Lines Matching +full:at91sam9g46 +full:- +full:sha
1 // SPDX-License-Identifier: GPL-2.0
7 * Copyright (c) 2012 Eukréa Electromatique - ATMEL
10 * Some ideas are from omap-aes.c driver.
30 #include <linux/dma-mapping.h>
41 #include "atmel-aes-regs.h"
42 #include "atmel-authenc.h"
253 snprintf(tmp, sz, "KEYWR[%u]", (offset - AES_KEYWR(0)) >> 2); in atmel_aes_reg_name()
260 snprintf(tmp, sz, "IDATAR[%u]", (offset - AES_IDATAR(0)) >> 2); in atmel_aes_reg_name()
267 snprintf(tmp, sz, "ODATAR[%u]", (offset - AES_ODATAR(0)) >> 2); in atmel_aes_reg_name()
274 snprintf(tmp, sz, "IVR[%u]", (offset - AES_IVR(0)) >> 2); in atmel_aes_reg_name()
287 snprintf(tmp, sz, "GHASHR[%u]", (offset - AES_GHASHR(0)) >> 2); in atmel_aes_reg_name()
294 snprintf(tmp, sz, "TAGR[%u]", (offset - AES_TAGR(0)) >> 2); in atmel_aes_reg_name()
304 snprintf(tmp, sz, "GCMHR[%u]", (offset - AES_GCMHR(0)) >> 2); in atmel_aes_reg_name()
314 snprintf(tmp, sz, "TWR[%u]", (offset - AES_TWR(0)) >> 2); in atmel_aes_reg_name()
321 snprintf(tmp, sz, "ALPHAR[%u]", (offset - AES_ALPHAR(0)) >> 2); in atmel_aes_reg_name()
337 u32 value = readl_relaxed(dd->io_base + offset); in atmel_aes_read()
340 if (dd->flags & AES_FLAGS_DUMP_REG) { in atmel_aes_read()
343 dev_vdbg(dd->dev, "read 0x%08x from %s\n", value, in atmel_aes_read()
355 if (dd->flags & AES_FLAGS_DUMP_REG) { in atmel_aes_write()
358 dev_vdbg(dd->dev, "write 0x%08x into %s\n", value, in atmel_aes_write()
363 writel_relaxed(value, dd->io_base + offset); in atmel_aes_write()
369 for (; count--; value++, offset += 4) in atmel_aes_read_n()
376 for (; count--; value++, offset += 4) in atmel_aes_write_n()
400 dd->resume = resume; in atmel_aes_wait_for_data_ready()
402 return -EINPROGRESS; in atmel_aes_wait_for_data_ready()
407 len &= block_size - 1; in atmel_aes_padlen()
408 return len ? block_size - len : 0; in atmel_aes_padlen()
427 err = clk_enable(dd->iclk); in atmel_aes_hw_init()
450 dd->hw_version = atmel_aes_get_version(dd); in atmel_aes_hw_version_init()
452 dev_info(dd->dev, "version: 0x%x\n", dd->hw_version); in atmel_aes_hw_version_init()
454 clk_disable(dd->iclk); in atmel_aes_hw_version_init()
462 dd->flags = (dd->flags & AES_FLAGS_PERSISTENT) | rctx->mode; in atmel_aes_set_mode()
467 return (dd->flags & AES_FLAGS_ENCRYPT); in atmel_aes_is_encrypt()
476 struct skcipher_request *req = skcipher_request_cast(dd->areq); in atmel_aes_set_iv_as_last_ciphertext_block()
481 if (req->cryptlen < ivsize) in atmel_aes_set_iv_as_last_ciphertext_block()
484 if (rctx->mode & AES_FLAGS_ENCRYPT) in atmel_aes_set_iv_as_last_ciphertext_block()
485 scatterwalk_map_and_copy(req->iv, req->dst, in atmel_aes_set_iv_as_last_ciphertext_block()
486 req->cryptlen - ivsize, ivsize, 0); in atmel_aes_set_iv_as_last_ciphertext_block()
488 memcpy(req->iv, rctx->lastc, ivsize); in atmel_aes_set_iv_as_last_ciphertext_block()
499 struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); in atmel_aes_ctr_update_req_iv()
500 struct skcipher_request *req = skcipher_request_cast(dd->areq); in atmel_aes_ctr_update_req_iv()
508 * here, ctx->blocks contains the number of blocks of the last fragment in atmel_aes_ctr_update_req_iv()
511 for (i = 0; i < ctx->blocks; i++) in atmel_aes_ctr_update_req_iv()
512 crypto_inc((u8 *)ctx->iv, AES_BLOCK_SIZE); in atmel_aes_ctr_update_req_iv()
514 memcpy(req->iv, ctx->iv, ivsize); in atmel_aes_ctr_update_req_iv()
519 struct skcipher_request *req = skcipher_request_cast(dd->areq); in atmel_aes_complete()
523 if (dd->ctx->is_aead) in atmel_aes_complete()
527 clk_disable(dd->iclk); in atmel_aes_complete()
528 dd->flags &= ~AES_FLAGS_BUSY; in atmel_aes_complete()
530 if (!err && !dd->ctx->is_aead && in atmel_aes_complete()
531 (rctx->mode & AES_FLAGS_OPMODE_MASK) != AES_FLAGS_ECB) { in atmel_aes_complete()
532 if ((rctx->mode & AES_FLAGS_OPMODE_MASK) != AES_FLAGS_CTR) in atmel_aes_complete()
538 if (dd->is_async) in atmel_aes_complete()
539 crypto_request_complete(dd->areq, err); in atmel_aes_complete()
541 tasklet_schedule(&dd->queue_task); in atmel_aes_complete()
559 valmr |= dd->flags & AES_FLAGS_MODE_MASK; in atmel_aes_write_ctrl_key()
563 if (dd->caps.has_dualbuff) in atmel_aes_write_ctrl_key()
582 dd->ctx->key, dd->ctx->keylen); in atmel_aes_write_ctrl()
593 atmel_aes_read_block(dd, AES_ODATAR(0), dd->data); in atmel_aes_cpu_transfer()
594 dd->data += 4; in atmel_aes_cpu_transfer()
595 dd->datalen -= AES_BLOCK_SIZE; in atmel_aes_cpu_transfer()
597 if (dd->datalen < AES_BLOCK_SIZE) in atmel_aes_cpu_transfer()
600 atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); in atmel_aes_cpu_transfer()
604 dd->resume = atmel_aes_cpu_transfer; in atmel_aes_cpu_transfer()
606 return -EINPROGRESS; in atmel_aes_cpu_transfer()
610 if (!sg_copy_from_buffer(dd->real_dst, sg_nents(dd->real_dst), in atmel_aes_cpu_transfer()
611 dd->buf, dd->total)) in atmel_aes_cpu_transfer()
612 err = -EINVAL; in atmel_aes_cpu_transfer()
617 return dd->cpu_transfer_complete(dd); in atmel_aes_cpu_transfer()
629 return -EINVAL; in atmel_aes_cpu_start()
631 sg_copy_to_buffer(src, sg_nents(src), dd->buf, len); in atmel_aes_cpu_start()
633 dd->total = len; in atmel_aes_cpu_start()
634 dd->real_dst = dst; in atmel_aes_cpu_start()
635 dd->cpu_transfer_complete = resume; in atmel_aes_cpu_start()
636 dd->datalen = len + padlen; in atmel_aes_cpu_start()
637 dd->data = (u32 *)dd->buf; in atmel_aes_cpu_start()
638 atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); in atmel_aes_cpu_start()
654 if (!IS_ALIGNED(len, dd->ctx->block_size)) in atmel_aes_check_aligned()
658 if (!IS_ALIGNED(sg->offset, sizeof(u32))) in atmel_aes_check_aligned()
661 if (len <= sg->length) { in atmel_aes_check_aligned()
662 if (!IS_ALIGNED(len, dd->ctx->block_size)) in atmel_aes_check_aligned()
665 dma->nents = nents+1; in atmel_aes_check_aligned()
666 dma->remainder = sg->length - len; in atmel_aes_check_aligned()
667 sg->length = len; in atmel_aes_check_aligned()
671 if (!IS_ALIGNED(sg->length, dd->ctx->block_size)) in atmel_aes_check_aligned()
674 len -= sg->length; in atmel_aes_check_aligned()
682 struct scatterlist *sg = dma->sg; in atmel_aes_restore_sg()
683 int nents = dma->nents; in atmel_aes_restore_sg()
685 if (!dma->remainder) in atmel_aes_restore_sg()
688 while (--nents > 0 && sg) in atmel_aes_restore_sg()
694 sg->length += dma->remainder; in atmel_aes_restore_sg()
705 dd->total = len; in atmel_aes_map()
706 dd->src.sg = src; in atmel_aes_map()
707 dd->dst.sg = dst; in atmel_aes_map()
708 dd->real_dst = dst; in atmel_aes_map()
710 src_aligned = atmel_aes_check_aligned(dd, src, len, &dd->src); in atmel_aes_map()
714 dst_aligned = atmel_aes_check_aligned(dd, dst, len, &dd->dst); in atmel_aes_map()
716 padlen = atmel_aes_padlen(len, dd->ctx->block_size); in atmel_aes_map()
718 if (dd->buflen < len + padlen) in atmel_aes_map()
719 return -ENOMEM; in atmel_aes_map()
722 sg_copy_to_buffer(src, sg_nents(src), dd->buf, len); in atmel_aes_map()
723 dd->src.sg = &dd->aligned_sg; in atmel_aes_map()
724 dd->src.nents = 1; in atmel_aes_map()
725 dd->src.remainder = 0; in atmel_aes_map()
729 dd->dst.sg = &dd->aligned_sg; in atmel_aes_map()
730 dd->dst.nents = 1; in atmel_aes_map()
731 dd->dst.remainder = 0; in atmel_aes_map()
734 sg_init_table(&dd->aligned_sg, 1); in atmel_aes_map()
735 sg_set_buf(&dd->aligned_sg, dd->buf, len + padlen); in atmel_aes_map()
738 if (dd->src.sg == dd->dst.sg) { in atmel_aes_map()
739 dd->src.sg_len = dma_map_sg(dd->dev, dd->src.sg, dd->src.nents, in atmel_aes_map()
741 dd->dst.sg_len = dd->src.sg_len; in atmel_aes_map()
742 if (!dd->src.sg_len) in atmel_aes_map()
743 return -EFAULT; in atmel_aes_map()
745 dd->src.sg_len = dma_map_sg(dd->dev, dd->src.sg, dd->src.nents, in atmel_aes_map()
747 if (!dd->src.sg_len) in atmel_aes_map()
748 return -EFAULT; in atmel_aes_map()
750 dd->dst.sg_len = dma_map_sg(dd->dev, dd->dst.sg, dd->dst.nents, in atmel_aes_map()
752 if (!dd->dst.sg_len) { in atmel_aes_map()
753 dma_unmap_sg(dd->dev, dd->src.sg, dd->src.nents, in atmel_aes_map()
755 return -EFAULT; in atmel_aes_map()
764 if (dd->src.sg == dd->dst.sg) { in atmel_aes_unmap()
765 dma_unmap_sg(dd->dev, dd->src.sg, dd->src.nents, in atmel_aes_unmap()
768 if (dd->src.sg != &dd->aligned_sg) in atmel_aes_unmap()
769 atmel_aes_restore_sg(&dd->src); in atmel_aes_unmap()
771 dma_unmap_sg(dd->dev, dd->dst.sg, dd->dst.nents, in atmel_aes_unmap()
774 if (dd->dst.sg != &dd->aligned_sg) in atmel_aes_unmap()
775 atmel_aes_restore_sg(&dd->dst); in atmel_aes_unmap()
777 dma_unmap_sg(dd->dev, dd->src.sg, dd->src.nents, in atmel_aes_unmap()
780 if (dd->src.sg != &dd->aligned_sg) in atmel_aes_unmap()
781 atmel_aes_restore_sg(&dd->src); in atmel_aes_unmap()
784 if (dd->dst.sg == &dd->aligned_sg) in atmel_aes_unmap()
785 sg_copy_from_buffer(dd->real_dst, sg_nents(dd->real_dst), in atmel_aes_unmap()
786 dd->buf, dd->total); in atmel_aes_unmap()
808 dma = &dd->src; in atmel_aes_dma_transfer_start()
810 config.dst_addr = dd->phys_base + AES_IDATAR(0); in atmel_aes_dma_transfer_start()
814 dma = &dd->dst; in atmel_aes_dma_transfer_start()
816 config.src_addr = dd->phys_base + AES_ODATAR(0); in atmel_aes_dma_transfer_start()
820 return -EINVAL; in atmel_aes_dma_transfer_start()
823 err = dmaengine_slave_config(dma->chan, &config); in atmel_aes_dma_transfer_start()
827 desc = dmaengine_prep_slave_sg(dma->chan, dma->sg, dma->sg_len, dir, in atmel_aes_dma_transfer_start()
830 return -ENOMEM; in atmel_aes_dma_transfer_start()
832 desc->callback = callback; in atmel_aes_dma_transfer_start()
833 desc->callback_param = dd; in atmel_aes_dma_transfer_start()
835 dma_async_issue_pending(dma->chan); in atmel_aes_dma_transfer_start()
850 switch (dd->ctx->block_size) { in atmel_aes_dma_start()
853 maxburst = dd->caps.max_burst_size; in atmel_aes_dma_start()
857 err = -EINVAL; in atmel_aes_dma_start()
865 dd->resume = resume; in atmel_aes_dma_start()
879 return -EINPROGRESS; in atmel_aes_dma_start()
882 dmaengine_terminate_sync(dd->dst.chan); in atmel_aes_dma_start()
894 dd->is_async = true; in atmel_aes_dma_callback()
895 (void)dd->resume(dd); in atmel_aes_dma_callback()
907 spin_lock_irqsave(&dd->lock, flags); in atmel_aes_handle_queue()
909 ret = crypto_enqueue_request(&dd->queue, new_areq); in atmel_aes_handle_queue()
910 if (dd->flags & AES_FLAGS_BUSY) { in atmel_aes_handle_queue()
911 spin_unlock_irqrestore(&dd->lock, flags); in atmel_aes_handle_queue()
914 backlog = crypto_get_backlog(&dd->queue); in atmel_aes_handle_queue()
915 areq = crypto_dequeue_request(&dd->queue); in atmel_aes_handle_queue()
917 dd->flags |= AES_FLAGS_BUSY; in atmel_aes_handle_queue()
918 spin_unlock_irqrestore(&dd->lock, flags); in atmel_aes_handle_queue()
924 crypto_request_complete(backlog, -EINPROGRESS); in atmel_aes_handle_queue()
926 ctx = crypto_tfm_ctx(areq->tfm); in atmel_aes_handle_queue()
928 dd->areq = areq; in atmel_aes_handle_queue()
929 dd->ctx = ctx; in atmel_aes_handle_queue()
931 dd->is_async = start_async; in atmel_aes_handle_queue()
933 /* WARNING: ctx->start() MAY change dd->is_async. */ in atmel_aes_handle_queue()
934 err = ctx->start(dd); in atmel_aes_handle_queue()
948 struct skcipher_request *req = skcipher_request_cast(dd->areq); in atmel_aes_start()
950 bool use_dma = (req->cryptlen >= ATMEL_AES_DMA_THRESHOLD || in atmel_aes_start()
951 dd->ctx->block_size != AES_BLOCK_SIZE); in atmel_aes_start()
960 atmel_aes_write_ctrl(dd, use_dma, (void *)req->iv); in atmel_aes_start()
962 return atmel_aes_dma_start(dd, req->src, req->dst, in atmel_aes_start()
963 req->cryptlen, in atmel_aes_start()
966 return atmel_aes_cpu_start(dd, req->src, req->dst, req->cryptlen, in atmel_aes_start()
972 struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); in atmel_aes_ctr_transfer()
973 struct skcipher_request *req = skcipher_request_cast(dd->areq); in atmel_aes_ctr_transfer()
981 ctx->offset += dd->total; in atmel_aes_ctr_transfer()
982 if (ctx->offset >= req->cryptlen) in atmel_aes_ctr_transfer()
986 datalen = req->cryptlen - ctx->offset; in atmel_aes_ctr_transfer()
987 ctx->blocks = DIV_ROUND_UP(datalen, AES_BLOCK_SIZE); in atmel_aes_ctr_transfer()
988 ctr = be32_to_cpu(ctx->iv[3]); in atmel_aes_ctr_transfer()
992 end = start + ctx->blocks - 1; in atmel_aes_ctr_transfer()
994 if (ctx->blocks >> 16 || end < start) { in atmel_aes_ctr_transfer()
996 datalen = AES_BLOCK_SIZE * (0x10000 - start); in atmel_aes_ctr_transfer()
1003 src = scatterwalk_ffwd(ctx->src, req->src, ctx->offset); in atmel_aes_ctr_transfer()
1004 dst = ((req->src == req->dst) ? src : in atmel_aes_ctr_transfer()
1005 scatterwalk_ffwd(ctx->dst, req->dst, ctx->offset)); in atmel_aes_ctr_transfer()
1008 atmel_aes_write_ctrl(dd, use_dma, ctx->iv); in atmel_aes_ctr_transfer()
1014 ctx->iv[3] = cpu_to_be32(ctr); in atmel_aes_ctr_transfer()
1015 crypto_inc((u8 *)ctx->iv, AES_BLOCK_SIZE); in atmel_aes_ctr_transfer()
1028 struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); in atmel_aes_ctr_start()
1029 struct skcipher_request *req = skcipher_request_cast(dd->areq); in atmel_aes_ctr_start()
1039 memcpy(ctx->iv, req->iv, AES_BLOCK_SIZE); in atmel_aes_ctr_start()
1040 ctx->offset = 0; in atmel_aes_ctr_start()
1041 dd->total = 0; in atmel_aes_ctr_start()
1051 skcipher_request_set_tfm(&rctx->fallback_req, ctx->fallback_tfm); in atmel_aes_xts_fallback()
1052 skcipher_request_set_callback(&rctx->fallback_req, req->base.flags, in atmel_aes_xts_fallback()
1053 req->base.complete, req->base.data); in atmel_aes_xts_fallback()
1054 skcipher_request_set_crypt(&rctx->fallback_req, req->src, req->dst, in atmel_aes_xts_fallback()
1055 req->cryptlen, req->iv); in atmel_aes_xts_fallback()
1057 return enc ? crypto_skcipher_encrypt(&rctx->fallback_req) : in atmel_aes_xts_fallback()
1058 crypto_skcipher_decrypt(&rctx->fallback_req); in atmel_aes_xts_fallback()
1069 if (req->cryptlen < XTS_BLOCK_SIZE) in atmel_aes_crypt()
1070 return -EINVAL; in atmel_aes_crypt()
1072 if (!IS_ALIGNED(req->cryptlen, XTS_BLOCK_SIZE)) in atmel_aes_crypt()
1081 if (!req->cryptlen && opmode != AES_FLAGS_XTS) in atmel_aes_crypt()
1085 !IS_ALIGNED(req->cryptlen, crypto_skcipher_blocksize(skcipher))) in atmel_aes_crypt()
1086 return -EINVAL; in atmel_aes_crypt()
1088 ctx->block_size = AES_BLOCK_SIZE; in atmel_aes_crypt()
1089 ctx->is_aead = false; in atmel_aes_crypt()
1092 rctx->mode = mode; in atmel_aes_crypt()
1098 if (req->cryptlen >= ivsize) in atmel_aes_crypt()
1099 scatterwalk_map_and_copy(rctx->lastc, req->src, in atmel_aes_crypt()
1100 req->cryptlen - ivsize, in atmel_aes_crypt()
1104 return atmel_aes_handle_queue(ctx->dd, &req->base); in atmel_aes_crypt()
1115 return -EINVAL; in atmel_aes_setkey()
1117 memcpy(ctx->key, key, keylen); in atmel_aes_setkey()
1118 ctx->keylen = keylen; in atmel_aes_setkey()
1158 dd = atmel_aes_dev_alloc(&ctx->base); in atmel_aes_init_tfm()
1160 return -ENODEV; in atmel_aes_init_tfm()
1163 ctx->base.dd = dd; in atmel_aes_init_tfm()
1164 ctx->base.start = atmel_aes_start; in atmel_aes_init_tfm()
1174 dd = atmel_aes_dev_alloc(&ctx->base); in atmel_aes_ctr_init_tfm()
1176 return -ENODEV; in atmel_aes_ctr_init_tfm()
1179 ctx->base.dd = dd; in atmel_aes_ctr_init_tfm()
1180 ctx->base.start = atmel_aes_ctr_start; in atmel_aes_ctr_init_tfm()
1188 .base.cra_driver_name = "atmel-ecb-aes",
1201 .base.cra_driver_name = "atmel-cbc-aes",
1215 .base.cra_driver_name = "atmel-ctr-aes",
1258 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_ghash()
1260 dd->data = (u32 *)data; in atmel_aes_gcm_ghash()
1261 dd->datalen = datalen; in atmel_aes_gcm_ghash()
1262 ctx->ghash_in = ghash_in; in atmel_aes_gcm_ghash()
1263 ctx->ghash_out = ghash_out; in atmel_aes_gcm_ghash()
1264 ctx->ghash_resume = resume; in atmel_aes_gcm_ghash()
1272 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_ghash_init()
1275 atmel_aes_write(dd, AES_AADLENR, dd->total); in atmel_aes_gcm_ghash_init()
1279 if (ctx->ghash_in) in atmel_aes_gcm_ghash_init()
1280 atmel_aes_write_block(dd, AES_GHASHR(0), ctx->ghash_in); in atmel_aes_gcm_ghash_init()
1287 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_ghash_finalize()
1291 while (dd->datalen > 0) { in atmel_aes_gcm_ghash_finalize()
1292 atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); in atmel_aes_gcm_ghash_finalize()
1293 dd->data += 4; in atmel_aes_gcm_ghash_finalize()
1294 dd->datalen -= AES_BLOCK_SIZE; in atmel_aes_gcm_ghash_finalize()
1298 dd->resume = atmel_aes_gcm_ghash_finalize; in atmel_aes_gcm_ghash_finalize()
1300 return -EINPROGRESS; in atmel_aes_gcm_ghash_finalize()
1305 atmel_aes_read_block(dd, AES_GHASHR(0), ctx->ghash_out); in atmel_aes_gcm_ghash_finalize()
1307 return ctx->ghash_resume(dd); in atmel_aes_gcm_ghash_finalize()
1313 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_start()
1314 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_gcm_start()
1319 const void *iv = req->iv; in atmel_aes_gcm_start()
1320 u8 *data = dd->buf; in atmel_aes_gcm_start()
1330 memcpy(ctx->j0, iv, ivsize); in atmel_aes_gcm_start()
1331 ctx->j0[3] = cpu_to_be32(1); in atmel_aes_gcm_start()
1337 if (datalen > dd->buflen) in atmel_aes_gcm_start()
1338 return atmel_aes_complete(dd, -EINVAL); in atmel_aes_gcm_start()
1342 ((__be64 *)(data + datalen))[-1] = cpu_to_be64(ivsize * 8); in atmel_aes_gcm_start()
1345 NULL, ctx->j0, atmel_aes_gcm_process); in atmel_aes_gcm_start()
1350 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_process()
1351 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_gcm_process()
1358 ctx->textlen = req->cryptlen - (enc ? 0 : authsize); in atmel_aes_gcm_process()
1364 if (likely(req->assoclen != 0 || ctx->textlen != 0)) in atmel_aes_gcm_process()
1365 dd->flags |= AES_FLAGS_GTAGEN; in atmel_aes_gcm_process()
1373 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_length()
1374 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_gcm_length()
1375 __be32 j0_lsw, *j0 = ctx->j0; in atmel_aes_gcm_length()
1385 atmel_aes_write(dd, AES_AADLENR, req->assoclen); in atmel_aes_gcm_length()
1386 atmel_aes_write(dd, AES_CLENR, ctx->textlen); in atmel_aes_gcm_length()
1389 if (unlikely(req->assoclen == 0)) { in atmel_aes_gcm_length()
1390 dd->datalen = 0; in atmel_aes_gcm_length()
1395 padlen = atmel_aes_padlen(req->assoclen, AES_BLOCK_SIZE); in atmel_aes_gcm_length()
1396 if (unlikely(req->assoclen + padlen > dd->buflen)) in atmel_aes_gcm_length()
1397 return atmel_aes_complete(dd, -EINVAL); in atmel_aes_gcm_length()
1398 sg_copy_to_buffer(req->src, sg_nents(req->src), dd->buf, req->assoclen); in atmel_aes_gcm_length()
1401 dd->data = (u32 *)dd->buf; in atmel_aes_gcm_length()
1402 dd->datalen = req->assoclen + padlen; in atmel_aes_gcm_length()
1408 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_data()
1409 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_gcm_data()
1410 bool use_dma = (ctx->textlen >= ATMEL_AES_DMA_THRESHOLD); in atmel_aes_gcm_data()
1415 while (dd->datalen > 0) { in atmel_aes_gcm_data()
1416 atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); in atmel_aes_gcm_data()
1417 dd->data += 4; in atmel_aes_gcm_data()
1418 dd->datalen -= AES_BLOCK_SIZE; in atmel_aes_gcm_data()
1422 dd->resume = atmel_aes_gcm_data; in atmel_aes_gcm_data()
1424 return -EINPROGRESS; in atmel_aes_gcm_data()
1429 if (unlikely(ctx->textlen == 0)) in atmel_aes_gcm_data()
1433 src = scatterwalk_ffwd(ctx->src, req->src, req->assoclen); in atmel_aes_gcm_data()
1434 dst = ((req->src == req->dst) ? src : in atmel_aes_gcm_data()
1435 scatterwalk_ffwd(ctx->dst, req->dst, req->assoclen)); in atmel_aes_gcm_data()
1442 if (dd->caps.has_dualbuff) in atmel_aes_gcm_data()
1446 return atmel_aes_dma_start(dd, src, dst, ctx->textlen, in atmel_aes_gcm_data()
1450 return atmel_aes_cpu_start(dd, src, dst, ctx->textlen, in atmel_aes_gcm_data()
1456 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_tag_init()
1457 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_gcm_tag_init()
1458 __be64 *data = dd->buf; in atmel_aes_gcm_tag_init()
1460 if (likely(dd->flags & AES_FLAGS_GTAGEN)) { in atmel_aes_gcm_tag_init()
1462 dd->resume = atmel_aes_gcm_tag_init; in atmel_aes_gcm_tag_init()
1464 return -EINPROGRESS; in atmel_aes_gcm_tag_init()
1471 atmel_aes_read_block(dd, AES_GHASHR(0), ctx->ghash); in atmel_aes_gcm_tag_init()
1473 data[0] = cpu_to_be64(req->assoclen * 8); in atmel_aes_gcm_tag_init()
1474 data[1] = cpu_to_be64(ctx->textlen * 8); in atmel_aes_gcm_tag_init()
1477 ctx->ghash, ctx->ghash, atmel_aes_gcm_tag); in atmel_aes_gcm_tag_init()
1482 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_tag()
1489 flags = dd->flags; in atmel_aes_gcm_tag()
1490 dd->flags &= ~(AES_FLAGS_OPMODE_MASK | AES_FLAGS_GTAGEN); in atmel_aes_gcm_tag()
1491 dd->flags |= AES_FLAGS_CTR; in atmel_aes_gcm_tag()
1492 atmel_aes_write_ctrl(dd, false, ctx->j0); in atmel_aes_gcm_tag()
1493 dd->flags = flags; in atmel_aes_gcm_tag()
1495 atmel_aes_write_block(dd, AES_IDATAR(0), ctx->ghash); in atmel_aes_gcm_tag()
1501 struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); in atmel_aes_gcm_finalize()
1502 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_gcm_finalize()
1505 u32 offset, authsize, itag[4], *otag = ctx->tag; in atmel_aes_gcm_finalize()
1509 if (likely(dd->flags & AES_FLAGS_GTAGEN)) in atmel_aes_gcm_finalize()
1510 atmel_aes_read_block(dd, AES_TAGR(0), ctx->tag); in atmel_aes_gcm_finalize()
1512 atmel_aes_read_block(dd, AES_ODATAR(0), ctx->tag); in atmel_aes_gcm_finalize()
1514 offset = req->assoclen + ctx->textlen; in atmel_aes_gcm_finalize()
1517 scatterwalk_map_and_copy(otag, req->dst, offset, authsize, 1); in atmel_aes_gcm_finalize()
1520 scatterwalk_map_and_copy(itag, req->src, offset, authsize, 0); in atmel_aes_gcm_finalize()
1521 err = crypto_memneq(itag, otag, authsize) ? -EBADMSG : 0; in atmel_aes_gcm_finalize()
1534 ctx->block_size = AES_BLOCK_SIZE; in atmel_aes_gcm_crypt()
1535 ctx->is_aead = true; in atmel_aes_gcm_crypt()
1538 rctx->mode = AES_FLAGS_GCM | mode; in atmel_aes_gcm_crypt()
1540 return atmel_aes_handle_queue(ctx->dd, &req->base); in atmel_aes_gcm_crypt()
1551 return -EINVAL; in atmel_aes_gcm_setkey()
1553 memcpy(ctx->key, key, keylen); in atmel_aes_gcm_setkey()
1554 ctx->keylen = keylen; in atmel_aes_gcm_setkey()
1580 dd = atmel_aes_dev_alloc(&ctx->base); in atmel_aes_gcm_init()
1582 return -ENODEV; in atmel_aes_gcm_init()
1585 ctx->base.dd = dd; in atmel_aes_gcm_init()
1586 ctx->base.start = atmel_aes_gcm_start; in atmel_aes_gcm_init()
1602 .cra_driver_name = "atmel-gcm-aes",
1621 struct atmel_aes_xts_ctx *ctx = atmel_aes_xts_ctx_cast(dd->ctx); in atmel_aes_xts_start()
1622 struct skcipher_request *req = skcipher_request_cast(dd->areq); in atmel_aes_xts_start()
1633 /* Compute the tweak value from req->iv with ecb(aes). */ in atmel_aes_xts_start()
1634 flags = dd->flags; in atmel_aes_xts_start()
1635 dd->flags &= ~AES_FLAGS_MODE_MASK; in atmel_aes_xts_start()
1636 dd->flags |= (AES_FLAGS_ECB | AES_FLAGS_ENCRYPT); in atmel_aes_xts_start()
1638 ctx->key2, ctx->base.keylen); in atmel_aes_xts_start()
1639 dd->flags = flags; in atmel_aes_xts_start()
1641 atmel_aes_write_block(dd, AES_IDATAR(0), req->iv); in atmel_aes_xts_start()
1647 struct skcipher_request *req = skcipher_request_cast(dd->areq); in atmel_aes_xts_process_data()
1648 bool use_dma = (req->cryptlen >= ATMEL_AES_DMA_THRESHOLD); in atmel_aes_xts_process_data()
1662 swap(tweak_bytes[i], tweak_bytes[AES_BLOCK_SIZE - 1 - i]); in atmel_aes_xts_process_data()
1669 return atmel_aes_dma_start(dd, req->src, req->dst, in atmel_aes_xts_process_data()
1670 req->cryptlen, in atmel_aes_xts_process_data()
1673 return atmel_aes_cpu_start(dd, req->src, req->dst, req->cryptlen, in atmel_aes_xts_process_data()
1687 crypto_skcipher_clear_flags(ctx->fallback_tfm, CRYPTO_TFM_REQ_MASK); in atmel_aes_xts_setkey()
1688 crypto_skcipher_set_flags(ctx->fallback_tfm, tfm->base.crt_flags & in atmel_aes_xts_setkey()
1690 err = crypto_skcipher_setkey(ctx->fallback_tfm, key, keylen); in atmel_aes_xts_setkey()
1694 memcpy(ctx->base.key, key, keylen/2); in atmel_aes_xts_setkey()
1695 memcpy(ctx->key2, key + keylen/2, keylen/2); in atmel_aes_xts_setkey()
1696 ctx->base.keylen = keylen/2; in atmel_aes_xts_setkey()
1715 const char *tfm_name = crypto_tfm_alg_name(&tfm->base); in atmel_aes_xts_init_tfm()
1717 dd = atmel_aes_dev_alloc(&ctx->base); in atmel_aes_xts_init_tfm()
1719 return -ENODEV; in atmel_aes_xts_init_tfm()
1721 ctx->fallback_tfm = crypto_alloc_skcipher(tfm_name, 0, in atmel_aes_xts_init_tfm()
1723 if (IS_ERR(ctx->fallback_tfm)) in atmel_aes_xts_init_tfm()
1724 return PTR_ERR(ctx->fallback_tfm); in atmel_aes_xts_init_tfm()
1727 crypto_skcipher_reqsize(ctx->fallback_tfm)); in atmel_aes_xts_init_tfm()
1728 ctx->base.dd = dd; in atmel_aes_xts_init_tfm()
1729 ctx->base.start = atmel_aes_xts_start; in atmel_aes_xts_init_tfm()
1738 crypto_free_skcipher(ctx->fallback_tfm); in atmel_aes_xts_exit_tfm()
1743 .base.cra_driver_name = "atmel-xts-aes",
1772 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_authenc_complete()
1775 if (err && (dd->flags & AES_FLAGS_OWN_SHA)) in atmel_aes_authenc_complete()
1776 atmel_sha_authenc_abort(&rctx->auth_req); in atmel_aes_authenc_complete()
1777 dd->flags &= ~AES_FLAGS_OWN_SHA; in atmel_aes_authenc_complete()
1782 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_authenc_start()
1788 atmel_aes_set_mode(dd, &rctx->base); in atmel_aes_authenc_start()
1794 return atmel_sha_authenc_schedule(&rctx->auth_req, ctx->auth, in atmel_aes_authenc_start()
1801 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_authenc_init()
1805 dd->is_async = true; in atmel_aes_authenc_init()
1809 /* If here, we've got the ownership of the SHA device. */ in atmel_aes_authenc_init()
1810 dd->flags |= AES_FLAGS_OWN_SHA; in atmel_aes_authenc_init()
1812 /* Configure the SHA device. */ in atmel_aes_authenc_init()
1813 return atmel_sha_authenc_init(&rctx->auth_req, in atmel_aes_authenc_init()
1814 req->src, req->assoclen, in atmel_aes_authenc_init()
1815 rctx->textlen, in atmel_aes_authenc_init()
1822 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_authenc_transfer()
1830 dd->is_async = true; in atmel_aes_authenc_transfer()
1834 /* Prepare src and dst scatter-lists to transfer cipher/plain texts. */ in atmel_aes_authenc_transfer()
1835 src = scatterwalk_ffwd(rctx->src, req->src, req->assoclen); in atmel_aes_authenc_transfer()
1838 if (req->src != req->dst) in atmel_aes_authenc_transfer()
1839 dst = scatterwalk_ffwd(rctx->dst, req->dst, req->assoclen); in atmel_aes_authenc_transfer()
1842 memcpy(iv, req->iv, sizeof(iv)); in atmel_aes_authenc_transfer()
1858 return atmel_aes_dma_start(dd, src, dst, rctx->textlen, in atmel_aes_authenc_transfer()
1864 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_authenc_digest()
1867 /* atmel_sha_authenc_final() releases the SHA device. */ in atmel_aes_authenc_digest()
1868 dd->flags &= ~AES_FLAGS_OWN_SHA; in atmel_aes_authenc_digest()
1869 return atmel_sha_authenc_final(&rctx->auth_req, in atmel_aes_authenc_digest()
1870 rctx->digest, sizeof(rctx->digest), in atmel_aes_authenc_digest()
1877 struct aead_request *req = aead_request_cast(dd->areq); in atmel_aes_authenc_final()
1881 u32 idigest[SHA512_DIGEST_SIZE / sizeof(u32)], *odigest = rctx->digest; in atmel_aes_authenc_final()
1885 dd->is_async = true; in atmel_aes_authenc_final()
1889 offs = req->assoclen + rctx->textlen; in atmel_aes_authenc_final()
1892 scatterwalk_map_and_copy(odigest, req->dst, offs, authsize, 1); in atmel_aes_authenc_final()
1894 scatterwalk_map_and_copy(idigest, req->src, offs, authsize, 0); in atmel_aes_authenc_final()
1896 err = -EBADMSG; in atmel_aes_authenc_final()
1913 if (keys.enckeylen > sizeof(ctx->base.key)) in atmel_aes_authenc_setkey()
1917 err = atmel_sha_authenc_setkey(ctx->auth, in atmel_aes_authenc_setkey()
1926 ctx->base.keylen = keys.enckeylen; in atmel_aes_authenc_setkey()
1927 memcpy(ctx->base.key, keys.enckey, keys.enckeylen); in atmel_aes_authenc_setkey()
1934 return -EINVAL; in atmel_aes_authenc_setkey()
1944 dd = atmel_aes_dev_alloc(&ctx->base); in atmel_aes_authenc_init_tfm()
1946 return -ENODEV; in atmel_aes_authenc_init_tfm()
1948 ctx->auth = atmel_sha_authenc_spawn(auth_mode); in atmel_aes_authenc_init_tfm()
1949 if (IS_ERR(ctx->auth)) in atmel_aes_authenc_init_tfm()
1950 return PTR_ERR(ctx->auth); in atmel_aes_authenc_init_tfm()
1954 ctx->base.dd = dd; in atmel_aes_authenc_init_tfm()
1955 ctx->base.start = atmel_aes_authenc_start; in atmel_aes_authenc_init_tfm()
1989 atmel_sha_authenc_free(ctx->auth); in atmel_aes_authenc_exit_tfm()
2002 if (!enc && req->cryptlen < authsize) in atmel_aes_authenc_crypt()
2003 return -EINVAL; in atmel_aes_authenc_crypt()
2004 rctx->textlen = req->cryptlen - (enc ? 0 : authsize); in atmel_aes_authenc_crypt()
2008 * the SHA auto-padding can be used only on non-empty messages. in atmel_aes_authenc_crypt()
2011 if (!rctx->textlen && !req->assoclen) in atmel_aes_authenc_crypt()
2012 return -EINVAL; in atmel_aes_authenc_crypt()
2014 rctx->base.mode = mode; in atmel_aes_authenc_crypt()
2015 ctx->block_size = AES_BLOCK_SIZE; in atmel_aes_authenc_crypt()
2016 ctx->is_aead = true; in atmel_aes_authenc_crypt()
2018 return atmel_aes_handle_queue(ctx->dd, &req->base); in atmel_aes_authenc_crypt()
2043 .cra_driver_name = "atmel-authenc-hmac-sha1-cbc-aes",
2059 .cra_driver_name = "atmel-authenc-hmac-sha224-cbc-aes",
2075 .cra_driver_name = "atmel-authenc-hmac-sha256-cbc-aes",
2091 .cra_driver_name = "atmel-authenc-hmac-sha384-cbc-aes",
2107 .cra_driver_name = "atmel-authenc-hmac-sha512-cbc-aes",
2119 dd->buf = (void *)__get_free_pages(GFP_KERNEL, ATMEL_AES_BUFFER_ORDER); in atmel_aes_buff_init()
2120 dd->buflen = ATMEL_AES_BUFFER_SIZE; in atmel_aes_buff_init()
2121 dd->buflen &= ~(AES_BLOCK_SIZE - 1); in atmel_aes_buff_init()
2123 if (!dd->buf) { in atmel_aes_buff_init()
2124 dev_err(dd->dev, "unable to alloc pages.\n"); in atmel_aes_buff_init()
2125 return -ENOMEM; in atmel_aes_buff_init()
2133 free_page((unsigned long)dd->buf); in atmel_aes_buff_cleanup()
2141 dd->src.chan = dma_request_chan(dd->dev, "tx"); in atmel_aes_dma_init()
2142 if (IS_ERR(dd->src.chan)) { in atmel_aes_dma_init()
2143 ret = PTR_ERR(dd->src.chan); in atmel_aes_dma_init()
2147 dd->dst.chan = dma_request_chan(dd->dev, "rx"); in atmel_aes_dma_init()
2148 if (IS_ERR(dd->dst.chan)) { in atmel_aes_dma_init()
2149 ret = PTR_ERR(dd->dst.chan); in atmel_aes_dma_init()
2156 dma_release_channel(dd->src.chan); in atmel_aes_dma_init()
2158 dev_err(dd->dev, "no DMA channel available\n"); in atmel_aes_dma_init()
2164 dma_release_channel(dd->dst.chan); in atmel_aes_dma_cleanup()
2165 dma_release_channel(dd->src.chan); in atmel_aes_dma_cleanup()
2179 dd->is_async = true; in atmel_aes_done_task()
2180 (void)dd->resume(dd); in atmel_aes_done_task()
2191 if (AES_FLAGS_BUSY & aes_dd->flags) in atmel_aes_irq()
2192 tasklet_schedule(&aes_dd->done_task); in atmel_aes_irq()
2194 dev_warn(aes_dd->dev, "AES interrupt when no active requests.\n"); in atmel_aes_irq()
2206 if (dd->caps.has_authenc) in atmel_aes_unregister_algs()
2211 if (dd->caps.has_xts) in atmel_aes_unregister_algs()
2214 if (dd->caps.has_gcm) in atmel_aes_unregister_algs()
2223 alg->cra_flags |= CRYPTO_ALG_ASYNC; in atmel_aes_crypto_alg_init()
2224 alg->cra_alignmask = 0xf; in atmel_aes_crypto_alg_init()
2225 alg->cra_priority = ATMEL_AES_PRIORITY; in atmel_aes_crypto_alg_init()
2226 alg->cra_module = THIS_MODULE; in atmel_aes_crypto_alg_init()
2241 if (dd->caps.has_gcm) { in atmel_aes_register_algs()
2249 if (dd->caps.has_xts) { in atmel_aes_register_algs()
2258 if (dd->caps.has_authenc) { in atmel_aes_register_algs()
2291 dd->caps.has_dualbuff = 0; in atmel_aes_get_cap()
2292 dd->caps.has_gcm = 0; in atmel_aes_get_cap()
2293 dd->caps.has_xts = 0; in atmel_aes_get_cap()
2294 dd->caps.has_authenc = 0; in atmel_aes_get_cap()
2295 dd->caps.max_burst_size = 1; in atmel_aes_get_cap()
2298 switch (dd->hw_version & 0xff0) { in atmel_aes_get_cap()
2302 dd->caps.has_dualbuff = 1; in atmel_aes_get_cap()
2303 dd->caps.has_gcm = 1; in atmel_aes_get_cap()
2304 dd->caps.has_xts = 1; in atmel_aes_get_cap()
2305 dd->caps.has_authenc = 1; in atmel_aes_get_cap()
2306 dd->caps.max_burst_size = 4; in atmel_aes_get_cap()
2309 dd->caps.has_dualbuff = 1; in atmel_aes_get_cap()
2310 dd->caps.has_gcm = 1; in atmel_aes_get_cap()
2311 dd->caps.max_burst_size = 4; in atmel_aes_get_cap()
2314 dd->caps.has_dualbuff = 1; in atmel_aes_get_cap()
2315 dd->caps.max_burst_size = 4; in atmel_aes_get_cap()
2320 dev_warn(dd->dev, in atmel_aes_get_cap()
2327 { .compatible = "atmel,at91sam9g46-aes" },
2335 struct device *dev = &pdev->dev; in atmel_aes_probe()
2339 aes_dd = devm_kzalloc(&pdev->dev, sizeof(*aes_dd), GFP_KERNEL); in atmel_aes_probe()
2341 return -ENOMEM; in atmel_aes_probe()
2343 aes_dd->dev = dev; in atmel_aes_probe()
2347 INIT_LIST_HEAD(&aes_dd->list); in atmel_aes_probe()
2348 spin_lock_init(&aes_dd->lock); in atmel_aes_probe()
2350 tasklet_init(&aes_dd->done_task, atmel_aes_done_task, in atmel_aes_probe()
2352 tasklet_init(&aes_dd->queue_task, atmel_aes_queue_task, in atmel_aes_probe()
2355 crypto_init_queue(&aes_dd->queue, ATMEL_AES_QUEUE_LENGTH); in atmel_aes_probe()
2357 aes_dd->io_base = devm_platform_get_and_ioremap_resource(pdev, 0, &aes_res); in atmel_aes_probe()
2358 if (IS_ERR(aes_dd->io_base)) { in atmel_aes_probe()
2359 err = PTR_ERR(aes_dd->io_base); in atmel_aes_probe()
2362 aes_dd->phys_base = aes_res->start; in atmel_aes_probe()
2365 aes_dd->irq = platform_get_irq(pdev, 0); in atmel_aes_probe()
2366 if (aes_dd->irq < 0) { in atmel_aes_probe()
2367 err = aes_dd->irq; in atmel_aes_probe()
2371 err = devm_request_irq(&pdev->dev, aes_dd->irq, atmel_aes_irq, in atmel_aes_probe()
2372 IRQF_SHARED, "atmel-aes", aes_dd); in atmel_aes_probe()
2379 aes_dd->iclk = devm_clk_get_prepared(&pdev->dev, "aes_clk"); in atmel_aes_probe()
2380 if (IS_ERR(aes_dd->iclk)) { in atmel_aes_probe()
2382 err = PTR_ERR(aes_dd->iclk); in atmel_aes_probe()
2393 if (aes_dd->caps.has_authenc && !atmel_sha_authenc_is_ready()) { in atmel_aes_probe()
2394 err = -EPROBE_DEFER; in atmel_aes_probe()
2408 list_add_tail(&aes_dd->list, &atmel_aes.dev_list); in atmel_aes_probe()
2415 dev_info(dev, "Atmel AES - Using %s, %s for DMA transfers\n", in atmel_aes_probe()
2416 dma_chan_name(aes_dd->src.chan), in atmel_aes_probe()
2417 dma_chan_name(aes_dd->dst.chan)); in atmel_aes_probe()
2423 list_del(&aes_dd->list); in atmel_aes_probe()
2429 tasklet_kill(&aes_dd->done_task); in atmel_aes_probe()
2430 tasklet_kill(&aes_dd->queue_task); in atmel_aes_probe()
2442 list_del(&aes_dd->list); in atmel_aes_remove()
2447 tasklet_kill(&aes_dd->done_task); in atmel_aes_remove()
2448 tasklet_kill(&aes_dd->queue_task); in atmel_aes_remove()
2467 MODULE_AUTHOR("Nicolas Royer - Eukréa Electromatique");