_template,
780 encrypt ? 1 : 0,
781 split_sizes[i],
782 skreq->src != skreq->dst,
783 splits_in[i], splits_in_nents[i],
784 split ? splits_out[i] : NULL,
785 split ? splits_out_nents[i] : 0,
786 info);
787 if (IS_ERR(el)) {
788 ret = PTR_ERR(el);
789 goto err_free_elements;
790 }
791 el->req.cipher_iv_addr_lo = lower_32_bits(sec_req->dma_iv);
792 el->req.cipher_iv_addr_hi = upper_32_bits(sec_req->dma_iv);
793 el->sec_req = sec_req;
794 list_add_tail(&el->head, &sec_req->elements);
795 }
796
797 /*
798 * Only attempt to queue if the whole lot can fit in the queue -
799 * we can't successfully cleanup after a partial queing so this
800 * must succeed or fail atomically.
801 *
802 * Big hammer test of both software and hardware queues - could be
803 * more refined but this is unlikely to happen so no need.
804 */
805
806 /* Grab a big lock for a long time to avoid concurrency issues */
807 mutex_lock(&queue->queuelock);
808
809 /*
810 * Can go on to queue if we have space in either:
811 * 1) The hardware queue and no software queue
812 * 2) The software queue
813 * AND there is nothing in the backlog. If there is backlog we
814 * have to only queue to the backlog queue and return busy.
815 */
816 if ((!sec_queue_can_enqueue(queue, steps) &&
817 (!queue->havesoftqueue ||
818 kfifo_avail(&queue->softqueue) > steps)) ||
819 !list_empty(&ctx->backlog)) {
820 ret = -EBUSY;
821 if ((skreq->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
822 list_add_tail(&sec_req->backlog_head, &ctx->backlog);
823 mutex_unlock(&queue->queuelock);
824 goto out;
825 }
826
827 mutex_unlock(&queue->queuelock);
828 goto err_free_elements;
829 }
830 ret = sec_send_request(sec_req, queue);
831 mutex_unlock(&queue->queuelock);
832 if (ret)
833 goto err_free_elements;
834
835 ret = -EINPROGRESS;
836 out:
837 /* Cleanup - all elements in pointer arrays have been copied */
838 kfree(splits_in_nents);
839 kfree(splits_in);
840 kfree(splits_out_nents);
841 kfree(splits_out);
842 kfree(split_sizes);
843 return ret;
844
845 err_free_elements:
846 list_for_each_entry_safe(el, temp, &sec_req->elements, head) {
847 list_del(&el->head);
848 sec_alg_free_el(el, info);
849 }
850 if (crypto_skcipher_ivsize(atfm))
851 dma_unmap_single(info->dev, sec_req->dma_iv,
852 crypto_skcipher_ivsize(atfm),
853 DMA_BIDIRECTIONAL);
854 err_unmap_out_sg:
855 if (split)
856 sec_unmap_sg_on_err(skreq->dst, steps, splits_out,
857 splits_out_nents, sec_req->len_out,
858 info->dev);
859 err_unmap_in_sg:
860 sec_unmap_sg_on_err(skreq->src, steps, splits_in, splits_in_nents,
861 sec_req->len_in, info->dev);
862 err_free_split_sizes:
863 kfree(split_sizes);
864
865 return ret;
866 }
867
868 static int sec_alg_skcipher_encrypt(struct skcipher_request *req)
869 {
870 return sec_alg_skcipher_crypto(req, true);
871 }
872
873 static int sec_alg_skcipher_decrypt(struct skcipher_request *req)
874 {
875 return sec_alg_skcipher_crypto(req, false);
876 }
877
878 static int sec_alg_skcipher_init(struct crypto_skcipher *tfm)
879 {
880 struct sec_alg_tfm_ctx *ctx = crypto_skcipher_ctx(tfm);
881
882 mutex_init(&ctx->lock);
883 INIT_LIST_HEAD(&ctx->backlog);
884 crypto_skcipher_set_reqsize(tfm, sizeof(struct sec_request));
885
886 ctx->queue = sec_queue_alloc_start_safe();
887 if (IS_ERR(ctx->queue))
888 return PTR_ERR(ctx->queue);
889
890 mutex_init(&ctx->queue->queuelock);
891 ctx->queue->havesoftqueue = false;
892
893 return 0;
894 }
895
896 static void sec_alg_skcipher_exit(struct crypto_skcipher *tfm)
897 {
898 struct sec_alg_tfm_ctx *ctx = crypto_skcipher_ctx(tfm);
899 struct device *dev = ctx->queue->dev_info->dev;
900
901 if (ctx->key) {
902 memzero_explicit(ctx->key, SEC_MAX_CIPHER_KEY);
903 dma_free_coherent(dev, SEC_MAX_CIPHER_KEY, ctx->key,
904 ctx->pkey);
905 }
906 sec_queue_stop_release(ctx->queue);
907 }
908
909 static int sec_alg_skcipher_init_with_queue(struct crypto_skcipher *tfm)
910 {
911 struct sec_alg_tfm_ctx *ctx = crypto_skcipher_ctx(tfm);
912 int ret;
913
914 ret = sec_alg_skcipher_init(tfm);
915 if (ret)
916 return ret;
917
918 INIT_KFIFO(ctx->queue->softqueue);
919 ret = kfifo_alloc(&ctx->queue->softqueue, 512, GFP_KERNEL);
920 if (ret) {
921 sec_alg_skcipher_exit(tfm);
922 return ret;
923 }
924 ctx->queue->havesoftqueue = true;
925
926 return 0;
927 }
928
929 static void sec_alg_skcipher_exit_with_queue(struct crypto_skcipher *tfm)
930 {
931 struct sec_alg_tfm_ctx *ctx = crypto_skcipher_ctx(tfm);
932
933 kfifo_free(&ctx->queue->softqueue);
934 sec_alg_skcipher_exit(tfm);
935 }
936
937 static struct skcipher_alg sec_algs[] = {
938 {
939 .base = {
940 .cra_name = "ecb(aes)",
941 .cra_driver_name = "hisi_sec_aes_ecb",
942 .cra_priority = 4001,
943 .cra_flags = CRYPTO_ALG_ASYNC,
944 .cra_blocksize = AES_BLOCK_SIZE,
945 .cra_ctxsize = sizeof(struct sec_alg_tfm_ctx),
946 .cra_alignmask = 0,
947 .cra_module = THIS_MODULE,
948 },
949 .init = sec_alg_skcipher_init,
950 .exit = sec_alg_skcipher_exit,
951 .setkey = sec_alg_skcipher_setkey_aes_ecb,
952 .decrypt = sec_alg_skcipher_decrypt,
953 .encrypt = sec_alg_skcipher_encrypt,
954 .min_keysize = AES_MIN_KEY_SIZE,
955 .max_keysize = AES_MAX_KEY_SIZE,
956 .ivsize = 0,
957 }, {
958 .base = {
959 .cra_name = "cbc(aes)",
960 .cra_driver_name = "hisi_sec_aes_cbc",
961 .cra_priority = 4001,
962 .cra_flags = CRYPTO_ALG_ASYNC,
963 .cra_blocksize = AES_BLOCK_SIZE,
964 .cra_ctxsize = sizeof(struct sec_alg_tfm_ctx),
965 .cra_alignmask = 0,
966 .cra_module = THIS_MODULE,
967 },
968 .init = sec_alg_skcipher_init_with_queue,
969 .exit = sec_alg_skcipher_exit_with_queue,
970 .setkey = sec_alg_skcipher_setkey_aes_cbc,
971 .decrypt = sec_alg_skcipher_decrypt,
972 .encrypt = sec_alg_skcipher_encrypt,
973 .min_keysize = AES_MIN_KEY_SIZE,
974 .max_keysize = AES_MAX_KEY_SIZE,
975 .ivsize = AES_BLOCK_SIZE,
976 }, {
977 .base = {
978 .cra_name = "ctr(aes)",
979 .cra_driver_name = "hisi_sec_aes_ctr",
980 .cra_priority = 4001,
981 .cra_flags = CRYPTO_ALG_ASYNC,
982 .cra_blocksize = AES_BLOCK_SIZE,
983 .cra_ctxsize = sizeof(struct sec_alg_tfm_ctx),
984 .cra_alignmask = 0,
985 .cra_module = THIS_MODULE,
986 },
987 .init = sec_alg_skcipher_init_with_queue,
988 .exit = sec_alg_skcipher_exit_with_queue,
989 .setkey = sec_alg_skcipher_setkey_aes_ctr,
990 .decrypt = sec_alg_skcipher_decrypt,
991 .encrypt = sec_alg_skcipher_encrypt,
992 .min_keysize = AES_MIN_KEY_SIZE,
993 .max_keysize = AES_MAX_KEY_SIZE,
994 .ivsize = AES_BLOCK_SIZE,
995 }, {
996 .base = {
997 .cra_name = "xts(aes)",
998 .cra_driver_name = "hisi_sec_aes_xts",
999 .cra_priority = 4001,
1000 .cra_flags = CRYPTO_ALG_ASYNC,
1001 .cra_blocksize = AES_BLOCK_SIZE,
1002 .cra_ctxsize = sizeof(struct sec_alg_tfm_ctx),
1003 .cra_alignmask = 0,
1004 .cra_module = THIS_MODULE,
1005 },
1006 .init = sec_alg_skcipher_init,
1007 .exit = sec_alg_skcipher_exit,
1008 .setkey = sec_alg_skcipher_setkey_aes_xts,
1009 .decrypt = sec_alg_skcipher_decrypt,
1010 .encrypt = sec_alg_skcipher_encrypt,
1011 .min_keysize = 2 * AES_MIN_KEY_SIZE,
1012 .max_keysize = 2 * AES_MAX_KEY_SIZE,
1013 .ivsize = AES_BLOCK_SIZE,
1014 }, {
1015 /* Unable to find any test vectors so untested */
1016 .base = {
1017 .cra_name = "ecb(des)",
1018 .cra_driver_name = "hisi_sec_des_ecb",
1019 .cra_priority = 4001,
1020 .cra_flags = CRYPTO_ALG_ASYNC,
1021 .cra_blocksize = DES_BLOCK_SIZE,
1022 .cra_ctxsize = sizeof(struct sec_alg_tfm_ctx),
1023 .cra_alignmask = 0,
1024 .cra_module = THIS_MODULE,
1025 },
1026 .init = sec_alg_skcipher_init,
1027 .exit = sec_alg_skcipher_exit,
1028 .setkey = sec_alg_skcipher_setkey_des_ecb,
1029 .decrypt = sec_alg_skcipher_decrypt,
1030 .encrypt = sec_alg_skcipher_encrypt,
1031 .min_keysize = DES_KEY_SIZE,
1032 .max_keysize = DES_KEY_SIZE,
1033 .ivsize = 0,
1034 }, {
1035 .base = {
1036 .cra_name = "cbc(des)",
1037 .cra_driver_name = "hisi_sec_des_cbc",
1038 .cra_priority = 4001,
1039 .cra_flags = CRYPTO_ALG_ASYNC,
1040 .cra_blocksize = DES_BLOCK_SIZE,
1041 .cra_ctxsize = sizeof(struct sec_alg_tfm_ctx),
1042 .cra_alignmask = 0,
1043 .cra_module = THIS_MODULE,
1044 },
1045 .init = sec_alg_skcipher_init_with_queue,
1046 .exit = sec_alg_skcipher_exit_with_queue,
1047 .setkey = sec_alg_skcipher_setkey_des_cbc,
1048 .decrypt = sec_alg_skcipher_decrypt,
1049 .encrypt = sec_alg_skcipher_encrypt,
1050 .min_keysize = DES_KEY_SIZE,
1051 .max_keysize = DES_KEY_SIZE,
1052 .ivsize = DES_BLOCK_SIZE,
1053 }, {
1054 .base = {
1055 .cra_name = "cbc(des3_ede)",
1056 .cra_driver_name = "hisi_sec_3des_cbc",
1057 .cra_priority = 4001,
1058 .cra_flags = CRYPTO_ALG_ASYNC,
1059 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1060 .cra_ctxsize = sizeof(struct sec_alg_tfm_ctx),
1061 .cra_alignmask = 0,
1062 .cra_module = THIS_MODULE,
1063 },
1064 .init = sec_alg_skcipher_init_with_queue,
1065 .exit = sec_alg_skcipher_exit_with_queue,
1066 .setkey = sec_alg_skcipher_setkey_3des_cbc,
1067 .decrypt = sec_alg_skcipher_decrypt,
1068 .encrypt = sec_alg_skcipher_encrypt,
1069 .min_keysize = DES3_EDE_KEY_SIZE,
1070 .max_keysize = DES3_EDE_KEY_SIZE,
1071 .ivsize = DES3_EDE_BLOCK_SIZE,
1072 }, {
1073 .base = {
1074 .cra_name = "ecb(des3_ede)",
1075 .cra_driver_name = "hisi_sec_3des_ecb",
1076 .cra_priority = 4001,
1077 .cra_flags = CRYPTO_ALG_ASYNC,
1078 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1079 .cra_ctxsize = sizeof(struct sec_alg_tfm_ctx),
1080 .cra_alignmask = 0,
1081 .cra_module = THIS_MODULE,
1082 },
1083 .init = sec_alg_skcipher_init,
1084 .exit = sec_alg_skcipher_exit,
1085 .setkey = sec_alg_skcipher_setkey_3des_ecb,
1086 .decrypt = sec_alg_skcipher_decrypt,
1087 .encrypt = sec_alg_skcipher_encrypt,
1088 .min_keysize = DES3_EDE_KEY_SIZE,
1089 .max_keysize = DES3_EDE_KEY_SIZE,
1090 .ivsize = 0,
1091 }
1092 };
1093
1094 int sec_algs_register(void)
1095 {
1096 int ret = 0;
1097
1098 mutex_lock(&algs_lock);
1099 if (++active_devs != 1)
1100 goto unlock;
1101
1102 ret = crypto_register_skciphers(sec_algs, ARRAY_SIZE(sec_algs));
1103 if (ret)
1104 --active_devs;
1105 unlock:
1106 mutex_unlock(&algs_lock);
1107
1108 return ret;
1109 }
1110
1111 void sec_algs_unregister(void)
1112 {
1113 mutex_lock(&algs_lock);
1114 if (--active_devs != 0)
1115 goto unlock;
1116 crypto_unregister_skciphers(sec_algs, ARRAY_SIZE(sec_algs));
1117
1118 unlock:
1119 mutex_unlock(&algs_lock);
1120 }
Linux with added FPC-III support