Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

+3

arch/x86/crypto/Makefile

··· 79 79 aesni-intel-$(CONFIG_64BIT) += aesni-intel_avx-x86_64.o 80 80 ghash-clmulni-intel-y := ghash-clmulni-intel_asm.o ghash-clmulni-intel_glue.o 81 81 sha1-ssse3-y := sha1_ssse3_asm.o sha1_ssse3_glue.o 82 + ifeq ($(avx2_supported),yes) 83 + sha1-ssse3-y += sha1_avx2_x86_64_asm.o 84 + endif 82 85 crc32c-intel-y := crc32c-intel_glue.o 83 86 crc32c-intel-$(CONFIG_64BIT) += crc32c-pcl-intel-asm_64.o 84 87 crc32-pclmul-y := crc32-pclmul_asm.o crc32-pclmul_glue.o

-3

arch/x86/crypto/blowfish_glue.c

··· 223 223 src -= 1; 224 224 dst -= 1; 225 225 } while (nbytes >= bsize * 4); 226 - 227 - if (nbytes < bsize) 228 - goto done; 229 226 } 230 227 231 228 /* Handle leftovers */

-3

arch/x86/crypto/cast5_avx_glue.c

··· 203 203 src -= 1; 204 204 dst -= 1; 205 205 } while (nbytes >= bsize * CAST5_PARALLEL_BLOCKS); 206 - 207 - if (nbytes < bsize) 208 - goto done; 209 206 } 210 207 211 208 /* Handle leftovers */

-29

arch/x86/crypto/ghash-clmulni-intel_asm.S

··· 24 24 .align 16 25 25 .Lbswap_mask: 26 26 .octa 0x000102030405060708090a0b0c0d0e0f 27 - .Lpoly: 28 - .octa 0xc2000000000000000000000000000001 29 - .Ltwo_one: 30 - .octa 0x00000001000000000000000000000001 31 27 32 28 #define DATA %xmm0 33 29 #define SHASH %xmm1 ··· 130 134 .Lupdate_just_ret: 131 135 ret 132 136 ENDPROC(clmul_ghash_update) 133 - 134 - /* 135 - * void clmul_ghash_setkey(be128 *shash, const u8 *key); 136 - * 137 - * Calculate hash_key << 1 mod poly 138 - */ 139 - ENTRY(clmul_ghash_setkey) 140 - movaps .Lbswap_mask, BSWAP 141 - movups (%rsi), %xmm0 142 - PSHUFB_XMM BSWAP %xmm0 143 - movaps %xmm0, %xmm1 144 - psllq $1, %xmm0 145 - psrlq $63, %xmm1 146 - movaps %xmm1, %xmm2 147 - pslldq $8, %xmm1 148 - psrldq $8, %xmm2 149 - por %xmm1, %xmm0 150 - # reduction 151 - pshufd $0b00100100, %xmm2, %xmm1 152 - pcmpeqd .Ltwo_one, %xmm1 153 - pand .Lpoly, %xmm1 154 - pxor %xmm1, %xmm0 155 - movups %xmm0, (%rdi) 156 - ret 157 - ENDPROC(clmul_ghash_setkey)

+11 -3

arch/x86/crypto/ghash-clmulni-intel_glue.c

··· 30 30 void clmul_ghash_update(char *dst, const char *src, unsigned int srclen, 31 31 const be128 *shash); 32 32 33 - void clmul_ghash_setkey(be128 *shash, const u8 *key); 34 - 35 33 struct ghash_async_ctx { 36 34 struct cryptd_ahash *cryptd_tfm; 37 35 }; ··· 56 58 const u8 *key, unsigned int keylen) 57 59 { 58 60 struct ghash_ctx *ctx = crypto_shash_ctx(tfm); 61 + be128 *x = (be128 *)key; 62 + u64 a, b; 59 63 60 64 if (keylen != GHASH_BLOCK_SIZE) { 61 65 crypto_shash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); 62 66 return -EINVAL; 63 67 } 64 68 65 - clmul_ghash_setkey(&ctx->shash, key); 69 + /* perform multiplication by 'x' in GF(2^128) */ 70 + a = be64_to_cpu(x->a); 71 + b = be64_to_cpu(x->b); 72 + 73 + ctx->shash.a = (__be64)((b << 1) | (a >> 63)); 74 + ctx->shash.b = (__be64)((a << 1) | (b >> 63)); 75 + 76 + if (a >> 63) 77 + ctx->shash.b ^= cpu_to_be64(0xc2); 66 78 67 79 return 0; 68 80 }

+708

arch/x86/crypto/sha1_avx2_x86_64_asm.S

··· 1 + /* 2 + * Implement fast SHA-1 with AVX2 instructions. (x86_64) 3 + * 4 + * This file is provided under a dual BSD/GPLv2 license. When using or 5 + * redistributing this file, you may do so under either license. 6 + * 7 + * GPL LICENSE SUMMARY 8 + * 9 + * Copyright(c) 2014 Intel Corporation. 10 + * 11 + * This program is free software; you can redistribute it and/or modify 12 + * it under the terms of version 2 of the GNU General Public License as 13 + * published by the Free Software Foundation. 14 + * 15 + * This program is distributed in the hope that it will be useful, but 16 + * WITHOUT ANY WARRANTY; without even the implied warranty of 17 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 + * General Public License for more details. 19 + * 20 + * Contact Information: 21 + * Ilya Albrekht <ilya.albrekht@intel.com> 22 + * Maxim Locktyukhin <maxim.locktyukhin@intel.com> 23 + * Ronen Zohar <ronen.zohar@intel.com> 24 + * Chandramouli Narayanan <mouli@linux.intel.com> 25 + * 26 + * BSD LICENSE 27 + * 28 + * Copyright(c) 2014 Intel Corporation. 29 + * 30 + * Redistribution and use in source and binary forms, with or without 31 + * modification, are permitted provided that the following conditions 32 + * are met: 33 + * 34 + * Redistributions of source code must retain the above copyright 35 + * notice, this list of conditions and the following disclaimer. 36 + * Redistributions in binary form must reproduce the above copyright 37 + * notice, this list of conditions and the following disclaimer in 38 + * the documentation and/or other materials provided with the 39 + * distribution. 40 + * Neither the name of Intel Corporation nor the names of its 41 + * contributors may be used to endorse or promote products derived 42 + * from this software without specific prior written permission. 43 + * 44 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 45 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 46 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 47 + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 48 + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 49 + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 50 + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 51 + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 52 + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 53 + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 54 + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 55 + * 56 + */ 57 + 58 + /* 59 + * SHA-1 implementation with Intel(R) AVX2 instruction set extensions. 60 + * 61 + *This implementation is based on the previous SSSE3 release: 62 + *Visit http://software.intel.com/en-us/articles/ 63 + *and refer to improving-the-performance-of-the-secure-hash-algorithm-1/ 64 + * 65 + *Updates 20-byte SHA-1 record in 'hash' for even number of 66 + *'num_blocks' consecutive 64-byte blocks 67 + * 68 + *extern "C" void sha1_transform_avx2( 69 + * int *hash, const char* input, size_t num_blocks ); 70 + */ 71 + 72 + #include <linux/linkage.h> 73 + 74 + #define CTX %rdi /* arg1 */ 75 + #define BUF %rsi /* arg2 */ 76 + #define CNT %rdx /* arg3 */ 77 + 78 + #define REG_A %ecx 79 + #define REG_B %esi 80 + #define REG_C %edi 81 + #define REG_D %eax 82 + #define REG_E %edx 83 + #define REG_TB %ebx 84 + #define REG_TA %r12d 85 + #define REG_RA %rcx 86 + #define REG_RB %rsi 87 + #define REG_RC %rdi 88 + #define REG_RD %rax 89 + #define REG_RE %rdx 90 + #define REG_RTA %r12 91 + #define REG_RTB %rbx 92 + #define REG_T1 %ebp 93 + #define xmm_mov vmovups 94 + #define avx2_zeroupper vzeroupper 95 + #define RND_F1 1 96 + #define RND_F2 2 97 + #define RND_F3 3 98 + 99 + .macro REGALLOC 100 + .set A, REG_A 101 + .set B, REG_B 102 + .set C, REG_C 103 + .set D, REG_D 104 + .set E, REG_E 105 + .set TB, REG_TB 106 + .set TA, REG_TA 107 + 108 + .set RA, REG_RA 109 + .set RB, REG_RB 110 + .set RC, REG_RC 111 + .set RD, REG_RD 112 + .set RE, REG_RE 113 + 114 + .set RTA, REG_RTA 115 + .set RTB, REG_RTB 116 + 117 + .set T1, REG_T1 118 + .endm 119 + 120 + #define K_BASE %r8 121 + #define HASH_PTR %r9 122 + #define BUFFER_PTR %r10 123 + #define BUFFER_PTR2 %r13 124 + #define BUFFER_END %r11 125 + 126 + #define PRECALC_BUF %r14 127 + #define WK_BUF %r15 128 + 129 + #define W_TMP %xmm0 130 + #define WY_TMP %ymm0 131 + #define WY_TMP2 %ymm9 132 + 133 + # AVX2 variables 134 + #define WY0 %ymm3 135 + #define WY4 %ymm5 136 + #define WY08 %ymm7 137 + #define WY12 %ymm8 138 + #define WY16 %ymm12 139 + #define WY20 %ymm13 140 + #define WY24 %ymm14 141 + #define WY28 %ymm15 142 + 143 + #define YMM_SHUFB_BSWAP %ymm10 144 + 145 + /* 146 + * Keep 2 iterations precalculated at a time: 147 + * - 80 DWORDs per iteration * 2 148 + */ 149 + #define W_SIZE (80*2*2 +16) 150 + 151 + #define WK(t) ((((t) % 80) / 4)*32 + ( (t) % 4)*4 + ((t)/80)*16 )(WK_BUF) 152 + #define PRECALC_WK(t) ((t)*2*2)(PRECALC_BUF) 153 + 154 + 155 + .macro UPDATE_HASH hash, val 156 + add \hash, \val 157 + mov \val, \hash 158 + .endm 159 + 160 + .macro PRECALC_RESET_WY 161 + .set WY_00, WY0 162 + .set WY_04, WY4 163 + .set WY_08, WY08 164 + .set WY_12, WY12 165 + .set WY_16, WY16 166 + .set WY_20, WY20 167 + .set WY_24, WY24 168 + .set WY_28, WY28 169 + .set WY_32, WY_00 170 + .endm 171 + 172 + .macro PRECALC_ROTATE_WY 173 + /* Rotate macros */ 174 + .set WY_32, WY_28 175 + .set WY_28, WY_24 176 + .set WY_24, WY_20 177 + .set WY_20, WY_16 178 + .set WY_16, WY_12 179 + .set WY_12, WY_08 180 + .set WY_08, WY_04 181 + .set WY_04, WY_00 182 + .set WY_00, WY_32 183 + 184 + /* Define register aliases */ 185 + .set WY, WY_00 186 + .set WY_minus_04, WY_04 187 + .set WY_minus_08, WY_08 188 + .set WY_minus_12, WY_12 189 + .set WY_minus_16, WY_16 190 + .set WY_minus_20, WY_20 191 + .set WY_minus_24, WY_24 192 + .set WY_minus_28, WY_28 193 + .set WY_minus_32, WY 194 + .endm 195 + 196 + .macro PRECALC_00_15 197 + .if (i == 0) # Initialize and rotate registers 198 + PRECALC_RESET_WY 199 + PRECALC_ROTATE_WY 200 + .endif 201 + 202 + /* message scheduling pre-compute for rounds 0-15 */ 203 + .if ((i & 7) == 0) 204 + /* 205 + * blended AVX2 and ALU instruction scheduling 206 + * 1 vector iteration per 8 rounds 207 + */ 208 + vmovdqu ((i * 2) + PRECALC_OFFSET)(BUFFER_PTR), W_TMP 209 + .elseif ((i & 7) == 1) 210 + vinsertf128 $1, (((i-1) * 2)+PRECALC_OFFSET)(BUFFER_PTR2),\ 211 + WY_TMP, WY_TMP 212 + .elseif ((i & 7) == 2) 213 + vpshufb YMM_SHUFB_BSWAP, WY_TMP, WY 214 + .elseif ((i & 7) == 4) 215 + vpaddd K_XMM(K_BASE), WY, WY_TMP 216 + .elseif ((i & 7) == 7) 217 + vmovdqu WY_TMP, PRECALC_WK(i&~7) 218 + 219 + PRECALC_ROTATE_WY 220 + .endif 221 + .endm 222 + 223 + .macro PRECALC_16_31 224 + /* 225 + * message scheduling pre-compute for rounds 16-31 226 + * calculating last 32 w[i] values in 8 XMM registers 227 + * pre-calculate K+w[i] values and store to mem 228 + * for later load by ALU add instruction 229 + * 230 + * "brute force" vectorization for rounds 16-31 only 231 + * due to w[i]->w[i-3] dependency 232 + */ 233 + .if ((i & 7) == 0) 234 + /* 235 + * blended AVX2 and ALU instruction scheduling 236 + * 1 vector iteration per 8 rounds 237 + */ 238 + /* w[i-14] */ 239 + vpalignr $8, WY_minus_16, WY_minus_12, WY 240 + vpsrldq $4, WY_minus_04, WY_TMP /* w[i-3] */ 241 + .elseif ((i & 7) == 1) 242 + vpxor WY_minus_08, WY, WY 243 + vpxor WY_minus_16, WY_TMP, WY_TMP 244 + .elseif ((i & 7) == 2) 245 + vpxor WY_TMP, WY, WY 246 + vpslldq $12, WY, WY_TMP2 247 + .elseif ((i & 7) == 3) 248 + vpslld $1, WY, WY_TMP 249 + vpsrld $31, WY, WY 250 + .elseif ((i & 7) == 4) 251 + vpor WY, WY_TMP, WY_TMP 252 + vpslld $2, WY_TMP2, WY 253 + .elseif ((i & 7) == 5) 254 + vpsrld $30, WY_TMP2, WY_TMP2 255 + vpxor WY, WY_TMP, WY_TMP 256 + .elseif ((i & 7) == 7) 257 + vpxor WY_TMP2, WY_TMP, WY 258 + vpaddd K_XMM(K_BASE), WY, WY_TMP 259 + vmovdqu WY_TMP, PRECALC_WK(i&~7) 260 + 261 + PRECALC_ROTATE_WY 262 + .endif 263 + .endm 264 + 265 + .macro PRECALC_32_79 266 + /* 267 + * in SHA-1 specification: 268 + * w[i] = (w[i-3] ^ w[i-8] ^ w[i-14] ^ w[i-16]) rol 1 269 + * instead we do equal: 270 + * w[i] = (w[i-6] ^ w[i-16] ^ w[i-28] ^ w[i-32]) rol 2 271 + * allows more efficient vectorization 272 + * since w[i]=>w[i-3] dependency is broken 273 + */ 274 + 275 + .if ((i & 7) == 0) 276 + /* 277 + * blended AVX2 and ALU instruction scheduling 278 + * 1 vector iteration per 8 rounds 279 + */ 280 + vpalignr $8, WY_minus_08, WY_minus_04, WY_TMP 281 + .elseif ((i & 7) == 1) 282 + /* W is W_minus_32 before xor */ 283 + vpxor WY_minus_28, WY, WY 284 + .elseif ((i & 7) == 2) 285 + vpxor WY_minus_16, WY_TMP, WY_TMP 286 + .elseif ((i & 7) == 3) 287 + vpxor WY_TMP, WY, WY 288 + .elseif ((i & 7) == 4) 289 + vpslld $2, WY, WY_TMP 290 + .elseif ((i & 7) == 5) 291 + vpsrld $30, WY, WY 292 + vpor WY, WY_TMP, WY 293 + .elseif ((i & 7) == 7) 294 + vpaddd K_XMM(K_BASE), WY, WY_TMP 295 + vmovdqu WY_TMP, PRECALC_WK(i&~7) 296 + 297 + PRECALC_ROTATE_WY 298 + .endif 299 + .endm 300 + 301 + .macro PRECALC r, s 302 + .set i, \r 303 + 304 + .if (i < 40) 305 + .set K_XMM, 32*0 306 + .elseif (i < 80) 307 + .set K_XMM, 32*1 308 + .elseif (i < 120) 309 + .set K_XMM, 32*2 310 + .else 311 + .set K_XMM, 32*3 312 + .endif 313 + 314 + .if (i<32) 315 + PRECALC_00_15 \s 316 + .elseif (i<64) 317 + PRECALC_16_31 \s 318 + .elseif (i < 160) 319 + PRECALC_32_79 \s 320 + .endif 321 + .endm 322 + 323 + .macro ROTATE_STATE 324 + .set T_REG, E 325 + .set E, D 326 + .set D, C 327 + .set C, B 328 + .set B, TB 329 + .set TB, A 330 + .set A, T_REG 331 + 332 + .set T_REG, RE 333 + .set RE, RD 334 + .set RD, RC 335 + .set RC, RB 336 + .set RB, RTB 337 + .set RTB, RA 338 + .set RA, T_REG 339 + .endm 340 + 341 + /* Macro relies on saved ROUND_Fx */ 342 + 343 + .macro RND_FUN f, r 344 + .if (\f == RND_F1) 345 + ROUND_F1 \r 346 + .elseif (\f == RND_F2) 347 + ROUND_F2 \r 348 + .elseif (\f == RND_F3) 349 + ROUND_F3 \r 350 + .endif 351 + .endm 352 + 353 + .macro RR r 354 + .set round_id, (\r % 80) 355 + 356 + .if (round_id == 0) /* Precalculate F for first round */ 357 + .set ROUND_FUNC, RND_F1 358 + mov B, TB 359 + 360 + rorx $(32-30), B, B /* b>>>2 */ 361 + andn D, TB, T1 362 + and C, TB 363 + xor T1, TB 364 + .endif 365 + 366 + RND_FUN ROUND_FUNC, \r 367 + ROTATE_STATE 368 + 369 + .if (round_id == 18) 370 + .set ROUND_FUNC, RND_F2 371 + .elseif (round_id == 38) 372 + .set ROUND_FUNC, RND_F3 373 + .elseif (round_id == 58) 374 + .set ROUND_FUNC, RND_F2 375 + .endif 376 + 377 + .set round_id, ( (\r+1) % 80) 378 + 379 + RND_FUN ROUND_FUNC, (\r+1) 380 + ROTATE_STATE 381 + .endm 382 + 383 + .macro ROUND_F1 r 384 + add WK(\r), E 385 + 386 + andn C, A, T1 /* ~b&d */ 387 + lea (RE,RTB), E /* Add F from the previous round */ 388 + 389 + rorx $(32-5), A, TA /* T2 = A >>> 5 */ 390 + rorx $(32-30),A, TB /* b>>>2 for next round */ 391 + 392 + PRECALC (\r) /* msg scheduling for next 2 blocks */ 393 + 394 + /* 395 + * Calculate F for the next round 396 + * (b & c) ^ andn[b, d] 397 + */ 398 + and B, A /* b&c */ 399 + xor T1, A /* F1 = (b&c) ^ (~b&d) */ 400 + 401 + lea (RE,RTA), E /* E += A >>> 5 */ 402 + .endm 403 + 404 + .macro ROUND_F2 r 405 + add WK(\r), E 406 + lea (RE,RTB), E /* Add F from the previous round */ 407 + 408 + /* Calculate F for the next round */ 409 + rorx $(32-5), A, TA /* T2 = A >>> 5 */ 410 + .if ((round_id) < 79) 411 + rorx $(32-30), A, TB /* b>>>2 for next round */ 412 + .endif 413 + PRECALC (\r) /* msg scheduling for next 2 blocks */ 414 + 415 + .if ((round_id) < 79) 416 + xor B, A 417 + .endif 418 + 419 + add TA, E /* E += A >>> 5 */ 420 + 421 + .if ((round_id) < 79) 422 + xor C, A 423 + .endif 424 + .endm 425 + 426 + .macro ROUND_F3 r 427 + add WK(\r), E 428 + PRECALC (\r) /* msg scheduling for next 2 blocks */ 429 + 430 + lea (RE,RTB), E /* Add F from the previous round */ 431 + 432 + mov B, T1 433 + or A, T1 434 + 435 + rorx $(32-5), A, TA /* T2 = A >>> 5 */ 436 + rorx $(32-30), A, TB /* b>>>2 for next round */ 437 + 438 + /* Calculate F for the next round 439 + * (b and c) or (d and (b or c)) 440 + */ 441 + and C, T1 442 + and B, A 443 + or T1, A 444 + 445 + add TA, E /* E += A >>> 5 */ 446 + 447 + .endm 448 + 449 + /* 450 + * macro implements 80 rounds of SHA-1, for multiple blocks with s/w pipelining 451 + */ 452 + .macro SHA1_PIPELINED_MAIN_BODY 453 + 454 + REGALLOC 455 + 456 + mov (HASH_PTR), A 457 + mov 4(HASH_PTR), B 458 + mov 8(HASH_PTR), C 459 + mov 12(HASH_PTR), D 460 + mov 16(HASH_PTR), E 461 + 462 + mov %rsp, PRECALC_BUF 463 + lea (2*4*80+32)(%rsp), WK_BUF 464 + 465 + # Precalc WK for first 2 blocks 466 + PRECALC_OFFSET = 0 467 + .set i, 0 468 + .rept 160 469 + PRECALC i 470 + .set i, i + 1 471 + .endr 472 + PRECALC_OFFSET = 128 473 + xchg WK_BUF, PRECALC_BUF 474 + 475 + .align 32 476 + _loop: 477 + /* 478 + * code loops through more than one block 479 + * we use K_BASE value as a signal of a last block, 480 + * it is set below by: cmovae BUFFER_PTR, K_BASE 481 + */ 482 + cmp K_BASE, BUFFER_PTR 483 + jne _begin 484 + .align 32 485 + jmp _end 486 + .align 32 487 + _begin: 488 + 489 + /* 490 + * Do first block 491 + * rounds: 0,2,4,6,8 492 + */ 493 + .set j, 0 494 + .rept 5 495 + RR j 496 + .set j, j+2 497 + .endr 498 + 499 + jmp _loop0 500 + _loop0: 501 + 502 + /* 503 + * rounds: 504 + * 10,12,14,16,18 505 + * 20,22,24,26,28 506 + * 30,32,34,36,38 507 + * 40,42,44,46,48 508 + * 50,52,54,56,58 509 + */ 510 + .rept 25 511 + RR j 512 + .set j, j+2 513 + .endr 514 + 515 + add $(2*64), BUFFER_PTR /* move to next odd-64-byte block */ 516 + cmp BUFFER_END, BUFFER_PTR /* is current block the last one? */ 517 + cmovae K_BASE, BUFFER_PTR /* signal the last iteration smartly */ 518 + 519 + /* 520 + * rounds 521 + * 60,62,64,66,68 522 + * 70,72,74,76,78 523 + */ 524 + .rept 10 525 + RR j 526 + .set j, j+2 527 + .endr 528 + 529 + UPDATE_HASH (HASH_PTR), A 530 + UPDATE_HASH 4(HASH_PTR), TB 531 + UPDATE_HASH 8(HASH_PTR), C 532 + UPDATE_HASH 12(HASH_PTR), D 533 + UPDATE_HASH 16(HASH_PTR), E 534 + 535 + cmp K_BASE, BUFFER_PTR /* is current block the last one? */ 536 + je _loop 537 + 538 + mov TB, B 539 + 540 + /* Process second block */ 541 + /* 542 + * rounds 543 + * 0+80, 2+80, 4+80, 6+80, 8+80 544 + * 10+80,12+80,14+80,16+80,18+80 545 + */ 546 + 547 + .set j, 0 548 + .rept 10 549 + RR j+80 550 + .set j, j+2 551 + .endr 552 + 553 + jmp _loop1 554 + _loop1: 555 + /* 556 + * rounds 557 + * 20+80,22+80,24+80,26+80,28+80 558 + * 30+80,32+80,34+80,36+80,38+80 559 + */ 560 + .rept 10 561 + RR j+80 562 + .set j, j+2 563 + .endr 564 + 565 + jmp _loop2 566 + _loop2: 567 + 568 + /* 569 + * rounds 570 + * 40+80,42+80,44+80,46+80,48+80 571 + * 50+80,52+80,54+80,56+80,58+80 572 + */ 573 + .rept 10 574 + RR j+80 575 + .set j, j+2 576 + .endr 577 + 578 + add $(2*64), BUFFER_PTR2 /* move to next even-64-byte block */ 579 + 580 + cmp BUFFER_END, BUFFER_PTR2 /* is current block the last one */ 581 + cmovae K_BASE, BUFFER_PTR /* signal the last iteration smartly */ 582 + 583 + jmp _loop3 584 + _loop3: 585 + 586 + /* 587 + * rounds 588 + * 60+80,62+80,64+80,66+80,68+80 589 + * 70+80,72+80,74+80,76+80,78+80 590 + */ 591 + .rept 10 592 + RR j+80 593 + .set j, j+2 594 + .endr 595 + 596 + UPDATE_HASH (HASH_PTR), A 597 + UPDATE_HASH 4(HASH_PTR), TB 598 + UPDATE_HASH 8(HASH_PTR), C 599 + UPDATE_HASH 12(HASH_PTR), D 600 + UPDATE_HASH 16(HASH_PTR), E 601 + 602 + /* Reset state for AVX2 reg permutation */ 603 + mov A, TA 604 + mov TB, A 605 + mov C, TB 606 + mov E, C 607 + mov D, B 608 + mov TA, D 609 + 610 + REGALLOC 611 + 612 + xchg WK_BUF, PRECALC_BUF 613 + 614 + jmp _loop 615 + 616 + .align 32 617 + _end: 618 + 619 + .endm 620 + /* 621 + * macro implements SHA-1 function's body for several 64-byte blocks 622 + * param: function's name 623 + */ 624 + .macro SHA1_VECTOR_ASM name 625 + ENTRY(\name) 626 + 627 + push %rbx 628 + push %rbp 629 + push %r12 630 + push %r13 631 + push %r14 632 + push %r15 633 + 634 + RESERVE_STACK = (W_SIZE*4 + 8+24) 635 + 636 + /* Align stack */ 637 + mov %rsp, %rbx 638 + and $~(0x20-1), %rsp 639 + push %rbx 640 + sub $RESERVE_STACK, %rsp 641 + 642 + avx2_zeroupper 643 + 644 + lea K_XMM_AR(%rip), K_BASE 645 + 646 + mov CTX, HASH_PTR 647 + mov BUF, BUFFER_PTR 648 + lea 64(BUF), BUFFER_PTR2 649 + 650 + shl $6, CNT /* mul by 64 */ 651 + add BUF, CNT 652 + add $64, CNT 653 + mov CNT, BUFFER_END 654 + 655 + cmp BUFFER_END, BUFFER_PTR2 656 + cmovae K_BASE, BUFFER_PTR2 657 + 658 + xmm_mov BSWAP_SHUFB_CTL(%rip), YMM_SHUFB_BSWAP 659 + 660 + SHA1_PIPELINED_MAIN_BODY 661 + 662 + avx2_zeroupper 663 + 664 + add $RESERVE_STACK, %rsp 665 + pop %rsp 666 + 667 + pop %r15 668 + pop %r14 669 + pop %r13 670 + pop %r12 671 + pop %rbp 672 + pop %rbx 673 + 674 + ret 675 + 676 + ENDPROC(\name) 677 + .endm 678 + 679 + .section .rodata 680 + 681 + #define K1 0x5a827999 682 + #define K2 0x6ed9eba1 683 + #define K3 0x8f1bbcdc 684 + #define K4 0xca62c1d6 685 + 686 + .align 128 687 + K_XMM_AR: 688 + .long K1, K1, K1, K1 689 + .long K1, K1, K1, K1 690 + .long K2, K2, K2, K2 691 + .long K2, K2, K2, K2 692 + .long K3, K3, K3, K3 693 + .long K3, K3, K3, K3 694 + .long K4, K4, K4, K4 695 + .long K4, K4, K4, K4 696 + 697 + BSWAP_SHUFB_CTL: 698 + .long 0x00010203 699 + .long 0x04050607 700 + .long 0x08090a0b 701 + .long 0x0c0d0e0f 702 + .long 0x00010203 703 + .long 0x04050607 704 + .long 0x08090a0b 705 + .long 0x0c0d0e0f 706 + .text 707 + 708 + SHA1_VECTOR_ASM sha1_transform_avx2

+47 -6

arch/x86/crypto/sha1_ssse3_glue.c

··· 10 10 * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk> 11 11 * Copyright (c) Jean-Francois Dive <jef@linuxbe.org> 12 12 * Copyright (c) Mathias Krause <minipli@googlemail.com> 13 + * Copyright (c) Chandramouli Narayanan <mouli@linux.intel.com> 13 14 * 14 15 * This program is free software; you can redistribute it and/or modify it 15 16 * under the terms of the GNU General Public License as published by the Free ··· 39 38 #ifdef CONFIG_AS_AVX 40 39 asmlinkage void sha1_transform_avx(u32 *digest, const char *data, 41 40 unsigned int rounds); 41 + #endif 42 + #ifdef CONFIG_AS_AVX2 43 + #define SHA1_AVX2_BLOCK_OPTSIZE 4 /* optimal 4*64 bytes of SHA1 blocks */ 44 + 45 + asmlinkage void sha1_transform_avx2(u32 *digest, const char *data, 46 + unsigned int rounds); 42 47 #endif 43 48 44 49 static asmlinkage void (*sha1_transform_asm)(u32 *, const char *, unsigned int); ··· 172 165 return 0; 173 166 } 174 167 168 + #ifdef CONFIG_AS_AVX2 169 + static void sha1_apply_transform_avx2(u32 *digest, const char *data, 170 + unsigned int rounds) 171 + { 172 + /* Select the optimal transform based on data block size */ 173 + if (rounds >= SHA1_AVX2_BLOCK_OPTSIZE) 174 + sha1_transform_avx2(digest, data, rounds); 175 + else 176 + sha1_transform_avx(digest, data, rounds); 177 + } 178 + #endif 179 + 175 180 static struct shash_alg alg = { 176 181 .digestsize = SHA1_DIGEST_SIZE, 177 182 .init = sha1_ssse3_init, ··· 220 201 221 202 return true; 222 203 } 204 + 205 + #ifdef CONFIG_AS_AVX2 206 + static bool __init avx2_usable(void) 207 + { 208 + if (avx_usable() && cpu_has_avx2 && boot_cpu_has(X86_FEATURE_BMI1) && 209 + boot_cpu_has(X86_FEATURE_BMI2)) 210 + return true; 211 + 212 + return false; 213 + } 214 + #endif 223 215 #endif 224 216 225 217 static int __init sha1_ssse3_mod_init(void) 226 218 { 219 + char *algo_name; 220 + 227 221 /* test for SSSE3 first */ 228 - if (cpu_has_ssse3) 222 + if (cpu_has_ssse3) { 229 223 sha1_transform_asm = sha1_transform_ssse3; 224 + algo_name = "SSSE3"; 225 + } 230 226 231 227 #ifdef CONFIG_AS_AVX 232 228 /* allow AVX to override SSSE3, it's a little faster */ 233 - if (avx_usable()) 229 + if (avx_usable()) { 234 230 sha1_transform_asm = sha1_transform_avx; 231 + algo_name = "AVX"; 232 + #ifdef CONFIG_AS_AVX2 233 + /* allow AVX2 to override AVX, it's a little faster */ 234 + if (avx2_usable()) { 235 + sha1_transform_asm = sha1_apply_transform_avx2; 236 + algo_name = "AVX2"; 237 + } 238 + #endif 239 + } 235 240 #endif 236 241 237 242 if (sha1_transform_asm) { 238 - pr_info("Using %s optimized SHA-1 implementation\n", 239 - sha1_transform_asm == sha1_transform_ssse3 ? "SSSE3" 240 - : "AVX"); 243 + pr_info("Using %s optimized SHA-1 implementation\n", algo_name); 241 244 return crypto_register_shash(&alg); 242 245 } 243 - pr_info("Neither AVX nor SSSE3 is available/usable.\n"); 246 + pr_info("Neither AVX nor AVX2 nor SSSE3 is available/usable.\n"); 244 247 245 248 return -ENODEV; 246 249 }

+2 -2

crypto/Kconfig

··· 491 491 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 492 492 493 493 config CRYPTO_SHA1_SSSE3 494 - tristate "SHA1 digest algorithm (SSSE3/AVX)" 494 + tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)" 495 495 depends on X86 && 64BIT 496 496 select CRYPTO_SHA1 497 497 select CRYPTO_HASH 498 498 help 499 499 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 500 500 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 501 - Extensions (AVX), when available. 501 + Extensions (AVX/AVX2), when available. 502 502 503 503 config CRYPTO_SHA256_SSSE3 504 504 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)"

+1 -1

crypto/Makefile

··· 81 81 obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o 82 82 obj-$(CONFIG_CRYPTO_ZLIB) += zlib.o 83 83 obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o 84 - obj-$(CONFIG_CRYPTO_CRC32C) += crc32c.o 84 + obj-$(CONFIG_CRYPTO_CRC32C) += crc32c_generic.o 85 85 obj-$(CONFIG_CRYPTO_CRC32) += crc32.o 86 86 obj-$(CONFIG_CRYPTO_CRCT10DIF) += crct10dif_common.o crct10dif_generic.o 87 87 obj-$(CONFIG_CRYPTO_AUTHENC) += authenc.o authencesn.o

+94 -53

crypto/ahash.c

··· 190 190 return len + (mask & ~(crypto_tfm_ctx_alignment() - 1)); 191 191 } 192 192 193 + static int ahash_save_req(struct ahash_request *req, crypto_completion_t cplt) 194 + { 195 + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 196 + unsigned long alignmask = crypto_ahash_alignmask(tfm); 197 + unsigned int ds = crypto_ahash_digestsize(tfm); 198 + struct ahash_request_priv *priv; 199 + 200 + priv = kmalloc(sizeof(*priv) + ahash_align_buffer_size(ds, alignmask), 201 + (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? 202 + GFP_KERNEL : GFP_ATOMIC); 203 + if (!priv) 204 + return -ENOMEM; 205 + 206 + /* 207 + * WARNING: Voodoo programming below! 208 + * 209 + * The code below is obscure and hard to understand, thus explanation 210 + * is necessary. See include/crypto/hash.h and include/linux/crypto.h 211 + * to understand the layout of structures used here! 212 + * 213 + * The code here will replace portions of the ORIGINAL request with 214 + * pointers to new code and buffers so the hashing operation can store 215 + * the result in aligned buffer. We will call the modified request 216 + * an ADJUSTED request. 217 + * 218 + * The newly mangled request will look as such: 219 + * 220 + * req { 221 + * .result = ADJUSTED[new aligned buffer] 222 + * .base.complete = ADJUSTED[pointer to completion function] 223 + * .base.data = ADJUSTED[*req (pointer to self)] 224 + * .priv = ADJUSTED[new priv] { 225 + * .result = ORIGINAL(result) 226 + * .complete = ORIGINAL(base.complete) 227 + * .data = ORIGINAL(base.data) 228 + * } 229 + */ 230 + 231 + priv->result = req->result; 232 + priv->complete = req->base.complete; 233 + priv->data = req->base.data; 234 + /* 235 + * WARNING: We do not backup req->priv here! The req->priv 236 + * is for internal use of the Crypto API and the 237 + * user must _NOT_ _EVER_ depend on it's content! 238 + */ 239 + 240 + req->result = PTR_ALIGN((u8 *)priv->ubuf, alignmask + 1); 241 + req->base.complete = cplt; 242 + req->base.data = req; 243 + req->priv = priv; 244 + 245 + return 0; 246 + } 247 + 248 + static void ahash_restore_req(struct ahash_request *req) 249 + { 250 + struct ahash_request_priv *priv = req->priv; 251 + 252 + /* Restore the original crypto request. */ 253 + req->result = priv->result; 254 + req->base.complete = priv->complete; 255 + req->base.data = priv->data; 256 + req->priv = NULL; 257 + 258 + /* Free the req->priv.priv from the ADJUSTED request. */ 259 + kzfree(priv); 260 + } 261 + 193 262 static void ahash_op_unaligned_finish(struct ahash_request *req, int err) 194 263 { 195 264 struct ahash_request_priv *priv = req->priv; ··· 270 201 memcpy(priv->result, req->result, 271 202 crypto_ahash_digestsize(crypto_ahash_reqtfm(req))); 272 203 273 - kzfree(priv); 204 + ahash_restore_req(req); 274 205 } 275 206 276 207 static void ahash_op_unaligned_done(struct crypto_async_request *req, int err) 277 208 { 278 209 struct ahash_request *areq = req->data; 279 - struct ahash_request_priv *priv = areq->priv; 280 - crypto_completion_t complete = priv->complete; 281 - void *data = priv->data; 282 210 211 + /* 212 + * Restore the original request, see ahash_op_unaligned() for what 213 + * goes where. 214 + * 215 + * The "struct ahash_request *req" here is in fact the "req.base" 216 + * from the ADJUSTED request from ahash_op_unaligned(), thus as it 217 + * is a pointer to self, it is also the ADJUSTED "req" . 218 + */ 219 + 220 + /* First copy req->result into req->priv.result */ 283 221 ahash_op_unaligned_finish(areq, err); 284 222 285 - areq->base.complete = complete; 286 - areq->base.data = data; 287 - 288 - complete(&areq->base, err); 223 + /* Complete the ORIGINAL request. */ 224 + areq->base.complete(&areq->base, err); 289 225 } 290 226 291 227 static int ahash_op_unaligned(struct ahash_request *req, 292 228 int (*op)(struct ahash_request *)) 293 229 { 294 - struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 295 - unsigned long alignmask = crypto_ahash_alignmask(tfm); 296 - unsigned int ds = crypto_ahash_digestsize(tfm); 297 - struct ahash_request_priv *priv; 298 230 int err; 299 231 300 - priv = kmalloc(sizeof(*priv) + ahash_align_buffer_size(ds, alignmask), 301 - (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? 302 - GFP_KERNEL : GFP_ATOMIC); 303 - if (!priv) 304 - return -ENOMEM; 305 - 306 - priv->result = req->result; 307 - priv->complete = req->base.complete; 308 - priv->data = req->base.data; 309 - 310 - req->result = PTR_ALIGN((u8 *)priv->ubuf, alignmask + 1); 311 - req->base.complete = ahash_op_unaligned_done; 312 - req->base.data = req; 313 - req->priv = priv; 232 + err = ahash_save_req(req, ahash_op_unaligned_done); 233 + if (err) 234 + return err; 314 235 315 236 err = op(req); 316 237 ahash_op_unaligned_finish(req, err); ··· 349 290 memcpy(priv->result, req->result, 350 291 crypto_ahash_digestsize(crypto_ahash_reqtfm(req))); 351 292 352 - kzfree(priv); 293 + ahash_restore_req(req); 353 294 } 354 295 355 296 static void ahash_def_finup_done2(struct crypto_async_request *req, int err) 356 297 { 357 298 struct ahash_request *areq = req->data; 358 - struct ahash_request_priv *priv = areq->priv; 359 - crypto_completion_t complete = priv->complete; 360 - void *data = priv->data; 361 299 362 300 ahash_def_finup_finish2(areq, err); 363 301 364 - complete(data, err); 302 + areq->base.complete(&areq->base, err); 365 303 } 366 304 367 305 static int ahash_def_finup_finish1(struct ahash_request *req, int err) ··· 378 322 static void ahash_def_finup_done1(struct crypto_async_request *req, int err) 379 323 { 380 324 struct ahash_request *areq = req->data; 381 - struct ahash_request_priv *priv = areq->priv; 382 - crypto_completion_t complete = priv->complete; 383 - void *data = priv->data; 384 325 385 326 err = ahash_def_finup_finish1(areq, err); 386 327 387 - complete(data, err); 328 + areq->base.complete(&areq->base, err); 388 329 } 389 330 390 331 static int ahash_def_finup(struct ahash_request *req) 391 332 { 392 333 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 393 - unsigned long alignmask = crypto_ahash_alignmask(tfm); 394 - unsigned int ds = crypto_ahash_digestsize(tfm); 395 - struct ahash_request_priv *priv; 334 + int err; 396 335 397 - priv = kmalloc(sizeof(*priv) + ahash_align_buffer_size(ds, alignmask), 398 - (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? 399 - GFP_KERNEL : GFP_ATOMIC); 400 - if (!priv) 401 - return -ENOMEM; 336 + err = ahash_save_req(req, ahash_def_finup_done1); 337 + if (err) 338 + return err; 402 339 403 - priv->result = req->result; 404 - priv->complete = req->base.complete; 405 - priv->data = req->base.data; 406 - 407 - req->result = PTR_ALIGN((u8 *)priv->ubuf, alignmask + 1); 408 - req->base.complete = ahash_def_finup_done1; 409 - req->base.data = req; 410 - req->priv = priv; 411 - 412 - return ahash_def_finup_finish1(req, tfm->update(req)); 340 + err = tfm->update(req); 341 + return ahash_def_finup_finish1(req, err); 413 342 } 414 343 415 344 static int ahash_no_export(struct ahash_request *req, void *out)

+47 -34

crypto/blkcipher.c

··· 70 70 return max(start, end_page); 71 71 } 72 72 73 - static inline unsigned int blkcipher_done_slow(struct crypto_blkcipher *tfm, 74 - struct blkcipher_walk *walk, 73 + static inline unsigned int blkcipher_done_slow(struct blkcipher_walk *walk, 75 74 unsigned int bsize) 76 75 { 77 76 u8 *addr; 78 - unsigned int alignmask = crypto_blkcipher_alignmask(tfm); 79 77 80 - addr = (u8 *)ALIGN((unsigned long)walk->buffer, alignmask + 1); 78 + addr = (u8 *)ALIGN((unsigned long)walk->buffer, walk->alignmask + 1); 81 79 addr = blkcipher_get_spot(addr, bsize); 82 80 scatterwalk_copychunks(addr, &walk->out, bsize, 1); 83 81 return bsize; ··· 103 105 int blkcipher_walk_done(struct blkcipher_desc *desc, 104 106 struct blkcipher_walk *walk, int err) 105 107 { 106 - struct crypto_blkcipher *tfm = desc->tfm; 107 108 unsigned int nbytes = 0; 108 109 109 110 if (likely(err >= 0)) { ··· 114 117 err = -EINVAL; 115 118 goto err; 116 119 } else 117 - n = blkcipher_done_slow(tfm, walk, n); 120 + n = blkcipher_done_slow(walk, n); 118 121 119 122 nbytes = walk->total - n; 120 123 err = 0; ··· 133 136 } 134 137 135 138 if (walk->iv != desc->info) 136 - memcpy(desc->info, walk->iv, crypto_blkcipher_ivsize(tfm)); 139 + memcpy(desc->info, walk->iv, walk->ivsize); 137 140 if (walk->buffer != walk->page) 138 141 kfree(walk->buffer); 139 142 if (walk->page) ··· 223 226 static int blkcipher_walk_next(struct blkcipher_desc *desc, 224 227 struct blkcipher_walk *walk) 225 228 { 226 - struct crypto_blkcipher *tfm = desc->tfm; 227 - unsigned int alignmask = crypto_blkcipher_alignmask(tfm); 228 229 unsigned int bsize; 229 230 unsigned int n; 230 231 int err; 231 232 232 233 n = walk->total; 233 - if (unlikely(n < crypto_blkcipher_blocksize(tfm))) { 234 + if (unlikely(n < walk->cipher_blocksize)) { 234 235 desc->flags |= CRYPTO_TFM_RES_BAD_BLOCK_LEN; 235 236 return blkcipher_walk_done(desc, walk, -EINVAL); 236 237 } 237 238 238 239 walk->flags &= ~(BLKCIPHER_WALK_SLOW | BLKCIPHER_WALK_COPY | 239 240 BLKCIPHER_WALK_DIFF); 240 - if (!scatterwalk_aligned(&walk->in, alignmask) || 241 - !scatterwalk_aligned(&walk->out, alignmask)) { 241 + if (!scatterwalk_aligned(&walk->in, walk->alignmask) || 242 + !scatterwalk_aligned(&walk->out, walk->alignmask)) { 242 243 walk->flags |= BLKCIPHER_WALK_COPY; 243 244 if (!walk->page) { 244 245 walk->page = (void *)__get_free_page(GFP_ATOMIC); ··· 245 250 } 246 251 } 247 252 248 - bsize = min(walk->blocksize, n); 253 + bsize = min(walk->walk_blocksize, n); 249 254 n = scatterwalk_clamp(&walk->in, n); 250 255 n = scatterwalk_clamp(&walk->out, n); 251 256 252 257 if (unlikely(n < bsize)) { 253 - err = blkcipher_next_slow(desc, walk, bsize, alignmask); 258 + err = blkcipher_next_slow(desc, walk, bsize, walk->alignmask); 254 259 goto set_phys_lowmem; 255 260 } 256 261 ··· 272 277 return err; 273 278 } 274 279 275 - static inline int blkcipher_copy_iv(struct blkcipher_walk *walk, 276 - struct crypto_blkcipher *tfm, 277 - unsigned int alignmask) 280 + static inline int blkcipher_copy_iv(struct blkcipher_walk *walk) 278 281 { 279 - unsigned bs = walk->blocksize; 280 - unsigned int ivsize = crypto_blkcipher_ivsize(tfm); 281 - unsigned aligned_bs = ALIGN(bs, alignmask + 1); 282 - unsigned int size = aligned_bs * 2 + ivsize + max(aligned_bs, ivsize) - 283 - (alignmask + 1); 282 + unsigned bs = walk->walk_blocksize; 283 + unsigned aligned_bs = ALIGN(bs, walk->alignmask + 1); 284 + unsigned int size = aligned_bs * 2 + 285 + walk->ivsize + max(aligned_bs, walk->ivsize) - 286 + (walk->alignmask + 1); 284 287 u8 *iv; 285 288 286 - size += alignmask & ~(crypto_tfm_ctx_alignment() - 1); 289 + size += walk->alignmask & ~(crypto_tfm_ctx_alignment() - 1); 287 290 walk->buffer = kmalloc(size, GFP_ATOMIC); 288 291 if (!walk->buffer) 289 292 return -ENOMEM; 290 293 291 - iv = (u8 *)ALIGN((unsigned long)walk->buffer, alignmask + 1); 294 + iv = (u8 *)ALIGN((unsigned long)walk->buffer, walk->alignmask + 1); 292 295 iv = blkcipher_get_spot(iv, bs) + aligned_bs; 293 296 iv = blkcipher_get_spot(iv, bs) + aligned_bs; 294 - iv = blkcipher_get_spot(iv, ivsize); 297 + iv = blkcipher_get_spot(iv, walk->ivsize); 295 298 296 - walk->iv = memcpy(iv, walk->iv, ivsize); 299 + walk->iv = memcpy(iv, walk->iv, walk->ivsize); 297 300 return 0; 298 301 } 299 302 ··· 299 306 struct blkcipher_walk *walk) 300 307 { 301 308 walk->flags &= ~BLKCIPHER_WALK_PHYS; 302 - walk->blocksize = crypto_blkcipher_blocksize(desc->tfm); 309 + walk->walk_blocksize = crypto_blkcipher_blocksize(desc->tfm); 310 + walk->cipher_blocksize = walk->walk_blocksize; 311 + walk->ivsize = crypto_blkcipher_ivsize(desc->tfm); 312 + walk->alignmask = crypto_blkcipher_alignmask(desc->tfm); 303 313 return blkcipher_walk_first(desc, walk); 304 314 } 305 315 EXPORT_SYMBOL_GPL(blkcipher_walk_virt); ··· 311 315 struct blkcipher_walk *walk) 312 316 { 313 317 walk->flags |= BLKCIPHER_WALK_PHYS; 314 - walk->blocksize = crypto_blkcipher_blocksize(desc->tfm); 318 + walk->walk_blocksize = crypto_blkcipher_blocksize(desc->tfm); 319 + walk->cipher_blocksize = walk->walk_blocksize; 320 + walk->ivsize = crypto_blkcipher_ivsize(desc->tfm); 321 + walk->alignmask = crypto_blkcipher_alignmask(desc->tfm); 315 322 return blkcipher_walk_first(desc, walk); 316 323 } 317 324 EXPORT_SYMBOL_GPL(blkcipher_walk_phys); ··· 322 323 static int blkcipher_walk_first(struct blkcipher_desc *desc, 323 324 struct blkcipher_walk *walk) 324 325 { 325 - struct crypto_blkcipher *tfm = desc->tfm; 326 - unsigned int alignmask = crypto_blkcipher_alignmask(tfm); 327 - 328 326 if (WARN_ON_ONCE(in_irq())) 329 327 return -EDEADLK; 330 328 ··· 331 335 332 336 walk->buffer = NULL; 333 337 walk->iv = desc->info; 334 - if (unlikely(((unsigned long)walk->iv & alignmask))) { 335 - int err = blkcipher_copy_iv(walk, tfm, alignmask); 338 + if (unlikely(((unsigned long)walk->iv & walk->alignmask))) { 339 + int err = blkcipher_copy_iv(walk); 336 340 if (err) 337 341 return err; 338 342 } ··· 349 353 unsigned int blocksize) 350 354 { 351 355 walk->flags &= ~BLKCIPHER_WALK_PHYS; 352 - walk->blocksize = blocksize; 356 + walk->walk_blocksize = blocksize; 357 + walk->cipher_blocksize = crypto_blkcipher_blocksize(desc->tfm); 358 + walk->ivsize = crypto_blkcipher_ivsize(desc->tfm); 359 + walk->alignmask = crypto_blkcipher_alignmask(desc->tfm); 353 360 return blkcipher_walk_first(desc, walk); 354 361 } 355 362 EXPORT_SYMBOL_GPL(blkcipher_walk_virt_block); 363 + 364 + int blkcipher_aead_walk_virt_block(struct blkcipher_desc *desc, 365 + struct blkcipher_walk *walk, 366 + struct crypto_aead *tfm, 367 + unsigned int blocksize) 368 + { 369 + walk->flags &= ~BLKCIPHER_WALK_PHYS; 370 + walk->walk_blocksize = blocksize; 371 + walk->cipher_blocksize = crypto_aead_blocksize(tfm); 372 + walk->ivsize = crypto_aead_ivsize(tfm); 373 + walk->alignmask = crypto_aead_alignmask(tfm); 374 + return blkcipher_walk_first(desc, walk); 375 + } 376 + EXPORT_SYMBOL_GPL(blkcipher_aead_walk_virt_block); 356 377 357 378 static int setkey_unaligned(struct crypto_tfm *tfm, const u8 *key, 358 379 unsigned int keylen)

+2

crypto/crc32c.c crypto/crc32c_generic.c

··· 170 170 MODULE_AUTHOR("Clay Haapala <chaapala@cisco.com>"); 171 171 MODULE_DESCRIPTION("CRC32c (Castagnoli) calculations wrapper for lib/crc32c"); 172 172 MODULE_LICENSE("GPL"); 173 + MODULE_ALIAS("crc32c"); 174 + MODULE_SOFTDEP("pre: crc32c");

+1 -5

crypto/crypto_null.c

··· 17 17 * 18 18 */ 19 19 20 + #include <crypto/null.h> 20 21 #include <crypto/internal/hash.h> 21 22 #include <crypto/internal/skcipher.h> 22 23 #include <linux/init.h> 23 24 #include <linux/module.h> 24 25 #include <linux/mm.h> 25 26 #include <linux/string.h> 26 - 27 - #define NULL_KEY_SIZE 0 28 - #define NULL_BLOCK_SIZE 1 29 - #define NULL_DIGEST_SIZE 0 30 - #define NULL_IV_SIZE 0 31 27 32 28 static int null_compress(struct crypto_tfm *tfm, const u8 *src, 33 29 unsigned int slen, u8 *dst, unsigned int *dlen)

+1 -1

crypto/crypto_wq.c

··· 33 33 destroy_workqueue(kcrypto_wq); 34 34 } 35 35 36 - module_init(crypto_wq_init); 36 + subsys_initcall(crypto_wq_init); 37 37 module_exit(crypto_wq_exit); 38 38 39 39 MODULE_LICENSE("GPL");

+8

crypto/tcrypt.c

··· 1511 1511 ret += tcrypt_test("authenc(hmac(sha1),cbc(aes))"); 1512 1512 break; 1513 1513 1514 + case 156: 1515 + ret += tcrypt_test("authenc(hmac(md5),ecb(cipher_null))"); 1516 + break; 1517 + 1518 + case 157: 1519 + ret += tcrypt_test("authenc(hmac(sha1),ecb(cipher_null))"); 1520 + break; 1521 + 1514 1522 case 200: 1515 1523 test_cipher_speed("ecb(aes)", ENCRYPT, sec, NULL, 0, 1516 1524 speed_template_16_24_32);

+32

crypto/testmgr.c

··· 1809 1809 } 1810 1810 } 1811 1811 }, { 1812 + .alg = "authenc(hmac(md5),ecb(cipher_null))", 1813 + .test = alg_test_aead, 1814 + .fips_allowed = 1, 1815 + .suite = { 1816 + .aead = { 1817 + .enc = { 1818 + .vecs = hmac_md5_ecb_cipher_null_enc_tv_template, 1819 + .count = HMAC_MD5_ECB_CIPHER_NULL_ENC_TEST_VECTORS 1820 + }, 1821 + .dec = { 1822 + .vecs = hmac_md5_ecb_cipher_null_dec_tv_template, 1823 + .count = HMAC_MD5_ECB_CIPHER_NULL_DEC_TEST_VECTORS 1824 + } 1825 + } 1826 + } 1827 + }, { 1812 1828 .alg = "authenc(hmac(sha1),cbc(aes))", 1813 1829 .test = alg_test_aead, 1814 1830 .fips_allowed = 1, ··· 1833 1817 .enc = { 1834 1818 .vecs = hmac_sha1_aes_cbc_enc_tv_template, 1835 1819 .count = HMAC_SHA1_AES_CBC_ENC_TEST_VECTORS 1820 + } 1821 + } 1822 + } 1823 + }, { 1824 + .alg = "authenc(hmac(sha1),ecb(cipher_null))", 1825 + .test = alg_test_aead, 1826 + .fips_allowed = 1, 1827 + .suite = { 1828 + .aead = { 1829 + .enc = { 1830 + .vecs = hmac_sha1_ecb_cipher_null_enc_tv_template, 1831 + .count = HMAC_SHA1_ECB_CIPHER_NULL_ENC_TEST_VECTORS 1832 + }, 1833 + .dec = { 1834 + .vecs = hmac_sha1_ecb_cipher_null_dec_tv_template, 1835 + .count = HMAC_SHA1_ECB_CIPHER_NULL_DEC_TEST_VECTORS 1836 1836 } 1837 1837 } 1838 1838 }

+180

crypto/testmgr.h

··· 12821 12821 #define AES_DEC_TEST_VECTORS 4 12822 12822 #define AES_CBC_ENC_TEST_VECTORS 5 12823 12823 #define AES_CBC_DEC_TEST_VECTORS 5 12824 + #define HMAC_MD5_ECB_CIPHER_NULL_ENC_TEST_VECTORS 2 12825 + #define HMAC_MD5_ECB_CIPHER_NULL_DEC_TEST_VECTORS 2 12826 + #define HMAC_SHA1_ECB_CIPHER_NULL_ENC_TEST_VECTORS 2 12827 + #define HMAC_SHA1_ECB_CIPHER_NULL_DEC_TEST_VECTORS 2 12824 12828 #define HMAC_SHA1_AES_CBC_ENC_TEST_VECTORS 7 12825 12829 #define HMAC_SHA256_AES_CBC_ENC_TEST_VECTORS 7 12826 12830 #define HMAC_SHA512_AES_CBC_ENC_TEST_VECTORS 7 ··· 13631 13627 }, 13632 13628 }; 13633 13629 13630 + static struct aead_testvec hmac_md5_ecb_cipher_null_enc_tv_template[] = { 13631 + { /* Input data from RFC 2410 Case 1 */ 13632 + #ifdef __LITTLE_ENDIAN 13633 + .key = "\x08\x00" /* rta length */ 13634 + "\x01\x00" /* rta type */ 13635 + #else 13636 + .key = "\x00\x08" /* rta length */ 13637 + "\x00\x01" /* rta type */ 13638 + #endif 13639 + "\x00\x00\x00\x00" /* enc key length */ 13640 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13641 + "\x00\x00\x00\x00\x00\x00\x00\x00", 13642 + .klen = 8 + 16 + 0, 13643 + .iv = "", 13644 + .input = "\x01\x23\x45\x67\x89\xab\xcd\xef", 13645 + .ilen = 8, 13646 + .result = "\x01\x23\x45\x67\x89\xab\xcd\xef" 13647 + "\xaa\x42\xfe\x43\x8d\xea\xa3\x5a" 13648 + "\xb9\x3d\x9f\xb1\xa3\x8e\x9b\xae", 13649 + .rlen = 8 + 16, 13650 + }, { /* Input data from RFC 2410 Case 2 */ 13651 + #ifdef __LITTLE_ENDIAN 13652 + .key = "\x08\x00" /* rta length */ 13653 + "\x01\x00" /* rta type */ 13654 + #else 13655 + .key = "\x00\x08" /* rta length */ 13656 + "\x00\x01" /* rta type */ 13657 + #endif 13658 + "\x00\x00\x00\x00" /* enc key length */ 13659 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13660 + "\x00\x00\x00\x00\x00\x00\x00\x00", 13661 + .klen = 8 + 16 + 0, 13662 + .iv = "", 13663 + .input = "Network Security People Have A Strange Sense Of Humor", 13664 + .ilen = 53, 13665 + .result = "Network Security People Have A Strange Sense Of Humor" 13666 + "\x73\xa5\x3e\x1c\x08\x0e\x8a\x8a" 13667 + "\x8e\xb5\x5f\x90\x8e\xfe\x13\x23", 13668 + .rlen = 53 + 16, 13669 + }, 13670 + }; 13671 + 13672 + static struct aead_testvec hmac_md5_ecb_cipher_null_dec_tv_template[] = { 13673 + { 13674 + #ifdef __LITTLE_ENDIAN 13675 + .key = "\x08\x00" /* rta length */ 13676 + "\x01\x00" /* rta type */ 13677 + #else 13678 + .key = "\x00\x08" /* rta length */ 13679 + "\x00\x01" /* rta type */ 13680 + #endif 13681 + "\x00\x00\x00\x00" /* enc key length */ 13682 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13683 + "\x00\x00\x00\x00\x00\x00\x00\x00", 13684 + .klen = 8 + 16 + 0, 13685 + .iv = "", 13686 + .input = "\x01\x23\x45\x67\x89\xab\xcd\xef" 13687 + "\xaa\x42\xfe\x43\x8d\xea\xa3\x5a" 13688 + "\xb9\x3d\x9f\xb1\xa3\x8e\x9b\xae", 13689 + .ilen = 8 + 16, 13690 + .result = "\x01\x23\x45\x67\x89\xab\xcd\xef", 13691 + .rlen = 8, 13692 + }, { 13693 + #ifdef __LITTLE_ENDIAN 13694 + .key = "\x08\x00" /* rta length */ 13695 + "\x01\x00" /* rta type */ 13696 + #else 13697 + .key = "\x00\x08" /* rta length */ 13698 + "\x00\x01" /* rta type */ 13699 + #endif 13700 + "\x00\x00\x00\x00" /* enc key length */ 13701 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13702 + "\x00\x00\x00\x00\x00\x00\x00\x00", 13703 + .klen = 8 + 16 + 0, 13704 + .iv = "", 13705 + .input = "Network Security People Have A Strange Sense Of Humor" 13706 + "\x73\xa5\x3e\x1c\x08\x0e\x8a\x8a" 13707 + "\x8e\xb5\x5f\x90\x8e\xfe\x13\x23", 13708 + .ilen = 53 + 16, 13709 + .result = "Network Security People Have A Strange Sense Of Humor", 13710 + .rlen = 53, 13711 + }, 13712 + }; 13713 + 13634 13714 static struct aead_testvec hmac_sha1_aes_cbc_enc_tv_template[] = { 13635 13715 { /* RFC 3602 Case 1 */ 13636 13716 #ifdef __LITTLE_ENDIAN ··· 13961 13873 "\x1b\x9f\xc6\x81\x26\x43\x4a\x87" 13962 13874 "\x51\xee\xd6\x4e", 13963 13875 .rlen = 64 + 20, 13876 + }, 13877 + }; 13878 + 13879 + static struct aead_testvec hmac_sha1_ecb_cipher_null_enc_tv_template[] = { 13880 + { /* Input data from RFC 2410 Case 1 */ 13881 + #ifdef __LITTLE_ENDIAN 13882 + .key = "\x08\x00" /* rta length */ 13883 + "\x01\x00" /* rta type */ 13884 + #else 13885 + .key = "\x00\x08" /* rta length */ 13886 + "\x00\x01" /* rta type */ 13887 + #endif 13888 + "\x00\x00\x00\x00" /* enc key length */ 13889 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13890 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13891 + "\x00\x00\x00\x00", 13892 + .klen = 8 + 20 + 0, 13893 + .iv = "", 13894 + .input = "\x01\x23\x45\x67\x89\xab\xcd\xef", 13895 + .ilen = 8, 13896 + .result = "\x01\x23\x45\x67\x89\xab\xcd\xef" 13897 + "\x40\xc3\x0a\xa1\xc9\xa0\x28\xab" 13898 + "\x99\x5e\x19\x04\xd1\x72\xef\xb8" 13899 + "\x8c\x5e\xe4\x08", 13900 + .rlen = 8 + 20, 13901 + }, { /* Input data from RFC 2410 Case 2 */ 13902 + #ifdef __LITTLE_ENDIAN 13903 + .key = "\x08\x00" /* rta length */ 13904 + "\x01\x00" /* rta type */ 13905 + #else 13906 + .key = "\x00\x08" /* rta length */ 13907 + "\x00\x01" /* rta type */ 13908 + #endif 13909 + "\x00\x00\x00\x00" /* enc key length */ 13910 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13911 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13912 + "\x00\x00\x00\x00", 13913 + .klen = 8 + 20 + 0, 13914 + .iv = "", 13915 + .input = "Network Security People Have A Strange Sense Of Humor", 13916 + .ilen = 53, 13917 + .result = "Network Security People Have A Strange Sense Of Humor" 13918 + "\x75\x6f\x42\x1e\xf8\x50\x21\xd2" 13919 + "\x65\x47\xee\x8e\x1a\xef\x16\xf6" 13920 + "\x91\x56\xe4\xd6", 13921 + .rlen = 53 + 20, 13922 + }, 13923 + }; 13924 + 13925 + static struct aead_testvec hmac_sha1_ecb_cipher_null_dec_tv_template[] = { 13926 + { 13927 + #ifdef __LITTLE_ENDIAN 13928 + .key = "\x08\x00" /* rta length */ 13929 + "\x01\x00" /* rta type */ 13930 + #else 13931 + .key = "\x00\x08" /* rta length */ 13932 + "\x00\x01" /* rta type */ 13933 + #endif 13934 + "\x00\x00\x00\x00" /* enc key length */ 13935 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13936 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13937 + "\x00\x00\x00\x00", 13938 + .klen = 8 + 20 + 0, 13939 + .iv = "", 13940 + .input = "\x01\x23\x45\x67\x89\xab\xcd\xef" 13941 + "\x40\xc3\x0a\xa1\xc9\xa0\x28\xab" 13942 + "\x99\x5e\x19\x04\xd1\x72\xef\xb8" 13943 + "\x8c\x5e\xe4\x08", 13944 + .ilen = 8 + 20, 13945 + .result = "\x01\x23\x45\x67\x89\xab\xcd\xef", 13946 + .rlen = 8, 13947 + }, { 13948 + #ifdef __LITTLE_ENDIAN 13949 + .key = "\x08\x00" /* rta length */ 13950 + "\x01\x00" /* rta type */ 13951 + #else 13952 + .key = "\x00\x08" /* rta length */ 13953 + "\x00\x01" /* rta type */ 13954 + #endif 13955 + "\x00\x00\x00\x00" /* enc key length */ 13956 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13957 + "\x00\x00\x00\x00\x00\x00\x00\x00" 13958 + "\x00\x00\x00\x00", 13959 + .klen = 8 + 20 + 0, 13960 + .iv = "", 13961 + .input = "Network Security People Have A Strange Sense Of Humor" 13962 + "\x75\x6f\x42\x1e\xf8\x50\x21\xd2" 13963 + "\x65\x47\xee\x8e\x1a\xef\x16\xf6" 13964 + "\x91\x56\xe4\xd6", 13965 + .ilen = 53 + 20, 13966 + .result = "Network Security People Have A Strange Sense Of Humor", 13967 + .rlen = 53, 13964 13968 }, 13965 13969 }; 13966 13970

+6 -17

drivers/char/hw_random/atmel-rng.c

··· 54 54 struct resource *res; 55 55 int ret; 56 56 57 - res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 58 - if (!res) 59 - return -EINVAL; 60 - 61 57 trng = devm_kzalloc(&pdev->dev, sizeof(*trng), GFP_KERNEL); 62 58 if (!trng) 63 59 return -ENOMEM; 64 60 65 - if (!devm_request_mem_region(&pdev->dev, res->start, 66 - resource_size(res), pdev->name)) 67 - return -EBUSY; 61 + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 62 + trng->base = devm_ioremap_resource(&pdev->dev, res); 63 + if (IS_ERR(trng->base)) 64 + return PTR_ERR(trng->base); 68 65 69 - trng->base = devm_ioremap(&pdev->dev, res->start, resource_size(res)); 70 - if (!trng->base) 71 - return -EBUSY; 72 - 73 - trng->clk = clk_get(&pdev->dev, NULL); 66 + trng->clk = devm_clk_get(&pdev->dev, NULL); 74 67 if (IS_ERR(trng->clk)) 75 68 return PTR_ERR(trng->clk); 76 69 77 70 ret = clk_enable(trng->clk); 78 71 if (ret) 79 - goto err_enable; 72 + return ret; 80 73 81 74 writel(TRNG_KEY | 1, trng->base + TRNG_CR); 82 75 trng->rng.name = pdev->name; ··· 85 92 86 93 err_register: 87 94 clk_disable(trng->clk); 88 - err_enable: 89 - clk_put(trng->clk); 90 - 91 95 return ret; 92 96 } 93 97 ··· 96 106 97 107 writel(TRNG_KEY, trng->base + TRNG_CR); 98 108 clk_disable(trng->clk); 99 - clk_put(trng->clk); 100 109 101 110 return 0; 102 111 }

+10 -7

drivers/char/hw_random/core.c

··· 40 40 #include <linux/miscdevice.h> 41 41 #include <linux/delay.h> 42 42 #include <linux/slab.h> 43 + #include <linux/random.h> 43 44 #include <asm/uaccess.h> 44 45 45 46 ··· 302 301 303 302 int hwrng_register(struct hwrng *rng) 304 303 { 305 - int must_register_misc; 306 304 int err = -EINVAL; 307 305 struct hwrng *old_rng, *tmp; 306 + unsigned char bytes[16]; 307 + int bytes_read; 308 308 309 309 if (rng->name == NULL || 310 310 (rng->data_read == NULL && rng->read == NULL)) ··· 328 326 goto out_unlock; 329 327 } 330 328 331 - must_register_misc = (current_rng == NULL); 332 329 old_rng = current_rng; 333 330 if (!old_rng) { 334 331 err = hwrng_init(rng); ··· 336 335 current_rng = rng; 337 336 } 338 337 err = 0; 339 - if (must_register_misc) { 338 + if (!old_rng) { 340 339 err = register_miscdev(); 341 340 if (err) { 342 - if (!old_rng) { 343 - hwrng_cleanup(rng); 344 - current_rng = NULL; 345 - } 341 + hwrng_cleanup(rng); 342 + current_rng = NULL; 346 343 goto out_unlock; 347 344 } 348 345 } 349 346 INIT_LIST_HEAD(&rng->list); 350 347 list_add_tail(&rng->list, &rng_list); 348 + 349 + bytes_read = rng_get_data(rng, bytes, sizeof(bytes), 1); 350 + if (bytes_read > 0) 351 + add_device_randomness(bytes, bytes_read); 351 352 out_unlock: 352 353 mutex_unlock(&rng_mutex); 353 354 out:

+4 -9

drivers/char/hw_random/nomadik-rng.c

··· 43 43 void __iomem *base; 44 44 int ret; 45 45 46 - rng_clk = clk_get(&dev->dev, NULL); 46 + rng_clk = devm_clk_get(&dev->dev, NULL); 47 47 if (IS_ERR(rng_clk)) { 48 48 dev_err(&dev->dev, "could not get rng clock\n"); 49 49 ret = PTR_ERR(rng_clk); ··· 56 56 if (ret) 57 57 goto out_clk; 58 58 ret = -ENOMEM; 59 - base = ioremap(dev->res.start, resource_size(&dev->res)); 59 + base = devm_ioremap(&dev->dev, dev->res.start, 60 + resource_size(&dev->res)); 60 61 if (!base) 61 62 goto out_release; 62 63 nmk_rng.priv = (unsigned long)base; 63 64 ret = hwrng_register(&nmk_rng); 64 65 if (ret) 65 - goto out_unmap; 66 + goto out_release; 66 67 return 0; 67 68 68 - out_unmap: 69 - iounmap(base); 70 69 out_release: 71 70 amba_release_regions(dev); 72 71 out_clk: 73 72 clk_disable(rng_clk); 74 - clk_put(rng_clk); 75 73 return ret; 76 74 } 77 75 78 76 static int nmk_rng_remove(struct amba_device *dev) 79 77 { 80 - void __iomem *base = (void __iomem *)nmk_rng.priv; 81 78 hwrng_unregister(&nmk_rng); 82 - iounmap(base); 83 79 amba_release_regions(dev); 84 80 clk_disable(rng_clk); 85 - clk_put(rng_clk); 86 81 return 0; 87 82 } 88 83

+1 -2

drivers/char/hw_random/omap3-rom-rng.c

··· 103 103 } 104 104 105 105 setup_timer(&idle_timer, omap3_rom_rng_idle, 0); 106 - rng_clk = clk_get(&pdev->dev, "ick"); 106 + rng_clk = devm_clk_get(&pdev->dev, "ick"); 107 107 if (IS_ERR(rng_clk)) { 108 108 pr_err("unable to get RNG clock\n"); 109 109 return PTR_ERR(rng_clk); ··· 120 120 { 121 121 hwrng_unregister(&omap3_rom_rng_ops); 122 122 clk_disable_unprepare(rng_clk); 123 - clk_put(rng_clk); 124 123 return 0; 125 124 } 126 125

+5 -22

drivers/char/hw_random/picoxcell-rng.c

··· 104 104 int ret; 105 105 struct resource *mem = platform_get_resource(pdev, IORESOURCE_MEM, 0); 106 106 107 - if (!mem) { 108 - dev_warn(&pdev->dev, "no memory resource\n"); 109 - return -ENOMEM; 110 - } 107 + rng_base = devm_ioremap_resource(&pdev->dev, mem); 108 + if (IS_ERR(rng_base)) 109 + return PTR_ERR(rng_base); 111 110 112 - if (!devm_request_mem_region(&pdev->dev, mem->start, resource_size(mem), 113 - "picoxcell_trng")) { 114 - dev_warn(&pdev->dev, "unable to request io mem\n"); 115 - return -EBUSY; 116 - } 117 - 118 - rng_base = devm_ioremap(&pdev->dev, mem->start, resource_size(mem)); 119 - if (!rng_base) { 120 - dev_warn(&pdev->dev, "unable to remap io mem\n"); 121 - return -ENOMEM; 122 - } 123 - 124 - rng_clk = clk_get(&pdev->dev, NULL); 111 + rng_clk = devm_clk_get(&pdev->dev, NULL); 125 112 if (IS_ERR(rng_clk)) { 126 113 dev_warn(&pdev->dev, "no clk\n"); 127 114 return PTR_ERR(rng_clk); ··· 117 130 ret = clk_enable(rng_clk); 118 131 if (ret) { 119 132 dev_warn(&pdev->dev, "unable to enable clk\n"); 120 - goto err_enable; 133 + return ret; 121 134 } 122 135 123 136 picoxcell_trng_start(); ··· 132 145 133 146 err_register: 134 147 clk_disable(rng_clk); 135 - err_enable: 136 - clk_put(rng_clk); 137 - 138 148 return ret; 139 149 } 140 150 ··· 139 155 { 140 156 hwrng_unregister(&picoxcell_trng); 141 157 clk_disable(rng_clk); 142 - clk_put(rng_clk); 143 158 144 159 return 0; 145 160 }

+10 -30

drivers/char/hw_random/timeriomem-rng.c

··· 118 118 } 119 119 120 120 /* Allocate memory for the device structure (and zero it) */ 121 - priv = kzalloc(sizeof(struct timeriomem_rng_private_data), GFP_KERNEL); 121 + priv = devm_kzalloc(&pdev->dev, 122 + sizeof(struct timeriomem_rng_private_data), GFP_KERNEL); 122 123 if (!priv) { 123 124 dev_err(&pdev->dev, "failed to allocate device structure.\n"); 124 125 return -ENOMEM; ··· 135 134 period = i; 136 135 else { 137 136 dev_err(&pdev->dev, "missing period\n"); 138 - err = -EINVAL; 139 - goto out_free; 137 + return -EINVAL; 140 138 } 141 - } else 139 + } else { 142 140 period = pdata->period; 141 + } 143 142 144 143 priv->period = usecs_to_jiffies(period); 145 144 if (priv->period < 1) { 146 145 dev_err(&pdev->dev, "period is less than one jiffy\n"); 147 - err = -EINVAL; 148 - goto out_free; 146 + return -EINVAL; 149 147 } 150 148 151 149 priv->expires = jiffies; ··· 160 160 priv->timeriomem_rng_ops.data_read = timeriomem_rng_data_read; 161 161 priv->timeriomem_rng_ops.priv = (unsigned long)priv; 162 162 163 - if (!request_mem_region(res->start, resource_size(res), 164 - dev_name(&pdev->dev))) { 165 - dev_err(&pdev->dev, "request_mem_region failed\n"); 166 - err = -EBUSY; 163 + priv->io_base = devm_ioremap_resource(&pdev->dev, res); 164 + if (IS_ERR(priv->io_base)) { 165 + err = PTR_ERR(priv->io_base); 167 166 goto out_timer; 168 - } 169 - 170 - priv->io_base = ioremap(res->start, resource_size(res)); 171 - if (priv->io_base == NULL) { 172 - dev_err(&pdev->dev, "ioremap failed\n"); 173 - err = -EIO; 174 - goto out_release_io; 175 167 } 176 168 177 169 err = hwrng_register(&priv->timeriomem_rng_ops); 178 170 if (err) { 179 171 dev_err(&pdev->dev, "problem registering\n"); 180 - goto out; 172 + goto out_timer; 181 173 } 182 174 183 175 dev_info(&pdev->dev, "32bits from 0x%p @ %dus\n", ··· 177 185 178 186 return 0; 179 187 180 - out: 181 - iounmap(priv->io_base); 182 - out_release_io: 183 - release_mem_region(res->start, resource_size(res)); 184 188 out_timer: 185 189 del_timer_sync(&priv->timer); 186 - out_free: 187 - kfree(priv); 188 190 return err; 189 191 } 190 192 191 193 static int timeriomem_rng_remove(struct platform_device *pdev) 192 194 { 193 195 struct timeriomem_rng_private_data *priv = platform_get_drvdata(pdev); 194 - struct resource *res; 195 - 196 - res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 197 196 198 197 hwrng_unregister(&priv->timeriomem_rng_ops); 199 198 200 199 del_timer_sync(&priv->timer); 201 - iounmap(priv->io_base); 202 - release_mem_region(res->start, resource_size(res)); 203 - kfree(priv); 204 200 205 201 return 0; 206 202 }

+11 -11

drivers/crypto/Kconfig

··· 262 262 OMAP processors have AES module accelerator. Select this if you 263 263 want to use the OMAP module for AES algorithms. 264 264 265 + config CRYPTO_DEV_OMAP_DES 266 + tristate "Support for OMAP DES3DES hw engine" 267 + depends on ARCH_OMAP2PLUS 268 + select CRYPTO_DES 269 + select CRYPTO_BLKCIPHER2 270 + help 271 + OMAP processors have DES/3DES module accelerator. Select this if you 272 + want to use the OMAP module for DES and 3DES algorithms. Currently 273 + the ECB and CBC modes of operation supported by the driver. Also 274 + accesses made on unaligned boundaries are also supported. 275 + 265 276 config CRYPTO_DEV_PICOXCELL 266 277 tristate "Support for picoXcell IPSEC and Layer2 crypto engines" 267 278 depends on ARCH_PICOXCELL && HAVE_CLK ··· 310 299 This option allows you to have support for S5P crypto acceleration. 311 300 Select this to offload Samsung S5PV210 or S5PC110 from AES 312 301 algorithms execution. 313 - 314 - config CRYPTO_DEV_TEGRA_AES 315 - tristate "Support for TEGRA AES hw engine" 316 - depends on ARCH_TEGRA 317 - select CRYPTO_AES 318 - help 319 - TEGRA processors have AES module accelerator. Select this if you 320 - want to use the TEGRA module for AES algorithms. 321 - 322 - To compile this driver as a module, choose M here: the module 323 - will be called tegra-aes. 324 302 325 303 config CRYPTO_DEV_NX 326 304 bool "Support for IBM Power7+ in-Nest cryptographic acceleration"

+1 -1

drivers/crypto/Makefile

··· 13 13 n2_crypto-y := n2_core.o n2_asm.o 14 14 obj-$(CONFIG_CRYPTO_DEV_NX) += nx/ 15 15 obj-$(CONFIG_CRYPTO_DEV_OMAP_AES) += omap-aes.o 16 + obj-$(CONFIG_CRYPTO_DEV_OMAP_DES) += omap-des.o 16 17 obj-$(CONFIG_CRYPTO_DEV_OMAP_SHAM) += omap-sham.o 17 18 obj-$(CONFIG_CRYPTO_DEV_PADLOCK_AES) += padlock-aes.o 18 19 obj-$(CONFIG_CRYPTO_DEV_PADLOCK_SHA) += padlock-sha.o ··· 22 21 obj-$(CONFIG_CRYPTO_DEV_S5P) += s5p-sss.o 23 22 obj-$(CONFIG_CRYPTO_DEV_SAHARA) += sahara.o 24 23 obj-$(CONFIG_CRYPTO_DEV_TALITOS) += talitos.o 25 - obj-$(CONFIG_CRYPTO_DEV_TEGRA_AES) += tegra-aes.o 26 24 obj-$(CONFIG_CRYPTO_DEV_UX500) += ux500/

+11 -34

drivers/crypto/bfin_crc.c

··· 139 139 /* setup CRC interrupts */ 140 140 crc->regs->status = CMPERRI | DCNTEXPI; 141 141 crc->regs->intrenset = CMPERRI | DCNTEXPI; 142 - SSYNC(); 143 142 144 143 return 0; 145 144 } ··· 284 285 if (i == 0) 285 286 return; 286 287 287 - flush_dcache_range((unsigned int)crc->sg_cpu, 288 - (unsigned int)crc->sg_cpu + 289 - i * sizeof(struct dma_desc_array)); 290 - 291 288 /* Set the last descriptor to stop mode */ 292 289 crc->sg_cpu[i - 1].cfg &= ~(DMAFLOW | NDSIZE); 293 290 crc->sg_cpu[i - 1].cfg |= DI_EN; 294 291 set_dma_curr_desc_addr(crc->dma_ch, (unsigned long *)crc->sg_dma); 295 292 set_dma_x_count(crc->dma_ch, 0); 296 293 set_dma_x_modify(crc->dma_ch, 0); 297 - SSYNC(); 298 294 set_dma_config(crc->dma_ch, dma_config); 299 295 } 300 296 ··· 409 415 410 416 /* finally kick off CRC operation */ 411 417 crc->regs->control |= BLKEN; 412 - SSYNC(); 413 418 414 419 return -EINPROGRESS; 415 420 } ··· 532 539 533 540 if (crc->regs->status & DCNTEXP) { 534 541 crc->regs->status = DCNTEXP; 535 - SSYNC(); 536 542 537 543 /* prepare results */ 538 544 put_unaligned_le32(crc->regs->result, crc->req->result); ··· 586 594 unsigned int timeout = 100000; 587 595 int ret; 588 596 589 - crc = kzalloc(sizeof(*crc), GFP_KERNEL); 597 + crc = devm_kzalloc(dev, sizeof(*crc), GFP_KERNEL); 590 598 if (!crc) { 591 599 dev_err(&pdev->dev, "fail to malloc bfin_crypto_crc\n"); 592 600 return -ENOMEM; ··· 602 610 res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 603 611 if (res == NULL) { 604 612 dev_err(&pdev->dev, "Cannot get IORESOURCE_MEM\n"); 605 - ret = -ENOENT; 606 - goto out_error_free_mem; 613 + return -ENOENT; 607 614 } 608 615 609 - crc->regs = ioremap(res->start, resource_size(res)); 610 - if (!crc->regs) { 616 + crc->regs = devm_ioremap_resource(dev, res); 617 + if (IS_ERR((void *)crc->regs)) { 611 618 dev_err(&pdev->dev, "Cannot map CRC IO\n"); 612 - ret = -ENXIO; 613 - goto out_error_free_mem; 619 + return PTR_ERR((void *)crc->regs); 614 620 } 615 621 616 622 crc->irq = platform_get_irq(pdev, 0); 617 623 if (crc->irq < 0) { 618 624 dev_err(&pdev->dev, "No CRC DCNTEXP IRQ specified\n"); 619 - ret = -ENOENT; 620 - goto out_error_unmap; 625 + return -ENOENT; 621 626 } 622 627 623 - ret = request_irq(crc->irq, bfin_crypto_crc_handler, IRQF_SHARED, dev_name(dev), crc); 628 + ret = devm_request_irq(dev, crc->irq, bfin_crypto_crc_handler, 629 + IRQF_SHARED, dev_name(dev), crc); 624 630 if (ret) { 625 631 dev_err(&pdev->dev, "Unable to request blackfin crc irq\n"); 626 - goto out_error_unmap; 632 + return ret; 627 633 } 628 634 629 635 res = platform_get_resource(pdev, IORESOURCE_DMA, 0); 630 636 if (res == NULL) { 631 637 dev_err(&pdev->dev, "No CRC DMA channel specified\n"); 632 - ret = -ENOENT; 633 - goto out_error_irq; 638 + return -ENOENT; 634 639 } 635 640 crc->dma_ch = res->start; 636 641 637 642 ret = request_dma(crc->dma_ch, dev_name(dev)); 638 643 if (ret) { 639 644 dev_err(&pdev->dev, "Unable to attach Blackfin CRC DMA channel\n"); 640 - goto out_error_irq; 645 + return ret; 641 646 } 642 647 643 648 crc->sg_cpu = dma_alloc_coherent(&pdev->dev, PAGE_SIZE, &crc->sg_dma, GFP_KERNEL); ··· 649 660 crc->sg_mid_buf = (u8 *)(crc->sg_cpu + ((CRC_MAX_DMA_DESC + 1) << 1)); 650 661 651 662 crc->regs->control = 0; 652 - SSYNC(); 653 663 crc->regs->poly = crc->poly = (u32)pdev->dev.platform_data; 654 - SSYNC(); 655 664 656 665 while (!(crc->regs->status & LUTDONE) && (--timeout) > 0) 657 666 cpu_relax(); ··· 680 693 if (crc->sg_cpu) 681 694 dma_free_coherent(&pdev->dev, PAGE_SIZE, crc->sg_cpu, crc->sg_dma); 682 695 free_dma(crc->dma_ch); 683 - out_error_irq: 684 - free_irq(crc->irq, crc); 685 - out_error_unmap: 686 - iounmap((void *)crc->regs); 687 - out_error_free_mem: 688 - kfree(crc); 689 696 690 697 return ret; 691 698 } ··· 702 721 crypto_unregister_ahash(&algs); 703 722 tasklet_kill(&crc->done_task); 704 723 free_dma(crc->dma_ch); 705 - if (crc->irq > 0) 706 - free_irq(crc->irq, crc); 707 - iounmap((void *)crc->regs); 708 - kfree(crc); 709 724 710 725 return 0; 711 726 }

+335 -49

drivers/crypto/caam/caamalg.c

··· 66 66 67 67 /* length of descriptors text */ 68 68 #define DESC_AEAD_BASE (4 * CAAM_CMD_SZ) 69 - #define DESC_AEAD_ENC_LEN (DESC_AEAD_BASE + 16 * CAAM_CMD_SZ) 70 - #define DESC_AEAD_DEC_LEN (DESC_AEAD_BASE + 21 * CAAM_CMD_SZ) 69 + #define DESC_AEAD_ENC_LEN (DESC_AEAD_BASE + 15 * CAAM_CMD_SZ) 70 + #define DESC_AEAD_DEC_LEN (DESC_AEAD_BASE + 18 * CAAM_CMD_SZ) 71 71 #define DESC_AEAD_GIVENC_LEN (DESC_AEAD_ENC_LEN + 7 * CAAM_CMD_SZ) 72 + 73 + #define DESC_AEAD_NULL_BASE (3 * CAAM_CMD_SZ) 74 + #define DESC_AEAD_NULL_ENC_LEN (DESC_AEAD_NULL_BASE + 14 * CAAM_CMD_SZ) 75 + #define DESC_AEAD_NULL_DEC_LEN (DESC_AEAD_NULL_BASE + 17 * CAAM_CMD_SZ) 72 76 73 77 #define DESC_ABLKCIPHER_BASE (3 * CAAM_CMD_SZ) 74 78 #define DESC_ABLKCIPHER_ENC_LEN (DESC_ABLKCIPHER_BASE + \ ··· 108 104 } 109 105 110 106 /* 111 - * Wait for completion of class 1 key loading before allowing 112 - * error propagation 113 - */ 114 - static inline void append_dec_shr_done(u32 *desc) 115 - { 116 - u32 *jump_cmd; 117 - 118 - jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1 | JUMP_TEST_ALL); 119 - set_jump_tgt_here(desc, jump_cmd); 120 - append_cmd(desc, SET_OK_NO_PROP_ERRORS | CMD_LOAD); 121 - } 122 - 123 - /* 124 107 * For aead functions, read payload and write payload, 125 108 * both of which are specified in req->src and req->dst 126 109 */ 127 110 static inline void aead_append_src_dst(u32 *desc, u32 msg_type) 128 111 { 112 + append_seq_fifo_store(desc, 0, FIFOST_TYPE_MESSAGE_DATA | KEY_VLF); 129 113 append_seq_fifo_load(desc, 0, FIFOLD_CLASS_BOTH | 130 114 KEY_VLF | msg_type | FIFOLD_TYPE_LASTBOTH); 131 - append_seq_fifo_store(desc, 0, FIFOST_TYPE_MESSAGE_DATA | KEY_VLF); 132 115 } 133 116 134 117 /* ··· 202 211 append_key_aead(desc, ctx, keys_fit_inline); 203 212 204 213 set_jump_tgt_here(desc, key_jump_cmd); 214 + } 205 215 206 - /* Propagate errors from shared to job descriptor */ 207 - append_cmd(desc, SET_OK_NO_PROP_ERRORS | CMD_LOAD); 216 + static int aead_null_set_sh_desc(struct crypto_aead *aead) 217 + { 218 + struct aead_tfm *tfm = &aead->base.crt_aead; 219 + struct caam_ctx *ctx = crypto_aead_ctx(aead); 220 + struct device *jrdev = ctx->jrdev; 221 + bool keys_fit_inline = false; 222 + u32 *key_jump_cmd, *jump_cmd, *read_move_cmd, *write_move_cmd; 223 + u32 *desc; 224 + 225 + /* 226 + * Job Descriptor and Shared Descriptors 227 + * must all fit into the 64-word Descriptor h/w Buffer 228 + */ 229 + if (DESC_AEAD_NULL_ENC_LEN + DESC_JOB_IO_LEN + 230 + ctx->split_key_pad_len <= CAAM_DESC_BYTES_MAX) 231 + keys_fit_inline = true; 232 + 233 + /* aead_encrypt shared descriptor */ 234 + desc = ctx->sh_desc_enc; 235 + 236 + init_sh_desc(desc, HDR_SHARE_SERIAL); 237 + 238 + /* Skip if already shared */ 239 + key_jump_cmd = append_jump(desc, JUMP_JSL | JUMP_TEST_ALL | 240 + JUMP_COND_SHRD); 241 + if (keys_fit_inline) 242 + append_key_as_imm(desc, ctx->key, ctx->split_key_pad_len, 243 + ctx->split_key_len, CLASS_2 | 244 + KEY_DEST_MDHA_SPLIT | KEY_ENC); 245 + else 246 + append_key(desc, ctx->key_dma, ctx->split_key_len, CLASS_2 | 247 + KEY_DEST_MDHA_SPLIT | KEY_ENC); 248 + set_jump_tgt_here(desc, key_jump_cmd); 249 + 250 + /* cryptlen = seqoutlen - authsize */ 251 + append_math_sub_imm_u32(desc, REG3, SEQOUTLEN, IMM, ctx->authsize); 252 + 253 + /* 254 + * NULL encryption; IV is zero 255 + * assoclen = (assoclen + cryptlen) - cryptlen 256 + */ 257 + append_math_sub(desc, VARSEQINLEN, SEQINLEN, REG3, CAAM_CMD_SZ); 258 + 259 + /* read assoc before reading payload */ 260 + append_seq_fifo_load(desc, 0, FIFOLD_CLASS_CLASS2 | FIFOLD_TYPE_MSG | 261 + KEY_VLF); 262 + 263 + /* Prepare to read and write cryptlen bytes */ 264 + append_math_add(desc, VARSEQINLEN, ZERO, REG3, CAAM_CMD_SZ); 265 + append_math_add(desc, VARSEQOUTLEN, ZERO, REG3, CAAM_CMD_SZ); 266 + 267 + /* 268 + * MOVE_LEN opcode is not available in all SEC HW revisions, 269 + * thus need to do some magic, i.e. self-patch the descriptor 270 + * buffer. 271 + */ 272 + read_move_cmd = append_move(desc, MOVE_SRC_DESCBUF | 273 + MOVE_DEST_MATH3 | 274 + (0x6 << MOVE_LEN_SHIFT)); 275 + write_move_cmd = append_move(desc, MOVE_SRC_MATH3 | 276 + MOVE_DEST_DESCBUF | 277 + MOVE_WAITCOMP | 278 + (0x8 << MOVE_LEN_SHIFT)); 279 + 280 + /* Class 2 operation */ 281 + append_operation(desc, ctx->class2_alg_type | 282 + OP_ALG_AS_INITFINAL | OP_ALG_ENCRYPT); 283 + 284 + /* Read and write cryptlen bytes */ 285 + aead_append_src_dst(desc, FIFOLD_TYPE_MSG | FIFOLD_TYPE_FLUSH1); 286 + 287 + set_move_tgt_here(desc, read_move_cmd); 288 + set_move_tgt_here(desc, write_move_cmd); 289 + append_cmd(desc, CMD_LOAD | DISABLE_AUTO_INFO_FIFO); 290 + append_move(desc, MOVE_SRC_INFIFO_CL | MOVE_DEST_OUTFIFO | 291 + MOVE_AUX_LS); 292 + 293 + /* Write ICV */ 294 + append_seq_store(desc, ctx->authsize, LDST_CLASS_2_CCB | 295 + LDST_SRCDST_BYTE_CONTEXT); 296 + 297 + ctx->sh_desc_enc_dma = dma_map_single(jrdev, desc, 298 + desc_bytes(desc), 299 + DMA_TO_DEVICE); 300 + if (dma_mapping_error(jrdev, ctx->sh_desc_enc_dma)) { 301 + dev_err(jrdev, "unable to map shared descriptor\n"); 302 + return -ENOMEM; 303 + } 304 + #ifdef DEBUG 305 + print_hex_dump(KERN_ERR, 306 + "aead null enc shdesc@"__stringify(__LINE__)": ", 307 + DUMP_PREFIX_ADDRESS, 16, 4, desc, 308 + desc_bytes(desc), 1); 309 + #endif 310 + 311 + /* 312 + * Job Descriptor and Shared Descriptors 313 + * must all fit into the 64-word Descriptor h/w Buffer 314 + */ 315 + if (DESC_AEAD_NULL_DEC_LEN + DESC_JOB_IO_LEN + 316 + ctx->split_key_pad_len <= CAAM_DESC_BYTES_MAX) 317 + keys_fit_inline = true; 318 + 319 + desc = ctx->sh_desc_dec; 320 + 321 + /* aead_decrypt shared descriptor */ 322 + init_sh_desc(desc, HDR_SHARE_SERIAL); 323 + 324 + /* Skip if already shared */ 325 + key_jump_cmd = append_jump(desc, JUMP_JSL | JUMP_TEST_ALL | 326 + JUMP_COND_SHRD); 327 + if (keys_fit_inline) 328 + append_key_as_imm(desc, ctx->key, ctx->split_key_pad_len, 329 + ctx->split_key_len, CLASS_2 | 330 + KEY_DEST_MDHA_SPLIT | KEY_ENC); 331 + else 332 + append_key(desc, ctx->key_dma, ctx->split_key_len, CLASS_2 | 333 + KEY_DEST_MDHA_SPLIT | KEY_ENC); 334 + set_jump_tgt_here(desc, key_jump_cmd); 335 + 336 + /* Class 2 operation */ 337 + append_operation(desc, ctx->class2_alg_type | 338 + OP_ALG_AS_INITFINAL | OP_ALG_DECRYPT | OP_ALG_ICV_ON); 339 + 340 + /* assoclen + cryptlen = seqinlen - ivsize - authsize */ 341 + append_math_sub_imm_u32(desc, REG3, SEQINLEN, IMM, 342 + ctx->authsize + tfm->ivsize); 343 + /* assoclen = (assoclen + cryptlen) - cryptlen */ 344 + append_math_sub(desc, REG2, SEQOUTLEN, REG0, CAAM_CMD_SZ); 345 + append_math_sub(desc, VARSEQINLEN, REG3, REG2, CAAM_CMD_SZ); 346 + 347 + /* read assoc before reading payload */ 348 + append_seq_fifo_load(desc, 0, FIFOLD_CLASS_CLASS2 | FIFOLD_TYPE_MSG | 349 + KEY_VLF); 350 + 351 + /* Prepare to read and write cryptlen bytes */ 352 + append_math_add(desc, VARSEQINLEN, ZERO, REG2, CAAM_CMD_SZ); 353 + append_math_add(desc, VARSEQOUTLEN, ZERO, REG2, CAAM_CMD_SZ); 354 + 355 + /* 356 + * MOVE_LEN opcode is not available in all SEC HW revisions, 357 + * thus need to do some magic, i.e. self-patch the descriptor 358 + * buffer. 359 + */ 360 + read_move_cmd = append_move(desc, MOVE_SRC_DESCBUF | 361 + MOVE_DEST_MATH2 | 362 + (0x6 << MOVE_LEN_SHIFT)); 363 + write_move_cmd = append_move(desc, MOVE_SRC_MATH2 | 364 + MOVE_DEST_DESCBUF | 365 + MOVE_WAITCOMP | 366 + (0x8 << MOVE_LEN_SHIFT)); 367 + 368 + /* Read and write cryptlen bytes */ 369 + aead_append_src_dst(desc, FIFOLD_TYPE_MSG | FIFOLD_TYPE_FLUSH1); 370 + 371 + /* 372 + * Insert a NOP here, since we need at least 4 instructions between 373 + * code patching the descriptor buffer and the location being patched. 374 + */ 375 + jump_cmd = append_jump(desc, JUMP_TEST_ALL); 376 + set_jump_tgt_here(desc, jump_cmd); 377 + 378 + set_move_tgt_here(desc, read_move_cmd); 379 + set_move_tgt_here(desc, write_move_cmd); 380 + append_cmd(desc, CMD_LOAD | DISABLE_AUTO_INFO_FIFO); 381 + append_move(desc, MOVE_SRC_INFIFO_CL | MOVE_DEST_OUTFIFO | 382 + MOVE_AUX_LS); 383 + append_cmd(desc, CMD_LOAD | ENABLE_AUTO_INFO_FIFO); 384 + 385 + /* Load ICV */ 386 + append_seq_fifo_load(desc, ctx->authsize, FIFOLD_CLASS_CLASS2 | 387 + FIFOLD_TYPE_LAST2 | FIFOLD_TYPE_ICV); 388 + 389 + ctx->sh_desc_dec_dma = dma_map_single(jrdev, desc, 390 + desc_bytes(desc), 391 + DMA_TO_DEVICE); 392 + if (dma_mapping_error(jrdev, ctx->sh_desc_dec_dma)) { 393 + dev_err(jrdev, "unable to map shared descriptor\n"); 394 + return -ENOMEM; 395 + } 396 + #ifdef DEBUG 397 + print_hex_dump(KERN_ERR, 398 + "aead null dec shdesc@"__stringify(__LINE__)": ", 399 + DUMP_PREFIX_ADDRESS, 16, 4, desc, 400 + desc_bytes(desc), 1); 401 + #endif 402 + 403 + return 0; 208 404 } 209 405 210 406 static int aead_set_sh_desc(struct crypto_aead *aead) ··· 400 222 struct caam_ctx *ctx = crypto_aead_ctx(aead); 401 223 struct device *jrdev = ctx->jrdev; 402 224 bool keys_fit_inline = false; 403 - u32 *key_jump_cmd, *jump_cmd; 404 225 u32 geniv, moveiv; 405 226 u32 *desc; 406 227 407 - if (!ctx->enckeylen || !ctx->authsize) 228 + if (!ctx->authsize) 408 229 return 0; 230 + 231 + /* NULL encryption / decryption */ 232 + if (!ctx->enckeylen) 233 + return aead_null_set_sh_desc(aead); 409 234 410 235 /* 411 236 * Job Descriptor and Shared Descriptors ··· 434 253 /* assoclen + cryptlen = seqinlen - ivsize */ 435 254 append_math_sub_imm_u32(desc, REG2, SEQINLEN, IMM, tfm->ivsize); 436 255 437 - /* assoclen + cryptlen = (assoclen + cryptlen) - cryptlen */ 256 + /* assoclen = (assoclen + cryptlen) - cryptlen */ 438 257 append_math_sub(desc, VARSEQINLEN, REG2, REG3, CAAM_CMD_SZ); 439 258 440 259 /* read assoc before reading payload */ ··· 477 296 CAAM_DESC_BYTES_MAX) 478 297 keys_fit_inline = true; 479 298 299 + /* aead_decrypt shared descriptor */ 480 300 desc = ctx->sh_desc_dec; 481 301 482 - /* aead_decrypt shared descriptor */ 483 - init_sh_desc(desc, HDR_SHARE_SERIAL); 484 - 485 - /* Skip if already shared */ 486 - key_jump_cmd = append_jump(desc, JUMP_JSL | JUMP_TEST_ALL | 487 - JUMP_COND_SHRD); 488 - 489 - append_key_aead(desc, ctx, keys_fit_inline); 490 - 491 - /* Only propagate error immediately if shared */ 492 - jump_cmd = append_jump(desc, JUMP_TEST_ALL); 493 - set_jump_tgt_here(desc, key_jump_cmd); 494 - append_cmd(desc, SET_OK_NO_PROP_ERRORS | CMD_LOAD); 495 - set_jump_tgt_here(desc, jump_cmd); 302 + init_sh_desc_key_aead(desc, ctx, keys_fit_inline); 496 303 497 304 /* Class 2 operation */ 498 305 append_operation(desc, ctx->class2_alg_type | 499 306 OP_ALG_AS_INITFINAL | OP_ALG_DECRYPT | OP_ALG_ICV_ON); 500 307 501 - /* assoclen + cryptlen = seqinlen - ivsize */ 308 + /* assoclen + cryptlen = seqinlen - ivsize - authsize */ 502 309 append_math_sub_imm_u32(desc, REG3, SEQINLEN, IMM, 503 - ctx->authsize + tfm->ivsize) 310 + ctx->authsize + tfm->ivsize); 504 311 /* assoclen = (assoclen + cryptlen) - cryptlen */ 505 312 append_math_sub(desc, REG2, SEQOUTLEN, REG0, CAAM_CMD_SZ); 506 313 append_math_sub(desc, VARSEQINLEN, REG3, REG2, CAAM_CMD_SZ); ··· 509 340 /* Load ICV */ 510 341 append_seq_fifo_load(desc, ctx->authsize, FIFOLD_CLASS_CLASS2 | 511 342 FIFOLD_TYPE_LAST2 | FIFOLD_TYPE_ICV); 512 - append_dec_shr_done(desc); 513 343 514 344 ctx->sh_desc_dec_dma = dma_map_single(jrdev, desc, 515 345 desc_bytes(desc), ··· 700 532 struct ablkcipher_tfm *tfm = &ablkcipher->base.crt_ablkcipher; 701 533 struct device *jrdev = ctx->jrdev; 702 534 int ret = 0; 703 - u32 *key_jump_cmd, *jump_cmd; 535 + u32 *key_jump_cmd; 704 536 u32 *desc; 705 537 706 538 #ifdef DEBUG ··· 730 562 KEY_DEST_CLASS_REG); 731 563 732 564 set_jump_tgt_here(desc, key_jump_cmd); 733 - 734 - /* Propagate errors from shared to job descriptor */ 735 - append_cmd(desc, SET_OK_NO_PROP_ERRORS | CMD_LOAD); 736 565 737 566 /* Load iv */ 738 567 append_cmd(desc, CMD_SEQ_LOAD | LDST_SRCDST_BYTE_CONTEXT | ··· 768 603 ctx->enckeylen, CLASS_1 | 769 604 KEY_DEST_CLASS_REG); 770 605 771 - /* For aead, only propagate error immediately if shared */ 772 - jump_cmd = append_jump(desc, JUMP_TEST_ALL); 773 606 set_jump_tgt_here(desc, key_jump_cmd); 774 - append_cmd(desc, SET_OK_NO_PROP_ERRORS | CMD_LOAD); 775 - set_jump_tgt_here(desc, jump_cmd); 776 607 777 608 /* load IV */ 778 609 append_cmd(desc, CMD_SEQ_LOAD | LDST_SRCDST_BYTE_CONTEXT | ··· 779 618 780 619 /* Perform operation */ 781 620 ablkcipher_append_src_dst(desc); 782 - 783 - /* Wait for key to load before allowing propagating error */ 784 - append_dec_shr_done(desc); 785 621 786 622 ctx->sh_desc_dec_dma = dma_map_single(jrdev, desc, 787 623 desc_bytes(desc), ··· 1617 1459 return ret; 1618 1460 } 1619 1461 1462 + static int aead_null_givencrypt(struct aead_givcrypt_request *areq) 1463 + { 1464 + return aead_encrypt(&areq->areq); 1465 + } 1466 + 1620 1467 /* 1621 1468 * allocate and map the ablkcipher extended descriptor for ablkcipher 1622 1469 */ ··· 1810 1647 1811 1648 static struct caam_alg_template driver_algs[] = { 1812 1649 /* single-pass ipsec_esp descriptor */ 1650 + { 1651 + .name = "authenc(hmac(md5),ecb(cipher_null))", 1652 + .driver_name = "authenc-hmac-md5-ecb-cipher_null-caam", 1653 + .blocksize = NULL_BLOCK_SIZE, 1654 + .type = CRYPTO_ALG_TYPE_AEAD, 1655 + .template_aead = { 1656 + .setkey = aead_setkey, 1657 + .setauthsize = aead_setauthsize, 1658 + .encrypt = aead_encrypt, 1659 + .decrypt = aead_decrypt, 1660 + .givencrypt = aead_null_givencrypt, 1661 + .geniv = "<built-in>", 1662 + .ivsize = NULL_IV_SIZE, 1663 + .maxauthsize = MD5_DIGEST_SIZE, 1664 + }, 1665 + .class1_alg_type = 0, 1666 + .class2_alg_type = OP_ALG_ALGSEL_MD5 | OP_ALG_AAI_HMAC_PRECOMP, 1667 + .alg_op = OP_ALG_ALGSEL_MD5 | OP_ALG_AAI_HMAC, 1668 + }, 1669 + { 1670 + .name = "authenc(hmac(sha1),ecb(cipher_null))", 1671 + .driver_name = "authenc-hmac-sha1-ecb-cipher_null-caam", 1672 + .blocksize = NULL_BLOCK_SIZE, 1673 + .type = CRYPTO_ALG_TYPE_AEAD, 1674 + .template_aead = { 1675 + .setkey = aead_setkey, 1676 + .setauthsize = aead_setauthsize, 1677 + .encrypt = aead_encrypt, 1678 + .decrypt = aead_decrypt, 1679 + .givencrypt = aead_null_givencrypt, 1680 + .geniv = "<built-in>", 1681 + .ivsize = NULL_IV_SIZE, 1682 + .maxauthsize = SHA1_DIGEST_SIZE, 1683 + }, 1684 + .class1_alg_type = 0, 1685 + .class2_alg_type = OP_ALG_ALGSEL_SHA1 | OP_ALG_AAI_HMAC_PRECOMP, 1686 + .alg_op = OP_ALG_ALGSEL_SHA1 | OP_ALG_AAI_HMAC, 1687 + }, 1688 + { 1689 + .name = "authenc(hmac(sha224),ecb(cipher_null))", 1690 + .driver_name = "authenc-hmac-sha224-ecb-cipher_null-caam", 1691 + .blocksize = NULL_BLOCK_SIZE, 1692 + .type = CRYPTO_ALG_TYPE_AEAD, 1693 + .template_aead = { 1694 + .setkey = aead_setkey, 1695 + .setauthsize = aead_setauthsize, 1696 + .encrypt = aead_encrypt, 1697 + .decrypt = aead_decrypt, 1698 + .givencrypt = aead_null_givencrypt, 1699 + .geniv = "<built-in>", 1700 + .ivsize = NULL_IV_SIZE, 1701 + .maxauthsize = SHA224_DIGEST_SIZE, 1702 + }, 1703 + .class1_alg_type = 0, 1704 + .class2_alg_type = OP_ALG_ALGSEL_SHA224 | 1705 + OP_ALG_AAI_HMAC_PRECOMP, 1706 + .alg_op = OP_ALG_ALGSEL_SHA224 | OP_ALG_AAI_HMAC, 1707 + }, 1708 + { 1709 + .name = "authenc(hmac(sha256),ecb(cipher_null))", 1710 + .driver_name = "authenc-hmac-sha256-ecb-cipher_null-caam", 1711 + .blocksize = NULL_BLOCK_SIZE, 1712 + .type = CRYPTO_ALG_TYPE_AEAD, 1713 + .template_aead = { 1714 + .setkey = aead_setkey, 1715 + .setauthsize = aead_setauthsize, 1716 + .encrypt = aead_encrypt, 1717 + .decrypt = aead_decrypt, 1718 + .givencrypt = aead_null_givencrypt, 1719 + .geniv = "<built-in>", 1720 + .ivsize = NULL_IV_SIZE, 1721 + .maxauthsize = SHA256_DIGEST_SIZE, 1722 + }, 1723 + .class1_alg_type = 0, 1724 + .class2_alg_type = OP_ALG_ALGSEL_SHA256 | 1725 + OP_ALG_AAI_HMAC_PRECOMP, 1726 + .alg_op = OP_ALG_ALGSEL_SHA256 | OP_ALG_AAI_HMAC, 1727 + }, 1728 + { 1729 + .name = "authenc(hmac(sha384),ecb(cipher_null))", 1730 + .driver_name = "authenc-hmac-sha384-ecb-cipher_null-caam", 1731 + .blocksize = NULL_BLOCK_SIZE, 1732 + .type = CRYPTO_ALG_TYPE_AEAD, 1733 + .template_aead = { 1734 + .setkey = aead_setkey, 1735 + .setauthsize = aead_setauthsize, 1736 + .encrypt = aead_encrypt, 1737 + .decrypt = aead_decrypt, 1738 + .givencrypt = aead_null_givencrypt, 1739 + .geniv = "<built-in>", 1740 + .ivsize = NULL_IV_SIZE, 1741 + .maxauthsize = SHA384_DIGEST_SIZE, 1742 + }, 1743 + .class1_alg_type = 0, 1744 + .class2_alg_type = OP_ALG_ALGSEL_SHA384 | 1745 + OP_ALG_AAI_HMAC_PRECOMP, 1746 + .alg_op = OP_ALG_ALGSEL_SHA384 | OP_ALG_AAI_HMAC, 1747 + }, 1748 + { 1749 + .name = "authenc(hmac(sha512),ecb(cipher_null))", 1750 + .driver_name = "authenc-hmac-sha512-ecb-cipher_null-caam", 1751 + .blocksize = NULL_BLOCK_SIZE, 1752 + .type = CRYPTO_ALG_TYPE_AEAD, 1753 + .template_aead = { 1754 + .setkey = aead_setkey, 1755 + .setauthsize = aead_setauthsize, 1756 + .encrypt = aead_encrypt, 1757 + .decrypt = aead_decrypt, 1758 + .givencrypt = aead_null_givencrypt, 1759 + .geniv = "<built-in>", 1760 + .ivsize = NULL_IV_SIZE, 1761 + .maxauthsize = SHA512_DIGEST_SIZE, 1762 + }, 1763 + .class1_alg_type = 0, 1764 + .class2_alg_type = OP_ALG_ALGSEL_SHA512 | 1765 + OP_ALG_AAI_HMAC_PRECOMP, 1766 + .alg_op = OP_ALG_ALGSEL_SHA512 | OP_ALG_AAI_HMAC, 1767 + }, 1813 1768 { 1814 1769 .name = "authenc(hmac(md5),cbc(aes))", 1815 1770 .driver_name = "authenc-hmac-md5-cbc-aes-caam", ··· 2379 2098 !dma_mapping_error(ctx->jrdev, ctx->sh_desc_givenc_dma)) 2380 2099 dma_unmap_single(ctx->jrdev, ctx->sh_desc_givenc_dma, 2381 2100 desc_bytes(ctx->sh_desc_givenc), 2101 + DMA_TO_DEVICE); 2102 + if (ctx->key_dma && 2103 + !dma_mapping_error(ctx->jrdev, ctx->key_dma)) 2104 + dma_unmap_single(ctx->jrdev, ctx->key_dma, 2105 + ctx->enckeylen + ctx->split_key_pad_len, 2382 2106 DMA_TO_DEVICE); 2383 2107 2384 2108 caam_jr_free(ctx->jrdev);

+10 -7

drivers/crypto/caam/caamrng.c

··· 76 76 struct buf_data bufs[2]; 77 77 }; 78 78 79 - static struct caam_rng_ctx rng_ctx; 79 + static struct caam_rng_ctx *rng_ctx; 80 80 81 81 static inline void rng_unmap_buf(struct device *jrdev, struct buf_data *bd) 82 82 { ··· 137 137 138 138 static int caam_read(struct hwrng *rng, void *data, size_t max, bool wait) 139 139 { 140 - struct caam_rng_ctx *ctx = &rng_ctx; 140 + struct caam_rng_ctx *ctx = rng_ctx; 141 141 struct buf_data *bd = &ctx->bufs[ctx->current_buf]; 142 142 int next_buf_idx, copied_idx; 143 143 int err; ··· 237 237 struct buf_data *bd; 238 238 239 239 for (i = 0; i < 2; i++) { 240 - bd = &rng_ctx.bufs[i]; 240 + bd = &rng_ctx->bufs[i]; 241 241 if (atomic_read(&bd->empty) == BUF_PENDING) 242 242 wait_for_completion(&bd->filled); 243 243 } 244 244 245 - rng_unmap_ctx(&rng_ctx); 245 + rng_unmap_ctx(rng_ctx); 246 246 } 247 247 248 248 static void caam_init_buf(struct caam_rng_ctx *ctx, int buf_id) ··· 273 273 274 274 static void __exit caam_rng_exit(void) 275 275 { 276 - caam_jr_free(rng_ctx.jrdev); 276 + caam_jr_free(rng_ctx->jrdev); 277 277 hwrng_unregister(&caam_rng); 278 + kfree(rng_ctx); 278 279 } 279 280 280 281 static int __init caam_rng_init(void) ··· 287 286 pr_err("Job Ring Device allocation for transform failed\n"); 288 287 return PTR_ERR(dev); 289 288 } 290 - 291 - caam_init_rng(&rng_ctx, dev); 289 + rng_ctx = kmalloc(sizeof(struct caam_rng_ctx), GFP_DMA); 290 + if (!rng_ctx) 291 + return -ENOMEM; 292 + caam_init_rng(rng_ctx, dev); 292 293 293 294 dev_info(dev, "registering rng-caam\n"); 294 295 return hwrng_register(&caam_rng);

+1

drivers/crypto/caam/compat.h

··· 26 26 #include <net/xfrm.h> 27 27 28 28 #include <crypto/algapi.h> 29 + #include <crypto/null.h> 29 30 #include <crypto/aes.h> 30 31 #include <crypto/des.h> 31 32 #include <crypto/sha.h>

+16 -45

drivers/crypto/caam/ctrl.c

··· 14 14 #include "jr.h" 15 15 #include "desc_constr.h" 16 16 #include "error.h" 17 - #include "ctrl.h" 18 17 19 18 /* 20 19 * Descriptor to instantiate RNG State Handle 0 in normal mode and ··· 351 352 352 353 /** 353 354 * caam_get_era() - Return the ERA of the SEC on SoC, based 354 - * on the SEC_VID register. 355 - * Returns the ERA number (1..4) or -ENOTSUPP if the ERA is unknown. 356 - * @caam_id - the value of the SEC_VID register 355 + * on "sec-era" propery in the DTS. This property is updated by u-boot. 357 356 **/ 358 - int caam_get_era(u64 caam_id) 357 + int caam_get_era(void) 359 358 { 360 - struct sec_vid *sec_vid = (struct sec_vid *)&caam_id; 361 - static const struct { 362 - u16 ip_id; 363 - u8 maj_rev; 364 - u8 era; 365 - } caam_eras[] = { 366 - {0x0A10, 1, 1}, 367 - {0x0A10, 2, 2}, 368 - {0x0A12, 1, 3}, 369 - {0x0A14, 1, 3}, 370 - {0x0A14, 2, 4}, 371 - {0x0A16, 1, 4}, 372 - {0x0A11, 1, 4} 373 - }; 374 - int i; 375 - 376 - for (i = 0; i < ARRAY_SIZE(caam_eras); i++) 377 - if (caam_eras[i].ip_id == sec_vid->ip_id && 378 - caam_eras[i].maj_rev == sec_vid->maj_rev) 379 - return caam_eras[i].era; 359 + struct device_node *caam_node; 360 + for_each_compatible_node(caam_node, NULL, "fsl,sec-v4.0") { 361 + const uint32_t *prop = (uint32_t *)of_get_property(caam_node, 362 + "fsl,sec-era", 363 + NULL); 364 + return prop ? *prop : -ENOTSUPP; 365 + } 380 366 381 367 return -ENOTSUPP; 382 368 } ··· 427 443 * for all, then go probe each one. 428 444 */ 429 445 rspec = 0; 430 - for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring") 431 - rspec++; 432 - if (!rspec) { 433 - /* for backward compatible with device trees */ 434 - for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring") 446 + for_each_available_child_of_node(nprop, np) 447 + if (of_device_is_compatible(np, "fsl,sec-v4.0-job-ring") || 448 + of_device_is_compatible(np, "fsl,sec4.0-job-ring")) 435 449 rspec++; 436 - } 437 450 438 451 ctrlpriv->jrpdev = kzalloc(sizeof(struct platform_device *) * rspec, 439 452 GFP_KERNEL); ··· 441 460 442 461 ring = 0; 443 462 ctrlpriv->total_jobrs = 0; 444 - for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring") { 445 - ctrlpriv->jrpdev[ring] = 446 - of_platform_device_create(np, NULL, dev); 447 - if (!ctrlpriv->jrpdev[ring]) { 448 - pr_warn("JR%d Platform device creation error\n", ring); 449 - continue; 450 - } 451 - ctrlpriv->total_jobrs++; 452 - ring++; 453 - } 454 - if (!ring) { 455 - for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring") { 463 + for_each_available_child_of_node(nprop, np) 464 + if (of_device_is_compatible(np, "fsl,sec-v4.0-job-ring") || 465 + of_device_is_compatible(np, "fsl,sec4.0-job-ring")) { 456 466 ctrlpriv->jrpdev[ring] = 457 467 of_platform_device_create(np, NULL, dev); 458 468 if (!ctrlpriv->jrpdev[ring]) { ··· 454 482 ctrlpriv->total_jobrs++; 455 483 ring++; 456 484 } 457 - } 458 485 459 486 /* Check to see if QI present. If so, enable */ 460 487 ctrlpriv->qi_present = !!(rd_reg64(&topregs->ctrl.perfmon.comp_parms) & ··· 535 564 536 565 /* Report "alive" for developer to see */ 537 566 dev_info(dev, "device ID = 0x%016llx (Era %d)\n", caam_id, 538 - caam_get_era(caam_id)); 567 + caam_get_era()); 539 568 dev_info(dev, "job rings = %d, qi = %d\n", 540 569 ctrlpriv->total_jobrs, ctrlpriv->qi_present); 541 570

+1 -1

drivers/crypto/caam/ctrl.h

··· 8 8 #define CTRL_H 9 9 10 10 /* Prototypes for backend-level services exposed to APIs */ 11 - int caam_get_era(u64 caam_id); 11 + int caam_get_era(void); 12 12 13 13 #endif /* CTRL_H */

+17 -10

drivers/crypto/caam/desc_constr.h

··· 155 155 append_data(desc, data, len); 156 156 } 157 157 158 - static inline u32 *append_jump(u32 *desc, u32 options) 159 - { 160 - u32 *cmd = desc_end(desc); 161 - 162 - PRINT_POS; 163 - append_cmd(desc, CMD_JUMP | options); 164 - 165 - return cmd; 158 + #define APPEND_CMD_RET(cmd, op) \ 159 + static inline u32 *append_##cmd(u32 *desc, u32 options) \ 160 + { \ 161 + u32 *cmd = desc_end(desc); \ 162 + PRINT_POS; \ 163 + append_cmd(desc, CMD_##op | options); \ 164 + return cmd; \ 166 165 } 166 + APPEND_CMD_RET(jump, JUMP) 167 + APPEND_CMD_RET(move, MOVE) 167 168 168 169 static inline void set_jump_tgt_here(u32 *desc, u32 *jump_cmd) 169 170 { 170 171 *jump_cmd = *jump_cmd | (desc_len(desc) - (jump_cmd - desc)); 172 + } 173 + 174 + static inline void set_move_tgt_here(u32 *desc, u32 *move_cmd) 175 + { 176 + *move_cmd &= ~MOVE_OFFSET_MASK; 177 + *move_cmd = *move_cmd | ((desc_len(desc) << (MOVE_OFFSET_SHIFT + 2)) & 178 + MOVE_OFFSET_MASK); 171 179 } 172 180 173 181 #define APPEND_CMD(cmd, op) \ ··· 185 177 append_cmd(desc, CMD_##op | options); \ 186 178 } 187 179 APPEND_CMD(operation, OPERATION) 188 - APPEND_CMD(move, MOVE) 189 180 190 181 #define APPEND_CMD_LEN(cmd, op) \ 191 182 static inline void append_##cmd(u32 *desc, unsigned int len, u32 options) \ ··· 335 328 do { \ 336 329 APPEND_MATH(op, desc, dest, src_0, src_1, CAAM_CMD_SZ); \ 337 330 append_cmd(desc, data); \ 338 - } while (0); 331 + } while (0) 339 332 340 333 #define append_math_add_imm_u32(desc, dest, src0, src1, data) \ 341 334 APPEND_MATH_IMM_u32(ADD, desc, dest, src0, src1, data)

+2 -2

drivers/crypto/caam/regs.h

··· 74 74 #endif 75 75 #else 76 76 #ifdef __LITTLE_ENDIAN 77 - #define wr_reg32(reg, data) __raw_writel(reg, data) 77 + #define wr_reg32(reg, data) __raw_writel(data, reg) 78 78 #define rd_reg32(reg) __raw_readl(reg) 79 79 #ifdef CONFIG_64BIT 80 - #define wr_reg64(reg, data) __raw_writeq(reg, data) 80 + #define wr_reg64(reg, data) __raw_writeq(data, reg) 81 81 #define rd_reg64(reg) __raw_readq(reg) 82 82 #endif 83 83 #endif

+90 -134

drivers/crypto/ccp/ccp-crypto-main.c

··· 11 11 */ 12 12 13 13 #include <linux/module.h> 14 + #include <linux/moduleparam.h> 14 15 #include <linux/kernel.h> 15 16 #include <linux/list.h> 16 17 #include <linux/ccp.h> ··· 25 24 MODULE_VERSION("1.0.0"); 26 25 MODULE_DESCRIPTION("AMD Cryptographic Coprocessor crypto API support"); 27 26 27 + static unsigned int aes_disable; 28 + module_param(aes_disable, uint, 0444); 29 + MODULE_PARM_DESC(aes_disable, "Disable use of AES - any non-zero value"); 30 + 31 + static unsigned int sha_disable; 32 + module_param(sha_disable, uint, 0444); 33 + MODULE_PARM_DESC(sha_disable, "Disable use of SHA - any non-zero value"); 34 + 28 35 29 36 /* List heads for the supported algorithms */ 30 37 static LIST_HEAD(hash_algs); 31 38 static LIST_HEAD(cipher_algs); 32 39 33 - /* For any tfm, requests for that tfm on the same CPU must be returned 34 - * in the order received. With multiple queues available, the CCP can 35 - * process more than one cmd at a time. Therefore we must maintain 36 - * a cmd list to insure the proper ordering of requests on a given tfm/cpu 37 - * combination. 40 + /* For any tfm, requests for that tfm must be returned on the order 41 + * received. With multiple queues available, the CCP can process more 42 + * than one cmd at a time. Therefore we must maintain a cmd list to insure 43 + * the proper ordering of requests on a given tfm. 38 44 */ 39 - struct ccp_crypto_cpu_queue { 45 + struct ccp_crypto_queue { 40 46 struct list_head cmds; 41 47 struct list_head *backlog; 42 48 unsigned int cmd_count; 43 49 }; 44 - #define CCP_CRYPTO_MAX_QLEN 50 50 + #define CCP_CRYPTO_MAX_QLEN 100 45 51 46 - struct ccp_crypto_percpu_queue { 47 - struct ccp_crypto_cpu_queue __percpu *cpu_queue; 48 - }; 49 - static struct ccp_crypto_percpu_queue req_queue; 52 + static struct ccp_crypto_queue req_queue; 53 + static spinlock_t req_queue_lock; 50 54 51 55 struct ccp_crypto_cmd { 52 56 struct list_head entry; ··· 68 62 69 63 /* Used for held command processing to determine state */ 70 64 int ret; 71 - 72 - int cpu; 73 65 }; 74 66 75 67 struct ccp_crypto_cpu { ··· 86 82 return true; 87 83 } 88 84 89 - /* 90 - * ccp_crypto_cmd_complete must be called while running on the appropriate 91 - * cpu and the caller must have done a get_cpu to disable preemption 92 - */ 93 85 static struct ccp_crypto_cmd *ccp_crypto_cmd_complete( 94 86 struct ccp_crypto_cmd *crypto_cmd, struct ccp_crypto_cmd **backlog) 95 87 { 96 - struct ccp_crypto_cpu_queue *cpu_queue; 97 88 struct ccp_crypto_cmd *held = NULL, *tmp; 89 + unsigned long flags; 98 90 99 91 *backlog = NULL; 100 92 101 - cpu_queue = this_cpu_ptr(req_queue.cpu_queue); 93 + spin_lock_irqsave(&req_queue_lock, flags); 102 94 103 95 /* Held cmds will be after the current cmd in the queue so start 104 96 * searching for a cmd with a matching tfm for submission. 105 97 */ 106 98 tmp = crypto_cmd; 107 - list_for_each_entry_continue(tmp, &cpu_queue->cmds, entry) { 99 + list_for_each_entry_continue(tmp, &req_queue.cmds, entry) { 108 100 if (crypto_cmd->tfm != tmp->tfm) 109 101 continue; 110 102 held = tmp; ··· 111 111 * Because cmds can be executed from any point in the cmd list 112 112 * special precautions have to be taken when handling the backlog. 113 113 */ 114 - if (cpu_queue->backlog != &cpu_queue->cmds) { 114 + if (req_queue.backlog != &req_queue.cmds) { 115 115 /* Skip over this cmd if it is the next backlog cmd */ 116 - if (cpu_queue->backlog == &crypto_cmd->entry) 117 - cpu_queue->backlog = crypto_cmd->entry.next; 116 + if (req_queue.backlog == &crypto_cmd->entry) 117 + req_queue.backlog = crypto_cmd->entry.next; 118 118 119 - *backlog = container_of(cpu_queue->backlog, 119 + *backlog = container_of(req_queue.backlog, 120 120 struct ccp_crypto_cmd, entry); 121 - cpu_queue->backlog = cpu_queue->backlog->next; 121 + req_queue.backlog = req_queue.backlog->next; 122 122 123 123 /* Skip over this cmd if it is now the next backlog cmd */ 124 - if (cpu_queue->backlog == &crypto_cmd->entry) 125 - cpu_queue->backlog = crypto_cmd->entry.next; 124 + if (req_queue.backlog == &crypto_cmd->entry) 125 + req_queue.backlog = crypto_cmd->entry.next; 126 126 } 127 127 128 128 /* Remove the cmd entry from the list of cmds */ 129 - cpu_queue->cmd_count--; 129 + req_queue.cmd_count--; 130 130 list_del(&crypto_cmd->entry); 131 + 132 + spin_unlock_irqrestore(&req_queue_lock, flags); 131 133 132 134 return held; 133 135 } 134 136 135 - static void ccp_crypto_complete_on_cpu(struct work_struct *work) 137 + static void ccp_crypto_complete(void *data, int err) 136 138 { 137 - struct ccp_crypto_cpu *cpu_work = 138 - container_of(work, struct ccp_crypto_cpu, work); 139 - struct ccp_crypto_cmd *crypto_cmd = cpu_work->crypto_cmd; 139 + struct ccp_crypto_cmd *crypto_cmd = data; 140 140 struct ccp_crypto_cmd *held, *next, *backlog; 141 141 struct crypto_async_request *req = crypto_cmd->req; 142 142 struct ccp_ctx *ctx = crypto_tfm_ctx(req->tfm); 143 - int cpu, ret; 143 + int ret; 144 144 145 - cpu = get_cpu(); 146 - 147 - if (cpu_work->err == -EINPROGRESS) { 145 + if (err == -EINPROGRESS) { 148 146 /* Only propogate the -EINPROGRESS if necessary */ 149 147 if (crypto_cmd->ret == -EBUSY) { 150 148 crypto_cmd->ret = -EINPROGRESS; 151 149 req->complete(req, -EINPROGRESS); 152 150 } 153 151 154 - goto e_cpu; 152 + return; 155 153 } 156 154 157 155 /* Operation has completed - update the queue before invoking ··· 167 169 req->complete(req, -EINPROGRESS); 168 170 169 171 /* Completion callbacks */ 170 - ret = cpu_work->err; 172 + ret = err; 171 173 if (ctx->complete) 172 174 ret = ctx->complete(req, ret); 173 175 req->complete(req, ret); 174 176 175 177 /* Submit the next cmd */ 176 178 while (held) { 179 + /* Since we have already queued the cmd, we must indicate that 180 + * we can backlog so as not to "lose" this request. 181 + */ 182 + held->cmd->flags |= CCP_CMD_MAY_BACKLOG; 177 183 ret = ccp_enqueue_cmd(held->cmd); 178 184 if (ccp_crypto_success(ret)) 179 185 break; 180 186 181 187 /* Error occurred, report it and get the next entry */ 188 + ctx = crypto_tfm_ctx(held->req->tfm); 189 + if (ctx->complete) 190 + ret = ctx->complete(held->req, ret); 182 191 held->req->complete(held->req, ret); 183 192 184 193 next = ccp_crypto_cmd_complete(held, &backlog); ··· 199 194 } 200 195 201 196 kfree(crypto_cmd); 202 - 203 - e_cpu: 204 - put_cpu(); 205 - 206 - complete(&cpu_work->completion); 207 - } 208 - 209 - static void ccp_crypto_complete(void *data, int err) 210 - { 211 - struct ccp_crypto_cmd *crypto_cmd = data; 212 - struct ccp_crypto_cpu cpu_work; 213 - 214 - INIT_WORK(&cpu_work.work, ccp_crypto_complete_on_cpu); 215 - init_completion(&cpu_work.completion); 216 - cpu_work.crypto_cmd = crypto_cmd; 217 - cpu_work.err = err; 218 - 219 - schedule_work_on(crypto_cmd->cpu, &cpu_work.work); 220 - 221 - /* Keep the completion call synchronous */ 222 - wait_for_completion(&cpu_work.completion); 223 197 } 224 198 225 199 static int ccp_crypto_enqueue_cmd(struct ccp_crypto_cmd *crypto_cmd) 226 200 { 227 - struct ccp_crypto_cpu_queue *cpu_queue; 228 201 struct ccp_crypto_cmd *active = NULL, *tmp; 229 - int cpu, ret; 202 + unsigned long flags; 203 + bool free_cmd = true; 204 + int ret; 230 205 231 - cpu = get_cpu(); 232 - crypto_cmd->cpu = cpu; 233 - 234 - cpu_queue = this_cpu_ptr(req_queue.cpu_queue); 206 + spin_lock_irqsave(&req_queue_lock, flags); 235 207 236 208 /* Check if the cmd can/should be queued */ 237 - if (cpu_queue->cmd_count >= CCP_CRYPTO_MAX_QLEN) { 209 + if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) { 238 210 ret = -EBUSY; 239 211 if (!(crypto_cmd->cmd->flags & CCP_CMD_MAY_BACKLOG)) 240 - goto e_cpu; 212 + goto e_lock; 241 213 } 242 214 243 215 /* Look for an entry with the same tfm. If there is a cmd 244 - * with the same tfm in the list for this cpu then the current 245 - * cmd cannot be submitted to the CCP yet. 216 + * with the same tfm in the list then the current cmd cannot 217 + * be submitted to the CCP yet. 246 218 */ 247 - list_for_each_entry(tmp, &cpu_queue->cmds, entry) { 219 + list_for_each_entry(tmp, &req_queue.cmds, entry) { 248 220 if (crypto_cmd->tfm != tmp->tfm) 249 221 continue; 250 222 active = tmp; ··· 232 250 if (!active) { 233 251 ret = ccp_enqueue_cmd(crypto_cmd->cmd); 234 252 if (!ccp_crypto_success(ret)) 235 - goto e_cpu; 253 + goto e_lock; /* Error, don't queue it */ 254 + if ((ret == -EBUSY) && 255 + !(crypto_cmd->cmd->flags & CCP_CMD_MAY_BACKLOG)) 256 + goto e_lock; /* Not backlogging, don't queue it */ 236 257 } 237 258 238 - if (cpu_queue->cmd_count >= CCP_CRYPTO_MAX_QLEN) { 259 + if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) { 239 260 ret = -EBUSY; 240 - if (cpu_queue->backlog == &cpu_queue->cmds) 241 - cpu_queue->backlog = &crypto_cmd->entry; 261 + if (req_queue.backlog == &req_queue.cmds) 262 + req_queue.backlog = &crypto_cmd->entry; 242 263 } 243 264 crypto_cmd->ret = ret; 244 265 245 - cpu_queue->cmd_count++; 246 - list_add_tail(&crypto_cmd->entry, &cpu_queue->cmds); 266 + req_queue.cmd_count++; 267 + list_add_tail(&crypto_cmd->entry, &req_queue.cmds); 247 268 248 - e_cpu: 249 - put_cpu(); 269 + free_cmd = false; 270 + 271 + e_lock: 272 + spin_unlock_irqrestore(&req_queue_lock, flags); 273 + 274 + if (free_cmd) 275 + kfree(crypto_cmd); 250 276 251 277 return ret; 252 278 } ··· 271 281 { 272 282 struct ccp_crypto_cmd *crypto_cmd; 273 283 gfp_t gfp; 274 - int ret; 275 284 276 285 gfp = req->flags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : GFP_ATOMIC; 277 286 ··· 295 306 else 296 307 cmd->flags &= ~CCP_CMD_MAY_BACKLOG; 297 308 298 - ret = ccp_crypto_enqueue_cmd(crypto_cmd); 299 - if (!ccp_crypto_success(ret)) 300 - kfree(crypto_cmd); 301 - 302 - return ret; 309 + return ccp_crypto_enqueue_cmd(crypto_cmd); 303 310 } 304 311 305 312 struct scatterlist *ccp_crypto_sg_table_add(struct sg_table *table, ··· 322 337 { 323 338 int ret; 324 339 325 - ret = ccp_register_aes_algs(&cipher_algs); 326 - if (ret) 327 - return ret; 340 + if (!aes_disable) { 341 + ret = ccp_register_aes_algs(&cipher_algs); 342 + if (ret) 343 + return ret; 328 344 329 - ret = ccp_register_aes_cmac_algs(&hash_algs); 330 - if (ret) 331 - return ret; 345 + ret = ccp_register_aes_cmac_algs(&hash_algs); 346 + if (ret) 347 + return ret; 332 348 333 - ret = ccp_register_aes_xts_algs(&cipher_algs); 334 - if (ret) 335 - return ret; 349 + ret = ccp_register_aes_xts_algs(&cipher_algs); 350 + if (ret) 351 + return ret; 352 + } 336 353 337 - ret = ccp_register_sha_algs(&hash_algs); 338 - if (ret) 339 - return ret; 354 + if (!sha_disable) { 355 + ret = ccp_register_sha_algs(&hash_algs); 356 + if (ret) 357 + return ret; 358 + } 340 359 341 360 return 0; 342 361 } ··· 363 374 } 364 375 } 365 376 366 - static int ccp_init_queues(void) 367 - { 368 - struct ccp_crypto_cpu_queue *cpu_queue; 369 - int cpu; 370 - 371 - req_queue.cpu_queue = alloc_percpu(struct ccp_crypto_cpu_queue); 372 - if (!req_queue.cpu_queue) 373 - return -ENOMEM; 374 - 375 - for_each_possible_cpu(cpu) { 376 - cpu_queue = per_cpu_ptr(req_queue.cpu_queue, cpu); 377 - INIT_LIST_HEAD(&cpu_queue->cmds); 378 - cpu_queue->backlog = &cpu_queue->cmds; 379 - cpu_queue->cmd_count = 0; 380 - } 381 - 382 - return 0; 383 - } 384 - 385 - static void ccp_fini_queue(void) 386 - { 387 - struct ccp_crypto_cpu_queue *cpu_queue; 388 - int cpu; 389 - 390 - for_each_possible_cpu(cpu) { 391 - cpu_queue = per_cpu_ptr(req_queue.cpu_queue, cpu); 392 - BUG_ON(!list_empty(&cpu_queue->cmds)); 393 - } 394 - free_percpu(req_queue.cpu_queue); 395 - } 396 - 397 377 static int ccp_crypto_init(void) 398 378 { 399 379 int ret; 400 380 401 - ret = ccp_init_queues(); 402 - if (ret) 403 - return ret; 381 + spin_lock_init(&req_queue_lock); 382 + INIT_LIST_HEAD(&req_queue.cmds); 383 + req_queue.backlog = &req_queue.cmds; 384 + req_queue.cmd_count = 0; 404 385 405 386 ret = ccp_register_algs(); 406 - if (ret) { 387 + if (ret) 407 388 ccp_unregister_algs(); 408 - ccp_fini_queue(); 409 - } 410 389 411 390 return ret; 412 391 } ··· 382 425 static void ccp_crypto_exit(void) 383 426 { 384 427 ccp_unregister_algs(); 385 - ccp_fini_queue(); 386 428 } 387 429 388 430 module_init(ccp_crypto_init);

+25 -105

drivers/crypto/ccp/ccp-crypto-sha.c

··· 24 24 #include "ccp-crypto.h" 25 25 26 26 27 - struct ccp_sha_result { 28 - struct completion completion; 29 - int err; 30 - }; 31 - 32 - static void ccp_sync_hash_complete(struct crypto_async_request *req, int err) 33 - { 34 - struct ccp_sha_result *result = req->data; 35 - 36 - if (err == -EINPROGRESS) 37 - return; 38 - 39 - result->err = err; 40 - complete(&result->completion); 41 - } 42 - 43 - static int ccp_sync_hash(struct crypto_ahash *tfm, u8 *buf, 44 - struct scatterlist *sg, unsigned int len) 45 - { 46 - struct ccp_sha_result result; 47 - struct ahash_request *req; 48 - int ret; 49 - 50 - init_completion(&result.completion); 51 - 52 - req = ahash_request_alloc(tfm, GFP_KERNEL); 53 - if (!req) 54 - return -ENOMEM; 55 - 56 - ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 57 - ccp_sync_hash_complete, &result); 58 - ahash_request_set_crypt(req, sg, buf, len); 59 - 60 - ret = crypto_ahash_digest(req); 61 - if ((ret == -EINPROGRESS) || (ret == -EBUSY)) { 62 - ret = wait_for_completion_interruptible(&result.completion); 63 - if (!ret) 64 - ret = result.err; 65 - } 66 - 67 - ahash_request_free(req); 68 - 69 - return ret; 70 - } 71 - 72 - static int ccp_sha_finish_hmac(struct crypto_async_request *async_req) 73 - { 74 - struct ahash_request *req = ahash_request_cast(async_req); 75 - struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 76 - struct ccp_ctx *ctx = crypto_ahash_ctx(tfm); 77 - struct ccp_sha_req_ctx *rctx = ahash_request_ctx(req); 78 - struct scatterlist sg[2]; 79 - unsigned int block_size = 80 - crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm)); 81 - unsigned int digest_size = crypto_ahash_digestsize(tfm); 82 - 83 - sg_init_table(sg, ARRAY_SIZE(sg)); 84 - sg_set_buf(&sg[0], ctx->u.sha.opad, block_size); 85 - sg_set_buf(&sg[1], rctx->ctx, digest_size); 86 - 87 - return ccp_sync_hash(ctx->u.sha.hmac_tfm, req->result, sg, 88 - block_size + digest_size); 89 - } 90 - 91 27 static int ccp_sha_complete(struct crypto_async_request *async_req, int ret) 92 28 { 93 29 struct ahash_request *req = ahash_request_cast(async_req); 94 30 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 95 - struct ccp_ctx *ctx = crypto_ahash_ctx(tfm); 96 31 struct ccp_sha_req_ctx *rctx = ahash_request_ctx(req); 97 32 unsigned int digest_size = crypto_ahash_digestsize(tfm); 98 33 ··· 47 112 if (req->result) 48 113 memcpy(req->result, rctx->ctx, digest_size); 49 114 50 - /* If we're doing an HMAC, we need to perform that on the final op */ 51 - if (rctx->final && ctx->u.sha.key_len) 52 - ret = ccp_sha_finish_hmac(async_req); 53 - 54 115 e_free: 55 116 sg_free_table(&rctx->data_sg); 56 117 ··· 57 126 unsigned int final) 58 127 { 59 128 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 129 + struct ccp_ctx *ctx = crypto_ahash_ctx(tfm); 60 130 struct ccp_sha_req_ctx *rctx = ahash_request_ctx(req); 61 131 struct scatterlist *sg; 62 132 unsigned int block_size = ··· 128 196 rctx->cmd.u.sha.ctx_len = sizeof(rctx->ctx); 129 197 rctx->cmd.u.sha.src = sg; 130 198 rctx->cmd.u.sha.src_len = rctx->hash_cnt; 199 + rctx->cmd.u.sha.opad = ctx->u.sha.key_len ? 200 + &ctx->u.sha.opad_sg : NULL; 201 + rctx->cmd.u.sha.opad_len = ctx->u.sha.key_len ? 202 + ctx->u.sha.opad_count : 0; 203 + rctx->cmd.u.sha.first = rctx->first; 131 204 rctx->cmd.u.sha.final = rctx->final; 132 205 rctx->cmd.u.sha.msg_bits = rctx->msg_bits; 133 206 ··· 155 218 156 219 memset(rctx, 0, sizeof(*rctx)); 157 220 158 - memcpy(rctx->ctx, alg->init, sizeof(rctx->ctx)); 159 221 rctx->type = alg->type; 160 222 rctx->first = 1; 161 223 ··· 197 261 unsigned int key_len) 198 262 { 199 263 struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm)); 200 - struct scatterlist sg; 201 - unsigned int block_size = 202 - crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm)); 203 - unsigned int digest_size = crypto_ahash_digestsize(tfm); 264 + struct crypto_shash *shash = ctx->u.sha.hmac_tfm; 265 + struct { 266 + struct shash_desc sdesc; 267 + char ctx[crypto_shash_descsize(shash)]; 268 + } desc; 269 + unsigned int block_size = crypto_shash_blocksize(shash); 270 + unsigned int digest_size = crypto_shash_digestsize(shash); 204 271 int i, ret; 205 272 206 273 /* Set to zero until complete */ ··· 216 277 217 278 if (key_len > block_size) { 218 279 /* Must hash the input key */ 219 - sg_init_one(&sg, key, key_len); 220 - ret = ccp_sync_hash(tfm, ctx->u.sha.key, &sg, key_len); 280 + desc.sdesc.tfm = shash; 281 + desc.sdesc.flags = crypto_ahash_get_flags(tfm) & 282 + CRYPTO_TFM_REQ_MAY_SLEEP; 283 + 284 + ret = crypto_shash_digest(&desc.sdesc, key, key_len, 285 + ctx->u.sha.key); 221 286 if (ret) { 222 287 crypto_ahash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); 223 288 return -EINVAL; ··· 235 292 ctx->u.sha.ipad[i] = ctx->u.sha.key[i] ^ 0x36; 236 293 ctx->u.sha.opad[i] = ctx->u.sha.key[i] ^ 0x5c; 237 294 } 295 + 296 + sg_init_one(&ctx->u.sha.opad_sg, ctx->u.sha.opad, block_size); 297 + ctx->u.sha.opad_count = block_size; 238 298 239 299 ctx->u.sha.key_len = key_len; 240 300 ··· 265 319 { 266 320 struct ccp_ctx *ctx = crypto_tfm_ctx(tfm); 267 321 struct ccp_crypto_ahash_alg *alg = ccp_crypto_ahash_alg(tfm); 268 - struct crypto_ahash *hmac_tfm; 322 + struct crypto_shash *hmac_tfm; 269 323 270 - hmac_tfm = crypto_alloc_ahash(alg->child_alg, 271 - CRYPTO_ALG_TYPE_AHASH, 0); 324 + hmac_tfm = crypto_alloc_shash(alg->child_alg, 0, 0); 272 325 if (IS_ERR(hmac_tfm)) { 273 326 pr_warn("could not load driver %s need for HMAC support\n", 274 327 alg->child_alg); ··· 284 339 struct ccp_ctx *ctx = crypto_tfm_ctx(tfm); 285 340 286 341 if (ctx->u.sha.hmac_tfm) 287 - crypto_free_ahash(ctx->u.sha.hmac_tfm); 342 + crypto_free_shash(ctx->u.sha.hmac_tfm); 288 343 289 344 ccp_sha_cra_exit(tfm); 290 345 } 291 346 292 - static const __be32 sha1_init[CCP_SHA_CTXSIZE / sizeof(__be32)] = { 293 - cpu_to_be32(SHA1_H0), cpu_to_be32(SHA1_H1), 294 - cpu_to_be32(SHA1_H2), cpu_to_be32(SHA1_H3), 295 - cpu_to_be32(SHA1_H4), 0, 0, 0, 296 - }; 297 - 298 - static const __be32 sha224_init[CCP_SHA_CTXSIZE / sizeof(__be32)] = { 299 - cpu_to_be32(SHA224_H0), cpu_to_be32(SHA224_H1), 300 - cpu_to_be32(SHA224_H2), cpu_to_be32(SHA224_H3), 301 - cpu_to_be32(SHA224_H4), cpu_to_be32(SHA224_H5), 302 - cpu_to_be32(SHA224_H6), cpu_to_be32(SHA224_H7), 303 - }; 304 - 305 - static const __be32 sha256_init[CCP_SHA_CTXSIZE / sizeof(__be32)] = { 306 - cpu_to_be32(SHA256_H0), cpu_to_be32(SHA256_H1), 307 - cpu_to_be32(SHA256_H2), cpu_to_be32(SHA256_H3), 308 - cpu_to_be32(SHA256_H4), cpu_to_be32(SHA256_H5), 309 - cpu_to_be32(SHA256_H6), cpu_to_be32(SHA256_H7), 310 - }; 311 - 312 347 struct ccp_sha_def { 313 348 const char *name; 314 349 const char *drv_name; 315 - const __be32 *init; 316 350 enum ccp_sha_type type; 317 351 u32 digest_size; 318 352 u32 block_size; ··· 301 377 { 302 378 .name = "sha1", 303 379 .drv_name = "sha1-ccp", 304 - .init = sha1_init, 305 380 .type = CCP_SHA_TYPE_1, 306 381 .digest_size = SHA1_DIGEST_SIZE, 307 382 .block_size = SHA1_BLOCK_SIZE, ··· 308 385 { 309 386 .name = "sha224", 310 387 .drv_name = "sha224-ccp", 311 - .init = sha224_init, 312 388 .type = CCP_SHA_TYPE_224, 313 389 .digest_size = SHA224_DIGEST_SIZE, 314 390 .block_size = SHA224_BLOCK_SIZE, ··· 315 393 { 316 394 .name = "sha256", 317 395 .drv_name = "sha256-ccp", 318 - .init = sha256_init, 319 396 .type = CCP_SHA_TYPE_256, 320 397 .digest_size = SHA256_DIGEST_SIZE, 321 398 .block_size = SHA256_BLOCK_SIZE, ··· 381 460 382 461 INIT_LIST_HEAD(&ccp_alg->entry); 383 462 384 - ccp_alg->init = def->init; 385 463 ccp_alg->type = def->type; 386 464 387 465 alg = &ccp_alg->alg;

+4 -4

drivers/crypto/ccp/ccp-crypto.h

··· 137 137 #define MAX_SHA_BLOCK_SIZE SHA256_BLOCK_SIZE 138 138 139 139 struct ccp_sha_ctx { 140 + struct scatterlist opad_sg; 141 + unsigned int opad_count; 142 + 140 143 unsigned int key_len; 141 144 u8 key[MAX_SHA_BLOCK_SIZE]; 142 145 u8 ipad[MAX_SHA_BLOCK_SIZE]; 143 146 u8 opad[MAX_SHA_BLOCK_SIZE]; 144 - struct crypto_ahash *hmac_tfm; 147 + struct crypto_shash *hmac_tfm; 145 148 }; 146 149 147 150 struct ccp_sha_req_ctx { ··· 169 166 struct scatterlist buf_sg; 170 167 unsigned int buf_count; 171 168 u8 buf[MAX_SHA_BLOCK_SIZE]; 172 - 173 - /* HMAC support field */ 174 - struct scatterlist pad_sg; 175 169 176 170 /* CCP driver command */ 177 171 struct ccp_cmd cmd;

+17 -4

drivers/crypto/ccp/ccp-dev.c

··· 30 30 MODULE_VERSION("1.0.0"); 31 31 MODULE_DESCRIPTION("AMD Cryptographic Coprocessor driver"); 32 32 33 + struct ccp_tasklet_data { 34 + struct completion completion; 35 + struct ccp_cmd *cmd; 36 + }; 37 + 33 38 34 39 static struct ccp_device *ccp_dev; 35 40 static inline struct ccp_device *ccp_get_device(void) ··· 197 192 return cmd; 198 193 } 199 194 200 - static void ccp_do_cmd_complete(struct work_struct *work) 195 + static void ccp_do_cmd_complete(unsigned long data) 201 196 { 202 - struct ccp_cmd *cmd = container_of(work, struct ccp_cmd, work); 197 + struct ccp_tasklet_data *tdata = (struct ccp_tasklet_data *)data; 198 + struct ccp_cmd *cmd = tdata->cmd; 203 199 204 200 cmd->callback(cmd->data, cmd->ret); 201 + complete(&tdata->completion); 205 202 } 206 203 207 204 static int ccp_cmd_queue_thread(void *data) 208 205 { 209 206 struct ccp_cmd_queue *cmd_q = (struct ccp_cmd_queue *)data; 210 207 struct ccp_cmd *cmd; 208 + struct ccp_tasklet_data tdata; 209 + struct tasklet_struct tasklet; 210 + 211 + tasklet_init(&tasklet, ccp_do_cmd_complete, (unsigned long)&tdata); 211 212 212 213 set_current_state(TASK_INTERRUPTIBLE); 213 214 while (!kthread_should_stop()) { ··· 231 220 cmd->ret = ccp_run_cmd(cmd_q, cmd); 232 221 233 222 /* Schedule the completion callback */ 234 - INIT_WORK(&cmd->work, ccp_do_cmd_complete); 235 - schedule_work(&cmd->work); 223 + tdata.cmd = cmd; 224 + init_completion(&tdata.completion); 225 + tasklet_schedule(&tasklet); 226 + wait_for_completion(&tdata.completion); 236 227 } 237 228 238 229 __set_current_state(TASK_RUNNING);

+105 -3

drivers/crypto/ccp/ccp-ops.c

··· 23 23 #include <linux/ccp.h> 24 24 #include <linux/scatterlist.h> 25 25 #include <crypto/scatterwalk.h> 26 + #include <crypto/sha.h> 26 27 27 28 #include "ccp-dev.h" 28 29 ··· 131 130 struct ccp_passthru_op passthru; 132 131 struct ccp_ecc_op ecc; 133 132 } u; 133 + }; 134 + 135 + /* SHA initial context values */ 136 + static const __be32 ccp_sha1_init[CCP_SHA_CTXSIZE / sizeof(__be32)] = { 137 + cpu_to_be32(SHA1_H0), cpu_to_be32(SHA1_H1), 138 + cpu_to_be32(SHA1_H2), cpu_to_be32(SHA1_H3), 139 + cpu_to_be32(SHA1_H4), 0, 0, 0, 140 + }; 141 + 142 + static const __be32 ccp_sha224_init[CCP_SHA_CTXSIZE / sizeof(__be32)] = { 143 + cpu_to_be32(SHA224_H0), cpu_to_be32(SHA224_H1), 144 + cpu_to_be32(SHA224_H2), cpu_to_be32(SHA224_H3), 145 + cpu_to_be32(SHA224_H4), cpu_to_be32(SHA224_H5), 146 + cpu_to_be32(SHA224_H6), cpu_to_be32(SHA224_H7), 147 + }; 148 + 149 + static const __be32 ccp_sha256_init[CCP_SHA_CTXSIZE / sizeof(__be32)] = { 150 + cpu_to_be32(SHA256_H0), cpu_to_be32(SHA256_H1), 151 + cpu_to_be32(SHA256_H2), cpu_to_be32(SHA256_H3), 152 + cpu_to_be32(SHA256_H4), cpu_to_be32(SHA256_H5), 153 + cpu_to_be32(SHA256_H6), cpu_to_be32(SHA256_H7), 134 154 }; 135 155 136 156 /* The CCP cannot perform zero-length sha operations so the caller ··· 1433 1411 if (ret) 1434 1412 return ret; 1435 1413 1436 - ccp_set_dm_area(&ctx, 0, sha->ctx, 0, sha->ctx_len); 1414 + if (sha->first) { 1415 + const __be32 *init; 1416 + 1417 + switch (sha->type) { 1418 + case CCP_SHA_TYPE_1: 1419 + init = ccp_sha1_init; 1420 + break; 1421 + case CCP_SHA_TYPE_224: 1422 + init = ccp_sha224_init; 1423 + break; 1424 + case CCP_SHA_TYPE_256: 1425 + init = ccp_sha256_init; 1426 + break; 1427 + default: 1428 + ret = -EINVAL; 1429 + goto e_ctx; 1430 + } 1431 + memcpy(ctx.address, init, CCP_SHA_CTXSIZE); 1432 + } else 1433 + ccp_set_dm_area(&ctx, 0, sha->ctx, 0, sha->ctx_len); 1434 + 1437 1435 ret = ccp_copy_to_ksb(cmd_q, &ctx, op.jobid, op.ksb_ctx, 1438 1436 CCP_PASSTHRU_BYTESWAP_256BIT); 1439 1437 if (ret) { ··· 1492 1450 } 1493 1451 1494 1452 ccp_get_dm_area(&ctx, 0, sha->ctx, 0, sha->ctx_len); 1453 + 1454 + if (sha->final && sha->opad) { 1455 + /* HMAC operation, recursively perform final SHA */ 1456 + struct ccp_cmd hmac_cmd; 1457 + struct scatterlist sg; 1458 + u64 block_size, digest_size; 1459 + u8 *hmac_buf; 1460 + 1461 + switch (sha->type) { 1462 + case CCP_SHA_TYPE_1: 1463 + block_size = SHA1_BLOCK_SIZE; 1464 + digest_size = SHA1_DIGEST_SIZE; 1465 + break; 1466 + case CCP_SHA_TYPE_224: 1467 + block_size = SHA224_BLOCK_SIZE; 1468 + digest_size = SHA224_DIGEST_SIZE; 1469 + break; 1470 + case CCP_SHA_TYPE_256: 1471 + block_size = SHA256_BLOCK_SIZE; 1472 + digest_size = SHA256_DIGEST_SIZE; 1473 + break; 1474 + default: 1475 + ret = -EINVAL; 1476 + goto e_data; 1477 + } 1478 + 1479 + if (sha->opad_len != block_size) { 1480 + ret = -EINVAL; 1481 + goto e_data; 1482 + } 1483 + 1484 + hmac_buf = kmalloc(block_size + digest_size, GFP_KERNEL); 1485 + if (!hmac_buf) { 1486 + ret = -ENOMEM; 1487 + goto e_data; 1488 + } 1489 + sg_init_one(&sg, hmac_buf, block_size + digest_size); 1490 + 1491 + scatterwalk_map_and_copy(hmac_buf, sha->opad, 0, block_size, 0); 1492 + memcpy(hmac_buf + block_size, ctx.address, digest_size); 1493 + 1494 + memset(&hmac_cmd, 0, sizeof(hmac_cmd)); 1495 + hmac_cmd.engine = CCP_ENGINE_SHA; 1496 + hmac_cmd.u.sha.type = sha->type; 1497 + hmac_cmd.u.sha.ctx = sha->ctx; 1498 + hmac_cmd.u.sha.ctx_len = sha->ctx_len; 1499 + hmac_cmd.u.sha.src = &sg; 1500 + hmac_cmd.u.sha.src_len = block_size + digest_size; 1501 + hmac_cmd.u.sha.opad = NULL; 1502 + hmac_cmd.u.sha.opad_len = 0; 1503 + hmac_cmd.u.sha.first = 1; 1504 + hmac_cmd.u.sha.final = 1; 1505 + hmac_cmd.u.sha.msg_bits = (block_size + digest_size) << 3; 1506 + 1507 + ret = ccp_run_sha_cmd(cmd_q, &hmac_cmd); 1508 + if (ret) 1509 + cmd->engine_error = hmac_cmd.engine_error; 1510 + 1511 + kfree(hmac_buf); 1512 + } 1495 1513 1496 1514 e_data: 1497 1515 ccp_free_data(&src, cmd_q); ··· 1768 1666 1769 1667 op.dst.type = CCP_MEMTYPE_SYSTEM; 1770 1668 op.dst.u.dma.address = sg_dma_address(dst.sg_wa.sg); 1771 - op.src.u.dma.offset = dst.sg_wa.sg_used; 1772 - op.src.u.dma.length = op.src.u.dma.length; 1669 + op.dst.u.dma.offset = dst.sg_wa.sg_used; 1670 + op.dst.u.dma.length = op.src.u.dma.length; 1773 1671 1774 1672 ret = ccp_perform_passthru(&op); 1775 1673 if (ret) {

+52 -31

drivers/crypto/mxs-dcp.c

··· 29 29 #define DCP_MAX_CHANS 4 30 30 #define DCP_BUF_SZ PAGE_SIZE 31 31 32 + #define DCP_ALIGNMENT 64 33 + 32 34 /* DCP DMA descriptor. */ 33 35 struct dcp_dma_desc { 34 36 uint32_t next_cmd_addr; ··· 50 48 uint8_t sha_in_buf[DCP_BUF_SZ]; 51 49 52 50 uint8_t aes_key[2 * AES_KEYSIZE_128]; 53 - uint8_t sha_digest[SHA256_DIGEST_SIZE]; 54 51 55 52 struct dcp_dma_desc desc[DCP_MAX_CHANS]; 56 53 }; ··· 84 83 unsigned int hot:1; 85 84 86 85 /* Crypto-specific context */ 87 - unsigned int enc:1; 88 - unsigned int ecb:1; 89 86 struct crypto_ablkcipher *fallback; 90 87 unsigned int key_len; 91 88 uint8_t key[AES_KEYSIZE_128]; 89 + }; 90 + 91 + struct dcp_aes_req_ctx { 92 + unsigned int enc:1; 93 + unsigned int ecb:1; 92 94 }; 93 95 94 96 struct dcp_sha_req_ctx { ··· 194 190 /* 195 191 * Encryption (AES128) 196 192 */ 197 - static int mxs_dcp_run_aes(struct dcp_async_ctx *actx, int init) 193 + static int mxs_dcp_run_aes(struct dcp_async_ctx *actx, 194 + struct ablkcipher_request *req, int init) 198 195 { 199 196 struct dcp *sdcp = global_sdcp; 200 197 struct dcp_dma_desc *desc = &sdcp->coh->desc[actx->chan]; 198 + struct dcp_aes_req_ctx *rctx = ablkcipher_request_ctx(req); 201 199 int ret; 202 200 203 201 dma_addr_t key_phys = dma_map_single(sdcp->dev, sdcp->coh->aes_key, ··· 218 212 /* Payload contains the key. */ 219 213 desc->control0 |= MXS_DCP_CONTROL0_PAYLOAD_KEY; 220 214 221 - if (actx->enc) 215 + if (rctx->enc) 222 216 desc->control0 |= MXS_DCP_CONTROL0_CIPHER_ENCRYPT; 223 217 if (init) 224 218 desc->control0 |= MXS_DCP_CONTROL0_CIPHER_INIT; 225 219 226 220 desc->control1 = MXS_DCP_CONTROL1_CIPHER_SELECT_AES128; 227 221 228 - if (actx->ecb) 222 + if (rctx->ecb) 229 223 desc->control1 |= MXS_DCP_CONTROL1_CIPHER_MODE_ECB; 230 224 else 231 225 desc->control1 |= MXS_DCP_CONTROL1_CIPHER_MODE_CBC; ··· 253 247 254 248 struct ablkcipher_request *req = ablkcipher_request_cast(arq); 255 249 struct dcp_async_ctx *actx = crypto_tfm_ctx(arq->tfm); 250 + struct dcp_aes_req_ctx *rctx = ablkcipher_request_ctx(req); 256 251 257 252 struct scatterlist *dst = req->dst; 258 253 struct scatterlist *src = req->src; ··· 278 271 /* Copy the key from the temporary location. */ 279 272 memcpy(key, actx->key, actx->key_len); 280 273 281 - if (!actx->ecb) { 274 + if (!rctx->ecb) { 282 275 /* Copy the CBC IV just past the key. */ 283 276 memcpy(key + AES_KEYSIZE_128, req->info, AES_KEYSIZE_128); 284 277 /* CBC needs the INIT set. */ ··· 307 300 * submit the buffer. 308 301 */ 309 302 if (actx->fill == out_off || sg_is_last(src)) { 310 - ret = mxs_dcp_run_aes(actx, init); 303 + ret = mxs_dcp_run_aes(actx, req, init); 311 304 if (ret) 312 305 return ret; 313 306 init = 0; ··· 398 391 struct dcp *sdcp = global_sdcp; 399 392 struct crypto_async_request *arq = &req->base; 400 393 struct dcp_async_ctx *actx = crypto_tfm_ctx(arq->tfm); 394 + struct dcp_aes_req_ctx *rctx = ablkcipher_request_ctx(req); 401 395 int ret; 402 396 403 397 if (unlikely(actx->key_len != AES_KEYSIZE_128)) 404 398 return mxs_dcp_block_fallback(req, enc); 405 399 406 - actx->enc = enc; 407 - actx->ecb = ecb; 400 + rctx->enc = enc; 401 + rctx->ecb = ecb; 408 402 actx->chan = DCP_CHAN_CRYPTO; 409 403 410 404 mutex_lock(&sdcp->mutex[actx->chan]); ··· 492 484 return PTR_ERR(blk); 493 485 494 486 actx->fallback = blk; 495 - tfm->crt_ablkcipher.reqsize = sizeof(struct dcp_async_ctx); 487 + tfm->crt_ablkcipher.reqsize = sizeof(struct dcp_aes_req_ctx); 496 488 return 0; 497 489 } 498 490 ··· 515 507 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 516 508 struct dcp_async_ctx *actx = crypto_ahash_ctx(tfm); 517 509 struct dcp_sha_req_ctx *rctx = ahash_request_ctx(req); 510 + struct hash_alg_common *halg = crypto_hash_alg_common(tfm); 518 511 519 512 struct dcp_dma_desc *desc = &sdcp->coh->desc[actx->chan]; 520 - dma_addr_t digest_phys = dma_map_single(sdcp->dev, 521 - sdcp->coh->sha_digest, 522 - SHA256_DIGEST_SIZE, 523 - DMA_FROM_DEVICE); 524 513 514 + dma_addr_t digest_phys = 0; 525 515 dma_addr_t buf_phys = dma_map_single(sdcp->dev, sdcp->coh->sha_in_buf, 526 516 DCP_BUF_SZ, DMA_TO_DEVICE); 527 517 ··· 540 534 541 535 /* Set HASH_TERM bit for last transfer block. */ 542 536 if (rctx->fini) { 537 + digest_phys = dma_map_single(sdcp->dev, req->result, 538 + halg->digestsize, DMA_FROM_DEVICE); 543 539 desc->control0 |= MXS_DCP_CONTROL0_HASH_TERM; 544 540 desc->payload = digest_phys; 545 541 } 546 542 547 543 ret = mxs_dcp_start_dma(actx); 548 544 549 - dma_unmap_single(sdcp->dev, digest_phys, SHA256_DIGEST_SIZE, 550 - DMA_FROM_DEVICE); 545 + if (rctx->fini) 546 + dma_unmap_single(sdcp->dev, digest_phys, halg->digestsize, 547 + DMA_FROM_DEVICE); 548 + 551 549 dma_unmap_single(sdcp->dev, buf_phys, DCP_BUF_SZ, DMA_TO_DEVICE); 552 550 553 551 return ret; ··· 568 558 struct hash_alg_common *halg = crypto_hash_alg_common(tfm); 569 559 const int nents = sg_nents(req->src); 570 560 571 - uint8_t *digest = sdcp->coh->sha_digest; 572 561 uint8_t *in_buf = sdcp->coh->sha_in_buf; 573 562 574 563 uint8_t *src_buf; ··· 614 605 rctx->fini = 1; 615 606 616 607 /* Submit whatever is left. */ 608 + if (!req->result) 609 + return -EINVAL; 610 + 617 611 ret = mxs_dcp_run_sha(req); 618 - if (ret || !req->result) 612 + if (ret) 619 613 return ret; 614 + 620 615 actx->fill = 0; 621 616 622 617 /* For some reason, the result is flipped. */ 623 - for (i = 0; i < halg->digestsize; i++) 624 - req->result[i] = digest[halg->digestsize - i - 1]; 618 + for (i = 0; i < halg->digestsize / 2; i++) { 619 + swap(req->result[i], 620 + req->result[halg->digestsize - i - 1]); 621 + } 625 622 } 626 623 627 624 return 0; ··· 916 901 917 902 iores = platform_get_resource(pdev, IORESOURCE_MEM, 0); 918 903 dcp_vmi_irq = platform_get_irq(pdev, 0); 904 + if (dcp_vmi_irq < 0) { 905 + ret = dcp_vmi_irq; 906 + goto err_mutex; 907 + } 908 + 919 909 dcp_irq = platform_get_irq(pdev, 1); 920 - if (dcp_vmi_irq < 0 || dcp_irq < 0) { 921 - ret = -EINVAL; 910 + if (dcp_irq < 0) { 911 + ret = dcp_irq; 922 912 goto err_mutex; 923 913 } 924 914 ··· 955 935 } 956 936 957 937 /* Allocate coherent helper block. */ 958 - sdcp->coh = kzalloc(sizeof(struct dcp_coherent_block), GFP_KERNEL); 938 + sdcp->coh = devm_kzalloc(dev, sizeof(*sdcp->coh) + DCP_ALIGNMENT, 939 + GFP_KERNEL); 959 940 if (!sdcp->coh) { 960 - dev_err(dev, "Error allocating coherent block\n"); 961 941 ret = -ENOMEM; 962 942 goto err_mutex; 963 943 } 964 944 945 + /* Re-align the structure so it fits the DCP constraints. */ 946 + sdcp->coh = PTR_ALIGN(sdcp->coh, DCP_ALIGNMENT); 947 + 965 948 /* Restart the DCP block. */ 966 - stmp_reset_block(sdcp->base); 949 + ret = stmp_reset_block(sdcp->base); 950 + if (ret) 951 + goto err_mutex; 967 952 968 953 /* Initialize control register. */ 969 954 writel(MXS_DCP_CTRL_GATHER_RESIDUAL_WRITES | ··· 1007 982 if (IS_ERR(sdcp->thread[DCP_CHAN_HASH_SHA])) { 1008 983 dev_err(dev, "Error starting SHA thread!\n"); 1009 984 ret = PTR_ERR(sdcp->thread[DCP_CHAN_HASH_SHA]); 1010 - goto err_free_coherent; 985 + goto err_mutex; 1011 986 } 1012 987 1013 988 sdcp->thread[DCP_CHAN_CRYPTO] = kthread_run(dcp_chan_thread_aes, ··· 1065 1040 err_destroy_sha_thread: 1066 1041 kthread_stop(sdcp->thread[DCP_CHAN_HASH_SHA]); 1067 1042 1068 - err_free_coherent: 1069 - kfree(sdcp->coh); 1070 1043 err_mutex: 1071 1044 mutex_unlock(&global_mutex); 1072 1045 return ret; ··· 1073 1050 static int mxs_dcp_remove(struct platform_device *pdev) 1074 1051 { 1075 1052 struct dcp *sdcp = platform_get_drvdata(pdev); 1076 - 1077 - kfree(sdcp->coh); 1078 1053 1079 1054 if (sdcp->caps & MXS_DCP_CAPABILITY1_SHA256) 1080 1055 crypto_unregister_ahash(&dcp_sha256_alg);

+1 -3

drivers/crypto/omap-aes.c

··· 1307 1307 } 1308 1308 #endif 1309 1309 1310 - static const struct dev_pm_ops omap_aes_pm_ops = { 1311 - SET_SYSTEM_SLEEP_PM_OPS(omap_aes_suspend, omap_aes_resume) 1312 - }; 1310 + static SIMPLE_DEV_PM_OPS(omap_aes_pm_ops, omap_aes_suspend, omap_aes_resume); 1313 1311 1314 1312 static struct platform_driver omap_aes_driver = { 1315 1313 .probe = omap_aes_probe,

+1216

drivers/crypto/omap-des.c

··· 1 + /* 2 + * Support for OMAP DES and Triple DES HW acceleration. 3 + * 4 + * Copyright (c) 2013 Texas Instruments Incorporated 5 + * Author: Joel Fernandes <joelf@ti.com> 6 + * 7 + * This program is free software; you can redistribute it and/or modify 8 + * it under the terms of the GNU General Public License version 2 as published 9 + * by the Free Software Foundation. 10 + * 11 + */ 12 + 13 + #define pr_fmt(fmt) "%s: " fmt, __func__ 14 + 15 + #ifdef DEBUG 16 + #define prn(num) printk(#num "=%d\n", num) 17 + #define prx(num) printk(#num "=%x\n", num) 18 + #else 19 + #define prn(num) do { } while (0) 20 + #define prx(num) do { } while (0) 21 + #endif 22 + 23 + #include <linux/err.h> 24 + #include <linux/module.h> 25 + #include <linux/init.h> 26 + #include <linux/errno.h> 27 + #include <linux/kernel.h> 28 + #include <linux/platform_device.h> 29 + #include <linux/scatterlist.h> 30 + #include <linux/dma-mapping.h> 31 + #include <linux/dmaengine.h> 32 + #include <linux/omap-dma.h> 33 + #include <linux/pm_runtime.h> 34 + #include <linux/of.h> 35 + #include <linux/of_device.h> 36 + #include <linux/of_address.h> 37 + #include <linux/io.h> 38 + #include <linux/crypto.h> 39 + #include <linux/interrupt.h> 40 + #include <crypto/scatterwalk.h> 41 + #include <crypto/des.h> 42 + 43 + #define DST_MAXBURST 2 44 + 45 + #define DES_BLOCK_WORDS (DES_BLOCK_SIZE >> 2) 46 + 47 + #define _calc_walked(inout) (dd->inout##_walk.offset - dd->inout##_sg->offset) 48 + 49 + #define DES_REG_KEY(dd, x) ((dd)->pdata->key_ofs - \ 50 + ((x ^ 0x01) * 0x04)) 51 + 52 + #define DES_REG_IV(dd, x) ((dd)->pdata->iv_ofs + ((x) * 0x04)) 53 + 54 + #define DES_REG_CTRL(dd) ((dd)->pdata->ctrl_ofs) 55 + #define DES_REG_CTRL_CBC BIT(4) 56 + #define DES_REG_CTRL_TDES BIT(3) 57 + #define DES_REG_CTRL_DIRECTION BIT(2) 58 + #define DES_REG_CTRL_INPUT_READY BIT(1) 59 + #define DES_REG_CTRL_OUTPUT_READY BIT(0) 60 + 61 + #define DES_REG_DATA_N(dd, x) ((dd)->pdata->data_ofs + ((x) * 0x04)) 62 + 63 + #define DES_REG_REV(dd) ((dd)->pdata->rev_ofs) 64 + 65 + #define DES_REG_MASK(dd) ((dd)->pdata->mask_ofs) 66 + 67 + #define DES_REG_LENGTH_N(x) (0x24 + ((x) * 0x04)) 68 + 69 + #define DES_REG_IRQ_STATUS(dd) ((dd)->pdata->irq_status_ofs) 70 + #define DES_REG_IRQ_ENABLE(dd) ((dd)->pdata->irq_enable_ofs) 71 + #define DES_REG_IRQ_DATA_IN BIT(1) 72 + #define DES_REG_IRQ_DATA_OUT BIT(2) 73 + 74 + #define FLAGS_MODE_MASK 0x000f 75 + #define FLAGS_ENCRYPT BIT(0) 76 + #define FLAGS_CBC BIT(1) 77 + #define FLAGS_INIT BIT(4) 78 + #define FLAGS_BUSY BIT(6) 79 + 80 + struct omap_des_ctx { 81 + struct omap_des_dev *dd; 82 + 83 + int keylen; 84 + u32 key[(3 * DES_KEY_SIZE) / sizeof(u32)]; 85 + unsigned long flags; 86 + }; 87 + 88 + struct omap_des_reqctx { 89 + unsigned long mode; 90 + }; 91 + 92 + #define OMAP_DES_QUEUE_LENGTH 1 93 + #define OMAP_DES_CACHE_SIZE 0 94 + 95 + struct omap_des_algs_info { 96 + struct crypto_alg *algs_list; 97 + unsigned int size; 98 + unsigned int registered; 99 + }; 100 + 101 + struct omap_des_pdata { 102 + struct omap_des_algs_info *algs_info; 103 + unsigned int algs_info_size; 104 + 105 + void (*trigger)(struct omap_des_dev *dd, int length); 106 + 107 + u32 key_ofs; 108 + u32 iv_ofs; 109 + u32 ctrl_ofs; 110 + u32 data_ofs; 111 + u32 rev_ofs; 112 + u32 mask_ofs; 113 + u32 irq_enable_ofs; 114 + u32 irq_status_ofs; 115 + 116 + u32 dma_enable_in; 117 + u32 dma_enable_out; 118 + u32 dma_start; 119 + 120 + u32 major_mask; 121 + u32 major_shift; 122 + u32 minor_mask; 123 + u32 minor_shift; 124 + }; 125 + 126 + struct omap_des_dev { 127 + struct list_head list; 128 + unsigned long phys_base; 129 + void __iomem *io_base; 130 + struct omap_des_ctx *ctx; 131 + struct device *dev; 132 + unsigned long flags; 133 + int err; 134 + 135 + /* spinlock used for queues */ 136 + spinlock_t lock; 137 + struct crypto_queue queue; 138 + 139 + struct tasklet_struct done_task; 140 + struct tasklet_struct queue_task; 141 + 142 + struct ablkcipher_request *req; 143 + /* 144 + * total is used by PIO mode for book keeping so introduce 145 + * variable total_save as need it to calc page_order 146 + */ 147 + size_t total; 148 + size_t total_save; 149 + 150 + struct scatterlist *in_sg; 151 + struct scatterlist *out_sg; 152 + 153 + /* Buffers for copying for unaligned cases */ 154 + struct scatterlist in_sgl; 155 + struct scatterlist out_sgl; 156 + struct scatterlist *orig_out; 157 + int sgs_copied; 158 + 159 + struct scatter_walk in_walk; 160 + struct scatter_walk out_walk; 161 + int dma_in; 162 + struct dma_chan *dma_lch_in; 163 + int dma_out; 164 + struct dma_chan *dma_lch_out; 165 + int in_sg_len; 166 + int out_sg_len; 167 + int pio_only; 168 + const struct omap_des_pdata *pdata; 169 + }; 170 + 171 + /* keep registered devices data here */ 172 + static LIST_HEAD(dev_list); 173 + static DEFINE_SPINLOCK(list_lock); 174 + 175 + #ifdef DEBUG 176 + #define omap_des_read(dd, offset) \ 177 + ({ \ 178 + int _read_ret; \ 179 + _read_ret = __raw_readl(dd->io_base + offset); \ 180 + pr_err("omap_des_read(" #offset "=%#x)= %#x\n", \ 181 + offset, _read_ret); \ 182 + _read_ret; \ 183 + }) 184 + #else 185 + static inline u32 omap_des_read(struct omap_des_dev *dd, u32 offset) 186 + { 187 + return __raw_readl(dd->io_base + offset); 188 + } 189 + #endif 190 + 191 + #ifdef DEBUG 192 + #define omap_des_write(dd, offset, value) \ 193 + do { \ 194 + pr_err("omap_des_write(" #offset "=%#x) value=%#x\n", \ 195 + offset, value); \ 196 + __raw_writel(value, dd->io_base + offset); \ 197 + } while (0) 198 + #else 199 + static inline void omap_des_write(struct omap_des_dev *dd, u32 offset, 200 + u32 value) 201 + { 202 + __raw_writel(value, dd->io_base + offset); 203 + } 204 + #endif 205 + 206 + static inline void omap_des_write_mask(struct omap_des_dev *dd, u32 offset, 207 + u32 value, u32 mask) 208 + { 209 + u32 val; 210 + 211 + val = omap_des_read(dd, offset); 212 + val &= ~mask; 213 + val |= value; 214 + omap_des_write(dd, offset, val); 215 + } 216 + 217 + static void omap_des_write_n(struct omap_des_dev *dd, u32 offset, 218 + u32 *value, int count) 219 + { 220 + for (; count--; value++, offset += 4) 221 + omap_des_write(dd, offset, *value); 222 + } 223 + 224 + static int omap_des_hw_init(struct omap_des_dev *dd) 225 + { 226 + /* 227 + * clocks are enabled when request starts and disabled when finished. 228 + * It may be long delays between requests. 229 + * Device might go to off mode to save power. 230 + */ 231 + pm_runtime_get_sync(dd->dev); 232 + 233 + if (!(dd->flags & FLAGS_INIT)) { 234 + dd->flags |= FLAGS_INIT; 235 + dd->err = 0; 236 + } 237 + 238 + return 0; 239 + } 240 + 241 + static int omap_des_write_ctrl(struct omap_des_dev *dd) 242 + { 243 + unsigned int key32; 244 + int i, err; 245 + u32 val = 0, mask = 0; 246 + 247 + err = omap_des_hw_init(dd); 248 + if (err) 249 + return err; 250 + 251 + key32 = dd->ctx->keylen / sizeof(u32); 252 + 253 + /* it seems a key should always be set even if it has not changed */ 254 + for (i = 0; i < key32; i++) { 255 + omap_des_write(dd, DES_REG_KEY(dd, i), 256 + __le32_to_cpu(dd->ctx->key[i])); 257 + } 258 + 259 + if ((dd->flags & FLAGS_CBC) && dd->req->info) 260 + omap_des_write_n(dd, DES_REG_IV(dd, 0), dd->req->info, 2); 261 + 262 + if (dd->flags & FLAGS_CBC) 263 + val |= DES_REG_CTRL_CBC; 264 + if (dd->flags & FLAGS_ENCRYPT) 265 + val |= DES_REG_CTRL_DIRECTION; 266 + if (key32 == 6) 267 + val |= DES_REG_CTRL_TDES; 268 + 269 + mask |= DES_REG_CTRL_CBC | DES_REG_CTRL_DIRECTION | DES_REG_CTRL_TDES; 270 + 271 + omap_des_write_mask(dd, DES_REG_CTRL(dd), val, mask); 272 + 273 + return 0; 274 + } 275 + 276 + static void omap_des_dma_trigger_omap4(struct omap_des_dev *dd, int length) 277 + { 278 + u32 mask, val; 279 + 280 + omap_des_write(dd, DES_REG_LENGTH_N(0), length); 281 + 282 + val = dd->pdata->dma_start; 283 + 284 + if (dd->dma_lch_out != NULL) 285 + val |= dd->pdata->dma_enable_out; 286 + if (dd->dma_lch_in != NULL) 287 + val |= dd->pdata->dma_enable_in; 288 + 289 + mask = dd->pdata->dma_enable_out | dd->pdata->dma_enable_in | 290 + dd->pdata->dma_start; 291 + 292 + omap_des_write_mask(dd, DES_REG_MASK(dd), val, mask); 293 + } 294 + 295 + static void omap_des_dma_stop(struct omap_des_dev *dd) 296 + { 297 + u32 mask; 298 + 299 + mask = dd->pdata->dma_enable_out | dd->pdata->dma_enable_in | 300 + dd->pdata->dma_start; 301 + 302 + omap_des_write_mask(dd, DES_REG_MASK(dd), 0, mask); 303 + } 304 + 305 + static struct omap_des_dev *omap_des_find_dev(struct omap_des_ctx *ctx) 306 + { 307 + struct omap_des_dev *dd = NULL, *tmp; 308 + 309 + spin_lock_bh(&list_lock); 310 + if (!ctx->dd) { 311 + list_for_each_entry(tmp, &dev_list, list) { 312 + /* FIXME: take fist available des core */ 313 + dd = tmp; 314 + break; 315 + } 316 + ctx->dd = dd; 317 + } else { 318 + /* already found before */ 319 + dd = ctx->dd; 320 + } 321 + spin_unlock_bh(&list_lock); 322 + 323 + return dd; 324 + } 325 + 326 + static void omap_des_dma_out_callback(void *data) 327 + { 328 + struct omap_des_dev *dd = data; 329 + 330 + /* dma_lch_out - completed */ 331 + tasklet_schedule(&dd->done_task); 332 + } 333 + 334 + static int omap_des_dma_init(struct omap_des_dev *dd) 335 + { 336 + int err = -ENOMEM; 337 + dma_cap_mask_t mask; 338 + 339 + dd->dma_lch_out = NULL; 340 + dd->dma_lch_in = NULL; 341 + 342 + dma_cap_zero(mask); 343 + dma_cap_set(DMA_SLAVE, mask); 344 + 345 + dd->dma_lch_in = dma_request_slave_channel_compat(mask, 346 + omap_dma_filter_fn, 347 + &dd->dma_in, 348 + dd->dev, "rx"); 349 + if (!dd->dma_lch_in) { 350 + dev_err(dd->dev, "Unable to request in DMA channel\n"); 351 + goto err_dma_in; 352 + } 353 + 354 + dd->dma_lch_out = dma_request_slave_channel_compat(mask, 355 + omap_dma_filter_fn, 356 + &dd->dma_out, 357 + dd->dev, "tx"); 358 + if (!dd->dma_lch_out) { 359 + dev_err(dd->dev, "Unable to request out DMA channel\n"); 360 + goto err_dma_out; 361 + } 362 + 363 + return 0; 364 + 365 + err_dma_out: 366 + dma_release_channel(dd->dma_lch_in); 367 + err_dma_in: 368 + if (err) 369 + pr_err("error: %d\n", err); 370 + return err; 371 + } 372 + 373 + static void omap_des_dma_cleanup(struct omap_des_dev *dd) 374 + { 375 + dma_release_channel(dd->dma_lch_out); 376 + dma_release_channel(dd->dma_lch_in); 377 + } 378 + 379 + static void sg_copy_buf(void *buf, struct scatterlist *sg, 380 + unsigned int start, unsigned int nbytes, int out) 381 + { 382 + struct scatter_walk walk; 383 + 384 + if (!nbytes) 385 + return; 386 + 387 + scatterwalk_start(&walk, sg); 388 + scatterwalk_advance(&walk, start); 389 + scatterwalk_copychunks(buf, &walk, nbytes, out); 390 + scatterwalk_done(&walk, out, 0); 391 + } 392 + 393 + static int omap_des_crypt_dma(struct crypto_tfm *tfm, 394 + struct scatterlist *in_sg, struct scatterlist *out_sg, 395 + int in_sg_len, int out_sg_len) 396 + { 397 + struct omap_des_ctx *ctx = crypto_tfm_ctx(tfm); 398 + struct omap_des_dev *dd = ctx->dd; 399 + struct dma_async_tx_descriptor *tx_in, *tx_out; 400 + struct dma_slave_config cfg; 401 + int ret; 402 + 403 + if (dd->pio_only) { 404 + scatterwalk_start(&dd->in_walk, dd->in_sg); 405 + scatterwalk_start(&dd->out_walk, dd->out_sg); 406 + 407 + /* Enable DATAIN interrupt and let it take 408 + care of the rest */ 409 + omap_des_write(dd, DES_REG_IRQ_ENABLE(dd), 0x2); 410 + return 0; 411 + } 412 + 413 + dma_sync_sg_for_device(dd->dev, dd->in_sg, in_sg_len, DMA_TO_DEVICE); 414 + 415 + memset(&cfg, 0, sizeof(cfg)); 416 + 417 + cfg.src_addr = dd->phys_base + DES_REG_DATA_N(dd, 0); 418 + cfg.dst_addr = dd->phys_base + DES_REG_DATA_N(dd, 0); 419 + cfg.src_addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES; 420 + cfg.dst_addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES; 421 + cfg.src_maxburst = DST_MAXBURST; 422 + cfg.dst_maxburst = DST_MAXBURST; 423 + 424 + /* IN */ 425 + ret = dmaengine_slave_config(dd->dma_lch_in, &cfg); 426 + if (ret) { 427 + dev_err(dd->dev, "can't configure IN dmaengine slave: %d\n", 428 + ret); 429 + return ret; 430 + } 431 + 432 + tx_in = dmaengine_prep_slave_sg(dd->dma_lch_in, in_sg, in_sg_len, 433 + DMA_MEM_TO_DEV, 434 + DMA_PREP_INTERRUPT | DMA_CTRL_ACK); 435 + if (!tx_in) { 436 + dev_err(dd->dev, "IN prep_slave_sg() failed\n"); 437 + return -EINVAL; 438 + } 439 + 440 + /* No callback necessary */ 441 + tx_in->callback_param = dd; 442 + 443 + /* OUT */ 444 + ret = dmaengine_slave_config(dd->dma_lch_out, &cfg); 445 + if (ret) { 446 + dev_err(dd->dev, "can't configure OUT dmaengine slave: %d\n", 447 + ret); 448 + return ret; 449 + } 450 + 451 + tx_out = dmaengine_prep_slave_sg(dd->dma_lch_out, out_sg, out_sg_len, 452 + DMA_DEV_TO_MEM, 453 + DMA_PREP_INTERRUPT | DMA_CTRL_ACK); 454 + if (!tx_out) { 455 + dev_err(dd->dev, "OUT prep_slave_sg() failed\n"); 456 + return -EINVAL; 457 + } 458 + 459 + tx_out->callback = omap_des_dma_out_callback; 460 + tx_out->callback_param = dd; 461 + 462 + dmaengine_submit(tx_in); 463 + dmaengine_submit(tx_out); 464 + 465 + dma_async_issue_pending(dd->dma_lch_in); 466 + dma_async_issue_pending(dd->dma_lch_out); 467 + 468 + /* start DMA */ 469 + dd->pdata->trigger(dd, dd->total); 470 + 471 + return 0; 472 + } 473 + 474 + static int omap_des_crypt_dma_start(struct omap_des_dev *dd) 475 + { 476 + struct crypto_tfm *tfm = crypto_ablkcipher_tfm( 477 + crypto_ablkcipher_reqtfm(dd->req)); 478 + int err; 479 + 480 + pr_debug("total: %d\n", dd->total); 481 + 482 + if (!dd->pio_only) { 483 + err = dma_map_sg(dd->dev, dd->in_sg, dd->in_sg_len, 484 + DMA_TO_DEVICE); 485 + if (!err) { 486 + dev_err(dd->dev, "dma_map_sg() error\n"); 487 + return -EINVAL; 488 + } 489 + 490 + err = dma_map_sg(dd->dev, dd->out_sg, dd->out_sg_len, 491 + DMA_FROM_DEVICE); 492 + if (!err) { 493 + dev_err(dd->dev, "dma_map_sg() error\n"); 494 + return -EINVAL; 495 + } 496 + } 497 + 498 + err = omap_des_crypt_dma(tfm, dd->in_sg, dd->out_sg, dd->in_sg_len, 499 + dd->out_sg_len); 500 + if (err && !dd->pio_only) { 501 + dma_unmap_sg(dd->dev, dd->in_sg, dd->in_sg_len, DMA_TO_DEVICE); 502 + dma_unmap_sg(dd->dev, dd->out_sg, dd->out_sg_len, 503 + DMA_FROM_DEVICE); 504 + } 505 + 506 + return err; 507 + } 508 + 509 + static void omap_des_finish_req(struct omap_des_dev *dd, int err) 510 + { 511 + struct ablkcipher_request *req = dd->req; 512 + 513 + pr_debug("err: %d\n", err); 514 + 515 + pm_runtime_put(dd->dev); 516 + dd->flags &= ~FLAGS_BUSY; 517 + 518 + req->base.complete(&req->base, err); 519 + } 520 + 521 + static int omap_des_crypt_dma_stop(struct omap_des_dev *dd) 522 + { 523 + int err = 0; 524 + 525 + pr_debug("total: %d\n", dd->total); 526 + 527 + omap_des_dma_stop(dd); 528 + 529 + dmaengine_terminate_all(dd->dma_lch_in); 530 + dmaengine_terminate_all(dd->dma_lch_out); 531 + 532 + dma_unmap_sg(dd->dev, dd->in_sg, dd->in_sg_len, DMA_TO_DEVICE); 533 + dma_unmap_sg(dd->dev, dd->out_sg, dd->out_sg_len, DMA_FROM_DEVICE); 534 + 535 + return err; 536 + } 537 + 538 + static int omap_des_copy_needed(struct scatterlist *sg) 539 + { 540 + while (sg) { 541 + if (!IS_ALIGNED(sg->offset, 4)) 542 + return -1; 543 + if (!IS_ALIGNED(sg->length, DES_BLOCK_SIZE)) 544 + return -1; 545 + sg = sg_next(sg); 546 + } 547 + return 0; 548 + } 549 + 550 + static int omap_des_copy_sgs(struct omap_des_dev *dd) 551 + { 552 + void *buf_in, *buf_out; 553 + int pages; 554 + 555 + pages = dd->total >> PAGE_SHIFT; 556 + 557 + if (dd->total & (PAGE_SIZE-1)) 558 + pages++; 559 + 560 + BUG_ON(!pages); 561 + 562 + buf_in = (void *)__get_free_pages(GFP_ATOMIC, pages); 563 + buf_out = (void *)__get_free_pages(GFP_ATOMIC, pages); 564 + 565 + if (!buf_in || !buf_out) { 566 + pr_err("Couldn't allocated pages for unaligned cases.\n"); 567 + return -1; 568 + } 569 + 570 + dd->orig_out = dd->out_sg; 571 + 572 + sg_copy_buf(buf_in, dd->in_sg, 0, dd->total, 0); 573 + 574 + sg_init_table(&dd->in_sgl, 1); 575 + sg_set_buf(&dd->in_sgl, buf_in, dd->total); 576 + dd->in_sg = &dd->in_sgl; 577 + 578 + sg_init_table(&dd->out_sgl, 1); 579 + sg_set_buf(&dd->out_sgl, buf_out, dd->total); 580 + dd->out_sg = &dd->out_sgl; 581 + 582 + return 0; 583 + } 584 + 585 + static int omap_des_handle_queue(struct omap_des_dev *dd, 586 + struct ablkcipher_request *req) 587 + { 588 + struct crypto_async_request *async_req, *backlog; 589 + struct omap_des_ctx *ctx; 590 + struct omap_des_reqctx *rctx; 591 + unsigned long flags; 592 + int err, ret = 0; 593 + 594 + spin_lock_irqsave(&dd->lock, flags); 595 + if (req) 596 + ret = ablkcipher_enqueue_request(&dd->queue, req); 597 + if (dd->flags & FLAGS_BUSY) { 598 + spin_unlock_irqrestore(&dd->lock, flags); 599 + return ret; 600 + } 601 + backlog = crypto_get_backlog(&dd->queue); 602 + async_req = crypto_dequeue_request(&dd->queue); 603 + if (async_req) 604 + dd->flags |= FLAGS_BUSY; 605 + spin_unlock_irqrestore(&dd->lock, flags); 606 + 607 + if (!async_req) 608 + return ret; 609 + 610 + if (backlog) 611 + backlog->complete(backlog, -EINPROGRESS); 612 + 613 + req = ablkcipher_request_cast(async_req); 614 + 615 + /* assign new request to device */ 616 + dd->req = req; 617 + dd->total = req->nbytes; 618 + dd->total_save = req->nbytes; 619 + dd->in_sg = req->src; 620 + dd->out_sg = req->dst; 621 + 622 + if (omap_des_copy_needed(dd->in_sg) || 623 + omap_des_copy_needed(dd->out_sg)) { 624 + if (omap_des_copy_sgs(dd)) 625 + pr_err("Failed to copy SGs for unaligned cases\n"); 626 + dd->sgs_copied = 1; 627 + } else { 628 + dd->sgs_copied = 0; 629 + } 630 + 631 + dd->in_sg_len = scatterwalk_bytes_sglen(dd->in_sg, dd->total); 632 + dd->out_sg_len = scatterwalk_bytes_sglen(dd->out_sg, dd->total); 633 + BUG_ON(dd->in_sg_len < 0 || dd->out_sg_len < 0); 634 + 635 + rctx = ablkcipher_request_ctx(req); 636 + ctx = crypto_ablkcipher_ctx(crypto_ablkcipher_reqtfm(req)); 637 + rctx->mode &= FLAGS_MODE_MASK; 638 + dd->flags = (dd->flags & ~FLAGS_MODE_MASK) | rctx->mode; 639 + 640 + dd->ctx = ctx; 641 + ctx->dd = dd; 642 + 643 + err = omap_des_write_ctrl(dd); 644 + if (!err) 645 + err = omap_des_crypt_dma_start(dd); 646 + if (err) { 647 + /* des_task will not finish it, so do it here */ 648 + omap_des_finish_req(dd, err); 649 + tasklet_schedule(&dd->queue_task); 650 + } 651 + 652 + return ret; /* return ret, which is enqueue return value */ 653 + } 654 + 655 + static void omap_des_done_task(unsigned long data) 656 + { 657 + struct omap_des_dev *dd = (struct omap_des_dev *)data; 658 + void *buf_in, *buf_out; 659 + int pages; 660 + 661 + pr_debug("enter done_task\n"); 662 + 663 + if (!dd->pio_only) { 664 + dma_sync_sg_for_device(dd->dev, dd->out_sg, dd->out_sg_len, 665 + DMA_FROM_DEVICE); 666 + dma_unmap_sg(dd->dev, dd->in_sg, dd->in_sg_len, DMA_TO_DEVICE); 667 + dma_unmap_sg(dd->dev, dd->out_sg, dd->out_sg_len, 668 + DMA_FROM_DEVICE); 669 + omap_des_crypt_dma_stop(dd); 670 + } 671 + 672 + if (dd->sgs_copied) { 673 + buf_in = sg_virt(&dd->in_sgl); 674 + buf_out = sg_virt(&dd->out_sgl); 675 + 676 + sg_copy_buf(buf_out, dd->orig_out, 0, dd->total_save, 1); 677 + 678 + pages = get_order(dd->total_save); 679 + free_pages((unsigned long)buf_in, pages); 680 + free_pages((unsigned long)buf_out, pages); 681 + } 682 + 683 + omap_des_finish_req(dd, 0); 684 + omap_des_handle_queue(dd, NULL); 685 + 686 + pr_debug("exit\n"); 687 + } 688 + 689 + static void omap_des_queue_task(unsigned long data) 690 + { 691 + struct omap_des_dev *dd = (struct omap_des_dev *)data; 692 + 693 + omap_des_handle_queue(dd, NULL); 694 + } 695 + 696 + static int omap_des_crypt(struct ablkcipher_request *req, unsigned long mode) 697 + { 698 + struct omap_des_ctx *ctx = crypto_ablkcipher_ctx( 699 + crypto_ablkcipher_reqtfm(req)); 700 + struct omap_des_reqctx *rctx = ablkcipher_request_ctx(req); 701 + struct omap_des_dev *dd; 702 + 703 + pr_debug("nbytes: %d, enc: %d, cbc: %d\n", req->nbytes, 704 + !!(mode & FLAGS_ENCRYPT), 705 + !!(mode & FLAGS_CBC)); 706 + 707 + if (!IS_ALIGNED(req->nbytes, DES_BLOCK_SIZE)) { 708 + pr_err("request size is not exact amount of DES blocks\n"); 709 + return -EINVAL; 710 + } 711 + 712 + dd = omap_des_find_dev(ctx); 713 + if (!dd) 714 + return -ENODEV; 715 + 716 + rctx->mode = mode; 717 + 718 + return omap_des_handle_queue(dd, req); 719 + } 720 + 721 + /* ********************** ALG API ************************************ */ 722 + 723 + static int omap_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, 724 + unsigned int keylen) 725 + { 726 + struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(tfm); 727 + 728 + if (keylen != DES_KEY_SIZE && keylen != (3*DES_KEY_SIZE)) 729 + return -EINVAL; 730 + 731 + pr_debug("enter, keylen: %d\n", keylen); 732 + 733 + memcpy(ctx->key, key, keylen); 734 + ctx->keylen = keylen; 735 + 736 + return 0; 737 + } 738 + 739 + static int omap_des_ecb_encrypt(struct ablkcipher_request *req) 740 + { 741 + return omap_des_crypt(req, FLAGS_ENCRYPT); 742 + } 743 + 744 + static int omap_des_ecb_decrypt(struct ablkcipher_request *req) 745 + { 746 + return omap_des_crypt(req, 0); 747 + } 748 + 749 + static int omap_des_cbc_encrypt(struct ablkcipher_request *req) 750 + { 751 + return omap_des_crypt(req, FLAGS_ENCRYPT | FLAGS_CBC); 752 + } 753 + 754 + static int omap_des_cbc_decrypt(struct ablkcipher_request *req) 755 + { 756 + return omap_des_crypt(req, FLAGS_CBC); 757 + } 758 + 759 + static int omap_des_cra_init(struct crypto_tfm *tfm) 760 + { 761 + pr_debug("enter\n"); 762 + 763 + tfm->crt_ablkcipher.reqsize = sizeof(struct omap_des_reqctx); 764 + 765 + return 0; 766 + } 767 + 768 + static void omap_des_cra_exit(struct crypto_tfm *tfm) 769 + { 770 + pr_debug("enter\n"); 771 + } 772 + 773 + /* ********************** ALGS ************************************ */ 774 + 775 + static struct crypto_alg algs_ecb_cbc[] = { 776 + { 777 + .cra_name = "ecb(des)", 778 + .cra_driver_name = "ecb-des-omap", 779 + .cra_priority = 100, 780 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 781 + CRYPTO_ALG_KERN_DRIVER_ONLY | 782 + CRYPTO_ALG_ASYNC, 783 + .cra_blocksize = DES_BLOCK_SIZE, 784 + .cra_ctxsize = sizeof(struct omap_des_ctx), 785 + .cra_alignmask = 0, 786 + .cra_type = &crypto_ablkcipher_type, 787 + .cra_module = THIS_MODULE, 788 + .cra_init = omap_des_cra_init, 789 + .cra_exit = omap_des_cra_exit, 790 + .cra_u.ablkcipher = { 791 + .min_keysize = DES_KEY_SIZE, 792 + .max_keysize = DES_KEY_SIZE, 793 + .setkey = omap_des_setkey, 794 + .encrypt = omap_des_ecb_encrypt, 795 + .decrypt = omap_des_ecb_decrypt, 796 + } 797 + }, 798 + { 799 + .cra_name = "cbc(des)", 800 + .cra_driver_name = "cbc-des-omap", 801 + .cra_priority = 100, 802 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 803 + CRYPTO_ALG_KERN_DRIVER_ONLY | 804 + CRYPTO_ALG_ASYNC, 805 + .cra_blocksize = DES_BLOCK_SIZE, 806 + .cra_ctxsize = sizeof(struct omap_des_ctx), 807 + .cra_alignmask = 0, 808 + .cra_type = &crypto_ablkcipher_type, 809 + .cra_module = THIS_MODULE, 810 + .cra_init = omap_des_cra_init, 811 + .cra_exit = omap_des_cra_exit, 812 + .cra_u.ablkcipher = { 813 + .min_keysize = DES_KEY_SIZE, 814 + .max_keysize = DES_KEY_SIZE, 815 + .ivsize = DES_BLOCK_SIZE, 816 + .setkey = omap_des_setkey, 817 + .encrypt = omap_des_cbc_encrypt, 818 + .decrypt = omap_des_cbc_decrypt, 819 + } 820 + }, 821 + { 822 + .cra_name = "ecb(des3_ede)", 823 + .cra_driver_name = "ecb-des3-omap", 824 + .cra_priority = 100, 825 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 826 + CRYPTO_ALG_KERN_DRIVER_ONLY | 827 + CRYPTO_ALG_ASYNC, 828 + .cra_blocksize = DES_BLOCK_SIZE, 829 + .cra_ctxsize = sizeof(struct omap_des_ctx), 830 + .cra_alignmask = 0, 831 + .cra_type = &crypto_ablkcipher_type, 832 + .cra_module = THIS_MODULE, 833 + .cra_init = omap_des_cra_init, 834 + .cra_exit = omap_des_cra_exit, 835 + .cra_u.ablkcipher = { 836 + .min_keysize = 3*DES_KEY_SIZE, 837 + .max_keysize = 3*DES_KEY_SIZE, 838 + .setkey = omap_des_setkey, 839 + .encrypt = omap_des_ecb_encrypt, 840 + .decrypt = omap_des_ecb_decrypt, 841 + } 842 + }, 843 + { 844 + .cra_name = "cbc(des3_ede)", 845 + .cra_driver_name = "cbc-des3-omap", 846 + .cra_priority = 100, 847 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 848 + CRYPTO_ALG_KERN_DRIVER_ONLY | 849 + CRYPTO_ALG_ASYNC, 850 + .cra_blocksize = DES_BLOCK_SIZE, 851 + .cra_ctxsize = sizeof(struct omap_des_ctx), 852 + .cra_alignmask = 0, 853 + .cra_type = &crypto_ablkcipher_type, 854 + .cra_module = THIS_MODULE, 855 + .cra_init = omap_des_cra_init, 856 + .cra_exit = omap_des_cra_exit, 857 + .cra_u.ablkcipher = { 858 + .min_keysize = 3*DES_KEY_SIZE, 859 + .max_keysize = 3*DES_KEY_SIZE, 860 + .ivsize = DES_BLOCK_SIZE, 861 + .setkey = omap_des_setkey, 862 + .encrypt = omap_des_cbc_encrypt, 863 + .decrypt = omap_des_cbc_decrypt, 864 + } 865 + } 866 + }; 867 + 868 + static struct omap_des_algs_info omap_des_algs_info_ecb_cbc[] = { 869 + { 870 + .algs_list = algs_ecb_cbc, 871 + .size = ARRAY_SIZE(algs_ecb_cbc), 872 + }, 873 + }; 874 + 875 + #ifdef CONFIG_OF 876 + static const struct omap_des_pdata omap_des_pdata_omap4 = { 877 + .algs_info = omap_des_algs_info_ecb_cbc, 878 + .algs_info_size = ARRAY_SIZE(omap_des_algs_info_ecb_cbc), 879 + .trigger = omap_des_dma_trigger_omap4, 880 + .key_ofs = 0x14, 881 + .iv_ofs = 0x18, 882 + .ctrl_ofs = 0x20, 883 + .data_ofs = 0x28, 884 + .rev_ofs = 0x30, 885 + .mask_ofs = 0x34, 886 + .irq_status_ofs = 0x3c, 887 + .irq_enable_ofs = 0x40, 888 + .dma_enable_in = BIT(5), 889 + .dma_enable_out = BIT(6), 890 + .major_mask = 0x0700, 891 + .major_shift = 8, 892 + .minor_mask = 0x003f, 893 + .minor_shift = 0, 894 + }; 895 + 896 + static irqreturn_t omap_des_irq(int irq, void *dev_id) 897 + { 898 + struct omap_des_dev *dd = dev_id; 899 + u32 status, i; 900 + u32 *src, *dst; 901 + 902 + status = omap_des_read(dd, DES_REG_IRQ_STATUS(dd)); 903 + if (status & DES_REG_IRQ_DATA_IN) { 904 + omap_des_write(dd, DES_REG_IRQ_ENABLE(dd), 0x0); 905 + 906 + BUG_ON(!dd->in_sg); 907 + 908 + BUG_ON(_calc_walked(in) > dd->in_sg->length); 909 + 910 + src = sg_virt(dd->in_sg) + _calc_walked(in); 911 + 912 + for (i = 0; i < DES_BLOCK_WORDS; i++) { 913 + omap_des_write(dd, DES_REG_DATA_N(dd, i), *src); 914 + 915 + scatterwalk_advance(&dd->in_walk, 4); 916 + if (dd->in_sg->length == _calc_walked(in)) { 917 + dd->in_sg = scatterwalk_sg_next(dd->in_sg); 918 + if (dd->in_sg) { 919 + scatterwalk_start(&dd->in_walk, 920 + dd->in_sg); 921 + src = sg_virt(dd->in_sg) + 922 + _calc_walked(in); 923 + } 924 + } else { 925 + src++; 926 + } 927 + } 928 + 929 + /* Clear IRQ status */ 930 + status &= ~DES_REG_IRQ_DATA_IN; 931 + omap_des_write(dd, DES_REG_IRQ_STATUS(dd), status); 932 + 933 + /* Enable DATA_OUT interrupt */ 934 + omap_des_write(dd, DES_REG_IRQ_ENABLE(dd), 0x4); 935 + 936 + } else if (status & DES_REG_IRQ_DATA_OUT) { 937 + omap_des_write(dd, DES_REG_IRQ_ENABLE(dd), 0x0); 938 + 939 + BUG_ON(!dd->out_sg); 940 + 941 + BUG_ON(_calc_walked(out) > dd->out_sg->length); 942 + 943 + dst = sg_virt(dd->out_sg) + _calc_walked(out); 944 + 945 + for (i = 0; i < DES_BLOCK_WORDS; i++) { 946 + *dst = omap_des_read(dd, DES_REG_DATA_N(dd, i)); 947 + scatterwalk_advance(&dd->out_walk, 4); 948 + if (dd->out_sg->length == _calc_walked(out)) { 949 + dd->out_sg = scatterwalk_sg_next(dd->out_sg); 950 + if (dd->out_sg) { 951 + scatterwalk_start(&dd->out_walk, 952 + dd->out_sg); 953 + dst = sg_virt(dd->out_sg) + 954 + _calc_walked(out); 955 + } 956 + } else { 957 + dst++; 958 + } 959 + } 960 + 961 + dd->total -= DES_BLOCK_SIZE; 962 + 963 + BUG_ON(dd->total < 0); 964 + 965 + /* Clear IRQ status */ 966 + status &= ~DES_REG_IRQ_DATA_OUT; 967 + omap_des_write(dd, DES_REG_IRQ_STATUS(dd), status); 968 + 969 + if (!dd->total) 970 + /* All bytes read! */ 971 + tasklet_schedule(&dd->done_task); 972 + else 973 + /* Enable DATA_IN interrupt for next block */ 974 + omap_des_write(dd, DES_REG_IRQ_ENABLE(dd), 0x2); 975 + } 976 + 977 + return IRQ_HANDLED; 978 + } 979 + 980 + static const struct of_device_id omap_des_of_match[] = { 981 + { 982 + .compatible = "ti,omap4-des", 983 + .data = &omap_des_pdata_omap4, 984 + }, 985 + {}, 986 + }; 987 + MODULE_DEVICE_TABLE(of, omap_des_of_match); 988 + 989 + static int omap_des_get_of(struct omap_des_dev *dd, 990 + struct platform_device *pdev) 991 + { 992 + const struct of_device_id *match; 993 + 994 + match = of_match_device(of_match_ptr(omap_des_of_match), &pdev->dev); 995 + if (!match) { 996 + dev_err(&pdev->dev, "no compatible OF match\n"); 997 + return -EINVAL; 998 + } 999 + 1000 + dd->dma_out = -1; /* Dummy value that's unused */ 1001 + dd->dma_in = -1; /* Dummy value that's unused */ 1002 + dd->pdata = match->data; 1003 + 1004 + return 0; 1005 + } 1006 + #else 1007 + static int omap_des_get_of(struct omap_des_dev *dd, 1008 + struct device *dev) 1009 + { 1010 + return -EINVAL; 1011 + } 1012 + #endif 1013 + 1014 + static int omap_des_get_pdev(struct omap_des_dev *dd, 1015 + struct platform_device *pdev) 1016 + { 1017 + struct device *dev = &pdev->dev; 1018 + struct resource *r; 1019 + int err = 0; 1020 + 1021 + /* Get the DMA out channel */ 1022 + r = platform_get_resource(pdev, IORESOURCE_DMA, 0); 1023 + if (!r) { 1024 + dev_err(dev, "no DMA out resource info\n"); 1025 + err = -ENODEV; 1026 + goto err; 1027 + } 1028 + dd->dma_out = r->start; 1029 + 1030 + /* Get the DMA in channel */ 1031 + r = platform_get_resource(pdev, IORESOURCE_DMA, 1); 1032 + if (!r) { 1033 + dev_err(dev, "no DMA in resource info\n"); 1034 + err = -ENODEV; 1035 + goto err; 1036 + } 1037 + dd->dma_in = r->start; 1038 + 1039 + /* non-DT devices get pdata from pdev */ 1040 + dd->pdata = pdev->dev.platform_data; 1041 + 1042 + err: 1043 + return err; 1044 + } 1045 + 1046 + static int omap_des_probe(struct platform_device *pdev) 1047 + { 1048 + struct device *dev = &pdev->dev; 1049 + struct omap_des_dev *dd; 1050 + struct crypto_alg *algp; 1051 + struct resource *res; 1052 + int err = -ENOMEM, i, j, irq = -1; 1053 + u32 reg; 1054 + 1055 + dd = devm_kzalloc(dev, sizeof(struct omap_des_dev), GFP_KERNEL); 1056 + if (dd == NULL) { 1057 + dev_err(dev, "unable to alloc data struct.\n"); 1058 + goto err_data; 1059 + } 1060 + dd->dev = dev; 1061 + platform_set_drvdata(pdev, dd); 1062 + 1063 + spin_lock_init(&dd->lock); 1064 + crypto_init_queue(&dd->queue, OMAP_DES_QUEUE_LENGTH); 1065 + 1066 + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 1067 + if (!res) { 1068 + dev_err(dev, "no MEM resource info\n"); 1069 + goto err_res; 1070 + } 1071 + 1072 + err = (dev->of_node) ? omap_des_get_of(dd, pdev) : 1073 + omap_des_get_pdev(dd, pdev); 1074 + if (err) 1075 + goto err_res; 1076 + 1077 + dd->io_base = devm_request_and_ioremap(dev, res); 1078 + if (!dd->io_base) { 1079 + dev_err(dev, "can't ioremap\n"); 1080 + err = -ENOMEM; 1081 + goto err_res; 1082 + } 1083 + dd->phys_base = res->start; 1084 + 1085 + pm_runtime_enable(dev); 1086 + pm_runtime_get_sync(dev); 1087 + 1088 + omap_des_dma_stop(dd); 1089 + 1090 + reg = omap_des_read(dd, DES_REG_REV(dd)); 1091 + 1092 + pm_runtime_put_sync(dev); 1093 + 1094 + dev_info(dev, "OMAP DES hw accel rev: %u.%u\n", 1095 + (reg & dd->pdata->major_mask) >> dd->pdata->major_shift, 1096 + (reg & dd->pdata->minor_mask) >> dd->pdata->minor_shift); 1097 + 1098 + tasklet_init(&dd->done_task, omap_des_done_task, (unsigned long)dd); 1099 + tasklet_init(&dd->queue_task, omap_des_queue_task, (unsigned long)dd); 1100 + 1101 + err = omap_des_dma_init(dd); 1102 + if (err && DES_REG_IRQ_STATUS(dd) && DES_REG_IRQ_ENABLE(dd)) { 1103 + dd->pio_only = 1; 1104 + 1105 + irq = platform_get_irq(pdev, 0); 1106 + if (irq < 0) { 1107 + dev_err(dev, "can't get IRQ resource\n"); 1108 + goto err_irq; 1109 + } 1110 + 1111 + err = devm_request_irq(dev, irq, omap_des_irq, 0, 1112 + dev_name(dev), dd); 1113 + if (err) { 1114 + dev_err(dev, "Unable to grab omap-des IRQ\n"); 1115 + goto err_irq; 1116 + } 1117 + } 1118 + 1119 + 1120 + INIT_LIST_HEAD(&dd->list); 1121 + spin_lock(&list_lock); 1122 + list_add_tail(&dd->list, &dev_list); 1123 + spin_unlock(&list_lock); 1124 + 1125 + for (i = 0; i < dd->pdata->algs_info_size; i++) { 1126 + for (j = 0; j < dd->pdata->algs_info[i].size; j++) { 1127 + algp = &dd->pdata->algs_info[i].algs_list[j]; 1128 + 1129 + pr_debug("reg alg: %s\n", algp->cra_name); 1130 + INIT_LIST_HEAD(&algp->cra_list); 1131 + 1132 + err = crypto_register_alg(algp); 1133 + if (err) 1134 + goto err_algs; 1135 + 1136 + dd->pdata->algs_info[i].registered++; 1137 + } 1138 + } 1139 + 1140 + return 0; 1141 + err_algs: 1142 + for (i = dd->pdata->algs_info_size - 1; i >= 0; i--) 1143 + for (j = dd->pdata->algs_info[i].registered - 1; j >= 0; j--) 1144 + crypto_unregister_alg( 1145 + &dd->pdata->algs_info[i].algs_list[j]); 1146 + if (!dd->pio_only) 1147 + omap_des_dma_cleanup(dd); 1148 + err_irq: 1149 + tasklet_kill(&dd->done_task); 1150 + tasklet_kill(&dd->queue_task); 1151 + pm_runtime_disable(dev); 1152 + err_res: 1153 + dd = NULL; 1154 + err_data: 1155 + dev_err(dev, "initialization failed.\n"); 1156 + return err; 1157 + } 1158 + 1159 + static int omap_des_remove(struct platform_device *pdev) 1160 + { 1161 + struct omap_des_dev *dd = platform_get_drvdata(pdev); 1162 + int i, j; 1163 + 1164 + if (!dd) 1165 + return -ENODEV; 1166 + 1167 + spin_lock(&list_lock); 1168 + list_del(&dd->list); 1169 + spin_unlock(&list_lock); 1170 + 1171 + for (i = dd->pdata->algs_info_size - 1; i >= 0; i--) 1172 + for (j = dd->pdata->algs_info[i].registered - 1; j >= 0; j--) 1173 + crypto_unregister_alg( 1174 + &dd->pdata->algs_info[i].algs_list[j]); 1175 + 1176 + tasklet_kill(&dd->done_task); 1177 + tasklet_kill(&dd->queue_task); 1178 + omap_des_dma_cleanup(dd); 1179 + pm_runtime_disable(dd->dev); 1180 + dd = NULL; 1181 + 1182 + return 0; 1183 + } 1184 + 1185 + #ifdef CONFIG_PM_SLEEP 1186 + static int omap_des_suspend(struct device *dev) 1187 + { 1188 + pm_runtime_put_sync(dev); 1189 + return 0; 1190 + } 1191 + 1192 + static int omap_des_resume(struct device *dev) 1193 + { 1194 + pm_runtime_get_sync(dev); 1195 + return 0; 1196 + } 1197 + #endif 1198 + 1199 + static SIMPLE_DEV_PM_OPS(omap_des_pm_ops, omap_des_suspend, omap_des_resume); 1200 + 1201 + static struct platform_driver omap_des_driver = { 1202 + .probe = omap_des_probe, 1203 + .remove = omap_des_remove, 1204 + .driver = { 1205 + .name = "omap-des", 1206 + .owner = THIS_MODULE, 1207 + .pm = &omap_des_pm_ops, 1208 + .of_match_table = of_match_ptr(omap_des_of_match), 1209 + }, 1210 + }; 1211 + 1212 + module_platform_driver(omap_des_driver); 1213 + 1214 + MODULE_DESCRIPTION("OMAP DES hw acceleration support."); 1215 + MODULE_LICENSE("GPL v2"); 1216 + MODULE_AUTHOR("Joel Fernandes <joelf@ti.com>");

+8 -4

drivers/crypto/omap-sham.c

··· 636 636 static size_t omap_sham_append_sg(struct omap_sham_reqctx *ctx) 637 637 { 638 638 size_t count; 639 + const u8 *vaddr; 639 640 640 641 while (ctx->sg) { 642 + vaddr = kmap_atomic(sg_page(ctx->sg)); 643 + 641 644 count = omap_sham_append_buffer(ctx, 642 - sg_virt(ctx->sg) + ctx->offset, 645 + vaddr + ctx->offset, 643 646 ctx->sg->length - ctx->offset); 647 + 648 + kunmap_atomic((void *)vaddr); 649 + 644 650 if (!count) 645 651 break; 646 652 ctx->offset += count; ··· 2028 2022 } 2029 2023 #endif 2030 2024 2031 - static const struct dev_pm_ops omap_sham_pm_ops = { 2032 - SET_SYSTEM_SLEEP_PM_OPS(omap_sham_suspend, omap_sham_resume) 2033 - }; 2025 + static SIMPLE_DEV_PM_OPS(omap_sham_pm_ops, omap_sham_suspend, omap_sham_resume); 2034 2026 2035 2027 static struct platform_driver omap_sham_driver = { 2036 2028 .probe = omap_sham_probe,

+5 -11

drivers/crypto/picoxcell_crypto.c

··· 1720 1720 engine->name = dev_name(&pdev->dev); 1721 1721 1722 1722 mem = platform_get_resource(pdev, IORESOURCE_MEM, 0); 1723 + engine->regs = devm_ioremap_resource(&pdev->dev, mem); 1724 + if (IS_ERR(engine->regs)) 1725 + return PTR_ERR(engine->regs); 1726 + 1723 1727 irq = platform_get_resource(pdev, IORESOURCE_IRQ, 0); 1724 - if (!mem || !irq) { 1728 + if (!irq) { 1725 1729 dev_err(&pdev->dev, "no memory/irq resource for engine\n"); 1726 1730 return -ENXIO; 1727 - } 1728 - 1729 - if (!devm_request_mem_region(&pdev->dev, mem->start, resource_size(mem), 1730 - engine->name)) 1731 - return -ENOMEM; 1732 - 1733 - engine->regs = devm_ioremap(&pdev->dev, mem->start, resource_size(mem)); 1734 - if (!engine->regs) { 1735 - dev_err(&pdev->dev, "memory map failed\n"); 1736 - return -ENOMEM; 1737 1731 } 1738 1732 1739 1733 if (devm_request_irq(&pdev->dev, irq->start, spacc_spacc_irq, 0,

+4 -9

drivers/crypto/s5p-sss.c

··· 568 568 if (s5p_dev) 569 569 return -EEXIST; 570 570 571 - res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 572 - if (!res) 573 - return -ENODEV; 574 - 575 571 pdata = devm_kzalloc(dev, sizeof(*pdata), GFP_KERNEL); 576 572 if (!pdata) 577 573 return -ENOMEM; 578 574 579 - if (!devm_request_mem_region(dev, res->start, 580 - resource_size(res), pdev->name)) 581 - return -EBUSY; 575 + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 576 + pdata->ioaddr = devm_ioremap_resource(&pdev->dev, res); 577 + if (IS_ERR(pdata->ioaddr)) 578 + return PTR_ERR(pdata->ioaddr); 582 579 583 580 pdata->clk = devm_clk_get(dev, "secss"); 584 581 if (IS_ERR(pdata->clk)) { ··· 586 589 clk_enable(pdata->clk); 587 590 588 591 spin_lock_init(&pdata->lock); 589 - pdata->ioaddr = devm_ioremap(dev, res->start, 590 - resource_size(res)); 591 592 592 593 pdata->irq_hash = platform_get_irq_byname(pdev, "hash"); 593 594 if (pdata->irq_hash < 0) {

+7 -19

drivers/crypto/sahara.c

··· 885 885 886 886 /* Get the base address */ 887 887 res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 888 - if (!res) { 889 - dev_err(&pdev->dev, "failed to get memory region resource\n"); 890 - return -ENODEV; 891 - } 892 - 893 - if (devm_request_mem_region(&pdev->dev, res->start, 894 - resource_size(res), SAHARA_NAME) == NULL) { 895 - dev_err(&pdev->dev, "failed to request memory region\n"); 896 - return -ENOENT; 897 - } 898 - dev->regs_base = devm_ioremap(&pdev->dev, res->start, 899 - resource_size(res)); 900 - if (!dev->regs_base) { 901 - dev_err(&pdev->dev, "failed to ioremap address region\n"); 902 - return -ENOENT; 903 - } 888 + dev->regs_base = devm_ioremap_resource(&pdev->dev, res); 889 + if (IS_ERR(dev->regs_base)) 890 + return PTR_ERR(dev->regs_base); 904 891 905 892 /* Get the IRQ */ 906 893 irq = platform_get_irq(pdev, 0); ··· 896 909 return irq; 897 910 } 898 911 899 - if (devm_request_irq(&pdev->dev, irq, sahara_irq_handler, 900 - 0, SAHARA_NAME, dev) < 0) { 912 + err = devm_request_irq(&pdev->dev, irq, sahara_irq_handler, 913 + 0, dev_name(&pdev->dev), dev); 914 + if (err) { 901 915 dev_err(&pdev->dev, "failed to request irq\n"); 902 - return -ENOENT; 916 + return err; 903 917 } 904 918 905 919 /* clocks */

+2 -2

drivers/crypto/talitos.c

··· 2637 2637 if (!priv) 2638 2638 return -ENOMEM; 2639 2639 2640 + INIT_LIST_HEAD(&priv->alg_list); 2641 + 2640 2642 dev_set_drvdata(dev, priv); 2641 2643 2642 2644 priv->ofdev = ofdev; ··· 2658 2656 tasklet_init(&priv->done_task[1], talitos_done_ch1_3, 2659 2657 (unsigned long)dev); 2660 2658 } 2661 - 2662 - INIT_LIST_HEAD(&priv->alg_list); 2663 2659 2664 2660 priv->reg = of_iomap(np, 0); 2665 2661 if (!priv->reg) {

-1087

drivers/crypto/tegra-aes.c

··· 1 - /* 2 - * drivers/crypto/tegra-aes.c 3 - * 4 - * Driver for NVIDIA Tegra AES hardware engine residing inside the 5 - * Bit Stream Engine for Video (BSEV) hardware block. 6 - * 7 - * The programming sequence for this engine is with the help 8 - * of commands which travel via a command queue residing between the 9 - * CPU and the BSEV block. The BSEV engine has an internal RAM (VRAM) 10 - * where the final input plaintext, keys and the IV have to be copied 11 - * before starting the encrypt/decrypt operation. 12 - * 13 - * Copyright (c) 2010, NVIDIA Corporation. 14 - * 15 - * This program is free software; you can redistribute it and/or modify 16 - * it under the terms of the GNU General Public License as published by 17 - * the Free Software Foundation; either version 2 of the License, or 18 - * (at your option) any later version. 19 - * 20 - * This program is distributed in the hope that it will be useful, but WITHOUT 21 - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 22 - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 23 - * more details. 24 - * 25 - * You should have received a copy of the GNU General Public License along 26 - * with this program; if not, write to the Free Software Foundation, Inc., 27 - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 28 - */ 29 - 30 - #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 31 - 32 - #include <linux/module.h> 33 - #include <linux/init.h> 34 - #include <linux/errno.h> 35 - #include <linux/kernel.h> 36 - #include <linux/clk.h> 37 - #include <linux/platform_device.h> 38 - #include <linux/scatterlist.h> 39 - #include <linux/dma-mapping.h> 40 - #include <linux/io.h> 41 - #include <linux/mutex.h> 42 - #include <linux/interrupt.h> 43 - #include <linux/completion.h> 44 - #include <linux/workqueue.h> 45 - 46 - #include <crypto/scatterwalk.h> 47 - #include <crypto/aes.h> 48 - #include <crypto/internal/rng.h> 49 - 50 - #include "tegra-aes.h" 51 - 52 - #define FLAGS_MODE_MASK 0x00FF 53 - #define FLAGS_ENCRYPT BIT(0) 54 - #define FLAGS_CBC BIT(1) 55 - #define FLAGS_GIV BIT(2) 56 - #define FLAGS_RNG BIT(3) 57 - #define FLAGS_OFB BIT(4) 58 - #define FLAGS_NEW_KEY BIT(5) 59 - #define FLAGS_NEW_IV BIT(6) 60 - #define FLAGS_INIT BIT(7) 61 - #define FLAGS_FAST BIT(8) 62 - #define FLAGS_BUSY 9 63 - 64 - /* 65 - * Defines AES engine Max process bytes size in one go, which takes 1 msec. 66 - * AES engine spends about 176 cycles/16-bytes or 11 cycles/byte 67 - * The duration CPU can use the BSE to 1 msec, then the number of available 68 - * cycles of AVP/BSE is 216K. In this duration, AES can process 216/11 ~= 19KB 69 - * Based on this AES_HW_DMA_BUFFER_SIZE_BYTES is configured to 16KB. 70 - */ 71 - #define AES_HW_DMA_BUFFER_SIZE_BYTES 0x4000 72 - 73 - /* 74 - * The key table length is 64 bytes 75 - * (This includes first upto 32 bytes key + 16 bytes original initial vector 76 - * and 16 bytes updated initial vector) 77 - */ 78 - #define AES_HW_KEY_TABLE_LENGTH_BYTES 64 79 - 80 - /* 81 - * The memory being used is divides as follows: 82 - * 1. Key - 32 bytes 83 - * 2. Original IV - 16 bytes 84 - * 3. Updated IV - 16 bytes 85 - * 4. Key schedule - 256 bytes 86 - * 87 - * 1+2+3 constitute the hw key table. 88 - */ 89 - #define AES_HW_IV_SIZE 16 90 - #define AES_HW_KEYSCHEDULE_LEN 256 91 - #define AES_IVKEY_SIZE (AES_HW_KEY_TABLE_LENGTH_BYTES + AES_HW_KEYSCHEDULE_LEN) 92 - 93 - /* Define commands required for AES operation */ 94 - enum { 95 - CMD_BLKSTARTENGINE = 0x0E, 96 - CMD_DMASETUP = 0x10, 97 - CMD_DMACOMPLETE = 0x11, 98 - CMD_SETTABLE = 0x15, 99 - CMD_MEMDMAVD = 0x22, 100 - }; 101 - 102 - /* Define sub-commands */ 103 - enum { 104 - SUBCMD_VRAM_SEL = 0x1, 105 - SUBCMD_CRYPTO_TABLE_SEL = 0x3, 106 - SUBCMD_KEY_TABLE_SEL = 0x8, 107 - }; 108 - 109 - /* memdma_vd command */ 110 - #define MEMDMA_DIR_DTOVRAM 0 /* sdram -> vram */ 111 - #define MEMDMA_DIR_VTODRAM 1 /* vram -> sdram */ 112 - #define MEMDMA_DIR_SHIFT 25 113 - #define MEMDMA_NUM_WORDS_SHIFT 12 114 - 115 - /* command queue bit shifts */ 116 - enum { 117 - CMDQ_KEYTABLEADDR_SHIFT = 0, 118 - CMDQ_KEYTABLEID_SHIFT = 17, 119 - CMDQ_VRAMSEL_SHIFT = 23, 120 - CMDQ_TABLESEL_SHIFT = 24, 121 - CMDQ_OPCODE_SHIFT = 26, 122 - }; 123 - 124 - /* 125 - * The secure key slot contains a unique secure key generated 126 - * and loaded by the bootloader. This slot is marked as non-accessible 127 - * to the kernel. 128 - */ 129 - #define SSK_SLOT_NUM 4 130 - 131 - #define AES_NR_KEYSLOTS 8 132 - #define TEGRA_AES_QUEUE_LENGTH 50 133 - #define DEFAULT_RNG_BLK_SZ 16 134 - 135 - /* The command queue depth */ 136 - #define AES_HW_MAX_ICQ_LENGTH 5 137 - 138 - struct tegra_aes_slot { 139 - struct list_head node; 140 - int slot_num; 141 - }; 142 - 143 - static struct tegra_aes_slot ssk = { 144 - .slot_num = SSK_SLOT_NUM, 145 - }; 146 - 147 - struct tegra_aes_reqctx { 148 - unsigned long mode; 149 - }; 150 - 151 - struct tegra_aes_dev { 152 - struct device *dev; 153 - void __iomem *io_base; 154 - dma_addr_t ivkey_phys_base; 155 - void __iomem *ivkey_base; 156 - struct clk *aes_clk; 157 - struct tegra_aes_ctx *ctx; 158 - int irq; 159 - unsigned long flags; 160 - struct completion op_complete; 161 - u32 *buf_in; 162 - dma_addr_t dma_buf_in; 163 - u32 *buf_out; 164 - dma_addr_t dma_buf_out; 165 - u8 *iv; 166 - u8 dt[DEFAULT_RNG_BLK_SZ]; 167 - int ivlen; 168 - u64 ctr; 169 - spinlock_t lock; 170 - struct crypto_queue queue; 171 - struct tegra_aes_slot *slots; 172 - struct ablkcipher_request *req; 173 - size_t total; 174 - struct scatterlist *in_sg; 175 - size_t in_offset; 176 - struct scatterlist *out_sg; 177 - size_t out_offset; 178 - }; 179 - 180 - static struct tegra_aes_dev *aes_dev; 181 - 182 - struct tegra_aes_ctx { 183 - struct tegra_aes_dev *dd; 184 - unsigned long flags; 185 - struct tegra_aes_slot *slot; 186 - u8 key[AES_MAX_KEY_SIZE]; 187 - size_t keylen; 188 - }; 189 - 190 - static struct tegra_aes_ctx rng_ctx = { 191 - .flags = FLAGS_NEW_KEY, 192 - .keylen = AES_KEYSIZE_128, 193 - }; 194 - 195 - /* keep registered devices data here */ 196 - static struct list_head dev_list; 197 - static DEFINE_SPINLOCK(list_lock); 198 - static DEFINE_MUTEX(aes_lock); 199 - 200 - static void aes_workqueue_handler(struct work_struct *work); 201 - static DECLARE_WORK(aes_work, aes_workqueue_handler); 202 - static struct workqueue_struct *aes_wq; 203 - 204 - static inline u32 aes_readl(struct tegra_aes_dev *dd, u32 offset) 205 - { 206 - return readl(dd->io_base + offset); 207 - } 208 - 209 - static inline void aes_writel(struct tegra_aes_dev *dd, u32 val, u32 offset) 210 - { 211 - writel(val, dd->io_base + offset); 212 - } 213 - 214 - static int aes_start_crypt(struct tegra_aes_dev *dd, u32 in_addr, u32 out_addr, 215 - int nblocks, int mode, bool upd_iv) 216 - { 217 - u32 cmdq[AES_HW_MAX_ICQ_LENGTH]; 218 - int i, eng_busy, icq_empty, ret; 219 - u32 value; 220 - 221 - /* reset all the interrupt bits */ 222 - aes_writel(dd, 0xFFFFFFFF, TEGRA_AES_INTR_STATUS); 223 - 224 - /* enable error, dma xfer complete interrupts */ 225 - aes_writel(dd, 0x33, TEGRA_AES_INT_ENB); 226 - 227 - cmdq[0] = CMD_DMASETUP << CMDQ_OPCODE_SHIFT; 228 - cmdq[1] = in_addr; 229 - cmdq[2] = CMD_BLKSTARTENGINE << CMDQ_OPCODE_SHIFT | (nblocks-1); 230 - cmdq[3] = CMD_DMACOMPLETE << CMDQ_OPCODE_SHIFT; 231 - 232 - value = aes_readl(dd, TEGRA_AES_CMDQUE_CONTROL); 233 - /* access SDRAM through AHB */ 234 - value &= ~TEGRA_AES_CMDQ_CTRL_SRC_STM_SEL_FIELD; 235 - value &= ~TEGRA_AES_CMDQ_CTRL_DST_STM_SEL_FIELD; 236 - value |= TEGRA_AES_CMDQ_CTRL_SRC_STM_SEL_FIELD | 237 - TEGRA_AES_CMDQ_CTRL_DST_STM_SEL_FIELD | 238 - TEGRA_AES_CMDQ_CTRL_ICMDQEN_FIELD; 239 - aes_writel(dd, value, TEGRA_AES_CMDQUE_CONTROL); 240 - dev_dbg(dd->dev, "cmd_q_ctrl=0x%x", value); 241 - 242 - value = (0x1 << TEGRA_AES_SECURE_INPUT_ALG_SEL_SHIFT) | 243 - ((dd->ctx->keylen * 8) << 244 - TEGRA_AES_SECURE_INPUT_KEY_LEN_SHIFT) | 245 - ((u32)upd_iv << TEGRA_AES_SECURE_IV_SELECT_SHIFT); 246 - 247 - if (mode & FLAGS_CBC) { 248 - value |= ((((mode & FLAGS_ENCRYPT) ? 2 : 3) 249 - << TEGRA_AES_SECURE_XOR_POS_SHIFT) | 250 - (((mode & FLAGS_ENCRYPT) ? 2 : 3) 251 - << TEGRA_AES_SECURE_VCTRAM_SEL_SHIFT) | 252 - ((mode & FLAGS_ENCRYPT) ? 1 : 0) 253 - << TEGRA_AES_SECURE_CORE_SEL_SHIFT); 254 - } else if (mode & FLAGS_OFB) { 255 - value |= ((TEGRA_AES_SECURE_XOR_POS_FIELD) | 256 - (2 << TEGRA_AES_SECURE_INPUT_SEL_SHIFT) | 257 - (TEGRA_AES_SECURE_CORE_SEL_FIELD)); 258 - } else if (mode & FLAGS_RNG) { 259 - value |= (((mode & FLAGS_ENCRYPT) ? 1 : 0) 260 - << TEGRA_AES_SECURE_CORE_SEL_SHIFT | 261 - TEGRA_AES_SECURE_RNG_ENB_FIELD); 262 - } else { 263 - value |= (((mode & FLAGS_ENCRYPT) ? 1 : 0) 264 - << TEGRA_AES_SECURE_CORE_SEL_SHIFT); 265 - } 266 - 267 - dev_dbg(dd->dev, "secure_in_sel=0x%x", value); 268 - aes_writel(dd, value, TEGRA_AES_SECURE_INPUT_SELECT); 269 - 270 - aes_writel(dd, out_addr, TEGRA_AES_SECURE_DEST_ADDR); 271 - reinit_completion(&dd->op_complete); 272 - 273 - for (i = 0; i < AES_HW_MAX_ICQ_LENGTH - 1; i++) { 274 - do { 275 - value = aes_readl(dd, TEGRA_AES_INTR_STATUS); 276 - eng_busy = value & TEGRA_AES_ENGINE_BUSY_FIELD; 277 - icq_empty = value & TEGRA_AES_ICQ_EMPTY_FIELD; 278 - } while (eng_busy && !icq_empty); 279 - aes_writel(dd, cmdq[i], TEGRA_AES_ICMDQUE_WR); 280 - } 281 - 282 - ret = wait_for_completion_timeout(&dd->op_complete, 283 - msecs_to_jiffies(150)); 284 - if (ret == 0) { 285 - dev_err(dd->dev, "timed out (0x%x)\n", 286 - aes_readl(dd, TEGRA_AES_INTR_STATUS)); 287 - return -ETIMEDOUT; 288 - } 289 - 290 - aes_writel(dd, cmdq[AES_HW_MAX_ICQ_LENGTH - 1], TEGRA_AES_ICMDQUE_WR); 291 - return 0; 292 - } 293 - 294 - static void aes_release_key_slot(struct tegra_aes_slot *slot) 295 - { 296 - if (slot->slot_num == SSK_SLOT_NUM) 297 - return; 298 - 299 - spin_lock(&list_lock); 300 - list_add_tail(&slot->node, &dev_list); 301 - slot = NULL; 302 - spin_unlock(&list_lock); 303 - } 304 - 305 - static struct tegra_aes_slot *aes_find_key_slot(void) 306 - { 307 - struct tegra_aes_slot *slot = NULL; 308 - struct list_head *new_head; 309 - int empty; 310 - 311 - spin_lock(&list_lock); 312 - empty = list_empty(&dev_list); 313 - if (!empty) { 314 - slot = list_entry(&dev_list, struct tegra_aes_slot, node); 315 - new_head = dev_list.next; 316 - list_del(&dev_list); 317 - dev_list.next = new_head->next; 318 - dev_list.prev = NULL; 319 - } 320 - spin_unlock(&list_lock); 321 - 322 - return slot; 323 - } 324 - 325 - static int aes_set_key(struct tegra_aes_dev *dd) 326 - { 327 - u32 value, cmdq[2]; 328 - struct tegra_aes_ctx *ctx = dd->ctx; 329 - int eng_busy, icq_empty, dma_busy; 330 - bool use_ssk = false; 331 - 332 - /* use ssk? */ 333 - if (!dd->ctx->slot) { 334 - dev_dbg(dd->dev, "using ssk"); 335 - dd->ctx->slot = &ssk; 336 - use_ssk = true; 337 - } 338 - 339 - /* enable key schedule generation in hardware */ 340 - value = aes_readl(dd, TEGRA_AES_SECURE_CONFIG_EXT); 341 - value &= ~TEGRA_AES_SECURE_KEY_SCH_DIS_FIELD; 342 - aes_writel(dd, value, TEGRA_AES_SECURE_CONFIG_EXT); 343 - 344 - /* select the key slot */ 345 - value = aes_readl(dd, TEGRA_AES_SECURE_CONFIG); 346 - value &= ~TEGRA_AES_SECURE_KEY_INDEX_FIELD; 347 - value |= (ctx->slot->slot_num << TEGRA_AES_SECURE_KEY_INDEX_SHIFT); 348 - aes_writel(dd, value, TEGRA_AES_SECURE_CONFIG); 349 - 350 - if (use_ssk) 351 - return 0; 352 - 353 - /* copy the key table from sdram to vram */ 354 - cmdq[0] = CMD_MEMDMAVD << CMDQ_OPCODE_SHIFT | 355 - MEMDMA_DIR_DTOVRAM << MEMDMA_DIR_SHIFT | 356 - AES_HW_KEY_TABLE_LENGTH_BYTES / sizeof(u32) << 357 - MEMDMA_NUM_WORDS_SHIFT; 358 - cmdq[1] = (u32)dd->ivkey_phys_base; 359 - 360 - aes_writel(dd, cmdq[0], TEGRA_AES_ICMDQUE_WR); 361 - aes_writel(dd, cmdq[1], TEGRA_AES_ICMDQUE_WR); 362 - 363 - do { 364 - value = aes_readl(dd, TEGRA_AES_INTR_STATUS); 365 - eng_busy = value & TEGRA_AES_ENGINE_BUSY_FIELD; 366 - icq_empty = value & TEGRA_AES_ICQ_EMPTY_FIELD; 367 - dma_busy = value & TEGRA_AES_DMA_BUSY_FIELD; 368 - } while (eng_busy && !icq_empty && dma_busy); 369 - 370 - /* settable command to get key into internal registers */ 371 - value = CMD_SETTABLE << CMDQ_OPCODE_SHIFT | 372 - SUBCMD_CRYPTO_TABLE_SEL << CMDQ_TABLESEL_SHIFT | 373 - SUBCMD_VRAM_SEL << CMDQ_VRAMSEL_SHIFT | 374 - (SUBCMD_KEY_TABLE_SEL | ctx->slot->slot_num) << 375 - CMDQ_KEYTABLEID_SHIFT; 376 - aes_writel(dd, value, TEGRA_AES_ICMDQUE_WR); 377 - 378 - do { 379 - value = aes_readl(dd, TEGRA_AES_INTR_STATUS); 380 - eng_busy = value & TEGRA_AES_ENGINE_BUSY_FIELD; 381 - icq_empty = value & TEGRA_AES_ICQ_EMPTY_FIELD; 382 - } while (eng_busy && !icq_empty); 383 - 384 - return 0; 385 - } 386 - 387 - static int tegra_aes_handle_req(struct tegra_aes_dev *dd) 388 - { 389 - struct crypto_async_request *async_req, *backlog; 390 - struct crypto_ablkcipher *tfm; 391 - struct tegra_aes_ctx *ctx; 392 - struct tegra_aes_reqctx *rctx; 393 - struct ablkcipher_request *req; 394 - unsigned long flags; 395 - int dma_max = AES_HW_DMA_BUFFER_SIZE_BYTES; 396 - int ret = 0, nblocks, total; 397 - int count = 0; 398 - dma_addr_t addr_in, addr_out; 399 - struct scatterlist *in_sg, *out_sg; 400 - 401 - if (!dd) 402 - return -EINVAL; 403 - 404 - spin_lock_irqsave(&dd->lock, flags); 405 - backlog = crypto_get_backlog(&dd->queue); 406 - async_req = crypto_dequeue_request(&dd->queue); 407 - if (!async_req) 408 - clear_bit(FLAGS_BUSY, &dd->flags); 409 - spin_unlock_irqrestore(&dd->lock, flags); 410 - 411 - if (!async_req) 412 - return -ENODATA; 413 - 414 - if (backlog) 415 - backlog->complete(backlog, -EINPROGRESS); 416 - 417 - req = ablkcipher_request_cast(async_req); 418 - 419 - dev_dbg(dd->dev, "%s: get new req\n", __func__); 420 - 421 - if (!req->src || !req->dst) 422 - return -EINVAL; 423 - 424 - /* take mutex to access the aes hw */ 425 - mutex_lock(&aes_lock); 426 - 427 - /* assign new request to device */ 428 - dd->req = req; 429 - dd->total = req->nbytes; 430 - dd->in_offset = 0; 431 - dd->in_sg = req->src; 432 - dd->out_offset = 0; 433 - dd->out_sg = req->dst; 434 - 435 - in_sg = dd->in_sg; 436 - out_sg = dd->out_sg; 437 - 438 - total = dd->total; 439 - 440 - tfm = crypto_ablkcipher_reqtfm(req); 441 - rctx = ablkcipher_request_ctx(req); 442 - ctx = crypto_ablkcipher_ctx(tfm); 443 - rctx->mode &= FLAGS_MODE_MASK; 444 - dd->flags = (dd->flags & ~FLAGS_MODE_MASK) | rctx->mode; 445 - 446 - dd->iv = (u8 *)req->info; 447 - dd->ivlen = crypto_ablkcipher_ivsize(tfm); 448 - 449 - /* assign new context to device */ 450 - ctx->dd = dd; 451 - dd->ctx = ctx; 452 - 453 - if (ctx->flags & FLAGS_NEW_KEY) { 454 - /* copy the key */ 455 - memcpy(dd->ivkey_base, ctx->key, ctx->keylen); 456 - memset(dd->ivkey_base + ctx->keylen, 0, AES_HW_KEY_TABLE_LENGTH_BYTES - ctx->keylen); 457 - aes_set_key(dd); 458 - ctx->flags &= ~FLAGS_NEW_KEY; 459 - } 460 - 461 - if (((dd->flags & FLAGS_CBC) || (dd->flags & FLAGS_OFB)) && dd->iv) { 462 - /* set iv to the aes hw slot 463 - * Hw generates updated iv only after iv is set in slot. 464 - * So key and iv is passed asynchronously. 465 - */ 466 - memcpy(dd->buf_in, dd->iv, dd->ivlen); 467 - 468 - ret = aes_start_crypt(dd, (u32)dd->dma_buf_in, 469 - dd->dma_buf_out, 1, FLAGS_CBC, false); 470 - if (ret < 0) { 471 - dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret); 472 - goto out; 473 - } 474 - } 475 - 476 - while (total) { 477 - dev_dbg(dd->dev, "remain: %d\n", total); 478 - ret = dma_map_sg(dd->dev, in_sg, 1, DMA_TO_DEVICE); 479 - if (!ret) { 480 - dev_err(dd->dev, "dma_map_sg() error\n"); 481 - goto out; 482 - } 483 - 484 - ret = dma_map_sg(dd->dev, out_sg, 1, DMA_FROM_DEVICE); 485 - if (!ret) { 486 - dev_err(dd->dev, "dma_map_sg() error\n"); 487 - dma_unmap_sg(dd->dev, dd->in_sg, 488 - 1, DMA_TO_DEVICE); 489 - goto out; 490 - } 491 - 492 - addr_in = sg_dma_address(in_sg); 493 - addr_out = sg_dma_address(out_sg); 494 - dd->flags |= FLAGS_FAST; 495 - count = min_t(int, sg_dma_len(in_sg), dma_max); 496 - WARN_ON(sg_dma_len(in_sg) != sg_dma_len(out_sg)); 497 - nblocks = DIV_ROUND_UP(count, AES_BLOCK_SIZE); 498 - 499 - ret = aes_start_crypt(dd, addr_in, addr_out, nblocks, 500 - dd->flags, true); 501 - 502 - dma_unmap_sg(dd->dev, out_sg, 1, DMA_FROM_DEVICE); 503 - dma_unmap_sg(dd->dev, in_sg, 1, DMA_TO_DEVICE); 504 - 505 - if (ret < 0) { 506 - dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret); 507 - goto out; 508 - } 509 - dd->flags &= ~FLAGS_FAST; 510 - 511 - dev_dbg(dd->dev, "out: copied %d\n", count); 512 - total -= count; 513 - in_sg = sg_next(in_sg); 514 - out_sg = sg_next(out_sg); 515 - WARN_ON(((total != 0) && (!in_sg || !out_sg))); 516 - } 517 - 518 - out: 519 - mutex_unlock(&aes_lock); 520 - 521 - dd->total = total; 522 - 523 - if (dd->req->base.complete) 524 - dd->req->base.complete(&dd->req->base, ret); 525 - 526 - dev_dbg(dd->dev, "%s: exit\n", __func__); 527 - return ret; 528 - } 529 - 530 - static int tegra_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, 531 - unsigned int keylen) 532 - { 533 - struct tegra_aes_ctx *ctx = crypto_ablkcipher_ctx(tfm); 534 - struct tegra_aes_dev *dd = aes_dev; 535 - struct tegra_aes_slot *key_slot; 536 - 537 - if ((keylen != AES_KEYSIZE_128) && (keylen != AES_KEYSIZE_192) && 538 - (keylen != AES_KEYSIZE_256)) { 539 - dev_err(dd->dev, "unsupported key size\n"); 540 - crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); 541 - return -EINVAL; 542 - } 543 - 544 - dev_dbg(dd->dev, "keylen: %d\n", keylen); 545 - 546 - ctx->dd = dd; 547 - 548 - if (key) { 549 - if (!ctx->slot) { 550 - key_slot = aes_find_key_slot(); 551 - if (!key_slot) { 552 - dev_err(dd->dev, "no empty slot\n"); 553 - return -ENOMEM; 554 - } 555 - 556 - ctx->slot = key_slot; 557 - } 558 - 559 - memcpy(ctx->key, key, keylen); 560 - ctx->keylen = keylen; 561 - } 562 - 563 - ctx->flags |= FLAGS_NEW_KEY; 564 - dev_dbg(dd->dev, "done\n"); 565 - return 0; 566 - } 567 - 568 - static void aes_workqueue_handler(struct work_struct *work) 569 - { 570 - struct tegra_aes_dev *dd = aes_dev; 571 - int ret; 572 - 573 - ret = clk_prepare_enable(dd->aes_clk); 574 - if (ret) 575 - BUG_ON("clock enable failed"); 576 - 577 - /* empty the crypto queue and then return */ 578 - do { 579 - ret = tegra_aes_handle_req(dd); 580 - } while (!ret); 581 - 582 - clk_disable_unprepare(dd->aes_clk); 583 - } 584 - 585 - static irqreturn_t aes_irq(int irq, void *dev_id) 586 - { 587 - struct tegra_aes_dev *dd = (struct tegra_aes_dev *)dev_id; 588 - u32 value = aes_readl(dd, TEGRA_AES_INTR_STATUS); 589 - int busy = test_bit(FLAGS_BUSY, &dd->flags); 590 - 591 - if (!busy) { 592 - dev_dbg(dd->dev, "spurious interrupt\n"); 593 - return IRQ_NONE; 594 - } 595 - 596 - dev_dbg(dd->dev, "irq_stat: 0x%x\n", value); 597 - if (value & TEGRA_AES_INT_ERROR_MASK) 598 - aes_writel(dd, TEGRA_AES_INT_ERROR_MASK, TEGRA_AES_INTR_STATUS); 599 - 600 - if (!(value & TEGRA_AES_ENGINE_BUSY_FIELD)) 601 - complete(&dd->op_complete); 602 - else 603 - return IRQ_NONE; 604 - 605 - return IRQ_HANDLED; 606 - } 607 - 608 - static int tegra_aes_crypt(struct ablkcipher_request *req, unsigned long mode) 609 - { 610 - struct tegra_aes_reqctx *rctx = ablkcipher_request_ctx(req); 611 - struct tegra_aes_dev *dd = aes_dev; 612 - unsigned long flags; 613 - int err = 0; 614 - int busy; 615 - 616 - dev_dbg(dd->dev, "nbytes: %d, enc: %d, cbc: %d, ofb: %d\n", 617 - req->nbytes, !!(mode & FLAGS_ENCRYPT), 618 - !!(mode & FLAGS_CBC), !!(mode & FLAGS_OFB)); 619 - 620 - rctx->mode = mode; 621 - 622 - spin_lock_irqsave(&dd->lock, flags); 623 - err = ablkcipher_enqueue_request(&dd->queue, req); 624 - busy = test_and_set_bit(FLAGS_BUSY, &dd->flags); 625 - spin_unlock_irqrestore(&dd->lock, flags); 626 - 627 - if (!busy) 628 - queue_work(aes_wq, &aes_work); 629 - 630 - return err; 631 - } 632 - 633 - static int tegra_aes_ecb_encrypt(struct ablkcipher_request *req) 634 - { 635 - return tegra_aes_crypt(req, FLAGS_ENCRYPT); 636 - } 637 - 638 - static int tegra_aes_ecb_decrypt(struct ablkcipher_request *req) 639 - { 640 - return tegra_aes_crypt(req, 0); 641 - } 642 - 643 - static int tegra_aes_cbc_encrypt(struct ablkcipher_request *req) 644 - { 645 - return tegra_aes_crypt(req, FLAGS_ENCRYPT | FLAGS_CBC); 646 - } 647 - 648 - static int tegra_aes_cbc_decrypt(struct ablkcipher_request *req) 649 - { 650 - return tegra_aes_crypt(req, FLAGS_CBC); 651 - } 652 - 653 - static int tegra_aes_ofb_encrypt(struct ablkcipher_request *req) 654 - { 655 - return tegra_aes_crypt(req, FLAGS_ENCRYPT | FLAGS_OFB); 656 - } 657 - 658 - static int tegra_aes_ofb_decrypt(struct ablkcipher_request *req) 659 - { 660 - return tegra_aes_crypt(req, FLAGS_OFB); 661 - } 662 - 663 - static int tegra_aes_get_random(struct crypto_rng *tfm, u8 *rdata, 664 - unsigned int dlen) 665 - { 666 - struct tegra_aes_dev *dd = aes_dev; 667 - struct tegra_aes_ctx *ctx = &rng_ctx; 668 - int ret, i; 669 - u8 *dest = rdata, *dt = dd->dt; 670 - 671 - /* take mutex to access the aes hw */ 672 - mutex_lock(&aes_lock); 673 - 674 - ret = clk_prepare_enable(dd->aes_clk); 675 - if (ret) { 676 - mutex_unlock(&aes_lock); 677 - return ret; 678 - } 679 - 680 - ctx->dd = dd; 681 - dd->ctx = ctx; 682 - dd->flags = FLAGS_ENCRYPT | FLAGS_RNG; 683 - 684 - memcpy(dd->buf_in, dt, DEFAULT_RNG_BLK_SZ); 685 - 686 - ret = aes_start_crypt(dd, (u32)dd->dma_buf_in, 687 - (u32)dd->dma_buf_out, 1, dd->flags, true); 688 - if (ret < 0) { 689 - dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret); 690 - dlen = ret; 691 - goto out; 692 - } 693 - memcpy(dest, dd->buf_out, dlen); 694 - 695 - /* update the DT */ 696 - for (i = DEFAULT_RNG_BLK_SZ - 1; i >= 0; i--) { 697 - dt[i] += 1; 698 - if (dt[i] != 0) 699 - break; 700 - } 701 - 702 - out: 703 - clk_disable_unprepare(dd->aes_clk); 704 - mutex_unlock(&aes_lock); 705 - 706 - dev_dbg(dd->dev, "%s: done\n", __func__); 707 - return dlen; 708 - } 709 - 710 - static int tegra_aes_rng_reset(struct crypto_rng *tfm, u8 *seed, 711 - unsigned int slen) 712 - { 713 - struct tegra_aes_dev *dd = aes_dev; 714 - struct tegra_aes_ctx *ctx = &rng_ctx; 715 - struct tegra_aes_slot *key_slot; 716 - int ret = 0; 717 - u8 tmp[16]; /* 16 bytes = 128 bits of entropy */ 718 - u8 *dt; 719 - 720 - if (!ctx || !dd) { 721 - pr_err("ctx=0x%x, dd=0x%x\n", 722 - (unsigned int)ctx, (unsigned int)dd); 723 - return -EINVAL; 724 - } 725 - 726 - if (slen < (DEFAULT_RNG_BLK_SZ + AES_KEYSIZE_128)) { 727 - dev_err(dd->dev, "seed size invalid"); 728 - return -ENOMEM; 729 - } 730 - 731 - /* take mutex to access the aes hw */ 732 - mutex_lock(&aes_lock); 733 - 734 - if (!ctx->slot) { 735 - key_slot = aes_find_key_slot(); 736 - if (!key_slot) { 737 - dev_err(dd->dev, "no empty slot\n"); 738 - mutex_unlock(&aes_lock); 739 - return -ENOMEM; 740 - } 741 - ctx->slot = key_slot; 742 - } 743 - 744 - ctx->dd = dd; 745 - dd->ctx = ctx; 746 - dd->ctr = 0; 747 - 748 - ctx->keylen = AES_KEYSIZE_128; 749 - ctx->flags |= FLAGS_NEW_KEY; 750 - 751 - /* copy the key to the key slot */ 752 - memcpy(dd->ivkey_base, seed + DEFAULT_RNG_BLK_SZ, AES_KEYSIZE_128); 753 - memset(dd->ivkey_base + AES_KEYSIZE_128, 0, AES_HW_KEY_TABLE_LENGTH_BYTES - AES_KEYSIZE_128); 754 - 755 - dd->iv = seed; 756 - dd->ivlen = slen; 757 - 758 - dd->flags = FLAGS_ENCRYPT | FLAGS_RNG; 759 - 760 - ret = clk_prepare_enable(dd->aes_clk); 761 - if (ret) { 762 - mutex_unlock(&aes_lock); 763 - return ret; 764 - } 765 - 766 - aes_set_key(dd); 767 - 768 - /* set seed to the aes hw slot */ 769 - memcpy(dd->buf_in, dd->iv, DEFAULT_RNG_BLK_SZ); 770 - ret = aes_start_crypt(dd, (u32)dd->dma_buf_in, 771 - dd->dma_buf_out, 1, FLAGS_CBC, false); 772 - if (ret < 0) { 773 - dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret); 774 - goto out; 775 - } 776 - 777 - if (dd->ivlen >= (2 * DEFAULT_RNG_BLK_SZ + AES_KEYSIZE_128)) { 778 - dt = dd->iv + DEFAULT_RNG_BLK_SZ + AES_KEYSIZE_128; 779 - } else { 780 - get_random_bytes(tmp, sizeof(tmp)); 781 - dt = tmp; 782 - } 783 - memcpy(dd->dt, dt, DEFAULT_RNG_BLK_SZ); 784 - 785 - out: 786 - clk_disable_unprepare(dd->aes_clk); 787 - mutex_unlock(&aes_lock); 788 - 789 - dev_dbg(dd->dev, "%s: done\n", __func__); 790 - return ret; 791 - } 792 - 793 - static int tegra_aes_cra_init(struct crypto_tfm *tfm) 794 - { 795 - tfm->crt_ablkcipher.reqsize = sizeof(struct tegra_aes_reqctx); 796 - 797 - return 0; 798 - } 799 - 800 - static void tegra_aes_cra_exit(struct crypto_tfm *tfm) 801 - { 802 - struct tegra_aes_ctx *ctx = 803 - crypto_ablkcipher_ctx((struct crypto_ablkcipher *)tfm); 804 - 805 - if (ctx && ctx->slot) 806 - aes_release_key_slot(ctx->slot); 807 - } 808 - 809 - static struct crypto_alg algs[] = { 810 - { 811 - .cra_name = "ecb(aes)", 812 - .cra_driver_name = "ecb-aes-tegra", 813 - .cra_priority = 300, 814 - .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, 815 - .cra_blocksize = AES_BLOCK_SIZE, 816 - .cra_alignmask = 3, 817 - .cra_type = &crypto_ablkcipher_type, 818 - .cra_u.ablkcipher = { 819 - .min_keysize = AES_MIN_KEY_SIZE, 820 - .max_keysize = AES_MAX_KEY_SIZE, 821 - .setkey = tegra_aes_setkey, 822 - .encrypt = tegra_aes_ecb_encrypt, 823 - .decrypt = tegra_aes_ecb_decrypt, 824 - }, 825 - }, { 826 - .cra_name = "cbc(aes)", 827 - .cra_driver_name = "cbc-aes-tegra", 828 - .cra_priority = 300, 829 - .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, 830 - .cra_blocksize = AES_BLOCK_SIZE, 831 - .cra_alignmask = 3, 832 - .cra_type = &crypto_ablkcipher_type, 833 - .cra_u.ablkcipher = { 834 - .min_keysize = AES_MIN_KEY_SIZE, 835 - .max_keysize = AES_MAX_KEY_SIZE, 836 - .ivsize = AES_MIN_KEY_SIZE, 837 - .setkey = tegra_aes_setkey, 838 - .encrypt = tegra_aes_cbc_encrypt, 839 - .decrypt = tegra_aes_cbc_decrypt, 840 - } 841 - }, { 842 - .cra_name = "ofb(aes)", 843 - .cra_driver_name = "ofb-aes-tegra", 844 - .cra_priority = 300, 845 - .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, 846 - .cra_blocksize = AES_BLOCK_SIZE, 847 - .cra_alignmask = 3, 848 - .cra_type = &crypto_ablkcipher_type, 849 - .cra_u.ablkcipher = { 850 - .min_keysize = AES_MIN_KEY_SIZE, 851 - .max_keysize = AES_MAX_KEY_SIZE, 852 - .ivsize = AES_MIN_KEY_SIZE, 853 - .setkey = tegra_aes_setkey, 854 - .encrypt = tegra_aes_ofb_encrypt, 855 - .decrypt = tegra_aes_ofb_decrypt, 856 - } 857 - }, { 858 - .cra_name = "ansi_cprng", 859 - .cra_driver_name = "rng-aes-tegra", 860 - .cra_flags = CRYPTO_ALG_TYPE_RNG, 861 - .cra_ctxsize = sizeof(struct tegra_aes_ctx), 862 - .cra_type = &crypto_rng_type, 863 - .cra_u.rng = { 864 - .rng_make_random = tegra_aes_get_random, 865 - .rng_reset = tegra_aes_rng_reset, 866 - .seedsize = AES_KEYSIZE_128 + (2 * DEFAULT_RNG_BLK_SZ), 867 - } 868 - } 869 - }; 870 - 871 - static int tegra_aes_probe(struct platform_device *pdev) 872 - { 873 - struct device *dev = &pdev->dev; 874 - struct tegra_aes_dev *dd; 875 - struct resource *res; 876 - int err = -ENOMEM, i = 0, j; 877 - 878 - dd = devm_kzalloc(dev, sizeof(struct tegra_aes_dev), GFP_KERNEL); 879 - if (dd == NULL) { 880 - dev_err(dev, "unable to alloc data struct.\n"); 881 - return err; 882 - } 883 - 884 - dd->dev = dev; 885 - platform_set_drvdata(pdev, dd); 886 - 887 - dd->slots = devm_kzalloc(dev, sizeof(struct tegra_aes_slot) * 888 - AES_NR_KEYSLOTS, GFP_KERNEL); 889 - if (dd->slots == NULL) { 890 - dev_err(dev, "unable to alloc slot struct.\n"); 891 - goto out; 892 - } 893 - 894 - spin_lock_init(&dd->lock); 895 - crypto_init_queue(&dd->queue, TEGRA_AES_QUEUE_LENGTH); 896 - 897 - /* Get the module base address */ 898 - res = platform_get_resource(pdev, IORESOURCE_MEM, 0); 899 - if (!res) { 900 - dev_err(dev, "invalid resource type: base\n"); 901 - err = -ENODEV; 902 - goto out; 903 - } 904 - 905 - if (!devm_request_mem_region(&pdev->dev, res->start, 906 - resource_size(res), 907 - dev_name(&pdev->dev))) { 908 - dev_err(&pdev->dev, "Couldn't request MEM resource\n"); 909 - return -ENODEV; 910 - } 911 - 912 - dd->io_base = devm_ioremap(dev, res->start, resource_size(res)); 913 - if (!dd->io_base) { 914 - dev_err(dev, "can't ioremap register space\n"); 915 - err = -ENOMEM; 916 - goto out; 917 - } 918 - 919 - /* Initialize the vde clock */ 920 - dd->aes_clk = devm_clk_get(dev, "vde"); 921 - if (IS_ERR(dd->aes_clk)) { 922 - dev_err(dev, "iclock intialization failed.\n"); 923 - err = -ENODEV; 924 - goto out; 925 - } 926 - 927 - err = clk_set_rate(dd->aes_clk, ULONG_MAX); 928 - if (err) { 929 - dev_err(dd->dev, "iclk set_rate fail(%d)\n", err); 930 - goto out; 931 - } 932 - 933 - /* 934 - * the foll contiguous memory is allocated as follows - 935 - * - hardware key table 936 - * - key schedule 937 - */ 938 - dd->ivkey_base = dma_alloc_coherent(dev, AES_HW_KEY_TABLE_LENGTH_BYTES, 939 - &dd->ivkey_phys_base, 940 - GFP_KERNEL); 941 - if (!dd->ivkey_base) { 942 - dev_err(dev, "can not allocate iv/key buffer\n"); 943 - err = -ENOMEM; 944 - goto out; 945 - } 946 - 947 - dd->buf_in = dma_alloc_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, 948 - &dd->dma_buf_in, GFP_KERNEL); 949 - if (!dd->buf_in) { 950 - dev_err(dev, "can not allocate dma-in buffer\n"); 951 - err = -ENOMEM; 952 - goto out; 953 - } 954 - 955 - dd->buf_out = dma_alloc_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, 956 - &dd->dma_buf_out, GFP_KERNEL); 957 - if (!dd->buf_out) { 958 - dev_err(dev, "can not allocate dma-out buffer\n"); 959 - err = -ENOMEM; 960 - goto out; 961 - } 962 - 963 - init_completion(&dd->op_complete); 964 - aes_wq = alloc_workqueue("tegra_aes_wq", WQ_HIGHPRI | WQ_UNBOUND, 1); 965 - if (!aes_wq) { 966 - dev_err(dev, "alloc_workqueue failed\n"); 967 - err = -ENOMEM; 968 - goto out; 969 - } 970 - 971 - /* get the irq */ 972 - res = platform_get_resource(pdev, IORESOURCE_IRQ, 0); 973 - if (!res) { 974 - dev_err(dev, "invalid resource type: base\n"); 975 - err = -ENODEV; 976 - goto out; 977 - } 978 - dd->irq = res->start; 979 - 980 - err = devm_request_irq(dev, dd->irq, aes_irq, IRQF_TRIGGER_HIGH | 981 - IRQF_SHARED, "tegra-aes", dd); 982 - if (err) { 983 - dev_err(dev, "request_irq failed\n"); 984 - goto out; 985 - } 986 - 987 - mutex_init(&aes_lock); 988 - INIT_LIST_HEAD(&dev_list); 989 - 990 - spin_lock_init(&list_lock); 991 - spin_lock(&list_lock); 992 - for (i = 0; i < AES_NR_KEYSLOTS; i++) { 993 - if (i == SSK_SLOT_NUM) 994 - continue; 995 - dd->slots[i].slot_num = i; 996 - INIT_LIST_HEAD(&dd->slots[i].node); 997 - list_add_tail(&dd->slots[i].node, &dev_list); 998 - } 999 - spin_unlock(&list_lock); 1000 - 1001 - aes_dev = dd; 1002 - for (i = 0; i < ARRAY_SIZE(algs); i++) { 1003 - algs[i].cra_priority = 300; 1004 - algs[i].cra_ctxsize = sizeof(struct tegra_aes_ctx); 1005 - algs[i].cra_module = THIS_MODULE; 1006 - algs[i].cra_init = tegra_aes_cra_init; 1007 - algs[i].cra_exit = tegra_aes_cra_exit; 1008 - 1009 - err = crypto_register_alg(&algs[i]); 1010 - if (err) 1011 - goto out; 1012 - } 1013 - 1014 - dev_info(dev, "registered"); 1015 - return 0; 1016 - 1017 - out: 1018 - for (j = 0; j < i; j++) 1019 - crypto_unregister_alg(&algs[j]); 1020 - if (dd->ivkey_base) 1021 - dma_free_coherent(dev, AES_HW_KEY_TABLE_LENGTH_BYTES, 1022 - dd->ivkey_base, dd->ivkey_phys_base); 1023 - if (dd->buf_in) 1024 - dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, 1025 - dd->buf_in, dd->dma_buf_in); 1026 - if (dd->buf_out) 1027 - dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, 1028 - dd->buf_out, dd->dma_buf_out); 1029 - if (aes_wq) 1030 - destroy_workqueue(aes_wq); 1031 - spin_lock(&list_lock); 1032 - list_del(&dev_list); 1033 - spin_unlock(&list_lock); 1034 - 1035 - aes_dev = NULL; 1036 - 1037 - dev_err(dev, "%s: initialization failed.\n", __func__); 1038 - return err; 1039 - } 1040 - 1041 - static int tegra_aes_remove(struct platform_device *pdev) 1042 - { 1043 - struct device *dev = &pdev->dev; 1044 - struct tegra_aes_dev *dd = platform_get_drvdata(pdev); 1045 - int i; 1046 - 1047 - for (i = 0; i < ARRAY_SIZE(algs); i++) 1048 - crypto_unregister_alg(&algs[i]); 1049 - 1050 - cancel_work_sync(&aes_work); 1051 - destroy_workqueue(aes_wq); 1052 - spin_lock(&list_lock); 1053 - list_del(&dev_list); 1054 - spin_unlock(&list_lock); 1055 - 1056 - dma_free_coherent(dev, AES_HW_KEY_TABLE_LENGTH_BYTES, 1057 - dd->ivkey_base, dd->ivkey_phys_base); 1058 - dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, 1059 - dd->buf_in, dd->dma_buf_in); 1060 - dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, 1061 - dd->buf_out, dd->dma_buf_out); 1062 - aes_dev = NULL; 1063 - 1064 - return 0; 1065 - } 1066 - 1067 - static struct of_device_id tegra_aes_of_match[] = { 1068 - { .compatible = "nvidia,tegra20-aes", }, 1069 - { .compatible = "nvidia,tegra30-aes", }, 1070 - { }, 1071 - }; 1072 - 1073 - static struct platform_driver tegra_aes_driver = { 1074 - .probe = tegra_aes_probe, 1075 - .remove = tegra_aes_remove, 1076 - .driver = { 1077 - .name = "tegra-aes", 1078 - .owner = THIS_MODULE, 1079 - .of_match_table = tegra_aes_of_match, 1080 - }, 1081 - }; 1082 - 1083 - module_platform_driver(tegra_aes_driver); 1084 - 1085 - MODULE_DESCRIPTION("Tegra AES/OFB/CPRNG hw acceleration support."); 1086 - MODULE_AUTHOR("NVIDIA Corporation"); 1087 - MODULE_LICENSE("GPL v2");

-103

drivers/crypto/tegra-aes.h

··· 1 - /* 2 - * Copyright (c) 2010, NVIDIA Corporation. 3 - * 4 - * This program is free software; you can redistribute it and/or modify 5 - * it under the terms of the GNU General Public License as published by 6 - * the Free Software Foundation; either version 2 of the License, or 7 - * (at your option) any later version. 8 - * 9 - * This program is distributed in the hope that it will be useful, but WITHOUT 10 - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 12 - * more details. 13 - * 14 - * You should have received a copy of the GNU General Public License along 15 - * with this program; if not, write to the Free Software Foundation, Inc., 16 - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 17 - */ 18 - 19 - #ifndef __CRYPTODEV_TEGRA_AES_H 20 - #define __CRYPTODEV_TEGRA_AES_H 21 - 22 - #define TEGRA_AES_ICMDQUE_WR 0x1000 23 - #define TEGRA_AES_CMDQUE_CONTROL 0x1008 24 - #define TEGRA_AES_INTR_STATUS 0x1018 25 - #define TEGRA_AES_INT_ENB 0x1040 26 - #define TEGRA_AES_CONFIG 0x1044 27 - #define TEGRA_AES_IRAM_ACCESS_CFG 0x10A0 28 - #define TEGRA_AES_SECURE_DEST_ADDR 0x1100 29 - #define TEGRA_AES_SECURE_INPUT_SELECT 0x1104 30 - #define TEGRA_AES_SECURE_CONFIG 0x1108 31 - #define TEGRA_AES_SECURE_CONFIG_EXT 0x110C 32 - #define TEGRA_AES_SECURE_SECURITY 0x1110 33 - #define TEGRA_AES_SECURE_HASH_RESULT0 0x1120 34 - #define TEGRA_AES_SECURE_HASH_RESULT1 0x1124 35 - #define TEGRA_AES_SECURE_HASH_RESULT2 0x1128 36 - #define TEGRA_AES_SECURE_HASH_RESULT3 0x112C 37 - #define TEGRA_AES_SECURE_SEC_SEL0 0x1140 38 - #define TEGRA_AES_SECURE_SEC_SEL1 0x1144 39 - #define TEGRA_AES_SECURE_SEC_SEL2 0x1148 40 - #define TEGRA_AES_SECURE_SEC_SEL3 0x114C 41 - #define TEGRA_AES_SECURE_SEC_SEL4 0x1150 42 - #define TEGRA_AES_SECURE_SEC_SEL5 0x1154 43 - #define TEGRA_AES_SECURE_SEC_SEL6 0x1158 44 - #define TEGRA_AES_SECURE_SEC_SEL7 0x115C 45 - 46 - /* interrupt status reg masks and shifts */ 47 - #define TEGRA_AES_ENGINE_BUSY_FIELD BIT(0) 48 - #define TEGRA_AES_ICQ_EMPTY_FIELD BIT(3) 49 - #define TEGRA_AES_DMA_BUSY_FIELD BIT(23) 50 - 51 - /* secure select reg masks and shifts */ 52 - #define TEGRA_AES_SECURE_SEL0_KEYREAD_ENB0_FIELD BIT(0) 53 - 54 - /* secure config ext masks and shifts */ 55 - #define TEGRA_AES_SECURE_KEY_SCH_DIS_FIELD BIT(15) 56 - 57 - /* secure config masks and shifts */ 58 - #define TEGRA_AES_SECURE_KEY_INDEX_SHIFT 20 59 - #define TEGRA_AES_SECURE_KEY_INDEX_FIELD (0x1F << TEGRA_AES_SECURE_KEY_INDEX_SHIFT) 60 - #define TEGRA_AES_SECURE_BLOCK_CNT_SHIFT 0 61 - #define TEGRA_AES_SECURE_BLOCK_CNT_FIELD (0xFFFFF << TEGRA_AES_SECURE_BLOCK_CNT_SHIFT) 62 - 63 - /* stream interface select masks and shifts */ 64 - #define TEGRA_AES_CMDQ_CTRL_UCMDQEN_FIELD BIT(0) 65 - #define TEGRA_AES_CMDQ_CTRL_ICMDQEN_FIELD BIT(1) 66 - #define TEGRA_AES_CMDQ_CTRL_SRC_STM_SEL_FIELD BIT(4) 67 - #define TEGRA_AES_CMDQ_CTRL_DST_STM_SEL_FIELD BIT(5) 68 - 69 - /* config register masks and shifts */ 70 - #define TEGRA_AES_CONFIG_ENDIAN_ENB_FIELD BIT(10) 71 - #define TEGRA_AES_CONFIG_MODE_SEL_SHIFT 0 72 - #define TEGRA_AES_CONFIG_MODE_SEL_FIELD (0x1F << TEGRA_AES_CONFIG_MODE_SEL_SHIFT) 73 - 74 - /* extended config */ 75 - #define TEGRA_AES_SECURE_OFFSET_CNT_SHIFT 24 76 - #define TEGRA_AES_SECURE_OFFSET_CNT_FIELD (0xFF << TEGRA_AES_SECURE_OFFSET_CNT_SHIFT) 77 - #define TEGRA_AES_SECURE_KEYSCHED_GEN_FIELD BIT(15) 78 - 79 - /* init vector select */ 80 - #define TEGRA_AES_SECURE_IV_SELECT_SHIFT 10 81 - #define TEGRA_AES_SECURE_IV_SELECT_FIELD BIT(10) 82 - 83 - /* secure engine input */ 84 - #define TEGRA_AES_SECURE_INPUT_ALG_SEL_SHIFT 28 85 - #define TEGRA_AES_SECURE_INPUT_ALG_SEL_FIELD (0xF << TEGRA_AES_SECURE_INPUT_ALG_SEL_SHIFT) 86 - #define TEGRA_AES_SECURE_INPUT_KEY_LEN_SHIFT 16 87 - #define TEGRA_AES_SECURE_INPUT_KEY_LEN_FIELD (0xFFF << TEGRA_AES_SECURE_INPUT_KEY_LEN_SHIFT) 88 - #define TEGRA_AES_SECURE_RNG_ENB_FIELD BIT(11) 89 - #define TEGRA_AES_SECURE_CORE_SEL_SHIFT 9 90 - #define TEGRA_AES_SECURE_CORE_SEL_FIELD BIT(9) 91 - #define TEGRA_AES_SECURE_VCTRAM_SEL_SHIFT 7 92 - #define TEGRA_AES_SECURE_VCTRAM_SEL_FIELD (0x3 << TEGRA_AES_SECURE_VCTRAM_SEL_SHIFT) 93 - #define TEGRA_AES_SECURE_INPUT_SEL_SHIFT 5 94 - #define TEGRA_AES_SECURE_INPUT_SEL_FIELD (0x3 << TEGRA_AES_SECURE_INPUT_SEL_SHIFT) 95 - #define TEGRA_AES_SECURE_XOR_POS_SHIFT 3 96 - #define TEGRA_AES_SECURE_XOR_POS_FIELD (0x3 << TEGRA_AES_SECURE_XOR_POS_SHIFT) 97 - #define TEGRA_AES_SECURE_HASH_ENB_FIELD BIT(2) 98 - #define TEGRA_AES_SECURE_ON_THE_FLY_FIELD BIT(0) 99 - 100 - /* interrupt error mask */ 101 - #define TEGRA_AES_INT_ERROR_MASK 0xFFF000 102 - 103 - #endif

+8 -1

include/crypto/algapi.h

··· 100 100 void *page; 101 101 u8 *buffer; 102 102 u8 *iv; 103 + unsigned int ivsize; 103 104 104 105 int flags; 105 - unsigned int blocksize; 106 + unsigned int walk_blocksize; 107 + unsigned int cipher_blocksize; 108 + unsigned int alignmask; 106 109 }; 107 110 108 111 struct ablkcipher_walk { ··· 195 192 int blkcipher_walk_virt_block(struct blkcipher_desc *desc, 196 193 struct blkcipher_walk *walk, 197 194 unsigned int blocksize); 195 + int blkcipher_aead_walk_virt_block(struct blkcipher_desc *desc, 196 + struct blkcipher_walk *walk, 197 + struct crypto_aead *tfm, 198 + unsigned int blocksize); 198 199 199 200 int ablkcipher_walk_done(struct ablkcipher_request *req, 200 201 struct ablkcipher_walk *walk, int err);

+11

include/crypto/null.h

··· 1 + /* Values for NULL algorithms */ 2 + 3 + #ifndef _CRYPTO_NULL_H 4 + #define _CRYPTO_NULL_H 5 + 6 + #define NULL_KEY_SIZE 0 7 + #define NULL_BLOCK_SIZE 1 8 + #define NULL_DIGEST_SIZE 0 9 + #define NULL_IV_SIZE 0 10 + 11 + #endif

+7

include/linux/ccp.h

··· 232 232 * @ctx_len: length in bytes of hash value 233 233 * @src: data to be used for this operation 234 234 * @src_len: length in bytes of data used for this operation 235 + * @opad: data to be used for final HMAC operation 236 + * @opad_len: length in bytes of data used for final HMAC operation 237 + * @first: indicates first SHA operation 235 238 * @final: indicates final SHA operation 236 239 * @msg_bits: total length of the message in bits used in final SHA operation 237 240 * ··· 254 251 struct scatterlist *src; 255 252 u64 src_len; /* In bytes */ 256 253 254 + struct scatterlist *opad; 255 + u32 opad_len; /* In bytes */ 256 + 257 + u32 first; /* Indicates first sha cmd */ 257 258 u32 final; /* Indicates final sha cmd */ 258 259 u64 msg_bits; /* Message length in bits required for 259 260 * final sha cmd */