2 * Intel IXP4xx NPE-C crypto driver
4 * Copyright (C) 2008 Christian Hohnstaedt <chohnstaedt@innominate.com>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of version 2 of the GNU General Public License
8 * as published by the Free Software Foundation.
12 #include <linux/platform_device.h>
13 #include <linux/dma-mapping.h>
14 #include <linux/dmapool.h>
15 #include <linux/crypto.h>
16 #include <linux/kernel.h>
17 #include <linux/rtnetlink.h>
18 #include <linux/interrupt.h>
19 #include <linux/spinlock.h>
20 #include <linux/gfp.h>
21 #include <linux/module.h>
23 #include <crypto/ctr.h>
24 #include <crypto/des.h>
25 #include <crypto/aes.h>
26 #include <crypto/sha.h>
27 #include <crypto/algapi.h>
28 #include <crypto/internal/aead.h>
29 #include <crypto/authenc.h>
30 #include <crypto/scatterwalk.h>
33 #include <mach/qmgr.h>
37 /* hash: cfgword + 2 * digestlen; crypt: keylen + cfgword */
38 #define NPE_CTX_LEN 80
39 #define AES_BLOCK128 16
41 #define NPE_OP_HASH_VERIFY 0x01
42 #define NPE_OP_CCM_ENABLE 0x04
43 #define NPE_OP_CRYPT_ENABLE 0x08
44 #define NPE_OP_HASH_ENABLE 0x10
45 #define NPE_OP_NOT_IN_PLACE 0x20
46 #define NPE_OP_HMAC_DISABLE 0x40
47 #define NPE_OP_CRYPT_ENCRYPT 0x80
49 #define NPE_OP_CCM_GEN_MIC 0xcc
50 #define NPE_OP_HASH_GEN_ICV 0x50
51 #define NPE_OP_ENC_GEN_KEY 0xc9
53 #define MOD_ECB 0x0000
54 #define MOD_CTR 0x1000
55 #define MOD_CBC_ENC 0x2000
56 #define MOD_CBC_DEC 0x3000
57 #define MOD_CCM_ENC 0x4000
58 #define MOD_CCM_DEC 0x5000
64 #define CIPH_DECR 0x0000
65 #define CIPH_ENCR 0x0400
67 #define MOD_DES 0x0000
68 #define MOD_TDEA2 0x0100
69 #define MOD_3DES 0x0200
70 #define MOD_AES 0x0800
71 #define MOD_AES128 (0x0800 | KEYLEN_128)
72 #define MOD_AES192 (0x0900 | KEYLEN_192)
73 #define MOD_AES256 (0x0a00 | KEYLEN_256)
76 #define NPE_ID 2 /* NPE C */
78 /* Space for registering when the first
79 * NPE_QLEN crypt_ctl are busy */
80 #define NPE_QLEN_TOTAL 64
85 #define CTL_FLAG_UNUSED 0x0000
86 #define CTL_FLAG_USED 0x1000
87 #define CTL_FLAG_PERFORM_ABLK 0x0001
88 #define CTL_FLAG_GEN_ICV 0x0002
89 #define CTL_FLAG_GEN_REVAES 0x0004
90 #define CTL_FLAG_PERFORM_AEAD 0x0008
91 #define CTL_FLAG_MASK 0x000f
93 #define HMAC_IPAD_VALUE 0x36
94 #define HMAC_OPAD_VALUE 0x5C
95 #define HMAC_PAD_BLOCKLEN SHA1_BLOCK_SIZE
97 #define MD5_DIGEST_SIZE 16
110 struct buffer_desc
*next
;
111 enum dma_data_direction dir
;
116 u8 mode
; /* NPE_OP_* operation mode */
122 u8 mode
; /* NPE_OP_* operation mode */
124 u8 iv
[MAX_IVLEN
]; /* IV for CBC mode or CTR IV for CTR mode */
125 u32 icv_rev_aes
; /* icv or rev aes */
129 u16 auth_offs
; /* Authentication start offset */
130 u16 auth_len
; /* Authentication data length */
131 u16 crypt_offs
; /* Cryption start offset */
132 u16 crypt_len
; /* Cryption data length */
134 u16 auth_len
; /* Authentication data length */
135 u16 auth_offs
; /* Authentication start offset */
136 u16 crypt_len
; /* Cryption data length */
137 u16 crypt_offs
; /* Cryption start offset */
139 u32 aadAddr
; /* Additional Auth Data Addr for CCM mode */
140 u32 crypto_ctx
; /* NPE Crypto Param structure address */
142 /* Used by Host: 4*4 bytes*/
145 struct ablkcipher_request
*ablk_req
;
146 struct aead_request
*aead_req
;
147 struct crypto_tfm
*tfm
;
149 struct buffer_desc
*regist_buf
;
154 struct buffer_desc
*src
;
155 struct buffer_desc
*dst
;
159 struct buffer_desc
*buffer
;
160 struct scatterlist ivlist
;
161 /* used when the hmac is not on one sg entry */
166 struct ix_hash_algo
{
172 unsigned char *npe_ctx
;
173 dma_addr_t npe_ctx_phys
;
179 struct ix_sa_dir encrypt
;
180 struct ix_sa_dir decrypt
;
182 u8 authkey
[MAX_KEYLEN
];
184 u8 enckey
[MAX_KEYLEN
];
186 u8 nonce
[CTR_RFC3686_NONCE_SIZE
];
188 atomic_t configuring
;
189 struct completion completion
;
193 struct crypto_alg crypto
;
194 const struct ix_hash_algo
*hash
;
201 static const struct ix_hash_algo hash_alg_md5
= {
202 .cfgword
= 0xAA010004,
203 .icv
= "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
204 "\xFE\xDC\xBA\x98\x76\x54\x32\x10",
206 static const struct ix_hash_algo hash_alg_sha1
= {
207 .cfgword
= 0x00000005,
208 .icv
= "\x67\x45\x23\x01\xEF\xCD\xAB\x89\x98\xBA"
209 "\xDC\xFE\x10\x32\x54\x76\xC3\xD2\xE1\xF0",
212 static struct npe
*npe_c
;
213 static struct dma_pool
*buffer_pool
= NULL
;
214 static struct dma_pool
*ctx_pool
= NULL
;
216 static struct crypt_ctl
*crypt_virt
= NULL
;
217 static dma_addr_t crypt_phys
;
219 static int support_aes
= 1;
221 #define DRIVER_NAME "ixp4xx_crypto"
223 static struct platform_device
*pdev
;
225 static inline dma_addr_t
crypt_virt2phys(struct crypt_ctl
*virt
)
227 return crypt_phys
+ (virt
- crypt_virt
) * sizeof(struct crypt_ctl
);
230 static inline struct crypt_ctl
*crypt_phys2virt(dma_addr_t phys
)
232 return crypt_virt
+ (phys
- crypt_phys
) / sizeof(struct crypt_ctl
);
235 static inline u32
cipher_cfg_enc(struct crypto_tfm
*tfm
)
237 return container_of(tfm
->__crt_alg
, struct ixp_alg
,crypto
)->cfg_enc
;
240 static inline u32
cipher_cfg_dec(struct crypto_tfm
*tfm
)
242 return container_of(tfm
->__crt_alg
, struct ixp_alg
,crypto
)->cfg_dec
;
245 static inline const struct ix_hash_algo
*ix_hash(struct crypto_tfm
*tfm
)
247 return container_of(tfm
->__crt_alg
, struct ixp_alg
, crypto
)->hash
;
250 static int setup_crypt_desc(void)
252 struct device
*dev
= &pdev
->dev
;
253 BUILD_BUG_ON(sizeof(struct crypt_ctl
) != 64);
254 crypt_virt
= dma_alloc_coherent(dev
,
255 NPE_QLEN
* sizeof(struct crypt_ctl
),
256 &crypt_phys
, GFP_ATOMIC
);
259 memset(crypt_virt
, 0, NPE_QLEN
* sizeof(struct crypt_ctl
));
263 static spinlock_t desc_lock
;
264 static struct crypt_ctl
*get_crypt_desc(void)
270 spin_lock_irqsave(&desc_lock
, flags
);
272 if (unlikely(!crypt_virt
))
274 if (unlikely(!crypt_virt
)) {
275 spin_unlock_irqrestore(&desc_lock
, flags
);
279 if (crypt_virt
[i
].ctl_flags
== CTL_FLAG_UNUSED
) {
280 if (++idx
>= NPE_QLEN
)
282 crypt_virt
[i
].ctl_flags
= CTL_FLAG_USED
;
283 spin_unlock_irqrestore(&desc_lock
, flags
);
284 return crypt_virt
+i
;
286 spin_unlock_irqrestore(&desc_lock
, flags
);
291 static spinlock_t emerg_lock
;
292 static struct crypt_ctl
*get_crypt_desc_emerg(void)
295 static int idx
= NPE_QLEN
;
296 struct crypt_ctl
*desc
;
299 desc
= get_crypt_desc();
302 if (unlikely(!crypt_virt
))
305 spin_lock_irqsave(&emerg_lock
, flags
);
307 if (crypt_virt
[i
].ctl_flags
== CTL_FLAG_UNUSED
) {
308 if (++idx
>= NPE_QLEN_TOTAL
)
310 crypt_virt
[i
].ctl_flags
= CTL_FLAG_USED
;
311 spin_unlock_irqrestore(&emerg_lock
, flags
);
312 return crypt_virt
+i
;
314 spin_unlock_irqrestore(&emerg_lock
, flags
);
319 static void free_buf_chain(struct device
*dev
, struct buffer_desc
*buf
,u32 phys
)
322 struct buffer_desc
*buf1
;
326 phys1
= buf
->phys_next
;
327 dma_unmap_single(dev
, buf
->phys_next
, buf
->buf_len
, buf
->dir
);
328 dma_pool_free(buffer_pool
, buf
, phys
);
334 static struct tasklet_struct crypto_done_tasklet
;
336 static void finish_scattered_hmac(struct crypt_ctl
*crypt
)
338 struct aead_request
*req
= crypt
->data
.aead_req
;
339 struct aead_ctx
*req_ctx
= aead_request_ctx(req
);
340 struct crypto_aead
*tfm
= crypto_aead_reqtfm(req
);
341 int authsize
= crypto_aead_authsize(tfm
);
342 int decryptlen
= req
->cryptlen
- authsize
;
344 if (req_ctx
->encrypt
) {
345 scatterwalk_map_and_copy(req_ctx
->hmac_virt
,
346 req
->src
, decryptlen
, authsize
, 1);
348 dma_pool_free(buffer_pool
, req_ctx
->hmac_virt
, crypt
->icv_rev_aes
);
351 static void one_packet(dma_addr_t phys
)
353 struct device
*dev
= &pdev
->dev
;
354 struct crypt_ctl
*crypt
;
358 failed
= phys
& 0x1 ? -EBADMSG
: 0;
360 crypt
= crypt_phys2virt(phys
);
362 switch (crypt
->ctl_flags
& CTL_FLAG_MASK
) {
363 case CTL_FLAG_PERFORM_AEAD
: {
364 struct aead_request
*req
= crypt
->data
.aead_req
;
365 struct aead_ctx
*req_ctx
= aead_request_ctx(req
);
367 free_buf_chain(dev
, req_ctx
->buffer
, crypt
->src_buf
);
368 if (req_ctx
->hmac_virt
) {
369 finish_scattered_hmac(crypt
);
371 req
->base
.complete(&req
->base
, failed
);
374 case CTL_FLAG_PERFORM_ABLK
: {
375 struct ablkcipher_request
*req
= crypt
->data
.ablk_req
;
376 struct ablk_ctx
*req_ctx
= ablkcipher_request_ctx(req
);
379 free_buf_chain(dev
, req_ctx
->dst
, crypt
->dst_buf
);
381 free_buf_chain(dev
, req_ctx
->src
, crypt
->src_buf
);
382 req
->base
.complete(&req
->base
, failed
);
385 case CTL_FLAG_GEN_ICV
:
386 ctx
= crypto_tfm_ctx(crypt
->data
.tfm
);
387 dma_pool_free(ctx_pool
, crypt
->regist_ptr
,
388 crypt
->regist_buf
->phys_addr
);
389 dma_pool_free(buffer_pool
, crypt
->regist_buf
, crypt
->src_buf
);
390 if (atomic_dec_and_test(&ctx
->configuring
))
391 complete(&ctx
->completion
);
393 case CTL_FLAG_GEN_REVAES
:
394 ctx
= crypto_tfm_ctx(crypt
->data
.tfm
);
395 *(u32
*)ctx
->decrypt
.npe_ctx
&= cpu_to_be32(~CIPH_ENCR
);
396 if (atomic_dec_and_test(&ctx
->configuring
))
397 complete(&ctx
->completion
);
402 crypt
->ctl_flags
= CTL_FLAG_UNUSED
;
405 static void irqhandler(void *_unused
)
407 tasklet_schedule(&crypto_done_tasklet
);
410 static void crypto_done_action(unsigned long arg
)
415 dma_addr_t phys
= qmgr_get_entry(RECV_QID
);
420 tasklet_schedule(&crypto_done_tasklet
);
423 static int init_ixp_crypto(struct device
*dev
)
426 u32 msg
[2] = { 0, 0 };
428 if (! ( ~(*IXP4XX_EXP_CFG2
) & (IXP4XX_FEATURE_HASH
|
429 IXP4XX_FEATURE_AES
| IXP4XX_FEATURE_DES
))) {
430 printk(KERN_ERR
"ixp_crypto: No HW crypto available\n");
433 npe_c
= npe_request(NPE_ID
);
437 if (!npe_running(npe_c
)) {
438 ret
= npe_load_firmware(npe_c
, npe_name(npe_c
), dev
);
442 if (npe_recv_message(npe_c
, msg
, "STATUS_MSG"))
445 if (npe_send_message(npe_c
, msg
, "STATUS_MSG"))
448 if (npe_recv_message(npe_c
, msg
, "STATUS_MSG"))
452 switch ((msg
[1]>>16) & 0xff) {
454 printk(KERN_WARNING
"Firmware of %s lacks AES support\n",
463 printk(KERN_ERR
"Firmware of %s lacks crypto support\n",
467 /* buffer_pool will also be used to sometimes store the hmac,
468 * so assure it is large enough
470 BUILD_BUG_ON(SHA1_DIGEST_SIZE
> sizeof(struct buffer_desc
));
471 buffer_pool
= dma_pool_create("buffer", dev
,
472 sizeof(struct buffer_desc
), 32, 0);
477 ctx_pool
= dma_pool_create("context", dev
,
482 ret
= qmgr_request_queue(SEND_QID
, NPE_QLEN_TOTAL
, 0, 0,
483 "ixp_crypto:out", NULL
);
486 ret
= qmgr_request_queue(RECV_QID
, NPE_QLEN
, 0, 0,
487 "ixp_crypto:in", NULL
);
489 qmgr_release_queue(SEND_QID
);
492 qmgr_set_irq(RECV_QID
, QUEUE_IRQ_SRC_NOT_EMPTY
, irqhandler
, NULL
);
493 tasklet_init(&crypto_done_tasklet
, crypto_done_action
, 0);
495 qmgr_enable_irq(RECV_QID
);
499 printk(KERN_ERR
"%s not responding\n", npe_name(npe_c
));
503 dma_pool_destroy(ctx_pool
);
505 dma_pool_destroy(buffer_pool
);
510 static void release_ixp_crypto(struct device
*dev
)
512 qmgr_disable_irq(RECV_QID
);
513 tasklet_kill(&crypto_done_tasklet
);
515 qmgr_release_queue(SEND_QID
);
516 qmgr_release_queue(RECV_QID
);
518 dma_pool_destroy(ctx_pool
);
519 dma_pool_destroy(buffer_pool
);
524 dma_free_coherent(dev
,
525 NPE_QLEN_TOTAL
* sizeof( struct crypt_ctl
),
526 crypt_virt
, crypt_phys
);
531 static void reset_sa_dir(struct ix_sa_dir
*dir
)
533 memset(dir
->npe_ctx
, 0, NPE_CTX_LEN
);
534 dir
->npe_ctx_idx
= 0;
538 static int init_sa_dir(struct ix_sa_dir
*dir
)
540 dir
->npe_ctx
= dma_pool_alloc(ctx_pool
, GFP_KERNEL
, &dir
->npe_ctx_phys
);
548 static void free_sa_dir(struct ix_sa_dir
*dir
)
550 memset(dir
->npe_ctx
, 0, NPE_CTX_LEN
);
551 dma_pool_free(ctx_pool
, dir
->npe_ctx
, dir
->npe_ctx_phys
);
554 static int init_tfm(struct crypto_tfm
*tfm
)
556 struct ixp_ctx
*ctx
= crypto_tfm_ctx(tfm
);
559 atomic_set(&ctx
->configuring
, 0);
560 ret
= init_sa_dir(&ctx
->encrypt
);
563 ret
= init_sa_dir(&ctx
->decrypt
);
565 free_sa_dir(&ctx
->encrypt
);
570 static int init_tfm_ablk(struct crypto_tfm
*tfm
)
572 tfm
->crt_ablkcipher
.reqsize
= sizeof(struct ablk_ctx
);
573 return init_tfm(tfm
);
576 static int init_tfm_aead(struct crypto_tfm
*tfm
)
578 crypto_aead_set_reqsize(__crypto_aead_cast(tfm
),
579 sizeof(struct aead_ctx
));
580 return init_tfm(tfm
);
583 static void exit_tfm(struct crypto_tfm
*tfm
)
585 struct ixp_ctx
*ctx
= crypto_tfm_ctx(tfm
);
586 free_sa_dir(&ctx
->encrypt
);
587 free_sa_dir(&ctx
->decrypt
);
590 static int register_chain_var(struct crypto_tfm
*tfm
, u8 xpad
, u32 target
,
591 int init_len
, u32 ctx_addr
, const u8
*key
, int key_len
)
593 struct ixp_ctx
*ctx
= crypto_tfm_ctx(tfm
);
594 struct crypt_ctl
*crypt
;
595 struct buffer_desc
*buf
;
598 u32 pad_phys
, buf_phys
;
600 BUILD_BUG_ON(NPE_CTX_LEN
< HMAC_PAD_BLOCKLEN
);
601 pad
= dma_pool_alloc(ctx_pool
, GFP_KERNEL
, &pad_phys
);
604 buf
= dma_pool_alloc(buffer_pool
, GFP_KERNEL
, &buf_phys
);
606 dma_pool_free(ctx_pool
, pad
, pad_phys
);
609 crypt
= get_crypt_desc_emerg();
611 dma_pool_free(ctx_pool
, pad
, pad_phys
);
612 dma_pool_free(buffer_pool
, buf
, buf_phys
);
616 memcpy(pad
, key
, key_len
);
617 memset(pad
+ key_len
, 0, HMAC_PAD_BLOCKLEN
- key_len
);
618 for (i
= 0; i
< HMAC_PAD_BLOCKLEN
; i
++) {
622 crypt
->data
.tfm
= tfm
;
623 crypt
->regist_ptr
= pad
;
624 crypt
->regist_buf
= buf
;
626 crypt
->auth_offs
= 0;
627 crypt
->auth_len
= HMAC_PAD_BLOCKLEN
;
628 crypt
->crypto_ctx
= ctx_addr
;
629 crypt
->src_buf
= buf_phys
;
630 crypt
->icv_rev_aes
= target
;
631 crypt
->mode
= NPE_OP_HASH_GEN_ICV
;
632 crypt
->init_len
= init_len
;
633 crypt
->ctl_flags
|= CTL_FLAG_GEN_ICV
;
636 buf
->buf_len
= HMAC_PAD_BLOCKLEN
;
638 buf
->phys_addr
= pad_phys
;
640 atomic_inc(&ctx
->configuring
);
641 qmgr_put_entry(SEND_QID
, crypt_virt2phys(crypt
));
642 BUG_ON(qmgr_stat_overflow(SEND_QID
));
646 static int setup_auth(struct crypto_tfm
*tfm
, int encrypt
, unsigned authsize
,
647 const u8
*key
, int key_len
, unsigned digest_len
)
649 u32 itarget
, otarget
, npe_ctx_addr
;
650 unsigned char *cinfo
;
651 int init_len
, ret
= 0;
653 struct ix_sa_dir
*dir
;
654 struct ixp_ctx
*ctx
= crypto_tfm_ctx(tfm
);
655 const struct ix_hash_algo
*algo
;
657 dir
= encrypt
? &ctx
->encrypt
: &ctx
->decrypt
;
658 cinfo
= dir
->npe_ctx
+ dir
->npe_ctx_idx
;
661 /* write cfg word to cryptinfo */
662 cfgword
= algo
->cfgword
| ( authsize
<< 6); /* (authsize/4) << 8 */
664 cfgword
^= 0xAA000000; /* change the "byte swap" flags */
666 *(u32
*)cinfo
= cpu_to_be32(cfgword
);
667 cinfo
+= sizeof(cfgword
);
669 /* write ICV to cryptinfo */
670 memcpy(cinfo
, algo
->icv
, digest_len
);
673 itarget
= dir
->npe_ctx_phys
+ dir
->npe_ctx_idx
674 + sizeof(algo
->cfgword
);
675 otarget
= itarget
+ digest_len
;
676 init_len
= cinfo
- (dir
->npe_ctx
+ dir
->npe_ctx_idx
);
677 npe_ctx_addr
= dir
->npe_ctx_phys
+ dir
->npe_ctx_idx
;
679 dir
->npe_ctx_idx
+= init_len
;
680 dir
->npe_mode
|= NPE_OP_HASH_ENABLE
;
683 dir
->npe_mode
|= NPE_OP_HASH_VERIFY
;
685 ret
= register_chain_var(tfm
, HMAC_OPAD_VALUE
, otarget
,
686 init_len
, npe_ctx_addr
, key
, key_len
);
689 return register_chain_var(tfm
, HMAC_IPAD_VALUE
, itarget
,
690 init_len
, npe_ctx_addr
, key
, key_len
);
693 static int gen_rev_aes_key(struct crypto_tfm
*tfm
)
695 struct crypt_ctl
*crypt
;
696 struct ixp_ctx
*ctx
= crypto_tfm_ctx(tfm
);
697 struct ix_sa_dir
*dir
= &ctx
->decrypt
;
699 crypt
= get_crypt_desc_emerg();
703 *(u32
*)dir
->npe_ctx
|= cpu_to_be32(CIPH_ENCR
);
705 crypt
->data
.tfm
= tfm
;
706 crypt
->crypt_offs
= 0;
707 crypt
->crypt_len
= AES_BLOCK128
;
709 crypt
->crypto_ctx
= dir
->npe_ctx_phys
;
710 crypt
->icv_rev_aes
= dir
->npe_ctx_phys
+ sizeof(u32
);
711 crypt
->mode
= NPE_OP_ENC_GEN_KEY
;
712 crypt
->init_len
= dir
->npe_ctx_idx
;
713 crypt
->ctl_flags
|= CTL_FLAG_GEN_REVAES
;
715 atomic_inc(&ctx
->configuring
);
716 qmgr_put_entry(SEND_QID
, crypt_virt2phys(crypt
));
717 BUG_ON(qmgr_stat_overflow(SEND_QID
));
721 static int setup_cipher(struct crypto_tfm
*tfm
, int encrypt
,
722 const u8
*key
, int key_len
)
727 struct ix_sa_dir
*dir
;
728 struct ixp_ctx
*ctx
= crypto_tfm_ctx(tfm
);
729 u32
*flags
= &tfm
->crt_flags
;
731 dir
= encrypt
? &ctx
->encrypt
: &ctx
->decrypt
;
732 cinfo
= dir
->npe_ctx
;
735 cipher_cfg
= cipher_cfg_enc(tfm
);
736 dir
->npe_mode
|= NPE_OP_CRYPT_ENCRYPT
;
738 cipher_cfg
= cipher_cfg_dec(tfm
);
740 if (cipher_cfg
& MOD_AES
) {
742 case 16: keylen_cfg
= MOD_AES128
; break;
743 case 24: keylen_cfg
= MOD_AES192
; break;
744 case 32: keylen_cfg
= MOD_AES256
; break;
746 *flags
|= CRYPTO_TFM_RES_BAD_KEY_LEN
;
749 cipher_cfg
|= keylen_cfg
;
750 } else if (cipher_cfg
& MOD_3DES
) {
751 const u32
*K
= (const u32
*)key
;
752 if (unlikely(!((K
[0] ^ K
[2]) | (K
[1] ^ K
[3])) ||
753 !((K
[2] ^ K
[4]) | (K
[3] ^ K
[5]))))
755 *flags
|= CRYPTO_TFM_RES_BAD_KEY_SCHED
;
759 u32 tmp
[DES_EXPKEY_WORDS
];
760 if (des_ekey(tmp
, key
) == 0) {
761 *flags
|= CRYPTO_TFM_RES_WEAK_KEY
;
764 /* write cfg word to cryptinfo */
765 *(u32
*)cinfo
= cpu_to_be32(cipher_cfg
);
766 cinfo
+= sizeof(cipher_cfg
);
768 /* write cipher key to cryptinfo */
769 memcpy(cinfo
, key
, key_len
);
770 /* NPE wants keylen set to DES3_EDE_KEY_SIZE even for single DES */
771 if (key_len
< DES3_EDE_KEY_SIZE
&& !(cipher_cfg
& MOD_AES
)) {
772 memset(cinfo
+ key_len
, 0, DES3_EDE_KEY_SIZE
-key_len
);
773 key_len
= DES3_EDE_KEY_SIZE
;
775 dir
->npe_ctx_idx
= sizeof(cipher_cfg
) + key_len
;
776 dir
->npe_mode
|= NPE_OP_CRYPT_ENABLE
;
777 if ((cipher_cfg
& MOD_AES
) && !encrypt
) {
778 return gen_rev_aes_key(tfm
);
783 static struct buffer_desc
*chainup_buffers(struct device
*dev
,
784 struct scatterlist
*sg
, unsigned nbytes
,
785 struct buffer_desc
*buf
, gfp_t flags
,
786 enum dma_data_direction dir
)
788 for (; nbytes
> 0; sg
= sg_next(sg
)) {
789 unsigned len
= min(nbytes
, sg
->length
);
790 struct buffer_desc
*next_buf
;
795 ptr
= page_address(sg_page(sg
)) + sg
->offset
;
796 next_buf
= dma_pool_alloc(buffer_pool
, flags
, &next_buf_phys
);
801 sg_dma_address(sg
) = dma_map_single(dev
, ptr
, len
, dir
);
802 buf
->next
= next_buf
;
803 buf
->phys_next
= next_buf_phys
;
806 buf
->phys_addr
= sg_dma_address(sg
);
815 static int ablk_setkey(struct crypto_ablkcipher
*tfm
, const u8
*key
,
816 unsigned int key_len
)
818 struct ixp_ctx
*ctx
= crypto_ablkcipher_ctx(tfm
);
819 u32
*flags
= &tfm
->base
.crt_flags
;
822 init_completion(&ctx
->completion
);
823 atomic_inc(&ctx
->configuring
);
825 reset_sa_dir(&ctx
->encrypt
);
826 reset_sa_dir(&ctx
->decrypt
);
828 ctx
->encrypt
.npe_mode
= NPE_OP_HMAC_DISABLE
;
829 ctx
->decrypt
.npe_mode
= NPE_OP_HMAC_DISABLE
;
831 ret
= setup_cipher(&tfm
->base
, 0, key
, key_len
);
834 ret
= setup_cipher(&tfm
->base
, 1, key
, key_len
);
838 if (*flags
& CRYPTO_TFM_RES_WEAK_KEY
) {
839 if (*flags
& CRYPTO_TFM_REQ_WEAK_KEY
) {
842 *flags
&= ~CRYPTO_TFM_RES_WEAK_KEY
;
846 if (!atomic_dec_and_test(&ctx
->configuring
))
847 wait_for_completion(&ctx
->completion
);
851 static int ablk_rfc3686_setkey(struct crypto_ablkcipher
*tfm
, const u8
*key
,
852 unsigned int key_len
)
854 struct ixp_ctx
*ctx
= crypto_ablkcipher_ctx(tfm
);
856 /* the nonce is stored in bytes at end of key */
857 if (key_len
< CTR_RFC3686_NONCE_SIZE
)
860 memcpy(ctx
->nonce
, key
+ (key_len
- CTR_RFC3686_NONCE_SIZE
),
861 CTR_RFC3686_NONCE_SIZE
);
863 key_len
-= CTR_RFC3686_NONCE_SIZE
;
864 return ablk_setkey(tfm
, key
, key_len
);
867 static int ablk_perform(struct ablkcipher_request
*req
, int encrypt
)
869 struct crypto_ablkcipher
*tfm
= crypto_ablkcipher_reqtfm(req
);
870 struct ixp_ctx
*ctx
= crypto_ablkcipher_ctx(tfm
);
871 unsigned ivsize
= crypto_ablkcipher_ivsize(tfm
);
872 struct ix_sa_dir
*dir
;
873 struct crypt_ctl
*crypt
;
874 unsigned int nbytes
= req
->nbytes
;
875 enum dma_data_direction src_direction
= DMA_BIDIRECTIONAL
;
876 struct ablk_ctx
*req_ctx
= ablkcipher_request_ctx(req
);
877 struct buffer_desc src_hook
;
878 struct device
*dev
= &pdev
->dev
;
879 gfp_t flags
= req
->base
.flags
& CRYPTO_TFM_REQ_MAY_SLEEP
?
880 GFP_KERNEL
: GFP_ATOMIC
;
882 if (qmgr_stat_full(SEND_QID
))
884 if (atomic_read(&ctx
->configuring
))
887 dir
= encrypt
? &ctx
->encrypt
: &ctx
->decrypt
;
889 crypt
= get_crypt_desc();
893 crypt
->data
.ablk_req
= req
;
894 crypt
->crypto_ctx
= dir
->npe_ctx_phys
;
895 crypt
->mode
= dir
->npe_mode
;
896 crypt
->init_len
= dir
->npe_ctx_idx
;
898 crypt
->crypt_offs
= 0;
899 crypt
->crypt_len
= nbytes
;
901 BUG_ON(ivsize
&& !req
->info
);
902 memcpy(crypt
->iv
, req
->info
, ivsize
);
903 if (req
->src
!= req
->dst
) {
904 struct buffer_desc dst_hook
;
905 crypt
->mode
|= NPE_OP_NOT_IN_PLACE
;
906 /* This was never tested by Intel
907 * for more than one dst buffer, I think. */
909 if (!chainup_buffers(dev
, req
->dst
, nbytes
, &dst_hook
,
910 flags
, DMA_FROM_DEVICE
))
912 src_direction
= DMA_TO_DEVICE
;
913 req_ctx
->dst
= dst_hook
.next
;
914 crypt
->dst_buf
= dst_hook
.phys_next
;
919 if (!chainup_buffers(dev
, req
->src
, nbytes
, &src_hook
,
920 flags
, src_direction
))
923 req_ctx
->src
= src_hook
.next
;
924 crypt
->src_buf
= src_hook
.phys_next
;
925 crypt
->ctl_flags
|= CTL_FLAG_PERFORM_ABLK
;
926 qmgr_put_entry(SEND_QID
, crypt_virt2phys(crypt
));
927 BUG_ON(qmgr_stat_overflow(SEND_QID
));
931 free_buf_chain(dev
, req_ctx
->src
, crypt
->src_buf
);
933 if (req
->src
!= req
->dst
) {
934 free_buf_chain(dev
, req_ctx
->dst
, crypt
->dst_buf
);
936 crypt
->ctl_flags
= CTL_FLAG_UNUSED
;
940 static int ablk_encrypt(struct ablkcipher_request
*req
)
942 return ablk_perform(req
, 1);
945 static int ablk_decrypt(struct ablkcipher_request
*req
)
947 return ablk_perform(req
, 0);
950 static int ablk_rfc3686_crypt(struct ablkcipher_request
*req
)
952 struct crypto_ablkcipher
*tfm
= crypto_ablkcipher_reqtfm(req
);
953 struct ixp_ctx
*ctx
= crypto_ablkcipher_ctx(tfm
);
954 u8 iv
[CTR_RFC3686_BLOCK_SIZE
];
955 u8
*info
= req
->info
;
958 /* set up counter block */
959 memcpy(iv
, ctx
->nonce
, CTR_RFC3686_NONCE_SIZE
);
960 memcpy(iv
+ CTR_RFC3686_NONCE_SIZE
, info
, CTR_RFC3686_IV_SIZE
);
962 /* initialize counter portion of counter block */
963 *(__be32
*)(iv
+ CTR_RFC3686_NONCE_SIZE
+ CTR_RFC3686_IV_SIZE
) =
967 ret
= ablk_perform(req
, 1);
972 static int hmac_inconsistent(struct scatterlist
*sg
, unsigned start
,
981 if (start
< offset
+ sg
->length
)
984 offset
+= sg
->length
;
987 return (start
+ nbytes
> offset
+ sg
->length
);
990 static int aead_perform(struct aead_request
*req
, int encrypt
,
991 int cryptoffset
, int eff_cryptlen
, u8
*iv
)
993 struct crypto_aead
*tfm
= crypto_aead_reqtfm(req
);
994 struct ixp_ctx
*ctx
= crypto_aead_ctx(tfm
);
995 unsigned ivsize
= crypto_aead_ivsize(tfm
);
996 unsigned authsize
= crypto_aead_authsize(tfm
);
997 struct ix_sa_dir
*dir
;
998 struct crypt_ctl
*crypt
;
999 unsigned int cryptlen
;
1000 struct buffer_desc
*buf
, src_hook
;
1001 struct aead_ctx
*req_ctx
= aead_request_ctx(req
);
1002 struct device
*dev
= &pdev
->dev
;
1003 gfp_t flags
= req
->base
.flags
& CRYPTO_TFM_REQ_MAY_SLEEP
?
1004 GFP_KERNEL
: GFP_ATOMIC
;
1006 if (qmgr_stat_full(SEND_QID
))
1008 if (atomic_read(&ctx
->configuring
))
1012 dir
= &ctx
->encrypt
;
1013 cryptlen
= req
->cryptlen
;
1015 dir
= &ctx
->decrypt
;
1016 /* req->cryptlen includes the authsize when decrypting */
1017 cryptlen
= req
->cryptlen
-authsize
;
1018 eff_cryptlen
-= authsize
;
1020 crypt
= get_crypt_desc();
1024 crypt
->data
.aead_req
= req
;
1025 crypt
->crypto_ctx
= dir
->npe_ctx_phys
;
1026 crypt
->mode
= dir
->npe_mode
;
1027 crypt
->init_len
= dir
->npe_ctx_idx
;
1029 crypt
->crypt_offs
= cryptoffset
;
1030 crypt
->crypt_len
= eff_cryptlen
;
1032 crypt
->auth_offs
= 0;
1033 crypt
->auth_len
= req
->assoclen
+ ivsize
+ cryptlen
;
1034 BUG_ON(ivsize
&& !req
->iv
);
1035 memcpy(crypt
->iv
, req
->iv
, ivsize
);
1037 if (req
->src
!= req
->dst
) {
1038 BUG(); /* -ENOTSUP because of my laziness */
1042 buf
= chainup_buffers(dev
, req
->assoc
, req
->assoclen
, &src_hook
,
1043 flags
, DMA_TO_DEVICE
);
1044 req_ctx
->buffer
= src_hook
.next
;
1045 crypt
->src_buf
= src_hook
.phys_next
;
1049 sg_init_table(&req_ctx
->ivlist
, 1);
1050 sg_set_buf(&req_ctx
->ivlist
, iv
, ivsize
);
1051 buf
= chainup_buffers(dev
, &req_ctx
->ivlist
, ivsize
, buf
, flags
,
1055 if (unlikely(hmac_inconsistent(req
->src
, cryptlen
, authsize
))) {
1056 /* The 12 hmac bytes are scattered,
1057 * we need to copy them into a safe buffer */
1058 req_ctx
->hmac_virt
= dma_pool_alloc(buffer_pool
, flags
,
1059 &crypt
->icv_rev_aes
);
1060 if (unlikely(!req_ctx
->hmac_virt
))
1063 scatterwalk_map_and_copy(req_ctx
->hmac_virt
,
1064 req
->src
, cryptlen
, authsize
, 0);
1066 req_ctx
->encrypt
= encrypt
;
1068 req_ctx
->hmac_virt
= NULL
;
1071 buf
= chainup_buffers(dev
, req
->src
, cryptlen
+ authsize
, buf
, flags
,
1074 goto free_hmac_virt
;
1075 if (!req_ctx
->hmac_virt
) {
1076 crypt
->icv_rev_aes
= buf
->phys_addr
+ buf
->buf_len
- authsize
;
1079 crypt
->ctl_flags
|= CTL_FLAG_PERFORM_AEAD
;
1080 qmgr_put_entry(SEND_QID
, crypt_virt2phys(crypt
));
1081 BUG_ON(qmgr_stat_overflow(SEND_QID
));
1082 return -EINPROGRESS
;
1084 if (req_ctx
->hmac_virt
) {
1085 dma_pool_free(buffer_pool
, req_ctx
->hmac_virt
,
1086 crypt
->icv_rev_aes
);
1089 free_buf_chain(dev
, req_ctx
->buffer
, crypt
->src_buf
);
1091 crypt
->ctl_flags
= CTL_FLAG_UNUSED
;
1095 static int aead_setup(struct crypto_aead
*tfm
, unsigned int authsize
)
1097 struct ixp_ctx
*ctx
= crypto_aead_ctx(tfm
);
1098 u32
*flags
= &tfm
->base
.crt_flags
;
1099 unsigned digest_len
= crypto_aead_maxauthsize(tfm
);
1102 if (!ctx
->enckey_len
&& !ctx
->authkey_len
)
1104 init_completion(&ctx
->completion
);
1105 atomic_inc(&ctx
->configuring
);
1107 reset_sa_dir(&ctx
->encrypt
);
1108 reset_sa_dir(&ctx
->decrypt
);
1110 ret
= setup_cipher(&tfm
->base
, 0, ctx
->enckey
, ctx
->enckey_len
);
1113 ret
= setup_cipher(&tfm
->base
, 1, ctx
->enckey
, ctx
->enckey_len
);
1116 ret
= setup_auth(&tfm
->base
, 0, authsize
, ctx
->authkey
,
1117 ctx
->authkey_len
, digest_len
);
1120 ret
= setup_auth(&tfm
->base
, 1, authsize
, ctx
->authkey
,
1121 ctx
->authkey_len
, digest_len
);
1125 if (*flags
& CRYPTO_TFM_RES_WEAK_KEY
) {
1126 if (*flags
& CRYPTO_TFM_REQ_WEAK_KEY
) {
1130 *flags
&= ~CRYPTO_TFM_RES_WEAK_KEY
;
1134 if (!atomic_dec_and_test(&ctx
->configuring
))
1135 wait_for_completion(&ctx
->completion
);
1139 static int aead_setauthsize(struct crypto_aead
*tfm
, unsigned int authsize
)
1141 int max
= crypto_aead_maxauthsize(tfm
) >> 2;
1143 if ((authsize
>>2) < 1 || (authsize
>>2) > max
|| (authsize
& 3))
1145 return aead_setup(tfm
, authsize
);
1148 static int aead_setkey(struct crypto_aead
*tfm
, const u8
*key
,
1149 unsigned int keylen
)
1151 struct ixp_ctx
*ctx
= crypto_aead_ctx(tfm
);
1152 struct crypto_authenc_keys keys
;
1154 if (crypto_authenc_extractkeys(&keys
, key
, keylen
) != 0)
1157 if (keys
.authkeylen
> sizeof(ctx
->authkey
))
1160 if (keys
.enckeylen
> sizeof(ctx
->enckey
))
1163 memcpy(ctx
->authkey
, keys
.authkey
, keys
.authkeylen
);
1164 memcpy(ctx
->enckey
, keys
.enckey
, keys
.enckeylen
);
1165 ctx
->authkey_len
= keys
.authkeylen
;
1166 ctx
->enckey_len
= keys
.enckeylen
;
1168 return aead_setup(tfm
, crypto_aead_authsize(tfm
));
1170 crypto_aead_set_flags(tfm
, CRYPTO_TFM_RES_BAD_KEY_LEN
);
1174 static int aead_encrypt(struct aead_request
*req
)
1176 unsigned ivsize
= crypto_aead_ivsize(crypto_aead_reqtfm(req
));
1177 return aead_perform(req
, 1, req
->assoclen
+ ivsize
,
1178 req
->cryptlen
, req
->iv
);
1181 static int aead_decrypt(struct aead_request
*req
)
1183 unsigned ivsize
= crypto_aead_ivsize(crypto_aead_reqtfm(req
));
1184 return aead_perform(req
, 0, req
->assoclen
+ ivsize
,
1185 req
->cryptlen
, req
->iv
);
1188 static int aead_givencrypt(struct aead_givcrypt_request
*req
)
1190 struct crypto_aead
*tfm
= aead_givcrypt_reqtfm(req
);
1191 struct ixp_ctx
*ctx
= crypto_aead_ctx(tfm
);
1192 unsigned len
, ivsize
= crypto_aead_ivsize(tfm
);
1195 /* copied from eseqiv.c */
1197 get_random_bytes(ctx
->salt
, ivsize
);
1200 memcpy(req
->areq
.iv
, ctx
->salt
, ivsize
);
1202 if (ivsize
> sizeof(u64
)) {
1203 memset(req
->giv
, 0, ivsize
- sizeof(u64
));
1206 seq
= cpu_to_be64(req
->seq
);
1207 memcpy(req
->giv
+ ivsize
- len
, &seq
, len
);
1208 return aead_perform(&req
->areq
, 1, req
->areq
.assoclen
,
1209 req
->areq
.cryptlen
+ivsize
, req
->giv
);
1212 static struct ixp_alg ixp4xx_algos
[] = {
1215 .cra_name
= "cbc(des)",
1216 .cra_blocksize
= DES_BLOCK_SIZE
,
1217 .cra_u
= { .ablkcipher
= {
1218 .min_keysize
= DES_KEY_SIZE
,
1219 .max_keysize
= DES_KEY_SIZE
,
1220 .ivsize
= DES_BLOCK_SIZE
,
1225 .cfg_enc
= CIPH_ENCR
| MOD_DES
| MOD_CBC_ENC
| KEYLEN_192
,
1226 .cfg_dec
= CIPH_DECR
| MOD_DES
| MOD_CBC_DEC
| KEYLEN_192
,
1230 .cra_name
= "ecb(des)",
1231 .cra_blocksize
= DES_BLOCK_SIZE
,
1232 .cra_u
= { .ablkcipher
= {
1233 .min_keysize
= DES_KEY_SIZE
,
1234 .max_keysize
= DES_KEY_SIZE
,
1238 .cfg_enc
= CIPH_ENCR
| MOD_DES
| MOD_ECB
| KEYLEN_192
,
1239 .cfg_dec
= CIPH_DECR
| MOD_DES
| MOD_ECB
| KEYLEN_192
,
1242 .cra_name
= "cbc(des3_ede)",
1243 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1244 .cra_u
= { .ablkcipher
= {
1245 .min_keysize
= DES3_EDE_KEY_SIZE
,
1246 .max_keysize
= DES3_EDE_KEY_SIZE
,
1247 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1252 .cfg_enc
= CIPH_ENCR
| MOD_3DES
| MOD_CBC_ENC
| KEYLEN_192
,
1253 .cfg_dec
= CIPH_DECR
| MOD_3DES
| MOD_CBC_DEC
| KEYLEN_192
,
1256 .cra_name
= "ecb(des3_ede)",
1257 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1258 .cra_u
= { .ablkcipher
= {
1259 .min_keysize
= DES3_EDE_KEY_SIZE
,
1260 .max_keysize
= DES3_EDE_KEY_SIZE
,
1264 .cfg_enc
= CIPH_ENCR
| MOD_3DES
| MOD_ECB
| KEYLEN_192
,
1265 .cfg_dec
= CIPH_DECR
| MOD_3DES
| MOD_ECB
| KEYLEN_192
,
1268 .cra_name
= "cbc(aes)",
1269 .cra_blocksize
= AES_BLOCK_SIZE
,
1270 .cra_u
= { .ablkcipher
= {
1271 .min_keysize
= AES_MIN_KEY_SIZE
,
1272 .max_keysize
= AES_MAX_KEY_SIZE
,
1273 .ivsize
= AES_BLOCK_SIZE
,
1278 .cfg_enc
= CIPH_ENCR
| MOD_AES
| MOD_CBC_ENC
,
1279 .cfg_dec
= CIPH_DECR
| MOD_AES
| MOD_CBC_DEC
,
1282 .cra_name
= "ecb(aes)",
1283 .cra_blocksize
= AES_BLOCK_SIZE
,
1284 .cra_u
= { .ablkcipher
= {
1285 .min_keysize
= AES_MIN_KEY_SIZE
,
1286 .max_keysize
= AES_MAX_KEY_SIZE
,
1290 .cfg_enc
= CIPH_ENCR
| MOD_AES
| MOD_ECB
,
1291 .cfg_dec
= CIPH_DECR
| MOD_AES
| MOD_ECB
,
1294 .cra_name
= "ctr(aes)",
1295 .cra_blocksize
= AES_BLOCK_SIZE
,
1296 .cra_u
= { .ablkcipher
= {
1297 .min_keysize
= AES_MIN_KEY_SIZE
,
1298 .max_keysize
= AES_MAX_KEY_SIZE
,
1299 .ivsize
= AES_BLOCK_SIZE
,
1304 .cfg_enc
= CIPH_ENCR
| MOD_AES
| MOD_CTR
,
1305 .cfg_dec
= CIPH_ENCR
| MOD_AES
| MOD_CTR
,
1308 .cra_name
= "rfc3686(ctr(aes))",
1309 .cra_blocksize
= AES_BLOCK_SIZE
,
1310 .cra_u
= { .ablkcipher
= {
1311 .min_keysize
= AES_MIN_KEY_SIZE
,
1312 .max_keysize
= AES_MAX_KEY_SIZE
,
1313 .ivsize
= AES_BLOCK_SIZE
,
1315 .setkey
= ablk_rfc3686_setkey
,
1316 .encrypt
= ablk_rfc3686_crypt
,
1317 .decrypt
= ablk_rfc3686_crypt
}
1320 .cfg_enc
= CIPH_ENCR
| MOD_AES
| MOD_CTR
,
1321 .cfg_dec
= CIPH_ENCR
| MOD_AES
| MOD_CTR
,
1324 .cra_name
= "authenc(hmac(md5),cbc(des))",
1325 .cra_blocksize
= DES_BLOCK_SIZE
,
1326 .cra_u
= { .aead
= {
1327 .ivsize
= DES_BLOCK_SIZE
,
1328 .maxauthsize
= MD5_DIGEST_SIZE
,
1332 .hash
= &hash_alg_md5
,
1333 .cfg_enc
= CIPH_ENCR
| MOD_DES
| MOD_CBC_ENC
| KEYLEN_192
,
1334 .cfg_dec
= CIPH_DECR
| MOD_DES
| MOD_CBC_DEC
| KEYLEN_192
,
1337 .cra_name
= "authenc(hmac(md5),cbc(des3_ede))",
1338 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1339 .cra_u
= { .aead
= {
1340 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1341 .maxauthsize
= MD5_DIGEST_SIZE
,
1345 .hash
= &hash_alg_md5
,
1346 .cfg_enc
= CIPH_ENCR
| MOD_3DES
| MOD_CBC_ENC
| KEYLEN_192
,
1347 .cfg_dec
= CIPH_DECR
| MOD_3DES
| MOD_CBC_DEC
| KEYLEN_192
,
1350 .cra_name
= "authenc(hmac(sha1),cbc(des))",
1351 .cra_blocksize
= DES_BLOCK_SIZE
,
1352 .cra_u
= { .aead
= {
1353 .ivsize
= DES_BLOCK_SIZE
,
1354 .maxauthsize
= SHA1_DIGEST_SIZE
,
1358 .hash
= &hash_alg_sha1
,
1359 .cfg_enc
= CIPH_ENCR
| MOD_DES
| MOD_CBC_ENC
| KEYLEN_192
,
1360 .cfg_dec
= CIPH_DECR
| MOD_DES
| MOD_CBC_DEC
| KEYLEN_192
,
1363 .cra_name
= "authenc(hmac(sha1),cbc(des3_ede))",
1364 .cra_blocksize
= DES3_EDE_BLOCK_SIZE
,
1365 .cra_u
= { .aead
= {
1366 .ivsize
= DES3_EDE_BLOCK_SIZE
,
1367 .maxauthsize
= SHA1_DIGEST_SIZE
,
1371 .hash
= &hash_alg_sha1
,
1372 .cfg_enc
= CIPH_ENCR
| MOD_3DES
| MOD_CBC_ENC
| KEYLEN_192
,
1373 .cfg_dec
= CIPH_DECR
| MOD_3DES
| MOD_CBC_DEC
| KEYLEN_192
,
1376 .cra_name
= "authenc(hmac(md5),cbc(aes))",
1377 .cra_blocksize
= AES_BLOCK_SIZE
,
1378 .cra_u
= { .aead
= {
1379 .ivsize
= AES_BLOCK_SIZE
,
1380 .maxauthsize
= MD5_DIGEST_SIZE
,
1384 .hash
= &hash_alg_md5
,
1385 .cfg_enc
= CIPH_ENCR
| MOD_AES
| MOD_CBC_ENC
,
1386 .cfg_dec
= CIPH_DECR
| MOD_AES
| MOD_CBC_DEC
,
1389 .cra_name
= "authenc(hmac(sha1),cbc(aes))",
1390 .cra_blocksize
= AES_BLOCK_SIZE
,
1391 .cra_u
= { .aead
= {
1392 .ivsize
= AES_BLOCK_SIZE
,
1393 .maxauthsize
= SHA1_DIGEST_SIZE
,
1397 .hash
= &hash_alg_sha1
,
1398 .cfg_enc
= CIPH_ENCR
| MOD_AES
| MOD_CBC_ENC
,
1399 .cfg_dec
= CIPH_DECR
| MOD_AES
| MOD_CBC_DEC
,
1402 #define IXP_POSTFIX "-ixp4xx"
1404 static const struct platform_device_info ixp_dev_info __initdata
= {
1405 .name
= DRIVER_NAME
,
1407 .dma_mask
= DMA_BIT_MASK(32),
1410 static int __init
ixp_module_init(void)
1412 int num
= ARRAY_SIZE(ixp4xx_algos
);
1415 pdev
= platform_device_register_full(&ixp_dev_info
);
1417 return PTR_ERR(pdev
);
1419 spin_lock_init(&desc_lock
);
1420 spin_lock_init(&emerg_lock
);
1422 err
= init_ixp_crypto(&pdev
->dev
);
1424 platform_device_unregister(pdev
);
1427 for (i
=0; i
< num
; i
++) {
1428 struct crypto_alg
*cra
= &ixp4xx_algos
[i
].crypto
;
1430 if (snprintf(cra
->cra_driver_name
, CRYPTO_MAX_ALG_NAME
,
1431 "%s"IXP_POSTFIX
, cra
->cra_name
) >=
1432 CRYPTO_MAX_ALG_NAME
)
1436 if (!support_aes
&& (ixp4xx_algos
[i
].cfg_enc
& MOD_AES
)) {
1439 if (!ixp4xx_algos
[i
].hash
) {
1441 cra
->cra_type
= &crypto_ablkcipher_type
;
1442 cra
->cra_flags
= CRYPTO_ALG_TYPE_ABLKCIPHER
|
1443 CRYPTO_ALG_KERN_DRIVER_ONLY
|
1445 if (!cra
->cra_ablkcipher
.setkey
)
1446 cra
->cra_ablkcipher
.setkey
= ablk_setkey
;
1447 if (!cra
->cra_ablkcipher
.encrypt
)
1448 cra
->cra_ablkcipher
.encrypt
= ablk_encrypt
;
1449 if (!cra
->cra_ablkcipher
.decrypt
)
1450 cra
->cra_ablkcipher
.decrypt
= ablk_decrypt
;
1451 cra
->cra_init
= init_tfm_ablk
;
1454 cra
->cra_type
= &crypto_aead_type
;
1455 cra
->cra_flags
= CRYPTO_ALG_TYPE_AEAD
|
1456 CRYPTO_ALG_KERN_DRIVER_ONLY
|
1458 cra
->cra_aead
.setkey
= aead_setkey
;
1459 cra
->cra_aead
.setauthsize
= aead_setauthsize
;
1460 cra
->cra_aead
.encrypt
= aead_encrypt
;
1461 cra
->cra_aead
.decrypt
= aead_decrypt
;
1462 cra
->cra_aead
.givencrypt
= aead_givencrypt
;
1463 cra
->cra_init
= init_tfm_aead
;
1465 cra
->cra_ctxsize
= sizeof(struct ixp_ctx
);
1466 cra
->cra_module
= THIS_MODULE
;
1467 cra
->cra_alignmask
= 3;
1468 cra
->cra_priority
= 300;
1469 cra
->cra_exit
= exit_tfm
;
1470 if (crypto_register_alg(cra
))
1471 printk(KERN_ERR
"Failed to register '%s'\n",
1474 ixp4xx_algos
[i
].registered
= 1;
1479 static void __exit
ixp_module_exit(void)
1481 int num
= ARRAY_SIZE(ixp4xx_algos
);
1484 for (i
=0; i
< num
; i
++) {
1485 if (ixp4xx_algos
[i
].registered
)
1486 crypto_unregister_alg(&ixp4xx_algos
[i
].crypto
);
1488 release_ixp_crypto(&pdev
->dev
);
1489 platform_device_unregister(pdev
);
1492 module_init(ixp_module_init
);
1493 module_exit(ixp_module_exit
);
1495 MODULE_LICENSE("GPL");
1496 MODULE_AUTHOR("Christian Hohnstaedt <chohnstaedt@innominate.com>");
1497 MODULE_DESCRIPTION("IXP4xx hardware crypto");