1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * AMCC SoC PPC4xx Crypto Driver 4 * 5 * Copyright (c) 2008 Applied Micro Circuits Corporation. 6 * All rights reserved. James Hsiao <jhsiao@amcc.com> 7 * 8 * This file implements AMCC crypto offload Linux device driver for use with 9 * Linux CryptoAPI. 10 */ 11 12 #include <linux/kernel.h> 13 #include <linux/interrupt.h> 14 #include <linux/spinlock_types.h> 15 #include <linux/random.h> 16 #include <linux/scatterlist.h> 17 #include <linux/crypto.h> 18 #include <linux/dma-mapping.h> 19 #include <linux/platform_device.h> 20 #include <linux/init.h> 21 #include <linux/module.h> 22 #include <linux/of_address.h> 23 #include <linux/of_irq.h> 24 #include <linux/of_platform.h> 25 #include <linux/slab.h> 26 #include <asm/dcr.h> 27 #include <asm/dcr-regs.h> 28 #include <asm/cacheflush.h> 29 #include <crypto/aead.h> 30 #include <crypto/aes.h> 31 #include <crypto/ctr.h> 32 #include <crypto/gcm.h> 33 #include <crypto/sha1.h> 34 #include <crypto/rng.h> 35 #include <crypto/scatterwalk.h> 36 #include <crypto/skcipher.h> 37 #include <crypto/internal/aead.h> 38 #include <crypto/internal/rng.h> 39 #include <crypto/internal/skcipher.h> 40 #include "crypto4xx_reg_def.h" 41 #include "crypto4xx_core.h" 42 #include "crypto4xx_sa.h" 43 #include "crypto4xx_trng.h" 44 45 #define PPC4XX_SEC_VERSION_STR "0.5" 46 47 /* 48 * PPC4xx Crypto Engine Initialization Routine 49 */ 50 static void crypto4xx_hw_init(struct crypto4xx_device *dev) 51 { 52 union ce_ring_size ring_size; 53 union ce_ring_control ring_ctrl; 54 union ce_part_ring_size part_ring_size; 55 union ce_io_threshold io_threshold; 56 u32 rand_num; 57 union ce_pe_dma_cfg pe_dma_cfg; 58 u32 device_ctrl; 59 60 writel(PPC4XX_BYTE_ORDER, dev->ce_base + CRYPTO4XX_BYTE_ORDER_CFG); 61 /* setup pe dma, include reset sg, pdr and pe, then release reset */ 62 pe_dma_cfg.w = 0; 63 pe_dma_cfg.bf.bo_sgpd_en = 1; 64 pe_dma_cfg.bf.bo_data_en = 0; 65 pe_dma_cfg.bf.bo_sa_en = 1; 66 pe_dma_cfg.bf.bo_pd_en = 1; 67 pe_dma_cfg.bf.dynamic_sa_en = 1; 68 pe_dma_cfg.bf.reset_sg = 1; 69 pe_dma_cfg.bf.reset_pdr = 1; 70 pe_dma_cfg.bf.reset_pe = 1; 71 writel(pe_dma_cfg.w, dev->ce_base + CRYPTO4XX_PE_DMA_CFG); 72 /* un reset pe,sg and pdr */ 73 pe_dma_cfg.bf.pe_mode = 0; 74 pe_dma_cfg.bf.reset_sg = 0; 75 pe_dma_cfg.bf.reset_pdr = 0; 76 pe_dma_cfg.bf.reset_pe = 0; 77 pe_dma_cfg.bf.bo_td_en = 0; 78 writel(pe_dma_cfg.w, dev->ce_base + CRYPTO4XX_PE_DMA_CFG); 79 writel(dev->pdr_pa, dev->ce_base + CRYPTO4XX_PDR_BASE); 80 writel(dev->pdr_pa, dev->ce_base + CRYPTO4XX_RDR_BASE); 81 writel(PPC4XX_PRNG_CTRL_AUTO_EN, dev->ce_base + CRYPTO4XX_PRNG_CTRL); 82 get_random_bytes(&rand_num, sizeof(rand_num)); 83 writel(rand_num, dev->ce_base + CRYPTO4XX_PRNG_SEED_L); 84 get_random_bytes(&rand_num, sizeof(rand_num)); 85 writel(rand_num, dev->ce_base + CRYPTO4XX_PRNG_SEED_H); 86 ring_size.w = 0; 87 ring_size.bf.ring_offset = PPC4XX_PD_SIZE; 88 ring_size.bf.ring_size = PPC4XX_NUM_PD; 89 writel(ring_size.w, dev->ce_base + CRYPTO4XX_RING_SIZE); 90 ring_ctrl.w = 0; 91 writel(ring_ctrl.w, dev->ce_base + CRYPTO4XX_RING_CTRL); 92 device_ctrl = readl(dev->ce_base + CRYPTO4XX_DEVICE_CTRL); 93 device_ctrl |= PPC4XX_DC_3DES_EN; 94 writel(device_ctrl, dev->ce_base + CRYPTO4XX_DEVICE_CTRL); 95 writel(dev->gdr_pa, dev->ce_base + CRYPTO4XX_GATH_RING_BASE); 96 writel(dev->sdr_pa, dev->ce_base + CRYPTO4XX_SCAT_RING_BASE); 97 part_ring_size.w = 0; 98 part_ring_size.bf.sdr_size = PPC4XX_SDR_SIZE; 99 part_ring_size.bf.gdr_size = PPC4XX_GDR_SIZE; 100 writel(part_ring_size.w, dev->ce_base + CRYPTO4XX_PART_RING_SIZE); 101 writel(PPC4XX_SD_BUFFER_SIZE, dev->ce_base + CRYPTO4XX_PART_RING_CFG); 102 io_threshold.w = 0; 103 io_threshold.bf.output_threshold = PPC4XX_OUTPUT_THRESHOLD; 104 io_threshold.bf.input_threshold = PPC4XX_INPUT_THRESHOLD; 105 writel(io_threshold.w, dev->ce_base + CRYPTO4XX_IO_THRESHOLD); 106 writel(0, dev->ce_base + CRYPTO4XX_PDR_BASE_UADDR); 107 writel(0, dev->ce_base + CRYPTO4XX_RDR_BASE_UADDR); 108 writel(0, dev->ce_base + CRYPTO4XX_PKT_SRC_UADDR); 109 writel(0, dev->ce_base + CRYPTO4XX_PKT_DEST_UADDR); 110 writel(0, dev->ce_base + CRYPTO4XX_SA_UADDR); 111 writel(0, dev->ce_base + CRYPTO4XX_GATH_RING_BASE_UADDR); 112 writel(0, dev->ce_base + CRYPTO4XX_SCAT_RING_BASE_UADDR); 113 /* un reset pe,sg and pdr */ 114 pe_dma_cfg.bf.pe_mode = 1; 115 pe_dma_cfg.bf.reset_sg = 0; 116 pe_dma_cfg.bf.reset_pdr = 0; 117 pe_dma_cfg.bf.reset_pe = 0; 118 pe_dma_cfg.bf.bo_td_en = 0; 119 writel(pe_dma_cfg.w, dev->ce_base + CRYPTO4XX_PE_DMA_CFG); 120 /*clear all pending interrupt*/ 121 writel(PPC4XX_INTERRUPT_CLR, dev->ce_base + CRYPTO4XX_INT_CLR); 122 writel(PPC4XX_INT_DESCR_CNT, dev->ce_base + CRYPTO4XX_INT_DESCR_CNT); 123 writel(PPC4XX_INT_DESCR_CNT, dev->ce_base + CRYPTO4XX_INT_DESCR_CNT); 124 writel(PPC4XX_INT_CFG, dev->ce_base + CRYPTO4XX_INT_CFG); 125 if (dev->is_revb) { 126 writel(PPC4XX_INT_TIMEOUT_CNT_REVB << 10, 127 dev->ce_base + CRYPTO4XX_INT_TIMEOUT_CNT); 128 writel(PPC4XX_PD_DONE_INT | PPC4XX_TMO_ERR_INT, 129 dev->ce_base + CRYPTO4XX_INT_EN); 130 } else { 131 writel(PPC4XX_PD_DONE_INT, dev->ce_base + CRYPTO4XX_INT_EN); 132 } 133 } 134 135 int crypto4xx_alloc_sa(struct crypto4xx_ctx *ctx, u32 size) 136 { 137 ctx->sa_in = kcalloc(size, 4, GFP_ATOMIC); 138 if (ctx->sa_in == NULL) 139 return -ENOMEM; 140 141 ctx->sa_out = kcalloc(size, 4, GFP_ATOMIC); 142 if (ctx->sa_out == NULL) { 143 kfree(ctx->sa_in); 144 ctx->sa_in = NULL; 145 return -ENOMEM; 146 } 147 148 ctx->sa_len = size; 149 150 return 0; 151 } 152 153 void crypto4xx_free_sa(struct crypto4xx_ctx *ctx) 154 { 155 kfree(ctx->sa_in); 156 ctx->sa_in = NULL; 157 kfree(ctx->sa_out); 158 ctx->sa_out = NULL; 159 ctx->sa_len = 0; 160 } 161 162 /* 163 * alloc memory for the gather ring 164 * no need to alloc buf for the ring 165 * gdr_tail, gdr_head and gdr_count are initialized by this function 166 */ 167 static u32 crypto4xx_build_pdr(struct crypto4xx_device *dev) 168 { 169 int i; 170 dev->pdr = dma_alloc_coherent(dev->core_dev->device, 171 sizeof(struct ce_pd) * PPC4XX_NUM_PD, 172 &dev->pdr_pa, GFP_KERNEL); 173 if (!dev->pdr) 174 return -ENOMEM; 175 176 dev->pdr_uinfo = kzalloc_objs(struct pd_uinfo, PPC4XX_NUM_PD); 177 if (!dev->pdr_uinfo) { 178 dma_free_coherent(dev->core_dev->device, 179 sizeof(struct ce_pd) * PPC4XX_NUM_PD, 180 dev->pdr, 181 dev->pdr_pa); 182 return -ENOMEM; 183 } 184 dev->shadow_sa_pool = dma_alloc_coherent(dev->core_dev->device, 185 sizeof(union shadow_sa_buf) * PPC4XX_NUM_PD, 186 &dev->shadow_sa_pool_pa, 187 GFP_KERNEL); 188 if (!dev->shadow_sa_pool) 189 return -ENOMEM; 190 191 dev->shadow_sr_pool = dma_alloc_coherent(dev->core_dev->device, 192 sizeof(struct sa_state_record) * PPC4XX_NUM_PD, 193 &dev->shadow_sr_pool_pa, GFP_KERNEL); 194 if (!dev->shadow_sr_pool) 195 return -ENOMEM; 196 for (i = 0; i < PPC4XX_NUM_PD; i++) { 197 struct ce_pd *pd = &dev->pdr[i]; 198 struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[i]; 199 200 pd->sa = dev->shadow_sa_pool_pa + 201 sizeof(union shadow_sa_buf) * i; 202 203 /* alloc 256 bytes which is enough for any kind of dynamic sa */ 204 pd_uinfo->sa_va = &dev->shadow_sa_pool[i].sa; 205 206 /* alloc state record */ 207 pd_uinfo->sr_va = &dev->shadow_sr_pool[i]; 208 pd_uinfo->sr_pa = dev->shadow_sr_pool_pa + 209 sizeof(struct sa_state_record) * i; 210 } 211 212 return 0; 213 } 214 215 static void crypto4xx_destroy_pdr(struct crypto4xx_device *dev) 216 { 217 if (dev->pdr) 218 dma_free_coherent(dev->core_dev->device, 219 sizeof(struct ce_pd) * PPC4XX_NUM_PD, 220 dev->pdr, dev->pdr_pa); 221 222 if (dev->shadow_sa_pool) 223 dma_free_coherent(dev->core_dev->device, 224 sizeof(union shadow_sa_buf) * PPC4XX_NUM_PD, 225 dev->shadow_sa_pool, dev->shadow_sa_pool_pa); 226 227 if (dev->shadow_sr_pool) 228 dma_free_coherent(dev->core_dev->device, 229 sizeof(struct sa_state_record) * PPC4XX_NUM_PD, 230 dev->shadow_sr_pool, dev->shadow_sr_pool_pa); 231 232 kfree(dev->pdr_uinfo); 233 } 234 235 static u32 crypto4xx_get_pd_from_pdr_nolock(struct crypto4xx_device *dev) 236 { 237 u32 retval; 238 u32 tmp; 239 240 retval = dev->pdr_head; 241 tmp = (dev->pdr_head + 1) % PPC4XX_NUM_PD; 242 243 if (tmp == dev->pdr_tail) 244 return ERING_WAS_FULL; 245 246 dev->pdr_head = tmp; 247 248 return retval; 249 } 250 251 static u32 crypto4xx_put_pd_to_pdr(struct crypto4xx_device *dev, u32 idx) 252 { 253 struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[idx]; 254 u32 tail; 255 unsigned long flags; 256 257 spin_lock_irqsave(&dev->core_dev->lock, flags); 258 pd_uinfo->state = PD_ENTRY_FREE; 259 260 if (dev->pdr_tail != PPC4XX_LAST_PD) 261 dev->pdr_tail++; 262 else 263 dev->pdr_tail = 0; 264 tail = dev->pdr_tail; 265 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 266 267 return tail; 268 } 269 270 /* 271 * alloc memory for the gather ring 272 * no need to alloc buf for the ring 273 * gdr_tail, gdr_head and gdr_count are initialized by this function 274 */ 275 static u32 crypto4xx_build_gdr(struct crypto4xx_device *dev) 276 { 277 dev->gdr = dma_alloc_coherent(dev->core_dev->device, 278 sizeof(struct ce_gd) * PPC4XX_NUM_GD, 279 &dev->gdr_pa, GFP_KERNEL); 280 if (!dev->gdr) 281 return -ENOMEM; 282 283 return 0; 284 } 285 286 static inline void crypto4xx_destroy_gdr(struct crypto4xx_device *dev) 287 { 288 if (dev->gdr) 289 dma_free_coherent(dev->core_dev->device, 290 sizeof(struct ce_gd) * PPC4XX_NUM_GD, 291 dev->gdr, dev->gdr_pa); 292 } 293 294 /* 295 * when this function is called. 296 * preemption or interrupt must be disabled 297 */ 298 static u32 crypto4xx_get_n_gd(struct crypto4xx_device *dev, int n) 299 { 300 u32 retval; 301 u32 tmp; 302 303 if (n >= PPC4XX_NUM_GD) 304 return ERING_WAS_FULL; 305 306 retval = dev->gdr_head; 307 tmp = (dev->gdr_head + n) % PPC4XX_NUM_GD; 308 if (dev->gdr_head > dev->gdr_tail) { 309 if (tmp < dev->gdr_head && tmp >= dev->gdr_tail) 310 return ERING_WAS_FULL; 311 } else if (dev->gdr_head < dev->gdr_tail) { 312 if (tmp < dev->gdr_head || tmp >= dev->gdr_tail) 313 return ERING_WAS_FULL; 314 } 315 dev->gdr_head = tmp; 316 317 return retval; 318 } 319 320 static u32 crypto4xx_put_gd_to_gdr(struct crypto4xx_device *dev) 321 { 322 unsigned long flags; 323 324 spin_lock_irqsave(&dev->core_dev->lock, flags); 325 if (dev->gdr_tail == dev->gdr_head) { 326 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 327 return 0; 328 } 329 330 if (dev->gdr_tail != PPC4XX_LAST_GD) 331 dev->gdr_tail++; 332 else 333 dev->gdr_tail = 0; 334 335 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 336 337 return 0; 338 } 339 340 static inline struct ce_gd *crypto4xx_get_gdp(struct crypto4xx_device *dev, 341 dma_addr_t *gd_dma, u32 idx) 342 { 343 *gd_dma = dev->gdr_pa + sizeof(struct ce_gd) * idx; 344 345 return &dev->gdr[idx]; 346 } 347 348 /* 349 * alloc memory for the scatter ring 350 * need to alloc buf for the ring 351 * sdr_tail, sdr_head and sdr_count are initialized by this function 352 */ 353 static u32 crypto4xx_build_sdr(struct crypto4xx_device *dev) 354 { 355 int i; 356 357 dev->scatter_buffer_va = 358 dma_alloc_coherent(dev->core_dev->device, 359 PPC4XX_SD_BUFFER_SIZE * PPC4XX_NUM_SD, 360 &dev->scatter_buffer_pa, GFP_KERNEL); 361 if (!dev->scatter_buffer_va) 362 return -ENOMEM; 363 364 /* alloc memory for scatter descriptor ring */ 365 dev->sdr = dma_alloc_coherent(dev->core_dev->device, 366 sizeof(struct ce_sd) * PPC4XX_NUM_SD, 367 &dev->sdr_pa, GFP_KERNEL); 368 if (!dev->sdr) 369 return -ENOMEM; 370 371 for (i = 0; i < PPC4XX_NUM_SD; i++) { 372 dev->sdr[i].ptr = dev->scatter_buffer_pa + 373 PPC4XX_SD_BUFFER_SIZE * i; 374 } 375 376 return 0; 377 } 378 379 static void crypto4xx_destroy_sdr(struct crypto4xx_device *dev) 380 { 381 if (dev->sdr) 382 dma_free_coherent(dev->core_dev->device, 383 sizeof(struct ce_sd) * PPC4XX_NUM_SD, 384 dev->sdr, dev->sdr_pa); 385 386 if (dev->scatter_buffer_va) 387 dma_free_coherent(dev->core_dev->device, 388 PPC4XX_SD_BUFFER_SIZE * PPC4XX_NUM_SD, 389 dev->scatter_buffer_va, 390 dev->scatter_buffer_pa); 391 } 392 393 /* 394 * when this function is called. 395 * preemption or interrupt must be disabled 396 */ 397 static u32 crypto4xx_get_n_sd(struct crypto4xx_device *dev, int n) 398 { 399 u32 retval; 400 u32 tmp; 401 402 if (n >= PPC4XX_NUM_SD) 403 return ERING_WAS_FULL; 404 405 retval = dev->sdr_head; 406 tmp = (dev->sdr_head + n) % PPC4XX_NUM_SD; 407 if (dev->sdr_head > dev->gdr_tail) { 408 if (tmp < dev->sdr_head && tmp >= dev->sdr_tail) 409 return ERING_WAS_FULL; 410 } else if (dev->sdr_head < dev->sdr_tail) { 411 if (tmp < dev->sdr_head || tmp >= dev->sdr_tail) 412 return ERING_WAS_FULL; 413 } /* the head = tail, or empty case is already take cared */ 414 dev->sdr_head = tmp; 415 416 return retval; 417 } 418 419 static u32 crypto4xx_put_sd_to_sdr(struct crypto4xx_device *dev) 420 { 421 unsigned long flags; 422 423 spin_lock_irqsave(&dev->core_dev->lock, flags); 424 if (dev->sdr_tail == dev->sdr_head) { 425 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 426 return 0; 427 } 428 if (dev->sdr_tail != PPC4XX_LAST_SD) 429 dev->sdr_tail++; 430 else 431 dev->sdr_tail = 0; 432 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 433 434 return 0; 435 } 436 437 static inline struct ce_sd *crypto4xx_get_sdp(struct crypto4xx_device *dev, 438 dma_addr_t *sd_dma, u32 idx) 439 { 440 *sd_dma = dev->sdr_pa + sizeof(struct ce_sd) * idx; 441 442 return &dev->sdr[idx]; 443 } 444 445 static void crypto4xx_copy_pkt_to_dst(struct crypto4xx_device *dev, 446 struct ce_pd *pd, 447 struct pd_uinfo *pd_uinfo, 448 u32 nbytes, 449 struct scatterlist *dst) 450 { 451 unsigned int first_sd = pd_uinfo->first_sd; 452 unsigned int last_sd; 453 unsigned int overflow = 0; 454 unsigned int to_copy; 455 unsigned int dst_start = 0; 456 457 /* 458 * Because the scatter buffers are all neatly organized in one 459 * big continuous ringbuffer; scatterwalk_map_and_copy() can 460 * be instructed to copy a range of buffers in one go. 461 */ 462 463 last_sd = (first_sd + pd_uinfo->num_sd); 464 if (last_sd > PPC4XX_LAST_SD) { 465 last_sd = PPC4XX_LAST_SD; 466 overflow = last_sd % PPC4XX_NUM_SD; 467 } 468 469 while (nbytes) { 470 void *buf = dev->scatter_buffer_va + 471 first_sd * PPC4XX_SD_BUFFER_SIZE; 472 473 to_copy = min(nbytes, PPC4XX_SD_BUFFER_SIZE * 474 (1 + last_sd - first_sd)); 475 scatterwalk_map_and_copy(buf, dst, dst_start, to_copy, 1); 476 nbytes -= to_copy; 477 478 if (overflow) { 479 first_sd = 0; 480 last_sd = overflow; 481 dst_start += to_copy; 482 overflow = 0; 483 } 484 } 485 } 486 487 static void crypto4xx_ret_sg_desc(struct crypto4xx_device *dev, 488 struct pd_uinfo *pd_uinfo) 489 { 490 int i; 491 if (pd_uinfo->num_gd) { 492 for (i = 0; i < pd_uinfo->num_gd; i++) 493 crypto4xx_put_gd_to_gdr(dev); 494 pd_uinfo->first_gd = 0xffffffff; 495 pd_uinfo->num_gd = 0; 496 } 497 if (pd_uinfo->num_sd) { 498 for (i = 0; i < pd_uinfo->num_sd; i++) 499 crypto4xx_put_sd_to_sdr(dev); 500 501 pd_uinfo->first_sd = 0xffffffff; 502 pd_uinfo->num_sd = 0; 503 } 504 } 505 506 static void crypto4xx_cipher_done(struct crypto4xx_device *dev, 507 struct pd_uinfo *pd_uinfo, 508 struct ce_pd *pd) 509 { 510 struct skcipher_request *req; 511 struct scatterlist *dst; 512 513 req = skcipher_request_cast(pd_uinfo->async_req); 514 515 if (pd_uinfo->sa_va->sa_command_0.bf.scatter) { 516 crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo, 517 req->cryptlen, req->dst); 518 } else { 519 dst = pd_uinfo->dest_va; 520 dma_unmap_page(dev->core_dev->device, pd->dest, dst->length, 521 DMA_FROM_DEVICE); 522 } 523 524 if (pd_uinfo->sa_va->sa_command_0.bf.save_iv == SA_SAVE_IV) { 525 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); 526 527 crypto4xx_memcpy_from_le32((u32 *)req->iv, 528 pd_uinfo->sr_va->save_iv, 529 crypto_skcipher_ivsize(skcipher)); 530 } 531 532 crypto4xx_ret_sg_desc(dev, pd_uinfo); 533 534 if (pd_uinfo->state & PD_ENTRY_BUSY) 535 skcipher_request_complete(req, -EINPROGRESS); 536 skcipher_request_complete(req, 0); 537 } 538 539 static void crypto4xx_aead_done(struct crypto4xx_device *dev, 540 struct pd_uinfo *pd_uinfo, 541 struct ce_pd *pd) 542 { 543 struct aead_request *aead_req = container_of(pd_uinfo->async_req, 544 struct aead_request, base); 545 struct scatterlist *dst = pd_uinfo->dest_va; 546 size_t cp_len = crypto_aead_authsize( 547 crypto_aead_reqtfm(aead_req)); 548 u32 icv[AES_BLOCK_SIZE]; 549 int err = 0; 550 551 if (pd_uinfo->sa_va->sa_command_0.bf.scatter) { 552 crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo, 553 pd->pd_ctl_len.bf.pkt_len, 554 dst); 555 } else { 556 dma_unmap_page(dev->core_dev->device, pd->dest, dst->length, 557 DMA_FROM_DEVICE); 558 } 559 560 if (pd_uinfo->sa_va->sa_command_0.bf.dir == DIR_OUTBOUND) { 561 /* append icv at the end */ 562 crypto4xx_memcpy_from_le32(icv, pd_uinfo->sr_va->save_digest, 563 sizeof(icv)); 564 565 scatterwalk_map_and_copy(icv, dst, aead_req->cryptlen, 566 cp_len, 1); 567 } else { 568 /* check icv at the end */ 569 scatterwalk_map_and_copy(icv, aead_req->src, 570 aead_req->assoclen + aead_req->cryptlen - 571 cp_len, cp_len, 0); 572 573 crypto4xx_memcpy_from_le32(icv, icv, sizeof(icv)); 574 575 if (crypto_memneq(icv, pd_uinfo->sr_va->save_digest, cp_len)) 576 err = -EBADMSG; 577 } 578 579 crypto4xx_ret_sg_desc(dev, pd_uinfo); 580 581 if (pd->pd_ctl.bf.status & 0xff) { 582 if (!__ratelimit(&dev->aead_ratelimit)) { 583 if (pd->pd_ctl.bf.status & 2) 584 pr_err("pad fail error\n"); 585 if (pd->pd_ctl.bf.status & 4) 586 pr_err("seqnum fail\n"); 587 if (pd->pd_ctl.bf.status & 8) 588 pr_err("error _notify\n"); 589 pr_err("aead return err status = 0x%02x\n", 590 pd->pd_ctl.bf.status & 0xff); 591 pr_err("pd pad_ctl = 0x%08x\n", 592 pd->pd_ctl.bf.pd_pad_ctl); 593 } 594 err = -EINVAL; 595 } 596 597 if (pd_uinfo->state & PD_ENTRY_BUSY) 598 aead_request_complete(aead_req, -EINPROGRESS); 599 600 aead_request_complete(aead_req, err); 601 } 602 603 static void crypto4xx_pd_done(struct crypto4xx_device *dev, u32 idx) 604 { 605 struct ce_pd *pd = &dev->pdr[idx]; 606 struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[idx]; 607 608 switch (crypto_tfm_alg_type(pd_uinfo->async_req->tfm)) { 609 case CRYPTO_ALG_TYPE_SKCIPHER: 610 crypto4xx_cipher_done(dev, pd_uinfo, pd); 611 break; 612 case CRYPTO_ALG_TYPE_AEAD: 613 crypto4xx_aead_done(dev, pd_uinfo, pd); 614 break; 615 } 616 } 617 618 static void crypto4xx_stop_all(struct crypto4xx_core_device *core_dev) 619 { 620 crypto4xx_destroy_pdr(core_dev->dev); 621 crypto4xx_destroy_gdr(core_dev->dev); 622 crypto4xx_destroy_sdr(core_dev->dev); 623 } 624 625 static u32 get_next_gd(u32 current) 626 { 627 if (current != PPC4XX_LAST_GD) 628 return current + 1; 629 else 630 return 0; 631 } 632 633 static u32 get_next_sd(u32 current) 634 { 635 if (current != PPC4XX_LAST_SD) 636 return current + 1; 637 else 638 return 0; 639 } 640 641 int crypto4xx_build_pd(struct crypto_async_request *req, 642 struct crypto4xx_ctx *ctx, 643 struct scatterlist *src, 644 struct scatterlist *dst, 645 const unsigned int datalen, 646 const void *iv, const u32 iv_len, 647 const struct dynamic_sa_ctl *req_sa, 648 const unsigned int sa_len, 649 const unsigned int assoclen, 650 struct scatterlist *_dst) 651 { 652 struct crypto4xx_device *dev = ctx->dev; 653 struct dynamic_sa_ctl *sa; 654 struct ce_gd *gd; 655 struct ce_pd *pd; 656 u32 num_gd, num_sd; 657 u32 fst_gd = 0xffffffff; 658 u32 fst_sd = 0xffffffff; 659 u32 pd_entry; 660 unsigned long flags; 661 struct pd_uinfo *pd_uinfo; 662 unsigned int nbytes = datalen; 663 size_t offset_to_sr_ptr; 664 u32 gd_idx = 0; 665 int tmp; 666 bool is_busy, force_sd; 667 668 /* 669 * There's a very subtile/disguised "bug" in the hardware that 670 * gets indirectly mentioned in 18.1.3.5 Encryption/Decryption 671 * of the hardware spec: 672 * *drum roll* the AES/(T)DES OFB and CFB modes are listed as 673 * operation modes for >>> "Block ciphers" <<<. 674 * 675 * To workaround this issue and stop the hardware from causing 676 * "overran dst buffer" on crypttexts that are not a multiple 677 * of 16 (AES_BLOCK_SIZE), we force the driver to use the 678 * scatter buffers. 679 */ 680 force_sd = (req_sa->sa_command_1.bf.crypto_mode9_8 == CRYPTO_MODE_CFB 681 || req_sa->sa_command_1.bf.crypto_mode9_8 == CRYPTO_MODE_OFB) 682 && (datalen % AES_BLOCK_SIZE); 683 684 /* figure how many gd are needed */ 685 tmp = sg_nents_for_len(src, assoclen + datalen); 686 if (tmp < 0) { 687 dev_err(dev->core_dev->device, "Invalid number of src SG.\n"); 688 return tmp; 689 } 690 if (tmp == 1) 691 tmp = 0; 692 num_gd = tmp; 693 694 if (assoclen) { 695 nbytes += assoclen; 696 dst = scatterwalk_ffwd(_dst, dst, assoclen); 697 } 698 699 /* figure how many sd are needed */ 700 if (sg_is_last(dst) && force_sd == false) { 701 num_sd = 0; 702 } else { 703 if (datalen > PPC4XX_SD_BUFFER_SIZE) { 704 num_sd = datalen / PPC4XX_SD_BUFFER_SIZE; 705 if (datalen % PPC4XX_SD_BUFFER_SIZE) 706 num_sd++; 707 } else { 708 num_sd = 1; 709 } 710 } 711 712 /* 713 * The follow section of code needs to be protected 714 * The gather ring and scatter ring needs to be consecutive 715 * In case of run out of any kind of descriptor, the descriptor 716 * already got must be return the original place. 717 */ 718 spin_lock_irqsave(&dev->core_dev->lock, flags); 719 /* 720 * Let the caller know to slow down, once more than 13/16ths = 81% 721 * of the available data contexts are being used simultaneously. 722 * 723 * With PPC4XX_NUM_PD = 256, this will leave a "backlog queue" for 724 * 31 more contexts. Before new requests have to be rejected. 725 */ 726 if (req->flags & CRYPTO_TFM_REQ_MAY_BACKLOG) { 727 is_busy = ((dev->pdr_head - dev->pdr_tail) % PPC4XX_NUM_PD) >= 728 ((PPC4XX_NUM_PD * 13) / 16); 729 } else { 730 /* 731 * To fix contention issues between ipsec (no blacklog) and 732 * dm-crypto (backlog) reserve 32 entries for "no backlog" 733 * data contexts. 734 */ 735 is_busy = ((dev->pdr_head - dev->pdr_tail) % PPC4XX_NUM_PD) >= 736 ((PPC4XX_NUM_PD * 15) / 16); 737 738 if (is_busy) { 739 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 740 return -EBUSY; 741 } 742 } 743 744 if (num_gd) { 745 fst_gd = crypto4xx_get_n_gd(dev, num_gd); 746 if (fst_gd == ERING_WAS_FULL) { 747 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 748 return -EAGAIN; 749 } 750 } 751 if (num_sd) { 752 fst_sd = crypto4xx_get_n_sd(dev, num_sd); 753 if (fst_sd == ERING_WAS_FULL) { 754 if (num_gd) 755 dev->gdr_head = fst_gd; 756 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 757 return -EAGAIN; 758 } 759 } 760 pd_entry = crypto4xx_get_pd_from_pdr_nolock(dev); 761 if (pd_entry == ERING_WAS_FULL) { 762 if (num_gd) 763 dev->gdr_head = fst_gd; 764 if (num_sd) 765 dev->sdr_head = fst_sd; 766 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 767 return -EAGAIN; 768 } 769 spin_unlock_irqrestore(&dev->core_dev->lock, flags); 770 771 pd = &dev->pdr[pd_entry]; 772 pd->sa_len = sa_len; 773 774 pd_uinfo = &dev->pdr_uinfo[pd_entry]; 775 pd_uinfo->num_gd = num_gd; 776 pd_uinfo->num_sd = num_sd; 777 pd_uinfo->dest_va = dst; 778 pd_uinfo->async_req = req; 779 780 if (iv_len) 781 memcpy(pd_uinfo->sr_va->save_iv, iv, iv_len); 782 783 sa = pd_uinfo->sa_va; 784 memcpy(sa, req_sa, sa_len * 4); 785 786 sa->sa_command_1.bf.hash_crypto_offset = (assoclen >> 2); 787 offset_to_sr_ptr = get_dynamic_sa_offset_state_ptr_field(sa); 788 *(u32 *)((unsigned long)sa + offset_to_sr_ptr) = pd_uinfo->sr_pa; 789 790 if (num_gd) { 791 dma_addr_t gd_dma; 792 struct scatterlist *sg; 793 794 /* get first gd we are going to use */ 795 gd_idx = fst_gd; 796 pd_uinfo->first_gd = fst_gd; 797 gd = crypto4xx_get_gdp(dev, &gd_dma, gd_idx); 798 pd->src = gd_dma; 799 /* enable gather */ 800 sa->sa_command_0.bf.gather = 1; 801 /* walk the sg, and setup gather array */ 802 803 sg = src; 804 while (nbytes) { 805 size_t len; 806 807 len = min(sg->length, nbytes); 808 gd->ptr = dma_map_page(dev->core_dev->device, 809 sg_page(sg), sg->offset, len, DMA_TO_DEVICE); 810 gd->ctl_len.len = len; 811 gd->ctl_len.done = 0; 812 gd->ctl_len.ready = 1; 813 if (len >= nbytes) 814 break; 815 816 nbytes -= sg->length; 817 gd_idx = get_next_gd(gd_idx); 818 gd = crypto4xx_get_gdp(dev, &gd_dma, gd_idx); 819 sg = sg_next(sg); 820 } 821 } else { 822 pd->src = (u32)dma_map_page(dev->core_dev->device, sg_page(src), 823 src->offset, min(nbytes, src->length), 824 DMA_TO_DEVICE); 825 /* 826 * Disable gather in sa command 827 */ 828 sa->sa_command_0.bf.gather = 0; 829 /* 830 * Indicate gather array is not used 831 */ 832 pd_uinfo->first_gd = 0xffffffff; 833 } 834 if (!num_sd) { 835 /* 836 * we know application give us dst a whole piece of memory 837 * no need to use scatter ring. 838 */ 839 pd_uinfo->first_sd = 0xffffffff; 840 sa->sa_command_0.bf.scatter = 0; 841 pd->dest = (u32)dma_map_page(dev->core_dev->device, 842 sg_page(dst), dst->offset, 843 min(datalen, dst->length), 844 DMA_TO_DEVICE); 845 } else { 846 dma_addr_t sd_dma; 847 struct ce_sd *sd = NULL; 848 849 u32 sd_idx = fst_sd; 850 nbytes = datalen; 851 sa->sa_command_0.bf.scatter = 1; 852 pd_uinfo->first_sd = fst_sd; 853 sd = crypto4xx_get_sdp(dev, &sd_dma, sd_idx); 854 pd->dest = sd_dma; 855 /* setup scatter descriptor */ 856 sd->ctl.done = 0; 857 sd->ctl.rdy = 1; 858 /* sd->ptr should be setup by sd_init routine*/ 859 if (nbytes >= PPC4XX_SD_BUFFER_SIZE) 860 nbytes -= PPC4XX_SD_BUFFER_SIZE; 861 else 862 nbytes = 0; 863 while (nbytes) { 864 sd_idx = get_next_sd(sd_idx); 865 sd = crypto4xx_get_sdp(dev, &sd_dma, sd_idx); 866 /* setup scatter descriptor */ 867 sd->ctl.done = 0; 868 sd->ctl.rdy = 1; 869 if (nbytes >= PPC4XX_SD_BUFFER_SIZE) { 870 nbytes -= PPC4XX_SD_BUFFER_SIZE; 871 } else { 872 /* 873 * SD entry can hold PPC4XX_SD_BUFFER_SIZE, 874 * which is more than nbytes, so done. 875 */ 876 nbytes = 0; 877 } 878 } 879 } 880 881 pd->pd_ctl.w = PD_CTL_HOST_READY | 882 ((crypto_tfm_alg_type(req->tfm) == CRYPTO_ALG_TYPE_AEAD) ? 883 PD_CTL_HASH_FINAL : 0); 884 pd->pd_ctl_len.w = 0x00400000 | (assoclen + datalen); 885 pd_uinfo->state = PD_ENTRY_INUSE | (is_busy ? PD_ENTRY_BUSY : 0); 886 887 wmb(); 888 /* write any value to push engine to read a pd */ 889 writel(0, dev->ce_base + CRYPTO4XX_INT_DESCR_RD); 890 writel(1, dev->ce_base + CRYPTO4XX_INT_DESCR_RD); 891 return is_busy ? -EBUSY : -EINPROGRESS; 892 } 893 894 /* 895 * Algorithm Registration Functions 896 */ 897 static void crypto4xx_ctx_init(struct crypto4xx_alg *amcc_alg, 898 struct crypto4xx_ctx *ctx) 899 { 900 ctx->dev = amcc_alg->dev; 901 ctx->sa_in = NULL; 902 ctx->sa_out = NULL; 903 ctx->sa_len = 0; 904 } 905 906 static int crypto4xx_sk_init(struct crypto_skcipher *sk) 907 { 908 struct skcipher_alg *alg = crypto_skcipher_alg(sk); 909 struct crypto4xx_alg *amcc_alg; 910 struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(sk); 911 912 if (alg->base.cra_flags & CRYPTO_ALG_NEED_FALLBACK) { 913 ctx->sw_cipher.cipher = 914 crypto_alloc_sync_skcipher(alg->base.cra_name, 0, 915 CRYPTO_ALG_NEED_FALLBACK); 916 if (IS_ERR(ctx->sw_cipher.cipher)) 917 return PTR_ERR(ctx->sw_cipher.cipher); 918 } 919 920 amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.cipher); 921 crypto4xx_ctx_init(amcc_alg, ctx); 922 return 0; 923 } 924 925 static void crypto4xx_common_exit(struct crypto4xx_ctx *ctx) 926 { 927 crypto4xx_free_sa(ctx); 928 } 929 930 static void crypto4xx_sk_exit(struct crypto_skcipher *sk) 931 { 932 struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(sk); 933 934 crypto4xx_common_exit(ctx); 935 if (ctx->sw_cipher.cipher) 936 crypto_free_sync_skcipher(ctx->sw_cipher.cipher); 937 } 938 939 static int crypto4xx_aead_init(struct crypto_aead *tfm) 940 { 941 struct aead_alg *alg = crypto_aead_alg(tfm); 942 struct crypto4xx_ctx *ctx = crypto_aead_ctx(tfm); 943 struct crypto4xx_alg *amcc_alg; 944 945 ctx->sw_cipher.aead = crypto_alloc_aead(alg->base.cra_name, 0, 946 CRYPTO_ALG_NEED_FALLBACK | 947 CRYPTO_ALG_ASYNC); 948 if (IS_ERR(ctx->sw_cipher.aead)) 949 return PTR_ERR(ctx->sw_cipher.aead); 950 951 amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.aead); 952 crypto4xx_ctx_init(amcc_alg, ctx); 953 crypto_aead_set_reqsize(tfm, max(sizeof(struct aead_request) + 32 + 954 crypto_aead_reqsize(ctx->sw_cipher.aead), 955 sizeof(struct crypto4xx_aead_reqctx))); 956 return 0; 957 } 958 959 static void crypto4xx_aead_exit(struct crypto_aead *tfm) 960 { 961 struct crypto4xx_ctx *ctx = crypto_aead_ctx(tfm); 962 963 crypto4xx_common_exit(ctx); 964 crypto_free_aead(ctx->sw_cipher.aead); 965 } 966 967 static int crypto4xx_register_alg(struct crypto4xx_device *sec_dev, 968 struct crypto4xx_alg_common *crypto_alg, 969 int array_size) 970 { 971 struct crypto4xx_alg *alg; 972 int i; 973 int rc = 0; 974 975 for (i = 0; i < array_size; i++) { 976 alg = kzalloc_obj(struct crypto4xx_alg); 977 if (!alg) 978 return -ENOMEM; 979 980 alg->alg = crypto_alg[i]; 981 alg->dev = sec_dev; 982 983 switch (alg->alg.type) { 984 case CRYPTO_ALG_TYPE_AEAD: 985 rc = crypto_register_aead(&alg->alg.u.aead); 986 break; 987 988 case CRYPTO_ALG_TYPE_RNG: 989 rc = crypto_register_rng(&alg->alg.u.rng); 990 break; 991 992 default: 993 rc = crypto_register_skcipher(&alg->alg.u.cipher); 994 break; 995 } 996 997 if (rc) 998 kfree(alg); 999 else 1000 list_add_tail(&alg->entry, &sec_dev->alg_list); 1001 } 1002 1003 return 0; 1004 } 1005 1006 static void crypto4xx_unregister_alg(struct crypto4xx_device *sec_dev) 1007 { 1008 struct crypto4xx_alg *alg, *tmp; 1009 1010 list_for_each_entry_safe(alg, tmp, &sec_dev->alg_list, entry) { 1011 list_del(&alg->entry); 1012 switch (alg->alg.type) { 1013 case CRYPTO_ALG_TYPE_AEAD: 1014 crypto_unregister_aead(&alg->alg.u.aead); 1015 break; 1016 1017 case CRYPTO_ALG_TYPE_RNG: 1018 crypto_unregister_rng(&alg->alg.u.rng); 1019 break; 1020 1021 default: 1022 crypto_unregister_skcipher(&alg->alg.u.cipher); 1023 } 1024 kfree(alg); 1025 } 1026 } 1027 1028 static void crypto4xx_bh_tasklet_cb(unsigned long data) 1029 { 1030 struct device *dev = (struct device *)data; 1031 struct crypto4xx_core_device *core_dev = dev_get_drvdata(dev); 1032 struct pd_uinfo *pd_uinfo; 1033 struct ce_pd *pd; 1034 u32 tail = core_dev->dev->pdr_tail; 1035 u32 head = core_dev->dev->pdr_head; 1036 1037 do { 1038 pd_uinfo = &core_dev->dev->pdr_uinfo[tail]; 1039 pd = &core_dev->dev->pdr[tail]; 1040 if ((pd_uinfo->state & PD_ENTRY_INUSE) && 1041 ((READ_ONCE(pd->pd_ctl.w) & 1042 (PD_CTL_PE_DONE | PD_CTL_HOST_READY)) == 1043 PD_CTL_PE_DONE)) { 1044 crypto4xx_pd_done(core_dev->dev, tail); 1045 tail = crypto4xx_put_pd_to_pdr(core_dev->dev, tail); 1046 } else { 1047 /* if tail not done, break */ 1048 break; 1049 } 1050 } while (head != tail); 1051 } 1052 1053 /* 1054 * Top Half of isr. 1055 */ 1056 static inline irqreturn_t crypto4xx_interrupt_handler(int irq, void *data, 1057 u32 clr_val) 1058 { 1059 struct device *dev = data; 1060 struct crypto4xx_core_device *core_dev = dev_get_drvdata(dev); 1061 1062 writel(clr_val, core_dev->dev->ce_base + CRYPTO4XX_INT_CLR); 1063 tasklet_schedule(&core_dev->tasklet); 1064 1065 return IRQ_HANDLED; 1066 } 1067 1068 static irqreturn_t crypto4xx_ce_interrupt_handler(int irq, void *data) 1069 { 1070 return crypto4xx_interrupt_handler(irq, data, PPC4XX_INTERRUPT_CLR); 1071 } 1072 1073 static irqreturn_t crypto4xx_ce_interrupt_handler_revb(int irq, void *data) 1074 { 1075 return crypto4xx_interrupt_handler(irq, data, PPC4XX_INTERRUPT_CLR | 1076 PPC4XX_TMO_ERR_INT); 1077 } 1078 1079 static int ppc4xx_prng_data_read(struct crypto4xx_device *dev, 1080 u8 *data, unsigned int max) 1081 { 1082 unsigned int i, curr = 0; 1083 u32 val[2]; 1084 1085 do { 1086 /* trigger PRN generation */ 1087 writel(PPC4XX_PRNG_CTRL_AUTO_EN, 1088 dev->ce_base + CRYPTO4XX_PRNG_CTRL); 1089 1090 for (i = 0; i < 1024; i++) { 1091 /* usually 19 iterations are enough */ 1092 if ((readl(dev->ce_base + CRYPTO4XX_PRNG_STAT) & 1093 CRYPTO4XX_PRNG_STAT_BUSY)) 1094 continue; 1095 1096 val[0] = readl_be(dev->ce_base + CRYPTO4XX_PRNG_RES_0); 1097 val[1] = readl_be(dev->ce_base + CRYPTO4XX_PRNG_RES_1); 1098 break; 1099 } 1100 if (i == 1024) 1101 return -ETIMEDOUT; 1102 1103 if ((max - curr) >= 8) { 1104 memcpy(data, &val, 8); 1105 data += 8; 1106 curr += 8; 1107 } else { 1108 /* copy only remaining bytes */ 1109 memcpy(data, &val, max - curr); 1110 break; 1111 } 1112 } while (curr < max); 1113 1114 return curr; 1115 } 1116 1117 static int crypto4xx_prng_generate(struct crypto_rng *tfm, 1118 const u8 *src, unsigned int slen, 1119 u8 *dstn, unsigned int dlen) 1120 { 1121 struct rng_alg *alg = crypto_rng_alg(tfm); 1122 struct crypto4xx_alg *amcc_alg; 1123 struct crypto4xx_device *dev; 1124 int ret; 1125 1126 amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.rng); 1127 dev = amcc_alg->dev; 1128 1129 mutex_lock(&dev->core_dev->rng_lock); 1130 ret = ppc4xx_prng_data_read(dev, dstn, dlen); 1131 mutex_unlock(&dev->core_dev->rng_lock); 1132 return ret; 1133 } 1134 1135 1136 static int crypto4xx_prng_seed(struct crypto_rng *tfm, const u8 *seed, 1137 unsigned int slen) 1138 { 1139 return 0; 1140 } 1141 1142 /* 1143 * Supported Crypto Algorithms 1144 */ 1145 static struct crypto4xx_alg_common crypto4xx_alg[] = { 1146 /* Crypto AES modes */ 1147 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1148 .base = { 1149 .cra_name = "cbc(aes)", 1150 .cra_driver_name = "cbc-aes-ppc4xx", 1151 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1152 .cra_flags = CRYPTO_ALG_ASYNC | 1153 CRYPTO_ALG_KERN_DRIVER_ONLY, 1154 .cra_blocksize = AES_BLOCK_SIZE, 1155 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1156 .cra_module = THIS_MODULE, 1157 }, 1158 .min_keysize = AES_MIN_KEY_SIZE, 1159 .max_keysize = AES_MAX_KEY_SIZE, 1160 .ivsize = AES_IV_SIZE, 1161 .setkey = crypto4xx_setkey_aes_cbc, 1162 .encrypt = crypto4xx_encrypt_iv_block, 1163 .decrypt = crypto4xx_decrypt_iv_block, 1164 .init = crypto4xx_sk_init, 1165 .exit = crypto4xx_sk_exit, 1166 } }, 1167 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1168 .base = { 1169 .cra_name = "ctr(aes)", 1170 .cra_driver_name = "ctr-aes-ppc4xx", 1171 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1172 .cra_flags = CRYPTO_ALG_NEED_FALLBACK | 1173 CRYPTO_ALG_ASYNC | 1174 CRYPTO_ALG_KERN_DRIVER_ONLY, 1175 .cra_blocksize = 1, 1176 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1177 .cra_module = THIS_MODULE, 1178 }, 1179 .min_keysize = AES_MIN_KEY_SIZE, 1180 .max_keysize = AES_MAX_KEY_SIZE, 1181 .ivsize = AES_IV_SIZE, 1182 .setkey = crypto4xx_setkey_aes_ctr, 1183 .encrypt = crypto4xx_encrypt_ctr, 1184 .decrypt = crypto4xx_decrypt_ctr, 1185 .init = crypto4xx_sk_init, 1186 .exit = crypto4xx_sk_exit, 1187 } }, 1188 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1189 .base = { 1190 .cra_name = "rfc3686(ctr(aes))", 1191 .cra_driver_name = "rfc3686-ctr-aes-ppc4xx", 1192 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1193 .cra_flags = CRYPTO_ALG_ASYNC | 1194 CRYPTO_ALG_KERN_DRIVER_ONLY, 1195 .cra_blocksize = 1, 1196 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1197 .cra_module = THIS_MODULE, 1198 }, 1199 .min_keysize = AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, 1200 .max_keysize = AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, 1201 .ivsize = CTR_RFC3686_IV_SIZE, 1202 .setkey = crypto4xx_setkey_rfc3686, 1203 .encrypt = crypto4xx_rfc3686_encrypt, 1204 .decrypt = crypto4xx_rfc3686_decrypt, 1205 .init = crypto4xx_sk_init, 1206 .exit = crypto4xx_sk_exit, 1207 } }, 1208 { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = { 1209 .base = { 1210 .cra_name = "ecb(aes)", 1211 .cra_driver_name = "ecb-aes-ppc4xx", 1212 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1213 .cra_flags = CRYPTO_ALG_ASYNC | 1214 CRYPTO_ALG_KERN_DRIVER_ONLY, 1215 .cra_blocksize = AES_BLOCK_SIZE, 1216 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1217 .cra_module = THIS_MODULE, 1218 }, 1219 .min_keysize = AES_MIN_KEY_SIZE, 1220 .max_keysize = AES_MAX_KEY_SIZE, 1221 .setkey = crypto4xx_setkey_aes_ecb, 1222 .encrypt = crypto4xx_encrypt_noiv_block, 1223 .decrypt = crypto4xx_decrypt_noiv_block, 1224 .init = crypto4xx_sk_init, 1225 .exit = crypto4xx_sk_exit, 1226 } }, 1227 1228 /* AEAD */ 1229 { .type = CRYPTO_ALG_TYPE_AEAD, .u.aead = { 1230 .setkey = crypto4xx_setkey_aes_ccm, 1231 .setauthsize = crypto4xx_setauthsize_aead, 1232 .encrypt = crypto4xx_encrypt_aes_ccm, 1233 .decrypt = crypto4xx_decrypt_aes_ccm, 1234 .init = crypto4xx_aead_init, 1235 .exit = crypto4xx_aead_exit, 1236 .ivsize = AES_BLOCK_SIZE, 1237 .maxauthsize = 16, 1238 .base = { 1239 .cra_name = "ccm(aes)", 1240 .cra_driver_name = "ccm-aes-ppc4xx", 1241 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1242 .cra_flags = CRYPTO_ALG_ASYNC | 1243 CRYPTO_ALG_NEED_FALLBACK | 1244 CRYPTO_ALG_KERN_DRIVER_ONLY, 1245 .cra_blocksize = 1, 1246 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1247 .cra_module = THIS_MODULE, 1248 }, 1249 } }, 1250 { .type = CRYPTO_ALG_TYPE_AEAD, .u.aead = { 1251 .setkey = crypto4xx_setkey_aes_gcm, 1252 .setauthsize = crypto4xx_setauthsize_aead, 1253 .encrypt = crypto4xx_encrypt_aes_gcm, 1254 .decrypt = crypto4xx_decrypt_aes_gcm, 1255 .init = crypto4xx_aead_init, 1256 .exit = crypto4xx_aead_exit, 1257 .ivsize = GCM_AES_IV_SIZE, 1258 .maxauthsize = 16, 1259 .base = { 1260 .cra_name = "gcm(aes)", 1261 .cra_driver_name = "gcm-aes-ppc4xx", 1262 .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY, 1263 .cra_flags = CRYPTO_ALG_ASYNC | 1264 CRYPTO_ALG_NEED_FALLBACK | 1265 CRYPTO_ALG_KERN_DRIVER_ONLY, 1266 .cra_blocksize = 1, 1267 .cra_ctxsize = sizeof(struct crypto4xx_ctx), 1268 .cra_module = THIS_MODULE, 1269 }, 1270 } }, 1271 { .type = CRYPTO_ALG_TYPE_RNG, .u.rng = { 1272 .base = { 1273 .cra_name = "stdrng", 1274 .cra_driver_name = "crypto4xx_rng", 1275 .cra_priority = 300, 1276 .cra_ctxsize = 0, 1277 .cra_module = THIS_MODULE, 1278 }, 1279 .generate = crypto4xx_prng_generate, 1280 .seed = crypto4xx_prng_seed, 1281 .seedsize = 0, 1282 } }, 1283 }; 1284 1285 /* 1286 * Module Initialization Routine 1287 */ 1288 static int crypto4xx_probe(struct platform_device *ofdev) 1289 { 1290 int rc; 1291 struct device *dev = &ofdev->dev; 1292 struct crypto4xx_core_device *core_dev; 1293 struct device_node *np; 1294 u32 pvr; 1295 bool is_revb = true; 1296 1297 np = of_find_compatible_node(NULL, NULL, "amcc,ppc460ex-crypto"); 1298 if (np) { 1299 mtdcri(SDR0, PPC460EX_SDR0_SRST, 1300 mfdcri(SDR0, PPC460EX_SDR0_SRST) | PPC460EX_CE_RESET); 1301 mtdcri(SDR0, PPC460EX_SDR0_SRST, 1302 mfdcri(SDR0, PPC460EX_SDR0_SRST) & ~PPC460EX_CE_RESET); 1303 } else { 1304 np = of_find_compatible_node(NULL, NULL, "amcc,ppc405ex-crypto"); 1305 if (np) { 1306 mtdcri(SDR0, PPC405EX_SDR0_SRST, 1307 mfdcri(SDR0, PPC405EX_SDR0_SRST) | PPC405EX_CE_RESET); 1308 mtdcri(SDR0, PPC405EX_SDR0_SRST, 1309 mfdcri(SDR0, PPC405EX_SDR0_SRST) & ~PPC405EX_CE_RESET); 1310 is_revb = false; 1311 } else { 1312 np = of_find_compatible_node(NULL, NULL, "amcc,ppc460sx-crypto"); 1313 if (np) { 1314 mtdcri(SDR0, PPC460SX_SDR0_SRST, 1315 mfdcri(SDR0, PPC460SX_SDR0_SRST) | PPC460SX_CE_RESET); 1316 mtdcri(SDR0, PPC460SX_SDR0_SRST, 1317 mfdcri(SDR0, PPC460SX_SDR0_SRST) & ~PPC460SX_CE_RESET); 1318 } else { 1319 printk(KERN_ERR "Crypto Function Not supported!\n"); 1320 return -EINVAL; 1321 } 1322 } 1323 } 1324 1325 of_node_put(np); 1326 1327 core_dev = devm_kzalloc( 1328 &ofdev->dev, sizeof(struct crypto4xx_core_device), GFP_KERNEL); 1329 if (!core_dev) 1330 return -ENOMEM; 1331 1332 dev_set_drvdata(dev, core_dev); 1333 core_dev->ofdev = ofdev; 1334 core_dev->dev = devm_kzalloc( 1335 &ofdev->dev, sizeof(struct crypto4xx_device), GFP_KERNEL); 1336 if (!core_dev->dev) 1337 return -ENOMEM; 1338 1339 /* 1340 * Older version of 460EX/GT have a hardware bug. 1341 * Hence they do not support H/W based security intr coalescing 1342 */ 1343 pvr = mfspr(SPRN_PVR); 1344 if (is_revb && ((pvr >> 4) == 0x130218A)) { 1345 u32 min = PVR_MIN(pvr); 1346 1347 if (min < 4) { 1348 dev_info(dev, "RevA detected - disable interrupt coalescing\n"); 1349 is_revb = false; 1350 } 1351 } 1352 1353 core_dev->dev->core_dev = core_dev; 1354 core_dev->dev->is_revb = is_revb; 1355 core_dev->device = dev; 1356 rc = devm_mutex_init(&ofdev->dev, &core_dev->rng_lock); 1357 if (rc) 1358 return rc; 1359 spin_lock_init(&core_dev->lock); 1360 INIT_LIST_HEAD(&core_dev->dev->alg_list); 1361 ratelimit_default_init(&core_dev->dev->aead_ratelimit); 1362 rc = crypto4xx_build_sdr(core_dev->dev); 1363 if (rc) 1364 goto err_build_sdr; 1365 rc = crypto4xx_build_pdr(core_dev->dev); 1366 if (rc) 1367 goto err_build_sdr; 1368 1369 rc = crypto4xx_build_gdr(core_dev->dev); 1370 if (rc) 1371 goto err_build_sdr; 1372 1373 /* Init tasklet for bottom half processing */ 1374 tasklet_init(&core_dev->tasklet, crypto4xx_bh_tasklet_cb, 1375 (unsigned long) dev); 1376 1377 core_dev->dev->ce_base = devm_platform_ioremap_resource(ofdev, 0); 1378 if (IS_ERR(core_dev->dev->ce_base)) { 1379 dev_err(&ofdev->dev, "failed to ioremap resource"); 1380 rc = PTR_ERR(core_dev->dev->ce_base); 1381 goto err_build_sdr; 1382 } 1383 1384 /* Register for Crypto isr, Crypto Engine IRQ */ 1385 core_dev->irq = irq_of_parse_and_map(ofdev->dev.of_node, 0); 1386 rc = devm_request_irq(&ofdev->dev, core_dev->irq, 1387 is_revb ? crypto4xx_ce_interrupt_handler_revb : 1388 crypto4xx_ce_interrupt_handler, 1389 0, KBUILD_MODNAME, dev); 1390 if (rc) 1391 goto err_iomap; 1392 1393 /* need to setup pdr, rdr, gdr and sdr before this */ 1394 crypto4xx_hw_init(core_dev->dev); 1395 1396 /* Register security algorithms with Linux CryptoAPI */ 1397 rc = crypto4xx_register_alg(core_dev->dev, crypto4xx_alg, 1398 ARRAY_SIZE(crypto4xx_alg)); 1399 if (rc) 1400 goto err_iomap; 1401 1402 ppc4xx_trng_probe(core_dev); 1403 return 0; 1404 1405 err_iomap: 1406 tasklet_kill(&core_dev->tasklet); 1407 err_build_sdr: 1408 crypto4xx_destroy_sdr(core_dev->dev); 1409 crypto4xx_destroy_gdr(core_dev->dev); 1410 crypto4xx_destroy_pdr(core_dev->dev); 1411 return rc; 1412 } 1413 1414 static void crypto4xx_remove(struct platform_device *ofdev) 1415 { 1416 struct device *dev = &ofdev->dev; 1417 struct crypto4xx_core_device *core_dev = dev_get_drvdata(dev); 1418 1419 ppc4xx_trng_remove(core_dev); 1420 1421 tasklet_kill(&core_dev->tasklet); 1422 /* Un-register with Linux CryptoAPI */ 1423 crypto4xx_unregister_alg(core_dev->dev); 1424 /* Free all allocated memory */ 1425 crypto4xx_stop_all(core_dev); 1426 } 1427 1428 static const struct of_device_id crypto4xx_match[] = { 1429 { .compatible = "amcc,ppc4xx-crypto",}, 1430 { }, 1431 }; 1432 MODULE_DEVICE_TABLE(of, crypto4xx_match); 1433 1434 static struct platform_driver crypto4xx_driver = { 1435 .driver = { 1436 .name = KBUILD_MODNAME, 1437 .of_match_table = crypto4xx_match, 1438 }, 1439 .probe = crypto4xx_probe, 1440 .remove = crypto4xx_remove, 1441 }; 1442 1443 module_platform_driver(crypto4xx_driver); 1444 1445 MODULE_LICENSE("GPL"); 1446 MODULE_AUTHOR("James Hsiao <jhsiao@amcc.com>"); 1447 MODULE_DESCRIPTION("Driver for AMCC PPC4xx crypto accelerator"); 1448