xref: /linux/drivers/crypto/marvell/octeontx/otx_cptvf_algs.c (revision c94cd9508b1335b949fd13ebd269313c65492df0)
1 // SPDX-License-Identifier: GPL-2.0
2 /* Marvell OcteonTX CPT driver
3  *
4  * Copyright (C) 2019 Marvell International Ltd.
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License version 2 as
8  * published by the Free Software Foundation.
9  */
10 
11 #include <crypto/aes.h>
12 #include <crypto/authenc.h>
13 #include <crypto/cryptd.h>
14 #include <crypto/des.h>
15 #include <crypto/internal/aead.h>
16 #include <crypto/sha1.h>
17 #include <crypto/sha2.h>
18 #include <crypto/xts.h>
19 #include <crypto/scatterwalk.h>
20 #include <linux/sort.h>
21 #include <linux/module.h>
22 #include "otx_cptvf.h"
23 #include "otx_cptvf_algs.h"
24 #include "otx_cptvf_reqmgr.h"
25 
26 #define CPT_MAX_VF_NUM	64
27 /* Size of salt in AES GCM mode */
28 #define AES_GCM_SALT_SIZE	4
29 /* Size of IV in AES GCM mode */
30 #define AES_GCM_IV_SIZE		8
31 /* Size of ICV (Integrity Check Value) in AES GCM mode */
32 #define AES_GCM_ICV_SIZE	16
33 /* Offset of IV in AES GCM mode */
34 #define AES_GCM_IV_OFFSET	8
35 #define CONTROL_WORD_LEN	8
36 #define KEY2_OFFSET		48
37 #define DMA_MODE_FLAG(dma_mode) \
38 	(((dma_mode) == OTX_CPT_DMA_GATHER_SCATTER) ? (1 << 7) : 0)
39 
40 /* Truncated SHA digest size */
41 #define SHA1_TRUNC_DIGEST_SIZE		12
42 #define SHA256_TRUNC_DIGEST_SIZE	16
43 #define SHA384_TRUNC_DIGEST_SIZE	24
44 #define SHA512_TRUNC_DIGEST_SIZE	32
45 
46 static DEFINE_MUTEX(mutex);
47 static int is_crypto_registered;
48 
49 struct cpt_device_desc {
50 	enum otx_cptpf_type pf_type;
51 	struct pci_dev *dev;
52 	int num_queues;
53 };
54 
55 struct cpt_device_table {
56 	atomic_t count;
57 	struct cpt_device_desc desc[CPT_MAX_VF_NUM];
58 };
59 
60 static struct cpt_device_table se_devices = {
61 	.count = ATOMIC_INIT(0)
62 };
63 
64 static struct cpt_device_table ae_devices = {
65 	.count = ATOMIC_INIT(0)
66 };
67 
68 static struct otx_cpt_sdesc *alloc_sdesc(struct crypto_shash *alg);
69 
70 static inline int get_se_device(struct pci_dev **pdev, int *cpu_num)
71 {
72 	int count, ret = 0;
73 
74 	count = atomic_read(&se_devices.count);
75 	if (count < 1)
76 		return -ENODEV;
77 
78 	*cpu_num = get_cpu();
79 
80 	if (se_devices.desc[0].pf_type == OTX_CPT_SE) {
81 		/*
82 		 * On OcteonTX platform there is one CPT instruction queue bound
83 		 * to each VF. We get maximum performance if one CPT queue
84 		 * is available for each cpu otherwise CPT queues need to be
85 		 * shared between cpus.
86 		 */
87 		if (*cpu_num >= count)
88 			*cpu_num %= count;
89 		*pdev = se_devices.desc[*cpu_num].dev;
90 	} else {
91 		pr_err("Unknown PF type %d\n", se_devices.desc[0].pf_type);
92 		ret = -EINVAL;
93 	}
94 	put_cpu();
95 
96 	return ret;
97 }
98 
99 static inline int validate_hmac_cipher_null(struct otx_cpt_req_info *cpt_req)
100 {
101 	struct otx_cpt_req_ctx *rctx;
102 	struct aead_request *req;
103 	struct crypto_aead *tfm;
104 
105 	req = container_of(cpt_req->areq, struct aead_request, base);
106 	tfm = crypto_aead_reqtfm(req);
107 	rctx = aead_request_ctx_dma(req);
108 	if (memcmp(rctx->fctx.hmac.s.hmac_calc,
109 		   rctx->fctx.hmac.s.hmac_recv,
110 		   crypto_aead_authsize(tfm)) != 0)
111 		return -EBADMSG;
112 
113 	return 0;
114 }
115 
116 static void otx_cpt_aead_callback(int status, void *arg1, void *arg2)
117 {
118 	struct otx_cpt_info_buffer *cpt_info = arg2;
119 	struct crypto_async_request *areq = arg1;
120 	struct otx_cpt_req_info *cpt_req;
121 	struct pci_dev *pdev;
122 
123 	if (!cpt_info)
124 		goto complete;
125 
126 	cpt_req = cpt_info->req;
127 	if (!status) {
128 		/*
129 		 * When selected cipher is NULL we need to manually
130 		 * verify whether calculated hmac value matches
131 		 * received hmac value
132 		 */
133 		if (cpt_req->req_type == OTX_CPT_AEAD_ENC_DEC_NULL_REQ &&
134 		    !cpt_req->is_enc)
135 			status = validate_hmac_cipher_null(cpt_req);
136 	}
137 	pdev = cpt_info->pdev;
138 	do_request_cleanup(pdev, cpt_info);
139 
140 complete:
141 	if (areq)
142 		crypto_request_complete(areq, status);
143 }
144 
145 static void output_iv_copyback(struct crypto_async_request *areq)
146 {
147 	struct otx_cpt_req_info *req_info;
148 	struct skcipher_request *sreq;
149 	struct crypto_skcipher *stfm;
150 	struct otx_cpt_req_ctx *rctx;
151 	struct otx_cpt_enc_ctx *ctx;
152 	u32 start, ivsize;
153 
154 	sreq = container_of(areq, struct skcipher_request, base);
155 	stfm = crypto_skcipher_reqtfm(sreq);
156 	ctx = crypto_skcipher_ctx(stfm);
157 	if (ctx->cipher_type == OTX_CPT_AES_CBC ||
158 	    ctx->cipher_type == OTX_CPT_DES3_CBC) {
159 		rctx = skcipher_request_ctx_dma(sreq);
160 		req_info = &rctx->cpt_req;
161 		ivsize = crypto_skcipher_ivsize(stfm);
162 		start = sreq->cryptlen - ivsize;
163 
164 		if (req_info->is_enc) {
165 			scatterwalk_map_and_copy(sreq->iv, sreq->dst, start,
166 						 ivsize, 0);
167 		} else {
168 			if (sreq->src != sreq->dst) {
169 				scatterwalk_map_and_copy(sreq->iv, sreq->src,
170 							 start, ivsize, 0);
171 			} else {
172 				memcpy(sreq->iv, req_info->iv_out, ivsize);
173 				kfree(req_info->iv_out);
174 			}
175 		}
176 	}
177 }
178 
179 static void otx_cpt_skcipher_callback(int status, void *arg1, void *arg2)
180 {
181 	struct otx_cpt_info_buffer *cpt_info = arg2;
182 	struct crypto_async_request *areq = arg1;
183 	struct pci_dev *pdev;
184 
185 	if (areq) {
186 		if (!status)
187 			output_iv_copyback(areq);
188 		if (cpt_info) {
189 			pdev = cpt_info->pdev;
190 			do_request_cleanup(pdev, cpt_info);
191 		}
192 		crypto_request_complete(areq, status);
193 	}
194 }
195 
196 static inline void update_input_data(struct otx_cpt_req_info *req_info,
197 				     struct scatterlist *inp_sg,
198 				     u32 nbytes, u32 *argcnt)
199 {
200 	req_info->req.dlen += nbytes;
201 
202 	while (nbytes) {
203 		u32 len = min(nbytes, inp_sg->length);
204 		u8 *ptr = sg_virt(inp_sg);
205 
206 		req_info->in[*argcnt].vptr = (void *)ptr;
207 		req_info->in[*argcnt].size = len;
208 		nbytes -= len;
209 		++(*argcnt);
210 		inp_sg = sg_next(inp_sg);
211 	}
212 }
213 
214 static inline void update_output_data(struct otx_cpt_req_info *req_info,
215 				      struct scatterlist *outp_sg,
216 				      u32 offset, u32 nbytes, u32 *argcnt)
217 {
218 	req_info->rlen += nbytes;
219 
220 	while (nbytes) {
221 		u32 len = min(nbytes, outp_sg->length - offset);
222 		u8 *ptr = sg_virt(outp_sg);
223 
224 		req_info->out[*argcnt].vptr = (void *) (ptr + offset);
225 		req_info->out[*argcnt].size = len;
226 		nbytes -= len;
227 		++(*argcnt);
228 		offset = 0;
229 		outp_sg = sg_next(outp_sg);
230 	}
231 }
232 
233 static inline u32 create_ctx_hdr(struct skcipher_request *req, u32 enc,
234 				 u32 *argcnt)
235 {
236 	struct crypto_skcipher *stfm = crypto_skcipher_reqtfm(req);
237 	struct otx_cpt_req_ctx *rctx = skcipher_request_ctx_dma(req);
238 	struct otx_cpt_req_info *req_info = &rctx->cpt_req;
239 	struct crypto_tfm *tfm = crypto_skcipher_tfm(stfm);
240 	struct otx_cpt_enc_ctx *ctx = crypto_tfm_ctx(tfm);
241 	struct otx_cpt_fc_ctx *fctx = &rctx->fctx;
242 	int ivsize = crypto_skcipher_ivsize(stfm);
243 	u32 start = req->cryptlen - ivsize;
244 	gfp_t flags;
245 
246 	flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
247 			GFP_KERNEL : GFP_ATOMIC;
248 	req_info->ctrl.s.dma_mode = OTX_CPT_DMA_GATHER_SCATTER;
249 	req_info->ctrl.s.se_req = OTX_CPT_SE_CORE_REQ;
250 
251 	req_info->req.opcode.s.major = OTX_CPT_MAJOR_OP_FC |
252 				DMA_MODE_FLAG(OTX_CPT_DMA_GATHER_SCATTER);
253 	if (enc) {
254 		req_info->req.opcode.s.minor = 2;
255 	} else {
256 		req_info->req.opcode.s.minor = 3;
257 		if ((ctx->cipher_type == OTX_CPT_AES_CBC ||
258 		    ctx->cipher_type == OTX_CPT_DES3_CBC) &&
259 		    req->src == req->dst) {
260 			req_info->iv_out = kmalloc(ivsize, flags);
261 			if (!req_info->iv_out)
262 				return -ENOMEM;
263 
264 			scatterwalk_map_and_copy(req_info->iv_out, req->src,
265 						 start, ivsize, 0);
266 		}
267 	}
268 	/* Encryption data length */
269 	req_info->req.param1 = req->cryptlen;
270 	/* Authentication data length */
271 	req_info->req.param2 = 0;
272 
273 	fctx->enc.enc_ctrl.e.enc_cipher = ctx->cipher_type;
274 	fctx->enc.enc_ctrl.e.aes_key = ctx->key_type;
275 	fctx->enc.enc_ctrl.e.iv_source = OTX_CPT_FROM_CPTR;
276 
277 	if (ctx->cipher_type == OTX_CPT_AES_XTS)
278 		memcpy(fctx->enc.encr_key, ctx->enc_key, ctx->key_len * 2);
279 	else
280 		memcpy(fctx->enc.encr_key, ctx->enc_key, ctx->key_len);
281 
282 	memcpy(fctx->enc.encr_iv, req->iv, crypto_skcipher_ivsize(stfm));
283 
284 	fctx->enc.enc_ctrl.flags = cpu_to_be64(fctx->enc.enc_ctrl.cflags);
285 
286 	/*
287 	 * Storing  Packet Data Information in offset
288 	 * Control Word First 8 bytes
289 	 */
290 	req_info->in[*argcnt].vptr = (u8 *)&rctx->ctrl_word;
291 	req_info->in[*argcnt].size = CONTROL_WORD_LEN;
292 	req_info->req.dlen += CONTROL_WORD_LEN;
293 	++(*argcnt);
294 
295 	req_info->in[*argcnt].vptr = (u8 *)fctx;
296 	req_info->in[*argcnt].size = sizeof(struct otx_cpt_fc_ctx);
297 	req_info->req.dlen += sizeof(struct otx_cpt_fc_ctx);
298 
299 	++(*argcnt);
300 
301 	return 0;
302 }
303 
304 static inline u32 create_input_list(struct skcipher_request *req, u32 enc,
305 				    u32 enc_iv_len)
306 {
307 	struct otx_cpt_req_ctx *rctx = skcipher_request_ctx_dma(req);
308 	struct otx_cpt_req_info *req_info = &rctx->cpt_req;
309 	u32 argcnt =  0;
310 	int ret;
311 
312 	ret = create_ctx_hdr(req, enc, &argcnt);
313 	if (ret)
314 		return ret;
315 
316 	update_input_data(req_info, req->src, req->cryptlen, &argcnt);
317 	req_info->incnt = argcnt;
318 
319 	return 0;
320 }
321 
322 static inline void create_output_list(struct skcipher_request *req,
323 				      u32 enc_iv_len)
324 {
325 	struct otx_cpt_req_ctx *rctx = skcipher_request_ctx_dma(req);
326 	struct otx_cpt_req_info *req_info = &rctx->cpt_req;
327 	u32 argcnt = 0;
328 
329 	/*
330 	 * OUTPUT Buffer Processing
331 	 * AES encryption/decryption output would be
332 	 * received in the following format
333 	 *
334 	 * ------IV--------|------ENCRYPTED/DECRYPTED DATA-----|
335 	 * [ 16 Bytes/     [   Request Enc/Dec/ DATA Len AES CBC ]
336 	 */
337 	update_output_data(req_info, req->dst, 0, req->cryptlen, &argcnt);
338 	req_info->outcnt = argcnt;
339 }
340 
341 static inline int cpt_enc_dec(struct skcipher_request *req, u32 enc)
342 {
343 	struct crypto_skcipher *stfm = crypto_skcipher_reqtfm(req);
344 	struct otx_cpt_req_ctx *rctx = skcipher_request_ctx_dma(req);
345 	struct otx_cpt_req_info *req_info = &rctx->cpt_req;
346 	u32 enc_iv_len = crypto_skcipher_ivsize(stfm);
347 	struct pci_dev *pdev;
348 	int status, cpu_num;
349 
350 	/* Validate that request doesn't exceed maximum CPT supported size */
351 	if (req->cryptlen > OTX_CPT_MAX_REQ_SIZE)
352 		return -E2BIG;
353 
354 	/* Clear control words */
355 	rctx->ctrl_word.flags = 0;
356 	rctx->fctx.enc.enc_ctrl.flags = 0;
357 
358 	status = create_input_list(req, enc, enc_iv_len);
359 	if (status)
360 		return status;
361 	create_output_list(req, enc_iv_len);
362 
363 	status = get_se_device(&pdev, &cpu_num);
364 	if (status)
365 		return status;
366 
367 	req_info->callback = (void *)otx_cpt_skcipher_callback;
368 	req_info->areq = &req->base;
369 	req_info->req_type = OTX_CPT_ENC_DEC_REQ;
370 	req_info->is_enc = enc;
371 	req_info->is_trunc_hmac = false;
372 	req_info->ctrl.s.grp = 0;
373 
374 	/*
375 	 * We perform an asynchronous send and once
376 	 * the request is completed the driver would
377 	 * intimate through registered call back functions
378 	 */
379 	status = otx_cpt_do_request(pdev, req_info, cpu_num);
380 
381 	return status;
382 }
383 
384 static int otx_cpt_skcipher_encrypt(struct skcipher_request *req)
385 {
386 	return cpt_enc_dec(req, true);
387 }
388 
389 static int otx_cpt_skcipher_decrypt(struct skcipher_request *req)
390 {
391 	return cpt_enc_dec(req, false);
392 }
393 
394 static int otx_cpt_skcipher_xts_setkey(struct crypto_skcipher *tfm,
395 				       const u8 *key, u32 keylen)
396 {
397 	struct otx_cpt_enc_ctx *ctx = crypto_skcipher_ctx(tfm);
398 	const u8 *key2 = key + (keylen / 2);
399 	const u8 *key1 = key;
400 	int ret;
401 
402 	ret = xts_verify_key(tfm, key, keylen);
403 	if (ret)
404 		return ret;
405 	ctx->key_len = keylen;
406 	memcpy(ctx->enc_key, key1, keylen / 2);
407 	memcpy(ctx->enc_key + KEY2_OFFSET, key2, keylen / 2);
408 	ctx->cipher_type = OTX_CPT_AES_XTS;
409 	switch (ctx->key_len) {
410 	case 2 * AES_KEYSIZE_128:
411 		ctx->key_type = OTX_CPT_AES_128_BIT;
412 		break;
413 	case 2 * AES_KEYSIZE_256:
414 		ctx->key_type = OTX_CPT_AES_256_BIT;
415 		break;
416 	default:
417 		return -EINVAL;
418 	}
419 
420 	return 0;
421 }
422 
423 static int cpt_des_setkey(struct crypto_skcipher *tfm, const u8 *key,
424 			  u32 keylen, u8 cipher_type)
425 {
426 	struct otx_cpt_enc_ctx *ctx = crypto_skcipher_ctx(tfm);
427 
428 	if (keylen != DES3_EDE_KEY_SIZE)
429 		return -EINVAL;
430 
431 	ctx->key_len = keylen;
432 	ctx->cipher_type = cipher_type;
433 
434 	memcpy(ctx->enc_key, key, keylen);
435 
436 	return 0;
437 }
438 
439 static int cpt_aes_setkey(struct crypto_skcipher *tfm, const u8 *key,
440 			  u32 keylen, u8 cipher_type)
441 {
442 	struct otx_cpt_enc_ctx *ctx = crypto_skcipher_ctx(tfm);
443 
444 	switch (keylen) {
445 	case AES_KEYSIZE_128:
446 		ctx->key_type = OTX_CPT_AES_128_BIT;
447 		break;
448 	case AES_KEYSIZE_192:
449 		ctx->key_type = OTX_CPT_AES_192_BIT;
450 		break;
451 	case AES_KEYSIZE_256:
452 		ctx->key_type = OTX_CPT_AES_256_BIT;
453 		break;
454 	default:
455 		return -EINVAL;
456 	}
457 	ctx->key_len = keylen;
458 	ctx->cipher_type = cipher_type;
459 
460 	memcpy(ctx->enc_key, key, keylen);
461 
462 	return 0;
463 }
464 
465 static int otx_cpt_skcipher_cbc_aes_setkey(struct crypto_skcipher *tfm,
466 					   const u8 *key, u32 keylen)
467 {
468 	return cpt_aes_setkey(tfm, key, keylen, OTX_CPT_AES_CBC);
469 }
470 
471 static int otx_cpt_skcipher_ecb_aes_setkey(struct crypto_skcipher *tfm,
472 					   const u8 *key, u32 keylen)
473 {
474 	return cpt_aes_setkey(tfm, key, keylen, OTX_CPT_AES_ECB);
475 }
476 
477 static int otx_cpt_skcipher_cbc_des3_setkey(struct crypto_skcipher *tfm,
478 					    const u8 *key, u32 keylen)
479 {
480 	return cpt_des_setkey(tfm, key, keylen, OTX_CPT_DES3_CBC);
481 }
482 
483 static int otx_cpt_skcipher_ecb_des3_setkey(struct crypto_skcipher *tfm,
484 					    const u8 *key, u32 keylen)
485 {
486 	return cpt_des_setkey(tfm, key, keylen, OTX_CPT_DES3_ECB);
487 }
488 
489 static int otx_cpt_enc_dec_init(struct crypto_skcipher *tfm)
490 {
491 	struct otx_cpt_enc_ctx *ctx = crypto_skcipher_ctx(tfm);
492 
493 	memset(ctx, 0, sizeof(*ctx));
494 	/*
495 	 * Additional memory for skcipher_request is
496 	 * allocated since the cryptd daemon uses
497 	 * this memory for request_ctx information
498 	 */
499 	crypto_skcipher_set_reqsize_dma(
500 		tfm, sizeof(struct otx_cpt_req_ctx) +
501 		     sizeof(struct skcipher_request));
502 
503 	return 0;
504 }
505 
506 static int cpt_aead_init(struct crypto_aead *tfm, u8 cipher_type, u8 mac_type)
507 {
508 	struct otx_cpt_aead_ctx *ctx = crypto_aead_ctx_dma(tfm);
509 
510 	ctx->cipher_type = cipher_type;
511 	ctx->mac_type = mac_type;
512 
513 	switch (ctx->mac_type) {
514 	case OTX_CPT_SHA1:
515 		ctx->hashalg = crypto_alloc_shash("sha1", 0, 0);
516 		break;
517 
518 	case OTX_CPT_SHA256:
519 		ctx->hashalg = crypto_alloc_shash("sha256", 0, 0);
520 		break;
521 
522 	case OTX_CPT_SHA384:
523 		ctx->hashalg = crypto_alloc_shash("sha384", 0, 0);
524 		break;
525 
526 	case OTX_CPT_SHA512:
527 		ctx->hashalg = crypto_alloc_shash("sha512", 0, 0);
528 		break;
529 	}
530 
531 	if (IS_ERR(ctx->hashalg))
532 		return PTR_ERR(ctx->hashalg);
533 
534 	crypto_aead_set_reqsize_dma(tfm, sizeof(struct otx_cpt_req_ctx));
535 
536 	if (!ctx->hashalg)
537 		return 0;
538 
539 	/*
540 	 * When selected cipher is NULL we use HMAC opcode instead of
541 	 * FLEXICRYPTO opcode therefore we don't need to use HASH algorithms
542 	 * for calculating ipad and opad
543 	 */
544 	if (ctx->cipher_type != OTX_CPT_CIPHER_NULL) {
545 		int ss = crypto_shash_statesize(ctx->hashalg);
546 
547 		ctx->ipad = kzalloc(ss, GFP_KERNEL);
548 		if (!ctx->ipad) {
549 			crypto_free_shash(ctx->hashalg);
550 			return -ENOMEM;
551 		}
552 
553 		ctx->opad = kzalloc(ss, GFP_KERNEL);
554 		if (!ctx->opad) {
555 			kfree(ctx->ipad);
556 			crypto_free_shash(ctx->hashalg);
557 			return -ENOMEM;
558 		}
559 	}
560 
561 	ctx->sdesc = alloc_sdesc(ctx->hashalg);
562 	if (!ctx->sdesc) {
563 		kfree(ctx->opad);
564 		kfree(ctx->ipad);
565 		crypto_free_shash(ctx->hashalg);
566 		return -ENOMEM;
567 	}
568 
569 	return 0;
570 }
571 
572 static int otx_cpt_aead_cbc_aes_sha1_init(struct crypto_aead *tfm)
573 {
574 	return cpt_aead_init(tfm, OTX_CPT_AES_CBC, OTX_CPT_SHA1);
575 }
576 
577 static int otx_cpt_aead_cbc_aes_sha256_init(struct crypto_aead *tfm)
578 {
579 	return cpt_aead_init(tfm, OTX_CPT_AES_CBC, OTX_CPT_SHA256);
580 }
581 
582 static int otx_cpt_aead_cbc_aes_sha384_init(struct crypto_aead *tfm)
583 {
584 	return cpt_aead_init(tfm, OTX_CPT_AES_CBC, OTX_CPT_SHA384);
585 }
586 
587 static int otx_cpt_aead_cbc_aes_sha512_init(struct crypto_aead *tfm)
588 {
589 	return cpt_aead_init(tfm, OTX_CPT_AES_CBC, OTX_CPT_SHA512);
590 }
591 
592 static int otx_cpt_aead_ecb_null_sha1_init(struct crypto_aead *tfm)
593 {
594 	return cpt_aead_init(tfm, OTX_CPT_CIPHER_NULL, OTX_CPT_SHA1);
595 }
596 
597 static int otx_cpt_aead_ecb_null_sha256_init(struct crypto_aead *tfm)
598 {
599 	return cpt_aead_init(tfm, OTX_CPT_CIPHER_NULL, OTX_CPT_SHA256);
600 }
601 
602 static int otx_cpt_aead_ecb_null_sha384_init(struct crypto_aead *tfm)
603 {
604 	return cpt_aead_init(tfm, OTX_CPT_CIPHER_NULL, OTX_CPT_SHA384);
605 }
606 
607 static int otx_cpt_aead_ecb_null_sha512_init(struct crypto_aead *tfm)
608 {
609 	return cpt_aead_init(tfm, OTX_CPT_CIPHER_NULL, OTX_CPT_SHA512);
610 }
611 
612 static int otx_cpt_aead_gcm_aes_init(struct crypto_aead *tfm)
613 {
614 	return cpt_aead_init(tfm, OTX_CPT_AES_GCM, OTX_CPT_MAC_NULL);
615 }
616 
617 static void otx_cpt_aead_exit(struct crypto_aead *tfm)
618 {
619 	struct otx_cpt_aead_ctx *ctx = crypto_aead_ctx_dma(tfm);
620 
621 	kfree(ctx->ipad);
622 	kfree(ctx->opad);
623 	crypto_free_shash(ctx->hashalg);
624 	kfree(ctx->sdesc);
625 }
626 
627 /*
628  * This is the Integrity Check Value validation (aka the authentication tag
629  * length)
630  */
631 static int otx_cpt_aead_set_authsize(struct crypto_aead *tfm,
632 				     unsigned int authsize)
633 {
634 	struct otx_cpt_aead_ctx *ctx = crypto_aead_ctx_dma(tfm);
635 
636 	switch (ctx->mac_type) {
637 	case OTX_CPT_SHA1:
638 		if (authsize != SHA1_DIGEST_SIZE &&
639 		    authsize != SHA1_TRUNC_DIGEST_SIZE)
640 			return -EINVAL;
641 
642 		if (authsize == SHA1_TRUNC_DIGEST_SIZE)
643 			ctx->is_trunc_hmac = true;
644 		break;
645 
646 	case OTX_CPT_SHA256:
647 		if (authsize != SHA256_DIGEST_SIZE &&
648 		    authsize != SHA256_TRUNC_DIGEST_SIZE)
649 			return -EINVAL;
650 
651 		if (authsize == SHA256_TRUNC_DIGEST_SIZE)
652 			ctx->is_trunc_hmac = true;
653 		break;
654 
655 	case OTX_CPT_SHA384:
656 		if (authsize != SHA384_DIGEST_SIZE &&
657 		    authsize != SHA384_TRUNC_DIGEST_SIZE)
658 			return -EINVAL;
659 
660 		if (authsize == SHA384_TRUNC_DIGEST_SIZE)
661 			ctx->is_trunc_hmac = true;
662 		break;
663 
664 	case OTX_CPT_SHA512:
665 		if (authsize != SHA512_DIGEST_SIZE &&
666 		    authsize != SHA512_TRUNC_DIGEST_SIZE)
667 			return -EINVAL;
668 
669 		if (authsize == SHA512_TRUNC_DIGEST_SIZE)
670 			ctx->is_trunc_hmac = true;
671 		break;
672 
673 	case OTX_CPT_MAC_NULL:
674 		if (ctx->cipher_type == OTX_CPT_AES_GCM) {
675 			if (authsize != AES_GCM_ICV_SIZE)
676 				return -EINVAL;
677 		} else
678 			return -EINVAL;
679 		break;
680 
681 	default:
682 		return -EINVAL;
683 	}
684 
685 	tfm->authsize = authsize;
686 	return 0;
687 }
688 
689 static struct otx_cpt_sdesc *alloc_sdesc(struct crypto_shash *alg)
690 {
691 	struct otx_cpt_sdesc *sdesc;
692 	int size;
693 
694 	size = sizeof(struct shash_desc) + crypto_shash_descsize(alg);
695 	sdesc = kmalloc(size, GFP_KERNEL);
696 	if (!sdesc)
697 		return NULL;
698 
699 	sdesc->shash.tfm = alg;
700 
701 	return sdesc;
702 }
703 
704 static inline void swap_data32(void *buf, u32 len)
705 {
706 	cpu_to_be32_array(buf, buf, len / 4);
707 }
708 
709 static inline void swap_data64(void *buf, u32 len)
710 {
711 	__be64 *dst = buf;
712 	u64 *src = buf;
713 	int i = 0;
714 
715 	for (i = 0 ; i < len / 8; i++, src++, dst++)
716 		*dst = cpu_to_be64p(src);
717 }
718 
719 static int swap_pad(u8 mac_type, u8 *pad)
720 {
721 	struct sha512_state *sha512;
722 	struct sha256_state *sha256;
723 	struct sha1_state *sha1;
724 
725 	switch (mac_type) {
726 	case OTX_CPT_SHA1:
727 		sha1 = (struct sha1_state *)pad;
728 		swap_data32(sha1->state, SHA1_DIGEST_SIZE);
729 		break;
730 
731 	case OTX_CPT_SHA256:
732 		sha256 = (struct sha256_state *)pad;
733 		swap_data32(sha256->state, SHA256_DIGEST_SIZE);
734 		break;
735 
736 	case OTX_CPT_SHA384:
737 	case OTX_CPT_SHA512:
738 		sha512 = (struct sha512_state *)pad;
739 		swap_data64(sha512->state, SHA512_DIGEST_SIZE);
740 		break;
741 
742 	default:
743 		return -EINVAL;
744 	}
745 
746 	return 0;
747 }
748 
749 static int aead_hmac_init(struct crypto_aead *cipher,
750 			  struct crypto_authenc_keys *keys)
751 {
752 	struct otx_cpt_aead_ctx *ctx = crypto_aead_ctx_dma(cipher);
753 	int ds = crypto_shash_digestsize(ctx->hashalg);
754 	int bs = crypto_shash_blocksize(ctx->hashalg);
755 	int authkeylen = keys->authkeylen;
756 	u8 *ipad = NULL, *opad = NULL;
757 	int icount = 0;
758 	int ret;
759 
760 	if (authkeylen > bs) {
761 		ret = crypto_shash_digest(&ctx->sdesc->shash, keys->authkey,
762 					  authkeylen, ctx->key);
763 		if (ret)
764 			return ret;
765 		authkeylen = ds;
766 	} else
767 		memcpy(ctx->key, keys->authkey, authkeylen);
768 
769 	ctx->enc_key_len = keys->enckeylen;
770 	ctx->auth_key_len = authkeylen;
771 
772 	if (ctx->cipher_type == OTX_CPT_CIPHER_NULL)
773 		return keys->enckeylen ? -EINVAL : 0;
774 
775 	switch (keys->enckeylen) {
776 	case AES_KEYSIZE_128:
777 		ctx->key_type = OTX_CPT_AES_128_BIT;
778 		break;
779 	case AES_KEYSIZE_192:
780 		ctx->key_type = OTX_CPT_AES_192_BIT;
781 		break;
782 	case AES_KEYSIZE_256:
783 		ctx->key_type = OTX_CPT_AES_256_BIT;
784 		break;
785 	default:
786 		/* Invalid key length */
787 		return -EINVAL;
788 	}
789 
790 	memcpy(ctx->key + authkeylen, keys->enckey, keys->enckeylen);
791 
792 	ipad = ctx->ipad;
793 	opad = ctx->opad;
794 
795 	memcpy(ipad, ctx->key, authkeylen);
796 	memset(ipad + authkeylen, 0, bs - authkeylen);
797 	memcpy(opad, ipad, bs);
798 
799 	for (icount = 0; icount < bs; icount++) {
800 		ipad[icount] ^= 0x36;
801 		opad[icount] ^= 0x5c;
802 	}
803 
804 	/*
805 	 * Partial Hash calculated from the software
806 	 * algorithm is retrieved for IPAD & OPAD
807 	 */
808 
809 	/* IPAD Calculation */
810 	crypto_shash_init(&ctx->sdesc->shash);
811 	crypto_shash_update(&ctx->sdesc->shash, ipad, bs);
812 	crypto_shash_export(&ctx->sdesc->shash, ipad);
813 	ret = swap_pad(ctx->mac_type, ipad);
814 	if (ret)
815 		goto calc_fail;
816 
817 	/* OPAD Calculation */
818 	crypto_shash_init(&ctx->sdesc->shash);
819 	crypto_shash_update(&ctx->sdesc->shash, opad, bs);
820 	crypto_shash_export(&ctx->sdesc->shash, opad);
821 	ret = swap_pad(ctx->mac_type, opad);
822 
823 calc_fail:
824 	return ret;
825 }
826 
827 static int otx_cpt_aead_cbc_aes_sha_setkey(struct crypto_aead *cipher,
828 					   const unsigned char *key,
829 					   unsigned int keylen)
830 {
831 	struct crypto_authenc_keys authenc_keys;
832 	int status;
833 
834 	status = crypto_authenc_extractkeys(&authenc_keys, key, keylen);
835 	if (status)
836 		goto badkey;
837 
838 	status = aead_hmac_init(cipher, &authenc_keys);
839 
840 badkey:
841 	return status;
842 }
843 
844 static int otx_cpt_aead_ecb_null_sha_setkey(struct crypto_aead *cipher,
845 					    const unsigned char *key,
846 					    unsigned int keylen)
847 {
848 	return otx_cpt_aead_cbc_aes_sha_setkey(cipher, key, keylen);
849 }
850 
851 static int otx_cpt_aead_gcm_aes_setkey(struct crypto_aead *cipher,
852 				       const unsigned char *key,
853 				       unsigned int keylen)
854 {
855 	struct otx_cpt_aead_ctx *ctx = crypto_aead_ctx_dma(cipher);
856 
857 	/*
858 	 * For aes gcm we expect to get encryption key (16, 24, 32 bytes)
859 	 * and salt (4 bytes)
860 	 */
861 	switch (keylen) {
862 	case AES_KEYSIZE_128 + AES_GCM_SALT_SIZE:
863 		ctx->key_type = OTX_CPT_AES_128_BIT;
864 		ctx->enc_key_len = AES_KEYSIZE_128;
865 		break;
866 	case AES_KEYSIZE_192 + AES_GCM_SALT_SIZE:
867 		ctx->key_type = OTX_CPT_AES_192_BIT;
868 		ctx->enc_key_len = AES_KEYSIZE_192;
869 		break;
870 	case AES_KEYSIZE_256 + AES_GCM_SALT_SIZE:
871 		ctx->key_type = OTX_CPT_AES_256_BIT;
872 		ctx->enc_key_len = AES_KEYSIZE_256;
873 		break;
874 	default:
875 		/* Invalid key and salt length */
876 		return -EINVAL;
877 	}
878 
879 	/* Store encryption key and salt */
880 	memcpy(ctx->key, key, keylen);
881 
882 	return 0;
883 }
884 
885 static inline u32 create_aead_ctx_hdr(struct aead_request *req, u32 enc,
886 				      u32 *argcnt)
887 {
888 	struct otx_cpt_req_ctx *rctx = aead_request_ctx_dma(req);
889 	struct crypto_aead *tfm = crypto_aead_reqtfm(req);
890 	struct otx_cpt_aead_ctx *ctx = crypto_aead_ctx_dma(tfm);
891 	struct otx_cpt_req_info *req_info = &rctx->cpt_req;
892 	struct otx_cpt_fc_ctx *fctx = &rctx->fctx;
893 	int mac_len = crypto_aead_authsize(tfm);
894 	int ds;
895 
896 	rctx->ctrl_word.e.enc_data_offset = req->assoclen;
897 
898 	switch (ctx->cipher_type) {
899 	case OTX_CPT_AES_CBC:
900 		fctx->enc.enc_ctrl.e.iv_source = OTX_CPT_FROM_CPTR;
901 		/* Copy encryption key to context */
902 		memcpy(fctx->enc.encr_key, ctx->key + ctx->auth_key_len,
903 		       ctx->enc_key_len);
904 		/* Copy IV to context */
905 		memcpy(fctx->enc.encr_iv, req->iv, crypto_aead_ivsize(tfm));
906 
907 		ds = crypto_shash_digestsize(ctx->hashalg);
908 		if (ctx->mac_type == OTX_CPT_SHA384)
909 			ds = SHA512_DIGEST_SIZE;
910 		if (ctx->ipad)
911 			memcpy(fctx->hmac.e.ipad, ctx->ipad, ds);
912 		if (ctx->opad)
913 			memcpy(fctx->hmac.e.opad, ctx->opad, ds);
914 		break;
915 
916 	case OTX_CPT_AES_GCM:
917 		fctx->enc.enc_ctrl.e.iv_source = OTX_CPT_FROM_DPTR;
918 		/* Copy encryption key to context */
919 		memcpy(fctx->enc.encr_key, ctx->key, ctx->enc_key_len);
920 		/* Copy salt to context */
921 		memcpy(fctx->enc.encr_iv, ctx->key + ctx->enc_key_len,
922 		       AES_GCM_SALT_SIZE);
923 
924 		rctx->ctrl_word.e.iv_offset = req->assoclen - AES_GCM_IV_OFFSET;
925 		break;
926 
927 	default:
928 		/* Unknown cipher type */
929 		return -EINVAL;
930 	}
931 	rctx->ctrl_word.flags = cpu_to_be64(rctx->ctrl_word.cflags);
932 
933 	req_info->ctrl.s.dma_mode = OTX_CPT_DMA_GATHER_SCATTER;
934 	req_info->ctrl.s.se_req = OTX_CPT_SE_CORE_REQ;
935 	req_info->req.opcode.s.major = OTX_CPT_MAJOR_OP_FC |
936 				 DMA_MODE_FLAG(OTX_CPT_DMA_GATHER_SCATTER);
937 	if (enc) {
938 		req_info->req.opcode.s.minor = 2;
939 		req_info->req.param1 = req->cryptlen;
940 		req_info->req.param2 = req->cryptlen + req->assoclen;
941 	} else {
942 		req_info->req.opcode.s.minor = 3;
943 		req_info->req.param1 = req->cryptlen - mac_len;
944 		req_info->req.param2 = req->cryptlen + req->assoclen - mac_len;
945 	}
946 
947 	fctx->enc.enc_ctrl.e.enc_cipher = ctx->cipher_type;
948 	fctx->enc.enc_ctrl.e.aes_key = ctx->key_type;
949 	fctx->enc.enc_ctrl.e.mac_type = ctx->mac_type;
950 	fctx->enc.enc_ctrl.e.mac_len = mac_len;
951 	fctx->enc.enc_ctrl.flags = cpu_to_be64(fctx->enc.enc_ctrl.cflags);
952 
953 	/*
954 	 * Storing Packet Data Information in offset
955 	 * Control Word First 8 bytes
956 	 */
957 	req_info->in[*argcnt].vptr = (u8 *)&rctx->ctrl_word;
958 	req_info->in[*argcnt].size = CONTROL_WORD_LEN;
959 	req_info->req.dlen += CONTROL_WORD_LEN;
960 	++(*argcnt);
961 
962 	req_info->in[*argcnt].vptr = (u8 *)fctx;
963 	req_info->in[*argcnt].size = sizeof(struct otx_cpt_fc_ctx);
964 	req_info->req.dlen += sizeof(struct otx_cpt_fc_ctx);
965 	++(*argcnt);
966 
967 	return 0;
968 }
969 
970 static inline u32 create_hmac_ctx_hdr(struct aead_request *req, u32 *argcnt,
971 				      u32 enc)
972 {
973 	struct otx_cpt_req_ctx *rctx = aead_request_ctx_dma(req);
974 	struct crypto_aead *tfm = crypto_aead_reqtfm(req);
975 	struct otx_cpt_aead_ctx *ctx = crypto_aead_ctx_dma(tfm);
976 	struct otx_cpt_req_info *req_info = &rctx->cpt_req;
977 
978 	req_info->ctrl.s.dma_mode = OTX_CPT_DMA_GATHER_SCATTER;
979 	req_info->ctrl.s.se_req = OTX_CPT_SE_CORE_REQ;
980 	req_info->req.opcode.s.major = OTX_CPT_MAJOR_OP_HMAC |
981 				 DMA_MODE_FLAG(OTX_CPT_DMA_GATHER_SCATTER);
982 	req_info->is_trunc_hmac = ctx->is_trunc_hmac;
983 
984 	req_info->req.opcode.s.minor = 0;
985 	req_info->req.param1 = ctx->auth_key_len;
986 	req_info->req.param2 = ctx->mac_type << 8;
987 
988 	/* Add authentication key */
989 	req_info->in[*argcnt].vptr = ctx->key;
990 	req_info->in[*argcnt].size = round_up(ctx->auth_key_len, 8);
991 	req_info->req.dlen += round_up(ctx->auth_key_len, 8);
992 	++(*argcnt);
993 
994 	return 0;
995 }
996 
997 static inline u32 create_aead_input_list(struct aead_request *req, u32 enc)
998 {
999 	struct otx_cpt_req_ctx *rctx = aead_request_ctx_dma(req);
1000 	struct otx_cpt_req_info *req_info = &rctx->cpt_req;
1001 	u32 inputlen =  req->cryptlen + req->assoclen;
1002 	u32 status, argcnt = 0;
1003 
1004 	status = create_aead_ctx_hdr(req, enc, &argcnt);
1005 	if (status)
1006 		return status;
1007 	update_input_data(req_info, req->src, inputlen, &argcnt);
1008 	req_info->incnt = argcnt;
1009 
1010 	return 0;
1011 }
1012 
1013 static inline u32 create_aead_output_list(struct aead_request *req, u32 enc,
1014 					  u32 mac_len)
1015 {
1016 	struct otx_cpt_req_ctx *rctx = aead_request_ctx_dma(req);
1017 	struct otx_cpt_req_info *req_info =  &rctx->cpt_req;
1018 	u32 argcnt = 0, outputlen = 0;
1019 
1020 	if (enc)
1021 		outputlen = req->cryptlen +  req->assoclen + mac_len;
1022 	else
1023 		outputlen = req->cryptlen + req->assoclen - mac_len;
1024 
1025 	update_output_data(req_info, req->dst, 0, outputlen, &argcnt);
1026 	req_info->outcnt = argcnt;
1027 
1028 	return 0;
1029 }
1030 
1031 static inline u32 create_aead_null_input_list(struct aead_request *req,
1032 					      u32 enc, u32 mac_len)
1033 {
1034 	struct otx_cpt_req_ctx *rctx = aead_request_ctx_dma(req);
1035 	struct otx_cpt_req_info *req_info = &rctx->cpt_req;
1036 	u32 inputlen, argcnt = 0;
1037 
1038 	if (enc)
1039 		inputlen =  req->cryptlen + req->assoclen;
1040 	else
1041 		inputlen =  req->cryptlen + req->assoclen - mac_len;
1042 
1043 	create_hmac_ctx_hdr(req, &argcnt, enc);
1044 	update_input_data(req_info, req->src, inputlen, &argcnt);
1045 	req_info->incnt = argcnt;
1046 
1047 	return 0;
1048 }
1049 
1050 static inline u32 create_aead_null_output_list(struct aead_request *req,
1051 					       u32 enc, u32 mac_len)
1052 {
1053 	struct otx_cpt_req_ctx *rctx = aead_request_ctx_dma(req);
1054 	struct otx_cpt_req_info *req_info =  &rctx->cpt_req;
1055 	struct scatterlist *dst;
1056 	u8 *ptr = NULL;
1057 	int argcnt = 0, status, offset;
1058 	u32 inputlen;
1059 
1060 	if (enc)
1061 		inputlen =  req->cryptlen + req->assoclen;
1062 	else
1063 		inputlen =  req->cryptlen + req->assoclen - mac_len;
1064 
1065 	/*
1066 	 * If source and destination are different
1067 	 * then copy payload to destination
1068 	 */
1069 	if (req->src != req->dst) {
1070 
1071 		ptr = kmalloc(inputlen, (req_info->areq->flags &
1072 					 CRYPTO_TFM_REQ_MAY_SLEEP) ?
1073 					 GFP_KERNEL : GFP_ATOMIC);
1074 		if (!ptr) {
1075 			status = -ENOMEM;
1076 			goto error;
1077 		}
1078 
1079 		status = sg_copy_to_buffer(req->src, sg_nents(req->src), ptr,
1080 					   inputlen);
1081 		if (status != inputlen) {
1082 			status = -EINVAL;
1083 			goto error_free;
1084 		}
1085 		status = sg_copy_from_buffer(req->dst, sg_nents(req->dst), ptr,
1086 					     inputlen);
1087 		if (status != inputlen) {
1088 			status = -EINVAL;
1089 			goto error_free;
1090 		}
1091 		kfree(ptr);
1092 	}
1093 
1094 	if (enc) {
1095 		/*
1096 		 * In an encryption scenario hmac needs
1097 		 * to be appended after payload
1098 		 */
1099 		dst = req->dst;
1100 		offset = inputlen;
1101 		while (offset >= dst->length) {
1102 			offset -= dst->length;
1103 			dst = sg_next(dst);
1104 			if (!dst) {
1105 				status = -ENOENT;
1106 				goto error;
1107 			}
1108 		}
1109 
1110 		update_output_data(req_info, dst, offset, mac_len, &argcnt);
1111 	} else {
1112 		/*
1113 		 * In a decryption scenario calculated hmac for received
1114 		 * payload needs to be compare with hmac received
1115 		 */
1116 		status = sg_copy_buffer(req->src, sg_nents(req->src),
1117 					rctx->fctx.hmac.s.hmac_recv, mac_len,
1118 					inputlen, true);
1119 		if (status != mac_len) {
1120 			status = -EINVAL;
1121 			goto error;
1122 		}
1123 
1124 		req_info->out[argcnt].vptr = rctx->fctx.hmac.s.hmac_calc;
1125 		req_info->out[argcnt].size = mac_len;
1126 		argcnt++;
1127 	}
1128 
1129 	req_info->outcnt = argcnt;
1130 	return 0;
1131 
1132 error_free:
1133 	kfree(ptr);
1134 error:
1135 	return status;
1136 }
1137 
1138 static u32 cpt_aead_enc_dec(struct aead_request *req, u8 reg_type, u8 enc)
1139 {
1140 	struct otx_cpt_req_ctx *rctx = aead_request_ctx_dma(req);
1141 	struct otx_cpt_req_info *req_info = &rctx->cpt_req;
1142 	struct crypto_aead *tfm = crypto_aead_reqtfm(req);
1143 	struct pci_dev *pdev;
1144 	u32 status, cpu_num;
1145 
1146 	/* Clear control words */
1147 	rctx->ctrl_word.flags = 0;
1148 	rctx->fctx.enc.enc_ctrl.flags = 0;
1149 
1150 	req_info->callback = otx_cpt_aead_callback;
1151 	req_info->areq = &req->base;
1152 	req_info->req_type = reg_type;
1153 	req_info->is_enc = enc;
1154 	req_info->is_trunc_hmac = false;
1155 
1156 	switch (reg_type) {
1157 	case OTX_CPT_AEAD_ENC_DEC_REQ:
1158 		status = create_aead_input_list(req, enc);
1159 		if (status)
1160 			return status;
1161 		status = create_aead_output_list(req, enc,
1162 						 crypto_aead_authsize(tfm));
1163 		if (status)
1164 			return status;
1165 		break;
1166 
1167 	case OTX_CPT_AEAD_ENC_DEC_NULL_REQ:
1168 		status = create_aead_null_input_list(req, enc,
1169 						     crypto_aead_authsize(tfm));
1170 		if (status)
1171 			return status;
1172 		status = create_aead_null_output_list(req, enc,
1173 						crypto_aead_authsize(tfm));
1174 		if (status)
1175 			return status;
1176 		break;
1177 
1178 	default:
1179 		return -EINVAL;
1180 	}
1181 
1182 	/* Validate that request doesn't exceed maximum CPT supported size */
1183 	if (req_info->req.param1 > OTX_CPT_MAX_REQ_SIZE ||
1184 	    req_info->req.param2 > OTX_CPT_MAX_REQ_SIZE)
1185 		return -E2BIG;
1186 
1187 	status = get_se_device(&pdev, &cpu_num);
1188 	if (status)
1189 		return status;
1190 
1191 	req_info->ctrl.s.grp = 0;
1192 
1193 	status = otx_cpt_do_request(pdev, req_info, cpu_num);
1194 	/*
1195 	 * We perform an asynchronous send and once
1196 	 * the request is completed the driver would
1197 	 * intimate through registered call back functions
1198 	 */
1199 	return status;
1200 }
1201 
1202 static int otx_cpt_aead_encrypt(struct aead_request *req)
1203 {
1204 	return cpt_aead_enc_dec(req, OTX_CPT_AEAD_ENC_DEC_REQ, true);
1205 }
1206 
1207 static int otx_cpt_aead_decrypt(struct aead_request *req)
1208 {
1209 	return cpt_aead_enc_dec(req, OTX_CPT_AEAD_ENC_DEC_REQ, false);
1210 }
1211 
1212 static int otx_cpt_aead_null_encrypt(struct aead_request *req)
1213 {
1214 	return cpt_aead_enc_dec(req, OTX_CPT_AEAD_ENC_DEC_NULL_REQ, true);
1215 }
1216 
1217 static int otx_cpt_aead_null_decrypt(struct aead_request *req)
1218 {
1219 	return cpt_aead_enc_dec(req, OTX_CPT_AEAD_ENC_DEC_NULL_REQ, false);
1220 }
1221 
1222 static struct skcipher_alg otx_cpt_skciphers[] = { {
1223 	.base.cra_name = "xts(aes)",
1224 	.base.cra_driver_name = "cpt_xts_aes",
1225 	.base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1226 	.base.cra_blocksize = AES_BLOCK_SIZE,
1227 	.base.cra_ctxsize = sizeof(struct otx_cpt_enc_ctx),
1228 	.base.cra_alignmask = 7,
1229 	.base.cra_priority = 4001,
1230 	.base.cra_module = THIS_MODULE,
1231 
1232 	.init = otx_cpt_enc_dec_init,
1233 	.ivsize = AES_BLOCK_SIZE,
1234 	.min_keysize = 2 * AES_MIN_KEY_SIZE,
1235 	.max_keysize = 2 * AES_MAX_KEY_SIZE,
1236 	.setkey = otx_cpt_skcipher_xts_setkey,
1237 	.encrypt = otx_cpt_skcipher_encrypt,
1238 	.decrypt = otx_cpt_skcipher_decrypt,
1239 }, {
1240 	.base.cra_name = "cbc(aes)",
1241 	.base.cra_driver_name = "cpt_cbc_aes",
1242 	.base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1243 	.base.cra_blocksize = AES_BLOCK_SIZE,
1244 	.base.cra_ctxsize = sizeof(struct otx_cpt_enc_ctx),
1245 	.base.cra_alignmask = 7,
1246 	.base.cra_priority = 4001,
1247 	.base.cra_module = THIS_MODULE,
1248 
1249 	.init = otx_cpt_enc_dec_init,
1250 	.ivsize = AES_BLOCK_SIZE,
1251 	.min_keysize = AES_MIN_KEY_SIZE,
1252 	.max_keysize = AES_MAX_KEY_SIZE,
1253 	.setkey = otx_cpt_skcipher_cbc_aes_setkey,
1254 	.encrypt = otx_cpt_skcipher_encrypt,
1255 	.decrypt = otx_cpt_skcipher_decrypt,
1256 }, {
1257 	.base.cra_name = "ecb(aes)",
1258 	.base.cra_driver_name = "cpt_ecb_aes",
1259 	.base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1260 	.base.cra_blocksize = AES_BLOCK_SIZE,
1261 	.base.cra_ctxsize = sizeof(struct otx_cpt_enc_ctx),
1262 	.base.cra_alignmask = 7,
1263 	.base.cra_priority = 4001,
1264 	.base.cra_module = THIS_MODULE,
1265 
1266 	.init = otx_cpt_enc_dec_init,
1267 	.ivsize = 0,
1268 	.min_keysize = AES_MIN_KEY_SIZE,
1269 	.max_keysize = AES_MAX_KEY_SIZE,
1270 	.setkey = otx_cpt_skcipher_ecb_aes_setkey,
1271 	.encrypt = otx_cpt_skcipher_encrypt,
1272 	.decrypt = otx_cpt_skcipher_decrypt,
1273 }, {
1274 	.base.cra_name = "cbc(des3_ede)",
1275 	.base.cra_driver_name = "cpt_cbc_des3_ede",
1276 	.base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1277 	.base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
1278 	.base.cra_ctxsize = sizeof(struct otx_cpt_des3_ctx),
1279 	.base.cra_alignmask = 7,
1280 	.base.cra_priority = 4001,
1281 	.base.cra_module = THIS_MODULE,
1282 
1283 	.init = otx_cpt_enc_dec_init,
1284 	.min_keysize = DES3_EDE_KEY_SIZE,
1285 	.max_keysize = DES3_EDE_KEY_SIZE,
1286 	.ivsize = DES_BLOCK_SIZE,
1287 	.setkey = otx_cpt_skcipher_cbc_des3_setkey,
1288 	.encrypt = otx_cpt_skcipher_encrypt,
1289 	.decrypt = otx_cpt_skcipher_decrypt,
1290 }, {
1291 	.base.cra_name = "ecb(des3_ede)",
1292 	.base.cra_driver_name = "cpt_ecb_des3_ede",
1293 	.base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1294 	.base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
1295 	.base.cra_ctxsize = sizeof(struct otx_cpt_des3_ctx),
1296 	.base.cra_alignmask = 7,
1297 	.base.cra_priority = 4001,
1298 	.base.cra_module = THIS_MODULE,
1299 
1300 	.init = otx_cpt_enc_dec_init,
1301 	.min_keysize = DES3_EDE_KEY_SIZE,
1302 	.max_keysize = DES3_EDE_KEY_SIZE,
1303 	.ivsize = 0,
1304 	.setkey = otx_cpt_skcipher_ecb_des3_setkey,
1305 	.encrypt = otx_cpt_skcipher_encrypt,
1306 	.decrypt = otx_cpt_skcipher_decrypt,
1307 } };
1308 
1309 static struct aead_alg otx_cpt_aeads[] = { {
1310 	.base = {
1311 		.cra_name = "authenc(hmac(sha1),cbc(aes))",
1312 		.cra_driver_name = "cpt_hmac_sha1_cbc_aes",
1313 		.cra_blocksize = AES_BLOCK_SIZE,
1314 		.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1315 		.cra_ctxsize = sizeof(struct otx_cpt_aead_ctx) + CRYPTO_DMA_PADDING,
1316 		.cra_priority = 4001,
1317 		.cra_alignmask = 0,
1318 		.cra_module = THIS_MODULE,
1319 	},
1320 	.init = otx_cpt_aead_cbc_aes_sha1_init,
1321 	.exit = otx_cpt_aead_exit,
1322 	.setkey = otx_cpt_aead_cbc_aes_sha_setkey,
1323 	.setauthsize = otx_cpt_aead_set_authsize,
1324 	.encrypt = otx_cpt_aead_encrypt,
1325 	.decrypt = otx_cpt_aead_decrypt,
1326 	.ivsize = AES_BLOCK_SIZE,
1327 	.maxauthsize = SHA1_DIGEST_SIZE,
1328 }, {
1329 	.base = {
1330 		.cra_name = "authenc(hmac(sha256),cbc(aes))",
1331 		.cra_driver_name = "cpt_hmac_sha256_cbc_aes",
1332 		.cra_blocksize = AES_BLOCK_SIZE,
1333 		.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1334 		.cra_ctxsize = sizeof(struct otx_cpt_aead_ctx) + CRYPTO_DMA_PADDING,
1335 		.cra_priority = 4001,
1336 		.cra_alignmask = 0,
1337 		.cra_module = THIS_MODULE,
1338 	},
1339 	.init = otx_cpt_aead_cbc_aes_sha256_init,
1340 	.exit = otx_cpt_aead_exit,
1341 	.setkey = otx_cpt_aead_cbc_aes_sha_setkey,
1342 	.setauthsize = otx_cpt_aead_set_authsize,
1343 	.encrypt = otx_cpt_aead_encrypt,
1344 	.decrypt = otx_cpt_aead_decrypt,
1345 	.ivsize = AES_BLOCK_SIZE,
1346 	.maxauthsize = SHA256_DIGEST_SIZE,
1347 }, {
1348 	.base = {
1349 		.cra_name = "authenc(hmac(sha384),cbc(aes))",
1350 		.cra_driver_name = "cpt_hmac_sha384_cbc_aes",
1351 		.cra_blocksize = AES_BLOCK_SIZE,
1352 		.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1353 		.cra_ctxsize = sizeof(struct otx_cpt_aead_ctx) + CRYPTO_DMA_PADDING,
1354 		.cra_priority = 4001,
1355 		.cra_alignmask = 0,
1356 		.cra_module = THIS_MODULE,
1357 	},
1358 	.init = otx_cpt_aead_cbc_aes_sha384_init,
1359 	.exit = otx_cpt_aead_exit,
1360 	.setkey = otx_cpt_aead_cbc_aes_sha_setkey,
1361 	.setauthsize = otx_cpt_aead_set_authsize,
1362 	.encrypt = otx_cpt_aead_encrypt,
1363 	.decrypt = otx_cpt_aead_decrypt,
1364 	.ivsize = AES_BLOCK_SIZE,
1365 	.maxauthsize = SHA384_DIGEST_SIZE,
1366 }, {
1367 	.base = {
1368 		.cra_name = "authenc(hmac(sha512),cbc(aes))",
1369 		.cra_driver_name = "cpt_hmac_sha512_cbc_aes",
1370 		.cra_blocksize = AES_BLOCK_SIZE,
1371 		.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1372 		.cra_ctxsize = sizeof(struct otx_cpt_aead_ctx) + CRYPTO_DMA_PADDING,
1373 		.cra_priority = 4001,
1374 		.cra_alignmask = 0,
1375 		.cra_module = THIS_MODULE,
1376 	},
1377 	.init = otx_cpt_aead_cbc_aes_sha512_init,
1378 	.exit = otx_cpt_aead_exit,
1379 	.setkey = otx_cpt_aead_cbc_aes_sha_setkey,
1380 	.setauthsize = otx_cpt_aead_set_authsize,
1381 	.encrypt = otx_cpt_aead_encrypt,
1382 	.decrypt = otx_cpt_aead_decrypt,
1383 	.ivsize = AES_BLOCK_SIZE,
1384 	.maxauthsize = SHA512_DIGEST_SIZE,
1385 }, {
1386 	.base = {
1387 		.cra_name = "authenc(hmac(sha1),ecb(cipher_null))",
1388 		.cra_driver_name = "cpt_hmac_sha1_ecb_null",
1389 		.cra_blocksize = 1,
1390 		.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1391 		.cra_ctxsize = sizeof(struct otx_cpt_aead_ctx) + CRYPTO_DMA_PADDING,
1392 		.cra_priority = 4001,
1393 		.cra_alignmask = 0,
1394 		.cra_module = THIS_MODULE,
1395 	},
1396 	.init = otx_cpt_aead_ecb_null_sha1_init,
1397 	.exit = otx_cpt_aead_exit,
1398 	.setkey = otx_cpt_aead_ecb_null_sha_setkey,
1399 	.setauthsize = otx_cpt_aead_set_authsize,
1400 	.encrypt = otx_cpt_aead_null_encrypt,
1401 	.decrypt = otx_cpt_aead_null_decrypt,
1402 	.ivsize = 0,
1403 	.maxauthsize = SHA1_DIGEST_SIZE,
1404 }, {
1405 	.base = {
1406 		.cra_name = "authenc(hmac(sha256),ecb(cipher_null))",
1407 		.cra_driver_name = "cpt_hmac_sha256_ecb_null",
1408 		.cra_blocksize = 1,
1409 		.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1410 		.cra_ctxsize = sizeof(struct otx_cpt_aead_ctx) + CRYPTO_DMA_PADDING,
1411 		.cra_priority = 4001,
1412 		.cra_alignmask = 0,
1413 		.cra_module = THIS_MODULE,
1414 	},
1415 	.init = otx_cpt_aead_ecb_null_sha256_init,
1416 	.exit = otx_cpt_aead_exit,
1417 	.setkey = otx_cpt_aead_ecb_null_sha_setkey,
1418 	.setauthsize = otx_cpt_aead_set_authsize,
1419 	.encrypt = otx_cpt_aead_null_encrypt,
1420 	.decrypt = otx_cpt_aead_null_decrypt,
1421 	.ivsize = 0,
1422 	.maxauthsize = SHA256_DIGEST_SIZE,
1423 }, {
1424 	.base = {
1425 		.cra_name = "authenc(hmac(sha384),ecb(cipher_null))",
1426 		.cra_driver_name = "cpt_hmac_sha384_ecb_null",
1427 		.cra_blocksize = 1,
1428 		.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1429 		.cra_ctxsize = sizeof(struct otx_cpt_aead_ctx) + CRYPTO_DMA_PADDING,
1430 		.cra_priority = 4001,
1431 		.cra_alignmask = 0,
1432 		.cra_module = THIS_MODULE,
1433 	},
1434 	.init = otx_cpt_aead_ecb_null_sha384_init,
1435 	.exit = otx_cpt_aead_exit,
1436 	.setkey = otx_cpt_aead_ecb_null_sha_setkey,
1437 	.setauthsize = otx_cpt_aead_set_authsize,
1438 	.encrypt = otx_cpt_aead_null_encrypt,
1439 	.decrypt = otx_cpt_aead_null_decrypt,
1440 	.ivsize = 0,
1441 	.maxauthsize = SHA384_DIGEST_SIZE,
1442 }, {
1443 	.base = {
1444 		.cra_name = "authenc(hmac(sha512),ecb(cipher_null))",
1445 		.cra_driver_name = "cpt_hmac_sha512_ecb_null",
1446 		.cra_blocksize = 1,
1447 		.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1448 		.cra_ctxsize = sizeof(struct otx_cpt_aead_ctx) + CRYPTO_DMA_PADDING,
1449 		.cra_priority = 4001,
1450 		.cra_alignmask = 0,
1451 		.cra_module = THIS_MODULE,
1452 	},
1453 	.init = otx_cpt_aead_ecb_null_sha512_init,
1454 	.exit = otx_cpt_aead_exit,
1455 	.setkey = otx_cpt_aead_ecb_null_sha_setkey,
1456 	.setauthsize = otx_cpt_aead_set_authsize,
1457 	.encrypt = otx_cpt_aead_null_encrypt,
1458 	.decrypt = otx_cpt_aead_null_decrypt,
1459 	.ivsize = 0,
1460 	.maxauthsize = SHA512_DIGEST_SIZE,
1461 }, {
1462 	.base = {
1463 		.cra_name = "rfc4106(gcm(aes))",
1464 		.cra_driver_name = "cpt_rfc4106_gcm_aes",
1465 		.cra_blocksize = 1,
1466 		.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY,
1467 		.cra_ctxsize = sizeof(struct otx_cpt_aead_ctx) + CRYPTO_DMA_PADDING,
1468 		.cra_priority = 4001,
1469 		.cra_alignmask = 0,
1470 		.cra_module = THIS_MODULE,
1471 	},
1472 	.init = otx_cpt_aead_gcm_aes_init,
1473 	.exit = otx_cpt_aead_exit,
1474 	.setkey = otx_cpt_aead_gcm_aes_setkey,
1475 	.setauthsize = otx_cpt_aead_set_authsize,
1476 	.encrypt = otx_cpt_aead_encrypt,
1477 	.decrypt = otx_cpt_aead_decrypt,
1478 	.ivsize = AES_GCM_IV_SIZE,
1479 	.maxauthsize = AES_GCM_ICV_SIZE,
1480 } };
1481 
1482 static inline int is_any_alg_used(void)
1483 {
1484 	int i;
1485 
1486 	for (i = 0; i < ARRAY_SIZE(otx_cpt_skciphers); i++)
1487 		if (refcount_read(&otx_cpt_skciphers[i].base.cra_refcnt) != 1)
1488 			return true;
1489 	for (i = 0; i < ARRAY_SIZE(otx_cpt_aeads); i++)
1490 		if (refcount_read(&otx_cpt_aeads[i].base.cra_refcnt) != 1)
1491 			return true;
1492 	return false;
1493 }
1494 
1495 static inline int cpt_register_algs(void)
1496 {
1497 	int i, err = 0;
1498 
1499 	if (!IS_ENABLED(CONFIG_DM_CRYPT)) {
1500 		for (i = 0; i < ARRAY_SIZE(otx_cpt_skciphers); i++)
1501 			otx_cpt_skciphers[i].base.cra_flags &= ~CRYPTO_ALG_DEAD;
1502 
1503 		err = crypto_register_skciphers(otx_cpt_skciphers,
1504 						ARRAY_SIZE(otx_cpt_skciphers));
1505 		if (err)
1506 			return err;
1507 	}
1508 
1509 	for (i = 0; i < ARRAY_SIZE(otx_cpt_aeads); i++)
1510 		otx_cpt_aeads[i].base.cra_flags &= ~CRYPTO_ALG_DEAD;
1511 
1512 	err = crypto_register_aeads(otx_cpt_aeads, ARRAY_SIZE(otx_cpt_aeads));
1513 	if (err) {
1514 		crypto_unregister_skciphers(otx_cpt_skciphers,
1515 					    ARRAY_SIZE(otx_cpt_skciphers));
1516 		return err;
1517 	}
1518 
1519 	return 0;
1520 }
1521 
1522 static inline void cpt_unregister_algs(void)
1523 {
1524 	crypto_unregister_skciphers(otx_cpt_skciphers,
1525 				    ARRAY_SIZE(otx_cpt_skciphers));
1526 	crypto_unregister_aeads(otx_cpt_aeads, ARRAY_SIZE(otx_cpt_aeads));
1527 }
1528 
1529 static int compare_func(const void *lptr, const void *rptr)
1530 {
1531 	struct cpt_device_desc *ldesc = (struct cpt_device_desc *) lptr;
1532 	struct cpt_device_desc *rdesc = (struct cpt_device_desc *) rptr;
1533 
1534 	if (ldesc->dev->devfn < rdesc->dev->devfn)
1535 		return -1;
1536 	if (ldesc->dev->devfn > rdesc->dev->devfn)
1537 		return 1;
1538 	return 0;
1539 }
1540 
1541 int otx_cpt_crypto_init(struct pci_dev *pdev, struct module *mod,
1542 			enum otx_cptpf_type pf_type,
1543 			enum otx_cptvf_type engine_type,
1544 			int num_queues, int num_devices)
1545 {
1546 	int ret = 0;
1547 	int count;
1548 
1549 	mutex_lock(&mutex);
1550 	switch (engine_type) {
1551 	case OTX_CPT_SE_TYPES:
1552 		count = atomic_read(&se_devices.count);
1553 		if (count >= CPT_MAX_VF_NUM) {
1554 			dev_err(&pdev->dev, "No space to add a new device\n");
1555 			ret = -ENOSPC;
1556 			goto err;
1557 		}
1558 		se_devices.desc[count].pf_type = pf_type;
1559 		se_devices.desc[count].num_queues = num_queues;
1560 		se_devices.desc[count++].dev = pdev;
1561 		atomic_inc(&se_devices.count);
1562 
1563 		if (atomic_read(&se_devices.count) == num_devices &&
1564 		    is_crypto_registered == false) {
1565 			if (cpt_register_algs()) {
1566 				dev_err(&pdev->dev,
1567 				   "Error in registering crypto algorithms\n");
1568 				ret =  -EINVAL;
1569 				goto err;
1570 			}
1571 			try_module_get(mod);
1572 			is_crypto_registered = true;
1573 		}
1574 		sort(se_devices.desc, count, sizeof(struct cpt_device_desc),
1575 		     compare_func, NULL);
1576 		break;
1577 
1578 	case OTX_CPT_AE_TYPES:
1579 		count = atomic_read(&ae_devices.count);
1580 		if (count >= CPT_MAX_VF_NUM) {
1581 			dev_err(&pdev->dev, "No space to a add new device\n");
1582 			ret = -ENOSPC;
1583 			goto err;
1584 		}
1585 		ae_devices.desc[count].pf_type = pf_type;
1586 		ae_devices.desc[count].num_queues = num_queues;
1587 		ae_devices.desc[count++].dev = pdev;
1588 		atomic_inc(&ae_devices.count);
1589 		sort(ae_devices.desc, count, sizeof(struct cpt_device_desc),
1590 		     compare_func, NULL);
1591 		break;
1592 
1593 	default:
1594 		dev_err(&pdev->dev, "Unknown VF type %d\n", engine_type);
1595 		ret = BAD_OTX_CPTVF_TYPE;
1596 	}
1597 err:
1598 	mutex_unlock(&mutex);
1599 	return ret;
1600 }
1601 
1602 void otx_cpt_crypto_exit(struct pci_dev *pdev, struct module *mod,
1603 			 enum otx_cptvf_type engine_type)
1604 {
1605 	struct cpt_device_table *dev_tbl;
1606 	bool dev_found = false;
1607 	int i, j, count;
1608 
1609 	mutex_lock(&mutex);
1610 
1611 	dev_tbl = (engine_type == OTX_CPT_AE_TYPES) ? &ae_devices : &se_devices;
1612 	count = atomic_read(&dev_tbl->count);
1613 	for (i = 0; i < count; i++)
1614 		if (pdev == dev_tbl->desc[i].dev) {
1615 			for (j = i; j < count-1; j++)
1616 				dev_tbl->desc[j] = dev_tbl->desc[j+1];
1617 			dev_found = true;
1618 			break;
1619 		}
1620 
1621 	if (!dev_found) {
1622 		dev_err(&pdev->dev, "%s device not found\n", __func__);
1623 		goto exit;
1624 	}
1625 
1626 	if (engine_type != OTX_CPT_AE_TYPES) {
1627 		if (atomic_dec_and_test(&se_devices.count) &&
1628 		    !is_any_alg_used()) {
1629 			cpt_unregister_algs();
1630 			module_put(mod);
1631 			is_crypto_registered = false;
1632 		}
1633 	} else
1634 		atomic_dec(&ae_devices.count);
1635 exit:
1636 	mutex_unlock(&mutex);
1637 }
1638