1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* Driver for Virtio crypto device. 3 * 4 * Copyright 2016 HUAWEI TECHNOLOGIES CO., LTD. 5 */ 6 7 #include <linux/err.h> 8 #include <linux/module.h> 9 #include <linux/virtio_config.h> 10 #include <linux/cpu.h> 11 12 #include <uapi/linux/virtio_crypto.h> 13 #include "virtio_crypto_common.h" 14 15 16 void 17 virtcrypto_clear_request(struct virtio_crypto_request *vc_req) 18 { 19 if (vc_req) { 20 kfree_sensitive(vc_req->req_data); 21 kfree(vc_req->sgs); 22 } 23 } 24 25 static void virtio_crypto_ctrlq_callback(struct virtio_crypto_ctrl_request *vc_ctrl_req) 26 { 27 complete(&vc_ctrl_req->compl); 28 } 29 30 static void virtcrypto_ctrlq_callback(struct virtqueue *vq) 31 { 32 struct virtio_crypto *vcrypto = vq->vdev->priv; 33 struct virtio_crypto_ctrl_request *vc_ctrl_req; 34 unsigned long flags; 35 unsigned int len; 36 37 spin_lock_irqsave(&vcrypto->ctrl_lock, flags); 38 do { 39 virtqueue_disable_cb(vq); 40 while ((vc_ctrl_req = virtqueue_get_buf(vq, &len)) != NULL) { 41 spin_unlock_irqrestore(&vcrypto->ctrl_lock, flags); 42 virtio_crypto_ctrlq_callback(vc_ctrl_req); 43 spin_lock_irqsave(&vcrypto->ctrl_lock, flags); 44 } 45 } while (!virtqueue_enable_cb(vq)); 46 spin_unlock_irqrestore(&vcrypto->ctrl_lock, flags); 47 } 48 49 int virtio_crypto_ctrl_vq_request(struct virtio_crypto *vcrypto, struct scatterlist *sgs[], 50 unsigned int out_sgs, unsigned int in_sgs, 51 struct virtio_crypto_ctrl_request *vc_ctrl_req) 52 { 53 int err; 54 unsigned long flags; 55 56 init_completion(&vc_ctrl_req->compl); 57 58 spin_lock_irqsave(&vcrypto->ctrl_lock, flags); 59 err = virtqueue_add_sgs(vcrypto->ctrl_vq, sgs, out_sgs, in_sgs, vc_ctrl_req, GFP_ATOMIC); 60 if (err < 0) { 61 spin_unlock_irqrestore(&vcrypto->ctrl_lock, flags); 62 return err; 63 } 64 65 virtqueue_kick(vcrypto->ctrl_vq); 66 spin_unlock_irqrestore(&vcrypto->ctrl_lock, flags); 67 68 wait_for_completion(&vc_ctrl_req->compl); 69 70 return 0; 71 } 72 73 static void virtcrypto_done_work(struct work_struct *work) 74 { 75 struct data_queue *data_vq = from_work(data_vq, work, done_work); 76 struct virtqueue *vq = data_vq->vq; 77 struct virtio_crypto_request *vc_req; 78 unsigned long flags; 79 unsigned int len; 80 81 spin_lock_irqsave(&data_vq->lock, flags); 82 do { 83 virtqueue_disable_cb(vq); 84 while ((vc_req = virtqueue_get_buf(vq, &len)) != NULL) { 85 spin_unlock_irqrestore(&data_vq->lock, flags); 86 if (vc_req->alg_cb) 87 vc_req->alg_cb(vc_req, len); 88 spin_lock_irqsave(&data_vq->lock, flags); 89 } 90 } while (!virtqueue_enable_cb(vq)); 91 spin_unlock_irqrestore(&data_vq->lock, flags); 92 } 93 94 static void virtcrypto_dataq_callback(struct virtqueue *vq) 95 { 96 struct virtio_crypto *vcrypto = vq->vdev->priv; 97 struct data_queue *dq = &vcrypto->data_vq[vq->index]; 98 99 queue_work(system_bh_wq, &dq->done_work); 100 } 101 102 static int virtcrypto_find_vqs(struct virtio_crypto *vi) 103 { 104 struct virtqueue_info *vqs_info; 105 struct virtqueue **vqs; 106 int ret = -ENOMEM; 107 int i, total_vqs; 108 struct device *dev = &vi->vdev->dev; 109 110 /* 111 * We expect 1 data virtqueue, followed by 112 * possible N-1 data queues used in multiqueue mode, 113 * followed by control vq. 114 */ 115 total_vqs = vi->max_data_queues + 1; 116 117 /* Allocate space for find_vqs parameters */ 118 vqs = kzalloc_objs(*vqs, total_vqs); 119 if (!vqs) 120 goto err_vq; 121 vqs_info = kzalloc_objs(*vqs_info, total_vqs); 122 if (!vqs_info) 123 goto err_vqs_info; 124 125 /* Parameters for control virtqueue */ 126 vqs_info[total_vqs - 1].callback = virtcrypto_ctrlq_callback; 127 vqs_info[total_vqs - 1].name = "controlq"; 128 129 /* Allocate/initialize parameters for data virtqueues */ 130 for (i = 0; i < vi->max_data_queues; i++) { 131 vqs_info[i].callback = virtcrypto_dataq_callback; 132 snprintf(vi->data_vq[i].name, sizeof(vi->data_vq[i].name), 133 "dataq.%d", i); 134 vqs_info[i].name = vi->data_vq[i].name; 135 } 136 137 ret = virtio_find_vqs(vi->vdev, total_vqs, vqs, vqs_info, NULL); 138 if (ret) 139 goto err_find; 140 141 vi->ctrl_vq = vqs[total_vqs - 1]; 142 143 for (i = 0; i < vi->max_data_queues; i++) { 144 spin_lock_init(&vi->data_vq[i].lock); 145 vi->data_vq[i].vq = vqs[i]; 146 /* Initialize crypto engine */ 147 vi->data_vq[i].engine = crypto_engine_alloc_init_and_set(dev, true, true, 148 virtqueue_get_vring_size(vqs[i])); 149 if (!vi->data_vq[i].engine) { 150 ret = -ENOMEM; 151 goto err_engine; 152 } 153 INIT_WORK(&vi->data_vq[i].done_work, virtcrypto_done_work); 154 } 155 156 kfree(vqs_info); 157 kfree(vqs); 158 159 return 0; 160 161 err_engine: 162 err_find: 163 kfree(vqs_info); 164 err_vqs_info: 165 kfree(vqs); 166 err_vq: 167 return ret; 168 } 169 170 static int virtcrypto_alloc_queues(struct virtio_crypto *vi) 171 { 172 vi->data_vq = kzalloc_objs(*vi->data_vq, vi->max_data_queues); 173 if (!vi->data_vq) 174 return -ENOMEM; 175 176 return 0; 177 } 178 179 static void virtcrypto_clean_affinity(struct virtio_crypto *vi, long hcpu) 180 { 181 int i; 182 183 if (vi->affinity_hint_set) { 184 for (i = 0; i < vi->max_data_queues; i++) 185 virtqueue_set_affinity(vi->data_vq[i].vq, NULL); 186 187 vi->affinity_hint_set = false; 188 } 189 } 190 191 static void virtcrypto_set_affinity(struct virtio_crypto *vcrypto) 192 { 193 int i = 0; 194 int cpu; 195 196 /* 197 * In single queue mode, we don't set the cpu affinity. 198 */ 199 if (vcrypto->curr_queue == 1 || vcrypto->max_data_queues == 1) { 200 virtcrypto_clean_affinity(vcrypto, -1); 201 return; 202 } 203 204 /* 205 * In multiqueue mode, we let the queue to be private to one cpu 206 * by setting the affinity hint to eliminate the contention. 207 * 208 * TODO: adds cpu hotplug support by register cpu notifier. 209 * 210 */ 211 for_each_online_cpu(cpu) { 212 virtqueue_set_affinity(vcrypto->data_vq[i].vq, cpumask_of(cpu)); 213 if (++i >= vcrypto->max_data_queues) 214 break; 215 } 216 217 vcrypto->affinity_hint_set = true; 218 } 219 220 static void virtcrypto_free_queues(struct virtio_crypto *vi) 221 { 222 kfree(vi->data_vq); 223 } 224 225 static int virtcrypto_init_vqs(struct virtio_crypto *vi) 226 { 227 int ret; 228 229 /* Allocate send & receive queues */ 230 ret = virtcrypto_alloc_queues(vi); 231 if (ret) 232 goto err; 233 234 ret = virtcrypto_find_vqs(vi); 235 if (ret) 236 goto err_free; 237 238 cpus_read_lock(); 239 virtcrypto_set_affinity(vi); 240 cpus_read_unlock(); 241 242 return 0; 243 244 err_free: 245 virtcrypto_free_queues(vi); 246 err: 247 return ret; 248 } 249 250 static int virtcrypto_update_status(struct virtio_crypto *vcrypto) 251 { 252 u32 status; 253 int err; 254 255 virtio_cread_le(vcrypto->vdev, 256 struct virtio_crypto_config, status, &status); 257 258 /* 259 * Unknown status bits would be a host error and the driver 260 * should consider the device to be broken. 261 */ 262 if (status & (~VIRTIO_CRYPTO_S_HW_READY)) { 263 dev_warn(&vcrypto->vdev->dev, 264 "Unknown status bits: 0x%x\n", status); 265 266 virtio_break_device(vcrypto->vdev); 267 return -EPERM; 268 } 269 270 if (vcrypto->status == status) 271 return 0; 272 273 vcrypto->status = status; 274 275 if (vcrypto->status & VIRTIO_CRYPTO_S_HW_READY) { 276 err = virtcrypto_dev_start(vcrypto); 277 if (err) { 278 dev_err(&vcrypto->vdev->dev, 279 "Failed to start virtio crypto device.\n"); 280 281 return -EPERM; 282 } 283 dev_info(&vcrypto->vdev->dev, "Accelerator device is ready\n"); 284 } else { 285 virtcrypto_dev_stop(vcrypto); 286 dev_info(&vcrypto->vdev->dev, "Accelerator is not ready\n"); 287 } 288 289 return 0; 290 } 291 292 static int virtcrypto_start_crypto_engines(struct virtio_crypto *vcrypto) 293 { 294 int32_t i; 295 int ret; 296 297 for (i = 0; i < vcrypto->max_data_queues; i++) { 298 if (vcrypto->data_vq[i].engine) { 299 ret = crypto_engine_start(vcrypto->data_vq[i].engine); 300 if (ret) 301 goto err; 302 } 303 } 304 305 return 0; 306 307 err: 308 while (--i >= 0) 309 if (vcrypto->data_vq[i].engine) 310 crypto_engine_exit(vcrypto->data_vq[i].engine); 311 312 return ret; 313 } 314 315 static void virtcrypto_clear_crypto_engines(struct virtio_crypto *vcrypto) 316 { 317 u32 i; 318 319 for (i = 0; i < vcrypto->max_data_queues; i++) 320 if (vcrypto->data_vq[i].engine) 321 crypto_engine_exit(vcrypto->data_vq[i].engine); 322 } 323 324 static void virtcrypto_del_vqs(struct virtio_crypto *vcrypto) 325 { 326 struct virtio_device *vdev = vcrypto->vdev; 327 328 virtcrypto_clean_affinity(vcrypto, -1); 329 330 vdev->config->del_vqs(vdev); 331 332 virtcrypto_free_queues(vcrypto); 333 } 334 335 static void vcrypto_config_changed_work(struct work_struct *work) 336 { 337 struct virtio_crypto *vcrypto = 338 container_of(work, struct virtio_crypto, config_work); 339 340 virtcrypto_update_status(vcrypto); 341 } 342 343 static int virtcrypto_probe(struct virtio_device *vdev) 344 { 345 int err = -EFAULT; 346 struct virtio_crypto *vcrypto; 347 u32 max_data_queues = 0, max_cipher_key_len = 0; 348 u32 max_auth_key_len = 0; 349 u64 max_size = 0; 350 u32 cipher_algo_l = 0; 351 u32 cipher_algo_h = 0; 352 u32 hash_algo = 0; 353 u32 mac_algo_l = 0; 354 u32 mac_algo_h = 0; 355 u32 aead_algo = 0; 356 u32 akcipher_algo = 0; 357 u32 crypto_services = 0; 358 359 if (!virtio_has_feature(vdev, VIRTIO_F_VERSION_1)) 360 return -ENODEV; 361 362 if (!vdev->config->get) { 363 dev_err(&vdev->dev, "%s failure: config access disabled\n", 364 __func__); 365 return -EINVAL; 366 } 367 368 if (num_possible_nodes() > 1 && dev_to_node(&vdev->dev) < 0) { 369 /* 370 * If the accelerator is connected to a node with no memory 371 * there is no point in using the accelerator since the remote 372 * memory transaction will be very slow. 373 */ 374 dev_err(&vdev->dev, "Invalid NUMA configuration.\n"); 375 return -EINVAL; 376 } 377 378 vcrypto = kzalloc_node(sizeof(*vcrypto), GFP_KERNEL, 379 dev_to_node(&vdev->dev)); 380 if (!vcrypto) 381 return -ENOMEM; 382 383 virtio_cread_le(vdev, struct virtio_crypto_config, 384 max_dataqueues, &max_data_queues); 385 if (max_data_queues < 1) 386 max_data_queues = 1; 387 388 virtio_cread_le(vdev, struct virtio_crypto_config, 389 max_cipher_key_len, &max_cipher_key_len); 390 virtio_cread_le(vdev, struct virtio_crypto_config, 391 max_auth_key_len, &max_auth_key_len); 392 virtio_cread_le(vdev, struct virtio_crypto_config, 393 max_size, &max_size); 394 virtio_cread_le(vdev, struct virtio_crypto_config, 395 crypto_services, &crypto_services); 396 virtio_cread_le(vdev, struct virtio_crypto_config, 397 cipher_algo_l, &cipher_algo_l); 398 virtio_cread_le(vdev, struct virtio_crypto_config, 399 cipher_algo_h, &cipher_algo_h); 400 virtio_cread_le(vdev, struct virtio_crypto_config, 401 hash_algo, &hash_algo); 402 virtio_cread_le(vdev, struct virtio_crypto_config, 403 mac_algo_l, &mac_algo_l); 404 virtio_cread_le(vdev, struct virtio_crypto_config, 405 mac_algo_h, &mac_algo_h); 406 virtio_cread_le(vdev, struct virtio_crypto_config, 407 aead_algo, &aead_algo); 408 if (crypto_services & (1 << VIRTIO_CRYPTO_SERVICE_AKCIPHER)) 409 virtio_cread_le(vdev, struct virtio_crypto_config, 410 akcipher_algo, &akcipher_algo); 411 412 /* Add virtio crypto device to global table */ 413 err = virtcrypto_devmgr_add_dev(vcrypto); 414 if (err) { 415 dev_err(&vdev->dev, "Failed to add new virtio crypto device.\n"); 416 goto free; 417 } 418 vcrypto->owner = THIS_MODULE; 419 vcrypto = vdev->priv = vcrypto; 420 vcrypto->vdev = vdev; 421 422 spin_lock_init(&vcrypto->ctrl_lock); 423 424 /* Use single data queue as default */ 425 vcrypto->curr_queue = 1; 426 vcrypto->max_data_queues = max_data_queues; 427 vcrypto->max_cipher_key_len = max_cipher_key_len; 428 vcrypto->max_auth_key_len = max_auth_key_len; 429 vcrypto->max_size = max_size; 430 vcrypto->crypto_services = crypto_services; 431 vcrypto->cipher_algo_l = cipher_algo_l; 432 vcrypto->cipher_algo_h = cipher_algo_h; 433 vcrypto->mac_algo_l = mac_algo_l; 434 vcrypto->mac_algo_h = mac_algo_h; 435 vcrypto->hash_algo = hash_algo; 436 vcrypto->aead_algo = aead_algo; 437 vcrypto->akcipher_algo = akcipher_algo; 438 439 dev_info(&vdev->dev, 440 "max_queues: %u, max_cipher_key_len: %u, max_auth_key_len: %u, max_size 0x%llx\n", 441 vcrypto->max_data_queues, 442 vcrypto->max_cipher_key_len, 443 vcrypto->max_auth_key_len, 444 vcrypto->max_size); 445 446 err = virtcrypto_init_vqs(vcrypto); 447 if (err) { 448 dev_err(&vdev->dev, "Failed to initialize vqs.\n"); 449 goto free_dev; 450 } 451 452 err = virtcrypto_start_crypto_engines(vcrypto); 453 if (err) 454 goto free_vqs; 455 456 virtio_device_ready(vdev); 457 458 err = virtcrypto_update_status(vcrypto); 459 if (err) 460 goto free_engines; 461 462 INIT_WORK(&vcrypto->config_work, vcrypto_config_changed_work); 463 464 return 0; 465 466 free_engines: 467 virtcrypto_clear_crypto_engines(vcrypto); 468 free_vqs: 469 virtio_reset_device(vdev); 470 virtcrypto_del_vqs(vcrypto); 471 free_dev: 472 virtcrypto_devmgr_rm_dev(vcrypto); 473 free: 474 kfree(vcrypto); 475 return err; 476 } 477 478 static void virtcrypto_free_unused_reqs(struct virtio_crypto *vcrypto) 479 { 480 struct virtio_crypto_request *vc_req; 481 int i; 482 struct virtqueue *vq; 483 484 for (i = 0; i < vcrypto->max_data_queues; i++) { 485 vq = vcrypto->data_vq[i].vq; 486 while ((vc_req = virtqueue_detach_unused_buf(vq)) != NULL) 487 virtcrypto_clear_request(vc_req); 488 cond_resched(); 489 } 490 } 491 492 static void virtcrypto_remove(struct virtio_device *vdev) 493 { 494 struct virtio_crypto *vcrypto = vdev->priv; 495 int i; 496 497 dev_info(&vdev->dev, "Start virtcrypto_remove.\n"); 498 499 flush_work(&vcrypto->config_work); 500 if (virtcrypto_dev_started(vcrypto)) 501 virtcrypto_dev_stop(vcrypto); 502 for (i = 0; i < vcrypto->max_data_queues; i++) 503 cancel_work_sync(&vcrypto->data_vq[i].done_work); 504 virtio_reset_device(vdev); 505 virtcrypto_free_unused_reqs(vcrypto); 506 virtcrypto_clear_crypto_engines(vcrypto); 507 virtcrypto_del_vqs(vcrypto); 508 virtcrypto_devmgr_rm_dev(vcrypto); 509 kfree(vcrypto); 510 } 511 512 static void virtcrypto_config_changed(struct virtio_device *vdev) 513 { 514 struct virtio_crypto *vcrypto = vdev->priv; 515 516 schedule_work(&vcrypto->config_work); 517 } 518 519 #ifdef CONFIG_PM_SLEEP 520 static int virtcrypto_freeze(struct virtio_device *vdev) 521 { 522 struct virtio_crypto *vcrypto = vdev->priv; 523 524 flush_work(&vcrypto->config_work); 525 virtio_reset_device(vdev); 526 virtcrypto_free_unused_reqs(vcrypto); 527 if (virtcrypto_dev_started(vcrypto)) 528 virtcrypto_dev_stop(vcrypto); 529 530 virtcrypto_clear_crypto_engines(vcrypto); 531 virtcrypto_del_vqs(vcrypto); 532 return 0; 533 } 534 535 static int virtcrypto_restore(struct virtio_device *vdev) 536 { 537 struct virtio_crypto *vcrypto = vdev->priv; 538 int err; 539 540 err = virtcrypto_init_vqs(vcrypto); 541 if (err) 542 return err; 543 544 err = virtcrypto_start_crypto_engines(vcrypto); 545 if (err) 546 goto free_vqs; 547 548 virtio_device_ready(vdev); 549 550 err = virtcrypto_dev_start(vcrypto); 551 if (err) { 552 dev_err(&vdev->dev, "Failed to start virtio crypto device.\n"); 553 goto free_engines; 554 } 555 556 return 0; 557 558 free_engines: 559 virtcrypto_clear_crypto_engines(vcrypto); 560 free_vqs: 561 virtio_reset_device(vdev); 562 virtcrypto_del_vqs(vcrypto); 563 return err; 564 } 565 #endif 566 567 static const unsigned int features[] = { 568 /* none */ 569 }; 570 571 static const struct virtio_device_id id_table[] = { 572 { VIRTIO_ID_CRYPTO, VIRTIO_DEV_ANY_ID }, 573 { 0 }, 574 }; 575 576 static struct virtio_driver virtio_crypto_driver = { 577 .driver.name = KBUILD_MODNAME, 578 .feature_table = features, 579 .feature_table_size = ARRAY_SIZE(features), 580 .id_table = id_table, 581 .probe = virtcrypto_probe, 582 .remove = virtcrypto_remove, 583 .config_changed = virtcrypto_config_changed, 584 #ifdef CONFIG_PM_SLEEP 585 .freeze = virtcrypto_freeze, 586 .restore = virtcrypto_restore, 587 #endif 588 }; 589 590 module_virtio_driver(virtio_crypto_driver); 591 592 MODULE_DEVICE_TABLE(virtio, id_table); 593 MODULE_DESCRIPTION("virtio crypto device driver"); 594 MODULE_LICENSE("GPL"); 595 MODULE_AUTHOR("Gonglei <arei.gonglei@huawei.com>"); 596