2 * talitos - Freescale Integrated Security Engine (SEC) device driver
4 * Copyright (c) 2008-2011 Freescale Semiconductor, Inc.
6 * Scatterlist Crypto API glue code copied from files with the following:
7 * Copyright (c) 2006-2007 Herbert Xu <herbert@gondor.apana.org.au>
9 * Crypto algorithm registration code copied from hifn driver:
10 * 2007+ Copyright (c) Evgeniy Polyakov <johnpol@2ka.mipt.ru>
11 * All rights reserved.
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28 #include <linux/kernel.h>
29 #include <linux/module.h>
30 #include <linux/mod_devicetable.h>
31 #include <linux/device.h>
32 #include <linux/interrupt.h>
33 #include <linux/crypto.h>
34 #include <linux/hw_random.h>
35 #include <linux/of_platform.h>
36 #include <linux/dma-mapping.h>
38 #include <linux/spinlock.h>
39 #include <linux/rtnetlink.h>
40 #include <linux/slab.h>
42 #include <crypto/algapi.h>
43 #include <crypto/aes.h>
44 #include <crypto/des.h>
45 #include <crypto/sha.h>
46 #include <crypto/md5.h>
47 #include <crypto/aead.h>
48 #include <crypto/authenc.h>
49 #include <crypto/skcipher.h>
50 #include <crypto/hash.h>
51 #include <crypto/internal/hash.h>
52 #include <crypto/scatterwalk.h>
56 #define TALITOS_TIMEOUT 100000
57 #define TALITOS_MAX_DATA_LEN 65535
59 #define DESC_TYPE(desc_hdr) ((be32_to_cpu(desc_hdr) >> 3) & 0x1f)
60 #define PRIMARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 28) & 0xf)
61 #define SECONDARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 16) & 0xf)
63 /* descriptor pointer entry */
65 __be16 len; /* length */
66 u8 j_extent; /* jump to sg link table and/or extent */
67 u8 eptr; /* extended address */
68 __be32 ptr; /* address */
71 static const struct talitos_ptr zero_entry = {
80 __be32 hdr; /* header high bits */
81 __be32 hdr_lo; /* header low bits */
82 struct talitos_ptr ptr[7]; /* ptr/len pair array */
86 * talitos_request - descriptor submission request
87 * @desc: descriptor pointer (kernel virtual)
88 * @dma_desc: descriptor's physical bus address
89 * @callback: whom to call when descriptor processing is done
90 * @context: caller context (optional)
92 struct talitos_request {
93 struct talitos_desc *desc;
95 void (*callback) (struct device *dev, struct talitos_desc *desc,
96 void *context, int error);
100 /* per-channel fifo management */
101 struct talitos_channel {
103 struct talitos_request *fifo;
105 /* number of requests pending in channel h/w fifo */
106 atomic_t submit_count ____cacheline_aligned;
108 /* request submission (head) lock */
109 spinlock_t head_lock ____cacheline_aligned;
110 /* index to next free descriptor request */
113 /* request release (tail) lock */
114 spinlock_t tail_lock ____cacheline_aligned;
115 /* index to next in-progress/done descriptor request */
119 struct talitos_private {
121 struct platform_device *ofdev;
125 /* SEC version geometry (from device tree node) */
126 unsigned int num_channels;
127 unsigned int chfifo_len;
128 unsigned int exec_units;
129 unsigned int desc_types;
131 /* SEC Compatibility info */
132 unsigned long features;
135 * length of the request fifo
136 * fifo_len is chfifo_len rounded up to next power of 2
137 * so we can use bitwise ops to wrap
139 unsigned int fifo_len;
141 struct talitos_channel *chan;
143 /* next channel to be assigned next incoming descriptor */
144 atomic_t last_chan ____cacheline_aligned;
146 /* request callback tasklet */
147 struct tasklet_struct done_task;
149 /* list of registered algorithms */
150 struct list_head alg_list;
157 #define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x00000001
158 #define TALITOS_FTR_HW_AUTH_CHECK 0x00000002
159 #define TALITOS_FTR_SHA224_HWINIT 0x00000004
161 static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t dma_addr)
163 talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
164 talitos_ptr->eptr = upper_32_bits(dma_addr);
168 * map virtual single (contiguous) pointer to h/w descriptor pointer
170 static void map_single_talitos_ptr(struct device *dev,
171 struct talitos_ptr *talitos_ptr,
172 unsigned short len, void *data,
173 unsigned char extent,
174 enum dma_data_direction dir)
176 dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
178 talitos_ptr->len = cpu_to_be16(len);
179 to_talitos_ptr(talitos_ptr, dma_addr);
180 talitos_ptr->j_extent = extent;
184 * unmap bus single (contiguous) h/w descriptor pointer
186 static void unmap_single_talitos_ptr(struct device *dev,
187 struct talitos_ptr *talitos_ptr,
188 enum dma_data_direction dir)
190 dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr),
191 be16_to_cpu(talitos_ptr->len), dir);
194 static int reset_channel(struct device *dev, int ch)
196 struct talitos_private *priv = dev_get_drvdata(dev);
197 unsigned int timeout = TALITOS_TIMEOUT;
199 setbits32(priv->reg + TALITOS_CCCR(ch), TALITOS_CCCR_RESET);
201 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & TALITOS_CCCR_RESET)
206 dev_err(dev, "failed to reset channel %d\n", ch);
210 /* set 36-bit addressing, done writeback enable and done IRQ enable */
211 setbits32(priv->reg + TALITOS_CCCR_LO(ch), TALITOS_CCCR_LO_EAE |
212 TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE);
214 /* and ICCR writeback, if available */
215 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
216 setbits32(priv->reg + TALITOS_CCCR_LO(ch),
217 TALITOS_CCCR_LO_IWSE);
222 static int reset_device(struct device *dev)
224 struct talitos_private *priv = dev_get_drvdata(dev);
225 unsigned int timeout = TALITOS_TIMEOUT;
227 setbits32(priv->reg + TALITOS_MCR, TALITOS_MCR_SWR);
229 while ((in_be32(priv->reg + TALITOS_MCR) & TALITOS_MCR_SWR)
234 dev_err(dev, "failed to reset device\n");
242 * Reset and initialize the device
244 static int init_device(struct device *dev)
246 struct talitos_private *priv = dev_get_drvdata(dev);
251 * errata documentation: warning: certain SEC interrupts
252 * are not fully cleared by writing the MCR:SWR bit,
253 * set bit twice to completely reset
255 err = reset_device(dev);
259 err = reset_device(dev);
264 for (ch = 0; ch < priv->num_channels; ch++) {
265 err = reset_channel(dev, ch);
270 /* enable channel done and error interrupts */
271 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
272 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
274 /* disable integrity check error interrupts (use writeback instead) */
275 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
276 setbits32(priv->reg + TALITOS_MDEUICR_LO,
277 TALITOS_MDEUICR_LO_ICE);
283 * talitos_submit - submits a descriptor to the device for processing
284 * @dev: the SEC device to be used
285 * @ch: the SEC device channel to be used
286 * @desc: the descriptor to be processed by the device
287 * @callback: whom to call when processing is complete
288 * @context: a handle for use by caller (optional)
290 * desc must contain valid dma-mapped (bus physical) address pointers.
291 * callback must check err and feedback in descriptor header
292 * for device processing status.
294 static int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc,
295 void (*callback)(struct device *dev,
296 struct talitos_desc *desc,
297 void *context, int error),
300 struct talitos_private *priv = dev_get_drvdata(dev);
301 struct talitos_request *request;
305 spin_lock_irqsave(&priv->chan[ch].head_lock, flags);
307 if (!atomic_inc_not_zero(&priv->chan[ch].submit_count)) {
308 /* h/w fifo is full */
309 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
313 head = priv->chan[ch].head;
314 request = &priv->chan[ch].fifo[head];
316 /* map descriptor and save caller data */
317 request->dma_desc = dma_map_single(dev, desc, sizeof(*desc),
319 request->callback = callback;
320 request->context = context;
322 /* increment fifo head */
323 priv->chan[ch].head = (priv->chan[ch].head + 1) & (priv->fifo_len - 1);
326 request->desc = desc;
330 out_be32(priv->reg + TALITOS_FF(ch), upper_32_bits(request->dma_desc));
331 out_be32(priv->reg + TALITOS_FF_LO(ch),
332 lower_32_bits(request->dma_desc));
334 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
340 * process what was done, notify callback of error if not
342 static void flush_channel(struct device *dev, int ch, int error, int reset_ch)
344 struct talitos_private *priv = dev_get_drvdata(dev);
345 struct talitos_request *request, saved_req;
349 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
351 tail = priv->chan[ch].tail;
352 while (priv->chan[ch].fifo[tail].desc) {
353 request = &priv->chan[ch].fifo[tail];
355 /* descriptors with their done bits set don't get the error */
357 if ((request->desc->hdr & DESC_HDR_DONE) == DESC_HDR_DONE)
365 dma_unmap_single(dev, request->dma_desc,
366 sizeof(struct talitos_desc),
369 /* copy entries so we can call callback outside lock */
370 saved_req.desc = request->desc;
371 saved_req.callback = request->callback;
372 saved_req.context = request->context;
374 /* release request entry in fifo */
376 request->desc = NULL;
378 /* increment fifo tail */
379 priv->chan[ch].tail = (tail + 1) & (priv->fifo_len - 1);
381 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
383 atomic_dec(&priv->chan[ch].submit_count);
385 saved_req.callback(dev, saved_req.desc, saved_req.context,
387 /* channel may resume processing in single desc error case */
388 if (error && !reset_ch && status == error)
390 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
391 tail = priv->chan[ch].tail;
394 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
398 * process completed requests for channels that have done status
400 static void talitos_done(unsigned long data)
402 struct device *dev = (struct device *)data;
403 struct talitos_private *priv = dev_get_drvdata(dev);
406 for (ch = 0; ch < priv->num_channels; ch++)
407 flush_channel(dev, ch, 0, 0);
409 /* At this point, all completed channels have been processed.
410 * Unmask done interrupts for channels completed later on.
412 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
413 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
417 * locate current (offending) descriptor
419 static u32 current_desc_hdr(struct device *dev, int ch)
421 struct talitos_private *priv = dev_get_drvdata(dev);
422 int tail = priv->chan[ch].tail;
425 cur_desc = in_be32(priv->reg + TALITOS_CDPR_LO(ch));
427 while (priv->chan[ch].fifo[tail].dma_desc != cur_desc) {
428 tail = (tail + 1) & (priv->fifo_len - 1);
429 if (tail == priv->chan[ch].tail) {
430 dev_err(dev, "couldn't locate current descriptor\n");
435 return priv->chan[ch].fifo[tail].desc->hdr;
439 * user diagnostics; report root cause of error based on execution unit status
441 static void report_eu_error(struct device *dev, int ch, u32 desc_hdr)
443 struct talitos_private *priv = dev_get_drvdata(dev);
447 desc_hdr = in_be32(priv->reg + TALITOS_DESCBUF(ch));
449 switch (desc_hdr & DESC_HDR_SEL0_MASK) {
450 case DESC_HDR_SEL0_AFEU:
451 dev_err(dev, "AFEUISR 0x%08x_%08x\n",
452 in_be32(priv->reg + TALITOS_AFEUISR),
453 in_be32(priv->reg + TALITOS_AFEUISR_LO));
455 case DESC_HDR_SEL0_DEU:
456 dev_err(dev, "DEUISR 0x%08x_%08x\n",
457 in_be32(priv->reg + TALITOS_DEUISR),
458 in_be32(priv->reg + TALITOS_DEUISR_LO));
460 case DESC_HDR_SEL0_MDEUA:
461 case DESC_HDR_SEL0_MDEUB:
462 dev_err(dev, "MDEUISR 0x%08x_%08x\n",
463 in_be32(priv->reg + TALITOS_MDEUISR),
464 in_be32(priv->reg + TALITOS_MDEUISR_LO));
466 case DESC_HDR_SEL0_RNG:
467 dev_err(dev, "RNGUISR 0x%08x_%08x\n",
468 in_be32(priv->reg + TALITOS_RNGUISR),
469 in_be32(priv->reg + TALITOS_RNGUISR_LO));
471 case DESC_HDR_SEL0_PKEU:
472 dev_err(dev, "PKEUISR 0x%08x_%08x\n",
473 in_be32(priv->reg + TALITOS_PKEUISR),
474 in_be32(priv->reg + TALITOS_PKEUISR_LO));
476 case DESC_HDR_SEL0_AESU:
477 dev_err(dev, "AESUISR 0x%08x_%08x\n",
478 in_be32(priv->reg + TALITOS_AESUISR),
479 in_be32(priv->reg + TALITOS_AESUISR_LO));
481 case DESC_HDR_SEL0_CRCU:
482 dev_err(dev, "CRCUISR 0x%08x_%08x\n",
483 in_be32(priv->reg + TALITOS_CRCUISR),
484 in_be32(priv->reg + TALITOS_CRCUISR_LO));
486 case DESC_HDR_SEL0_KEU:
487 dev_err(dev, "KEUISR 0x%08x_%08x\n",
488 in_be32(priv->reg + TALITOS_KEUISR),
489 in_be32(priv->reg + TALITOS_KEUISR_LO));
493 switch (desc_hdr & DESC_HDR_SEL1_MASK) {
494 case DESC_HDR_SEL1_MDEUA:
495 case DESC_HDR_SEL1_MDEUB:
496 dev_err(dev, "MDEUISR 0x%08x_%08x\n",
497 in_be32(priv->reg + TALITOS_MDEUISR),
498 in_be32(priv->reg + TALITOS_MDEUISR_LO));
500 case DESC_HDR_SEL1_CRCU:
501 dev_err(dev, "CRCUISR 0x%08x_%08x\n",
502 in_be32(priv->reg + TALITOS_CRCUISR),
503 in_be32(priv->reg + TALITOS_CRCUISR_LO));
507 for (i = 0; i < 8; i++)
508 dev_err(dev, "DESCBUF 0x%08x_%08x\n",
509 in_be32(priv->reg + TALITOS_DESCBUF(ch) + 8*i),
510 in_be32(priv->reg + TALITOS_DESCBUF_LO(ch) + 8*i));
514 * recover from error interrupts
516 static void talitos_error(unsigned long data, u32 isr, u32 isr_lo)
518 struct device *dev = (struct device *)data;
519 struct talitos_private *priv = dev_get_drvdata(dev);
520 unsigned int timeout = TALITOS_TIMEOUT;
521 int ch, error, reset_dev = 0, reset_ch = 0;
524 for (ch = 0; ch < priv->num_channels; ch++) {
525 /* skip channels without errors */
526 if (!(isr & (1 << (ch * 2 + 1))))
531 v = in_be32(priv->reg + TALITOS_CCPSR(ch));
532 v_lo = in_be32(priv->reg + TALITOS_CCPSR_LO(ch));
534 if (v_lo & TALITOS_CCPSR_LO_DOF) {
535 dev_err(dev, "double fetch fifo overflow error\n");
539 if (v_lo & TALITOS_CCPSR_LO_SOF) {
540 /* h/w dropped descriptor */
541 dev_err(dev, "single fetch fifo overflow error\n");
544 if (v_lo & TALITOS_CCPSR_LO_MDTE)
545 dev_err(dev, "master data transfer error\n");
546 if (v_lo & TALITOS_CCPSR_LO_SGDLZ)
547 dev_err(dev, "s/g data length zero error\n");
548 if (v_lo & TALITOS_CCPSR_LO_FPZ)
549 dev_err(dev, "fetch pointer zero error\n");
550 if (v_lo & TALITOS_CCPSR_LO_IDH)
551 dev_err(dev, "illegal descriptor header error\n");
552 if (v_lo & TALITOS_CCPSR_LO_IEU)
553 dev_err(dev, "invalid execution unit error\n");
554 if (v_lo & TALITOS_CCPSR_LO_EU)
555 report_eu_error(dev, ch, current_desc_hdr(dev, ch));
556 if (v_lo & TALITOS_CCPSR_LO_GB)
557 dev_err(dev, "gather boundary error\n");
558 if (v_lo & TALITOS_CCPSR_LO_GRL)
559 dev_err(dev, "gather return/length error\n");
560 if (v_lo & TALITOS_CCPSR_LO_SB)
561 dev_err(dev, "scatter boundary error\n");
562 if (v_lo & TALITOS_CCPSR_LO_SRL)
563 dev_err(dev, "scatter return/length error\n");
565 flush_channel(dev, ch, error, reset_ch);
568 reset_channel(dev, ch);
570 setbits32(priv->reg + TALITOS_CCCR(ch),
572 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 0);
573 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) &
574 TALITOS_CCCR_CONT) && --timeout)
577 dev_err(dev, "failed to restart channel %d\n",
583 if (reset_dev || isr & ~TALITOS_ISR_CHERR || isr_lo) {
584 dev_err(dev, "done overflow, internal time out, or rngu error: "
585 "ISR 0x%08x_%08x\n", isr, isr_lo);
587 /* purge request queues */
588 for (ch = 0; ch < priv->num_channels; ch++)
589 flush_channel(dev, ch, -EIO, 1);
591 /* reset and reinitialize the device */
596 static irqreturn_t talitos_interrupt(int irq, void *data)
598 struct device *dev = data;
599 struct talitos_private *priv = dev_get_drvdata(dev);
602 isr = in_be32(priv->reg + TALITOS_ISR);
603 isr_lo = in_be32(priv->reg + TALITOS_ISR_LO);
604 /* Acknowledge interrupt */
605 out_be32(priv->reg + TALITOS_ICR, isr);
606 out_be32(priv->reg + TALITOS_ICR_LO, isr_lo);
608 if (unlikely((isr & ~TALITOS_ISR_CHDONE) || isr_lo))
609 talitos_error((unsigned long)data, isr, isr_lo);
611 if (likely(isr & TALITOS_ISR_CHDONE)) {
612 /* mask further done interrupts. */
613 clrbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_DONE);
614 /* done_task will unmask done interrupts at exit */
615 tasklet_schedule(&priv->done_task);
618 return (isr || isr_lo) ? IRQ_HANDLED : IRQ_NONE;
624 static int talitos_rng_data_present(struct hwrng *rng, int wait)
626 struct device *dev = (struct device *)rng->priv;
627 struct talitos_private *priv = dev_get_drvdata(dev);
631 for (i = 0; i < 20; i++) {
632 ofl = in_be32(priv->reg + TALITOS_RNGUSR_LO) &
633 TALITOS_RNGUSR_LO_OFL;
642 static int talitos_rng_data_read(struct hwrng *rng, u32 *data)
644 struct device *dev = (struct device *)rng->priv;
645 struct talitos_private *priv = dev_get_drvdata(dev);
647 /* rng fifo requires 64-bit accesses */
648 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO);
649 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO_LO);
654 static int talitos_rng_init(struct hwrng *rng)
656 struct device *dev = (struct device *)rng->priv;
657 struct talitos_private *priv = dev_get_drvdata(dev);
658 unsigned int timeout = TALITOS_TIMEOUT;
660 setbits32(priv->reg + TALITOS_RNGURCR_LO, TALITOS_RNGURCR_LO_SR);
661 while (!(in_be32(priv->reg + TALITOS_RNGUSR_LO) & TALITOS_RNGUSR_LO_RD)
665 dev_err(dev, "failed to reset rng hw\n");
669 /* start generating */
670 setbits32(priv->reg + TALITOS_RNGUDSR_LO, 0);
675 static int talitos_register_rng(struct device *dev)
677 struct talitos_private *priv = dev_get_drvdata(dev);
679 priv->rng.name = dev_driver_string(dev),
680 priv->rng.init = talitos_rng_init,
681 priv->rng.data_present = talitos_rng_data_present,
682 priv->rng.data_read = talitos_rng_data_read,
683 priv->rng.priv = (unsigned long)dev;
685 return hwrng_register(&priv->rng);
688 static void talitos_unregister_rng(struct device *dev)
690 struct talitos_private *priv = dev_get_drvdata(dev);
692 hwrng_unregister(&priv->rng);
698 #define TALITOS_CRA_PRIORITY 3000
699 #define TALITOS_MAX_KEY_SIZE 64
700 #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */
702 #define MD5_BLOCK_SIZE 64
707 __be32 desc_hdr_template;
708 u8 key[TALITOS_MAX_KEY_SIZE];
709 u8 iv[TALITOS_MAX_IV_LENGTH];
711 unsigned int enckeylen;
712 unsigned int authkeylen;
713 unsigned int authsize;
716 #define HASH_MAX_BLOCK_SIZE SHA512_BLOCK_SIZE
717 #define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
719 struct talitos_ahash_req_ctx {
720 u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
721 unsigned int hw_context_size;
722 u8 buf[HASH_MAX_BLOCK_SIZE];
723 u8 bufnext[HASH_MAX_BLOCK_SIZE];
727 unsigned int to_hash_later;
729 struct scatterlist bufsl[2];
730 struct scatterlist *psrc;
733 static int aead_setauthsize(struct crypto_aead *authenc,
734 unsigned int authsize)
736 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
738 ctx->authsize = authsize;
743 static int aead_setkey(struct crypto_aead *authenc,
744 const u8 *key, unsigned int keylen)
746 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
747 struct rtattr *rta = (void *)key;
748 struct crypto_authenc_key_param *param;
749 unsigned int authkeylen;
750 unsigned int enckeylen;
752 if (!RTA_OK(rta, keylen))
755 if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
758 if (RTA_PAYLOAD(rta) < sizeof(*param))
761 param = RTA_DATA(rta);
762 enckeylen = be32_to_cpu(param->enckeylen);
764 key += RTA_ALIGN(rta->rta_len);
765 keylen -= RTA_ALIGN(rta->rta_len);
767 if (keylen < enckeylen)
770 authkeylen = keylen - enckeylen;
772 if (keylen > TALITOS_MAX_KEY_SIZE)
775 memcpy(&ctx->key, key, keylen);
777 ctx->keylen = keylen;
778 ctx->enckeylen = enckeylen;
779 ctx->authkeylen = authkeylen;
784 crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN);
789 * talitos_edesc - s/w-extended descriptor
790 * @src_nents: number of segments in input scatterlist
791 * @dst_nents: number of segments in output scatterlist
792 * @dma_len: length of dma mapped link_tbl space
793 * @dma_link_tbl: bus physical address of link_tbl
794 * @desc: h/w descriptor
795 * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1)
797 * if decrypting (with authcheck), or either one of src_nents or dst_nents
798 * is greater than 1, an integrity check value is concatenated to the end
801 struct talitos_edesc {
807 dma_addr_t dma_link_tbl;
808 struct talitos_desc desc;
809 struct talitos_ptr link_tbl[0];
812 static int talitos_map_sg(struct device *dev, struct scatterlist *sg,
813 unsigned int nents, enum dma_data_direction dir,
816 if (unlikely(chained))
818 dma_map_sg(dev, sg, 1, dir);
819 sg = scatterwalk_sg_next(sg);
822 dma_map_sg(dev, sg, nents, dir);
826 static void talitos_unmap_sg_chain(struct device *dev, struct scatterlist *sg,
827 enum dma_data_direction dir)
830 dma_unmap_sg(dev, sg, 1, dir);
831 sg = scatterwalk_sg_next(sg);
835 static void talitos_sg_unmap(struct device *dev,
836 struct talitos_edesc *edesc,
837 struct scatterlist *src,
838 struct scatterlist *dst)
840 unsigned int src_nents = edesc->src_nents ? : 1;
841 unsigned int dst_nents = edesc->dst_nents ? : 1;
844 if (edesc->src_is_chained)
845 talitos_unmap_sg_chain(dev, src, DMA_TO_DEVICE);
847 dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE);
850 if (edesc->dst_is_chained)
851 talitos_unmap_sg_chain(dev, dst,
854 dma_unmap_sg(dev, dst, dst_nents,
858 if (edesc->src_is_chained)
859 talitos_unmap_sg_chain(dev, src, DMA_BIDIRECTIONAL);
861 dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL);
864 static void ipsec_esp_unmap(struct device *dev,
865 struct talitos_edesc *edesc,
866 struct aead_request *areq)
868 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6], DMA_FROM_DEVICE);
869 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[3], DMA_TO_DEVICE);
870 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
871 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[0], DMA_TO_DEVICE);
873 dma_unmap_sg(dev, areq->assoc, 1, DMA_TO_DEVICE);
875 talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
878 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
883 * ipsec_esp descriptor callbacks
885 static void ipsec_esp_encrypt_done(struct device *dev,
886 struct talitos_desc *desc, void *context,
889 struct aead_request *areq = context;
890 struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
891 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
892 struct talitos_edesc *edesc;
893 struct scatterlist *sg;
896 edesc = container_of(desc, struct talitos_edesc, desc);
898 ipsec_esp_unmap(dev, edesc, areq);
900 /* copy the generated ICV to dst */
901 if (edesc->dma_len) {
902 icvdata = &edesc->link_tbl[edesc->src_nents +
903 edesc->dst_nents + 2];
904 sg = sg_last(areq->dst, edesc->dst_nents);
905 memcpy((char *)sg_virt(sg) + sg->length - ctx->authsize,
906 icvdata, ctx->authsize);
911 aead_request_complete(areq, err);
914 static void ipsec_esp_decrypt_swauth_done(struct device *dev,
915 struct talitos_desc *desc,
916 void *context, int err)
918 struct aead_request *req = context;
919 struct crypto_aead *authenc = crypto_aead_reqtfm(req);
920 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
921 struct talitos_edesc *edesc;
922 struct scatterlist *sg;
925 edesc = container_of(desc, struct talitos_edesc, desc);
927 ipsec_esp_unmap(dev, edesc, req);
932 icvdata = &edesc->link_tbl[edesc->src_nents +
933 edesc->dst_nents + 2];
935 icvdata = &edesc->link_tbl[0];
937 sg = sg_last(req->dst, edesc->dst_nents ? : 1);
938 err = memcmp(icvdata, (char *)sg_virt(sg) + sg->length -
939 ctx->authsize, ctx->authsize) ? -EBADMSG : 0;
944 aead_request_complete(req, err);
947 static void ipsec_esp_decrypt_hwauth_done(struct device *dev,
948 struct talitos_desc *desc,
949 void *context, int err)
951 struct aead_request *req = context;
952 struct talitos_edesc *edesc;
954 edesc = container_of(desc, struct talitos_edesc, desc);
956 ipsec_esp_unmap(dev, edesc, req);
958 /* check ICV auth status */
959 if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) !=
960 DESC_HDR_LO_ICCR1_PASS))
965 aead_request_complete(req, err);
969 * convert scatterlist to SEC h/w link table format
970 * stop at cryptlen bytes
972 static int sg_to_link_tbl(struct scatterlist *sg, int sg_count,
973 int cryptlen, struct talitos_ptr *link_tbl_ptr)
978 to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg));
979 link_tbl_ptr->len = cpu_to_be16(sg_dma_len(sg));
980 link_tbl_ptr->j_extent = 0;
982 cryptlen -= sg_dma_len(sg);
983 sg = scatterwalk_sg_next(sg);
986 /* adjust (decrease) last one (or two) entry's len to cryptlen */
988 while (be16_to_cpu(link_tbl_ptr->len) <= (-cryptlen)) {
989 /* Empty this entry, and move to previous one */
990 cryptlen += be16_to_cpu(link_tbl_ptr->len);
991 link_tbl_ptr->len = 0;
995 link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len)
998 /* tag end of link table */
999 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
1005 * fill in and submit ipsec_esp descriptor
1007 static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq,
1009 void (*callback) (struct device *dev,
1010 struct talitos_desc *desc,
1011 void *context, int error))
1013 struct crypto_aead *aead = crypto_aead_reqtfm(areq);
1014 struct talitos_ctx *ctx = crypto_aead_ctx(aead);
1015 struct device *dev = ctx->dev;
1016 struct talitos_desc *desc = &edesc->desc;
1017 unsigned int cryptlen = areq->cryptlen;
1018 unsigned int authsize = ctx->authsize;
1019 unsigned int ivsize = crypto_aead_ivsize(aead);
1021 int sg_link_tbl_len;
1024 map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key,
1027 map_single_talitos_ptr(dev, &desc->ptr[1], areq->assoclen + ivsize,
1028 sg_virt(areq->assoc), 0, DMA_TO_DEVICE);
1030 map_single_talitos_ptr(dev, &desc->ptr[2], ivsize, giv ?: areq->iv, 0,
1034 map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen,
1035 (char *)&ctx->key + ctx->authkeylen, 0,
1040 * map and adjust cipher len to aead request cryptlen.
1041 * extent is bytes of HMAC postpended to ciphertext,
1042 * typically 12 for ipsec
1044 desc->ptr[4].len = cpu_to_be16(cryptlen);
1045 desc->ptr[4].j_extent = authsize;
1047 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
1048 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL
1050 edesc->src_is_chained);
1052 if (sg_count == 1) {
1053 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->src));
1055 sg_link_tbl_len = cryptlen;
1057 if (edesc->desc.hdr & DESC_HDR_MODE1_MDEU_CICV)
1058 sg_link_tbl_len = cryptlen + authsize;
1060 sg_count = sg_to_link_tbl(areq->src, sg_count, sg_link_tbl_len,
1061 &edesc->link_tbl[0]);
1063 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP;
1064 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl);
1065 dma_sync_single_for_device(dev, edesc->dma_link_tbl,
1069 /* Only one segment now, so no link tbl needed */
1070 to_talitos_ptr(&desc->ptr[4],
1071 sg_dma_address(areq->src));
1076 desc->ptr[5].len = cpu_to_be16(cryptlen);
1077 desc->ptr[5].j_extent = authsize;
1079 if (areq->src != areq->dst)
1080 sg_count = talitos_map_sg(dev, areq->dst,
1081 edesc->dst_nents ? : 1,
1083 edesc->dst_is_chained);
1085 if (sg_count == 1) {
1086 to_talitos_ptr(&desc->ptr[5], sg_dma_address(areq->dst));
1088 struct talitos_ptr *link_tbl_ptr =
1089 &edesc->link_tbl[edesc->src_nents + 1];
1091 to_talitos_ptr(&desc->ptr[5], edesc->dma_link_tbl +
1092 (edesc->src_nents + 1) *
1093 sizeof(struct talitos_ptr));
1094 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen,
1097 /* Add an entry to the link table for ICV data */
1098 link_tbl_ptr += sg_count - 1;
1099 link_tbl_ptr->j_extent = 0;
1102 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
1103 link_tbl_ptr->len = cpu_to_be16(authsize);
1105 /* icv data follows link tables */
1106 to_talitos_ptr(link_tbl_ptr, edesc->dma_link_tbl +
1107 (edesc->src_nents + edesc->dst_nents + 2) *
1108 sizeof(struct talitos_ptr));
1109 desc->ptr[5].j_extent |= DESC_PTR_LNKTBL_JUMP;
1110 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl,
1111 edesc->dma_len, DMA_BIDIRECTIONAL);
1115 map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, 0,
1118 ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
1119 if (ret != -EINPROGRESS) {
1120 ipsec_esp_unmap(dev, edesc, areq);
1127 * derive number of elements in scatterlist
1129 static int sg_count(struct scatterlist *sg_list, int nbytes, int *chained)
1131 struct scatterlist *sg = sg_list;
1135 while (nbytes > 0) {
1137 nbytes -= sg->length;
1138 if (!sg_is_last(sg) && (sg + 1)->length == 0)
1140 sg = scatterwalk_sg_next(sg);
1147 * sg_copy_end_to_buffer - Copy end data from SG list to a linear buffer
1149 * @nents: Number of SG entries
1150 * @buf: Where to copy to
1151 * @buflen: The number of bytes to copy
1152 * @skip: The number of bytes to skip before copying.
1153 * Note: skip + buflen should equal SG total size.
1155 * Returns the number of copied bytes.
1158 static size_t sg_copy_end_to_buffer(struct scatterlist *sgl, unsigned int nents,
1159 void *buf, size_t buflen, unsigned int skip)
1161 unsigned int offset = 0;
1162 unsigned int boffset = 0;
1163 struct sg_mapping_iter miter;
1164 unsigned long flags;
1165 unsigned int sg_flags = SG_MITER_ATOMIC;
1166 size_t total_buffer = buflen + skip;
1168 sg_flags |= SG_MITER_FROM_SG;
1170 sg_miter_start(&miter, sgl, nents, sg_flags);
1172 local_irq_save(flags);
1174 while (sg_miter_next(&miter) && offset < total_buffer) {
1176 unsigned int ignore;
1178 if ((offset + miter.length) > skip) {
1179 if (offset < skip) {
1180 /* Copy part of this segment */
1181 ignore = skip - offset;
1182 len = miter.length - ignore;
1183 if (boffset + len > buflen)
1184 len = buflen - boffset;
1185 memcpy(buf + boffset, miter.addr + ignore, len);
1187 /* Copy all of this segment (up to buflen) */
1189 if (boffset + len > buflen)
1190 len = buflen - boffset;
1191 memcpy(buf + boffset, miter.addr, len);
1195 offset += miter.length;
1198 sg_miter_stop(&miter);
1200 local_irq_restore(flags);
1205 * allocate and map the extended descriptor
1207 static struct talitos_edesc *talitos_edesc_alloc(struct device *dev,
1208 struct scatterlist *src,
1209 struct scatterlist *dst,
1211 unsigned int cryptlen,
1212 unsigned int authsize,
1216 struct talitos_edesc *edesc;
1217 int src_nents, dst_nents, alloc_len, dma_len;
1218 int src_chained, dst_chained = 0;
1219 gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL :
1222 if (cryptlen + authsize > TALITOS_MAX_DATA_LEN) {
1223 dev_err(dev, "length exceeds h/w max limit\n");
1224 return ERR_PTR(-EINVAL);
1227 src_nents = sg_count(src, cryptlen + authsize, &src_chained);
1228 src_nents = (src_nents == 1) ? 0 : src_nents;
1234 dst_nents = src_nents;
1236 dst_nents = sg_count(dst, cryptlen + authsize,
1238 dst_nents = (dst_nents == 1) ? 0 : dst_nents;
1243 * allocate space for base edesc plus the link tables,
1244 * allowing for two separate entries for ICV and generated ICV (+ 2),
1245 * and the ICV data itself
1247 alloc_len = sizeof(struct talitos_edesc);
1248 if (src_nents || dst_nents) {
1249 dma_len = (src_nents + dst_nents + 2) *
1250 sizeof(struct talitos_ptr) + authsize;
1251 alloc_len += dma_len;
1254 alloc_len += icv_stashing ? authsize : 0;
1257 edesc = kmalloc(alloc_len, GFP_DMA | flags);
1259 dev_err(dev, "could not allocate edescriptor\n");
1260 return ERR_PTR(-ENOMEM);
1263 edesc->src_nents = src_nents;
1264 edesc->dst_nents = dst_nents;
1265 edesc->src_is_chained = src_chained;
1266 edesc->dst_is_chained = dst_chained;
1267 edesc->dma_len = dma_len;
1269 edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0],
1276 static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq,
1279 struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
1280 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1282 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 0,
1283 areq->cryptlen, ctx->authsize, icv_stashing,
1287 static int aead_encrypt(struct aead_request *req)
1289 struct crypto_aead *authenc = crypto_aead_reqtfm(req);
1290 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1291 struct talitos_edesc *edesc;
1293 /* allocate extended descriptor */
1294 edesc = aead_edesc_alloc(req, 0);
1296 return PTR_ERR(edesc);
1299 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1301 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_encrypt_done);
1304 static int aead_decrypt(struct aead_request *req)
1306 struct crypto_aead *authenc = crypto_aead_reqtfm(req);
1307 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1308 unsigned int authsize = ctx->authsize;
1309 struct talitos_private *priv = dev_get_drvdata(ctx->dev);
1310 struct talitos_edesc *edesc;
1311 struct scatterlist *sg;
1314 req->cryptlen -= authsize;
1316 /* allocate extended descriptor */
1317 edesc = aead_edesc_alloc(req, 1);
1319 return PTR_ERR(edesc);
1321 if ((priv->features & TALITOS_FTR_HW_AUTH_CHECK) &&
1322 ((!edesc->src_nents && !edesc->dst_nents) ||
1323 priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) {
1325 /* decrypt and check the ICV */
1326 edesc->desc.hdr = ctx->desc_hdr_template |
1327 DESC_HDR_DIR_INBOUND |
1328 DESC_HDR_MODE1_MDEU_CICV;
1330 /* reset integrity check result bits */
1331 edesc->desc.hdr_lo = 0;
1333 return ipsec_esp(edesc, req, NULL, 0,
1334 ipsec_esp_decrypt_hwauth_done);
1338 /* Have to check the ICV with software */
1339 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
1341 /* stash incoming ICV for later cmp with ICV generated by the h/w */
1343 icvdata = &edesc->link_tbl[edesc->src_nents +
1344 edesc->dst_nents + 2];
1346 icvdata = &edesc->link_tbl[0];
1348 sg = sg_last(req->src, edesc->src_nents ? : 1);
1350 memcpy(icvdata, (char *)sg_virt(sg) + sg->length - ctx->authsize,
1353 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_decrypt_swauth_done);
1356 static int aead_givencrypt(struct aead_givcrypt_request *req)
1358 struct aead_request *areq = &req->areq;
1359 struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
1360 struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1361 struct talitos_edesc *edesc;
1363 /* allocate extended descriptor */
1364 edesc = aead_edesc_alloc(areq, 0);
1366 return PTR_ERR(edesc);
1369 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1371 memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc));
1372 /* avoid consecutive packets going out with same IV */
1373 *(__be64 *)req->giv ^= cpu_to_be64(req->seq);
1375 return ipsec_esp(edesc, areq, req->giv, req->seq,
1376 ipsec_esp_encrypt_done);
1379 static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
1380 const u8 *key, unsigned int keylen)
1382 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1384 memcpy(&ctx->key, key, keylen);
1385 ctx->keylen = keylen;
1390 static void common_nonsnoop_unmap(struct device *dev,
1391 struct talitos_edesc *edesc,
1392 struct ablkcipher_request *areq)
1394 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
1395 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
1396 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE);
1398 talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
1401 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
1405 static void ablkcipher_done(struct device *dev,
1406 struct talitos_desc *desc, void *context,
1409 struct ablkcipher_request *areq = context;
1410 struct talitos_edesc *edesc;
1412 edesc = container_of(desc, struct talitos_edesc, desc);
1414 common_nonsnoop_unmap(dev, edesc, areq);
1418 areq->base.complete(&areq->base, err);
1421 static int common_nonsnoop(struct talitos_edesc *edesc,
1422 struct ablkcipher_request *areq,
1423 void (*callback) (struct device *dev,
1424 struct talitos_desc *desc,
1425 void *context, int error))
1427 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1428 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1429 struct device *dev = ctx->dev;
1430 struct talitos_desc *desc = &edesc->desc;
1431 unsigned int cryptlen = areq->nbytes;
1432 unsigned int ivsize;
1435 /* first DWORD empty */
1436 desc->ptr[0].len = 0;
1437 to_talitos_ptr(&desc->ptr[0], 0);
1438 desc->ptr[0].j_extent = 0;
1441 ivsize = crypto_ablkcipher_ivsize(cipher);
1442 map_single_talitos_ptr(dev, &desc->ptr[1], ivsize, areq->info, 0,
1446 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
1447 (char *)&ctx->key, 0, DMA_TO_DEVICE);
1452 desc->ptr[3].len = cpu_to_be16(cryptlen);
1453 desc->ptr[3].j_extent = 0;
1455 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
1456 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL
1458 edesc->src_is_chained);
1460 if (sg_count == 1) {
1461 to_talitos_ptr(&desc->ptr[3], sg_dma_address(areq->src));
1463 sg_count = sg_to_link_tbl(areq->src, sg_count, cryptlen,
1464 &edesc->link_tbl[0]);
1466 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl);
1467 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP;
1468 dma_sync_single_for_device(dev, edesc->dma_link_tbl,
1472 /* Only one segment now, so no link tbl needed */
1473 to_talitos_ptr(&desc->ptr[3],
1474 sg_dma_address(areq->src));
1479 desc->ptr[4].len = cpu_to_be16(cryptlen);
1480 desc->ptr[4].j_extent = 0;
1482 if (areq->src != areq->dst)
1483 sg_count = talitos_map_sg(dev, areq->dst,
1484 edesc->dst_nents ? : 1,
1486 edesc->dst_is_chained);
1488 if (sg_count == 1) {
1489 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->dst));
1491 struct talitos_ptr *link_tbl_ptr =
1492 &edesc->link_tbl[edesc->src_nents + 1];
1494 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl +
1495 (edesc->src_nents + 1) *
1496 sizeof(struct talitos_ptr));
1497 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP;
1498 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen,
1500 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl,
1501 edesc->dma_len, DMA_BIDIRECTIONAL);
1505 map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv, 0,
1508 /* last DWORD empty */
1509 desc->ptr[6].len = 0;
1510 to_talitos_ptr(&desc->ptr[6], 0);
1511 desc->ptr[6].j_extent = 0;
1513 ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
1514 if (ret != -EINPROGRESS) {
1515 common_nonsnoop_unmap(dev, edesc, areq);
1521 static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request *
1524 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1525 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1527 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 0,
1528 areq->nbytes, 0, 0, areq->base.flags);
1531 static int ablkcipher_encrypt(struct ablkcipher_request *areq)
1533 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1534 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1535 struct talitos_edesc *edesc;
1537 /* allocate extended descriptor */
1538 edesc = ablkcipher_edesc_alloc(areq);
1540 return PTR_ERR(edesc);
1543 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1545 return common_nonsnoop(edesc, areq, ablkcipher_done);
1548 static int ablkcipher_decrypt(struct ablkcipher_request *areq)
1550 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1551 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1552 struct talitos_edesc *edesc;
1554 /* allocate extended descriptor */
1555 edesc = ablkcipher_edesc_alloc(areq);
1557 return PTR_ERR(edesc);
1559 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
1561 return common_nonsnoop(edesc, areq, ablkcipher_done);
1564 static void common_nonsnoop_hash_unmap(struct device *dev,
1565 struct talitos_edesc *edesc,
1566 struct ahash_request *areq)
1568 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1570 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
1572 /* When using hashctx-in, must unmap it. */
1573 if (edesc->desc.ptr[1].len)
1574 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1],
1577 if (edesc->desc.ptr[2].len)
1578 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2],
1581 talitos_sg_unmap(dev, edesc, req_ctx->psrc, NULL);
1584 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
1589 static void ahash_done(struct device *dev,
1590 struct talitos_desc *desc, void *context,
1593 struct ahash_request *areq = context;
1594 struct talitos_edesc *edesc =
1595 container_of(desc, struct talitos_edesc, desc);
1596 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1598 if (!req_ctx->last && req_ctx->to_hash_later) {
1599 /* Position any partial block for next update/final/finup */
1600 memcpy(req_ctx->buf, req_ctx->bufnext, req_ctx->to_hash_later);
1601 req_ctx->nbuf = req_ctx->to_hash_later;
1603 common_nonsnoop_hash_unmap(dev, edesc, areq);
1607 areq->base.complete(&areq->base, err);
1610 static int common_nonsnoop_hash(struct talitos_edesc *edesc,
1611 struct ahash_request *areq, unsigned int length,
1612 void (*callback) (struct device *dev,
1613 struct talitos_desc *desc,
1614 void *context, int error))
1616 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1617 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1618 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1619 struct device *dev = ctx->dev;
1620 struct talitos_desc *desc = &edesc->desc;
1623 /* first DWORD empty */
1624 desc->ptr[0] = zero_entry;
1626 /* hash context in */
1627 if (!req_ctx->first || req_ctx->swinit) {
1628 map_single_talitos_ptr(dev, &desc->ptr[1],
1629 req_ctx->hw_context_size,
1630 (char *)req_ctx->hw_context, 0,
1632 req_ctx->swinit = 0;
1634 desc->ptr[1] = zero_entry;
1635 /* Indicate next op is not the first. */
1641 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
1642 (char *)&ctx->key, 0, DMA_TO_DEVICE);
1644 desc->ptr[2] = zero_entry;
1649 desc->ptr[3].len = cpu_to_be16(length);
1650 desc->ptr[3].j_extent = 0;
1652 sg_count = talitos_map_sg(dev, req_ctx->psrc,
1653 edesc->src_nents ? : 1,
1655 edesc->src_is_chained);
1657 if (sg_count == 1) {
1658 to_talitos_ptr(&desc->ptr[3], sg_dma_address(req_ctx->psrc));
1660 sg_count = sg_to_link_tbl(req_ctx->psrc, sg_count, length,
1661 &edesc->link_tbl[0]);
1663 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP;
1664 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl);
1665 dma_sync_single_for_device(ctx->dev,
1666 edesc->dma_link_tbl,
1670 /* Only one segment now, so no link tbl needed */
1671 to_talitos_ptr(&desc->ptr[3],
1672 sg_dma_address(req_ctx->psrc));
1676 /* fifth DWORD empty */
1677 desc->ptr[4] = zero_entry;
1679 /* hash/HMAC out -or- hash context out */
1681 map_single_talitos_ptr(dev, &desc->ptr[5],
1682 crypto_ahash_digestsize(tfm),
1683 areq->result, 0, DMA_FROM_DEVICE);
1685 map_single_talitos_ptr(dev, &desc->ptr[5],
1686 req_ctx->hw_context_size,
1687 req_ctx->hw_context, 0, DMA_FROM_DEVICE);
1689 /* last DWORD empty */
1690 desc->ptr[6] = zero_entry;
1692 ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
1693 if (ret != -EINPROGRESS) {
1694 common_nonsnoop_hash_unmap(dev, edesc, areq);
1700 static struct talitos_edesc *ahash_edesc_alloc(struct ahash_request *areq,
1701 unsigned int nbytes)
1703 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1704 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1705 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1707 return talitos_edesc_alloc(ctx->dev, req_ctx->psrc, NULL, 1,
1708 nbytes, 0, 0, areq->base.flags);
1711 static int ahash_init(struct ahash_request *areq)
1713 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1714 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1716 /* Initialize the context */
1718 req_ctx->first = 1; /* first indicates h/w must init its context */
1719 req_ctx->swinit = 0; /* assume h/w init of context */
1720 req_ctx->hw_context_size =
1721 (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE)
1722 ? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256
1723 : TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512;
1729 * on h/w without explicit sha224 support, we initialize h/w context
1730 * manually with sha224 constants, and tell it to run sha256.
1732 static int ahash_init_sha224_swinit(struct ahash_request *areq)
1734 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1737 req_ctx->swinit = 1;/* prevent h/w initting context with sha256 values*/
1739 req_ctx->hw_context[0] = SHA224_H0;
1740 req_ctx->hw_context[1] = SHA224_H1;
1741 req_ctx->hw_context[2] = SHA224_H2;
1742 req_ctx->hw_context[3] = SHA224_H3;
1743 req_ctx->hw_context[4] = SHA224_H4;
1744 req_ctx->hw_context[5] = SHA224_H5;
1745 req_ctx->hw_context[6] = SHA224_H6;
1746 req_ctx->hw_context[7] = SHA224_H7;
1748 /* init 64-bit count */
1749 req_ctx->hw_context[8] = 0;
1750 req_ctx->hw_context[9] = 0;
1755 static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
1757 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1758 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1759 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1760 struct talitos_edesc *edesc;
1761 unsigned int blocksize =
1762 crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
1763 unsigned int nbytes_to_hash;
1764 unsigned int to_hash_later;
1768 if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) {
1769 /* Buffer up to one whole block */
1770 sg_copy_to_buffer(areq->src,
1771 sg_count(areq->src, nbytes, &chained),
1772 req_ctx->buf + req_ctx->nbuf, nbytes);
1773 req_ctx->nbuf += nbytes;
1777 /* At least (blocksize + 1) bytes are available to hash */
1778 nbytes_to_hash = nbytes + req_ctx->nbuf;
1779 to_hash_later = nbytes_to_hash & (blocksize - 1);
1783 else if (to_hash_later)
1784 /* There is a partial block. Hash the full block(s) now */
1785 nbytes_to_hash -= to_hash_later;
1787 /* Keep one block buffered */
1788 nbytes_to_hash -= blocksize;
1789 to_hash_later = blocksize;
1792 /* Chain in any previously buffered data */
1793 if (req_ctx->nbuf) {
1794 nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
1795 sg_init_table(req_ctx->bufsl, nsg);
1796 sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
1798 scatterwalk_sg_chain(req_ctx->bufsl, 2, areq->src);
1799 req_ctx->psrc = req_ctx->bufsl;
1801 req_ctx->psrc = areq->src;
1803 if (to_hash_later) {
1804 int nents = sg_count(areq->src, nbytes, &chained);
1805 sg_copy_end_to_buffer(areq->src, nents,
1808 nbytes - to_hash_later);
1810 req_ctx->to_hash_later = to_hash_later;
1812 /* Allocate extended descriptor */
1813 edesc = ahash_edesc_alloc(areq, nbytes_to_hash);
1815 return PTR_ERR(edesc);
1817 edesc->desc.hdr = ctx->desc_hdr_template;
1819 /* On last one, request SEC to pad; otherwise continue */
1821 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_PAD;
1823 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_CONT;
1825 /* request SEC to INIT hash. */
1826 if (req_ctx->first && !req_ctx->swinit)
1827 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_INIT;
1829 /* When the tfm context has a keylen, it's an HMAC.
1830 * A first or last (ie. not middle) descriptor must request HMAC.
1832 if (ctx->keylen && (req_ctx->first || req_ctx->last))
1833 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_HMAC;
1835 return common_nonsnoop_hash(edesc, areq, nbytes_to_hash,
1839 static int ahash_update(struct ahash_request *areq)
1841 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1845 return ahash_process_req(areq, areq->nbytes);
1848 static int ahash_final(struct ahash_request *areq)
1850 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1854 return ahash_process_req(areq, 0);
1857 static int ahash_finup(struct ahash_request *areq)
1859 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1863 return ahash_process_req(areq, areq->nbytes);
1866 static int ahash_digest(struct ahash_request *areq)
1868 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1869 struct crypto_ahash *ahash = crypto_ahash_reqtfm(areq);
1874 return ahash_process_req(areq, areq->nbytes);
1877 struct talitos_alg_template {
1880 struct crypto_alg crypto;
1881 struct ahash_alg hash;
1883 __be32 desc_hdr_template;
1886 static struct talitos_alg_template driver_algs[] = {
1887 /* AEAD algorithms. These use a single-pass ipsec_esp descriptor */
1888 { .type = CRYPTO_ALG_TYPE_AEAD,
1890 .cra_name = "authenc(hmac(sha1),cbc(aes))",
1891 .cra_driver_name = "authenc-hmac-sha1-cbc-aes-talitos",
1892 .cra_blocksize = AES_BLOCK_SIZE,
1893 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1894 .cra_type = &crypto_aead_type,
1896 .setkey = aead_setkey,
1897 .setauthsize = aead_setauthsize,
1898 .encrypt = aead_encrypt,
1899 .decrypt = aead_decrypt,
1900 .givencrypt = aead_givencrypt,
1901 .geniv = "<built-in>",
1902 .ivsize = AES_BLOCK_SIZE,
1903 .maxauthsize = SHA1_DIGEST_SIZE,
1906 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
1907 DESC_HDR_SEL0_AESU |
1908 DESC_HDR_MODE0_AESU_CBC |
1909 DESC_HDR_SEL1_MDEUA |
1910 DESC_HDR_MODE1_MDEU_INIT |
1911 DESC_HDR_MODE1_MDEU_PAD |
1912 DESC_HDR_MODE1_MDEU_SHA1_HMAC,
1914 { .type = CRYPTO_ALG_TYPE_AEAD,
1916 .cra_name = "authenc(hmac(sha1),cbc(des3_ede))",
1917 .cra_driver_name = "authenc-hmac-sha1-cbc-3des-talitos",
1918 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1919 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1920 .cra_type = &crypto_aead_type,
1922 .setkey = aead_setkey,
1923 .setauthsize = aead_setauthsize,
1924 .encrypt = aead_encrypt,
1925 .decrypt = aead_decrypt,
1926 .givencrypt = aead_givencrypt,
1927 .geniv = "<built-in>",
1928 .ivsize = DES3_EDE_BLOCK_SIZE,
1929 .maxauthsize = SHA1_DIGEST_SIZE,
1932 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
1934 DESC_HDR_MODE0_DEU_CBC |
1935 DESC_HDR_MODE0_DEU_3DES |
1936 DESC_HDR_SEL1_MDEUA |
1937 DESC_HDR_MODE1_MDEU_INIT |
1938 DESC_HDR_MODE1_MDEU_PAD |
1939 DESC_HDR_MODE1_MDEU_SHA1_HMAC,
1941 { .type = CRYPTO_ALG_TYPE_AEAD,
1943 .cra_name = "authenc(hmac(sha256),cbc(aes))",
1944 .cra_driver_name = "authenc-hmac-sha256-cbc-aes-talitos",
1945 .cra_blocksize = AES_BLOCK_SIZE,
1946 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1947 .cra_type = &crypto_aead_type,
1949 .setkey = aead_setkey,
1950 .setauthsize = aead_setauthsize,
1951 .encrypt = aead_encrypt,
1952 .decrypt = aead_decrypt,
1953 .givencrypt = aead_givencrypt,
1954 .geniv = "<built-in>",
1955 .ivsize = AES_BLOCK_SIZE,
1956 .maxauthsize = SHA256_DIGEST_SIZE,
1959 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
1960 DESC_HDR_SEL0_AESU |
1961 DESC_HDR_MODE0_AESU_CBC |
1962 DESC_HDR_SEL1_MDEUA |
1963 DESC_HDR_MODE1_MDEU_INIT |
1964 DESC_HDR_MODE1_MDEU_PAD |
1965 DESC_HDR_MODE1_MDEU_SHA256_HMAC,
1967 { .type = CRYPTO_ALG_TYPE_AEAD,
1969 .cra_name = "authenc(hmac(sha256),cbc(des3_ede))",
1970 .cra_driver_name = "authenc-hmac-sha256-cbc-3des-talitos",
1971 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1972 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1973 .cra_type = &crypto_aead_type,
1975 .setkey = aead_setkey,
1976 .setauthsize = aead_setauthsize,
1977 .encrypt = aead_encrypt,
1978 .decrypt = aead_decrypt,
1979 .givencrypt = aead_givencrypt,
1980 .geniv = "<built-in>",
1981 .ivsize = DES3_EDE_BLOCK_SIZE,
1982 .maxauthsize = SHA256_DIGEST_SIZE,
1985 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
1987 DESC_HDR_MODE0_DEU_CBC |
1988 DESC_HDR_MODE0_DEU_3DES |
1989 DESC_HDR_SEL1_MDEUA |
1990 DESC_HDR_MODE1_MDEU_INIT |
1991 DESC_HDR_MODE1_MDEU_PAD |
1992 DESC_HDR_MODE1_MDEU_SHA256_HMAC,
1994 { .type = CRYPTO_ALG_TYPE_AEAD,
1996 .cra_name = "authenc(hmac(md5),cbc(aes))",
1997 .cra_driver_name = "authenc-hmac-md5-cbc-aes-talitos",
1998 .cra_blocksize = AES_BLOCK_SIZE,
1999 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2000 .cra_type = &crypto_aead_type,
2002 .setkey = aead_setkey,
2003 .setauthsize = aead_setauthsize,
2004 .encrypt = aead_encrypt,
2005 .decrypt = aead_decrypt,
2006 .givencrypt = aead_givencrypt,
2007 .geniv = "<built-in>",
2008 .ivsize = AES_BLOCK_SIZE,
2009 .maxauthsize = MD5_DIGEST_SIZE,
2012 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2013 DESC_HDR_SEL0_AESU |
2014 DESC_HDR_MODE0_AESU_CBC |
2015 DESC_HDR_SEL1_MDEUA |
2016 DESC_HDR_MODE1_MDEU_INIT |
2017 DESC_HDR_MODE1_MDEU_PAD |
2018 DESC_HDR_MODE1_MDEU_MD5_HMAC,
2020 { .type = CRYPTO_ALG_TYPE_AEAD,
2022 .cra_name = "authenc(hmac(md5),cbc(des3_ede))",
2023 .cra_driver_name = "authenc-hmac-md5-cbc-3des-talitos",
2024 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2025 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2026 .cra_type = &crypto_aead_type,
2028 .setkey = aead_setkey,
2029 .setauthsize = aead_setauthsize,
2030 .encrypt = aead_encrypt,
2031 .decrypt = aead_decrypt,
2032 .givencrypt = aead_givencrypt,
2033 .geniv = "<built-in>",
2034 .ivsize = DES3_EDE_BLOCK_SIZE,
2035 .maxauthsize = MD5_DIGEST_SIZE,
2038 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2040 DESC_HDR_MODE0_DEU_CBC |
2041 DESC_HDR_MODE0_DEU_3DES |
2042 DESC_HDR_SEL1_MDEUA |
2043 DESC_HDR_MODE1_MDEU_INIT |
2044 DESC_HDR_MODE1_MDEU_PAD |
2045 DESC_HDR_MODE1_MDEU_MD5_HMAC,
2047 /* ABLKCIPHER algorithms. */
2048 { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
2050 .cra_name = "cbc(aes)",
2051 .cra_driver_name = "cbc-aes-talitos",
2052 .cra_blocksize = AES_BLOCK_SIZE,
2053 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
2055 .cra_type = &crypto_ablkcipher_type,
2057 .setkey = ablkcipher_setkey,
2058 .encrypt = ablkcipher_encrypt,
2059 .decrypt = ablkcipher_decrypt,
2061 .min_keysize = AES_MIN_KEY_SIZE,
2062 .max_keysize = AES_MAX_KEY_SIZE,
2063 .ivsize = AES_BLOCK_SIZE,
2066 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2067 DESC_HDR_SEL0_AESU |
2068 DESC_HDR_MODE0_AESU_CBC,
2070 { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
2072 .cra_name = "cbc(des3_ede)",
2073 .cra_driver_name = "cbc-3des-talitos",
2074 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2075 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
2077 .cra_type = &crypto_ablkcipher_type,
2079 .setkey = ablkcipher_setkey,
2080 .encrypt = ablkcipher_encrypt,
2081 .decrypt = ablkcipher_decrypt,
2083 .min_keysize = DES3_EDE_KEY_SIZE,
2084 .max_keysize = DES3_EDE_KEY_SIZE,
2085 .ivsize = DES3_EDE_BLOCK_SIZE,
2088 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2090 DESC_HDR_MODE0_DEU_CBC |
2091 DESC_HDR_MODE0_DEU_3DES,
2093 /* AHASH algorithms. */
2094 { .type = CRYPTO_ALG_TYPE_AHASH,
2097 .update = ahash_update,
2098 .final = ahash_final,
2099 .finup = ahash_finup,
2100 .digest = ahash_digest,
2101 .halg.digestsize = MD5_DIGEST_SIZE,
2104 .cra_driver_name = "md5-talitos",
2105 .cra_blocksize = MD5_BLOCK_SIZE,
2106 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2108 .cra_type = &crypto_ahash_type
2111 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2112 DESC_HDR_SEL0_MDEUA |
2113 DESC_HDR_MODE0_MDEU_MD5,
2115 { .type = CRYPTO_ALG_TYPE_AHASH,
2118 .update = ahash_update,
2119 .final = ahash_final,
2120 .finup = ahash_finup,
2121 .digest = ahash_digest,
2122 .halg.digestsize = SHA1_DIGEST_SIZE,
2125 .cra_driver_name = "sha1-talitos",
2126 .cra_blocksize = SHA1_BLOCK_SIZE,
2127 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2129 .cra_type = &crypto_ahash_type
2132 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2133 DESC_HDR_SEL0_MDEUA |
2134 DESC_HDR_MODE0_MDEU_SHA1,
2136 { .type = CRYPTO_ALG_TYPE_AHASH,
2139 .update = ahash_update,
2140 .final = ahash_final,
2141 .finup = ahash_finup,
2142 .digest = ahash_digest,
2143 .halg.digestsize = SHA224_DIGEST_SIZE,
2145 .cra_name = "sha224",
2146 .cra_driver_name = "sha224-talitos",
2147 .cra_blocksize = SHA224_BLOCK_SIZE,
2148 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2150 .cra_type = &crypto_ahash_type
2153 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2154 DESC_HDR_SEL0_MDEUA |
2155 DESC_HDR_MODE0_MDEU_SHA224,
2157 { .type = CRYPTO_ALG_TYPE_AHASH,
2160 .update = ahash_update,
2161 .final = ahash_final,
2162 .finup = ahash_finup,
2163 .digest = ahash_digest,
2164 .halg.digestsize = SHA256_DIGEST_SIZE,
2166 .cra_name = "sha256",
2167 .cra_driver_name = "sha256-talitos",
2168 .cra_blocksize = SHA256_BLOCK_SIZE,
2169 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2171 .cra_type = &crypto_ahash_type
2174 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2175 DESC_HDR_SEL0_MDEUA |
2176 DESC_HDR_MODE0_MDEU_SHA256,
2178 { .type = CRYPTO_ALG_TYPE_AHASH,
2181 .update = ahash_update,
2182 .final = ahash_final,
2183 .finup = ahash_finup,
2184 .digest = ahash_digest,
2185 .halg.digestsize = SHA384_DIGEST_SIZE,
2187 .cra_name = "sha384",
2188 .cra_driver_name = "sha384-talitos",
2189 .cra_blocksize = SHA384_BLOCK_SIZE,
2190 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2192 .cra_type = &crypto_ahash_type
2195 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2196 DESC_HDR_SEL0_MDEUB |
2197 DESC_HDR_MODE0_MDEUB_SHA384,
2199 { .type = CRYPTO_ALG_TYPE_AHASH,
2202 .update = ahash_update,
2203 .final = ahash_final,
2204 .finup = ahash_finup,
2205 .digest = ahash_digest,
2206 .halg.digestsize = SHA512_DIGEST_SIZE,
2208 .cra_name = "sha512",
2209 .cra_driver_name = "sha512-talitos",
2210 .cra_blocksize = SHA512_BLOCK_SIZE,
2211 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2213 .cra_type = &crypto_ahash_type
2216 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2217 DESC_HDR_SEL0_MDEUB |
2218 DESC_HDR_MODE0_MDEUB_SHA512,
2222 struct talitos_crypto_alg {
2223 struct list_head entry;
2225 struct talitos_alg_template algt;
2228 static int talitos_cra_init(struct crypto_tfm *tfm)
2230 struct crypto_alg *alg = tfm->__crt_alg;
2231 struct talitos_crypto_alg *talitos_alg;
2232 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
2233 struct talitos_private *priv;
2235 if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_AHASH)
2236 talitos_alg = container_of(__crypto_ahash_alg(alg),
2237 struct talitos_crypto_alg,
2240 talitos_alg = container_of(alg, struct talitos_crypto_alg,
2243 /* update context with ptr to dev */
2244 ctx->dev = talitos_alg->dev;
2246 /* assign SEC channel to tfm in round-robin fashion */
2247 priv = dev_get_drvdata(ctx->dev);
2248 ctx->ch = atomic_inc_return(&priv->last_chan) &
2249 (priv->num_channels - 1);
2251 /* copy descriptor header template value */
2252 ctx->desc_hdr_template = talitos_alg->algt.desc_hdr_template;
2254 /* select done notification */
2255 ctx->desc_hdr_template |= DESC_HDR_DONE_NOTIFY;
2260 static int talitos_cra_init_aead(struct crypto_tfm *tfm)
2262 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
2264 talitos_cra_init(tfm);
2266 /* random first IV */
2267 get_random_bytes(ctx->iv, TALITOS_MAX_IV_LENGTH);
2272 static int talitos_cra_init_ahash(struct crypto_tfm *tfm)
2274 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
2276 talitos_cra_init(tfm);
2279 crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
2280 sizeof(struct talitos_ahash_req_ctx));
2286 * given the alg's descriptor header template, determine whether descriptor
2287 * type and primary/secondary execution units required match the hw
2288 * capabilities description provided in the device tree node.
2290 static int hw_supports(struct device *dev, __be32 desc_hdr_template)
2292 struct talitos_private *priv = dev_get_drvdata(dev);
2295 ret = (1 << DESC_TYPE(desc_hdr_template) & priv->desc_types) &&
2296 (1 << PRIMARY_EU(desc_hdr_template) & priv->exec_units);
2298 if (SECONDARY_EU(desc_hdr_template))
2299 ret = ret && (1 << SECONDARY_EU(desc_hdr_template)
2300 & priv->exec_units);
2305 static int talitos_remove(struct platform_device *ofdev)
2307 struct device *dev = &ofdev->dev;
2308 struct talitos_private *priv = dev_get_drvdata(dev);
2309 struct talitos_crypto_alg *t_alg, *n;
2312 list_for_each_entry_safe(t_alg, n, &priv->alg_list, entry) {
2313 switch (t_alg->algt.type) {
2314 case CRYPTO_ALG_TYPE_ABLKCIPHER:
2315 case CRYPTO_ALG_TYPE_AEAD:
2316 crypto_unregister_alg(&t_alg->algt.alg.crypto);
2318 case CRYPTO_ALG_TYPE_AHASH:
2319 crypto_unregister_ahash(&t_alg->algt.alg.hash);
2322 list_del(&t_alg->entry);
2326 if (hw_supports(dev, DESC_HDR_SEL0_RNG))
2327 talitos_unregister_rng(dev);
2329 for (i = 0; i < priv->num_channels; i++)
2330 kfree(priv->chan[i].fifo);
2334 if (priv->irq != NO_IRQ) {
2335 free_irq(priv->irq, dev);
2336 irq_dispose_mapping(priv->irq);
2339 tasklet_kill(&priv->done_task);
2343 dev_set_drvdata(dev, NULL);
2350 static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev,
2351 struct talitos_alg_template
2354 struct talitos_private *priv = dev_get_drvdata(dev);
2355 struct talitos_crypto_alg *t_alg;
2356 struct crypto_alg *alg;
2358 t_alg = kzalloc(sizeof(struct talitos_crypto_alg), GFP_KERNEL);
2360 return ERR_PTR(-ENOMEM);
2362 t_alg->algt = *template;
2364 switch (t_alg->algt.type) {
2365 case CRYPTO_ALG_TYPE_ABLKCIPHER:
2366 alg = &t_alg->algt.alg.crypto;
2367 alg->cra_init = talitos_cra_init;
2369 case CRYPTO_ALG_TYPE_AEAD:
2370 alg = &t_alg->algt.alg.crypto;
2371 alg->cra_init = talitos_cra_init_aead;
2373 case CRYPTO_ALG_TYPE_AHASH:
2374 alg = &t_alg->algt.alg.hash.halg.base;
2375 alg->cra_init = talitos_cra_init_ahash;
2376 if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) &&
2377 !strcmp(alg->cra_name, "sha224")) {
2378 t_alg->algt.alg.hash.init = ahash_init_sha224_swinit;
2379 t_alg->algt.desc_hdr_template =
2380 DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2381 DESC_HDR_SEL0_MDEUA |
2382 DESC_HDR_MODE0_MDEU_SHA256;
2386 dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type);
2387 return ERR_PTR(-EINVAL);
2390 alg->cra_module = THIS_MODULE;
2391 alg->cra_priority = TALITOS_CRA_PRIORITY;
2392 alg->cra_alignmask = 0;
2393 alg->cra_ctxsize = sizeof(struct talitos_ctx);
2400 static int talitos_probe(struct platform_device *ofdev)
2402 struct device *dev = &ofdev->dev;
2403 struct device_node *np = ofdev->dev.of_node;
2404 struct talitos_private *priv;
2405 const unsigned int *prop;
2408 priv = kzalloc(sizeof(struct talitos_private), GFP_KERNEL);
2412 dev_set_drvdata(dev, priv);
2414 priv->ofdev = ofdev;
2416 tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev);
2418 INIT_LIST_HEAD(&priv->alg_list);
2420 priv->irq = irq_of_parse_and_map(np, 0);
2422 if (priv->irq == NO_IRQ) {
2423 dev_err(dev, "failed to map irq\n");
2428 /* get the irq line */
2429 err = request_irq(priv->irq, talitos_interrupt, 0,
2430 dev_driver_string(dev), dev);
2432 dev_err(dev, "failed to request irq %d\n", priv->irq);
2433 irq_dispose_mapping(priv->irq);
2438 priv->reg = of_iomap(np, 0);
2440 dev_err(dev, "failed to of_iomap\n");
2445 /* get SEC version capabilities from device tree */
2446 prop = of_get_property(np, "fsl,num-channels", NULL);
2448 priv->num_channels = *prop;
2450 prop = of_get_property(np, "fsl,channel-fifo-len", NULL);
2452 priv->chfifo_len = *prop;
2454 prop = of_get_property(np, "fsl,exec-units-mask", NULL);
2456 priv->exec_units = *prop;
2458 prop = of_get_property(np, "fsl,descriptor-types-mask", NULL);
2460 priv->desc_types = *prop;
2462 if (!is_power_of_2(priv->num_channels) || !priv->chfifo_len ||
2463 !priv->exec_units || !priv->desc_types) {
2464 dev_err(dev, "invalid property data in device tree node\n");
2469 if (of_device_is_compatible(np, "fsl,sec3.0"))
2470 priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT;
2472 if (of_device_is_compatible(np, "fsl,sec2.1"))
2473 priv->features |= TALITOS_FTR_HW_AUTH_CHECK |
2474 TALITOS_FTR_SHA224_HWINIT;
2476 priv->chan = kzalloc(sizeof(struct talitos_channel) *
2477 priv->num_channels, GFP_KERNEL);
2479 dev_err(dev, "failed to allocate channel management space\n");
2484 for (i = 0; i < priv->num_channels; i++) {
2485 spin_lock_init(&priv->chan[i].head_lock);
2486 spin_lock_init(&priv->chan[i].tail_lock);
2489 priv->fifo_len = roundup_pow_of_two(priv->chfifo_len);
2491 for (i = 0; i < priv->num_channels; i++) {
2492 priv->chan[i].fifo = kzalloc(sizeof(struct talitos_request) *
2493 priv->fifo_len, GFP_KERNEL);
2494 if (!priv->chan[i].fifo) {
2495 dev_err(dev, "failed to allocate request fifo %d\n", i);
2501 for (i = 0; i < priv->num_channels; i++)
2502 atomic_set(&priv->chan[i].submit_count,
2503 -(priv->chfifo_len - 1));
2505 dma_set_mask(dev, DMA_BIT_MASK(36));
2507 /* reset and initialize the h/w */
2508 err = init_device(dev);
2510 dev_err(dev, "failed to initialize device\n");
2514 /* register the RNG, if available */
2515 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) {
2516 err = talitos_register_rng(dev);
2518 dev_err(dev, "failed to register hwrng: %d\n", err);
2521 dev_info(dev, "hwrng\n");
2524 /* register crypto algorithms the device supports */
2525 for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {
2526 if (hw_supports(dev, driver_algs[i].desc_hdr_template)) {
2527 struct talitos_crypto_alg *t_alg;
2530 t_alg = talitos_alg_alloc(dev, &driver_algs[i]);
2531 if (IS_ERR(t_alg)) {
2532 err = PTR_ERR(t_alg);
2536 switch (t_alg->algt.type) {
2537 case CRYPTO_ALG_TYPE_ABLKCIPHER:
2538 case CRYPTO_ALG_TYPE_AEAD:
2539 err = crypto_register_alg(
2540 &t_alg->algt.alg.crypto);
2541 name = t_alg->algt.alg.crypto.cra_driver_name;
2543 case CRYPTO_ALG_TYPE_AHASH:
2544 err = crypto_register_ahash(
2545 &t_alg->algt.alg.hash);
2547 t_alg->algt.alg.hash.halg.base.cra_driver_name;
2551 dev_err(dev, "%s alg registration failed\n",
2555 list_add_tail(&t_alg->entry, &priv->alg_list);
2556 dev_info(dev, "%s\n", name);
2564 talitos_remove(ofdev);
2569 static const struct of_device_id talitos_match[] = {
2571 .compatible = "fsl,sec2.0",
2575 MODULE_DEVICE_TABLE(of, talitos_match);
2577 static struct platform_driver talitos_driver = {
2580 .owner = THIS_MODULE,
2581 .of_match_table = talitos_match,
2583 .probe = talitos_probe,
2584 .remove = talitos_remove,
2587 static int __init talitos_init(void)
2589 return platform_driver_register(&talitos_driver);
2591 module_init(talitos_init);
2593 static void __exit talitos_exit(void)
2595 platform_driver_unregister(&talitos_driver);
2597 module_exit(talitos_exit);
2599 MODULE_LICENSE("GPL");
2600 MODULE_AUTHOR("Kim Phillips <kim.phillips@freescale.com>");
2601 MODULE_DESCRIPTION("Freescale integrated security engine (SEC) driver");