2 * Copyright (c) 2010-2011 Picochip Ltd., Jamie Iles
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 #include <crypto/internal/aead.h>
19 #include <crypto/aes.h>
20 #include <crypto/algapi.h>
21 #include <crypto/authenc.h>
22 #include <crypto/des.h>
23 #include <crypto/md5.h>
24 #include <crypto/sha.h>
25 #include <crypto/internal/skcipher.h>
26 #include <linux/clk.h>
27 #include <linux/crypto.h>
28 #include <linux/delay.h>
29 #include <linux/dma-mapping.h>
30 #include <linux/dmapool.h>
31 #include <linux/err.h>
32 #include <linux/init.h>
33 #include <linux/interrupt.h>
35 #include <linux/list.h>
36 #include <linux/module.h>
38 #include <linux/platform_device.h>
40 #include <linux/rtnetlink.h>
41 #include <linux/scatterlist.h>
42 #include <linux/sched.h>
43 #include <linux/sizes.h>
44 #include <linux/slab.h>
45 #include <linux/timer.h>
47 #include "picoxcell_crypto_regs.h"
50 * The threshold for the number of entries in the CMD FIFO available before
51 * the CMD0_CNT interrupt is raised. Increasing this value will reduce the
52 * number of interrupts raised to the CPU.
54 #define CMD0_IRQ_THRESHOLD 1
57 * The timeout period (in jiffies) for a PDU. When the the number of PDUs in
58 * flight is greater than the STAT_IRQ_THRESHOLD or 0 the timer is disabled.
59 * When there are packets in flight but lower than the threshold, we enable
60 * the timer and at expiry, attempt to remove any processed packets from the
61 * queue and if there are still packets left, schedule the timer again.
63 #define PACKET_TIMEOUT 1
65 /* The priority to register each algorithm with. */
66 #define SPACC_CRYPTO_ALG_PRIORITY 10000
68 #define SPACC_CRYPTO_KASUMI_F8_KEY_LEN 16
69 #define SPACC_CRYPTO_IPSEC_CIPHER_PG_SZ 64
70 #define SPACC_CRYPTO_IPSEC_HASH_PG_SZ 64
71 #define SPACC_CRYPTO_IPSEC_MAX_CTXS 32
72 #define SPACC_CRYPTO_IPSEC_FIFO_SZ 32
73 #define SPACC_CRYPTO_L2_CIPHER_PG_SZ 64
74 #define SPACC_CRYPTO_L2_HASH_PG_SZ 64
75 #define SPACC_CRYPTO_L2_MAX_CTXS 128
76 #define SPACC_CRYPTO_L2_FIFO_SZ 128
78 #define MAX_DDT_LEN 16
80 /* DDT format. This must match the hardware DDT format exactly. */
87 * Asynchronous crypto request structure.
89 * This structure defines a request that is either queued for processing or
93 struct list_head list
;
94 struct spacc_engine
*engine
;
95 struct crypto_async_request
*req
;
99 dma_addr_t src_addr
, dst_addr
;
100 struct spacc_ddt
*src_ddt
, *dst_ddt
;
101 void (*complete
)(struct spacc_req
*req
);
105 unsigned long ctrl_default
;
108 struct spacc_engine
*engine
;
109 struct list_head entry
;
114 struct spacc_engine
{
116 struct list_head pending
;
120 struct list_head completed
;
121 struct list_head in_progress
;
122 struct tasklet_struct complete
;
123 unsigned long fifo_sz
;
124 void __iomem
*cipher_ctx_base
;
125 void __iomem
*hash_key_base
;
126 struct spacc_alg
*algs
;
128 struct list_head registered_algs
;
129 struct spacc_aead
*aeads
;
131 struct list_head registered_aeads
;
138 struct timer_list packet_timeout
;
139 unsigned stat_irq_thresh
;
140 struct dma_pool
*req_pool
;
143 /* Algorithm type mask. */
144 #define SPACC_CRYPTO_ALG_MASK 0x7
146 /* SPACC definition of a crypto algorithm. */
148 unsigned long ctrl_default
;
150 struct crypto_alg alg
;
151 struct spacc_engine
*engine
;
152 struct list_head entry
;
157 /* Generic context structure for any algorithm type. */
158 struct spacc_generic_ctx
{
159 struct spacc_engine
*engine
;
165 /* Block cipher context. */
166 struct spacc_ablk_ctx
{
167 struct spacc_generic_ctx generic
;
168 u8 key
[AES_MAX_KEY_SIZE
];
171 * The fallback cipher. If the operation can't be done in hardware,
172 * fallback to a software version.
174 struct crypto_skcipher
*sw_cipher
;
177 /* AEAD cipher context. */
178 struct spacc_aead_ctx
{
179 struct spacc_generic_ctx generic
;
180 u8 cipher_key
[AES_MAX_KEY_SIZE
];
181 u8 hash_ctx
[SPACC_CRYPTO_IPSEC_HASH_PG_SZ
];
184 struct crypto_aead
*sw_cipher
;
187 static int spacc_ablk_submit(struct spacc_req
*req
);
189 static inline struct spacc_alg
*to_spacc_alg(struct crypto_alg
*alg
)
191 return alg
? container_of(alg
, struct spacc_alg
, alg
) : NULL
;
194 static inline struct spacc_aead
*to_spacc_aead(struct aead_alg
*alg
)
196 return container_of(alg
, struct spacc_aead
, alg
);
199 static inline int spacc_fifo_cmd_full(struct spacc_engine
*engine
)
201 u32 fifo_stat
= readl(engine
->regs
+ SPA_FIFO_STAT_REG_OFFSET
);
203 return fifo_stat
& SPA_FIFO_CMD_FULL
;
207 * Given a cipher context, and a context number, get the base address of the
210 * Returns the address of the context page where the key/context may
213 static inline void __iomem
*spacc_ctx_page_addr(struct spacc_generic_ctx
*ctx
,
217 return is_cipher_ctx
? ctx
->engine
->cipher_ctx_base
+
218 (indx
* ctx
->engine
->cipher_pg_sz
) :
219 ctx
->engine
->hash_key_base
+ (indx
* ctx
->engine
->hash_pg_sz
);
222 /* The context pages can only be written with 32-bit accesses. */
223 static inline void memcpy_toio32(u32 __iomem
*dst
, const void *src
,
226 const u32
*src32
= (const u32
*) src
;
229 writel(*src32
++, dst
++);
232 static void spacc_cipher_write_ctx(struct spacc_generic_ctx
*ctx
,
233 void __iomem
*page_addr
, const u8
*key
,
234 size_t key_len
, const u8
*iv
, size_t iv_len
)
236 void __iomem
*key_ptr
= page_addr
+ ctx
->key_offs
;
237 void __iomem
*iv_ptr
= page_addr
+ ctx
->iv_offs
;
239 memcpy_toio32(key_ptr
, key
, key_len
/ 4);
240 memcpy_toio32(iv_ptr
, iv
, iv_len
/ 4);
244 * Load a context into the engines context memory.
246 * Returns the index of the context page where the context was loaded.
248 static unsigned spacc_load_ctx(struct spacc_generic_ctx
*ctx
,
249 const u8
*ciph_key
, size_t ciph_len
,
250 const u8
*iv
, size_t ivlen
, const u8
*hash_key
,
253 unsigned indx
= ctx
->engine
->next_ctx
++;
254 void __iomem
*ciph_page_addr
, *hash_page_addr
;
256 ciph_page_addr
= spacc_ctx_page_addr(ctx
, indx
, 1);
257 hash_page_addr
= spacc_ctx_page_addr(ctx
, indx
, 0);
259 ctx
->engine
->next_ctx
&= ctx
->engine
->fifo_sz
- 1;
260 spacc_cipher_write_ctx(ctx
, ciph_page_addr
, ciph_key
, ciph_len
, iv
,
262 writel(ciph_len
| (indx
<< SPA_KEY_SZ_CTX_INDEX_OFFSET
) |
263 (1 << SPA_KEY_SZ_CIPHER_OFFSET
),
264 ctx
->engine
->regs
+ SPA_KEY_SZ_REG_OFFSET
);
267 memcpy_toio32(hash_page_addr
, hash_key
, hash_len
/ 4);
268 writel(hash_len
| (indx
<< SPA_KEY_SZ_CTX_INDEX_OFFSET
),
269 ctx
->engine
->regs
+ SPA_KEY_SZ_REG_OFFSET
);
275 static inline void ddt_set(struct spacc_ddt
*ddt
, dma_addr_t phys
, size_t len
)
282 * Take a crypto request and scatterlists for the data and turn them into DDTs
283 * for passing to the crypto engines. This also DMA maps the data so that the
284 * crypto engines can DMA to/from them.
286 static struct spacc_ddt
*spacc_sg_to_ddt(struct spacc_engine
*engine
,
287 struct scatterlist
*payload
,
289 enum dma_data_direction dir
,
290 dma_addr_t
*ddt_phys
)
292 unsigned mapped_ents
;
293 struct scatterlist
*cur
;
294 struct spacc_ddt
*ddt
;
298 nents
= sg_nents_for_len(payload
, nbytes
);
300 dev_err(engine
->dev
, "Invalid numbers of SG.\n");
303 mapped_ents
= dma_map_sg(engine
->dev
, payload
, nents
, dir
);
305 if (mapped_ents
+ 1 > MAX_DDT_LEN
)
308 ddt
= dma_pool_alloc(engine
->req_pool
, GFP_ATOMIC
, ddt_phys
);
312 for_each_sg(payload
, cur
, mapped_ents
, i
)
313 ddt_set(&ddt
[i
], sg_dma_address(cur
), sg_dma_len(cur
));
314 ddt_set(&ddt
[mapped_ents
], 0, 0);
319 dma_unmap_sg(engine
->dev
, payload
, nents
, dir
);
323 static int spacc_aead_make_ddts(struct aead_request
*areq
)
325 struct crypto_aead
*aead
= crypto_aead_reqtfm(areq
);
326 struct spacc_req
*req
= aead_request_ctx(areq
);
327 struct spacc_engine
*engine
= req
->engine
;
328 struct spacc_ddt
*src_ddt
, *dst_ddt
;
330 int src_nents
, dst_nents
;
331 struct scatterlist
*cur
;
332 int i
, dst_ents
, src_ents
;
334 total
= areq
->assoclen
+ areq
->cryptlen
;
336 total
+= crypto_aead_authsize(aead
);
338 src_nents
= sg_nents_for_len(areq
->src
, total
);
340 dev_err(engine
->dev
, "Invalid numbers of src SG.\n");
343 if (src_nents
+ 1 > MAX_DDT_LEN
)
347 if (areq
->src
!= areq
->dst
) {
348 dst_nents
= sg_nents_for_len(areq
->dst
, total
);
350 dev_err(engine
->dev
, "Invalid numbers of dst SG.\n");
353 if (src_nents
+ 1 > MAX_DDT_LEN
)
357 src_ddt
= dma_pool_alloc(engine
->req_pool
, GFP_ATOMIC
, &req
->src_addr
);
361 dst_ddt
= dma_pool_alloc(engine
->req_pool
, GFP_ATOMIC
, &req
->dst_addr
);
365 req
->src_ddt
= src_ddt
;
366 req
->dst_ddt
= dst_ddt
;
369 src_ents
= dma_map_sg(engine
->dev
, areq
->src
, src_nents
,
374 dst_ents
= dma_map_sg(engine
->dev
, areq
->dst
, dst_nents
,
378 dma_unmap_sg(engine
->dev
, areq
->src
, src_nents
,
383 src_ents
= dma_map_sg(engine
->dev
, areq
->src
, src_nents
,
391 * Now map in the payload for the source and destination and terminate
392 * with the NULL pointers.
394 for_each_sg(areq
->src
, cur
, src_ents
, i
)
395 ddt_set(src_ddt
++, sg_dma_address(cur
), sg_dma_len(cur
));
397 /* For decryption we need to skip the associated data. */
398 total
= req
->is_encrypt
? 0 : areq
->assoclen
;
399 for_each_sg(areq
->dst
, cur
, dst_ents
, i
) {
400 unsigned len
= sg_dma_len(cur
);
407 ddt_set(dst_ddt
++, sg_dma_address(cur
) + total
, len
- total
);
410 ddt_set(src_ddt
, 0, 0);
411 ddt_set(dst_ddt
, 0, 0);
416 dma_pool_free(engine
->req_pool
, dst_ddt
, req
->dst_addr
);
418 dma_pool_free(engine
->req_pool
, src_ddt
, req
->src_addr
);
423 static void spacc_aead_free_ddts(struct spacc_req
*req
)
425 struct aead_request
*areq
= container_of(req
->req
, struct aead_request
,
427 struct crypto_aead
*aead
= crypto_aead_reqtfm(areq
);
428 unsigned total
= areq
->assoclen
+ areq
->cryptlen
+
429 (req
->is_encrypt
? crypto_aead_authsize(aead
) : 0);
430 struct spacc_aead_ctx
*aead_ctx
= crypto_aead_ctx(aead
);
431 struct spacc_engine
*engine
= aead_ctx
->generic
.engine
;
432 int nents
= sg_nents_for_len(areq
->src
, total
);
434 /* sg_nents_for_len should not fail since it works when mapping sg */
435 if (unlikely(nents
< 0)) {
436 dev_err(engine
->dev
, "Invalid numbers of src SG.\n");
440 if (areq
->src
!= areq
->dst
) {
441 dma_unmap_sg(engine
->dev
, areq
->src
, nents
, DMA_TO_DEVICE
);
442 nents
= sg_nents_for_len(areq
->dst
, total
);
443 if (unlikely(nents
< 0)) {
444 dev_err(engine
->dev
, "Invalid numbers of dst SG.\n");
447 dma_unmap_sg(engine
->dev
, areq
->dst
, nents
, DMA_FROM_DEVICE
);
449 dma_unmap_sg(engine
->dev
, areq
->src
, nents
, DMA_BIDIRECTIONAL
);
451 dma_pool_free(engine
->req_pool
, req
->src_ddt
, req
->src_addr
);
452 dma_pool_free(engine
->req_pool
, req
->dst_ddt
, req
->dst_addr
);
455 static void spacc_free_ddt(struct spacc_req
*req
, struct spacc_ddt
*ddt
,
456 dma_addr_t ddt_addr
, struct scatterlist
*payload
,
457 unsigned nbytes
, enum dma_data_direction dir
)
459 int nents
= sg_nents_for_len(payload
, nbytes
);
462 dev_err(req
->engine
->dev
, "Invalid numbers of SG.\n");
466 dma_unmap_sg(req
->engine
->dev
, payload
, nents
, dir
);
467 dma_pool_free(req
->engine
->req_pool
, ddt
, ddt_addr
);
470 static int spacc_aead_setkey(struct crypto_aead
*tfm
, const u8
*key
,
473 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(tfm
);
474 struct crypto_authenc_keys keys
;
477 crypto_aead_clear_flags(ctx
->sw_cipher
, CRYPTO_TFM_REQ_MASK
);
478 crypto_aead_set_flags(ctx
->sw_cipher
, crypto_aead_get_flags(tfm
) &
479 CRYPTO_TFM_REQ_MASK
);
480 err
= crypto_aead_setkey(ctx
->sw_cipher
, key
, keylen
);
481 crypto_aead_clear_flags(tfm
, CRYPTO_TFM_RES_MASK
);
482 crypto_aead_set_flags(tfm
, crypto_aead_get_flags(ctx
->sw_cipher
) &
483 CRYPTO_TFM_RES_MASK
);
487 if (crypto_authenc_extractkeys(&keys
, key
, keylen
) != 0)
490 if (keys
.enckeylen
> AES_MAX_KEY_SIZE
)
493 if (keys
.authkeylen
> sizeof(ctx
->hash_ctx
))
496 memcpy(ctx
->cipher_key
, keys
.enckey
, keys
.enckeylen
);
497 ctx
->cipher_key_len
= keys
.enckeylen
;
499 memcpy(ctx
->hash_ctx
, keys
.authkey
, keys
.authkeylen
);
500 ctx
->hash_key_len
= keys
.authkeylen
;
502 memzero_explicit(&keys
, sizeof(keys
));
506 crypto_aead_set_flags(tfm
, CRYPTO_TFM_RES_BAD_KEY_LEN
);
507 memzero_explicit(&keys
, sizeof(keys
));
511 static int spacc_aead_setauthsize(struct crypto_aead
*tfm
,
512 unsigned int authsize
)
514 struct spacc_aead_ctx
*ctx
= crypto_tfm_ctx(crypto_aead_tfm(tfm
));
516 return crypto_aead_setauthsize(ctx
->sw_cipher
, authsize
);
520 * Check if an AEAD request requires a fallback operation. Some requests can't
521 * be completed in hardware because the hardware may not support certain key
522 * sizes. In these cases we need to complete the request in software.
524 static int spacc_aead_need_fallback(struct aead_request
*aead_req
)
526 struct crypto_aead
*aead
= crypto_aead_reqtfm(aead_req
);
527 struct aead_alg
*alg
= crypto_aead_alg(aead
);
528 struct spacc_aead
*spacc_alg
= to_spacc_aead(alg
);
529 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(aead
);
532 * If we have a non-supported key-length, then we need to do a
535 if ((spacc_alg
->ctrl_default
& SPACC_CRYPTO_ALG_MASK
) ==
536 SPA_CTRL_CIPH_ALG_AES
&&
537 ctx
->cipher_key_len
!= AES_KEYSIZE_128
&&
538 ctx
->cipher_key_len
!= AES_KEYSIZE_256
)
544 static int spacc_aead_do_fallback(struct aead_request
*req
, unsigned alg_type
,
547 struct crypto_tfm
*old_tfm
= crypto_aead_tfm(crypto_aead_reqtfm(req
));
548 struct spacc_aead_ctx
*ctx
= crypto_tfm_ctx(old_tfm
);
549 struct aead_request
*subreq
= aead_request_ctx(req
);
551 aead_request_set_tfm(subreq
, ctx
->sw_cipher
);
552 aead_request_set_callback(subreq
, req
->base
.flags
,
553 req
->base
.complete
, req
->base
.data
);
554 aead_request_set_crypt(subreq
, req
->src
, req
->dst
, req
->cryptlen
,
556 aead_request_set_ad(subreq
, req
->assoclen
);
558 return is_encrypt
? crypto_aead_encrypt(subreq
) :
559 crypto_aead_decrypt(subreq
);
562 static void spacc_aead_complete(struct spacc_req
*req
)
564 spacc_aead_free_ddts(req
);
565 req
->req
->complete(req
->req
, req
->result
);
568 static int spacc_aead_submit(struct spacc_req
*req
)
570 struct aead_request
*aead_req
=
571 container_of(req
->req
, struct aead_request
, base
);
572 struct crypto_aead
*aead
= crypto_aead_reqtfm(aead_req
);
573 unsigned int authsize
= crypto_aead_authsize(aead
);
574 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(aead
);
575 struct aead_alg
*alg
= crypto_aead_alg(aead
);
576 struct spacc_aead
*spacc_alg
= to_spacc_aead(alg
);
577 struct spacc_engine
*engine
= ctx
->generic
.engine
;
578 u32 ctrl
, proc_len
, assoc_len
;
580 req
->result
= -EINPROGRESS
;
581 req
->ctx_id
= spacc_load_ctx(&ctx
->generic
, ctx
->cipher_key
,
582 ctx
->cipher_key_len
, aead_req
->iv
, crypto_aead_ivsize(aead
),
583 ctx
->hash_ctx
, ctx
->hash_key_len
);
585 /* Set the source and destination DDT pointers. */
586 writel(req
->src_addr
, engine
->regs
+ SPA_SRC_PTR_REG_OFFSET
);
587 writel(req
->dst_addr
, engine
->regs
+ SPA_DST_PTR_REG_OFFSET
);
588 writel(0, engine
->regs
+ SPA_OFFSET_REG_OFFSET
);
590 assoc_len
= aead_req
->assoclen
;
591 proc_len
= aead_req
->cryptlen
+ assoc_len
;
594 * If we are decrypting, we need to take the length of the ICV out of
595 * the processing length.
597 if (!req
->is_encrypt
)
598 proc_len
-= authsize
;
600 writel(proc_len
, engine
->regs
+ SPA_PROC_LEN_REG_OFFSET
);
601 writel(assoc_len
, engine
->regs
+ SPA_AAD_LEN_REG_OFFSET
);
602 writel(authsize
, engine
->regs
+ SPA_ICV_LEN_REG_OFFSET
);
603 writel(0, engine
->regs
+ SPA_ICV_OFFSET_REG_OFFSET
);
604 writel(0, engine
->regs
+ SPA_AUX_INFO_REG_OFFSET
);
606 ctrl
= spacc_alg
->ctrl_default
| (req
->ctx_id
<< SPA_CTRL_CTX_IDX
) |
607 (1 << SPA_CTRL_ICV_APPEND
);
609 ctrl
|= (1 << SPA_CTRL_ENCRYPT_IDX
) | (1 << SPA_CTRL_AAD_COPY
);
611 ctrl
|= (1 << SPA_CTRL_KEY_EXP
);
613 mod_timer(&engine
->packet_timeout
, jiffies
+ PACKET_TIMEOUT
);
615 writel(ctrl
, engine
->regs
+ SPA_CTRL_REG_OFFSET
);
620 static int spacc_req_submit(struct spacc_req
*req
);
622 static void spacc_push(struct spacc_engine
*engine
)
624 struct spacc_req
*req
;
626 while (!list_empty(&engine
->pending
) &&
627 engine
->in_flight
+ 1 <= engine
->fifo_sz
) {
630 req
= list_first_entry(&engine
->pending
, struct spacc_req
,
632 list_move_tail(&req
->list
, &engine
->in_progress
);
634 req
->result
= spacc_req_submit(req
);
639 * Setup an AEAD request for processing. This will configure the engine, load
640 * the context and then start the packet processing.
642 static int spacc_aead_setup(struct aead_request
*req
,
643 unsigned alg_type
, bool is_encrypt
)
645 struct crypto_aead
*aead
= crypto_aead_reqtfm(req
);
646 struct aead_alg
*alg
= crypto_aead_alg(aead
);
647 struct spacc_engine
*engine
= to_spacc_aead(alg
)->engine
;
648 struct spacc_req
*dev_req
= aead_request_ctx(req
);
652 dev_req
->req
= &req
->base
;
653 dev_req
->is_encrypt
= is_encrypt
;
654 dev_req
->result
= -EBUSY
;
655 dev_req
->engine
= engine
;
656 dev_req
->complete
= spacc_aead_complete
;
658 if (unlikely(spacc_aead_need_fallback(req
) ||
659 ((err
= spacc_aead_make_ddts(req
)) == -E2BIG
)))
660 return spacc_aead_do_fallback(req
, alg_type
, is_encrypt
);
666 spin_lock_irqsave(&engine
->hw_lock
, flags
);
667 if (unlikely(spacc_fifo_cmd_full(engine
)) ||
668 engine
->in_flight
+ 1 > engine
->fifo_sz
) {
669 if (!(req
->base
.flags
& CRYPTO_TFM_REQ_MAY_BACKLOG
)) {
671 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
674 list_add_tail(&dev_req
->list
, &engine
->pending
);
676 list_add_tail(&dev_req
->list
, &engine
->pending
);
679 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
684 spacc_aead_free_ddts(dev_req
);
689 static int spacc_aead_encrypt(struct aead_request
*req
)
691 struct crypto_aead
*aead
= crypto_aead_reqtfm(req
);
692 struct spacc_aead
*alg
= to_spacc_aead(crypto_aead_alg(aead
));
694 return spacc_aead_setup(req
, alg
->type
, 1);
697 static int spacc_aead_decrypt(struct aead_request
*req
)
699 struct crypto_aead
*aead
= crypto_aead_reqtfm(req
);
700 struct spacc_aead
*alg
= to_spacc_aead(crypto_aead_alg(aead
));
702 return spacc_aead_setup(req
, alg
->type
, 0);
706 * Initialise a new AEAD context. This is responsible for allocating the
707 * fallback cipher and initialising the context.
709 static int spacc_aead_cra_init(struct crypto_aead
*tfm
)
711 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(tfm
);
712 struct aead_alg
*alg
= crypto_aead_alg(tfm
);
713 struct spacc_aead
*spacc_alg
= to_spacc_aead(alg
);
714 struct spacc_engine
*engine
= spacc_alg
->engine
;
716 ctx
->generic
.flags
= spacc_alg
->type
;
717 ctx
->generic
.engine
= engine
;
718 ctx
->sw_cipher
= crypto_alloc_aead(alg
->base
.cra_name
, 0,
719 CRYPTO_ALG_NEED_FALLBACK
);
720 if (IS_ERR(ctx
->sw_cipher
))
721 return PTR_ERR(ctx
->sw_cipher
);
722 ctx
->generic
.key_offs
= spacc_alg
->key_offs
;
723 ctx
->generic
.iv_offs
= spacc_alg
->iv_offs
;
725 crypto_aead_set_reqsize(
727 max(sizeof(struct spacc_req
),
728 sizeof(struct aead_request
) +
729 crypto_aead_reqsize(ctx
->sw_cipher
)));
735 * Destructor for an AEAD context. This is called when the transform is freed
736 * and must free the fallback cipher.
738 static void spacc_aead_cra_exit(struct crypto_aead
*tfm
)
740 struct spacc_aead_ctx
*ctx
= crypto_aead_ctx(tfm
);
742 crypto_free_aead(ctx
->sw_cipher
);
746 * Set the DES key for a block cipher transform. This also performs weak key
747 * checking if the transform has requested it.
749 static int spacc_des_setkey(struct crypto_ablkcipher
*cipher
, const u8
*key
,
752 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
753 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
754 u32 tmp
[DES_EXPKEY_WORDS
];
756 if (len
> DES3_EDE_KEY_SIZE
) {
757 crypto_ablkcipher_set_flags(cipher
, CRYPTO_TFM_RES_BAD_KEY_LEN
);
761 if (unlikely(!des_ekey(tmp
, key
)) &&
762 (crypto_ablkcipher_get_flags(cipher
) & CRYPTO_TFM_REQ_WEAK_KEY
)) {
763 tfm
->crt_flags
|= CRYPTO_TFM_RES_WEAK_KEY
;
767 memcpy(ctx
->key
, key
, len
);
774 * Set the key for an AES block cipher. Some key lengths are not supported in
775 * hardware so this must also check whether a fallback is needed.
777 static int spacc_aes_setkey(struct crypto_ablkcipher
*cipher
, const u8
*key
,
780 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
781 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
784 if (len
> AES_MAX_KEY_SIZE
) {
785 crypto_ablkcipher_set_flags(cipher
, CRYPTO_TFM_RES_BAD_KEY_LEN
);
790 * IPSec engine only supports 128 and 256 bit AES keys. If we get a
791 * request for any other size (192 bits) then we need to do a software
794 if (len
!= AES_KEYSIZE_128
&& len
!= AES_KEYSIZE_256
) {
799 * Set the fallback transform to use the same request flags as
800 * the hardware transform.
802 crypto_skcipher_clear_flags(ctx
->sw_cipher
,
803 CRYPTO_TFM_REQ_MASK
);
804 crypto_skcipher_set_flags(ctx
->sw_cipher
,
805 cipher
->base
.crt_flags
&
806 CRYPTO_TFM_REQ_MASK
);
808 err
= crypto_skcipher_setkey(ctx
->sw_cipher
, key
, len
);
810 tfm
->crt_flags
&= ~CRYPTO_TFM_RES_MASK
;
812 crypto_skcipher_get_flags(ctx
->sw_cipher
) &
816 goto sw_setkey_failed
;
819 memcpy(ctx
->key
, key
, len
);
826 static int spacc_kasumi_f8_setkey(struct crypto_ablkcipher
*cipher
,
827 const u8
*key
, unsigned int len
)
829 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
830 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
833 if (len
> AES_MAX_KEY_SIZE
) {
834 crypto_ablkcipher_set_flags(cipher
, CRYPTO_TFM_RES_BAD_KEY_LEN
);
839 memcpy(ctx
->key
, key
, len
);
846 static int spacc_ablk_need_fallback(struct spacc_req
*req
)
848 struct spacc_ablk_ctx
*ctx
;
849 struct crypto_tfm
*tfm
= req
->req
->tfm
;
850 struct crypto_alg
*alg
= req
->req
->tfm
->__crt_alg
;
851 struct spacc_alg
*spacc_alg
= to_spacc_alg(alg
);
853 ctx
= crypto_tfm_ctx(tfm
);
855 return (spacc_alg
->ctrl_default
& SPACC_CRYPTO_ALG_MASK
) ==
856 SPA_CTRL_CIPH_ALG_AES
&&
857 ctx
->key_len
!= AES_KEYSIZE_128
&&
858 ctx
->key_len
!= AES_KEYSIZE_256
;
861 static void spacc_ablk_complete(struct spacc_req
*req
)
863 struct ablkcipher_request
*ablk_req
= ablkcipher_request_cast(req
->req
);
865 if (ablk_req
->src
!= ablk_req
->dst
) {
866 spacc_free_ddt(req
, req
->src_ddt
, req
->src_addr
, ablk_req
->src
,
867 ablk_req
->nbytes
, DMA_TO_DEVICE
);
868 spacc_free_ddt(req
, req
->dst_ddt
, req
->dst_addr
, ablk_req
->dst
,
869 ablk_req
->nbytes
, DMA_FROM_DEVICE
);
871 spacc_free_ddt(req
, req
->dst_ddt
, req
->dst_addr
, ablk_req
->dst
,
872 ablk_req
->nbytes
, DMA_BIDIRECTIONAL
);
874 req
->req
->complete(req
->req
, req
->result
);
877 static int spacc_ablk_submit(struct spacc_req
*req
)
879 struct crypto_tfm
*tfm
= req
->req
->tfm
;
880 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
881 struct ablkcipher_request
*ablk_req
= ablkcipher_request_cast(req
->req
);
882 struct crypto_alg
*alg
= req
->req
->tfm
->__crt_alg
;
883 struct spacc_alg
*spacc_alg
= to_spacc_alg(alg
);
884 struct spacc_engine
*engine
= ctx
->generic
.engine
;
887 req
->ctx_id
= spacc_load_ctx(&ctx
->generic
, ctx
->key
,
888 ctx
->key_len
, ablk_req
->info
, alg
->cra_ablkcipher
.ivsize
,
891 writel(req
->src_addr
, engine
->regs
+ SPA_SRC_PTR_REG_OFFSET
);
892 writel(req
->dst_addr
, engine
->regs
+ SPA_DST_PTR_REG_OFFSET
);
893 writel(0, engine
->regs
+ SPA_OFFSET_REG_OFFSET
);
895 writel(ablk_req
->nbytes
, engine
->regs
+ SPA_PROC_LEN_REG_OFFSET
);
896 writel(0, engine
->regs
+ SPA_ICV_OFFSET_REG_OFFSET
);
897 writel(0, engine
->regs
+ SPA_AUX_INFO_REG_OFFSET
);
898 writel(0, engine
->regs
+ SPA_AAD_LEN_REG_OFFSET
);
900 ctrl
= spacc_alg
->ctrl_default
| (req
->ctx_id
<< SPA_CTRL_CTX_IDX
) |
901 (req
->is_encrypt
? (1 << SPA_CTRL_ENCRYPT_IDX
) :
902 (1 << SPA_CTRL_KEY_EXP
));
904 mod_timer(&engine
->packet_timeout
, jiffies
+ PACKET_TIMEOUT
);
906 writel(ctrl
, engine
->regs
+ SPA_CTRL_REG_OFFSET
);
911 static int spacc_ablk_do_fallback(struct ablkcipher_request
*req
,
912 unsigned alg_type
, bool is_encrypt
)
914 struct crypto_tfm
*old_tfm
=
915 crypto_ablkcipher_tfm(crypto_ablkcipher_reqtfm(req
));
916 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(old_tfm
);
917 SKCIPHER_REQUEST_ON_STACK(subreq
, ctx
->sw_cipher
);
921 * Change the request to use the software fallback transform, and once
922 * the ciphering has completed, put the old transform back into the
925 skcipher_request_set_tfm(subreq
, ctx
->sw_cipher
);
926 skcipher_request_set_callback(subreq
, req
->base
.flags
, NULL
, NULL
);
927 skcipher_request_set_crypt(subreq
, req
->src
, req
->dst
,
928 req
->nbytes
, req
->info
);
929 err
= is_encrypt
? crypto_skcipher_encrypt(subreq
) :
930 crypto_skcipher_decrypt(subreq
);
931 skcipher_request_zero(subreq
);
936 static int spacc_ablk_setup(struct ablkcipher_request
*req
, unsigned alg_type
,
939 struct crypto_alg
*alg
= req
->base
.tfm
->__crt_alg
;
940 struct spacc_engine
*engine
= to_spacc_alg(alg
)->engine
;
941 struct spacc_req
*dev_req
= ablkcipher_request_ctx(req
);
945 dev_req
->req
= &req
->base
;
946 dev_req
->is_encrypt
= is_encrypt
;
947 dev_req
->engine
= engine
;
948 dev_req
->complete
= spacc_ablk_complete
;
949 dev_req
->result
= -EINPROGRESS
;
951 if (unlikely(spacc_ablk_need_fallback(dev_req
)))
952 return spacc_ablk_do_fallback(req
, alg_type
, is_encrypt
);
955 * Create the DDT's for the engine. If we share the same source and
956 * destination then we can optimize by reusing the DDT's.
958 if (req
->src
!= req
->dst
) {
959 dev_req
->src_ddt
= spacc_sg_to_ddt(engine
, req
->src
,
960 req
->nbytes
, DMA_TO_DEVICE
, &dev_req
->src_addr
);
961 if (!dev_req
->src_ddt
)
964 dev_req
->dst_ddt
= spacc_sg_to_ddt(engine
, req
->dst
,
965 req
->nbytes
, DMA_FROM_DEVICE
, &dev_req
->dst_addr
);
966 if (!dev_req
->dst_ddt
)
969 dev_req
->dst_ddt
= spacc_sg_to_ddt(engine
, req
->dst
,
970 req
->nbytes
, DMA_BIDIRECTIONAL
, &dev_req
->dst_addr
);
971 if (!dev_req
->dst_ddt
)
974 dev_req
->src_ddt
= NULL
;
975 dev_req
->src_addr
= dev_req
->dst_addr
;
979 spin_lock_irqsave(&engine
->hw_lock
, flags
);
981 * Check if the engine will accept the operation now. If it won't then
982 * we either stick it on the end of a pending list if we can backlog,
983 * or bailout with an error if not.
985 if (unlikely(spacc_fifo_cmd_full(engine
)) ||
986 engine
->in_flight
+ 1 > engine
->fifo_sz
) {
987 if (!(req
->base
.flags
& CRYPTO_TFM_REQ_MAY_BACKLOG
)) {
989 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
992 list_add_tail(&dev_req
->list
, &engine
->pending
);
994 list_add_tail(&dev_req
->list
, &engine
->pending
);
997 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
1002 spacc_free_ddt(dev_req
, dev_req
->dst_ddt
, dev_req
->dst_addr
, req
->dst
,
1003 req
->nbytes
, req
->src
== req
->dst
?
1004 DMA_BIDIRECTIONAL
: DMA_FROM_DEVICE
);
1006 if (req
->src
!= req
->dst
)
1007 spacc_free_ddt(dev_req
, dev_req
->src_ddt
, dev_req
->src_addr
,
1008 req
->src
, req
->nbytes
, DMA_TO_DEVICE
);
1013 static int spacc_ablk_cra_init(struct crypto_tfm
*tfm
)
1015 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
1016 struct crypto_alg
*alg
= tfm
->__crt_alg
;
1017 struct spacc_alg
*spacc_alg
= to_spacc_alg(alg
);
1018 struct spacc_engine
*engine
= spacc_alg
->engine
;
1020 ctx
->generic
.flags
= spacc_alg
->type
;
1021 ctx
->generic
.engine
= engine
;
1022 if (alg
->cra_flags
& CRYPTO_ALG_NEED_FALLBACK
) {
1023 ctx
->sw_cipher
= crypto_alloc_skcipher(
1024 alg
->cra_name
, 0, CRYPTO_ALG_ASYNC
|
1025 CRYPTO_ALG_NEED_FALLBACK
);
1026 if (IS_ERR(ctx
->sw_cipher
)) {
1027 dev_warn(engine
->dev
, "failed to allocate fallback for %s\n",
1029 return PTR_ERR(ctx
->sw_cipher
);
1032 ctx
->generic
.key_offs
= spacc_alg
->key_offs
;
1033 ctx
->generic
.iv_offs
= spacc_alg
->iv_offs
;
1035 tfm
->crt_ablkcipher
.reqsize
= sizeof(struct spacc_req
);
1040 static void spacc_ablk_cra_exit(struct crypto_tfm
*tfm
)
1042 struct spacc_ablk_ctx
*ctx
= crypto_tfm_ctx(tfm
);
1044 crypto_free_skcipher(ctx
->sw_cipher
);
1047 static int spacc_ablk_encrypt(struct ablkcipher_request
*req
)
1049 struct crypto_ablkcipher
*cipher
= crypto_ablkcipher_reqtfm(req
);
1050 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
1051 struct spacc_alg
*alg
= to_spacc_alg(tfm
->__crt_alg
);
1053 return spacc_ablk_setup(req
, alg
->type
, 1);
1056 static int spacc_ablk_decrypt(struct ablkcipher_request
*req
)
1058 struct crypto_ablkcipher
*cipher
= crypto_ablkcipher_reqtfm(req
);
1059 struct crypto_tfm
*tfm
= crypto_ablkcipher_tfm(cipher
);
1060 struct spacc_alg
*alg
= to_spacc_alg(tfm
->__crt_alg
);
1062 return spacc_ablk_setup(req
, alg
->type
, 0);
1065 static inline int spacc_fifo_stat_empty(struct spacc_engine
*engine
)
1067 return readl(engine
->regs
+ SPA_FIFO_STAT_REG_OFFSET
) &
1068 SPA_FIFO_STAT_EMPTY
;
1071 static void spacc_process_done(struct spacc_engine
*engine
)
1073 struct spacc_req
*req
;
1074 unsigned long flags
;
1076 spin_lock_irqsave(&engine
->hw_lock
, flags
);
1078 while (!spacc_fifo_stat_empty(engine
)) {
1079 req
= list_first_entry(&engine
->in_progress
, struct spacc_req
,
1081 list_move_tail(&req
->list
, &engine
->completed
);
1082 --engine
->in_flight
;
1084 /* POP the status register. */
1085 writel(~0, engine
->regs
+ SPA_STAT_POP_REG_OFFSET
);
1086 req
->result
= (readl(engine
->regs
+ SPA_STATUS_REG_OFFSET
) &
1087 SPA_STATUS_RES_CODE_MASK
) >> SPA_STATUS_RES_CODE_OFFSET
;
1090 * Convert the SPAcc error status into the standard POSIX error
1093 if (unlikely(req
->result
)) {
1094 switch (req
->result
) {
1095 case SPA_STATUS_ICV_FAIL
:
1096 req
->result
= -EBADMSG
;
1099 case SPA_STATUS_MEMORY_ERROR
:
1100 dev_warn(engine
->dev
,
1101 "memory error triggered\n");
1102 req
->result
= -EFAULT
;
1105 case SPA_STATUS_BLOCK_ERROR
:
1106 dev_warn(engine
->dev
,
1107 "block error triggered\n");
1114 tasklet_schedule(&engine
->complete
);
1116 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
1119 static irqreturn_t
spacc_spacc_irq(int irq
, void *dev
)
1121 struct spacc_engine
*engine
= (struct spacc_engine
*)dev
;
1122 u32 spacc_irq_stat
= readl(engine
->regs
+ SPA_IRQ_STAT_REG_OFFSET
);
1124 writel(spacc_irq_stat
, engine
->regs
+ SPA_IRQ_STAT_REG_OFFSET
);
1125 spacc_process_done(engine
);
1130 static void spacc_packet_timeout(struct timer_list
*t
)
1132 struct spacc_engine
*engine
= from_timer(engine
, t
, packet_timeout
);
1134 spacc_process_done(engine
);
1137 static int spacc_req_submit(struct spacc_req
*req
)
1139 struct crypto_alg
*alg
= req
->req
->tfm
->__crt_alg
;
1141 if (CRYPTO_ALG_TYPE_AEAD
== (CRYPTO_ALG_TYPE_MASK
& alg
->cra_flags
))
1142 return spacc_aead_submit(req
);
1144 return spacc_ablk_submit(req
);
1147 static void spacc_spacc_complete(unsigned long data
)
1149 struct spacc_engine
*engine
= (struct spacc_engine
*)data
;
1150 struct spacc_req
*req
, *tmp
;
1151 unsigned long flags
;
1152 LIST_HEAD(completed
);
1154 spin_lock_irqsave(&engine
->hw_lock
, flags
);
1156 list_splice_init(&engine
->completed
, &completed
);
1158 if (engine
->in_flight
)
1159 mod_timer(&engine
->packet_timeout
, jiffies
+ PACKET_TIMEOUT
);
1161 spin_unlock_irqrestore(&engine
->hw_lock
, flags
);
1163 list_for_each_entry_safe(req
, tmp
, &completed
, list
) {
1164 list_del(&req
->list
);
1170 static int spacc_suspend(struct device
*dev
)
1172 struct spacc_engine
*engine
= dev_get_drvdata(dev
);
1175 * We only support standby mode. All we have to do is gate the clock to
1176 * the spacc. The hardware will preserve state until we turn it back
1179 clk_disable(engine
->clk
);
1184 static int spacc_resume(struct device
*dev
)
1186 struct spacc_engine
*engine
= dev_get_drvdata(dev
);
1188 return clk_enable(engine
->clk
);
1191 static const struct dev_pm_ops spacc_pm_ops
= {
1192 .suspend
= spacc_suspend
,
1193 .resume
= spacc_resume
,
1195 #endif /* CONFIG_PM */
1197 static inline struct spacc_engine
*spacc_dev_to_engine(struct device
*dev
)
1199 return dev
? platform_get_drvdata(to_platform_device(dev
)) : NULL
;
1202 static ssize_t
spacc_stat_irq_thresh_show(struct device
*dev
,
1203 struct device_attribute
*attr
,
1206 struct spacc_engine
*engine
= spacc_dev_to_engine(dev
);
1208 return snprintf(buf
, PAGE_SIZE
, "%u\n", engine
->stat_irq_thresh
);
1211 static ssize_t
spacc_stat_irq_thresh_store(struct device
*dev
,
1212 struct device_attribute
*attr
,
1213 const char *buf
, size_t len
)
1215 struct spacc_engine
*engine
= spacc_dev_to_engine(dev
);
1216 unsigned long thresh
;
1218 if (kstrtoul(buf
, 0, &thresh
))
1221 thresh
= clamp(thresh
, 1UL, engine
->fifo_sz
- 1);
1223 engine
->stat_irq_thresh
= thresh
;
1224 writel(engine
->stat_irq_thresh
<< SPA_IRQ_CTRL_STAT_CNT_OFFSET
,
1225 engine
->regs
+ SPA_IRQ_CTRL_REG_OFFSET
);
1229 static DEVICE_ATTR(stat_irq_thresh
, 0644, spacc_stat_irq_thresh_show
,
1230 spacc_stat_irq_thresh_store
);
1232 static struct spacc_alg ipsec_engine_algs
[] = {
1234 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
| SPA_CTRL_CIPH_MODE_CBC
,
1236 .iv_offs
= AES_MAX_KEY_SIZE
,
1238 .cra_name
= "cbc(aes)",
1239 .cra_driver_name
= "cbc-aes-picoxcell",
1240 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1241 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1242 CRYPTO_ALG_KERN_DRIVER_ONLY
|
1244 CRYPTO_ALG_NEED_FALLBACK
,
1245 .cra_blocksize
= AES_BLOCK_SIZE
,
1246 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1247 .cra_type
= &crypto_ablkcipher_type
,
1248 .cra_module
= THIS_MODULE
,
1250 .setkey
= spacc_aes_setkey
,
1251 .encrypt
= spacc_ablk_encrypt
,
1252 .decrypt
= spacc_ablk_decrypt
,
1253 .min_keysize
= AES_MIN_KEY_SIZE
,
1254 .max_keysize
= AES_MAX_KEY_SIZE
,
1255 .ivsize
= AES_BLOCK_SIZE
,
1257 .cra_init
= spacc_ablk_cra_init
,
1258 .cra_exit
= spacc_ablk_cra_exit
,
1263 .iv_offs
= AES_MAX_KEY_SIZE
,
1264 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
| SPA_CTRL_CIPH_MODE_ECB
,
1266 .cra_name
= "ecb(aes)",
1267 .cra_driver_name
= "ecb-aes-picoxcell",
1268 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1269 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1270 CRYPTO_ALG_KERN_DRIVER_ONLY
|
1271 CRYPTO_ALG_ASYNC
| CRYPTO_ALG_NEED_FALLBACK
,
1272 .cra_blocksize
= AES_BLOCK_SIZE
,
1273 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1274 .cra_type
= &crypto_ablkcipher_type
,
1275 .cra_module
= THIS_MODULE
,
1277 .setkey
= spacc_aes_setkey
,
1278 .encrypt
= spacc_ablk_encrypt
,
1279 .decrypt
= spacc_ablk_decrypt
,
1280 .min_keysize
= AES_MIN_KEY_SIZE
,
1281 .max_keysize
= AES_MAX_KEY_SIZE
,
1283 .cra_init
= spacc_ablk_cra_init
,
1284 .cra_exit
= spacc_ablk_cra_exit
,
1288 .key_offs
= DES_BLOCK_SIZE
,
1290 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
| SPA_CTRL_CIPH_MODE_CBC
,
1292 .cra_name
= "cbc(des)",
1293 .cra_driver_name
= "cbc-des-picoxcell",
1294 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1295 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1297 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1298 .cra_blocksize
= DES_BLOCK_SIZE
,
1299 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1300 .cra_type
= &crypto_ablkcipher_type
,
1301 .cra_module
= THIS_MODULE
,
1303 .setkey
= spacc_des_setkey
,
1304 .encrypt
= spacc_ablk_encrypt
,
1305 .decrypt
= spacc_ablk_decrypt
,
1306 .min_keysize
= DES_KEY_SIZE
,
1307 .max_keysize
= DES_KEY_SIZE
,
1308 .ivsize
= DES_BLOCK_SIZE
,
1310 .cra_init
= spacc_ablk_cra_init
,
1311 .cra_exit
= spacc_ablk_cra_exit
,
1315 .key_offs
= DES_BLOCK_SIZE
,
1317 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
| SPA_CTRL_CIPH_MODE_ECB
,
1319 .cra_name
= "ecb(des)",
1320 .cra_driver_name
= "ecb-des-picoxcell",
1321 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1322 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1324 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1325 .cra_blocksize
= DES_BLOCK_SIZE
,
1326 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1327 .cra_type
= &crypto_ablkcipher_type
,
1328 .cra_module
= THIS_MODULE
,
1330 .setkey
= spacc_des_setkey
,
1331 .encrypt
= spacc_ablk_encrypt
,
1332 .decrypt
= spacc_ablk_decrypt
,
1333 .min_keysize
= DES_KEY_SIZE
,
1334 .max_keysize
= DES_KEY_SIZE
,
1336 .cra_init
= spacc_ablk_cra_init
,
1337 .cra_exit
= spacc_ablk_cra_exit
,
1341 .key_offs
= DES_BLOCK_SIZE
,
1343 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
| SPA_CTRL_CIPH_MODE_CBC
,
1345 .cra_name
= "cbc(des3_ede)",
1346 .cra_driver_name
= "cbc-des3-ede-picoxcell",
1347 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1348 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1350 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1351 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1352 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1353 .cra_type
= &crypto_ablkcipher_type
,
1354 .cra_module
= THIS_MODULE
,
1356 .setkey
= spacc_des_setkey
,
1357 .encrypt
= spacc_ablk_encrypt
,
1358 .decrypt
= spacc_ablk_decrypt
,
1359 .min_keysize
= DES3_EDE_KEY_SIZE
,
1360 .max_keysize
= DES3_EDE_KEY_SIZE
,
1361 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1363 .cra_init
= spacc_ablk_cra_init
,
1364 .cra_exit
= spacc_ablk_cra_exit
,
1368 .key_offs
= DES_BLOCK_SIZE
,
1370 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
| SPA_CTRL_CIPH_MODE_ECB
,
1372 .cra_name
= "ecb(des3_ede)",
1373 .cra_driver_name
= "ecb-des3-ede-picoxcell",
1374 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1375 .cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1377 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1378 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1379 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1380 .cra_type
= &crypto_ablkcipher_type
,
1381 .cra_module
= THIS_MODULE
,
1383 .setkey
= spacc_des_setkey
,
1384 .encrypt
= spacc_ablk_encrypt
,
1385 .decrypt
= spacc_ablk_decrypt
,
1386 .min_keysize
= DES3_EDE_KEY_SIZE
,
1387 .max_keysize
= DES3_EDE_KEY_SIZE
,
1389 .cra_init
= spacc_ablk_cra_init
,
1390 .cra_exit
= spacc_ablk_cra_exit
,
1395 static struct spacc_aead ipsec_engine_aeads
[] = {
1397 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
|
1398 SPA_CTRL_CIPH_MODE_CBC
|
1399 SPA_CTRL_HASH_ALG_SHA
|
1400 SPA_CTRL_HASH_MODE_HMAC
,
1402 .iv_offs
= AES_MAX_KEY_SIZE
,
1405 .cra_name
= "authenc(hmac(sha1),cbc(aes))",
1406 .cra_driver_name
= "authenc-hmac-sha1-"
1407 "cbc-aes-picoxcell",
1408 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1409 .cra_flags
= CRYPTO_ALG_ASYNC
|
1410 CRYPTO_ALG_NEED_FALLBACK
|
1411 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1412 .cra_blocksize
= AES_BLOCK_SIZE
,
1413 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1414 .cra_module
= THIS_MODULE
,
1416 .setkey
= spacc_aead_setkey
,
1417 .setauthsize
= spacc_aead_setauthsize
,
1418 .encrypt
= spacc_aead_encrypt
,
1419 .decrypt
= spacc_aead_decrypt
,
1420 .ivsize
= AES_BLOCK_SIZE
,
1421 .maxauthsize
= SHA1_DIGEST_SIZE
,
1422 .init
= spacc_aead_cra_init
,
1423 .exit
= spacc_aead_cra_exit
,
1427 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
|
1428 SPA_CTRL_CIPH_MODE_CBC
|
1429 SPA_CTRL_HASH_ALG_SHA256
|
1430 SPA_CTRL_HASH_MODE_HMAC
,
1432 .iv_offs
= AES_MAX_KEY_SIZE
,
1435 .cra_name
= "authenc(hmac(sha256),cbc(aes))",
1436 .cra_driver_name
= "authenc-hmac-sha256-"
1437 "cbc-aes-picoxcell",
1438 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1439 .cra_flags
= CRYPTO_ALG_ASYNC
|
1440 CRYPTO_ALG_NEED_FALLBACK
|
1441 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1442 .cra_blocksize
= AES_BLOCK_SIZE
,
1443 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1444 .cra_module
= THIS_MODULE
,
1446 .setkey
= spacc_aead_setkey
,
1447 .setauthsize
= spacc_aead_setauthsize
,
1448 .encrypt
= spacc_aead_encrypt
,
1449 .decrypt
= spacc_aead_decrypt
,
1450 .ivsize
= AES_BLOCK_SIZE
,
1451 .maxauthsize
= SHA256_DIGEST_SIZE
,
1452 .init
= spacc_aead_cra_init
,
1453 .exit
= spacc_aead_cra_exit
,
1458 .iv_offs
= AES_MAX_KEY_SIZE
,
1459 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
|
1460 SPA_CTRL_CIPH_MODE_CBC
|
1461 SPA_CTRL_HASH_ALG_MD5
|
1462 SPA_CTRL_HASH_MODE_HMAC
,
1465 .cra_name
= "authenc(hmac(md5),cbc(aes))",
1466 .cra_driver_name
= "authenc-hmac-md5-"
1467 "cbc-aes-picoxcell",
1468 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1469 .cra_flags
= CRYPTO_ALG_ASYNC
|
1470 CRYPTO_ALG_NEED_FALLBACK
|
1471 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1472 .cra_blocksize
= AES_BLOCK_SIZE
,
1473 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1474 .cra_module
= THIS_MODULE
,
1476 .setkey
= spacc_aead_setkey
,
1477 .setauthsize
= spacc_aead_setauthsize
,
1478 .encrypt
= spacc_aead_encrypt
,
1479 .decrypt
= spacc_aead_decrypt
,
1480 .ivsize
= AES_BLOCK_SIZE
,
1481 .maxauthsize
= MD5_DIGEST_SIZE
,
1482 .init
= spacc_aead_cra_init
,
1483 .exit
= spacc_aead_cra_exit
,
1487 .key_offs
= DES_BLOCK_SIZE
,
1489 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
|
1490 SPA_CTRL_CIPH_MODE_CBC
|
1491 SPA_CTRL_HASH_ALG_SHA
|
1492 SPA_CTRL_HASH_MODE_HMAC
,
1495 .cra_name
= "authenc(hmac(sha1),cbc(des3_ede))",
1496 .cra_driver_name
= "authenc-hmac-sha1-"
1497 "cbc-3des-picoxcell",
1498 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1499 .cra_flags
= CRYPTO_ALG_ASYNC
|
1500 CRYPTO_ALG_NEED_FALLBACK
|
1501 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1502 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1503 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1504 .cra_module
= THIS_MODULE
,
1506 .setkey
= spacc_aead_setkey
,
1507 .setauthsize
= spacc_aead_setauthsize
,
1508 .encrypt
= spacc_aead_encrypt
,
1509 .decrypt
= spacc_aead_decrypt
,
1510 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1511 .maxauthsize
= SHA1_DIGEST_SIZE
,
1512 .init
= spacc_aead_cra_init
,
1513 .exit
= spacc_aead_cra_exit
,
1517 .key_offs
= DES_BLOCK_SIZE
,
1519 .ctrl_default
= SPA_CTRL_CIPH_ALG_AES
|
1520 SPA_CTRL_CIPH_MODE_CBC
|
1521 SPA_CTRL_HASH_ALG_SHA256
|
1522 SPA_CTRL_HASH_MODE_HMAC
,
1525 .cra_name
= "authenc(hmac(sha256),"
1527 .cra_driver_name
= "authenc-hmac-sha256-"
1528 "cbc-3des-picoxcell",
1529 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1530 .cra_flags
= CRYPTO_ALG_ASYNC
|
1531 CRYPTO_ALG_NEED_FALLBACK
|
1532 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1533 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1534 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1535 .cra_module
= THIS_MODULE
,
1537 .setkey
= spacc_aead_setkey
,
1538 .setauthsize
= spacc_aead_setauthsize
,
1539 .encrypt
= spacc_aead_encrypt
,
1540 .decrypt
= spacc_aead_decrypt
,
1541 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1542 .maxauthsize
= SHA256_DIGEST_SIZE
,
1543 .init
= spacc_aead_cra_init
,
1544 .exit
= spacc_aead_cra_exit
,
1548 .key_offs
= DES_BLOCK_SIZE
,
1550 .ctrl_default
= SPA_CTRL_CIPH_ALG_DES
|
1551 SPA_CTRL_CIPH_MODE_CBC
|
1552 SPA_CTRL_HASH_ALG_MD5
|
1553 SPA_CTRL_HASH_MODE_HMAC
,
1556 .cra_name
= "authenc(hmac(md5),cbc(des3_ede))",
1557 .cra_driver_name
= "authenc-hmac-md5-"
1558 "cbc-3des-picoxcell",
1559 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1560 .cra_flags
= CRYPTO_ALG_ASYNC
|
1561 CRYPTO_ALG_NEED_FALLBACK
|
1562 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1563 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1564 .cra_ctxsize
= sizeof(struct spacc_aead_ctx
),
1565 .cra_module
= THIS_MODULE
,
1567 .setkey
= spacc_aead_setkey
,
1568 .setauthsize
= spacc_aead_setauthsize
,
1569 .encrypt
= spacc_aead_encrypt
,
1570 .decrypt
= spacc_aead_decrypt
,
1571 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1572 .maxauthsize
= MD5_DIGEST_SIZE
,
1573 .init
= spacc_aead_cra_init
,
1574 .exit
= spacc_aead_cra_exit
,
1579 static struct spacc_alg l2_engine_algs
[] = {
1582 .iv_offs
= SPACC_CRYPTO_KASUMI_F8_KEY_LEN
,
1583 .ctrl_default
= SPA_CTRL_CIPH_ALG_KASUMI
|
1584 SPA_CTRL_CIPH_MODE_F8
,
1586 .cra_name
= "f8(kasumi)",
1587 .cra_driver_name
= "f8-kasumi-picoxcell",
1588 .cra_priority
= SPACC_CRYPTO_ALG_PRIORITY
,
1589 .cra_flags
= CRYPTO_ALG_TYPE_GIVCIPHER
|
1591 CRYPTO_ALG_KERN_DRIVER_ONLY
,
1593 .cra_ctxsize
= sizeof(struct spacc_ablk_ctx
),
1594 .cra_type
= &crypto_ablkcipher_type
,
1595 .cra_module
= THIS_MODULE
,
1597 .setkey
= spacc_kasumi_f8_setkey
,
1598 .encrypt
= spacc_ablk_encrypt
,
1599 .decrypt
= spacc_ablk_decrypt
,
1604 .cra_init
= spacc_ablk_cra_init
,
1605 .cra_exit
= spacc_ablk_cra_exit
,
1611 static const struct of_device_id spacc_of_id_table
[] = {
1612 { .compatible
= "picochip,spacc-ipsec" },
1613 { .compatible
= "picochip,spacc-l2" },
1616 MODULE_DEVICE_TABLE(of
, spacc_of_id_table
);
1617 #endif /* CONFIG_OF */
1619 static void spacc_tasklet_kill(void *data
)
1624 static int spacc_probe(struct platform_device
*pdev
)
1627 struct resource
*mem
, *irq
;
1628 struct device_node
*np
= pdev
->dev
.of_node
;
1629 struct spacc_engine
*engine
= devm_kzalloc(&pdev
->dev
, sizeof(*engine
),
1634 if (of_device_is_compatible(np
, "picochip,spacc-ipsec")) {
1635 engine
->max_ctxs
= SPACC_CRYPTO_IPSEC_MAX_CTXS
;
1636 engine
->cipher_pg_sz
= SPACC_CRYPTO_IPSEC_CIPHER_PG_SZ
;
1637 engine
->hash_pg_sz
= SPACC_CRYPTO_IPSEC_HASH_PG_SZ
;
1638 engine
->fifo_sz
= SPACC_CRYPTO_IPSEC_FIFO_SZ
;
1639 engine
->algs
= ipsec_engine_algs
;
1640 engine
->num_algs
= ARRAY_SIZE(ipsec_engine_algs
);
1641 engine
->aeads
= ipsec_engine_aeads
;
1642 engine
->num_aeads
= ARRAY_SIZE(ipsec_engine_aeads
);
1643 } else if (of_device_is_compatible(np
, "picochip,spacc-l2")) {
1644 engine
->max_ctxs
= SPACC_CRYPTO_L2_MAX_CTXS
;
1645 engine
->cipher_pg_sz
= SPACC_CRYPTO_L2_CIPHER_PG_SZ
;
1646 engine
->hash_pg_sz
= SPACC_CRYPTO_L2_HASH_PG_SZ
;
1647 engine
->fifo_sz
= SPACC_CRYPTO_L2_FIFO_SZ
;
1648 engine
->algs
= l2_engine_algs
;
1649 engine
->num_algs
= ARRAY_SIZE(l2_engine_algs
);
1654 engine
->name
= dev_name(&pdev
->dev
);
1656 mem
= platform_get_resource(pdev
, IORESOURCE_MEM
, 0);
1657 engine
->regs
= devm_ioremap_resource(&pdev
->dev
, mem
);
1658 if (IS_ERR(engine
->regs
))
1659 return PTR_ERR(engine
->regs
);
1661 irq
= platform_get_resource(pdev
, IORESOURCE_IRQ
, 0);
1663 dev_err(&pdev
->dev
, "no memory/irq resource for engine\n");
1667 tasklet_init(&engine
->complete
, spacc_spacc_complete
,
1668 (unsigned long)engine
);
1670 ret
= devm_add_action(&pdev
->dev
, spacc_tasklet_kill
,
1675 if (devm_request_irq(&pdev
->dev
, irq
->start
, spacc_spacc_irq
, 0,
1676 engine
->name
, engine
)) {
1677 dev_err(engine
->dev
, "failed to request IRQ\n");
1681 engine
->dev
= &pdev
->dev
;
1682 engine
->cipher_ctx_base
= engine
->regs
+ SPA_CIPH_KEY_BASE_REG_OFFSET
;
1683 engine
->hash_key_base
= engine
->regs
+ SPA_HASH_KEY_BASE_REG_OFFSET
;
1685 engine
->req_pool
= dmam_pool_create(engine
->name
, engine
->dev
,
1686 MAX_DDT_LEN
* sizeof(struct spacc_ddt
), 8, SZ_64K
);
1687 if (!engine
->req_pool
)
1690 spin_lock_init(&engine
->hw_lock
);
1692 engine
->clk
= clk_get(&pdev
->dev
, "ref");
1693 if (IS_ERR(engine
->clk
)) {
1694 dev_info(&pdev
->dev
, "clk unavailable\n");
1695 return PTR_ERR(engine
->clk
);
1698 if (clk_prepare_enable(engine
->clk
)) {
1699 dev_info(&pdev
->dev
, "unable to prepare/enable clk\n");
1704 ret
= device_create_file(&pdev
->dev
, &dev_attr_stat_irq_thresh
);
1706 goto err_clk_disable
;
1710 * Use an IRQ threshold of 50% as a default. This seems to be a
1711 * reasonable trade off of latency against throughput but can be
1712 * changed at runtime.
1714 engine
->stat_irq_thresh
= (engine
->fifo_sz
/ 2);
1717 * Configure the interrupts. We only use the STAT_CNT interrupt as we
1718 * only submit a new packet for processing when we complete another in
1719 * the queue. This minimizes time spent in the interrupt handler.
1721 writel(engine
->stat_irq_thresh
<< SPA_IRQ_CTRL_STAT_CNT_OFFSET
,
1722 engine
->regs
+ SPA_IRQ_CTRL_REG_OFFSET
);
1723 writel(SPA_IRQ_EN_STAT_EN
| SPA_IRQ_EN_GLBL_EN
,
1724 engine
->regs
+ SPA_IRQ_EN_REG_OFFSET
);
1726 timer_setup(&engine
->packet_timeout
, spacc_packet_timeout
, 0);
1728 INIT_LIST_HEAD(&engine
->pending
);
1729 INIT_LIST_HEAD(&engine
->completed
);
1730 INIT_LIST_HEAD(&engine
->in_progress
);
1731 engine
->in_flight
= 0;
1733 platform_set_drvdata(pdev
, engine
);
1736 INIT_LIST_HEAD(&engine
->registered_algs
);
1737 for (i
= 0; i
< engine
->num_algs
; ++i
) {
1738 engine
->algs
[i
].engine
= engine
;
1739 err
= crypto_register_alg(&engine
->algs
[i
].alg
);
1741 list_add_tail(&engine
->algs
[i
].entry
,
1742 &engine
->registered_algs
);
1746 dev_err(engine
->dev
, "failed to register alg \"%s\"\n",
1747 engine
->algs
[i
].alg
.cra_name
);
1749 dev_dbg(engine
->dev
, "registered alg \"%s\"\n",
1750 engine
->algs
[i
].alg
.cra_name
);
1753 INIT_LIST_HEAD(&engine
->registered_aeads
);
1754 for (i
= 0; i
< engine
->num_aeads
; ++i
) {
1755 engine
->aeads
[i
].engine
= engine
;
1756 err
= crypto_register_aead(&engine
->aeads
[i
].alg
);
1758 list_add_tail(&engine
->aeads
[i
].entry
,
1759 &engine
->registered_aeads
);
1763 dev_err(engine
->dev
, "failed to register alg \"%s\"\n",
1764 engine
->aeads
[i
].alg
.base
.cra_name
);
1766 dev_dbg(engine
->dev
, "registered alg \"%s\"\n",
1767 engine
->aeads
[i
].alg
.base
.cra_name
);
1773 del_timer_sync(&engine
->packet_timeout
);
1774 device_remove_file(&pdev
->dev
, &dev_attr_stat_irq_thresh
);
1776 clk_disable_unprepare(engine
->clk
);
1778 clk_put(engine
->clk
);
1783 static int spacc_remove(struct platform_device
*pdev
)
1785 struct spacc_aead
*aead
, *an
;
1786 struct spacc_alg
*alg
, *next
;
1787 struct spacc_engine
*engine
= platform_get_drvdata(pdev
);
1789 del_timer_sync(&engine
->packet_timeout
);
1790 device_remove_file(&pdev
->dev
, &dev_attr_stat_irq_thresh
);
1792 list_for_each_entry_safe(aead
, an
, &engine
->registered_aeads
, entry
) {
1793 list_del(&aead
->entry
);
1794 crypto_unregister_aead(&aead
->alg
);
1797 list_for_each_entry_safe(alg
, next
, &engine
->registered_algs
, entry
) {
1798 list_del(&alg
->entry
);
1799 crypto_unregister_alg(&alg
->alg
);
1802 clk_disable_unprepare(engine
->clk
);
1803 clk_put(engine
->clk
);
1808 static struct platform_driver spacc_driver
= {
1809 .probe
= spacc_probe
,
1810 .remove
= spacc_remove
,
1812 .name
= "picochip,spacc",
1814 .pm
= &spacc_pm_ops
,
1815 #endif /* CONFIG_PM */
1816 .of_match_table
= of_match_ptr(spacc_of_id_table
),
1820 module_platform_driver(spacc_driver
);
1822 MODULE_LICENSE("GPL");
1823 MODULE_AUTHOR("Jamie Iles");