crypto: ccp - Add XTS-AES-256 support for CCP version 5

tjh.dev / kernel

fork atom

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

fork atom

crypto: ccp - Add XTS-AES-256 support for CCP version 5

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Gary R Hook and committed by

Herbert Xu 8 years ago 5060ffc9 7f7216cf

+25 -5

3 changed files

expand all

drivers

crypto

ccp

ccp-crypto-aes-xts.c

ccp-crypto.h

ccp-ops.c

+22 -4

drivers/crypto/ccp/ccp-crypto-aes-xts.c

··· 80 80 { 81 81 struct crypto_tfm *xfm = crypto_ablkcipher_tfm(tfm); 82 82 struct ccp_ctx *ctx = crypto_tfm_ctx(xfm); 83 + unsigned int ccpversion = ccp_version(); 83 84 int ret; 84 85 85 86 ret = xts_check_key(xfm, key, key_len); 86 87 if (ret) 87 88 return ret; 88 89 89 - /* Only support 128-bit AES key with a 128-bit Tweak key, 90 - * otherwise use the fallback 90 + /* Version 3 devices support 128-bit keys; version 5 devices can 91 + * accommodate 128- and 256-bit keys. 91 92 */ 92 93 switch (key_len) { 93 94 case AES_KEYSIZE_128 * 2: 94 95 memcpy(ctx->u.aes.key, key, key_len); 96 + break; 97 + case AES_KEYSIZE_256 * 2: 98 + if (ccpversion > CCP_VERSION(3, 0)) 99 + memcpy(ctx->u.aes.key, key, key_len); 95 100 break; 96 101 } 97 102 ctx->u.aes.key_len = key_len / 2; ··· 110 105 { 111 106 struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm); 112 107 struct ccp_aes_req_ctx *rctx = ablkcipher_request_ctx(req); 108 + unsigned int ccpversion = ccp_version(); 109 + unsigned int fallback = 0; 113 110 unsigned int unit; 114 111 u32 unit_size; 115 112 int ret; ··· 138 131 break; 139 132 } 140 133 } 141 - if ((unit_size == CCP_XTS_AES_UNIT_SIZE__LAST) || 142 - (ctx->u.aes.key_len != AES_KEYSIZE_128)) { 134 + /* The CCP has restrictions on block sizes. Also, a version 3 device 135 + * only supports AES-128 operations; version 5 CCPs support both 136 + * AES-128 and -256 operations. 137 + */ 138 + if (unit_size == CCP_XTS_AES_UNIT_SIZE__LAST) 139 + fallback = 1; 140 + if ((ccpversion < CCP_VERSION(5, 0)) && 141 + (ctx->u.aes.key_len != AES_KEYSIZE_128)) 142 + fallback = 1; 143 + if ((ctx->u.aes.key_len != AES_KEYSIZE_128) && 144 + (ctx->u.aes.key_len != AES_KEYSIZE_256)) 145 + fallback = 1; 146 + if (fallback) { 143 147 SKCIPHER_REQUEST_ON_STACK(subreq, ctx->u.aes.tfm_skcipher); 144 148 145 149 /* Use the fallback to process the request for any

+1 -1

drivers/crypto/ccp/ccp-crypto.h

··· 99 99 100 100 struct scatterlist key_sg; 101 101 unsigned int key_len; 102 - u8 key[AES_MAX_KEY_SIZE]; 102 + u8 key[AES_MAX_KEY_SIZE * 2]; 103 103 104 104 u8 nonce[CTR_RFC3686_NONCE_SIZE]; 105 105

drivers/crypto/ccp/ccp-ops.c

··· 1065 1065 1066 1066 if (xts->key_len == AES_KEYSIZE_128) 1067 1067 aestype = CCP_AES_TYPE_128; 1068 + else if (xts->key_len == AES_KEYSIZE_256) 1069 + aestype = CCP_AES_TYPE_256; 1068 1070 else 1069 1071 return -EINVAL; 1070 1072