crypto: atmel-ecc - factor out code that can be shared

+4

drivers/crypto/Kconfig

··· 519 519 To compile this driver as a module, choose M here: the module 520 520 will be called atmel-sha. 521 521 522 + config CRYPTO_DEV_ATMEL_I2C 523 + tristate 524 + 522 525 config CRYPTO_DEV_ATMEL_ECC 523 526 tristate "Support for Microchip / Atmel ECC hw accelerator" 524 527 depends on I2C 528 + select CRYPTO_DEV_ATMEL_I2C 525 529 select CRYPTO_ECDH 526 530 select CRC16 527 531 help

+1

drivers/crypto/Makefile

··· 2 2 obj-$(CONFIG_CRYPTO_DEV_ATMEL_AES) += atmel-aes.o 3 3 obj-$(CONFIG_CRYPTO_DEV_ATMEL_SHA) += atmel-sha.o 4 4 obj-$(CONFIG_CRYPTO_DEV_ATMEL_TDES) += atmel-tdes.o 5 + obj-$(CONFIG_CRYPTO_DEV_ATMEL_I2C) += atmel-i2c.o 5 6 obj-$(CONFIG_CRYPTO_DEV_ATMEL_ECC) += atmel-ecc.o 6 7 obj-$(CONFIG_CRYPTO_DEV_CAVIUM_ZIP) += cavium/ 7 8 obj-$(CONFIG_CRYPTO_DEV_CCP) += ccp/

+22 -384

drivers/crypto/atmel-ecc.c

··· 6 6 * Author: Tudor Ambarus <tudor.ambarus@microchip.com> 7 7 */ 8 8 9 - #include <linux/bitrev.h> 10 - #include <linux/crc16.h> 11 9 #include <linux/delay.h> 12 10 #include <linux/device.h> 13 11 #include <linux/err.h> ··· 21 23 #include <crypto/internal/kpp.h> 22 24 #include <crypto/ecdh.h> 23 25 #include <crypto/kpp.h> 24 - #include "atmel-ecc.h" 25 - 26 - /* Used for binding tfm objects to i2c clients. */ 27 - struct atmel_ecc_driver_data { 28 - struct list_head i2c_client_list; 29 - spinlock_t i2c_list_lock; 30 - } ____cacheline_aligned; 26 + #include "atmel-i2c.h" 31 27 32 28 static struct atmel_ecc_driver_data driver_data; 33 - 34 - /** 35 - * atmel_ecc_i2c_client_priv - i2c_client private data 36 - * @client : pointer to i2c client device 37 - * @i2c_client_list_node: part of i2c_client_list 38 - * @lock : lock for sending i2c commands 39 - * @wake_token : wake token array of zeros 40 - * @wake_token_sz : size in bytes of the wake_token 41 - * @tfm_count : number of active crypto transformations on i2c client 42 - * 43 - * Reads and writes from/to the i2c client are sequential. The first byte 44 - * transmitted to the device is treated as the byte size. Any attempt to send 45 - * more than this number of bytes will cause the device to not ACK those bytes. 46 - * After the host writes a single command byte to the input buffer, reads are 47 - * prohibited until after the device completes command execution. Use a mutex 48 - * when sending i2c commands. 49 - */ 50 - struct atmel_ecc_i2c_client_priv { 51 - struct i2c_client *client; 52 - struct list_head i2c_client_list_node; 53 - struct mutex lock; 54 - u8 wake_token[WAKE_TOKEN_MAX_SIZE]; 55 - size_t wake_token_sz; 56 - atomic_t tfm_count ____cacheline_aligned; 57 - }; 58 29 59 30 /** 60 31 * atmel_ecdh_ctx - transformation context ··· 47 80 bool do_fallback; 48 81 }; 49 82 50 - /** 51 - * atmel_ecc_work_data - data structure representing the work 52 - * @ctx : transformation context. 53 - * @cbk : pointer to a callback function to be invoked upon completion of this 54 - * request. This has the form: 55 - * callback(struct atmel_ecc_work_data *work_data, void *areq, u8 status) 56 - * where: 57 - * @work_data: data structure representing the work 58 - * @areq : optional pointer to an argument passed with the original 59 - * request. 60 - * @status : status returned from the i2c client device or i2c error. 61 - * @areq: optional pointer to a user argument for use at callback time. 62 - * @work: describes the task to be executed. 63 - * @cmd : structure used for communicating with the device. 64 - */ 65 - struct atmel_ecc_work_data { 66 - struct atmel_ecdh_ctx *ctx; 67 - void (*cbk)(struct atmel_ecc_work_data *work_data, void *areq, 68 - int status); 69 - void *areq; 70 - struct work_struct work; 71 - struct atmel_ecc_cmd cmd; 72 - }; 73 - 74 - static u16 atmel_ecc_crc16(u16 crc, const u8 *buffer, size_t len) 75 - { 76 - return cpu_to_le16(bitrev16(crc16(crc, buffer, len))); 77 - } 78 - 79 - /** 80 - * atmel_ecc_checksum() - Generate 16-bit CRC as required by ATMEL ECC. 81 - * CRC16 verification of the count, opcode, param1, param2 and data bytes. 82 - * The checksum is saved in little-endian format in the least significant 83 - * two bytes of the command. CRC polynomial is 0x8005 and the initial register 84 - * value should be zero. 85 - * 86 - * @cmd : structure used for communicating with the device. 87 - */ 88 - static void atmel_ecc_checksum(struct atmel_ecc_cmd *cmd) 89 - { 90 - u8 *data = &cmd->count; 91 - size_t len = cmd->count - CRC_SIZE; 92 - u16 *crc16 = (u16 *)(data + len); 93 - 94 - *crc16 = atmel_ecc_crc16(0, data, len); 95 - } 96 - 97 - static void atmel_ecc_init_read_cmd(struct atmel_ecc_cmd *cmd) 98 - { 99 - cmd->word_addr = COMMAND; 100 - cmd->opcode = OPCODE_READ; 101 - /* 102 - * Read the word from Configuration zone that contains the lock bytes 103 - * (UserExtra, Selector, LockValue, LockConfig). 104 - */ 105 - cmd->param1 = CONFIG_ZONE; 106 - cmd->param2 = DEVICE_LOCK_ADDR; 107 - cmd->count = READ_COUNT; 108 - 109 - atmel_ecc_checksum(cmd); 110 - 111 - cmd->msecs = MAX_EXEC_TIME_READ; 112 - cmd->rxsize = READ_RSP_SIZE; 113 - } 114 - 115 - static void atmel_ecc_init_genkey_cmd(struct atmel_ecc_cmd *cmd, u16 keyid) 116 - { 117 - cmd->word_addr = COMMAND; 118 - cmd->count = GENKEY_COUNT; 119 - cmd->opcode = OPCODE_GENKEY; 120 - cmd->param1 = GENKEY_MODE_PRIVATE; 121 - /* a random private key will be generated and stored in slot keyID */ 122 - cmd->param2 = cpu_to_le16(keyid); 123 - 124 - atmel_ecc_checksum(cmd); 125 - 126 - cmd->msecs = MAX_EXEC_TIME_GENKEY; 127 - cmd->rxsize = GENKEY_RSP_SIZE; 128 - } 129 - 130 - static int atmel_ecc_init_ecdh_cmd(struct atmel_ecc_cmd *cmd, 131 - struct scatterlist *pubkey) 132 - { 133 - size_t copied; 134 - 135 - cmd->word_addr = COMMAND; 136 - cmd->count = ECDH_COUNT; 137 - cmd->opcode = OPCODE_ECDH; 138 - cmd->param1 = ECDH_PREFIX_MODE; 139 - /* private key slot */ 140 - cmd->param2 = cpu_to_le16(DATA_SLOT_2); 141 - 142 - /* 143 - * The device only supports NIST P256 ECC keys. The public key size will 144 - * always be the same. Use a macro for the key size to avoid unnecessary 145 - * computations. 146 - */ 147 - copied = sg_copy_to_buffer(pubkey, 148 - sg_nents_for_len(pubkey, 149 - ATMEL_ECC_PUBKEY_SIZE), 150 - cmd->data, ATMEL_ECC_PUBKEY_SIZE); 151 - if (copied != ATMEL_ECC_PUBKEY_SIZE) 152 - return -EINVAL; 153 - 154 - atmel_ecc_checksum(cmd); 155 - 156 - cmd->msecs = MAX_EXEC_TIME_ECDH; 157 - cmd->rxsize = ECDH_RSP_SIZE; 158 - 159 - return 0; 160 - } 161 - 162 - /* 163 - * After wake and after execution of a command, there will be error, status, or 164 - * result bytes in the device's output register that can be retrieved by the 165 - * system. When the length of that group is four bytes, the codes returned are 166 - * detailed in error_list. 167 - */ 168 - static int atmel_ecc_status(struct device *dev, u8 *status) 169 - { 170 - size_t err_list_len = ARRAY_SIZE(error_list); 171 - int i; 172 - u8 err_id = status[1]; 173 - 174 - if (*status != STATUS_SIZE) 175 - return 0; 176 - 177 - if (err_id == STATUS_WAKE_SUCCESSFUL || err_id == STATUS_NOERR) 178 - return 0; 179 - 180 - for (i = 0; i < err_list_len; i++) 181 - if (error_list[i].value == err_id) 182 - break; 183 - 184 - /* if err_id is not in the error_list then ignore it */ 185 - if (i != err_list_len) { 186 - dev_err(dev, "%02x: %s:\n", err_id, error_list[i].error_text); 187 - return err_id; 188 - } 189 - 190 - return 0; 191 - } 192 - 193 - static int atmel_ecc_wakeup(struct i2c_client *client) 194 - { 195 - struct atmel_ecc_i2c_client_priv *i2c_priv = i2c_get_clientdata(client); 196 - u8 status[STATUS_RSP_SIZE]; 197 - int ret; 198 - 199 - /* 200 - * The device ignores any levels or transitions on the SCL pin when the 201 - * device is idle, asleep or during waking up. Don't check for error 202 - * when waking up the device. 203 - */ 204 - i2c_master_send(client, i2c_priv->wake_token, i2c_priv->wake_token_sz); 205 - 206 - /* 207 - * Wait to wake the device. Typical execution times for ecdh and genkey 208 - * are around tens of milliseconds. Delta is chosen to 50 microseconds. 209 - */ 210 - usleep_range(TWHI_MIN, TWHI_MAX); 211 - 212 - ret = i2c_master_recv(client, status, STATUS_SIZE); 213 - if (ret < 0) 214 - return ret; 215 - 216 - return atmel_ecc_status(&client->dev, status); 217 - } 218 - 219 - static int atmel_ecc_sleep(struct i2c_client *client) 220 - { 221 - u8 sleep = SLEEP_TOKEN; 222 - 223 - return i2c_master_send(client, &sleep, 1); 224 - } 225 - 226 - static void atmel_ecdh_done(struct atmel_ecc_work_data *work_data, void *areq, 83 + static void atmel_ecdh_done(struct atmel_i2c_work_data *work_data, void *areq, 227 84 int status) 228 85 { 229 86 struct kpp_request *req = areq; 230 87 struct atmel_ecdh_ctx *ctx = work_data->ctx; 231 - struct atmel_ecc_cmd *cmd = &work_data->cmd; 88 + struct atmel_i2c_cmd *cmd = &work_data->cmd; 232 89 size_t copied, n_sz; 233 90 234 91 if (status) ··· 73 282 kpp_request_complete(req, status); 74 283 } 75 284 76 - /* 77 - * atmel_ecc_send_receive() - send a command to the device and receive its 78 - * response. 79 - * @client: i2c client device 80 - * @cmd : structure used to communicate with the device 81 - * 82 - * After the device receives a Wake token, a watchdog counter starts within the 83 - * device. After the watchdog timer expires, the device enters sleep mode 84 - * regardless of whether some I/O transmission or command execution is in 85 - * progress. If a command is attempted when insufficient time remains prior to 86 - * watchdog timer execution, the device will return the watchdog timeout error 87 - * code without attempting to execute the command. There is no way to reset the 88 - * counter other than to put the device into sleep or idle mode and then 89 - * wake it up again. 90 - */ 91 - static int atmel_ecc_send_receive(struct i2c_client *client, 92 - struct atmel_ecc_cmd *cmd) 93 - { 94 - struct atmel_ecc_i2c_client_priv *i2c_priv = i2c_get_clientdata(client); 95 - int ret; 96 - 97 - mutex_lock(&i2c_priv->lock); 98 - 99 - ret = atmel_ecc_wakeup(client); 100 - if (ret) 101 - goto err; 102 - 103 - /* send the command */ 104 - ret = i2c_master_send(client, (u8 *)cmd, cmd->count + WORD_ADDR_SIZE); 105 - if (ret < 0) 106 - goto err; 107 - 108 - /* delay the appropriate amount of time for command to execute */ 109 - msleep(cmd->msecs); 110 - 111 - /* receive the response */ 112 - ret = i2c_master_recv(client, cmd->data, cmd->rxsize); 113 - if (ret < 0) 114 - goto err; 115 - 116 - /* put the device into low-power mode */ 117 - ret = atmel_ecc_sleep(client); 118 - if (ret < 0) 119 - goto err; 120 - 121 - mutex_unlock(&i2c_priv->lock); 122 - return atmel_ecc_status(&client->dev, cmd->data); 123 - err: 124 - mutex_unlock(&i2c_priv->lock); 125 - return ret; 126 - } 127 - 128 - static void atmel_ecc_work_handler(struct work_struct *work) 129 - { 130 - struct atmel_ecc_work_data *work_data = 131 - container_of(work, struct atmel_ecc_work_data, work); 132 - struct atmel_ecc_cmd *cmd = &work_data->cmd; 133 - struct i2c_client *client = work_data->ctx->client; 134 - int status; 135 - 136 - status = atmel_ecc_send_receive(client, cmd); 137 - work_data->cbk(work_data, work_data->areq, status); 138 - } 139 - 140 - static void atmel_ecc_enqueue(struct atmel_ecc_work_data *work_data, 141 - void (*cbk)(struct atmel_ecc_work_data *work_data, 142 - void *areq, int status), 143 - void *areq) 144 - { 145 - work_data->cbk = (void *)cbk; 146 - work_data->areq = areq; 147 - 148 - INIT_WORK(&work_data->work, atmel_ecc_work_handler); 149 - schedule_work(&work_data->work); 150 - } 151 - 152 285 static unsigned int atmel_ecdh_supported_curve(unsigned int curve_id) 153 286 { 154 287 if (curve_id == ECC_CURVE_NIST_P256) ··· 89 374 unsigned int len) 90 375 { 91 376 struct atmel_ecdh_ctx *ctx = kpp_tfm_ctx(tfm); 92 - struct atmel_ecc_cmd *cmd; 377 + struct atmel_i2c_cmd *cmd; 93 378 void *public_key; 94 379 struct ecdh params; 95 380 int ret = -ENOMEM; ··· 127 412 ctx->do_fallback = false; 128 413 ctx->curve_id = params.curve_id; 129 414 130 - atmel_ecc_init_genkey_cmd(cmd, DATA_SLOT_2); 415 + atmel_i2c_init_genkey_cmd(cmd, DATA_SLOT_2); 131 416 132 - ret = atmel_ecc_send_receive(ctx->client, cmd); 417 + ret = atmel_i2c_send_receive(ctx->client, cmd); 133 418 if (ret) 134 419 goto free_public_key; 135 420 ··· 159 444 return crypto_kpp_generate_public_key(req); 160 445 } 161 446 447 + if (!ctx->public_key) 448 + return -EINVAL; 449 + 162 450 /* might want less than we've got */ 163 451 nbytes = min_t(size_t, ATMEL_ECC_PUBKEY_SIZE, req->dst_len); 164 452 ··· 179 461 { 180 462 struct crypto_kpp *tfm = crypto_kpp_reqtfm(req); 181 463 struct atmel_ecdh_ctx *ctx = kpp_tfm_ctx(tfm); 182 - struct atmel_ecc_work_data *work_data; 464 + struct atmel_i2c_work_data *work_data; 183 465 gfp_t gfp; 184 466 int ret; 185 467 ··· 200 482 return -ENOMEM; 201 483 202 484 work_data->ctx = ctx; 485 + work_data->client = ctx->client; 203 486 204 - ret = atmel_ecc_init_ecdh_cmd(&work_data->cmd, req->src); 487 + ret = atmel_i2c_init_ecdh_cmd(&work_data->cmd, req->src); 205 488 if (ret) 206 489 goto free_work_data; 207 490 208 - atmel_ecc_enqueue(work_data, atmel_ecdh_done, req); 491 + atmel_i2c_enqueue(work_data, atmel_ecdh_done, req); 209 492 210 493 return -EINPROGRESS; 211 494 ··· 217 498 218 499 static struct i2c_client *atmel_ecc_i2c_client_alloc(void) 219 500 { 220 - struct atmel_ecc_i2c_client_priv *i2c_priv, *min_i2c_priv = NULL; 501 + struct atmel_i2c_client_priv *i2c_priv, *min_i2c_priv = NULL; 221 502 struct i2c_client *client = ERR_PTR(-ENODEV); 222 503 int min_tfm_cnt = INT_MAX; 223 504 int tfm_cnt; ··· 252 533 253 534 static void atmel_ecc_i2c_client_free(struct i2c_client *client) 254 535 { 255 - struct atmel_ecc_i2c_client_priv *i2c_priv = i2c_get_clientdata(client); 536 + struct atmel_i2c_client_priv *i2c_priv = i2c_get_clientdata(client); 256 537 257 538 atomic_dec(&i2c_priv->tfm_count); 258 539 } ··· 323 604 }, 324 605 }; 325 606 326 - static inline size_t atmel_ecc_wake_token_sz(u32 bus_clk_rate) 327 - { 328 - u32 no_of_bits = DIV_ROUND_UP(TWLO_USEC * bus_clk_rate, USEC_PER_SEC); 329 - 330 - /* return the size of the wake_token in bytes */ 331 - return DIV_ROUND_UP(no_of_bits, 8); 332 - } 333 - 334 - static int device_sanity_check(struct i2c_client *client) 335 - { 336 - struct atmel_ecc_cmd *cmd; 337 - int ret; 338 - 339 - cmd = kmalloc(sizeof(*cmd), GFP_KERNEL); 340 - if (!cmd) 341 - return -ENOMEM; 342 - 343 - atmel_ecc_init_read_cmd(cmd); 344 - 345 - ret = atmel_ecc_send_receive(client, cmd); 346 - if (ret) 347 - goto free_cmd; 348 - 349 - /* 350 - * It is vital that the Configuration, Data and OTP zones be locked 351 - * prior to release into the field of the system containing the device. 352 - * Failure to lock these zones may permit modification of any secret 353 - * keys and may lead to other security problems. 354 - */ 355 - if (cmd->data[LOCK_CONFIG_IDX] || cmd->data[LOCK_VALUE_IDX]) { 356 - dev_err(&client->dev, "Configuration or Data and OTP zones are unlocked!\n"); 357 - ret = -ENOTSUPP; 358 - } 359 - 360 - /* fall through */ 361 - free_cmd: 362 - kfree(cmd); 363 - return ret; 364 - } 365 - 366 607 static int atmel_ecc_probe(struct i2c_client *client, 367 608 const struct i2c_device_id *id) 368 609 { 369 - struct atmel_ecc_i2c_client_priv *i2c_priv; 370 - struct device *dev = &client->dev; 610 + struct atmel_i2c_client_priv *i2c_priv; 371 611 int ret; 372 - u32 bus_clk_rate; 373 612 374 - if (!i2c_check_functionality(client->adapter, I2C_FUNC_I2C)) { 375 - dev_err(dev, "I2C_FUNC_I2C not supported\n"); 376 - return -ENODEV; 377 - } 378 - 379 - clk_rate = i2c_acpi_find_bus_speed(&client->adapter->dev); 380 - if (!clk_rate) { 381 - ret = device_property_read_u32(&client->adapter->dev, 382 - "clock-frequency", &bus_clk_rate); 383 - if (ret) { 384 - dev_err(dev, "failed to read clock-frequency property\n"); 385 - return ret; 386 - } 387 - } 388 - 389 - if (bus_clk_rate > 1000000L) { 390 - dev_err(dev, "%d exceeds maximum supported clock frequency (1MHz)\n", 391 - bus_clk_rate); 392 - return -EINVAL; 393 - } 394 - 395 - i2c_priv = devm_kmalloc(dev, sizeof(*i2c_priv), GFP_KERNEL); 396 - if (!i2c_priv) 397 - return -ENOMEM; 398 - 399 - i2c_priv->client = client; 400 - mutex_init(&i2c_priv->lock); 401 - 402 - /* 403 - * WAKE_TOKEN_MAX_SIZE was calculated for the maximum bus_clk_rate - 404 - * 1MHz. The previous bus_clk_rate check ensures us that wake_token_sz 405 - * will always be smaller than or equal to WAKE_TOKEN_MAX_SIZE. 406 - */ 407 - i2c_priv->wake_token_sz = atmel_ecc_wake_token_sz(bus_clk_rate); 408 - 409 - memset(i2c_priv->wake_token, 0, sizeof(i2c_priv->wake_token)); 410 - 411 - atomic_set(&i2c_priv->tfm_count, 0); 412 - 413 - i2c_set_clientdata(client, i2c_priv); 414 - 415 - ret = device_sanity_check(client); 613 + ret = atmel_i2c_probe(client, id); 416 614 if (ret) 417 615 return ret; 616 + 617 + i2c_priv = i2c_get_clientdata(client); 418 618 419 619 spin_lock(&driver_data.i2c_list_lock); 420 620 list_add_tail(&i2c_priv->i2c_client_list_node, ··· 346 708 list_del(&i2c_priv->i2c_client_list_node); 347 709 spin_unlock(&driver_data.i2c_list_lock); 348 710 349 - dev_err(dev, "%s alg registration failed\n", 711 + dev_err(&client->dev, "%s alg registration failed\n", 350 712 atmel_ecdh.base.cra_driver_name); 351 713 } else { 352 - dev_info(dev, "atmel ecc algorithms registered in /proc/crypto\n"); 714 + dev_info(&client->dev, "atmel ecc algorithms registered in /proc/crypto\n"); 353 715 } 354 716 355 717 return ret; ··· 357 719 358 720 static int atmel_ecc_remove(struct i2c_client *client) 359 721 { 360 - struct atmel_ecc_i2c_client_priv *i2c_priv = i2c_get_clientdata(client); 722 + struct atmel_i2c_client_priv *i2c_priv = i2c_get_clientdata(client); 361 723 362 724 /* Return EBUSY if i2c client already allocated. */ 363 725 if (atomic_read(&i2c_priv->tfm_count)) {

+75 -5

drivers/crypto/atmel-ecc.h drivers/crypto/atmel-i2c.h

··· 4 4 * Author: Tudor Ambarus <tudor.ambarus@microchip.com> 5 5 */ 6 6 7 - #ifndef __ATMEL_ECC_H__ 8 - #define __ATMEL_ECC_H__ 7 + #ifndef __ATMEL_I2C_H__ 8 + #define __ATMEL_I2C_H__ 9 9 10 10 #define ATMEL_ECC_PRIORITY 300 11 11 ··· 31 31 #define MAX_RSP_SIZE GENKEY_RSP_SIZE 32 32 33 33 /** 34 - * atmel_ecc_cmd - structure used for communicating with the device. 34 + * atmel_i2c_cmd - structure used for communicating with the device. 35 35 * @word_addr: indicates the function of the packet sent to the device. This 36 36 * byte should have a value of COMMAND for normal operation. 37 37 * @count : number of bytes to be transferred to (or from) the device. ··· 42 42 * @rxsize : size of the data received from i2c client. 43 43 * @msecs : command execution time in milliseconds 44 44 */ 45 - struct atmel_ecc_cmd { 45 + struct atmel_i2c_cmd { 46 46 u8 word_addr; 47 47 u8 count; 48 48 u8 opcode; ··· 113 113 #define ECDH_COUNT 71 114 114 #define ECDH_PREFIX_MODE 0x00 115 115 116 - #endif /* __ATMEL_ECC_H__ */ 116 + /* Used for binding tfm objects to i2c clients. */ 117 + struct atmel_ecc_driver_data { 118 + struct list_head i2c_client_list; 119 + spinlock_t i2c_list_lock; 120 + } ____cacheline_aligned; 121 + 122 + /** 123 + * atmel_i2c_client_priv - i2c_client private data 124 + * @client : pointer to i2c client device 125 + * @i2c_client_list_node: part of i2c_client_list 126 + * @lock : lock for sending i2c commands 127 + * @wake_token : wake token array of zeros 128 + * @wake_token_sz : size in bytes of the wake_token 129 + * @tfm_count : number of active crypto transformations on i2c client 130 + * 131 + * Reads and writes from/to the i2c client are sequential. The first byte 132 + * transmitted to the device is treated as the byte size. Any attempt to send 133 + * more than this number of bytes will cause the device to not ACK those bytes. 134 + * After the host writes a single command byte to the input buffer, reads are 135 + * prohibited until after the device completes command execution. Use a mutex 136 + * when sending i2c commands. 137 + */ 138 + struct atmel_i2c_client_priv { 139 + struct i2c_client *client; 140 + struct list_head i2c_client_list_node; 141 + struct mutex lock; 142 + u8 wake_token[WAKE_TOKEN_MAX_SIZE]; 143 + size_t wake_token_sz; 144 + atomic_t tfm_count ____cacheline_aligned; 145 + }; 146 + 147 + /** 148 + * atmel_i2c_work_data - data structure representing the work 149 + * @ctx : transformation context. 150 + * @cbk : pointer to a callback function to be invoked upon completion of this 151 + * request. This has the form: 152 + * callback(struct atmel_i2c_work_data *work_data, void *areq, u8 status) 153 + * where: 154 + * @work_data: data structure representing the work 155 + * @areq : optional pointer to an argument passed with the original 156 + * request. 157 + * @status : status returned from the i2c client device or i2c error. 158 + * @areq: optional pointer to a user argument for use at callback time. 159 + * @work: describes the task to be executed. 160 + * @cmd : structure used for communicating with the device. 161 + */ 162 + struct atmel_i2c_work_data { 163 + void *ctx; 164 + struct i2c_client *client; 165 + void (*cbk)(struct atmel_i2c_work_data *work_data, void *areq, 166 + int status); 167 + void *areq; 168 + struct work_struct work; 169 + struct atmel_i2c_cmd cmd; 170 + }; 171 + 172 + int atmel_i2c_probe(struct i2c_client *client, const struct i2c_device_id *id); 173 + 174 + void atmel_i2c_enqueue(struct atmel_i2c_work_data *work_data, 175 + void (*cbk)(struct atmel_i2c_work_data *work_data, 176 + void *areq, int status), 177 + void *areq); 178 + 179 + int atmel_i2c_send_receive(struct i2c_client *client, struct atmel_i2c_cmd *cmd); 180 + 181 + void atmel_i2c_init_read_cmd(struct atmel_i2c_cmd *cmd); 182 + void atmel_i2c_init_genkey_cmd(struct atmel_i2c_cmd *cmd, u16 keyid); 183 + int atmel_i2c_init_ecdh_cmd(struct atmel_i2c_cmd *cmd, 184 + struct scatterlist *pubkey); 185 + 186 + #endif /* __ATMEL_I2C_H__ */

+349

drivers/crypto/atmel-i2c.c

··· 1 + // SPDX-License-Identifier: GPL-2.0 2 + /* 3 + * Microchip / Atmel ECC (I2C) driver. 4 + * 5 + * Copyright (c) 2017, Microchip Technology Inc. 6 + * Author: Tudor Ambarus <tudor.ambarus@microchip.com> 7 + */ 8 + 9 + #include <linux/bitrev.h> 10 + #include <linux/crc16.h> 11 + #include <linux/delay.h> 12 + #include <linux/device.h> 13 + #include <linux/err.h> 14 + #include <linux/errno.h> 15 + #include <linux/i2c.h> 16 + #include <linux/init.h> 17 + #include <linux/kernel.h> 18 + #include <linux/module.h> 19 + #include <linux/scatterlist.h> 20 + #include <linux/slab.h> 21 + #include <linux/workqueue.h> 22 + #include "atmel-i2c.h" 23 + 24 + /** 25 + * atmel_i2c_checksum() - Generate 16-bit CRC as required by ATMEL ECC. 26 + * CRC16 verification of the count, opcode, param1, param2 and data bytes. 27 + * The checksum is saved in little-endian format in the least significant 28 + * two bytes of the command. CRC polynomial is 0x8005 and the initial register 29 + * value should be zero. 30 + * 31 + * @cmd : structure used for communicating with the device. 32 + */ 33 + static void atmel_i2c_checksum(struct atmel_i2c_cmd *cmd) 34 + { 35 + u8 *data = &cmd->count; 36 + size_t len = cmd->count - CRC_SIZE; 37 + u16 *__crc16 = (u16 *)(data + len); 38 + 39 + *__crc16 = cpu_to_le16(bitrev16(crc16(0, data, len))); 40 + } 41 + 42 + void atmel_i2c_init_read_cmd(struct atmel_i2c_cmd *cmd) 43 + { 44 + cmd->word_addr = COMMAND; 45 + cmd->opcode = OPCODE_READ; 46 + /* 47 + * Read the word from Configuration zone that contains the lock bytes 48 + * (UserExtra, Selector, LockValue, LockConfig). 49 + */ 50 + cmd->param1 = CONFIG_ZONE; 51 + cmd->param2 = DEVICE_LOCK_ADDR; 52 + cmd->count = READ_COUNT; 53 + 54 + atmel_i2c_checksum(cmd); 55 + 56 + cmd->msecs = MAX_EXEC_TIME_READ; 57 + cmd->rxsize = READ_RSP_SIZE; 58 + } 59 + EXPORT_SYMBOL(atmel_i2c_init_read_cmd); 60 + 61 + void atmel_i2c_init_genkey_cmd(struct atmel_i2c_cmd *cmd, u16 keyid) 62 + { 63 + cmd->word_addr = COMMAND; 64 + cmd->count = GENKEY_COUNT; 65 + cmd->opcode = OPCODE_GENKEY; 66 + cmd->param1 = GENKEY_MODE_PRIVATE; 67 + /* a random private key will be generated and stored in slot keyID */ 68 + cmd->param2 = cpu_to_le16(keyid); 69 + 70 + atmel_i2c_checksum(cmd); 71 + 72 + cmd->msecs = MAX_EXEC_TIME_GENKEY; 73 + cmd->rxsize = GENKEY_RSP_SIZE; 74 + } 75 + EXPORT_SYMBOL(atmel_i2c_init_genkey_cmd); 76 + 77 + int atmel_i2c_init_ecdh_cmd(struct atmel_i2c_cmd *cmd, 78 + struct scatterlist *pubkey) 79 + { 80 + size_t copied; 81 + 82 + cmd->word_addr = COMMAND; 83 + cmd->count = ECDH_COUNT; 84 + cmd->opcode = OPCODE_ECDH; 85 + cmd->param1 = ECDH_PREFIX_MODE; 86 + /* private key slot */ 87 + cmd->param2 = cpu_to_le16(DATA_SLOT_2); 88 + 89 + /* 90 + * The device only supports NIST P256 ECC keys. The public key size will 91 + * always be the same. Use a macro for the key size to avoid unnecessary 92 + * computations. 93 + */ 94 + copied = sg_copy_to_buffer(pubkey, 95 + sg_nents_for_len(pubkey, 96 + ATMEL_ECC_PUBKEY_SIZE), 97 + cmd->data, ATMEL_ECC_PUBKEY_SIZE); 98 + if (copied != ATMEL_ECC_PUBKEY_SIZE) 99 + return -EINVAL; 100 + 101 + atmel_i2c_checksum(cmd); 102 + 103 + cmd->msecs = MAX_EXEC_TIME_ECDH; 104 + cmd->rxsize = ECDH_RSP_SIZE; 105 + 106 + return 0; 107 + } 108 + EXPORT_SYMBOL(atmel_i2c_init_ecdh_cmd); 109 + 110 + /* 111 + * After wake and after execution of a command, there will be error, status, or 112 + * result bytes in the device's output register that can be retrieved by the 113 + * system. When the length of that group is four bytes, the codes returned are 114 + * detailed in error_list. 115 + */ 116 + static int atmel_i2c_status(struct device *dev, u8 *status) 117 + { 118 + size_t err_list_len = ARRAY_SIZE(error_list); 119 + int i; 120 + u8 err_id = status[1]; 121 + 122 + if (*status != STATUS_SIZE) 123 + return 0; 124 + 125 + if (err_id == STATUS_WAKE_SUCCESSFUL || err_id == STATUS_NOERR) 126 + return 0; 127 + 128 + for (i = 0; i < err_list_len; i++) 129 + if (error_list[i].value == err_id) 130 + break; 131 + 132 + /* if err_id is not in the error_list then ignore it */ 133 + if (i != err_list_len) { 134 + dev_err(dev, "%02x: %s:\n", err_id, error_list[i].error_text); 135 + return err_id; 136 + } 137 + 138 + return 0; 139 + } 140 + 141 + static int atmel_i2c_wakeup(struct i2c_client *client) 142 + { 143 + struct atmel_i2c_client_priv *i2c_priv = i2c_get_clientdata(client); 144 + u8 status[STATUS_RSP_SIZE]; 145 + int ret; 146 + 147 + /* 148 + * The device ignores any levels or transitions on the SCL pin when the 149 + * device is idle, asleep or during waking up. Don't check for error 150 + * when waking up the device. 151 + */ 152 + i2c_master_send(client, i2c_priv->wake_token, i2c_priv->wake_token_sz); 153 + 154 + /* 155 + * Wait to wake the device. Typical execution times for ecdh and genkey 156 + * are around tens of milliseconds. Delta is chosen to 50 microseconds. 157 + */ 158 + usleep_range(TWHI_MIN, TWHI_MAX); 159 + 160 + ret = i2c_master_recv(client, status, STATUS_SIZE); 161 + if (ret < 0) 162 + return ret; 163 + 164 + return atmel_i2c_status(&client->dev, status); 165 + } 166 + 167 + static int atmel_i2c_sleep(struct i2c_client *client) 168 + { 169 + u8 sleep = SLEEP_TOKEN; 170 + 171 + return i2c_master_send(client, &sleep, 1); 172 + } 173 + 174 + /* 175 + * atmel_i2c_send_receive() - send a command to the device and receive its 176 + * response. 177 + * @client: i2c client device 178 + * @cmd : structure used to communicate with the device 179 + * 180 + * After the device receives a Wake token, a watchdog counter starts within the 181 + * device. After the watchdog timer expires, the device enters sleep mode 182 + * regardless of whether some I/O transmission or command execution is in 183 + * progress. If a command is attempted when insufficient time remains prior to 184 + * watchdog timer execution, the device will return the watchdog timeout error 185 + * code without attempting to execute the command. There is no way to reset the 186 + * counter other than to put the device into sleep or idle mode and then 187 + * wake it up again. 188 + */ 189 + int atmel_i2c_send_receive(struct i2c_client *client, struct atmel_i2c_cmd *cmd) 190 + { 191 + struct atmel_i2c_client_priv *i2c_priv = i2c_get_clientdata(client); 192 + int ret; 193 + 194 + mutex_lock(&i2c_priv->lock); 195 + 196 + ret = atmel_i2c_wakeup(client); 197 + if (ret) 198 + goto err; 199 + 200 + /* send the command */ 201 + ret = i2c_master_send(client, (u8 *)cmd, cmd->count + WORD_ADDR_SIZE); 202 + if (ret < 0) 203 + goto err; 204 + 205 + /* delay the appropriate amount of time for command to execute */ 206 + msleep(cmd->msecs); 207 + 208 + /* receive the response */ 209 + ret = i2c_master_recv(client, cmd->data, cmd->rxsize); 210 + if (ret < 0) 211 + goto err; 212 + 213 + /* put the device into low-power mode */ 214 + ret = atmel_i2c_sleep(client); 215 + if (ret < 0) 216 + goto err; 217 + 218 + mutex_unlock(&i2c_priv->lock); 219 + return atmel_i2c_status(&client->dev, cmd->data); 220 + err: 221 + mutex_unlock(&i2c_priv->lock); 222 + return ret; 223 + } 224 + EXPORT_SYMBOL(atmel_i2c_send_receive); 225 + 226 + static void atmel_i2c_work_handler(struct work_struct *work) 227 + { 228 + struct atmel_i2c_work_data *work_data = 229 + container_of(work, struct atmel_i2c_work_data, work); 230 + struct atmel_i2c_cmd *cmd = &work_data->cmd; 231 + struct i2c_client *client = work_data->client; 232 + int status; 233 + 234 + status = atmel_i2c_send_receive(client, cmd); 235 + work_data->cbk(work_data, work_data->areq, status); 236 + } 237 + 238 + void atmel_i2c_enqueue(struct atmel_i2c_work_data *work_data, 239 + void (*cbk)(struct atmel_i2c_work_data *work_data, 240 + void *areq, int status), 241 + void *areq) 242 + { 243 + work_data->cbk = (void *)cbk; 244 + work_data->areq = areq; 245 + 246 + INIT_WORK(&work_data->work, atmel_i2c_work_handler); 247 + schedule_work(&work_data->work); 248 + } 249 + EXPORT_SYMBOL(atmel_i2c_enqueue); 250 + 251 + static inline size_t atmel_i2c_wake_token_sz(u32 bus_clk_rate) 252 + { 253 + u32 no_of_bits = DIV_ROUND_UP(TWLO_USEC * bus_clk_rate, USEC_PER_SEC); 254 + 255 + /* return the size of the wake_token in bytes */ 256 + return DIV_ROUND_UP(no_of_bits, 8); 257 + } 258 + 259 + static int device_sanity_check(struct i2c_client *client) 260 + { 261 + struct atmel_i2c_cmd *cmd; 262 + int ret; 263 + 264 + cmd = kmalloc(sizeof(*cmd), GFP_KERNEL); 265 + if (!cmd) 266 + return -ENOMEM; 267 + 268 + atmel_i2c_init_read_cmd(cmd); 269 + 270 + ret = atmel_i2c_send_receive(client, cmd); 271 + if (ret) 272 + goto free_cmd; 273 + 274 + /* 275 + * It is vital that the Configuration, Data and OTP zones be locked 276 + * prior to release into the field of the system containing the device. 277 + * Failure to lock these zones may permit modification of any secret 278 + * keys and may lead to other security problems. 279 + */ 280 + if (cmd->data[LOCK_CONFIG_IDX] || cmd->data[LOCK_VALUE_IDX]) { 281 + dev_err(&client->dev, "Configuration or Data and OTP zones are unlocked!\n"); 282 + ret = -ENOTSUPP; 283 + } 284 + 285 + /* fall through */ 286 + free_cmd: 287 + kfree(cmd); 288 + return ret; 289 + } 290 + 291 + int atmel_i2c_probe(struct i2c_client *client, const struct i2c_device_id *id) 292 + { 293 + struct atmel_i2c_client_priv *i2c_priv; 294 + struct device *dev = &client->dev; 295 + int ret; 296 + u32 bus_clk_rate; 297 + 298 + if (!i2c_check_functionality(client->adapter, I2C_FUNC_I2C)) { 299 + dev_err(dev, "I2C_FUNC_I2C not supported\n"); 300 + return -ENODEV; 301 + } 302 + 303 + bus_clk_rate = i2c_acpi_find_bus_speed(&client->adapter->dev); 304 + if (!bus_clk_rate) { 305 + ret = device_property_read_u32(&client->adapter->dev, 306 + "clock-frequency", &bus_clk_rate); 307 + if (ret) { 308 + dev_err(dev, "failed to read clock-frequency property\n"); 309 + return ret; 310 + } 311 + } 312 + 313 + if (bus_clk_rate > 1000000L) { 314 + dev_err(dev, "%d exceeds maximum supported clock frequency (1MHz)\n", 315 + bus_clk_rate); 316 + return -EINVAL; 317 + } 318 + 319 + i2c_priv = devm_kmalloc(dev, sizeof(*i2c_priv), GFP_KERNEL); 320 + if (!i2c_priv) 321 + return -ENOMEM; 322 + 323 + i2c_priv->client = client; 324 + mutex_init(&i2c_priv->lock); 325 + 326 + /* 327 + * WAKE_TOKEN_MAX_SIZE was calculated for the maximum bus_clk_rate - 328 + * 1MHz. The previous bus_clk_rate check ensures us that wake_token_sz 329 + * will always be smaller than or equal to WAKE_TOKEN_MAX_SIZE. 330 + */ 331 + i2c_priv->wake_token_sz = atmel_i2c_wake_token_sz(bus_clk_rate); 332 + 333 + memset(i2c_priv->wake_token, 0, sizeof(i2c_priv->wake_token)); 334 + 335 + atomic_set(&i2c_priv->tfm_count, 0); 336 + 337 + i2c_set_clientdata(client, i2c_priv); 338 + 339 + ret = device_sanity_check(client); 340 + if (ret) 341 + return ret; 342 + 343 + return 0; 344 + } 345 + EXPORT_SYMBOL(atmel_i2c_probe); 346 + 347 + MODULE_AUTHOR("Tudor Ambarus <tudor.ambarus@microchip.com>"); 348 + MODULE_DESCRIPTION("Microchip / Atmel ECC (I2C) driver"); 349 + MODULE_LICENSE("GPL v2");