2 * Copyright (c) 2010-2011 Picochip Ltd., Jamie Iles
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 #include <crypto/aead.h>
19 #include <crypto/aes.h>
20 #include <crypto/algapi.h>
21 #include <crypto/authenc.h>
22 #include <crypto/des.h>
23 #include <crypto/md5.h>
24 #include <crypto/sha.h>
25 #include <crypto/internal/skcipher.h>
26 #include <linux/clk.h>
27 #include <linux/crypto.h>
28 #include <linux/delay.h>
29 #include <linux/dma-mapping.h>
30 #include <linux/dmapool.h>
31 #include <linux/err.h>
32 #include <linux/init.h>
33 #include <linux/interrupt.h>
35 #include <linux/list.h>
36 #include <linux/module.h>
37 #include <linux/platform_device.h>
39 #include <linux/rtnetlink.h>
40 #include <linux/scatterlist.h>
41 #include <linux/sched.h>
42 #include <linux/slab.h>
43 #include <linux/timer.h>
45 #include "picoxcell_crypto_regs.h"
48 * The threshold for the number of entries in the CMD FIFO available before
49 * the CMD0_CNT interrupt is raised. Increasing this value will reduce the
50 * number of interrupts raised to the CPU.
52 #define CMD0_IRQ_THRESHOLD 1
55 * The timeout period (in jiffies) for a PDU. When the the number of PDUs in
56 * flight is greater than the STAT_IRQ_THRESHOLD or 0 the timer is disabled.
57 * When there are packets in flight but lower than the threshold, we enable
58 * the timer and at expiry, attempt to remove any processed packets from the
59 * queue and if there are still packets left, schedule the timer again.
61 #define PACKET_TIMEOUT 1
63 /* The priority to register each algorithm with. */
64 #define SPACC_CRYPTO_ALG_PRIORITY 10000
66 #define SPACC_CRYPTO_KASUMI_F8_KEY_LEN 16
67 #define SPACC_CRYPTO_IPSEC_CIPHER_PG_SZ 64
68 #define SPACC_CRYPTO_IPSEC_HASH_PG_SZ 64
69 #define SPACC_CRYPTO_IPSEC_MAX_CTXS 32
70 #define SPACC_CRYPTO_IPSEC_FIFO_SZ 32
71 #define SPACC_CRYPTO_L2_CIPHER_PG_SZ 64
72 #define SPACC_CRYPTO_L2_HASH_PG_SZ 64
73 #define SPACC_CRYPTO_L2_MAX_CTXS 128
74 #define SPACC_CRYPTO_L2_FIFO_SZ 128
76 #define MAX_DDT_LEN 16
78 /* DDT format. This must match the hardware DDT format exactly. */
85 * Asynchronous crypto request structure.
87 * This structure defines a request that is either queued for processing or
91 struct list_head list;
92 struct spacc_engine *engine;
93 struct crypto_async_request *req;
97 dma_addr_t src_addr, dst_addr;
98 struct spacc_ddt *src_ddt, *dst_ddt;
99 void (*complete)(struct spacc_req *req);
101 /* AEAD specific bits. */
107 struct spacc_engine {
109 struct list_head pending;
113 struct list_head completed;
114 struct list_head in_progress;
115 struct tasklet_struct complete;
116 unsigned long fifo_sz;
117 void __iomem *cipher_ctx_base;
118 void __iomem *hash_key_base;
119 struct spacc_alg *algs;
121 struct list_head registered_algs;
128 struct timer_list packet_timeout;
129 unsigned stat_irq_thresh;
130 struct dma_pool *req_pool;
133 /* Algorithm type mask. */
134 #define SPACC_CRYPTO_ALG_MASK 0x7
136 /* SPACC definition of a crypto algorithm. */
138 unsigned long ctrl_default;
140 struct crypto_alg alg;
141 struct spacc_engine *engine;
142 struct list_head entry;
147 /* Generic context structure for any algorithm type. */
148 struct spacc_generic_ctx {
149 struct spacc_engine *engine;
155 /* Block cipher context. */
156 struct spacc_ablk_ctx {
157 struct spacc_generic_ctx generic;
158 u8 key[AES_MAX_KEY_SIZE];
161 * The fallback cipher. If the operation can't be done in hardware,
162 * fallback to a software version.
164 struct crypto_ablkcipher *sw_cipher;
167 /* AEAD cipher context. */
168 struct spacc_aead_ctx {
169 struct spacc_generic_ctx generic;
170 u8 cipher_key[AES_MAX_KEY_SIZE];
171 u8 hash_ctx[SPACC_CRYPTO_IPSEC_HASH_PG_SZ];
174 struct crypto_aead *sw_cipher;
176 u8 salt[AES_BLOCK_SIZE];
179 static inline struct spacc_alg *to_spacc_alg(struct crypto_alg *alg)
181 return alg ? container_of(alg, struct spacc_alg, alg) : NULL;
184 static inline int spacc_fifo_cmd_full(struct spacc_engine *engine)
186 u32 fifo_stat = readl(engine->regs + SPA_FIFO_STAT_REG_OFFSET);
188 return fifo_stat & SPA_FIFO_CMD_FULL;
192 * Given a cipher context, and a context number, get the base address of the
195 * Returns the address of the context page where the key/context may
198 static inline void __iomem *spacc_ctx_page_addr(struct spacc_generic_ctx *ctx,
202 return is_cipher_ctx ? ctx->engine->cipher_ctx_base +
203 (indx * ctx->engine->cipher_pg_sz) :
204 ctx->engine->hash_key_base + (indx * ctx->engine->hash_pg_sz);
207 /* The context pages can only be written with 32-bit accesses. */
208 static inline void memcpy_toio32(u32 __iomem *dst, const void *src,
211 const u32 *src32 = (const u32 *) src;
214 writel(*src32++, dst++);
217 static void spacc_cipher_write_ctx(struct spacc_generic_ctx *ctx,
218 void __iomem *page_addr, const u8 *key,
219 size_t key_len, const u8 *iv, size_t iv_len)
221 void __iomem *key_ptr = page_addr + ctx->key_offs;
222 void __iomem *iv_ptr = page_addr + ctx->iv_offs;
224 memcpy_toio32(key_ptr, key, key_len / 4);
225 memcpy_toio32(iv_ptr, iv, iv_len / 4);
229 * Load a context into the engines context memory.
231 * Returns the index of the context page where the context was loaded.
233 static unsigned spacc_load_ctx(struct spacc_generic_ctx *ctx,
234 const u8 *ciph_key, size_t ciph_len,
235 const u8 *iv, size_t ivlen, const u8 *hash_key,
238 unsigned indx = ctx->engine->next_ctx++;
239 void __iomem *ciph_page_addr, *hash_page_addr;
241 ciph_page_addr = spacc_ctx_page_addr(ctx, indx, 1);
242 hash_page_addr = spacc_ctx_page_addr(ctx, indx, 0);
244 ctx->engine->next_ctx &= ctx->engine->fifo_sz - 1;
245 spacc_cipher_write_ctx(ctx, ciph_page_addr, ciph_key, ciph_len, iv,
247 writel(ciph_len | (indx << SPA_KEY_SZ_CTX_INDEX_OFFSET) |
248 (1 << SPA_KEY_SZ_CIPHER_OFFSET),
249 ctx->engine->regs + SPA_KEY_SZ_REG_OFFSET);
252 memcpy_toio32(hash_page_addr, hash_key, hash_len / 4);
253 writel(hash_len | (indx << SPA_KEY_SZ_CTX_INDEX_OFFSET),
254 ctx->engine->regs + SPA_KEY_SZ_REG_OFFSET);
260 /* Count the number of scatterlist entries in a scatterlist. */
261 static int sg_count(struct scatterlist *sg_list, int nbytes)
263 struct scatterlist *sg = sg_list;
268 nbytes -= sg->length;
275 static inline void ddt_set(struct spacc_ddt *ddt, dma_addr_t phys, size_t len)
282 * Take a crypto request and scatterlists for the data and turn them into DDTs
283 * for passing to the crypto engines. This also DMA maps the data so that the
284 * crypto engines can DMA to/from them.
286 static struct spacc_ddt *spacc_sg_to_ddt(struct spacc_engine *engine,
287 struct scatterlist *payload,
289 enum dma_data_direction dir,
290 dma_addr_t *ddt_phys)
292 unsigned nents, mapped_ents;
293 struct scatterlist *cur;
294 struct spacc_ddt *ddt;
297 nents = sg_count(payload, nbytes);
298 mapped_ents = dma_map_sg(engine->dev, payload, nents, dir);
300 if (mapped_ents + 1 > MAX_DDT_LEN)
303 ddt = dma_pool_alloc(engine->req_pool, GFP_ATOMIC, ddt_phys);
307 for_each_sg(payload, cur, mapped_ents, i)
308 ddt_set(&ddt[i], sg_dma_address(cur), sg_dma_len(cur));
309 ddt_set(&ddt[mapped_ents], 0, 0);
314 dma_unmap_sg(engine->dev, payload, nents, dir);
318 static int spacc_aead_make_ddts(struct spacc_req *req, u8 *giv)
320 struct aead_request *areq = container_of(req->req, struct aead_request,
322 struct spacc_engine *engine = req->engine;
323 struct spacc_ddt *src_ddt, *dst_ddt;
324 unsigned ivsize = crypto_aead_ivsize(crypto_aead_reqtfm(areq));
325 unsigned nents = sg_count(areq->src, areq->cryptlen);
327 struct scatterlist *cur;
328 int i, dst_ents, src_ents, assoc_ents;
329 u8 *iv = giv ? giv : areq->iv;
331 src_ddt = dma_pool_alloc(engine->req_pool, GFP_ATOMIC, &req->src_addr);
335 dst_ddt = dma_pool_alloc(engine->req_pool, GFP_ATOMIC, &req->dst_addr);
337 dma_pool_free(engine->req_pool, src_ddt, req->src_addr);
341 req->src_ddt = src_ddt;
342 req->dst_ddt = dst_ddt;
344 assoc_ents = dma_map_sg(engine->dev, areq->assoc,
345 sg_count(areq->assoc, areq->assoclen), DMA_TO_DEVICE);
346 if (areq->src != areq->dst) {
347 src_ents = dma_map_sg(engine->dev, areq->src, nents,
349 dst_ents = dma_map_sg(engine->dev, areq->dst, nents,
352 src_ents = dma_map_sg(engine->dev, areq->src, nents,
358 * Map the IV/GIV. For the GIV it needs to be bidirectional as it is
359 * formed by the crypto block and sent as the ESP IV for IPSEC.
361 iv_addr = dma_map_single(engine->dev, iv, ivsize,
362 giv ? DMA_BIDIRECTIONAL : DMA_TO_DEVICE);
363 req->giv_pa = iv_addr;
366 * Map the associated data. For decryption we don't copy the
369 for_each_sg(areq->assoc, cur, assoc_ents, i) {
370 ddt_set(src_ddt++, sg_dma_address(cur), sg_dma_len(cur));
372 ddt_set(dst_ddt++, sg_dma_address(cur),
375 ddt_set(src_ddt++, iv_addr, ivsize);
377 if (giv || req->is_encrypt)
378 ddt_set(dst_ddt++, iv_addr, ivsize);
381 * Now map in the payload for the source and destination and terminate
382 * with the NULL pointers.
384 for_each_sg(areq->src, cur, src_ents, i) {
385 ddt_set(src_ddt++, sg_dma_address(cur), sg_dma_len(cur));
386 if (areq->src == areq->dst)
387 ddt_set(dst_ddt++, sg_dma_address(cur),
391 for_each_sg(areq->dst, cur, dst_ents, i)
392 ddt_set(dst_ddt++, sg_dma_address(cur),
395 ddt_set(src_ddt, 0, 0);
396 ddt_set(dst_ddt, 0, 0);
401 static void spacc_aead_free_ddts(struct spacc_req *req)
403 struct aead_request *areq = container_of(req->req, struct aead_request,
405 struct spacc_alg *alg = to_spacc_alg(req->req->tfm->__crt_alg);
406 struct spacc_ablk_ctx *aead_ctx = crypto_tfm_ctx(req->req->tfm);
407 struct spacc_engine *engine = aead_ctx->generic.engine;
408 unsigned ivsize = alg->alg.cra_aead.ivsize;
409 unsigned nents = sg_count(areq->src, areq->cryptlen);
411 if (areq->src != areq->dst) {
412 dma_unmap_sg(engine->dev, areq->src, nents, DMA_TO_DEVICE);
413 dma_unmap_sg(engine->dev, areq->dst,
414 sg_count(areq->dst, areq->cryptlen),
417 dma_unmap_sg(engine->dev, areq->src, nents, DMA_BIDIRECTIONAL);
419 dma_unmap_sg(engine->dev, areq->assoc,
420 sg_count(areq->assoc, areq->assoclen), DMA_TO_DEVICE);
422 dma_unmap_single(engine->dev, req->giv_pa, ivsize, DMA_BIDIRECTIONAL);
424 dma_pool_free(engine->req_pool, req->src_ddt, req->src_addr);
425 dma_pool_free(engine->req_pool, req->dst_ddt, req->dst_addr);
428 static void spacc_free_ddt(struct spacc_req *req, struct spacc_ddt *ddt,
429 dma_addr_t ddt_addr, struct scatterlist *payload,
430 unsigned nbytes, enum dma_data_direction dir)
432 unsigned nents = sg_count(payload, nbytes);
434 dma_unmap_sg(req->engine->dev, payload, nents, dir);
435 dma_pool_free(req->engine->req_pool, ddt, ddt_addr);
439 * Set key for a DES operation in an AEAD cipher. This also performs weak key
440 * checking if required.
442 static int spacc_aead_des_setkey(struct crypto_aead *aead, const u8 *key,
445 struct crypto_tfm *tfm = crypto_aead_tfm(aead);
446 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(tfm);
447 u32 tmp[DES_EXPKEY_WORDS];
449 if (unlikely(!des_ekey(tmp, key)) &&
450 (crypto_aead_get_flags(aead)) & CRYPTO_TFM_REQ_WEAK_KEY) {
451 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
455 memcpy(ctx->cipher_key, key, len);
456 ctx->cipher_key_len = len;
461 /* Set the key for the AES block cipher component of the AEAD transform. */
462 static int spacc_aead_aes_setkey(struct crypto_aead *aead, const u8 *key,
465 struct crypto_tfm *tfm = crypto_aead_tfm(aead);
466 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(tfm);
469 * IPSec engine only supports 128 and 256 bit AES keys. If we get a
470 * request for any other size (192 bits) then we need to do a software
473 if (len != AES_KEYSIZE_128 && len != AES_KEYSIZE_256) {
475 * Set the fallback transform to use the same request flags as
476 * the hardware transform.
478 ctx->sw_cipher->base.crt_flags &= ~CRYPTO_TFM_REQ_MASK;
479 ctx->sw_cipher->base.crt_flags |=
480 tfm->crt_flags & CRYPTO_TFM_REQ_MASK;
481 return crypto_aead_setkey(ctx->sw_cipher, key, len);
484 memcpy(ctx->cipher_key, key, len);
485 ctx->cipher_key_len = len;
490 static int spacc_aead_setkey(struct crypto_aead *tfm, const u8 *key,
493 struct spacc_aead_ctx *ctx = crypto_aead_ctx(tfm);
494 struct spacc_alg *alg = to_spacc_alg(tfm->base.__crt_alg);
495 struct rtattr *rta = (void *)key;
496 struct crypto_authenc_key_param *param;
497 unsigned int authkeylen, enckeylen;
500 if (!RTA_OK(rta, keylen))
503 if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
506 if (RTA_PAYLOAD(rta) < sizeof(*param))
509 param = RTA_DATA(rta);
510 enckeylen = be32_to_cpu(param->enckeylen);
512 key += RTA_ALIGN(rta->rta_len);
513 keylen -= RTA_ALIGN(rta->rta_len);
515 if (keylen < enckeylen)
518 authkeylen = keylen - enckeylen;
520 if (enckeylen > AES_MAX_KEY_SIZE)
523 if ((alg->ctrl_default & SPACC_CRYPTO_ALG_MASK) ==
524 SPA_CTRL_CIPH_ALG_AES)
525 err = spacc_aead_aes_setkey(tfm, key + authkeylen, enckeylen);
527 err = spacc_aead_des_setkey(tfm, key + authkeylen, enckeylen);
532 memcpy(ctx->hash_ctx, key, authkeylen);
533 ctx->hash_key_len = authkeylen;
538 crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
542 static int spacc_aead_setauthsize(struct crypto_aead *tfm,
543 unsigned int authsize)
545 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(crypto_aead_tfm(tfm));
547 ctx->auth_size = authsize;
553 * Check if an AEAD request requires a fallback operation. Some requests can't
554 * be completed in hardware because the hardware may not support certain key
555 * sizes. In these cases we need to complete the request in software.
557 static int spacc_aead_need_fallback(struct spacc_req *req)
559 struct aead_request *aead_req;
560 struct crypto_tfm *tfm = req->req->tfm;
561 struct crypto_alg *alg = req->req->tfm->__crt_alg;
562 struct spacc_alg *spacc_alg = to_spacc_alg(alg);
563 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(tfm);
565 aead_req = container_of(req->req, struct aead_request, base);
567 * If we have a non-supported key-length, then we need to do a
570 if ((spacc_alg->ctrl_default & SPACC_CRYPTO_ALG_MASK) ==
571 SPA_CTRL_CIPH_ALG_AES &&
572 ctx->cipher_key_len != AES_KEYSIZE_128 &&
573 ctx->cipher_key_len != AES_KEYSIZE_256)
579 static int spacc_aead_do_fallback(struct aead_request *req, unsigned alg_type,
582 struct crypto_tfm *old_tfm = crypto_aead_tfm(crypto_aead_reqtfm(req));
583 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(old_tfm);
586 if (ctx->sw_cipher) {
588 * Change the request to use the software fallback transform,
589 * and once the ciphering has completed, put the old transform
590 * back into the request.
592 aead_request_set_tfm(req, ctx->sw_cipher);
593 err = is_encrypt ? crypto_aead_encrypt(req) :
594 crypto_aead_decrypt(req);
595 aead_request_set_tfm(req, __crypto_aead_cast(old_tfm));
602 static void spacc_aead_complete(struct spacc_req *req)
604 spacc_aead_free_ddts(req);
605 req->req->complete(req->req, req->result);
608 static int spacc_aead_submit(struct spacc_req *req)
610 struct crypto_tfm *tfm = req->req->tfm;
611 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(tfm);
612 struct crypto_alg *alg = req->req->tfm->__crt_alg;
613 struct spacc_alg *spacc_alg = to_spacc_alg(alg);
614 struct spacc_engine *engine = ctx->generic.engine;
615 u32 ctrl, proc_len, assoc_len;
616 struct aead_request *aead_req =
617 container_of(req->req, struct aead_request, base);
619 req->result = -EINPROGRESS;
620 req->ctx_id = spacc_load_ctx(&ctx->generic, ctx->cipher_key,
621 ctx->cipher_key_len, aead_req->iv, alg->cra_aead.ivsize,
622 ctx->hash_ctx, ctx->hash_key_len);
624 /* Set the source and destination DDT pointers. */
625 writel(req->src_addr, engine->regs + SPA_SRC_PTR_REG_OFFSET);
626 writel(req->dst_addr, engine->regs + SPA_DST_PTR_REG_OFFSET);
627 writel(0, engine->regs + SPA_OFFSET_REG_OFFSET);
629 assoc_len = aead_req->assoclen;
630 proc_len = aead_req->cryptlen + assoc_len;
633 * If we aren't generating an IV, then we need to include the IV in the
634 * associated data so that it is included in the hash.
637 assoc_len += crypto_aead_ivsize(crypto_aead_reqtfm(aead_req));
638 proc_len += crypto_aead_ivsize(crypto_aead_reqtfm(aead_req));
640 proc_len += req->giv_len;
643 * If we are decrypting, we need to take the length of the ICV out of
644 * the processing length.
646 if (!req->is_encrypt)
647 proc_len -= ctx->auth_size;
649 writel(proc_len, engine->regs + SPA_PROC_LEN_REG_OFFSET);
650 writel(assoc_len, engine->regs + SPA_AAD_LEN_REG_OFFSET);
651 writel(ctx->auth_size, engine->regs + SPA_ICV_LEN_REG_OFFSET);
652 writel(0, engine->regs + SPA_ICV_OFFSET_REG_OFFSET);
653 writel(0, engine->regs + SPA_AUX_INFO_REG_OFFSET);
655 ctrl = spacc_alg->ctrl_default | (req->ctx_id << SPA_CTRL_CTX_IDX) |
656 (1 << SPA_CTRL_ICV_APPEND);
658 ctrl |= (1 << SPA_CTRL_ENCRYPT_IDX) | (1 << SPA_CTRL_AAD_COPY);
660 ctrl |= (1 << SPA_CTRL_KEY_EXP);
662 mod_timer(&engine->packet_timeout, jiffies + PACKET_TIMEOUT);
664 writel(ctrl, engine->regs + SPA_CTRL_REG_OFFSET);
670 * Setup an AEAD request for processing. This will configure the engine, load
671 * the context and then start the packet processing.
673 * @giv Pointer to destination address for a generated IV. If the
674 * request does not need to generate an IV then this should be set to NULL.
676 static int spacc_aead_setup(struct aead_request *req, u8 *giv,
677 unsigned alg_type, bool is_encrypt)
679 struct crypto_alg *alg = req->base.tfm->__crt_alg;
680 struct spacc_engine *engine = to_spacc_alg(alg)->engine;
681 struct spacc_req *dev_req = aead_request_ctx(req);
682 int err = -EINPROGRESS;
684 unsigned ivsize = crypto_aead_ivsize(crypto_aead_reqtfm(req));
687 dev_req->giv_len = ivsize;
688 dev_req->req = &req->base;
689 dev_req->is_encrypt = is_encrypt;
690 dev_req->result = -EBUSY;
691 dev_req->engine = engine;
692 dev_req->complete = spacc_aead_complete;
694 if (unlikely(spacc_aead_need_fallback(dev_req)))
695 return spacc_aead_do_fallback(req, alg_type, is_encrypt);
697 spacc_aead_make_ddts(dev_req, dev_req->giv);
700 spin_lock_irqsave(&engine->hw_lock, flags);
701 if (unlikely(spacc_fifo_cmd_full(engine))) {
702 if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
704 spin_unlock_irqrestore(&engine->hw_lock, flags);
707 list_add_tail(&dev_req->list, &engine->pending);
710 list_add_tail(&dev_req->list, &engine->in_progress);
711 spacc_aead_submit(dev_req);
713 spin_unlock_irqrestore(&engine->hw_lock, flags);
718 spacc_aead_free_ddts(dev_req);
723 static int spacc_aead_encrypt(struct aead_request *req)
725 struct crypto_aead *aead = crypto_aead_reqtfm(req);
726 struct crypto_tfm *tfm = crypto_aead_tfm(aead);
727 struct spacc_alg *alg = to_spacc_alg(tfm->__crt_alg);
729 return spacc_aead_setup(req, NULL, alg->type, 1);
732 static int spacc_aead_givencrypt(struct aead_givcrypt_request *req)
734 struct crypto_aead *tfm = aead_givcrypt_reqtfm(req);
735 struct spacc_aead_ctx *ctx = crypto_aead_ctx(tfm);
736 size_t ivsize = crypto_aead_ivsize(tfm);
737 struct spacc_alg *alg = to_spacc_alg(tfm->base.__crt_alg);
741 memcpy(req->areq.iv, ctx->salt, ivsize);
743 if (ivsize > sizeof(u64)) {
744 memset(req->giv, 0, ivsize - sizeof(u64));
747 seq = cpu_to_be64(req->seq);
748 memcpy(req->giv + ivsize - len, &seq, len);
750 return spacc_aead_setup(&req->areq, req->giv, alg->type, 1);
753 static int spacc_aead_decrypt(struct aead_request *req)
755 struct crypto_aead *aead = crypto_aead_reqtfm(req);
756 struct crypto_tfm *tfm = crypto_aead_tfm(aead);
757 struct spacc_alg *alg = to_spacc_alg(tfm->__crt_alg);
759 return spacc_aead_setup(req, NULL, alg->type, 0);
763 * Initialise a new AEAD context. This is responsible for allocating the
764 * fallback cipher and initialising the context.
766 static int spacc_aead_cra_init(struct crypto_tfm *tfm)
768 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(tfm);
769 struct crypto_alg *alg = tfm->__crt_alg;
770 struct spacc_alg *spacc_alg = to_spacc_alg(alg);
771 struct spacc_engine *engine = spacc_alg->engine;
773 ctx->generic.flags = spacc_alg->type;
774 ctx->generic.engine = engine;
775 ctx->sw_cipher = crypto_alloc_aead(alg->cra_name, 0,
777 CRYPTO_ALG_NEED_FALLBACK);
778 if (IS_ERR(ctx->sw_cipher)) {
779 dev_warn(engine->dev, "failed to allocate fallback for %s\n",
781 ctx->sw_cipher = NULL;
783 ctx->generic.key_offs = spacc_alg->key_offs;
784 ctx->generic.iv_offs = spacc_alg->iv_offs;
786 get_random_bytes(ctx->salt, sizeof(ctx->salt));
788 tfm->crt_aead.reqsize = sizeof(struct spacc_req);
794 * Destructor for an AEAD context. This is called when the transform is freed
795 * and must free the fallback cipher.
797 static void spacc_aead_cra_exit(struct crypto_tfm *tfm)
799 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(tfm);
802 crypto_free_aead(ctx->sw_cipher);
803 ctx->sw_cipher = NULL;
807 * Set the DES key for a block cipher transform. This also performs weak key
808 * checking if the transform has requested it.
810 static int spacc_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
813 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
814 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
815 u32 tmp[DES_EXPKEY_WORDS];
817 if (len > DES3_EDE_KEY_SIZE) {
818 crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
822 if (unlikely(!des_ekey(tmp, key)) &&
823 (crypto_ablkcipher_get_flags(cipher) & CRYPTO_TFM_REQ_WEAK_KEY)) {
824 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
828 memcpy(ctx->key, key, len);
835 * Set the key for an AES block cipher. Some key lengths are not supported in
836 * hardware so this must also check whether a fallback is needed.
838 static int spacc_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
841 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
842 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
845 if (len > AES_MAX_KEY_SIZE) {
846 crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
851 * IPSec engine only supports 128 and 256 bit AES keys. If we get a
852 * request for any other size (192 bits) then we need to do a software
855 if ((len != AES_KEYSIZE_128 || len != AES_KEYSIZE_256) &&
858 * Set the fallback transform to use the same request flags as
859 * the hardware transform.
861 ctx->sw_cipher->base.crt_flags &= ~CRYPTO_TFM_REQ_MASK;
862 ctx->sw_cipher->base.crt_flags |=
863 cipher->base.crt_flags & CRYPTO_TFM_REQ_MASK;
865 err = crypto_ablkcipher_setkey(ctx->sw_cipher, key, len);
867 goto sw_setkey_failed;
868 } else if ((len != AES_KEYSIZE_128 || len != AES_KEYSIZE_256) &&
872 memcpy(ctx->key, key, len);
876 if (err && ctx->sw_cipher) {
877 tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
879 ctx->sw_cipher->base.crt_flags & CRYPTO_TFM_RES_MASK;
885 static int spacc_kasumi_f8_setkey(struct crypto_ablkcipher *cipher,
886 const u8 *key, unsigned int len)
888 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
889 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
892 if (len > AES_MAX_KEY_SIZE) {
893 crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
898 memcpy(ctx->key, key, len);
905 static int spacc_ablk_need_fallback(struct spacc_req *req)
907 struct spacc_ablk_ctx *ctx;
908 struct crypto_tfm *tfm = req->req->tfm;
909 struct crypto_alg *alg = req->req->tfm->__crt_alg;
910 struct spacc_alg *spacc_alg = to_spacc_alg(alg);
912 ctx = crypto_tfm_ctx(tfm);
914 return (spacc_alg->ctrl_default & SPACC_CRYPTO_ALG_MASK) ==
915 SPA_CTRL_CIPH_ALG_AES &&
916 ctx->key_len != AES_KEYSIZE_128 &&
917 ctx->key_len != AES_KEYSIZE_256;
920 static void spacc_ablk_complete(struct spacc_req *req)
922 struct ablkcipher_request *ablk_req =
923 container_of(req->req, struct ablkcipher_request, base);
925 if (ablk_req->src != ablk_req->dst) {
926 spacc_free_ddt(req, req->src_ddt, req->src_addr, ablk_req->src,
927 ablk_req->nbytes, DMA_TO_DEVICE);
928 spacc_free_ddt(req, req->dst_ddt, req->dst_addr, ablk_req->dst,
929 ablk_req->nbytes, DMA_FROM_DEVICE);
931 spacc_free_ddt(req, req->dst_ddt, req->dst_addr, ablk_req->dst,
932 ablk_req->nbytes, DMA_BIDIRECTIONAL);
934 req->req->complete(req->req, req->result);
937 static int spacc_ablk_submit(struct spacc_req *req)
939 struct crypto_tfm *tfm = req->req->tfm;
940 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
941 struct ablkcipher_request *ablk_req = ablkcipher_request_cast(req->req);
942 struct crypto_alg *alg = req->req->tfm->__crt_alg;
943 struct spacc_alg *spacc_alg = to_spacc_alg(alg);
944 struct spacc_engine *engine = ctx->generic.engine;
947 req->ctx_id = spacc_load_ctx(&ctx->generic, ctx->key,
948 ctx->key_len, ablk_req->info, alg->cra_ablkcipher.ivsize,
951 writel(req->src_addr, engine->regs + SPA_SRC_PTR_REG_OFFSET);
952 writel(req->dst_addr, engine->regs + SPA_DST_PTR_REG_OFFSET);
953 writel(0, engine->regs + SPA_OFFSET_REG_OFFSET);
955 writel(ablk_req->nbytes, engine->regs + SPA_PROC_LEN_REG_OFFSET);
956 writel(0, engine->regs + SPA_ICV_OFFSET_REG_OFFSET);
957 writel(0, engine->regs + SPA_AUX_INFO_REG_OFFSET);
958 writel(0, engine->regs + SPA_AAD_LEN_REG_OFFSET);
960 ctrl = spacc_alg->ctrl_default | (req->ctx_id << SPA_CTRL_CTX_IDX) |
961 (req->is_encrypt ? (1 << SPA_CTRL_ENCRYPT_IDX) :
962 (1 << SPA_CTRL_KEY_EXP));
964 mod_timer(&engine->packet_timeout, jiffies + PACKET_TIMEOUT);
966 writel(ctrl, engine->regs + SPA_CTRL_REG_OFFSET);
971 static int spacc_ablk_do_fallback(struct ablkcipher_request *req,
972 unsigned alg_type, bool is_encrypt)
974 struct crypto_tfm *old_tfm =
975 crypto_ablkcipher_tfm(crypto_ablkcipher_reqtfm(req));
976 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(old_tfm);
983 * Change the request to use the software fallback transform, and once
984 * the ciphering has completed, put the old transform back into the
987 ablkcipher_request_set_tfm(req, ctx->sw_cipher);
988 err = is_encrypt ? crypto_ablkcipher_encrypt(req) :
989 crypto_ablkcipher_decrypt(req);
990 ablkcipher_request_set_tfm(req, __crypto_ablkcipher_cast(old_tfm));
995 static int spacc_ablk_setup(struct ablkcipher_request *req, unsigned alg_type,
998 struct crypto_alg *alg = req->base.tfm->__crt_alg;
999 struct spacc_engine *engine = to_spacc_alg(alg)->engine;
1000 struct spacc_req *dev_req = ablkcipher_request_ctx(req);
1001 unsigned long flags;
1004 dev_req->req = &req->base;
1005 dev_req->is_encrypt = is_encrypt;
1006 dev_req->engine = engine;
1007 dev_req->complete = spacc_ablk_complete;
1008 dev_req->result = -EINPROGRESS;
1010 if (unlikely(spacc_ablk_need_fallback(dev_req)))
1011 return spacc_ablk_do_fallback(req, alg_type, is_encrypt);
1014 * Create the DDT's for the engine. If we share the same source and
1015 * destination then we can optimize by reusing the DDT's.
1017 if (req->src != req->dst) {
1018 dev_req->src_ddt = spacc_sg_to_ddt(engine, req->src,
1019 req->nbytes, DMA_TO_DEVICE, &dev_req->src_addr);
1020 if (!dev_req->src_ddt)
1023 dev_req->dst_ddt = spacc_sg_to_ddt(engine, req->dst,
1024 req->nbytes, DMA_FROM_DEVICE, &dev_req->dst_addr);
1025 if (!dev_req->dst_ddt)
1028 dev_req->dst_ddt = spacc_sg_to_ddt(engine, req->dst,
1029 req->nbytes, DMA_BIDIRECTIONAL, &dev_req->dst_addr);
1030 if (!dev_req->dst_ddt)
1033 dev_req->src_ddt = NULL;
1034 dev_req->src_addr = dev_req->dst_addr;
1038 spin_lock_irqsave(&engine->hw_lock, flags);
1040 * Check if the engine will accept the operation now. If it won't then
1041 * we either stick it on the end of a pending list if we can backlog,
1042 * or bailout with an error if not.
1044 if (unlikely(spacc_fifo_cmd_full(engine))) {
1045 if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
1047 spin_unlock_irqrestore(&engine->hw_lock, flags);
1050 list_add_tail(&dev_req->list, &engine->pending);
1052 ++engine->in_flight;
1053 list_add_tail(&dev_req->list, &engine->in_progress);
1054 spacc_ablk_submit(dev_req);
1056 spin_unlock_irqrestore(&engine->hw_lock, flags);
1061 spacc_free_ddt(dev_req, dev_req->dst_ddt, dev_req->dst_addr, req->dst,
1062 req->nbytes, req->src == req->dst ?
1063 DMA_BIDIRECTIONAL : DMA_FROM_DEVICE);
1065 if (req->src != req->dst)
1066 spacc_free_ddt(dev_req, dev_req->src_ddt, dev_req->src_addr,
1067 req->src, req->nbytes, DMA_TO_DEVICE);
1072 static int spacc_ablk_cra_init(struct crypto_tfm *tfm)
1074 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
1075 struct crypto_alg *alg = tfm->__crt_alg;
1076 struct spacc_alg *spacc_alg = to_spacc_alg(alg);
1077 struct spacc_engine *engine = spacc_alg->engine;
1079 ctx->generic.flags = spacc_alg->type;
1080 ctx->generic.engine = engine;
1081 if (alg->cra_flags & CRYPTO_ALG_NEED_FALLBACK) {
1082 ctx->sw_cipher = crypto_alloc_ablkcipher(alg->cra_name, 0,
1083 CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK);
1084 if (IS_ERR(ctx->sw_cipher)) {
1085 dev_warn(engine->dev, "failed to allocate fallback for %s\n",
1087 ctx->sw_cipher = NULL;
1090 ctx->generic.key_offs = spacc_alg->key_offs;
1091 ctx->generic.iv_offs = spacc_alg->iv_offs;
1093 tfm->crt_ablkcipher.reqsize = sizeof(struct spacc_req);
1098 static void spacc_ablk_cra_exit(struct crypto_tfm *tfm)
1100 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
1103 crypto_free_ablkcipher(ctx->sw_cipher);
1104 ctx->sw_cipher = NULL;
1107 static int spacc_ablk_encrypt(struct ablkcipher_request *req)
1109 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(req);
1110 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
1111 struct spacc_alg *alg = to_spacc_alg(tfm->__crt_alg);
1113 return spacc_ablk_setup(req, alg->type, 1);
1116 static int spacc_ablk_decrypt(struct ablkcipher_request *req)
1118 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(req);
1119 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
1120 struct spacc_alg *alg = to_spacc_alg(tfm->__crt_alg);
1122 return spacc_ablk_setup(req, alg->type, 0);
1125 static inline int spacc_fifo_stat_empty(struct spacc_engine *engine)
1127 return readl(engine->regs + SPA_FIFO_STAT_REG_OFFSET) &
1128 SPA_FIFO_STAT_EMPTY;
1131 static void spacc_process_done(struct spacc_engine *engine)
1133 struct spacc_req *req;
1134 unsigned long flags;
1136 spin_lock_irqsave(&engine->hw_lock, flags);
1138 while (!spacc_fifo_stat_empty(engine)) {
1139 req = list_first_entry(&engine->in_progress, struct spacc_req,
1141 list_move_tail(&req->list, &engine->completed);
1143 /* POP the status register. */
1144 writel(~0, engine->regs + SPA_STAT_POP_REG_OFFSET);
1145 req->result = (readl(engine->regs + SPA_STATUS_REG_OFFSET) &
1146 SPA_STATUS_RES_CODE_MASK) >> SPA_STATUS_RES_CODE_OFFSET;
1149 * Convert the SPAcc error status into the standard POSIX error
1152 if (unlikely(req->result)) {
1153 switch (req->result) {
1154 case SPA_STATUS_ICV_FAIL:
1155 req->result = -EBADMSG;
1158 case SPA_STATUS_MEMORY_ERROR:
1159 dev_warn(engine->dev,
1160 "memory error triggered\n");
1161 req->result = -EFAULT;
1164 case SPA_STATUS_BLOCK_ERROR:
1165 dev_warn(engine->dev,
1166 "block error triggered\n");
1173 tasklet_schedule(&engine->complete);
1175 spin_unlock_irqrestore(&engine->hw_lock, flags);
1178 static irqreturn_t spacc_spacc_irq(int irq, void *dev)
1180 struct spacc_engine *engine = (struct spacc_engine *)dev;
1181 u32 spacc_irq_stat = readl(engine->regs + SPA_IRQ_STAT_REG_OFFSET);
1183 writel(spacc_irq_stat, engine->regs + SPA_IRQ_STAT_REG_OFFSET);
1184 spacc_process_done(engine);
1189 static void spacc_packet_timeout(unsigned long data)
1191 struct spacc_engine *engine = (struct spacc_engine *)data;
1193 spacc_process_done(engine);
1196 static int spacc_req_submit(struct spacc_req *req)
1198 struct crypto_alg *alg = req->req->tfm->__crt_alg;
1200 if (CRYPTO_ALG_TYPE_AEAD == (CRYPTO_ALG_TYPE_MASK & alg->cra_flags))
1201 return spacc_aead_submit(req);
1203 return spacc_ablk_submit(req);
1206 static void spacc_spacc_complete(unsigned long data)
1208 struct spacc_engine *engine = (struct spacc_engine *)data;
1209 struct spacc_req *req, *tmp;
1210 unsigned long flags;
1211 int num_removed = 0;
1212 LIST_HEAD(completed);
1214 spin_lock_irqsave(&engine->hw_lock, flags);
1215 list_splice_init(&engine->completed, &completed);
1216 spin_unlock_irqrestore(&engine->hw_lock, flags);
1218 list_for_each_entry_safe(req, tmp, &completed, list) {
1223 /* Try and fill the engine back up again. */
1224 spin_lock_irqsave(&engine->hw_lock, flags);
1226 engine->in_flight -= num_removed;
1228 list_for_each_entry_safe(req, tmp, &engine->pending, list) {
1229 if (spacc_fifo_cmd_full(engine))
1232 list_move_tail(&req->list, &engine->in_progress);
1233 ++engine->in_flight;
1234 req->result = spacc_req_submit(req);
1237 if (engine->in_flight)
1238 mod_timer(&engine->packet_timeout, jiffies + PACKET_TIMEOUT);
1240 spin_unlock_irqrestore(&engine->hw_lock, flags);
1244 static int spacc_suspend(struct device *dev)
1246 struct platform_device *pdev = to_platform_device(dev);
1247 struct spacc_engine *engine = platform_get_drvdata(pdev);
1250 * We only support standby mode. All we have to do is gate the clock to
1251 * the spacc. The hardware will preserve state until we turn it back
1254 clk_disable(engine->clk);
1259 static int spacc_resume(struct device *dev)
1261 struct platform_device *pdev = to_platform_device(dev);
1262 struct spacc_engine *engine = platform_get_drvdata(pdev);
1264 return clk_enable(engine->clk);
1267 static const struct dev_pm_ops spacc_pm_ops = {
1268 .suspend = spacc_suspend,
1269 .resume = spacc_resume,
1271 #endif /* CONFIG_PM */
1273 static inline struct spacc_engine *spacc_dev_to_engine(struct device *dev)
1275 return dev ? platform_get_drvdata(to_platform_device(dev)) : NULL;
1278 static ssize_t spacc_stat_irq_thresh_show(struct device *dev,
1279 struct device_attribute *attr,
1282 struct spacc_engine *engine = spacc_dev_to_engine(dev);
1284 return snprintf(buf, PAGE_SIZE, "%u\n", engine->stat_irq_thresh);
1287 static ssize_t spacc_stat_irq_thresh_store(struct device *dev,
1288 struct device_attribute *attr,
1289 const char *buf, size_t len)
1291 struct spacc_engine *engine = spacc_dev_to_engine(dev);
1292 unsigned long thresh;
1294 if (strict_strtoul(buf, 0, &thresh))
1297 thresh = clamp(thresh, 1UL, engine->fifo_sz - 1);
1299 engine->stat_irq_thresh = thresh;
1300 writel(engine->stat_irq_thresh << SPA_IRQ_CTRL_STAT_CNT_OFFSET,
1301 engine->regs + SPA_IRQ_CTRL_REG_OFFSET);
1305 static DEVICE_ATTR(stat_irq_thresh, 0644, spacc_stat_irq_thresh_show,
1306 spacc_stat_irq_thresh_store);
1308 static struct spacc_alg ipsec_engine_algs[] = {
1310 .ctrl_default = SPA_CTRL_CIPH_ALG_AES | SPA_CTRL_CIPH_MODE_CBC,
1312 .iv_offs = AES_MAX_KEY_SIZE,
1314 .cra_name = "cbc(aes)",
1315 .cra_driver_name = "cbc-aes-picoxcell",
1316 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1317 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
1319 CRYPTO_ALG_NEED_FALLBACK,
1320 .cra_blocksize = AES_BLOCK_SIZE,
1321 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1322 .cra_type = &crypto_ablkcipher_type,
1323 .cra_module = THIS_MODULE,
1325 .setkey = spacc_aes_setkey,
1326 .encrypt = spacc_ablk_encrypt,
1327 .decrypt = spacc_ablk_decrypt,
1328 .min_keysize = AES_MIN_KEY_SIZE,
1329 .max_keysize = AES_MAX_KEY_SIZE,
1330 .ivsize = AES_BLOCK_SIZE,
1332 .cra_init = spacc_ablk_cra_init,
1333 .cra_exit = spacc_ablk_cra_exit,
1338 .iv_offs = AES_MAX_KEY_SIZE,
1339 .ctrl_default = SPA_CTRL_CIPH_ALG_AES | SPA_CTRL_CIPH_MODE_ECB,
1341 .cra_name = "ecb(aes)",
1342 .cra_driver_name = "ecb-aes-picoxcell",
1343 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1344 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
1345 CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK,
1346 .cra_blocksize = AES_BLOCK_SIZE,
1347 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1348 .cra_type = &crypto_ablkcipher_type,
1349 .cra_module = THIS_MODULE,
1351 .setkey = spacc_aes_setkey,
1352 .encrypt = spacc_ablk_encrypt,
1353 .decrypt = spacc_ablk_decrypt,
1354 .min_keysize = AES_MIN_KEY_SIZE,
1355 .max_keysize = AES_MAX_KEY_SIZE,
1357 .cra_init = spacc_ablk_cra_init,
1358 .cra_exit = spacc_ablk_cra_exit,
1362 .key_offs = DES_BLOCK_SIZE,
1364 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_CBC,
1366 .cra_name = "cbc(des)",
1367 .cra_driver_name = "cbc-des-picoxcell",
1368 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1369 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
1370 .cra_blocksize = DES_BLOCK_SIZE,
1371 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1372 .cra_type = &crypto_ablkcipher_type,
1373 .cra_module = THIS_MODULE,
1375 .setkey = spacc_des_setkey,
1376 .encrypt = spacc_ablk_encrypt,
1377 .decrypt = spacc_ablk_decrypt,
1378 .min_keysize = DES_KEY_SIZE,
1379 .max_keysize = DES_KEY_SIZE,
1380 .ivsize = DES_BLOCK_SIZE,
1382 .cra_init = spacc_ablk_cra_init,
1383 .cra_exit = spacc_ablk_cra_exit,
1387 .key_offs = DES_BLOCK_SIZE,
1389 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_ECB,
1391 .cra_name = "ecb(des)",
1392 .cra_driver_name = "ecb-des-picoxcell",
1393 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1394 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
1395 .cra_blocksize = DES_BLOCK_SIZE,
1396 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1397 .cra_type = &crypto_ablkcipher_type,
1398 .cra_module = THIS_MODULE,
1400 .setkey = spacc_des_setkey,
1401 .encrypt = spacc_ablk_encrypt,
1402 .decrypt = spacc_ablk_decrypt,
1403 .min_keysize = DES_KEY_SIZE,
1404 .max_keysize = DES_KEY_SIZE,
1406 .cra_init = spacc_ablk_cra_init,
1407 .cra_exit = spacc_ablk_cra_exit,
1411 .key_offs = DES_BLOCK_SIZE,
1413 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_CBC,
1415 .cra_name = "cbc(des3_ede)",
1416 .cra_driver_name = "cbc-des3-ede-picoxcell",
1417 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1418 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
1419 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1420 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1421 .cra_type = &crypto_ablkcipher_type,
1422 .cra_module = THIS_MODULE,
1424 .setkey = spacc_des_setkey,
1425 .encrypt = spacc_ablk_encrypt,
1426 .decrypt = spacc_ablk_decrypt,
1427 .min_keysize = DES3_EDE_KEY_SIZE,
1428 .max_keysize = DES3_EDE_KEY_SIZE,
1429 .ivsize = DES3_EDE_BLOCK_SIZE,
1431 .cra_init = spacc_ablk_cra_init,
1432 .cra_exit = spacc_ablk_cra_exit,
1436 .key_offs = DES_BLOCK_SIZE,
1438 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_ECB,
1440 .cra_name = "ecb(des3_ede)",
1441 .cra_driver_name = "ecb-des3-ede-picoxcell",
1442 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1443 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
1444 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1445 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1446 .cra_type = &crypto_ablkcipher_type,
1447 .cra_module = THIS_MODULE,
1449 .setkey = spacc_des_setkey,
1450 .encrypt = spacc_ablk_encrypt,
1451 .decrypt = spacc_ablk_decrypt,
1452 .min_keysize = DES3_EDE_KEY_SIZE,
1453 .max_keysize = DES3_EDE_KEY_SIZE,
1455 .cra_init = spacc_ablk_cra_init,
1456 .cra_exit = spacc_ablk_cra_exit,
1460 .ctrl_default = SPA_CTRL_CIPH_ALG_AES | SPA_CTRL_CIPH_MODE_CBC |
1461 SPA_CTRL_HASH_ALG_SHA | SPA_CTRL_HASH_MODE_HMAC,
1463 .iv_offs = AES_MAX_KEY_SIZE,
1465 .cra_name = "authenc(hmac(sha1),cbc(aes))",
1466 .cra_driver_name = "authenc-hmac-sha1-cbc-aes-picoxcell",
1467 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1468 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1469 .cra_blocksize = AES_BLOCK_SIZE,
1470 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1471 .cra_type = &crypto_aead_type,
1472 .cra_module = THIS_MODULE,
1474 .setkey = spacc_aead_setkey,
1475 .setauthsize = spacc_aead_setauthsize,
1476 .encrypt = spacc_aead_encrypt,
1477 .decrypt = spacc_aead_decrypt,
1478 .givencrypt = spacc_aead_givencrypt,
1479 .ivsize = AES_BLOCK_SIZE,
1480 .maxauthsize = SHA1_DIGEST_SIZE,
1482 .cra_init = spacc_aead_cra_init,
1483 .cra_exit = spacc_aead_cra_exit,
1487 .ctrl_default = SPA_CTRL_CIPH_ALG_AES | SPA_CTRL_CIPH_MODE_CBC |
1488 SPA_CTRL_HASH_ALG_SHA256 |
1489 SPA_CTRL_HASH_MODE_HMAC,
1491 .iv_offs = AES_MAX_KEY_SIZE,
1493 .cra_name = "authenc(hmac(sha256),cbc(aes))",
1494 .cra_driver_name = "authenc-hmac-sha256-cbc-aes-picoxcell",
1495 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1496 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1497 .cra_blocksize = AES_BLOCK_SIZE,
1498 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1499 .cra_type = &crypto_aead_type,
1500 .cra_module = THIS_MODULE,
1502 .setkey = spacc_aead_setkey,
1503 .setauthsize = spacc_aead_setauthsize,
1504 .encrypt = spacc_aead_encrypt,
1505 .decrypt = spacc_aead_decrypt,
1506 .givencrypt = spacc_aead_givencrypt,
1507 .ivsize = AES_BLOCK_SIZE,
1508 .maxauthsize = SHA256_DIGEST_SIZE,
1510 .cra_init = spacc_aead_cra_init,
1511 .cra_exit = spacc_aead_cra_exit,
1516 .iv_offs = AES_MAX_KEY_SIZE,
1517 .ctrl_default = SPA_CTRL_CIPH_ALG_AES | SPA_CTRL_CIPH_MODE_CBC |
1518 SPA_CTRL_HASH_ALG_MD5 | SPA_CTRL_HASH_MODE_HMAC,
1520 .cra_name = "authenc(hmac(md5),cbc(aes))",
1521 .cra_driver_name = "authenc-hmac-md5-cbc-aes-picoxcell",
1522 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1523 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1524 .cra_blocksize = AES_BLOCK_SIZE,
1525 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1526 .cra_type = &crypto_aead_type,
1527 .cra_module = THIS_MODULE,
1529 .setkey = spacc_aead_setkey,
1530 .setauthsize = spacc_aead_setauthsize,
1531 .encrypt = spacc_aead_encrypt,
1532 .decrypt = spacc_aead_decrypt,
1533 .givencrypt = spacc_aead_givencrypt,
1534 .ivsize = AES_BLOCK_SIZE,
1535 .maxauthsize = MD5_DIGEST_SIZE,
1537 .cra_init = spacc_aead_cra_init,
1538 .cra_exit = spacc_aead_cra_exit,
1542 .key_offs = DES_BLOCK_SIZE,
1544 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_CBC |
1545 SPA_CTRL_HASH_ALG_SHA | SPA_CTRL_HASH_MODE_HMAC,
1547 .cra_name = "authenc(hmac(sha1),cbc(des3_ede))",
1548 .cra_driver_name = "authenc-hmac-sha1-cbc-3des-picoxcell",
1549 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1550 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1551 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1552 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1553 .cra_type = &crypto_aead_type,
1554 .cra_module = THIS_MODULE,
1556 .setkey = spacc_aead_setkey,
1557 .setauthsize = spacc_aead_setauthsize,
1558 .encrypt = spacc_aead_encrypt,
1559 .decrypt = spacc_aead_decrypt,
1560 .givencrypt = spacc_aead_givencrypt,
1561 .ivsize = DES3_EDE_BLOCK_SIZE,
1562 .maxauthsize = SHA1_DIGEST_SIZE,
1564 .cra_init = spacc_aead_cra_init,
1565 .cra_exit = spacc_aead_cra_exit,
1569 .key_offs = DES_BLOCK_SIZE,
1571 .ctrl_default = SPA_CTRL_CIPH_ALG_AES | SPA_CTRL_CIPH_MODE_CBC |
1572 SPA_CTRL_HASH_ALG_SHA256 |
1573 SPA_CTRL_HASH_MODE_HMAC,
1575 .cra_name = "authenc(hmac(sha256),cbc(des3_ede))",
1576 .cra_driver_name = "authenc-hmac-sha256-cbc-3des-picoxcell",
1577 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1578 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1579 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1580 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1581 .cra_type = &crypto_aead_type,
1582 .cra_module = THIS_MODULE,
1584 .setkey = spacc_aead_setkey,
1585 .setauthsize = spacc_aead_setauthsize,
1586 .encrypt = spacc_aead_encrypt,
1587 .decrypt = spacc_aead_decrypt,
1588 .givencrypt = spacc_aead_givencrypt,
1589 .ivsize = DES3_EDE_BLOCK_SIZE,
1590 .maxauthsize = SHA256_DIGEST_SIZE,
1592 .cra_init = spacc_aead_cra_init,
1593 .cra_exit = spacc_aead_cra_exit,
1597 .key_offs = DES_BLOCK_SIZE,
1599 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_CBC |
1600 SPA_CTRL_HASH_ALG_MD5 | SPA_CTRL_HASH_MODE_HMAC,
1602 .cra_name = "authenc(hmac(md5),cbc(des3_ede))",
1603 .cra_driver_name = "authenc-hmac-md5-cbc-3des-picoxcell",
1604 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1605 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1606 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1607 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1608 .cra_type = &crypto_aead_type,
1609 .cra_module = THIS_MODULE,
1611 .setkey = spacc_aead_setkey,
1612 .setauthsize = spacc_aead_setauthsize,
1613 .encrypt = spacc_aead_encrypt,
1614 .decrypt = spacc_aead_decrypt,
1615 .givencrypt = spacc_aead_givencrypt,
1616 .ivsize = DES3_EDE_BLOCK_SIZE,
1617 .maxauthsize = MD5_DIGEST_SIZE,
1619 .cra_init = spacc_aead_cra_init,
1620 .cra_exit = spacc_aead_cra_exit,
1625 static struct spacc_alg l2_engine_algs[] = {
1628 .iv_offs = SPACC_CRYPTO_KASUMI_F8_KEY_LEN,
1629 .ctrl_default = SPA_CTRL_CIPH_ALG_KASUMI |
1630 SPA_CTRL_CIPH_MODE_F8,
1632 .cra_name = "f8(kasumi)",
1633 .cra_driver_name = "f8-kasumi-picoxcell",
1634 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1635 .cra_flags = CRYPTO_ALG_TYPE_GIVCIPHER | CRYPTO_ALG_ASYNC,
1637 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1638 .cra_type = &crypto_ablkcipher_type,
1639 .cra_module = THIS_MODULE,
1641 .setkey = spacc_kasumi_f8_setkey,
1642 .encrypt = spacc_ablk_encrypt,
1643 .decrypt = spacc_ablk_decrypt,
1648 .cra_init = spacc_ablk_cra_init,
1649 .cra_exit = spacc_ablk_cra_exit,
1654 static int __devinit spacc_probe(struct platform_device *pdev,
1655 unsigned max_ctxs, size_t cipher_pg_sz,
1656 size_t hash_pg_sz, size_t fifo_sz,
1657 struct spacc_alg *algs, size_t num_algs)
1659 int i, err, ret = -EINVAL;
1660 struct resource *mem, *irq;
1661 struct spacc_engine *engine = devm_kzalloc(&pdev->dev, sizeof(*engine),
1666 engine->max_ctxs = max_ctxs;
1667 engine->cipher_pg_sz = cipher_pg_sz;
1668 engine->hash_pg_sz = hash_pg_sz;
1669 engine->fifo_sz = fifo_sz;
1670 engine->algs = algs;
1671 engine->num_algs = num_algs;
1672 engine->name = dev_name(&pdev->dev);
1674 mem = platform_get_resource(pdev, IORESOURCE_MEM, 0);
1675 irq = platform_get_resource(pdev, IORESOURCE_IRQ, 0);
1677 dev_err(&pdev->dev, "no memory/irq resource for engine\n");
1681 if (!devm_request_mem_region(&pdev->dev, mem->start, resource_size(mem),
1685 engine->regs = devm_ioremap(&pdev->dev, mem->start, resource_size(mem));
1686 if (!engine->regs) {
1687 dev_err(&pdev->dev, "memory map failed\n");
1691 if (devm_request_irq(&pdev->dev, irq->start, spacc_spacc_irq, 0,
1692 engine->name, engine)) {
1693 dev_err(engine->dev, "failed to request IRQ\n");
1697 engine->dev = &pdev->dev;
1698 engine->cipher_ctx_base = engine->regs + SPA_CIPH_KEY_BASE_REG_OFFSET;
1699 engine->hash_key_base = engine->regs + SPA_HASH_KEY_BASE_REG_OFFSET;
1701 engine->req_pool = dmam_pool_create(engine->name, engine->dev,
1702 MAX_DDT_LEN * sizeof(struct spacc_ddt), 8, SZ_64K);
1703 if (!engine->req_pool)
1706 spin_lock_init(&engine->hw_lock);
1708 engine->clk = clk_get(&pdev->dev, NULL);
1709 if (IS_ERR(engine->clk)) {
1710 dev_info(&pdev->dev, "clk unavailable\n");
1711 device_remove_file(&pdev->dev, &dev_attr_stat_irq_thresh);
1712 return PTR_ERR(engine->clk);
1715 if (clk_enable(engine->clk)) {
1716 dev_info(&pdev->dev, "unable to enable clk\n");
1717 clk_put(engine->clk);
1721 err = device_create_file(&pdev->dev, &dev_attr_stat_irq_thresh);
1723 clk_disable(engine->clk);
1724 clk_put(engine->clk);
1730 * Use an IRQ threshold of 50% as a default. This seems to be a
1731 * reasonable trade off of latency against throughput but can be
1732 * changed at runtime.
1734 engine->stat_irq_thresh = (engine->fifo_sz / 2);
1737 * Configure the interrupts. We only use the STAT_CNT interrupt as we
1738 * only submit a new packet for processing when we complete another in
1739 * the queue. This minimizes time spent in the interrupt handler.
1741 writel(engine->stat_irq_thresh << SPA_IRQ_CTRL_STAT_CNT_OFFSET,
1742 engine->regs + SPA_IRQ_CTRL_REG_OFFSET);
1743 writel(SPA_IRQ_EN_STAT_EN | SPA_IRQ_EN_GLBL_EN,
1744 engine->regs + SPA_IRQ_EN_REG_OFFSET);
1746 setup_timer(&engine->packet_timeout, spacc_packet_timeout,
1747 (unsigned long)engine);
1749 INIT_LIST_HEAD(&engine->pending);
1750 INIT_LIST_HEAD(&engine->completed);
1751 INIT_LIST_HEAD(&engine->in_progress);
1752 engine->in_flight = 0;
1753 tasklet_init(&engine->complete, spacc_spacc_complete,
1754 (unsigned long)engine);
1756 platform_set_drvdata(pdev, engine);
1758 INIT_LIST_HEAD(&engine->registered_algs);
1759 for (i = 0; i < engine->num_algs; ++i) {
1760 engine->algs[i].engine = engine;
1761 err = crypto_register_alg(&engine->algs[i].alg);
1763 list_add_tail(&engine->algs[i].entry,
1764 &engine->registered_algs);
1768 dev_err(engine->dev, "failed to register alg \"%s\"\n",
1769 engine->algs[i].alg.cra_name);
1771 dev_dbg(engine->dev, "registered alg \"%s\"\n",
1772 engine->algs[i].alg.cra_name);
1778 static int __devexit spacc_remove(struct platform_device *pdev)
1780 struct spacc_alg *alg, *next;
1781 struct spacc_engine *engine = platform_get_drvdata(pdev);
1783 del_timer_sync(&engine->packet_timeout);
1784 device_remove_file(&pdev->dev, &dev_attr_stat_irq_thresh);
1786 list_for_each_entry_safe(alg, next, &engine->registered_algs, entry) {
1787 list_del(&alg->entry);
1788 crypto_unregister_alg(&alg->alg);
1791 clk_disable(engine->clk);
1792 clk_put(engine->clk);
1797 static int __devinit ipsec_probe(struct platform_device *pdev)
1799 return spacc_probe(pdev, SPACC_CRYPTO_IPSEC_MAX_CTXS,
1800 SPACC_CRYPTO_IPSEC_CIPHER_PG_SZ,
1801 SPACC_CRYPTO_IPSEC_HASH_PG_SZ,
1802 SPACC_CRYPTO_IPSEC_FIFO_SZ, ipsec_engine_algs,
1803 ARRAY_SIZE(ipsec_engine_algs));
1806 static struct platform_driver ipsec_driver = {
1807 .probe = ipsec_probe,
1808 .remove = __devexit_p(spacc_remove),
1810 .name = "picoxcell-ipsec",
1812 .pm = &spacc_pm_ops,
1813 #endif /* CONFIG_PM */
1817 static int __devinit l2_probe(struct platform_device *pdev)
1819 return spacc_probe(pdev, SPACC_CRYPTO_L2_MAX_CTXS,
1820 SPACC_CRYPTO_L2_CIPHER_PG_SZ,
1821 SPACC_CRYPTO_L2_HASH_PG_SZ, SPACC_CRYPTO_L2_FIFO_SZ,
1822 l2_engine_algs, ARRAY_SIZE(l2_engine_algs));
1825 static struct platform_driver l2_driver = {
1827 .remove = __devexit_p(spacc_remove),
1829 .name = "picoxcell-l2",
1831 .pm = &spacc_pm_ops,
1832 #endif /* CONFIG_PM */
1836 static int __init spacc_init(void)
1838 int ret = platform_driver_register(&ipsec_driver);
1840 pr_err("failed to register ipsec spacc driver");
1844 ret = platform_driver_register(&l2_driver);
1846 pr_err("failed to register l2 spacc driver");
1853 platform_driver_unregister(&ipsec_driver);
1857 module_init(spacc_init);
1859 static void __exit spacc_exit(void)
1861 platform_driver_unregister(&ipsec_driver);
1862 platform_driver_unregister(&l2_driver);
1864 module_exit(spacc_exit);
1866 MODULE_LICENSE("GPL");
1867 MODULE_AUTHOR("Jamie Iles");
git.openpandora.org / pandora-kernel.git / blob