1 /* 2 * talitos - Freescale Integrated Security Engine (SEC) device driver 3 * 4 * Copyright (c) 2008-2011 Freescale Semiconductor, Inc. 5 * 6 * Scatterlist Crypto API glue code copied from files with the following: 7 * Copyright (c) 2006-2007 Herbert Xu <herbert@gondor.apana.org.au> 8 * 9 * Crypto algorithm registration code copied from hifn driver: 10 * 2007+ Copyright (c) Evgeniy Polyakov <johnpol@2ka.mipt.ru> 11 * All rights reserved. 12 * 13 * This program is free software; you can redistribute it and/or modify 14 * it under the terms of the GNU General Public License as published by 15 * the Free Software Foundation; either version 2 of the License, or 16 * (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 * GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with this program; if not, write to the Free Software 25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 26 */ 27 28 #include <linux/kernel.h> 29 #include <linux/module.h> 30 #include <linux/mod_devicetable.h> 31 #include <linux/device.h> 32 #include <linux/interrupt.h> 33 #include <linux/crypto.h> 34 #include <linux/hw_random.h> 35 #include <linux/of_platform.h> 36 #include <linux/dma-mapping.h> 37 #include <linux/io.h> 38 #include <linux/spinlock.h> 39 #include <linux/rtnetlink.h> 40 #include <linux/slab.h> 41 42 #include <crypto/algapi.h> 43 #include <crypto/aes.h> 44 #include <crypto/des.h> 45 #include <crypto/sha.h> 46 #include <crypto/md5.h> 47 #include <crypto/aead.h> 48 #include <crypto/authenc.h> 49 #include <crypto/skcipher.h> 50 #include <crypto/hash.h> 51 #include <crypto/internal/hash.h> 52 #include <crypto/scatterwalk.h> 53 54 #include "talitos.h" 55 56 #define TALITOS_TIMEOUT 100000 57 #define TALITOS_MAX_DATA_LEN 65535 58 59 #define DESC_TYPE(desc_hdr) ((be32_to_cpu(desc_hdr) >> 3) & 0x1f) 60 #define PRIMARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 28) & 0xf) 61 #define SECONDARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 16) & 0xf) 62 63 /* descriptor pointer entry */ 64 struct talitos_ptr { 65 __be16 len; /* length */ 66 u8 j_extent; /* jump to sg link table and/or extent */ 67 u8 eptr; /* extended address */ 68 __be32 ptr; /* address */ 69 }; 70 71 static const struct talitos_ptr zero_entry = { 72 .len = 0, 73 .j_extent = 0, 74 .eptr = 0, 75 .ptr = 0 76 }; 77 78 /* descriptor */ 79 struct talitos_desc { 80 __be32 hdr; /* header high bits */ 81 __be32 hdr_lo; /* header low bits */ 82 struct talitos_ptr ptr[7]; /* ptr/len pair array */ 83 }; 84 85 /** 86 * talitos_request - descriptor submission request 87 * @desc: descriptor pointer (kernel virtual) 88 * @dma_desc: descriptor's physical bus address 89 * @callback: whom to call when descriptor processing is done 90 * @context: caller context (optional) 91 */ 92 struct talitos_request { 93 struct talitos_desc *desc; 94 dma_addr_t dma_desc; 95 void (*callback) (struct device *dev, struct talitos_desc *desc, 96 void *context, int error); 97 void *context; 98 }; 99 100 /* per-channel fifo management */ 101 struct talitos_channel { 102 /* request fifo */ 103 struct talitos_request *fifo; 104 105 /* number of requests pending in channel h/w fifo */ 106 atomic_t submit_count ____cacheline_aligned; 107 108 /* request submission (head) lock */ 109 spinlock_t head_lock ____cacheline_aligned; 110 /* index to next free descriptor request */ 111 int head; 112 113 /* request release (tail) lock */ 114 spinlock_t tail_lock ____cacheline_aligned; 115 /* index to next in-progress/done descriptor request */ 116 int tail; 117 }; 118 119 struct talitos_private { 120 struct device *dev; 121 struct platform_device *ofdev; 122 void __iomem *reg; 123 int irq; 124 125 /* SEC version geometry (from device tree node) */ 126 unsigned int num_channels; 127 unsigned int chfifo_len; 128 unsigned int exec_units; 129 unsigned int desc_types; 130 131 /* SEC Compatibility info */ 132 unsigned long features; 133 134 /* 135 * length of the request fifo 136 * fifo_len is chfifo_len rounded up to next power of 2 137 * so we can use bitwise ops to wrap 138 */ 139 unsigned int fifo_len; 140 141 struct talitos_channel *chan; 142 143 /* next channel to be assigned next incoming descriptor */ 144 atomic_t last_chan ____cacheline_aligned; 145 146 /* request callback tasklet */ 147 struct tasklet_struct done_task; 148 149 /* list of registered algorithms */ 150 struct list_head alg_list; 151 152 /* hwrng device */ 153 struct hwrng rng; 154 }; 155 156 /* .features flag */ 157 #define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x00000001 158 #define TALITOS_FTR_HW_AUTH_CHECK 0x00000002 159 #define TALITOS_FTR_SHA224_HWINIT 0x00000004 160 161 static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t dma_addr) 162 { 163 talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr)); 164 talitos_ptr->eptr = upper_32_bits(dma_addr); 165 } 166 167 /* 168 * map virtual single (contiguous) pointer to h/w descriptor pointer 169 */ 170 static void map_single_talitos_ptr(struct device *dev, 171 struct talitos_ptr *talitos_ptr, 172 unsigned short len, void *data, 173 unsigned char extent, 174 enum dma_data_direction dir) 175 { 176 dma_addr_t dma_addr = dma_map_single(dev, data, len, dir); 177 178 talitos_ptr->len = cpu_to_be16(len); 179 to_talitos_ptr(talitos_ptr, dma_addr); 180 talitos_ptr->j_extent = extent; 181 } 182 183 /* 184 * unmap bus single (contiguous) h/w descriptor pointer 185 */ 186 static void unmap_single_talitos_ptr(struct device *dev, 187 struct talitos_ptr *talitos_ptr, 188 enum dma_data_direction dir) 189 { 190 dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr), 191 be16_to_cpu(talitos_ptr->len), dir); 192 } 193 194 static int reset_channel(struct device *dev, int ch) 195 { 196 struct talitos_private *priv = dev_get_drvdata(dev); 197 unsigned int timeout = TALITOS_TIMEOUT; 198 199 setbits32(priv->reg + TALITOS_CCCR(ch), TALITOS_CCCR_RESET); 200 201 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & TALITOS_CCCR_RESET) 202 && --timeout) 203 cpu_relax(); 204 205 if (timeout == 0) { 206 dev_err(dev, "failed to reset channel %d\n", ch); 207 return -EIO; 208 } 209 210 /* set 36-bit addressing, done writeback enable and done IRQ enable */ 211 setbits32(priv->reg + TALITOS_CCCR_LO(ch), TALITOS_CCCR_LO_EAE | 212 TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE); 213 214 /* and ICCR writeback, if available */ 215 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK) 216 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 217 TALITOS_CCCR_LO_IWSE); 218 219 return 0; 220 } 221 222 static int reset_device(struct device *dev) 223 { 224 struct talitos_private *priv = dev_get_drvdata(dev); 225 unsigned int timeout = TALITOS_TIMEOUT; 226 227 setbits32(priv->reg + TALITOS_MCR, TALITOS_MCR_SWR); 228 229 while ((in_be32(priv->reg + TALITOS_MCR) & TALITOS_MCR_SWR) 230 && --timeout) 231 cpu_relax(); 232 233 if (timeout == 0) { 234 dev_err(dev, "failed to reset device\n"); 235 return -EIO; 236 } 237 238 return 0; 239 } 240 241 /* 242 * Reset and initialize the device 243 */ 244 static int init_device(struct device *dev) 245 { 246 struct talitos_private *priv = dev_get_drvdata(dev); 247 int ch, err; 248 249 /* 250 * Master reset 251 * errata documentation: warning: certain SEC interrupts 252 * are not fully cleared by writing the MCR:SWR bit, 253 * set bit twice to completely reset 254 */ 255 err = reset_device(dev); 256 if (err) 257 return err; 258 259 err = reset_device(dev); 260 if (err) 261 return err; 262 263 /* reset channels */ 264 for (ch = 0; ch < priv->num_channels; ch++) { 265 err = reset_channel(dev, ch); 266 if (err) 267 return err; 268 } 269 270 /* enable channel done and error interrupts */ 271 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT); 272 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); 273 274 /* disable integrity check error interrupts (use writeback instead) */ 275 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK) 276 setbits32(priv->reg + TALITOS_MDEUICR_LO, 277 TALITOS_MDEUICR_LO_ICE); 278 279 return 0; 280 } 281 282 /** 283 * talitos_submit - submits a descriptor to the device for processing 284 * @dev: the SEC device to be used 285 * @ch: the SEC device channel to be used 286 * @desc: the descriptor to be processed by the device 287 * @callback: whom to call when processing is complete 288 * @context: a handle for use by caller (optional) 289 * 290 * desc must contain valid dma-mapped (bus physical) address pointers. 291 * callback must check err and feedback in descriptor header 292 * for device processing status. 293 */ 294 static int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc, 295 void (*callback)(struct device *dev, 296 struct talitos_desc *desc, 297 void *context, int error), 298 void *context) 299 { 300 struct talitos_private *priv = dev_get_drvdata(dev); 301 struct talitos_request *request; 302 unsigned long flags; 303 int head; 304 305 spin_lock_irqsave(&priv->chan[ch].head_lock, flags); 306 307 if (!atomic_inc_not_zero(&priv->chan[ch].submit_count)) { 308 /* h/w fifo is full */ 309 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags); 310 return -EAGAIN; 311 } 312 313 head = priv->chan[ch].head; 314 request = &priv->chan[ch].fifo[head]; 315 316 /* map descriptor and save caller data */ 317 request->dma_desc = dma_map_single(dev, desc, sizeof(*desc), 318 DMA_BIDIRECTIONAL); 319 request->callback = callback; 320 request->context = context; 321 322 /* increment fifo head */ 323 priv->chan[ch].head = (priv->chan[ch].head + 1) & (priv->fifo_len - 1); 324 325 smp_wmb(); 326 request->desc = desc; 327 328 /* GO! */ 329 wmb(); 330 out_be32(priv->reg + TALITOS_FF(ch), upper_32_bits(request->dma_desc)); 331 out_be32(priv->reg + TALITOS_FF_LO(ch), 332 lower_32_bits(request->dma_desc)); 333 334 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags); 335 336 return -EINPROGRESS; 337 } 338 339 /* 340 * process what was done, notify callback of error if not 341 */ 342 static void flush_channel(struct device *dev, int ch, int error, int reset_ch) 343 { 344 struct talitos_private *priv = dev_get_drvdata(dev); 345 struct talitos_request *request, saved_req; 346 unsigned long flags; 347 int tail, status; 348 349 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags); 350 351 tail = priv->chan[ch].tail; 352 while (priv->chan[ch].fifo[tail].desc) { 353 request = &priv->chan[ch].fifo[tail]; 354 355 /* descriptors with their done bits set don't get the error */ 356 rmb(); 357 if ((request->desc->hdr & DESC_HDR_DONE) == DESC_HDR_DONE) 358 status = 0; 359 else 360 if (!error) 361 break; 362 else 363 status = error; 364 365 dma_unmap_single(dev, request->dma_desc, 366 sizeof(struct talitos_desc), 367 DMA_BIDIRECTIONAL); 368 369 /* copy entries so we can call callback outside lock */ 370 saved_req.desc = request->desc; 371 saved_req.callback = request->callback; 372 saved_req.context = request->context; 373 374 /* release request entry in fifo */ 375 smp_wmb(); 376 request->desc = NULL; 377 378 /* increment fifo tail */ 379 priv->chan[ch].tail = (tail + 1) & (priv->fifo_len - 1); 380 381 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags); 382 383 atomic_dec(&priv->chan[ch].submit_count); 384 385 saved_req.callback(dev, saved_req.desc, saved_req.context, 386 status); 387 /* channel may resume processing in single desc error case */ 388 if (error && !reset_ch && status == error) 389 return; 390 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags); 391 tail = priv->chan[ch].tail; 392 } 393 394 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags); 395 } 396 397 /* 398 * process completed requests for channels that have done status 399 */ 400 static void talitos_done(unsigned long data) 401 { 402 struct device *dev = (struct device *)data; 403 struct talitos_private *priv = dev_get_drvdata(dev); 404 int ch; 405 406 for (ch = 0; ch < priv->num_channels; ch++) 407 flush_channel(dev, ch, 0, 0); 408 409 /* At this point, all completed channels have been processed. 410 * Unmask done interrupts for channels completed later on. 411 */ 412 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT); 413 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); 414 } 415 416 /* 417 * locate current (offending) descriptor 418 */ 419 static struct talitos_desc *current_desc(struct device *dev, int ch) 420 { 421 struct talitos_private *priv = dev_get_drvdata(dev); 422 int tail = priv->chan[ch].tail; 423 dma_addr_t cur_desc; 424 425 cur_desc = in_be32(priv->reg + TALITOS_CDPR_LO(ch)); 426 427 while (priv->chan[ch].fifo[tail].dma_desc != cur_desc) { 428 tail = (tail + 1) & (priv->fifo_len - 1); 429 if (tail == priv->chan[ch].tail) { 430 dev_err(dev, "couldn't locate current descriptor\n"); 431 return NULL; 432 } 433 } 434 435 return priv->chan[ch].fifo[tail].desc; 436 } 437 438 /* 439 * user diagnostics; report root cause of error based on execution unit status 440 */ 441 static void report_eu_error(struct device *dev, int ch, 442 struct talitos_desc *desc) 443 { 444 struct talitos_private *priv = dev_get_drvdata(dev); 445 int i; 446 447 switch (desc->hdr & DESC_HDR_SEL0_MASK) { 448 case DESC_HDR_SEL0_AFEU: 449 dev_err(dev, "AFEUISR 0x%08x_%08x\n", 450 in_be32(priv->reg + TALITOS_AFEUISR), 451 in_be32(priv->reg + TALITOS_AFEUISR_LO)); 452 break; 453 case DESC_HDR_SEL0_DEU: 454 dev_err(dev, "DEUISR 0x%08x_%08x\n", 455 in_be32(priv->reg + TALITOS_DEUISR), 456 in_be32(priv->reg + TALITOS_DEUISR_LO)); 457 break; 458 case DESC_HDR_SEL0_MDEUA: 459 case DESC_HDR_SEL0_MDEUB: 460 dev_err(dev, "MDEUISR 0x%08x_%08x\n", 461 in_be32(priv->reg + TALITOS_MDEUISR), 462 in_be32(priv->reg + TALITOS_MDEUISR_LO)); 463 break; 464 case DESC_HDR_SEL0_RNG: 465 dev_err(dev, "RNGUISR 0x%08x_%08x\n", 466 in_be32(priv->reg + TALITOS_RNGUISR), 467 in_be32(priv->reg + TALITOS_RNGUISR_LO)); 468 break; 469 case DESC_HDR_SEL0_PKEU: 470 dev_err(dev, "PKEUISR 0x%08x_%08x\n", 471 in_be32(priv->reg + TALITOS_PKEUISR), 472 in_be32(priv->reg + TALITOS_PKEUISR_LO)); 473 break; 474 case DESC_HDR_SEL0_AESU: 475 dev_err(dev, "AESUISR 0x%08x_%08x\n", 476 in_be32(priv->reg + TALITOS_AESUISR), 477 in_be32(priv->reg + TALITOS_AESUISR_LO)); 478 break; 479 case DESC_HDR_SEL0_CRCU: 480 dev_err(dev, "CRCUISR 0x%08x_%08x\n", 481 in_be32(priv->reg + TALITOS_CRCUISR), 482 in_be32(priv->reg + TALITOS_CRCUISR_LO)); 483 break; 484 case DESC_HDR_SEL0_KEU: 485 dev_err(dev, "KEUISR 0x%08x_%08x\n", 486 in_be32(priv->reg + TALITOS_KEUISR), 487 in_be32(priv->reg + TALITOS_KEUISR_LO)); 488 break; 489 } 490 491 switch (desc->hdr & DESC_HDR_SEL1_MASK) { 492 case DESC_HDR_SEL1_MDEUA: 493 case DESC_HDR_SEL1_MDEUB: 494 dev_err(dev, "MDEUISR 0x%08x_%08x\n", 495 in_be32(priv->reg + TALITOS_MDEUISR), 496 in_be32(priv->reg + TALITOS_MDEUISR_LO)); 497 break; 498 case DESC_HDR_SEL1_CRCU: 499 dev_err(dev, "CRCUISR 0x%08x_%08x\n", 500 in_be32(priv->reg + TALITOS_CRCUISR), 501 in_be32(priv->reg + TALITOS_CRCUISR_LO)); 502 break; 503 } 504 505 for (i = 0; i < 8; i++) 506 dev_err(dev, "DESCBUF 0x%08x_%08x\n", 507 in_be32(priv->reg + TALITOS_DESCBUF(ch) + 8*i), 508 in_be32(priv->reg + TALITOS_DESCBUF_LO(ch) + 8*i)); 509 } 510 511 /* 512 * recover from error interrupts 513 */ 514 static void talitos_error(unsigned long data, u32 isr, u32 isr_lo) 515 { 516 struct device *dev = (struct device *)data; 517 struct talitos_private *priv = dev_get_drvdata(dev); 518 unsigned int timeout = TALITOS_TIMEOUT; 519 int ch, error, reset_dev = 0, reset_ch = 0; 520 u32 v, v_lo; 521 522 for (ch = 0; ch < priv->num_channels; ch++) { 523 /* skip channels without errors */ 524 if (!(isr & (1 << (ch * 2 + 1)))) 525 continue; 526 527 error = -EINVAL; 528 529 v = in_be32(priv->reg + TALITOS_CCPSR(ch)); 530 v_lo = in_be32(priv->reg + TALITOS_CCPSR_LO(ch)); 531 532 if (v_lo & TALITOS_CCPSR_LO_DOF) { 533 dev_err(dev, "double fetch fifo overflow error\n"); 534 error = -EAGAIN; 535 reset_ch = 1; 536 } 537 if (v_lo & TALITOS_CCPSR_LO_SOF) { 538 /* h/w dropped descriptor */ 539 dev_err(dev, "single fetch fifo overflow error\n"); 540 error = -EAGAIN; 541 } 542 if (v_lo & TALITOS_CCPSR_LO_MDTE) 543 dev_err(dev, "master data transfer error\n"); 544 if (v_lo & TALITOS_CCPSR_LO_SGDLZ) 545 dev_err(dev, "s/g data length zero error\n"); 546 if (v_lo & TALITOS_CCPSR_LO_FPZ) 547 dev_err(dev, "fetch pointer zero error\n"); 548 if (v_lo & TALITOS_CCPSR_LO_IDH) 549 dev_err(dev, "illegal descriptor header error\n"); 550 if (v_lo & TALITOS_CCPSR_LO_IEU) 551 dev_err(dev, "invalid execution unit error\n"); 552 if (v_lo & TALITOS_CCPSR_LO_EU) 553 report_eu_error(dev, ch, current_desc(dev, ch)); 554 if (v_lo & TALITOS_CCPSR_LO_GB) 555 dev_err(dev, "gather boundary error\n"); 556 if (v_lo & TALITOS_CCPSR_LO_GRL) 557 dev_err(dev, "gather return/length error\n"); 558 if (v_lo & TALITOS_CCPSR_LO_SB) 559 dev_err(dev, "scatter boundary error\n"); 560 if (v_lo & TALITOS_CCPSR_LO_SRL) 561 dev_err(dev, "scatter return/length error\n"); 562 563 flush_channel(dev, ch, error, reset_ch); 564 565 if (reset_ch) { 566 reset_channel(dev, ch); 567 } else { 568 setbits32(priv->reg + TALITOS_CCCR(ch), 569 TALITOS_CCCR_CONT); 570 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 0); 571 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & 572 TALITOS_CCCR_CONT) && --timeout) 573 cpu_relax(); 574 if (timeout == 0) { 575 dev_err(dev, "failed to restart channel %d\n", 576 ch); 577 reset_dev = 1; 578 } 579 } 580 } 581 if (reset_dev || isr & ~TALITOS_ISR_CHERR || isr_lo) { 582 dev_err(dev, "done overflow, internal time out, or rngu error: " 583 "ISR 0x%08x_%08x\n", isr, isr_lo); 584 585 /* purge request queues */ 586 for (ch = 0; ch < priv->num_channels; ch++) 587 flush_channel(dev, ch, -EIO, 1); 588 589 /* reset and reinitialize the device */ 590 init_device(dev); 591 } 592 } 593 594 static irqreturn_t talitos_interrupt(int irq, void *data) 595 { 596 struct device *dev = data; 597 struct talitos_private *priv = dev_get_drvdata(dev); 598 u32 isr, isr_lo; 599 600 isr = in_be32(priv->reg + TALITOS_ISR); 601 isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); 602 /* Acknowledge interrupt */ 603 out_be32(priv->reg + TALITOS_ICR, isr); 604 out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); 605 606 if (unlikely((isr & ~TALITOS_ISR_CHDONE) || isr_lo)) 607 talitos_error((unsigned long)data, isr, isr_lo); 608 else 609 if (likely(isr & TALITOS_ISR_CHDONE)) { 610 /* mask further done interrupts. */ 611 clrbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_DONE); 612 /* done_task will unmask done interrupts at exit */ 613 tasklet_schedule(&priv->done_task); 614 } 615 616 return (isr || isr_lo) ? IRQ_HANDLED : IRQ_NONE; 617 } 618 619 /* 620 * hwrng 621 */ 622 static int talitos_rng_data_present(struct hwrng *rng, int wait) 623 { 624 struct device *dev = (struct device *)rng->priv; 625 struct talitos_private *priv = dev_get_drvdata(dev); 626 u32 ofl; 627 int i; 628 629 for (i = 0; i < 20; i++) { 630 ofl = in_be32(priv->reg + TALITOS_RNGUSR_LO) & 631 TALITOS_RNGUSR_LO_OFL; 632 if (ofl || !wait) 633 break; 634 udelay(10); 635 } 636 637 return !!ofl; 638 } 639 640 static int talitos_rng_data_read(struct hwrng *rng, u32 *data) 641 { 642 struct device *dev = (struct device *)rng->priv; 643 struct talitos_private *priv = dev_get_drvdata(dev); 644 645 /* rng fifo requires 64-bit accesses */ 646 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO); 647 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO_LO); 648 649 return sizeof(u32); 650 } 651 652 static int talitos_rng_init(struct hwrng *rng) 653 { 654 struct device *dev = (struct device *)rng->priv; 655 struct talitos_private *priv = dev_get_drvdata(dev); 656 unsigned int timeout = TALITOS_TIMEOUT; 657 658 setbits32(priv->reg + TALITOS_RNGURCR_LO, TALITOS_RNGURCR_LO_SR); 659 while (!(in_be32(priv->reg + TALITOS_RNGUSR_LO) & TALITOS_RNGUSR_LO_RD) 660 && --timeout) 661 cpu_relax(); 662 if (timeout == 0) { 663 dev_err(dev, "failed to reset rng hw\n"); 664 return -ENODEV; 665 } 666 667 /* start generating */ 668 setbits32(priv->reg + TALITOS_RNGUDSR_LO, 0); 669 670 return 0; 671 } 672 673 static int talitos_register_rng(struct device *dev) 674 { 675 struct talitos_private *priv = dev_get_drvdata(dev); 676 677 priv->rng.name = dev_driver_string(dev), 678 priv->rng.init = talitos_rng_init, 679 priv->rng.data_present = talitos_rng_data_present, 680 priv->rng.data_read = talitos_rng_data_read, 681 priv->rng.priv = (unsigned long)dev; 682 683 return hwrng_register(&priv->rng); 684 } 685 686 static void talitos_unregister_rng(struct device *dev) 687 { 688 struct talitos_private *priv = dev_get_drvdata(dev); 689 690 hwrng_unregister(&priv->rng); 691 } 692 693 /* 694 * crypto alg 695 */ 696 #define TALITOS_CRA_PRIORITY 3000 697 #define TALITOS_MAX_KEY_SIZE 64 698 #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */ 699 700 #define MD5_BLOCK_SIZE 64 701 702 struct talitos_ctx { 703 struct device *dev; 704 int ch; 705 __be32 desc_hdr_template; 706 u8 key[TALITOS_MAX_KEY_SIZE]; 707 u8 iv[TALITOS_MAX_IV_LENGTH]; 708 unsigned int keylen; 709 unsigned int enckeylen; 710 unsigned int authkeylen; 711 unsigned int authsize; 712 }; 713 714 #define HASH_MAX_BLOCK_SIZE SHA512_BLOCK_SIZE 715 #define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512 716 717 struct talitos_ahash_req_ctx { 718 u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)]; 719 unsigned int hw_context_size; 720 u8 buf[HASH_MAX_BLOCK_SIZE]; 721 u8 bufnext[HASH_MAX_BLOCK_SIZE]; 722 unsigned int swinit; 723 unsigned int first; 724 unsigned int last; 725 unsigned int to_hash_later; 726 u64 nbuf; 727 struct scatterlist bufsl[2]; 728 struct scatterlist *psrc; 729 }; 730 731 static int aead_setauthsize(struct crypto_aead *authenc, 732 unsigned int authsize) 733 { 734 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 735 736 ctx->authsize = authsize; 737 738 return 0; 739 } 740 741 static int aead_setkey(struct crypto_aead *authenc, 742 const u8 *key, unsigned int keylen) 743 { 744 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 745 struct rtattr *rta = (void *)key; 746 struct crypto_authenc_key_param *param; 747 unsigned int authkeylen; 748 unsigned int enckeylen; 749 750 if (!RTA_OK(rta, keylen)) 751 goto badkey; 752 753 if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM) 754 goto badkey; 755 756 if (RTA_PAYLOAD(rta) < sizeof(*param)) 757 goto badkey; 758 759 param = RTA_DATA(rta); 760 enckeylen = be32_to_cpu(param->enckeylen); 761 762 key += RTA_ALIGN(rta->rta_len); 763 keylen -= RTA_ALIGN(rta->rta_len); 764 765 if (keylen < enckeylen) 766 goto badkey; 767 768 authkeylen = keylen - enckeylen; 769 770 if (keylen > TALITOS_MAX_KEY_SIZE) 771 goto badkey; 772 773 memcpy(&ctx->key, key, keylen); 774 775 ctx->keylen = keylen; 776 ctx->enckeylen = enckeylen; 777 ctx->authkeylen = authkeylen; 778 779 return 0; 780 781 badkey: 782 crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN); 783 return -EINVAL; 784 } 785 786 /* 787 * talitos_edesc - s/w-extended descriptor 788 * @src_nents: number of segments in input scatterlist 789 * @dst_nents: number of segments in output scatterlist 790 * @dma_len: length of dma mapped link_tbl space 791 * @dma_link_tbl: bus physical address of link_tbl 792 * @desc: h/w descriptor 793 * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1) 794 * 795 * if decrypting (with authcheck), or either one of src_nents or dst_nents 796 * is greater than 1, an integrity check value is concatenated to the end 797 * of link_tbl data 798 */ 799 struct talitos_edesc { 800 int src_nents; 801 int dst_nents; 802 int src_is_chained; 803 int dst_is_chained; 804 int dma_len; 805 dma_addr_t dma_link_tbl; 806 struct talitos_desc desc; 807 struct talitos_ptr link_tbl[0]; 808 }; 809 810 static int talitos_map_sg(struct device *dev, struct scatterlist *sg, 811 unsigned int nents, enum dma_data_direction dir, 812 int chained) 813 { 814 if (unlikely(chained)) 815 while (sg) { 816 dma_map_sg(dev, sg, 1, dir); 817 sg = scatterwalk_sg_next(sg); 818 } 819 else 820 dma_map_sg(dev, sg, nents, dir); 821 return nents; 822 } 823 824 static void talitos_unmap_sg_chain(struct device *dev, struct scatterlist *sg, 825 enum dma_data_direction dir) 826 { 827 while (sg) { 828 dma_unmap_sg(dev, sg, 1, dir); 829 sg = scatterwalk_sg_next(sg); 830 } 831 } 832 833 static void talitos_sg_unmap(struct device *dev, 834 struct talitos_edesc *edesc, 835 struct scatterlist *src, 836 struct scatterlist *dst) 837 { 838 unsigned int src_nents = edesc->src_nents ? : 1; 839 unsigned int dst_nents = edesc->dst_nents ? : 1; 840 841 if (src != dst) { 842 if (edesc->src_is_chained) 843 talitos_unmap_sg_chain(dev, src, DMA_TO_DEVICE); 844 else 845 dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE); 846 847 if (dst) { 848 if (edesc->dst_is_chained) 849 talitos_unmap_sg_chain(dev, dst, 850 DMA_FROM_DEVICE); 851 else 852 dma_unmap_sg(dev, dst, dst_nents, 853 DMA_FROM_DEVICE); 854 } 855 } else 856 if (edesc->src_is_chained) 857 talitos_unmap_sg_chain(dev, src, DMA_BIDIRECTIONAL); 858 else 859 dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL); 860 } 861 862 static void ipsec_esp_unmap(struct device *dev, 863 struct talitos_edesc *edesc, 864 struct aead_request *areq) 865 { 866 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6], DMA_FROM_DEVICE); 867 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[3], DMA_TO_DEVICE); 868 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE); 869 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[0], DMA_TO_DEVICE); 870 871 dma_unmap_sg(dev, areq->assoc, 1, DMA_TO_DEVICE); 872 873 talitos_sg_unmap(dev, edesc, areq->src, areq->dst); 874 875 if (edesc->dma_len) 876 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 877 DMA_BIDIRECTIONAL); 878 } 879 880 /* 881 * ipsec_esp descriptor callbacks 882 */ 883 static void ipsec_esp_encrypt_done(struct device *dev, 884 struct talitos_desc *desc, void *context, 885 int err) 886 { 887 struct aead_request *areq = context; 888 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 889 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 890 struct talitos_edesc *edesc; 891 struct scatterlist *sg; 892 void *icvdata; 893 894 edesc = container_of(desc, struct talitos_edesc, desc); 895 896 ipsec_esp_unmap(dev, edesc, areq); 897 898 /* copy the generated ICV to dst */ 899 if (edesc->dma_len) { 900 icvdata = &edesc->link_tbl[edesc->src_nents + 901 edesc->dst_nents + 2]; 902 sg = sg_last(areq->dst, edesc->dst_nents); 903 memcpy((char *)sg_virt(sg) + sg->length - ctx->authsize, 904 icvdata, ctx->authsize); 905 } 906 907 kfree(edesc); 908 909 aead_request_complete(areq, err); 910 } 911 912 static void ipsec_esp_decrypt_swauth_done(struct device *dev, 913 struct talitos_desc *desc, 914 void *context, int err) 915 { 916 struct aead_request *req = context; 917 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 918 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 919 struct talitos_edesc *edesc; 920 struct scatterlist *sg; 921 void *icvdata; 922 923 edesc = container_of(desc, struct talitos_edesc, desc); 924 925 ipsec_esp_unmap(dev, edesc, req); 926 927 if (!err) { 928 /* auth check */ 929 if (edesc->dma_len) 930 icvdata = &edesc->link_tbl[edesc->src_nents + 931 edesc->dst_nents + 2]; 932 else 933 icvdata = &edesc->link_tbl[0]; 934 935 sg = sg_last(req->dst, edesc->dst_nents ? : 1); 936 err = memcmp(icvdata, (char *)sg_virt(sg) + sg->length - 937 ctx->authsize, ctx->authsize) ? -EBADMSG : 0; 938 } 939 940 kfree(edesc); 941 942 aead_request_complete(req, err); 943 } 944 945 static void ipsec_esp_decrypt_hwauth_done(struct device *dev, 946 struct talitos_desc *desc, 947 void *context, int err) 948 { 949 struct aead_request *req = context; 950 struct talitos_edesc *edesc; 951 952 edesc = container_of(desc, struct talitos_edesc, desc); 953 954 ipsec_esp_unmap(dev, edesc, req); 955 956 /* check ICV auth status */ 957 if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) != 958 DESC_HDR_LO_ICCR1_PASS)) 959 err = -EBADMSG; 960 961 kfree(edesc); 962 963 aead_request_complete(req, err); 964 } 965 966 /* 967 * convert scatterlist to SEC h/w link table format 968 * stop at cryptlen bytes 969 */ 970 static int sg_to_link_tbl(struct scatterlist *sg, int sg_count, 971 int cryptlen, struct talitos_ptr *link_tbl_ptr) 972 { 973 int n_sg = sg_count; 974 975 while (n_sg--) { 976 to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg)); 977 link_tbl_ptr->len = cpu_to_be16(sg_dma_len(sg)); 978 link_tbl_ptr->j_extent = 0; 979 link_tbl_ptr++; 980 cryptlen -= sg_dma_len(sg); 981 sg = scatterwalk_sg_next(sg); 982 } 983 984 /* adjust (decrease) last one (or two) entry's len to cryptlen */ 985 link_tbl_ptr--; 986 while (be16_to_cpu(link_tbl_ptr->len) <= (-cryptlen)) { 987 /* Empty this entry, and move to previous one */ 988 cryptlen += be16_to_cpu(link_tbl_ptr->len); 989 link_tbl_ptr->len = 0; 990 sg_count--; 991 link_tbl_ptr--; 992 } 993 link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len) 994 + cryptlen); 995 996 /* tag end of link table */ 997 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; 998 999 return sg_count; 1000 } 1001 1002 /* 1003 * fill in and submit ipsec_esp descriptor 1004 */ 1005 static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq, 1006 u8 *giv, u64 seq, 1007 void (*callback) (struct device *dev, 1008 struct talitos_desc *desc, 1009 void *context, int error)) 1010 { 1011 struct crypto_aead *aead = crypto_aead_reqtfm(areq); 1012 struct talitos_ctx *ctx = crypto_aead_ctx(aead); 1013 struct device *dev = ctx->dev; 1014 struct talitos_desc *desc = &edesc->desc; 1015 unsigned int cryptlen = areq->cryptlen; 1016 unsigned int authsize = ctx->authsize; 1017 unsigned int ivsize = crypto_aead_ivsize(aead); 1018 int sg_count, ret; 1019 int sg_link_tbl_len; 1020 1021 /* hmac key */ 1022 map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key, 1023 0, DMA_TO_DEVICE); 1024 /* hmac data */ 1025 map_single_talitos_ptr(dev, &desc->ptr[1], areq->assoclen + ivsize, 1026 sg_virt(areq->assoc), 0, DMA_TO_DEVICE); 1027 /* cipher iv */ 1028 map_single_talitos_ptr(dev, &desc->ptr[2], ivsize, giv ?: areq->iv, 0, 1029 DMA_TO_DEVICE); 1030 1031 /* cipher key */ 1032 map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen, 1033 (char *)&ctx->key + ctx->authkeylen, 0, 1034 DMA_TO_DEVICE); 1035 1036 /* 1037 * cipher in 1038 * map and adjust cipher len to aead request cryptlen. 1039 * extent is bytes of HMAC postpended to ciphertext, 1040 * typically 12 for ipsec 1041 */ 1042 desc->ptr[4].len = cpu_to_be16(cryptlen); 1043 desc->ptr[4].j_extent = authsize; 1044 1045 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1, 1046 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL 1047 : DMA_TO_DEVICE, 1048 edesc->src_is_chained); 1049 1050 if (sg_count == 1) { 1051 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->src)); 1052 } else { 1053 sg_link_tbl_len = cryptlen; 1054 1055 if (edesc->desc.hdr & DESC_HDR_MODE1_MDEU_CICV) 1056 sg_link_tbl_len = cryptlen + authsize; 1057 1058 sg_count = sg_to_link_tbl(areq->src, sg_count, sg_link_tbl_len, 1059 &edesc->link_tbl[0]); 1060 if (sg_count > 1) { 1061 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; 1062 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl); 1063 dma_sync_single_for_device(dev, edesc->dma_link_tbl, 1064 edesc->dma_len, 1065 DMA_BIDIRECTIONAL); 1066 } else { 1067 /* Only one segment now, so no link tbl needed */ 1068 to_talitos_ptr(&desc->ptr[4], 1069 sg_dma_address(areq->src)); 1070 } 1071 } 1072 1073 /* cipher out */ 1074 desc->ptr[5].len = cpu_to_be16(cryptlen); 1075 desc->ptr[5].j_extent = authsize; 1076 1077 if (areq->src != areq->dst) 1078 sg_count = talitos_map_sg(dev, areq->dst, 1079 edesc->dst_nents ? : 1, 1080 DMA_FROM_DEVICE, 1081 edesc->dst_is_chained); 1082 1083 if (sg_count == 1) { 1084 to_talitos_ptr(&desc->ptr[5], sg_dma_address(areq->dst)); 1085 } else { 1086 struct talitos_ptr *link_tbl_ptr = 1087 &edesc->link_tbl[edesc->src_nents + 1]; 1088 1089 to_talitos_ptr(&desc->ptr[5], edesc->dma_link_tbl + 1090 (edesc->src_nents + 1) * 1091 sizeof(struct talitos_ptr)); 1092 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, 1093 link_tbl_ptr); 1094 1095 /* Add an entry to the link table for ICV data */ 1096 link_tbl_ptr += sg_count - 1; 1097 link_tbl_ptr->j_extent = 0; 1098 sg_count++; 1099 link_tbl_ptr++; 1100 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; 1101 link_tbl_ptr->len = cpu_to_be16(authsize); 1102 1103 /* icv data follows link tables */ 1104 to_talitos_ptr(link_tbl_ptr, edesc->dma_link_tbl + 1105 (edesc->src_nents + edesc->dst_nents + 2) * 1106 sizeof(struct talitos_ptr)); 1107 desc->ptr[5].j_extent |= DESC_PTR_LNKTBL_JUMP; 1108 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, 1109 edesc->dma_len, DMA_BIDIRECTIONAL); 1110 } 1111 1112 /* iv out */ 1113 map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, 0, 1114 DMA_FROM_DEVICE); 1115 1116 ret = talitos_submit(dev, ctx->ch, desc, callback, areq); 1117 if (ret != -EINPROGRESS) { 1118 ipsec_esp_unmap(dev, edesc, areq); 1119 kfree(edesc); 1120 } 1121 return ret; 1122 } 1123 1124 /* 1125 * derive number of elements in scatterlist 1126 */ 1127 static int sg_count(struct scatterlist *sg_list, int nbytes, int *chained) 1128 { 1129 struct scatterlist *sg = sg_list; 1130 int sg_nents = 0; 1131 1132 *chained = 0; 1133 while (nbytes > 0) { 1134 sg_nents++; 1135 nbytes -= sg->length; 1136 if (!sg_is_last(sg) && (sg + 1)->length == 0) 1137 *chained = 1; 1138 sg = scatterwalk_sg_next(sg); 1139 } 1140 1141 return sg_nents; 1142 } 1143 1144 /** 1145 * sg_copy_end_to_buffer - Copy end data from SG list to a linear buffer 1146 * @sgl: The SG list 1147 * @nents: Number of SG entries 1148 * @buf: Where to copy to 1149 * @buflen: The number of bytes to copy 1150 * @skip: The number of bytes to skip before copying. 1151 * Note: skip + buflen should equal SG total size. 1152 * 1153 * Returns the number of copied bytes. 1154 * 1155 **/ 1156 static size_t sg_copy_end_to_buffer(struct scatterlist *sgl, unsigned int nents, 1157 void *buf, size_t buflen, unsigned int skip) 1158 { 1159 unsigned int offset = 0; 1160 unsigned int boffset = 0; 1161 struct sg_mapping_iter miter; 1162 unsigned long flags; 1163 unsigned int sg_flags = SG_MITER_ATOMIC; 1164 size_t total_buffer = buflen + skip; 1165 1166 sg_flags |= SG_MITER_FROM_SG; 1167 1168 sg_miter_start(&miter, sgl, nents, sg_flags); 1169 1170 local_irq_save(flags); 1171 1172 while (sg_miter_next(&miter) && offset < total_buffer) { 1173 unsigned int len; 1174 unsigned int ignore; 1175 1176 if ((offset + miter.length) > skip) { 1177 if (offset < skip) { 1178 /* Copy part of this segment */ 1179 ignore = skip - offset; 1180 len = miter.length - ignore; 1181 if (boffset + len > buflen) 1182 len = buflen - boffset; 1183 memcpy(buf + boffset, miter.addr + ignore, len); 1184 } else { 1185 /* Copy all of this segment (up to buflen) */ 1186 len = miter.length; 1187 if (boffset + len > buflen) 1188 len = buflen - boffset; 1189 memcpy(buf + boffset, miter.addr, len); 1190 } 1191 boffset += len; 1192 } 1193 offset += miter.length; 1194 } 1195 1196 sg_miter_stop(&miter); 1197 1198 local_irq_restore(flags); 1199 return boffset; 1200 } 1201 1202 /* 1203 * allocate and map the extended descriptor 1204 */ 1205 static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, 1206 struct scatterlist *src, 1207 struct scatterlist *dst, 1208 int hash_result, 1209 unsigned int cryptlen, 1210 unsigned int authsize, 1211 int icv_stashing, 1212 u32 cryptoflags) 1213 { 1214 struct talitos_edesc *edesc; 1215 int src_nents, dst_nents, alloc_len, dma_len; 1216 int src_chained, dst_chained = 0; 1217 gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : 1218 GFP_ATOMIC; 1219 1220 if (cryptlen + authsize > TALITOS_MAX_DATA_LEN) { 1221 dev_err(dev, "length exceeds h/w max limit\n"); 1222 return ERR_PTR(-EINVAL); 1223 } 1224 1225 src_nents = sg_count(src, cryptlen + authsize, &src_chained); 1226 src_nents = (src_nents == 1) ? 0 : src_nents; 1227 1228 if (hash_result) { 1229 dst_nents = 0; 1230 } else { 1231 if (dst == src) { 1232 dst_nents = src_nents; 1233 } else { 1234 dst_nents = sg_count(dst, cryptlen + authsize, 1235 &dst_chained); 1236 dst_nents = (dst_nents == 1) ? 0 : dst_nents; 1237 } 1238 } 1239 1240 /* 1241 * allocate space for base edesc plus the link tables, 1242 * allowing for two separate entries for ICV and generated ICV (+ 2), 1243 * and the ICV data itself 1244 */ 1245 alloc_len = sizeof(struct talitos_edesc); 1246 if (src_nents || dst_nents) { 1247 dma_len = (src_nents + dst_nents + 2) * 1248 sizeof(struct talitos_ptr) + authsize; 1249 alloc_len += dma_len; 1250 } else { 1251 dma_len = 0; 1252 alloc_len += icv_stashing ? authsize : 0; 1253 } 1254 1255 edesc = kmalloc(alloc_len, GFP_DMA | flags); 1256 if (!edesc) { 1257 dev_err(dev, "could not allocate edescriptor\n"); 1258 return ERR_PTR(-ENOMEM); 1259 } 1260 1261 edesc->src_nents = src_nents; 1262 edesc->dst_nents = dst_nents; 1263 edesc->src_is_chained = src_chained; 1264 edesc->dst_is_chained = dst_chained; 1265 edesc->dma_len = dma_len; 1266 if (dma_len) 1267 edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0], 1268 edesc->dma_len, 1269 DMA_BIDIRECTIONAL); 1270 1271 return edesc; 1272 } 1273 1274 static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, 1275 int icv_stashing) 1276 { 1277 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 1278 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1279 1280 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 0, 1281 areq->cryptlen, ctx->authsize, icv_stashing, 1282 areq->base.flags); 1283 } 1284 1285 static int aead_encrypt(struct aead_request *req) 1286 { 1287 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 1288 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1289 struct talitos_edesc *edesc; 1290 1291 /* allocate extended descriptor */ 1292 edesc = aead_edesc_alloc(req, 0); 1293 if (IS_ERR(edesc)) 1294 return PTR_ERR(edesc); 1295 1296 /* set encrypt */ 1297 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1298 1299 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_encrypt_done); 1300 } 1301 1302 static int aead_decrypt(struct aead_request *req) 1303 { 1304 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 1305 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1306 unsigned int authsize = ctx->authsize; 1307 struct talitos_private *priv = dev_get_drvdata(ctx->dev); 1308 struct talitos_edesc *edesc; 1309 struct scatterlist *sg; 1310 void *icvdata; 1311 1312 req->cryptlen -= authsize; 1313 1314 /* allocate extended descriptor */ 1315 edesc = aead_edesc_alloc(req, 1); 1316 if (IS_ERR(edesc)) 1317 return PTR_ERR(edesc); 1318 1319 if ((priv->features & TALITOS_FTR_HW_AUTH_CHECK) && 1320 ((!edesc->src_nents && !edesc->dst_nents) || 1321 priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) { 1322 1323 /* decrypt and check the ICV */ 1324 edesc->desc.hdr = ctx->desc_hdr_template | 1325 DESC_HDR_DIR_INBOUND | 1326 DESC_HDR_MODE1_MDEU_CICV; 1327 1328 /* reset integrity check result bits */ 1329 edesc->desc.hdr_lo = 0; 1330 1331 return ipsec_esp(edesc, req, NULL, 0, 1332 ipsec_esp_decrypt_hwauth_done); 1333 1334 } 1335 1336 /* Have to check the ICV with software */ 1337 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND; 1338 1339 /* stash incoming ICV for later cmp with ICV generated by the h/w */ 1340 if (edesc->dma_len) 1341 icvdata = &edesc->link_tbl[edesc->src_nents + 1342 edesc->dst_nents + 2]; 1343 else 1344 icvdata = &edesc->link_tbl[0]; 1345 1346 sg = sg_last(req->src, edesc->src_nents ? : 1); 1347 1348 memcpy(icvdata, (char *)sg_virt(sg) + sg->length - ctx->authsize, 1349 ctx->authsize); 1350 1351 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_decrypt_swauth_done); 1352 } 1353 1354 static int aead_givencrypt(struct aead_givcrypt_request *req) 1355 { 1356 struct aead_request *areq = &req->areq; 1357 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 1358 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1359 struct talitos_edesc *edesc; 1360 1361 /* allocate extended descriptor */ 1362 edesc = aead_edesc_alloc(areq, 0); 1363 if (IS_ERR(edesc)) 1364 return PTR_ERR(edesc); 1365 1366 /* set encrypt */ 1367 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1368 1369 memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc)); 1370 /* avoid consecutive packets going out with same IV */ 1371 *(__be64 *)req->giv ^= cpu_to_be64(req->seq); 1372 1373 return ipsec_esp(edesc, areq, req->giv, req->seq, 1374 ipsec_esp_encrypt_done); 1375 } 1376 1377 static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, 1378 const u8 *key, unsigned int keylen) 1379 { 1380 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1381 1382 memcpy(&ctx->key, key, keylen); 1383 ctx->keylen = keylen; 1384 1385 return 0; 1386 } 1387 1388 static void common_nonsnoop_unmap(struct device *dev, 1389 struct talitos_edesc *edesc, 1390 struct ablkcipher_request *areq) 1391 { 1392 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE); 1393 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE); 1394 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE); 1395 1396 talitos_sg_unmap(dev, edesc, areq->src, areq->dst); 1397 1398 if (edesc->dma_len) 1399 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 1400 DMA_BIDIRECTIONAL); 1401 } 1402 1403 static void ablkcipher_done(struct device *dev, 1404 struct talitos_desc *desc, void *context, 1405 int err) 1406 { 1407 struct ablkcipher_request *areq = context; 1408 struct talitos_edesc *edesc; 1409 1410 edesc = container_of(desc, struct talitos_edesc, desc); 1411 1412 common_nonsnoop_unmap(dev, edesc, areq); 1413 1414 kfree(edesc); 1415 1416 areq->base.complete(&areq->base, err); 1417 } 1418 1419 static int common_nonsnoop(struct talitos_edesc *edesc, 1420 struct ablkcipher_request *areq, 1421 void (*callback) (struct device *dev, 1422 struct talitos_desc *desc, 1423 void *context, int error)) 1424 { 1425 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1426 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1427 struct device *dev = ctx->dev; 1428 struct talitos_desc *desc = &edesc->desc; 1429 unsigned int cryptlen = areq->nbytes; 1430 unsigned int ivsize; 1431 int sg_count, ret; 1432 1433 /* first DWORD empty */ 1434 desc->ptr[0].len = 0; 1435 to_talitos_ptr(&desc->ptr[0], 0); 1436 desc->ptr[0].j_extent = 0; 1437 1438 /* cipher iv */ 1439 ivsize = crypto_ablkcipher_ivsize(cipher); 1440 map_single_talitos_ptr(dev, &desc->ptr[1], ivsize, areq->info, 0, 1441 DMA_TO_DEVICE); 1442 1443 /* cipher key */ 1444 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen, 1445 (char *)&ctx->key, 0, DMA_TO_DEVICE); 1446 1447 /* 1448 * cipher in 1449 */ 1450 desc->ptr[3].len = cpu_to_be16(cryptlen); 1451 desc->ptr[3].j_extent = 0; 1452 1453 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1, 1454 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL 1455 : DMA_TO_DEVICE, 1456 edesc->src_is_chained); 1457 1458 if (sg_count == 1) { 1459 to_talitos_ptr(&desc->ptr[3], sg_dma_address(areq->src)); 1460 } else { 1461 sg_count = sg_to_link_tbl(areq->src, sg_count, cryptlen, 1462 &edesc->link_tbl[0]); 1463 if (sg_count > 1) { 1464 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl); 1465 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP; 1466 dma_sync_single_for_device(dev, edesc->dma_link_tbl, 1467 edesc->dma_len, 1468 DMA_BIDIRECTIONAL); 1469 } else { 1470 /* Only one segment now, so no link tbl needed */ 1471 to_talitos_ptr(&desc->ptr[3], 1472 sg_dma_address(areq->src)); 1473 } 1474 } 1475 1476 /* cipher out */ 1477 desc->ptr[4].len = cpu_to_be16(cryptlen); 1478 desc->ptr[4].j_extent = 0; 1479 1480 if (areq->src != areq->dst) 1481 sg_count = talitos_map_sg(dev, areq->dst, 1482 edesc->dst_nents ? : 1, 1483 DMA_FROM_DEVICE, 1484 edesc->dst_is_chained); 1485 1486 if (sg_count == 1) { 1487 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->dst)); 1488 } else { 1489 struct talitos_ptr *link_tbl_ptr = 1490 &edesc->link_tbl[edesc->src_nents + 1]; 1491 1492 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl + 1493 (edesc->src_nents + 1) * 1494 sizeof(struct talitos_ptr)); 1495 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; 1496 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, 1497 link_tbl_ptr); 1498 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, 1499 edesc->dma_len, DMA_BIDIRECTIONAL); 1500 } 1501 1502 /* iv out */ 1503 map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv, 0, 1504 DMA_FROM_DEVICE); 1505 1506 /* last DWORD empty */ 1507 desc->ptr[6].len = 0; 1508 to_talitos_ptr(&desc->ptr[6], 0); 1509 desc->ptr[6].j_extent = 0; 1510 1511 ret = talitos_submit(dev, ctx->ch, desc, callback, areq); 1512 if (ret != -EINPROGRESS) { 1513 common_nonsnoop_unmap(dev, edesc, areq); 1514 kfree(edesc); 1515 } 1516 return ret; 1517 } 1518 1519 static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request * 1520 areq) 1521 { 1522 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1523 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1524 1525 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 0, 1526 areq->nbytes, 0, 0, areq->base.flags); 1527 } 1528 1529 static int ablkcipher_encrypt(struct ablkcipher_request *areq) 1530 { 1531 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1532 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1533 struct talitos_edesc *edesc; 1534 1535 /* allocate extended descriptor */ 1536 edesc = ablkcipher_edesc_alloc(areq); 1537 if (IS_ERR(edesc)) 1538 return PTR_ERR(edesc); 1539 1540 /* set encrypt */ 1541 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1542 1543 return common_nonsnoop(edesc, areq, ablkcipher_done); 1544 } 1545 1546 static int ablkcipher_decrypt(struct ablkcipher_request *areq) 1547 { 1548 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1549 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1550 struct talitos_edesc *edesc; 1551 1552 /* allocate extended descriptor */ 1553 edesc = ablkcipher_edesc_alloc(areq); 1554 if (IS_ERR(edesc)) 1555 return PTR_ERR(edesc); 1556 1557 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND; 1558 1559 return common_nonsnoop(edesc, areq, ablkcipher_done); 1560 } 1561 1562 static void common_nonsnoop_hash_unmap(struct device *dev, 1563 struct talitos_edesc *edesc, 1564 struct ahash_request *areq) 1565 { 1566 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1567 1568 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE); 1569 1570 /* When using hashctx-in, must unmap it. */ 1571 if (edesc->desc.ptr[1].len) 1572 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], 1573 DMA_TO_DEVICE); 1574 1575 if (edesc->desc.ptr[2].len) 1576 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], 1577 DMA_TO_DEVICE); 1578 1579 talitos_sg_unmap(dev, edesc, req_ctx->psrc, NULL); 1580 1581 if (edesc->dma_len) 1582 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 1583 DMA_BIDIRECTIONAL); 1584 1585 } 1586 1587 static void ahash_done(struct device *dev, 1588 struct talitos_desc *desc, void *context, 1589 int err) 1590 { 1591 struct ahash_request *areq = context; 1592 struct talitos_edesc *edesc = 1593 container_of(desc, struct talitos_edesc, desc); 1594 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1595 1596 if (!req_ctx->last && req_ctx->to_hash_later) { 1597 /* Position any partial block for next update/final/finup */ 1598 memcpy(req_ctx->buf, req_ctx->bufnext, req_ctx->to_hash_later); 1599 req_ctx->nbuf = req_ctx->to_hash_later; 1600 } 1601 common_nonsnoop_hash_unmap(dev, edesc, areq); 1602 1603 kfree(edesc); 1604 1605 areq->base.complete(&areq->base, err); 1606 } 1607 1608 static int common_nonsnoop_hash(struct talitos_edesc *edesc, 1609 struct ahash_request *areq, unsigned int length, 1610 void (*callback) (struct device *dev, 1611 struct talitos_desc *desc, 1612 void *context, int error)) 1613 { 1614 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); 1615 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm); 1616 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1617 struct device *dev = ctx->dev; 1618 struct talitos_desc *desc = &edesc->desc; 1619 int sg_count, ret; 1620 1621 /* first DWORD empty */ 1622 desc->ptr[0] = zero_entry; 1623 1624 /* hash context in */ 1625 if (!req_ctx->first || req_ctx->swinit) { 1626 map_single_talitos_ptr(dev, &desc->ptr[1], 1627 req_ctx->hw_context_size, 1628 (char *)req_ctx->hw_context, 0, 1629 DMA_TO_DEVICE); 1630 req_ctx->swinit = 0; 1631 } else { 1632 desc->ptr[1] = zero_entry; 1633 /* Indicate next op is not the first. */ 1634 req_ctx->first = 0; 1635 } 1636 1637 /* HMAC key */ 1638 if (ctx->keylen) 1639 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen, 1640 (char *)&ctx->key, 0, DMA_TO_DEVICE); 1641 else 1642 desc->ptr[2] = zero_entry; 1643 1644 /* 1645 * data in 1646 */ 1647 desc->ptr[3].len = cpu_to_be16(length); 1648 desc->ptr[3].j_extent = 0; 1649 1650 sg_count = talitos_map_sg(dev, req_ctx->psrc, 1651 edesc->src_nents ? : 1, 1652 DMA_TO_DEVICE, 1653 edesc->src_is_chained); 1654 1655 if (sg_count == 1) { 1656 to_talitos_ptr(&desc->ptr[3], sg_dma_address(req_ctx->psrc)); 1657 } else { 1658 sg_count = sg_to_link_tbl(req_ctx->psrc, sg_count, length, 1659 &edesc->link_tbl[0]); 1660 if (sg_count > 1) { 1661 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP; 1662 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl); 1663 dma_sync_single_for_device(ctx->dev, 1664 edesc->dma_link_tbl, 1665 edesc->dma_len, 1666 DMA_BIDIRECTIONAL); 1667 } else { 1668 /* Only one segment now, so no link tbl needed */ 1669 to_talitos_ptr(&desc->ptr[3], 1670 sg_dma_address(req_ctx->psrc)); 1671 } 1672 } 1673 1674 /* fifth DWORD empty */ 1675 desc->ptr[4] = zero_entry; 1676 1677 /* hash/HMAC out -or- hash context out */ 1678 if (req_ctx->last) 1679 map_single_talitos_ptr(dev, &desc->ptr[5], 1680 crypto_ahash_digestsize(tfm), 1681 areq->result, 0, DMA_FROM_DEVICE); 1682 else 1683 map_single_talitos_ptr(dev, &desc->ptr[5], 1684 req_ctx->hw_context_size, 1685 req_ctx->hw_context, 0, DMA_FROM_DEVICE); 1686 1687 /* last DWORD empty */ 1688 desc->ptr[6] = zero_entry; 1689 1690 ret = talitos_submit(dev, ctx->ch, desc, callback, areq); 1691 if (ret != -EINPROGRESS) { 1692 common_nonsnoop_hash_unmap(dev, edesc, areq); 1693 kfree(edesc); 1694 } 1695 return ret; 1696 } 1697 1698 static struct talitos_edesc *ahash_edesc_alloc(struct ahash_request *areq, 1699 unsigned int nbytes) 1700 { 1701 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); 1702 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm); 1703 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1704 1705 return talitos_edesc_alloc(ctx->dev, req_ctx->psrc, NULL, 1, 1706 nbytes, 0, 0, areq->base.flags); 1707 } 1708 1709 static int ahash_init(struct ahash_request *areq) 1710 { 1711 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); 1712 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1713 1714 /* Initialize the context */ 1715 req_ctx->nbuf = 0; 1716 req_ctx->first = 1; /* first indicates h/w must init its context */ 1717 req_ctx->swinit = 0; /* assume h/w init of context */ 1718 req_ctx->hw_context_size = 1719 (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE) 1720 ? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256 1721 : TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512; 1722 1723 return 0; 1724 } 1725 1726 /* 1727 * on h/w without explicit sha224 support, we initialize h/w context 1728 * manually with sha224 constants, and tell it to run sha256. 1729 */ 1730 static int ahash_init_sha224_swinit(struct ahash_request *areq) 1731 { 1732 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1733 1734 ahash_init(areq); 1735 req_ctx->swinit = 1;/* prevent h/w initting context with sha256 values*/ 1736 1737 req_ctx->hw_context[0] = SHA224_H0; 1738 req_ctx->hw_context[1] = SHA224_H1; 1739 req_ctx->hw_context[2] = SHA224_H2; 1740 req_ctx->hw_context[3] = SHA224_H3; 1741 req_ctx->hw_context[4] = SHA224_H4; 1742 req_ctx->hw_context[5] = SHA224_H5; 1743 req_ctx->hw_context[6] = SHA224_H6; 1744 req_ctx->hw_context[7] = SHA224_H7; 1745 1746 /* init 64-bit count */ 1747 req_ctx->hw_context[8] = 0; 1748 req_ctx->hw_context[9] = 0; 1749 1750 return 0; 1751 } 1752 1753 static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes) 1754 { 1755 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); 1756 struct talitos_ctx *ctx = crypto_ahash_ctx(tfm); 1757 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1758 struct talitos_edesc *edesc; 1759 unsigned int blocksize = 1760 crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm)); 1761 unsigned int nbytes_to_hash; 1762 unsigned int to_hash_later; 1763 unsigned int nsg; 1764 int chained; 1765 1766 if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) { 1767 /* Buffer up to one whole block */ 1768 sg_copy_to_buffer(areq->src, 1769 sg_count(areq->src, nbytes, &chained), 1770 req_ctx->buf + req_ctx->nbuf, nbytes); 1771 req_ctx->nbuf += nbytes; 1772 return 0; 1773 } 1774 1775 /* At least (blocksize + 1) bytes are available to hash */ 1776 nbytes_to_hash = nbytes + req_ctx->nbuf; 1777 to_hash_later = nbytes_to_hash & (blocksize - 1); 1778 1779 if (req_ctx->last) 1780 to_hash_later = 0; 1781 else if (to_hash_later) 1782 /* There is a partial block. Hash the full block(s) now */ 1783 nbytes_to_hash -= to_hash_later; 1784 else { 1785 /* Keep one block buffered */ 1786 nbytes_to_hash -= blocksize; 1787 to_hash_later = blocksize; 1788 } 1789 1790 /* Chain in any previously buffered data */ 1791 if (req_ctx->nbuf) { 1792 nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1; 1793 sg_init_table(req_ctx->bufsl, nsg); 1794 sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf); 1795 if (nsg > 1) 1796 scatterwalk_sg_chain(req_ctx->bufsl, 2, areq->src); 1797 req_ctx->psrc = req_ctx->bufsl; 1798 } else 1799 req_ctx->psrc = areq->src; 1800 1801 if (to_hash_later) { 1802 int nents = sg_count(areq->src, nbytes, &chained); 1803 sg_copy_end_to_buffer(areq->src, nents, 1804 req_ctx->bufnext, 1805 to_hash_later, 1806 nbytes - to_hash_later); 1807 } 1808 req_ctx->to_hash_later = to_hash_later; 1809 1810 /* Allocate extended descriptor */ 1811 edesc = ahash_edesc_alloc(areq, nbytes_to_hash); 1812 if (IS_ERR(edesc)) 1813 return PTR_ERR(edesc); 1814 1815 edesc->desc.hdr = ctx->desc_hdr_template; 1816 1817 /* On last one, request SEC to pad; otherwise continue */ 1818 if (req_ctx->last) 1819 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_PAD; 1820 else 1821 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_CONT; 1822 1823 /* request SEC to INIT hash. */ 1824 if (req_ctx->first && !req_ctx->swinit) 1825 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_INIT; 1826 1827 /* When the tfm context has a keylen, it's an HMAC. 1828 * A first or last (ie. not middle) descriptor must request HMAC. 1829 */ 1830 if (ctx->keylen && (req_ctx->first || req_ctx->last)) 1831 edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_HMAC; 1832 1833 return common_nonsnoop_hash(edesc, areq, nbytes_to_hash, 1834 ahash_done); 1835 } 1836 1837 static int ahash_update(struct ahash_request *areq) 1838 { 1839 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1840 1841 req_ctx->last = 0; 1842 1843 return ahash_process_req(areq, areq->nbytes); 1844 } 1845 1846 static int ahash_final(struct ahash_request *areq) 1847 { 1848 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1849 1850 req_ctx->last = 1; 1851 1852 return ahash_process_req(areq, 0); 1853 } 1854 1855 static int ahash_finup(struct ahash_request *areq) 1856 { 1857 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1858 1859 req_ctx->last = 1; 1860 1861 return ahash_process_req(areq, areq->nbytes); 1862 } 1863 1864 static int ahash_digest(struct ahash_request *areq) 1865 { 1866 struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); 1867 struct crypto_ahash *ahash = crypto_ahash_reqtfm(areq); 1868 1869 ahash->init(areq); 1870 req_ctx->last = 1; 1871 1872 return ahash_process_req(areq, areq->nbytes); 1873 } 1874 1875 struct talitos_alg_template { 1876 u32 type; 1877 union { 1878 struct crypto_alg crypto; 1879 struct ahash_alg hash; 1880 } alg; 1881 __be32 desc_hdr_template; 1882 }; 1883 1884 static struct talitos_alg_template driver_algs[] = { 1885 /* AEAD algorithms. These use a single-pass ipsec_esp descriptor */ 1886 { .type = CRYPTO_ALG_TYPE_AEAD, 1887 .alg.crypto = { 1888 .cra_name = "authenc(hmac(sha1),cbc(aes))", 1889 .cra_driver_name = "authenc-hmac-sha1-cbc-aes-talitos", 1890 .cra_blocksize = AES_BLOCK_SIZE, 1891 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1892 .cra_type = &crypto_aead_type, 1893 .cra_aead = { 1894 .setkey = aead_setkey, 1895 .setauthsize = aead_setauthsize, 1896 .encrypt = aead_encrypt, 1897 .decrypt = aead_decrypt, 1898 .givencrypt = aead_givencrypt, 1899 .geniv = "<built-in>", 1900 .ivsize = AES_BLOCK_SIZE, 1901 .maxauthsize = SHA1_DIGEST_SIZE, 1902 } 1903 }, 1904 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1905 DESC_HDR_SEL0_AESU | 1906 DESC_HDR_MODE0_AESU_CBC | 1907 DESC_HDR_SEL1_MDEUA | 1908 DESC_HDR_MODE1_MDEU_INIT | 1909 DESC_HDR_MODE1_MDEU_PAD | 1910 DESC_HDR_MODE1_MDEU_SHA1_HMAC, 1911 }, 1912 { .type = CRYPTO_ALG_TYPE_AEAD, 1913 .alg.crypto = { 1914 .cra_name = "authenc(hmac(sha1),cbc(des3_ede))", 1915 .cra_driver_name = "authenc-hmac-sha1-cbc-3des-talitos", 1916 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1917 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1918 .cra_type = &crypto_aead_type, 1919 .cra_aead = { 1920 .setkey = aead_setkey, 1921 .setauthsize = aead_setauthsize, 1922 .encrypt = aead_encrypt, 1923 .decrypt = aead_decrypt, 1924 .givencrypt = aead_givencrypt, 1925 .geniv = "<built-in>", 1926 .ivsize = DES3_EDE_BLOCK_SIZE, 1927 .maxauthsize = SHA1_DIGEST_SIZE, 1928 } 1929 }, 1930 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1931 DESC_HDR_SEL0_DEU | 1932 DESC_HDR_MODE0_DEU_CBC | 1933 DESC_HDR_MODE0_DEU_3DES | 1934 DESC_HDR_SEL1_MDEUA | 1935 DESC_HDR_MODE1_MDEU_INIT | 1936 DESC_HDR_MODE1_MDEU_PAD | 1937 DESC_HDR_MODE1_MDEU_SHA1_HMAC, 1938 }, 1939 { .type = CRYPTO_ALG_TYPE_AEAD, 1940 .alg.crypto = { 1941 .cra_name = "authenc(hmac(sha256),cbc(aes))", 1942 .cra_driver_name = "authenc-hmac-sha256-cbc-aes-talitos", 1943 .cra_blocksize = AES_BLOCK_SIZE, 1944 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1945 .cra_type = &crypto_aead_type, 1946 .cra_aead = { 1947 .setkey = aead_setkey, 1948 .setauthsize = aead_setauthsize, 1949 .encrypt = aead_encrypt, 1950 .decrypt = aead_decrypt, 1951 .givencrypt = aead_givencrypt, 1952 .geniv = "<built-in>", 1953 .ivsize = AES_BLOCK_SIZE, 1954 .maxauthsize = SHA256_DIGEST_SIZE, 1955 } 1956 }, 1957 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1958 DESC_HDR_SEL0_AESU | 1959 DESC_HDR_MODE0_AESU_CBC | 1960 DESC_HDR_SEL1_MDEUA | 1961 DESC_HDR_MODE1_MDEU_INIT | 1962 DESC_HDR_MODE1_MDEU_PAD | 1963 DESC_HDR_MODE1_MDEU_SHA256_HMAC, 1964 }, 1965 { .type = CRYPTO_ALG_TYPE_AEAD, 1966 .alg.crypto = { 1967 .cra_name = "authenc(hmac(sha256),cbc(des3_ede))", 1968 .cra_driver_name = "authenc-hmac-sha256-cbc-3des-talitos", 1969 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1970 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1971 .cra_type = &crypto_aead_type, 1972 .cra_aead = { 1973 .setkey = aead_setkey, 1974 .setauthsize = aead_setauthsize, 1975 .encrypt = aead_encrypt, 1976 .decrypt = aead_decrypt, 1977 .givencrypt = aead_givencrypt, 1978 .geniv = "<built-in>", 1979 .ivsize = DES3_EDE_BLOCK_SIZE, 1980 .maxauthsize = SHA256_DIGEST_SIZE, 1981 } 1982 }, 1983 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1984 DESC_HDR_SEL0_DEU | 1985 DESC_HDR_MODE0_DEU_CBC | 1986 DESC_HDR_MODE0_DEU_3DES | 1987 DESC_HDR_SEL1_MDEUA | 1988 DESC_HDR_MODE1_MDEU_INIT | 1989 DESC_HDR_MODE1_MDEU_PAD | 1990 DESC_HDR_MODE1_MDEU_SHA256_HMAC, 1991 }, 1992 { .type = CRYPTO_ALG_TYPE_AEAD, 1993 .alg.crypto = { 1994 .cra_name = "authenc(hmac(md5),cbc(aes))", 1995 .cra_driver_name = "authenc-hmac-md5-cbc-aes-talitos", 1996 .cra_blocksize = AES_BLOCK_SIZE, 1997 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1998 .cra_type = &crypto_aead_type, 1999 .cra_aead = { 2000 .setkey = aead_setkey, 2001 .setauthsize = aead_setauthsize, 2002 .encrypt = aead_encrypt, 2003 .decrypt = aead_decrypt, 2004 .givencrypt = aead_givencrypt, 2005 .geniv = "<built-in>", 2006 .ivsize = AES_BLOCK_SIZE, 2007 .maxauthsize = MD5_DIGEST_SIZE, 2008 } 2009 }, 2010 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 2011 DESC_HDR_SEL0_AESU | 2012 DESC_HDR_MODE0_AESU_CBC | 2013 DESC_HDR_SEL1_MDEUA | 2014 DESC_HDR_MODE1_MDEU_INIT | 2015 DESC_HDR_MODE1_MDEU_PAD | 2016 DESC_HDR_MODE1_MDEU_MD5_HMAC, 2017 }, 2018 { .type = CRYPTO_ALG_TYPE_AEAD, 2019 .alg.crypto = { 2020 .cra_name = "authenc(hmac(md5),cbc(des3_ede))", 2021 .cra_driver_name = "authenc-hmac-md5-cbc-3des-talitos", 2022 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 2023 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 2024 .cra_type = &crypto_aead_type, 2025 .cra_aead = { 2026 .setkey = aead_setkey, 2027 .setauthsize = aead_setauthsize, 2028 .encrypt = aead_encrypt, 2029 .decrypt = aead_decrypt, 2030 .givencrypt = aead_givencrypt, 2031 .geniv = "<built-in>", 2032 .ivsize = DES3_EDE_BLOCK_SIZE, 2033 .maxauthsize = MD5_DIGEST_SIZE, 2034 } 2035 }, 2036 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 2037 DESC_HDR_SEL0_DEU | 2038 DESC_HDR_MODE0_DEU_CBC | 2039 DESC_HDR_MODE0_DEU_3DES | 2040 DESC_HDR_SEL1_MDEUA | 2041 DESC_HDR_MODE1_MDEU_INIT | 2042 DESC_HDR_MODE1_MDEU_PAD | 2043 DESC_HDR_MODE1_MDEU_MD5_HMAC, 2044 }, 2045 /* ABLKCIPHER algorithms. */ 2046 { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, 2047 .alg.crypto = { 2048 .cra_name = "cbc(aes)", 2049 .cra_driver_name = "cbc-aes-talitos", 2050 .cra_blocksize = AES_BLOCK_SIZE, 2051 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 2052 CRYPTO_ALG_ASYNC, 2053 .cra_type = &crypto_ablkcipher_type, 2054 .cra_ablkcipher = { 2055 .setkey = ablkcipher_setkey, 2056 .encrypt = ablkcipher_encrypt, 2057 .decrypt = ablkcipher_decrypt, 2058 .geniv = "eseqiv", 2059 .min_keysize = AES_MIN_KEY_SIZE, 2060 .max_keysize = AES_MAX_KEY_SIZE, 2061 .ivsize = AES_BLOCK_SIZE, 2062 } 2063 }, 2064 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2065 DESC_HDR_SEL0_AESU | 2066 DESC_HDR_MODE0_AESU_CBC, 2067 }, 2068 { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, 2069 .alg.crypto = { 2070 .cra_name = "cbc(des3_ede)", 2071 .cra_driver_name = "cbc-3des-talitos", 2072 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 2073 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 2074 CRYPTO_ALG_ASYNC, 2075 .cra_type = &crypto_ablkcipher_type, 2076 .cra_ablkcipher = { 2077 .setkey = ablkcipher_setkey, 2078 .encrypt = ablkcipher_encrypt, 2079 .decrypt = ablkcipher_decrypt, 2080 .geniv = "eseqiv", 2081 .min_keysize = DES3_EDE_KEY_SIZE, 2082 .max_keysize = DES3_EDE_KEY_SIZE, 2083 .ivsize = DES3_EDE_BLOCK_SIZE, 2084 } 2085 }, 2086 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2087 DESC_HDR_SEL0_DEU | 2088 DESC_HDR_MODE0_DEU_CBC | 2089 DESC_HDR_MODE0_DEU_3DES, 2090 }, 2091 /* AHASH algorithms. */ 2092 { .type = CRYPTO_ALG_TYPE_AHASH, 2093 .alg.hash = { 2094 .init = ahash_init, 2095 .update = ahash_update, 2096 .final = ahash_final, 2097 .finup = ahash_finup, 2098 .digest = ahash_digest, 2099 .halg.digestsize = MD5_DIGEST_SIZE, 2100 .halg.base = { 2101 .cra_name = "md5", 2102 .cra_driver_name = "md5-talitos", 2103 .cra_blocksize = MD5_BLOCK_SIZE, 2104 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2105 CRYPTO_ALG_ASYNC, 2106 .cra_type = &crypto_ahash_type 2107 } 2108 }, 2109 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2110 DESC_HDR_SEL0_MDEUA | 2111 DESC_HDR_MODE0_MDEU_MD5, 2112 }, 2113 { .type = CRYPTO_ALG_TYPE_AHASH, 2114 .alg.hash = { 2115 .init = ahash_init, 2116 .update = ahash_update, 2117 .final = ahash_final, 2118 .finup = ahash_finup, 2119 .digest = ahash_digest, 2120 .halg.digestsize = SHA1_DIGEST_SIZE, 2121 .halg.base = { 2122 .cra_name = "sha1", 2123 .cra_driver_name = "sha1-talitos", 2124 .cra_blocksize = SHA1_BLOCK_SIZE, 2125 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2126 CRYPTO_ALG_ASYNC, 2127 .cra_type = &crypto_ahash_type 2128 } 2129 }, 2130 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2131 DESC_HDR_SEL0_MDEUA | 2132 DESC_HDR_MODE0_MDEU_SHA1, 2133 }, 2134 { .type = CRYPTO_ALG_TYPE_AHASH, 2135 .alg.hash = { 2136 .init = ahash_init, 2137 .update = ahash_update, 2138 .final = ahash_final, 2139 .finup = ahash_finup, 2140 .digest = ahash_digest, 2141 .halg.digestsize = SHA224_DIGEST_SIZE, 2142 .halg.base = { 2143 .cra_name = "sha224", 2144 .cra_driver_name = "sha224-talitos", 2145 .cra_blocksize = SHA224_BLOCK_SIZE, 2146 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2147 CRYPTO_ALG_ASYNC, 2148 .cra_type = &crypto_ahash_type 2149 } 2150 }, 2151 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2152 DESC_HDR_SEL0_MDEUA | 2153 DESC_HDR_MODE0_MDEU_SHA224, 2154 }, 2155 { .type = CRYPTO_ALG_TYPE_AHASH, 2156 .alg.hash = { 2157 .init = ahash_init, 2158 .update = ahash_update, 2159 .final = ahash_final, 2160 .finup = ahash_finup, 2161 .digest = ahash_digest, 2162 .halg.digestsize = SHA256_DIGEST_SIZE, 2163 .halg.base = { 2164 .cra_name = "sha256", 2165 .cra_driver_name = "sha256-talitos", 2166 .cra_blocksize = SHA256_BLOCK_SIZE, 2167 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2168 CRYPTO_ALG_ASYNC, 2169 .cra_type = &crypto_ahash_type 2170 } 2171 }, 2172 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2173 DESC_HDR_SEL0_MDEUA | 2174 DESC_HDR_MODE0_MDEU_SHA256, 2175 }, 2176 { .type = CRYPTO_ALG_TYPE_AHASH, 2177 .alg.hash = { 2178 .init = ahash_init, 2179 .update = ahash_update, 2180 .final = ahash_final, 2181 .finup = ahash_finup, 2182 .digest = ahash_digest, 2183 .halg.digestsize = SHA384_DIGEST_SIZE, 2184 .halg.base = { 2185 .cra_name = "sha384", 2186 .cra_driver_name = "sha384-talitos", 2187 .cra_blocksize = SHA384_BLOCK_SIZE, 2188 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2189 CRYPTO_ALG_ASYNC, 2190 .cra_type = &crypto_ahash_type 2191 } 2192 }, 2193 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2194 DESC_HDR_SEL0_MDEUB | 2195 DESC_HDR_MODE0_MDEUB_SHA384, 2196 }, 2197 { .type = CRYPTO_ALG_TYPE_AHASH, 2198 .alg.hash = { 2199 .init = ahash_init, 2200 .update = ahash_update, 2201 .final = ahash_final, 2202 .finup = ahash_finup, 2203 .digest = ahash_digest, 2204 .halg.digestsize = SHA512_DIGEST_SIZE, 2205 .halg.base = { 2206 .cra_name = "sha512", 2207 .cra_driver_name = "sha512-talitos", 2208 .cra_blocksize = SHA512_BLOCK_SIZE, 2209 .cra_flags = CRYPTO_ALG_TYPE_AHASH | 2210 CRYPTO_ALG_ASYNC, 2211 .cra_type = &crypto_ahash_type 2212 } 2213 }, 2214 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2215 DESC_HDR_SEL0_MDEUB | 2216 DESC_HDR_MODE0_MDEUB_SHA512, 2217 }, 2218 }; 2219 2220 struct talitos_crypto_alg { 2221 struct list_head entry; 2222 struct device *dev; 2223 struct talitos_alg_template algt; 2224 }; 2225 2226 static int talitos_cra_init(struct crypto_tfm *tfm) 2227 { 2228 struct crypto_alg *alg = tfm->__crt_alg; 2229 struct talitos_crypto_alg *talitos_alg; 2230 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm); 2231 struct talitos_private *priv; 2232 2233 if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_AHASH) 2234 talitos_alg = container_of(__crypto_ahash_alg(alg), 2235 struct talitos_crypto_alg, 2236 algt.alg.hash); 2237 else 2238 talitos_alg = container_of(alg, struct talitos_crypto_alg, 2239 algt.alg.crypto); 2240 2241 /* update context with ptr to dev */ 2242 ctx->dev = talitos_alg->dev; 2243 2244 /* assign SEC channel to tfm in round-robin fashion */ 2245 priv = dev_get_drvdata(ctx->dev); 2246 ctx->ch = atomic_inc_return(&priv->last_chan) & 2247 (priv->num_channels - 1); 2248 2249 /* copy descriptor header template value */ 2250 ctx->desc_hdr_template = talitos_alg->algt.desc_hdr_template; 2251 2252 /* select done notification */ 2253 ctx->desc_hdr_template |= DESC_HDR_DONE_NOTIFY; 2254 2255 return 0; 2256 } 2257 2258 static int talitos_cra_init_aead(struct crypto_tfm *tfm) 2259 { 2260 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm); 2261 2262 talitos_cra_init(tfm); 2263 2264 /* random first IV */ 2265 get_random_bytes(ctx->iv, TALITOS_MAX_IV_LENGTH); 2266 2267 return 0; 2268 } 2269 2270 static int talitos_cra_init_ahash(struct crypto_tfm *tfm) 2271 { 2272 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm); 2273 2274 talitos_cra_init(tfm); 2275 2276 ctx->keylen = 0; 2277 crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm), 2278 sizeof(struct talitos_ahash_req_ctx)); 2279 2280 return 0; 2281 } 2282 2283 /* 2284 * given the alg's descriptor header template, determine whether descriptor 2285 * type and primary/secondary execution units required match the hw 2286 * capabilities description provided in the device tree node. 2287 */ 2288 static int hw_supports(struct device *dev, __be32 desc_hdr_template) 2289 { 2290 struct talitos_private *priv = dev_get_drvdata(dev); 2291 int ret; 2292 2293 ret = (1 << DESC_TYPE(desc_hdr_template) & priv->desc_types) && 2294 (1 << PRIMARY_EU(desc_hdr_template) & priv->exec_units); 2295 2296 if (SECONDARY_EU(desc_hdr_template)) 2297 ret = ret && (1 << SECONDARY_EU(desc_hdr_template) 2298 & priv->exec_units); 2299 2300 return ret; 2301 } 2302 2303 static int talitos_remove(struct platform_device *ofdev) 2304 { 2305 struct device *dev = &ofdev->dev; 2306 struct talitos_private *priv = dev_get_drvdata(dev); 2307 struct talitos_crypto_alg *t_alg, *n; 2308 int i; 2309 2310 list_for_each_entry_safe(t_alg, n, &priv->alg_list, entry) { 2311 switch (t_alg->algt.type) { 2312 case CRYPTO_ALG_TYPE_ABLKCIPHER: 2313 case CRYPTO_ALG_TYPE_AEAD: 2314 crypto_unregister_alg(&t_alg->algt.alg.crypto); 2315 break; 2316 case CRYPTO_ALG_TYPE_AHASH: 2317 crypto_unregister_ahash(&t_alg->algt.alg.hash); 2318 break; 2319 } 2320 list_del(&t_alg->entry); 2321 kfree(t_alg); 2322 } 2323 2324 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) 2325 talitos_unregister_rng(dev); 2326 2327 for (i = 0; i < priv->num_channels; i++) 2328 kfree(priv->chan[i].fifo); 2329 2330 kfree(priv->chan); 2331 2332 if (priv->irq != NO_IRQ) { 2333 free_irq(priv->irq, dev); 2334 irq_dispose_mapping(priv->irq); 2335 } 2336 2337 tasklet_kill(&priv->done_task); 2338 2339 iounmap(priv->reg); 2340 2341 dev_set_drvdata(dev, NULL); 2342 2343 kfree(priv); 2344 2345 return 0; 2346 } 2347 2348 static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev, 2349 struct talitos_alg_template 2350 *template) 2351 { 2352 struct talitos_private *priv = dev_get_drvdata(dev); 2353 struct talitos_crypto_alg *t_alg; 2354 struct crypto_alg *alg; 2355 2356 t_alg = kzalloc(sizeof(struct talitos_crypto_alg), GFP_KERNEL); 2357 if (!t_alg) 2358 return ERR_PTR(-ENOMEM); 2359 2360 t_alg->algt = *template; 2361 2362 switch (t_alg->algt.type) { 2363 case CRYPTO_ALG_TYPE_ABLKCIPHER: 2364 alg = &t_alg->algt.alg.crypto; 2365 alg->cra_init = talitos_cra_init; 2366 break; 2367 case CRYPTO_ALG_TYPE_AEAD: 2368 alg = &t_alg->algt.alg.crypto; 2369 alg->cra_init = talitos_cra_init_aead; 2370 break; 2371 case CRYPTO_ALG_TYPE_AHASH: 2372 alg = &t_alg->algt.alg.hash.halg.base; 2373 alg->cra_init = talitos_cra_init_ahash; 2374 if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) && 2375 !strcmp(alg->cra_name, "sha224")) { 2376 t_alg->algt.alg.hash.init = ahash_init_sha224_swinit; 2377 t_alg->algt.desc_hdr_template = 2378 DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 2379 DESC_HDR_SEL0_MDEUA | 2380 DESC_HDR_MODE0_MDEU_SHA256; 2381 } 2382 break; 2383 default: 2384 dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type); 2385 return ERR_PTR(-EINVAL); 2386 } 2387 2388 alg->cra_module = THIS_MODULE; 2389 alg->cra_priority = TALITOS_CRA_PRIORITY; 2390 alg->cra_alignmask = 0; 2391 alg->cra_ctxsize = sizeof(struct talitos_ctx); 2392 2393 t_alg->dev = dev; 2394 2395 return t_alg; 2396 } 2397 2398 static int talitos_probe(struct platform_device *ofdev) 2399 { 2400 struct device *dev = &ofdev->dev; 2401 struct device_node *np = ofdev->dev.of_node; 2402 struct talitos_private *priv; 2403 const unsigned int *prop; 2404 int i, err; 2405 2406 priv = kzalloc(sizeof(struct talitos_private), GFP_KERNEL); 2407 if (!priv) 2408 return -ENOMEM; 2409 2410 dev_set_drvdata(dev, priv); 2411 2412 priv->ofdev = ofdev; 2413 2414 tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev); 2415 2416 INIT_LIST_HEAD(&priv->alg_list); 2417 2418 priv->irq = irq_of_parse_and_map(np, 0); 2419 2420 if (priv->irq == NO_IRQ) { 2421 dev_err(dev, "failed to map irq\n"); 2422 err = -EINVAL; 2423 goto err_out; 2424 } 2425 2426 /* get the irq line */ 2427 err = request_irq(priv->irq, talitos_interrupt, 0, 2428 dev_driver_string(dev), dev); 2429 if (err) { 2430 dev_err(dev, "failed to request irq %d\n", priv->irq); 2431 irq_dispose_mapping(priv->irq); 2432 priv->irq = NO_IRQ; 2433 goto err_out; 2434 } 2435 2436 priv->reg = of_iomap(np, 0); 2437 if (!priv->reg) { 2438 dev_err(dev, "failed to of_iomap\n"); 2439 err = -ENOMEM; 2440 goto err_out; 2441 } 2442 2443 /* get SEC version capabilities from device tree */ 2444 prop = of_get_property(np, "fsl,num-channels", NULL); 2445 if (prop) 2446 priv->num_channels = *prop; 2447 2448 prop = of_get_property(np, "fsl,channel-fifo-len", NULL); 2449 if (prop) 2450 priv->chfifo_len = *prop; 2451 2452 prop = of_get_property(np, "fsl,exec-units-mask", NULL); 2453 if (prop) 2454 priv->exec_units = *prop; 2455 2456 prop = of_get_property(np, "fsl,descriptor-types-mask", NULL); 2457 if (prop) 2458 priv->desc_types = *prop; 2459 2460 if (!is_power_of_2(priv->num_channels) || !priv->chfifo_len || 2461 !priv->exec_units || !priv->desc_types) { 2462 dev_err(dev, "invalid property data in device tree node\n"); 2463 err = -EINVAL; 2464 goto err_out; 2465 } 2466 2467 if (of_device_is_compatible(np, "fsl,sec3.0")) 2468 priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT; 2469 2470 if (of_device_is_compatible(np, "fsl,sec2.1")) 2471 priv->features |= TALITOS_FTR_HW_AUTH_CHECK | 2472 TALITOS_FTR_SHA224_HWINIT; 2473 2474 priv->chan = kzalloc(sizeof(struct talitos_channel) * 2475 priv->num_channels, GFP_KERNEL); 2476 if (!priv->chan) { 2477 dev_err(dev, "failed to allocate channel management space\n"); 2478 err = -ENOMEM; 2479 goto err_out; 2480 } 2481 2482 for (i = 0; i < priv->num_channels; i++) { 2483 spin_lock_init(&priv->chan[i].head_lock); 2484 spin_lock_init(&priv->chan[i].tail_lock); 2485 } 2486 2487 priv->fifo_len = roundup_pow_of_two(priv->chfifo_len); 2488 2489 for (i = 0; i < priv->num_channels; i++) { 2490 priv->chan[i].fifo = kzalloc(sizeof(struct talitos_request) * 2491 priv->fifo_len, GFP_KERNEL); 2492 if (!priv->chan[i].fifo) { 2493 dev_err(dev, "failed to allocate request fifo %d\n", i); 2494 err = -ENOMEM; 2495 goto err_out; 2496 } 2497 } 2498 2499 for (i = 0; i < priv->num_channels; i++) 2500 atomic_set(&priv->chan[i].submit_count, 2501 -(priv->chfifo_len - 1)); 2502 2503 dma_set_mask(dev, DMA_BIT_MASK(36)); 2504 2505 /* reset and initialize the h/w */ 2506 err = init_device(dev); 2507 if (err) { 2508 dev_err(dev, "failed to initialize device\n"); 2509 goto err_out; 2510 } 2511 2512 /* register the RNG, if available */ 2513 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) { 2514 err = talitos_register_rng(dev); 2515 if (err) { 2516 dev_err(dev, "failed to register hwrng: %d\n", err); 2517 goto err_out; 2518 } else 2519 dev_info(dev, "hwrng\n"); 2520 } 2521 2522 /* register crypto algorithms the device supports */ 2523 for (i = 0; i < ARRAY_SIZE(driver_algs); i++) { 2524 if (hw_supports(dev, driver_algs[i].desc_hdr_template)) { 2525 struct talitos_crypto_alg *t_alg; 2526 char *name = NULL; 2527 2528 t_alg = talitos_alg_alloc(dev, &driver_algs[i]); 2529 if (IS_ERR(t_alg)) { 2530 err = PTR_ERR(t_alg); 2531 goto err_out; 2532 } 2533 2534 switch (t_alg->algt.type) { 2535 case CRYPTO_ALG_TYPE_ABLKCIPHER: 2536 case CRYPTO_ALG_TYPE_AEAD: 2537 err = crypto_register_alg( 2538 &t_alg->algt.alg.crypto); 2539 name = t_alg->algt.alg.crypto.cra_driver_name; 2540 break; 2541 case CRYPTO_ALG_TYPE_AHASH: 2542 err = crypto_register_ahash( 2543 &t_alg->algt.alg.hash); 2544 name = 2545 t_alg->algt.alg.hash.halg.base.cra_driver_name; 2546 break; 2547 } 2548 if (err) { 2549 dev_err(dev, "%s alg registration failed\n", 2550 name); 2551 kfree(t_alg); 2552 } else { 2553 list_add_tail(&t_alg->entry, &priv->alg_list); 2554 dev_info(dev, "%s\n", name); 2555 } 2556 } 2557 } 2558 2559 return 0; 2560 2561 err_out: 2562 talitos_remove(ofdev); 2563 2564 return err; 2565 } 2566 2567 static const struct of_device_id talitos_match[] = { 2568 { 2569 .compatible = "fsl,sec2.0", 2570 }, 2571 {}, 2572 }; 2573 MODULE_DEVICE_TABLE(of, talitos_match); 2574 2575 static struct platform_driver talitos_driver = { 2576 .driver = { 2577 .name = "talitos", 2578 .owner = THIS_MODULE, 2579 .of_match_table = talitos_match, 2580 }, 2581 .probe = talitos_probe, 2582 .remove = talitos_remove, 2583 }; 2584 2585 static int __init talitos_init(void) 2586 { 2587 return platform_driver_register(&talitos_driver); 2588 } 2589 module_init(talitos_init); 2590 2591 static void __exit talitos_exit(void) 2592 { 2593 platform_driver_unregister(&talitos_driver); 2594 } 2595 module_exit(talitos_exit); 2596 2597 MODULE_LICENSE("GPL"); 2598 MODULE_AUTHOR("Kim Phillips <kim.phillips@freescale.com>"); 2599 MODULE_DESCRIPTION("Freescale integrated security engine (SEC) driver"); 2600