1 /* 2 * talitos - Freescale Integrated Security Engine (SEC) device driver 3 * 4 * Copyright (c) 2008 Freescale Semiconductor, Inc. 5 * 6 * Scatterlist Crypto API glue code copied from files with the following: 7 * Copyright (c) 2006-2007 Herbert Xu <herbert@gondor.apana.org.au> 8 * 9 * Crypto algorithm registration code copied from hifn driver: 10 * 2007+ Copyright (c) Evgeniy Polyakov <johnpol@2ka.mipt.ru> 11 * All rights reserved. 12 * 13 * This program is free software; you can redistribute it and/or modify 14 * it under the terms of the GNU General Public License as published by 15 * the Free Software Foundation; either version 2 of the License, or 16 * (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 * GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with this program; if not, write to the Free Software 25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 26 */ 27 28 #include <linux/kernel.h> 29 #include <linux/module.h> 30 #include <linux/mod_devicetable.h> 31 #include <linux/device.h> 32 #include <linux/interrupt.h> 33 #include <linux/crypto.h> 34 #include <linux/hw_random.h> 35 #include <linux/of_platform.h> 36 #include <linux/dma-mapping.h> 37 #include <linux/io.h> 38 #include <linux/spinlock.h> 39 #include <linux/rtnetlink.h> 40 #include <linux/slab.h> 41 42 #include <crypto/algapi.h> 43 #include <crypto/aes.h> 44 #include <crypto/des.h> 45 #include <crypto/sha.h> 46 #include <crypto/aead.h> 47 #include <crypto/authenc.h> 48 #include <crypto/skcipher.h> 49 #include <crypto/scatterwalk.h> 50 51 #include "talitos.h" 52 53 #define TALITOS_TIMEOUT 100000 54 #define TALITOS_MAX_DATA_LEN 65535 55 56 #define DESC_TYPE(desc_hdr) ((be32_to_cpu(desc_hdr) >> 3) & 0x1f) 57 #define PRIMARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 28) & 0xf) 58 #define SECONDARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 16) & 0xf) 59 60 /* descriptor pointer entry */ 61 struct talitos_ptr { 62 __be16 len; /* length */ 63 u8 j_extent; /* jump to sg link table and/or extent */ 64 u8 eptr; /* extended address */ 65 __be32 ptr; /* address */ 66 }; 67 68 /* descriptor */ 69 struct talitos_desc { 70 __be32 hdr; /* header high bits */ 71 __be32 hdr_lo; /* header low bits */ 72 struct talitos_ptr ptr[7]; /* ptr/len pair array */ 73 }; 74 75 /** 76 * talitos_request - descriptor submission request 77 * @desc: descriptor pointer (kernel virtual) 78 * @dma_desc: descriptor's physical bus address 79 * @callback: whom to call when descriptor processing is done 80 * @context: caller context (optional) 81 */ 82 struct talitos_request { 83 struct talitos_desc *desc; 84 dma_addr_t dma_desc; 85 void (*callback) (struct device *dev, struct talitos_desc *desc, 86 void *context, int error); 87 void *context; 88 }; 89 90 /* per-channel fifo management */ 91 struct talitos_channel { 92 /* request fifo */ 93 struct talitos_request *fifo; 94 95 /* number of requests pending in channel h/w fifo */ 96 atomic_t submit_count ____cacheline_aligned; 97 98 /* request submission (head) lock */ 99 spinlock_t head_lock ____cacheline_aligned; 100 /* index to next free descriptor request */ 101 int head; 102 103 /* request release (tail) lock */ 104 spinlock_t tail_lock ____cacheline_aligned; 105 /* index to next in-progress/done descriptor request */ 106 int tail; 107 }; 108 109 struct talitos_private { 110 struct device *dev; 111 struct of_device *ofdev; 112 void __iomem *reg; 113 int irq; 114 115 /* SEC version geometry (from device tree node) */ 116 unsigned int num_channels; 117 unsigned int chfifo_len; 118 unsigned int exec_units; 119 unsigned int desc_types; 120 121 /* SEC Compatibility info */ 122 unsigned long features; 123 124 /* 125 * length of the request fifo 126 * fifo_len is chfifo_len rounded up to next power of 2 127 * so we can use bitwise ops to wrap 128 */ 129 unsigned int fifo_len; 130 131 struct talitos_channel *chan; 132 133 /* next channel to be assigned next incoming descriptor */ 134 atomic_t last_chan ____cacheline_aligned; 135 136 /* request callback tasklet */ 137 struct tasklet_struct done_task; 138 139 /* list of registered algorithms */ 140 struct list_head alg_list; 141 142 /* hwrng device */ 143 struct hwrng rng; 144 }; 145 146 /* .features flag */ 147 #define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x00000001 148 #define TALITOS_FTR_HW_AUTH_CHECK 0x00000002 149 150 static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t dma_addr) 151 { 152 talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr)); 153 talitos_ptr->eptr = cpu_to_be32(upper_32_bits(dma_addr)); 154 } 155 156 /* 157 * map virtual single (contiguous) pointer to h/w descriptor pointer 158 */ 159 static void map_single_talitos_ptr(struct device *dev, 160 struct talitos_ptr *talitos_ptr, 161 unsigned short len, void *data, 162 unsigned char extent, 163 enum dma_data_direction dir) 164 { 165 dma_addr_t dma_addr = dma_map_single(dev, data, len, dir); 166 167 talitos_ptr->len = cpu_to_be16(len); 168 to_talitos_ptr(talitos_ptr, dma_addr); 169 talitos_ptr->j_extent = extent; 170 } 171 172 /* 173 * unmap bus single (contiguous) h/w descriptor pointer 174 */ 175 static void unmap_single_talitos_ptr(struct device *dev, 176 struct talitos_ptr *talitos_ptr, 177 enum dma_data_direction dir) 178 { 179 dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr), 180 be16_to_cpu(talitos_ptr->len), dir); 181 } 182 183 static int reset_channel(struct device *dev, int ch) 184 { 185 struct talitos_private *priv = dev_get_drvdata(dev); 186 unsigned int timeout = TALITOS_TIMEOUT; 187 188 setbits32(priv->reg + TALITOS_CCCR(ch), TALITOS_CCCR_RESET); 189 190 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & TALITOS_CCCR_RESET) 191 && --timeout) 192 cpu_relax(); 193 194 if (timeout == 0) { 195 dev_err(dev, "failed to reset channel %d\n", ch); 196 return -EIO; 197 } 198 199 /* set 36-bit addressing, done writeback enable and done IRQ enable */ 200 setbits32(priv->reg + TALITOS_CCCR_LO(ch), TALITOS_CCCR_LO_EAE | 201 TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE); 202 203 /* and ICCR writeback, if available */ 204 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK) 205 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 206 TALITOS_CCCR_LO_IWSE); 207 208 return 0; 209 } 210 211 static int reset_device(struct device *dev) 212 { 213 struct talitos_private *priv = dev_get_drvdata(dev); 214 unsigned int timeout = TALITOS_TIMEOUT; 215 216 setbits32(priv->reg + TALITOS_MCR, TALITOS_MCR_SWR); 217 218 while ((in_be32(priv->reg + TALITOS_MCR) & TALITOS_MCR_SWR) 219 && --timeout) 220 cpu_relax(); 221 222 if (timeout == 0) { 223 dev_err(dev, "failed to reset device\n"); 224 return -EIO; 225 } 226 227 return 0; 228 } 229 230 /* 231 * Reset and initialize the device 232 */ 233 static int init_device(struct device *dev) 234 { 235 struct talitos_private *priv = dev_get_drvdata(dev); 236 int ch, err; 237 238 /* 239 * Master reset 240 * errata documentation: warning: certain SEC interrupts 241 * are not fully cleared by writing the MCR:SWR bit, 242 * set bit twice to completely reset 243 */ 244 err = reset_device(dev); 245 if (err) 246 return err; 247 248 err = reset_device(dev); 249 if (err) 250 return err; 251 252 /* reset channels */ 253 for (ch = 0; ch < priv->num_channels; ch++) { 254 err = reset_channel(dev, ch); 255 if (err) 256 return err; 257 } 258 259 /* enable channel done and error interrupts */ 260 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT); 261 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); 262 263 /* disable integrity check error interrupts (use writeback instead) */ 264 if (priv->features & TALITOS_FTR_HW_AUTH_CHECK) 265 setbits32(priv->reg + TALITOS_MDEUICR_LO, 266 TALITOS_MDEUICR_LO_ICE); 267 268 return 0; 269 } 270 271 /** 272 * talitos_submit - submits a descriptor to the device for processing 273 * @dev: the SEC device to be used 274 * @desc: the descriptor to be processed by the device 275 * @callback: whom to call when processing is complete 276 * @context: a handle for use by caller (optional) 277 * 278 * desc must contain valid dma-mapped (bus physical) address pointers. 279 * callback must check err and feedback in descriptor header 280 * for device processing status. 281 */ 282 static int talitos_submit(struct device *dev, struct talitos_desc *desc, 283 void (*callback)(struct device *dev, 284 struct talitos_desc *desc, 285 void *context, int error), 286 void *context) 287 { 288 struct talitos_private *priv = dev_get_drvdata(dev); 289 struct talitos_request *request; 290 unsigned long flags, ch; 291 int head; 292 293 /* select done notification */ 294 desc->hdr |= DESC_HDR_DONE_NOTIFY; 295 296 /* emulate SEC's round-robin channel fifo polling scheme */ 297 ch = atomic_inc_return(&priv->last_chan) & (priv->num_channels - 1); 298 299 spin_lock_irqsave(&priv->chan[ch].head_lock, flags); 300 301 if (!atomic_inc_not_zero(&priv->chan[ch].submit_count)) { 302 /* h/w fifo is full */ 303 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags); 304 return -EAGAIN; 305 } 306 307 head = priv->chan[ch].head; 308 request = &priv->chan[ch].fifo[head]; 309 310 /* map descriptor and save caller data */ 311 request->dma_desc = dma_map_single(dev, desc, sizeof(*desc), 312 DMA_BIDIRECTIONAL); 313 request->callback = callback; 314 request->context = context; 315 316 /* increment fifo head */ 317 priv->chan[ch].head = (priv->chan[ch].head + 1) & (priv->fifo_len - 1); 318 319 smp_wmb(); 320 request->desc = desc; 321 322 /* GO! */ 323 wmb(); 324 out_be32(priv->reg + TALITOS_FF(ch), 325 cpu_to_be32(upper_32_bits(request->dma_desc))); 326 out_be32(priv->reg + TALITOS_FF_LO(ch), 327 cpu_to_be32(lower_32_bits(request->dma_desc))); 328 329 spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags); 330 331 return -EINPROGRESS; 332 } 333 334 /* 335 * process what was done, notify callback of error if not 336 */ 337 static void flush_channel(struct device *dev, int ch, int error, int reset_ch) 338 { 339 struct talitos_private *priv = dev_get_drvdata(dev); 340 struct talitos_request *request, saved_req; 341 unsigned long flags; 342 int tail, status; 343 344 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags); 345 346 tail = priv->chan[ch].tail; 347 while (priv->chan[ch].fifo[tail].desc) { 348 request = &priv->chan[ch].fifo[tail]; 349 350 /* descriptors with their done bits set don't get the error */ 351 rmb(); 352 if ((request->desc->hdr & DESC_HDR_DONE) == DESC_HDR_DONE) 353 status = 0; 354 else 355 if (!error) 356 break; 357 else 358 status = error; 359 360 dma_unmap_single(dev, request->dma_desc, 361 sizeof(struct talitos_desc), 362 DMA_BIDIRECTIONAL); 363 364 /* copy entries so we can call callback outside lock */ 365 saved_req.desc = request->desc; 366 saved_req.callback = request->callback; 367 saved_req.context = request->context; 368 369 /* release request entry in fifo */ 370 smp_wmb(); 371 request->desc = NULL; 372 373 /* increment fifo tail */ 374 priv->chan[ch].tail = (tail + 1) & (priv->fifo_len - 1); 375 376 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags); 377 378 atomic_dec(&priv->chan[ch].submit_count); 379 380 saved_req.callback(dev, saved_req.desc, saved_req.context, 381 status); 382 /* channel may resume processing in single desc error case */ 383 if (error && !reset_ch && status == error) 384 return; 385 spin_lock_irqsave(&priv->chan[ch].tail_lock, flags); 386 tail = priv->chan[ch].tail; 387 } 388 389 spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags); 390 } 391 392 /* 393 * process completed requests for channels that have done status 394 */ 395 static void talitos_done(unsigned long data) 396 { 397 struct device *dev = (struct device *)data; 398 struct talitos_private *priv = dev_get_drvdata(dev); 399 int ch; 400 401 for (ch = 0; ch < priv->num_channels; ch++) 402 flush_channel(dev, ch, 0, 0); 403 404 /* At this point, all completed channels have been processed. 405 * Unmask done interrupts for channels completed later on. 406 */ 407 setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT); 408 setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); 409 } 410 411 /* 412 * locate current (offending) descriptor 413 */ 414 static struct talitos_desc *current_desc(struct device *dev, int ch) 415 { 416 struct talitos_private *priv = dev_get_drvdata(dev); 417 int tail = priv->chan[ch].tail; 418 dma_addr_t cur_desc; 419 420 cur_desc = in_be32(priv->reg + TALITOS_CDPR_LO(ch)); 421 422 while (priv->chan[ch].fifo[tail].dma_desc != cur_desc) { 423 tail = (tail + 1) & (priv->fifo_len - 1); 424 if (tail == priv->chan[ch].tail) { 425 dev_err(dev, "couldn't locate current descriptor\n"); 426 return NULL; 427 } 428 } 429 430 return priv->chan[ch].fifo[tail].desc; 431 } 432 433 /* 434 * user diagnostics; report root cause of error based on execution unit status 435 */ 436 static void report_eu_error(struct device *dev, int ch, 437 struct talitos_desc *desc) 438 { 439 struct talitos_private *priv = dev_get_drvdata(dev); 440 int i; 441 442 switch (desc->hdr & DESC_HDR_SEL0_MASK) { 443 case DESC_HDR_SEL0_AFEU: 444 dev_err(dev, "AFEUISR 0x%08x_%08x\n", 445 in_be32(priv->reg + TALITOS_AFEUISR), 446 in_be32(priv->reg + TALITOS_AFEUISR_LO)); 447 break; 448 case DESC_HDR_SEL0_DEU: 449 dev_err(dev, "DEUISR 0x%08x_%08x\n", 450 in_be32(priv->reg + TALITOS_DEUISR), 451 in_be32(priv->reg + TALITOS_DEUISR_LO)); 452 break; 453 case DESC_HDR_SEL0_MDEUA: 454 case DESC_HDR_SEL0_MDEUB: 455 dev_err(dev, "MDEUISR 0x%08x_%08x\n", 456 in_be32(priv->reg + TALITOS_MDEUISR), 457 in_be32(priv->reg + TALITOS_MDEUISR_LO)); 458 break; 459 case DESC_HDR_SEL0_RNG: 460 dev_err(dev, "RNGUISR 0x%08x_%08x\n", 461 in_be32(priv->reg + TALITOS_RNGUISR), 462 in_be32(priv->reg + TALITOS_RNGUISR_LO)); 463 break; 464 case DESC_HDR_SEL0_PKEU: 465 dev_err(dev, "PKEUISR 0x%08x_%08x\n", 466 in_be32(priv->reg + TALITOS_PKEUISR), 467 in_be32(priv->reg + TALITOS_PKEUISR_LO)); 468 break; 469 case DESC_HDR_SEL0_AESU: 470 dev_err(dev, "AESUISR 0x%08x_%08x\n", 471 in_be32(priv->reg + TALITOS_AESUISR), 472 in_be32(priv->reg + TALITOS_AESUISR_LO)); 473 break; 474 case DESC_HDR_SEL0_CRCU: 475 dev_err(dev, "CRCUISR 0x%08x_%08x\n", 476 in_be32(priv->reg + TALITOS_CRCUISR), 477 in_be32(priv->reg + TALITOS_CRCUISR_LO)); 478 break; 479 case DESC_HDR_SEL0_KEU: 480 dev_err(dev, "KEUISR 0x%08x_%08x\n", 481 in_be32(priv->reg + TALITOS_KEUISR), 482 in_be32(priv->reg + TALITOS_KEUISR_LO)); 483 break; 484 } 485 486 switch (desc->hdr & DESC_HDR_SEL1_MASK) { 487 case DESC_HDR_SEL1_MDEUA: 488 case DESC_HDR_SEL1_MDEUB: 489 dev_err(dev, "MDEUISR 0x%08x_%08x\n", 490 in_be32(priv->reg + TALITOS_MDEUISR), 491 in_be32(priv->reg + TALITOS_MDEUISR_LO)); 492 break; 493 case DESC_HDR_SEL1_CRCU: 494 dev_err(dev, "CRCUISR 0x%08x_%08x\n", 495 in_be32(priv->reg + TALITOS_CRCUISR), 496 in_be32(priv->reg + TALITOS_CRCUISR_LO)); 497 break; 498 } 499 500 for (i = 0; i < 8; i++) 501 dev_err(dev, "DESCBUF 0x%08x_%08x\n", 502 in_be32(priv->reg + TALITOS_DESCBUF(ch) + 8*i), 503 in_be32(priv->reg + TALITOS_DESCBUF_LO(ch) + 8*i)); 504 } 505 506 /* 507 * recover from error interrupts 508 */ 509 static void talitos_error(unsigned long data, u32 isr, u32 isr_lo) 510 { 511 struct device *dev = (struct device *)data; 512 struct talitos_private *priv = dev_get_drvdata(dev); 513 unsigned int timeout = TALITOS_TIMEOUT; 514 int ch, error, reset_dev = 0, reset_ch = 0; 515 u32 v, v_lo; 516 517 for (ch = 0; ch < priv->num_channels; ch++) { 518 /* skip channels without errors */ 519 if (!(isr & (1 << (ch * 2 + 1)))) 520 continue; 521 522 error = -EINVAL; 523 524 v = in_be32(priv->reg + TALITOS_CCPSR(ch)); 525 v_lo = in_be32(priv->reg + TALITOS_CCPSR_LO(ch)); 526 527 if (v_lo & TALITOS_CCPSR_LO_DOF) { 528 dev_err(dev, "double fetch fifo overflow error\n"); 529 error = -EAGAIN; 530 reset_ch = 1; 531 } 532 if (v_lo & TALITOS_CCPSR_LO_SOF) { 533 /* h/w dropped descriptor */ 534 dev_err(dev, "single fetch fifo overflow error\n"); 535 error = -EAGAIN; 536 } 537 if (v_lo & TALITOS_CCPSR_LO_MDTE) 538 dev_err(dev, "master data transfer error\n"); 539 if (v_lo & TALITOS_CCPSR_LO_SGDLZ) 540 dev_err(dev, "s/g data length zero error\n"); 541 if (v_lo & TALITOS_CCPSR_LO_FPZ) 542 dev_err(dev, "fetch pointer zero error\n"); 543 if (v_lo & TALITOS_CCPSR_LO_IDH) 544 dev_err(dev, "illegal descriptor header error\n"); 545 if (v_lo & TALITOS_CCPSR_LO_IEU) 546 dev_err(dev, "invalid execution unit error\n"); 547 if (v_lo & TALITOS_CCPSR_LO_EU) 548 report_eu_error(dev, ch, current_desc(dev, ch)); 549 if (v_lo & TALITOS_CCPSR_LO_GB) 550 dev_err(dev, "gather boundary error\n"); 551 if (v_lo & TALITOS_CCPSR_LO_GRL) 552 dev_err(dev, "gather return/length error\n"); 553 if (v_lo & TALITOS_CCPSR_LO_SB) 554 dev_err(dev, "scatter boundary error\n"); 555 if (v_lo & TALITOS_CCPSR_LO_SRL) 556 dev_err(dev, "scatter return/length error\n"); 557 558 flush_channel(dev, ch, error, reset_ch); 559 560 if (reset_ch) { 561 reset_channel(dev, ch); 562 } else { 563 setbits32(priv->reg + TALITOS_CCCR(ch), 564 TALITOS_CCCR_CONT); 565 setbits32(priv->reg + TALITOS_CCCR_LO(ch), 0); 566 while ((in_be32(priv->reg + TALITOS_CCCR(ch)) & 567 TALITOS_CCCR_CONT) && --timeout) 568 cpu_relax(); 569 if (timeout == 0) { 570 dev_err(dev, "failed to restart channel %d\n", 571 ch); 572 reset_dev = 1; 573 } 574 } 575 } 576 if (reset_dev || isr & ~TALITOS_ISR_CHERR || isr_lo) { 577 dev_err(dev, "done overflow, internal time out, or rngu error: " 578 "ISR 0x%08x_%08x\n", isr, isr_lo); 579 580 /* purge request queues */ 581 for (ch = 0; ch < priv->num_channels; ch++) 582 flush_channel(dev, ch, -EIO, 1); 583 584 /* reset and reinitialize the device */ 585 init_device(dev); 586 } 587 } 588 589 static irqreturn_t talitos_interrupt(int irq, void *data) 590 { 591 struct device *dev = data; 592 struct talitos_private *priv = dev_get_drvdata(dev); 593 u32 isr, isr_lo; 594 595 isr = in_be32(priv->reg + TALITOS_ISR); 596 isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); 597 /* Acknowledge interrupt */ 598 out_be32(priv->reg + TALITOS_ICR, isr); 599 out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); 600 601 if (unlikely((isr & ~TALITOS_ISR_CHDONE) || isr_lo)) 602 talitos_error((unsigned long)data, isr, isr_lo); 603 else 604 if (likely(isr & TALITOS_ISR_CHDONE)) { 605 /* mask further done interrupts. */ 606 clrbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_DONE); 607 /* done_task will unmask done interrupts at exit */ 608 tasklet_schedule(&priv->done_task); 609 } 610 611 return (isr || isr_lo) ? IRQ_HANDLED : IRQ_NONE; 612 } 613 614 /* 615 * hwrng 616 */ 617 static int talitos_rng_data_present(struct hwrng *rng, int wait) 618 { 619 struct device *dev = (struct device *)rng->priv; 620 struct talitos_private *priv = dev_get_drvdata(dev); 621 u32 ofl; 622 int i; 623 624 for (i = 0; i < 20; i++) { 625 ofl = in_be32(priv->reg + TALITOS_RNGUSR_LO) & 626 TALITOS_RNGUSR_LO_OFL; 627 if (ofl || !wait) 628 break; 629 udelay(10); 630 } 631 632 return !!ofl; 633 } 634 635 static int talitos_rng_data_read(struct hwrng *rng, u32 *data) 636 { 637 struct device *dev = (struct device *)rng->priv; 638 struct talitos_private *priv = dev_get_drvdata(dev); 639 640 /* rng fifo requires 64-bit accesses */ 641 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO); 642 *data = in_be32(priv->reg + TALITOS_RNGU_FIFO_LO); 643 644 return sizeof(u32); 645 } 646 647 static int talitos_rng_init(struct hwrng *rng) 648 { 649 struct device *dev = (struct device *)rng->priv; 650 struct talitos_private *priv = dev_get_drvdata(dev); 651 unsigned int timeout = TALITOS_TIMEOUT; 652 653 setbits32(priv->reg + TALITOS_RNGURCR_LO, TALITOS_RNGURCR_LO_SR); 654 while (!(in_be32(priv->reg + TALITOS_RNGUSR_LO) & TALITOS_RNGUSR_LO_RD) 655 && --timeout) 656 cpu_relax(); 657 if (timeout == 0) { 658 dev_err(dev, "failed to reset rng hw\n"); 659 return -ENODEV; 660 } 661 662 /* start generating */ 663 setbits32(priv->reg + TALITOS_RNGUDSR_LO, 0); 664 665 return 0; 666 } 667 668 static int talitos_register_rng(struct device *dev) 669 { 670 struct talitos_private *priv = dev_get_drvdata(dev); 671 672 priv->rng.name = dev_driver_string(dev), 673 priv->rng.init = talitos_rng_init, 674 priv->rng.data_present = talitos_rng_data_present, 675 priv->rng.data_read = talitos_rng_data_read, 676 priv->rng.priv = (unsigned long)dev; 677 678 return hwrng_register(&priv->rng); 679 } 680 681 static void talitos_unregister_rng(struct device *dev) 682 { 683 struct talitos_private *priv = dev_get_drvdata(dev); 684 685 hwrng_unregister(&priv->rng); 686 } 687 688 /* 689 * crypto alg 690 */ 691 #define TALITOS_CRA_PRIORITY 3000 692 #define TALITOS_MAX_KEY_SIZE 64 693 #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */ 694 695 #define MD5_DIGEST_SIZE 16 696 697 struct talitos_ctx { 698 struct device *dev; 699 __be32 desc_hdr_template; 700 u8 key[TALITOS_MAX_KEY_SIZE]; 701 u8 iv[TALITOS_MAX_IV_LENGTH]; 702 unsigned int keylen; 703 unsigned int enckeylen; 704 unsigned int authkeylen; 705 unsigned int authsize; 706 }; 707 708 static int aead_setauthsize(struct crypto_aead *authenc, 709 unsigned int authsize) 710 { 711 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 712 713 ctx->authsize = authsize; 714 715 return 0; 716 } 717 718 static int aead_setkey(struct crypto_aead *authenc, 719 const u8 *key, unsigned int keylen) 720 { 721 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 722 struct rtattr *rta = (void *)key; 723 struct crypto_authenc_key_param *param; 724 unsigned int authkeylen; 725 unsigned int enckeylen; 726 727 if (!RTA_OK(rta, keylen)) 728 goto badkey; 729 730 if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM) 731 goto badkey; 732 733 if (RTA_PAYLOAD(rta) < sizeof(*param)) 734 goto badkey; 735 736 param = RTA_DATA(rta); 737 enckeylen = be32_to_cpu(param->enckeylen); 738 739 key += RTA_ALIGN(rta->rta_len); 740 keylen -= RTA_ALIGN(rta->rta_len); 741 742 if (keylen < enckeylen) 743 goto badkey; 744 745 authkeylen = keylen - enckeylen; 746 747 if (keylen > TALITOS_MAX_KEY_SIZE) 748 goto badkey; 749 750 memcpy(&ctx->key, key, keylen); 751 752 ctx->keylen = keylen; 753 ctx->enckeylen = enckeylen; 754 ctx->authkeylen = authkeylen; 755 756 return 0; 757 758 badkey: 759 crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN); 760 return -EINVAL; 761 } 762 763 /* 764 * talitos_edesc - s/w-extended descriptor 765 * @src_nents: number of segments in input scatterlist 766 * @dst_nents: number of segments in output scatterlist 767 * @dma_len: length of dma mapped link_tbl space 768 * @dma_link_tbl: bus physical address of link_tbl 769 * @desc: h/w descriptor 770 * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1) 771 * 772 * if decrypting (with authcheck), or either one of src_nents or dst_nents 773 * is greater than 1, an integrity check value is concatenated to the end 774 * of link_tbl data 775 */ 776 struct talitos_edesc { 777 int src_nents; 778 int dst_nents; 779 int src_is_chained; 780 int dst_is_chained; 781 int dma_len; 782 dma_addr_t dma_link_tbl; 783 struct talitos_desc desc; 784 struct talitos_ptr link_tbl[0]; 785 }; 786 787 static int talitos_map_sg(struct device *dev, struct scatterlist *sg, 788 unsigned int nents, enum dma_data_direction dir, 789 int chained) 790 { 791 if (unlikely(chained)) 792 while (sg) { 793 dma_map_sg(dev, sg, 1, dir); 794 sg = scatterwalk_sg_next(sg); 795 } 796 else 797 dma_map_sg(dev, sg, nents, dir); 798 return nents; 799 } 800 801 static void talitos_unmap_sg_chain(struct device *dev, struct scatterlist *sg, 802 enum dma_data_direction dir) 803 { 804 while (sg) { 805 dma_unmap_sg(dev, sg, 1, dir); 806 sg = scatterwalk_sg_next(sg); 807 } 808 } 809 810 static void talitos_sg_unmap(struct device *dev, 811 struct talitos_edesc *edesc, 812 struct scatterlist *src, 813 struct scatterlist *dst) 814 { 815 unsigned int src_nents = edesc->src_nents ? : 1; 816 unsigned int dst_nents = edesc->dst_nents ? : 1; 817 818 if (src != dst) { 819 if (edesc->src_is_chained) 820 talitos_unmap_sg_chain(dev, src, DMA_TO_DEVICE); 821 else 822 dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE); 823 824 if (edesc->dst_is_chained) 825 talitos_unmap_sg_chain(dev, dst, DMA_FROM_DEVICE); 826 else 827 dma_unmap_sg(dev, dst, dst_nents, DMA_FROM_DEVICE); 828 } else 829 if (edesc->src_is_chained) 830 talitos_unmap_sg_chain(dev, src, DMA_BIDIRECTIONAL); 831 else 832 dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL); 833 } 834 835 static void ipsec_esp_unmap(struct device *dev, 836 struct talitos_edesc *edesc, 837 struct aead_request *areq) 838 { 839 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6], DMA_FROM_DEVICE); 840 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[3], DMA_TO_DEVICE); 841 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE); 842 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[0], DMA_TO_DEVICE); 843 844 dma_unmap_sg(dev, areq->assoc, 1, DMA_TO_DEVICE); 845 846 talitos_sg_unmap(dev, edesc, areq->src, areq->dst); 847 848 if (edesc->dma_len) 849 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 850 DMA_BIDIRECTIONAL); 851 } 852 853 /* 854 * ipsec_esp descriptor callbacks 855 */ 856 static void ipsec_esp_encrypt_done(struct device *dev, 857 struct talitos_desc *desc, void *context, 858 int err) 859 { 860 struct aead_request *areq = context; 861 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 862 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 863 struct talitos_edesc *edesc; 864 struct scatterlist *sg; 865 void *icvdata; 866 867 edesc = container_of(desc, struct talitos_edesc, desc); 868 869 ipsec_esp_unmap(dev, edesc, areq); 870 871 /* copy the generated ICV to dst */ 872 if (edesc->dma_len) { 873 icvdata = &edesc->link_tbl[edesc->src_nents + 874 edesc->dst_nents + 2]; 875 sg = sg_last(areq->dst, edesc->dst_nents); 876 memcpy((char *)sg_virt(sg) + sg->length - ctx->authsize, 877 icvdata, ctx->authsize); 878 } 879 880 kfree(edesc); 881 882 aead_request_complete(areq, err); 883 } 884 885 static void ipsec_esp_decrypt_swauth_done(struct device *dev, 886 struct talitos_desc *desc, 887 void *context, int err) 888 { 889 struct aead_request *req = context; 890 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 891 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 892 struct talitos_edesc *edesc; 893 struct scatterlist *sg; 894 void *icvdata; 895 896 edesc = container_of(desc, struct talitos_edesc, desc); 897 898 ipsec_esp_unmap(dev, edesc, req); 899 900 if (!err) { 901 /* auth check */ 902 if (edesc->dma_len) 903 icvdata = &edesc->link_tbl[edesc->src_nents + 904 edesc->dst_nents + 2]; 905 else 906 icvdata = &edesc->link_tbl[0]; 907 908 sg = sg_last(req->dst, edesc->dst_nents ? : 1); 909 err = memcmp(icvdata, (char *)sg_virt(sg) + sg->length - 910 ctx->authsize, ctx->authsize) ? -EBADMSG : 0; 911 } 912 913 kfree(edesc); 914 915 aead_request_complete(req, err); 916 } 917 918 static void ipsec_esp_decrypt_hwauth_done(struct device *dev, 919 struct talitos_desc *desc, 920 void *context, int err) 921 { 922 struct aead_request *req = context; 923 struct talitos_edesc *edesc; 924 925 edesc = container_of(desc, struct talitos_edesc, desc); 926 927 ipsec_esp_unmap(dev, edesc, req); 928 929 /* check ICV auth status */ 930 if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) != 931 DESC_HDR_LO_ICCR1_PASS)) 932 err = -EBADMSG; 933 934 kfree(edesc); 935 936 aead_request_complete(req, err); 937 } 938 939 /* 940 * convert scatterlist to SEC h/w link table format 941 * stop at cryptlen bytes 942 */ 943 static int sg_to_link_tbl(struct scatterlist *sg, int sg_count, 944 int cryptlen, struct talitos_ptr *link_tbl_ptr) 945 { 946 int n_sg = sg_count; 947 948 while (n_sg--) { 949 to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg)); 950 link_tbl_ptr->len = cpu_to_be16(sg_dma_len(sg)); 951 link_tbl_ptr->j_extent = 0; 952 link_tbl_ptr++; 953 cryptlen -= sg_dma_len(sg); 954 sg = scatterwalk_sg_next(sg); 955 } 956 957 /* adjust (decrease) last one (or two) entry's len to cryptlen */ 958 link_tbl_ptr--; 959 while (be16_to_cpu(link_tbl_ptr->len) <= (-cryptlen)) { 960 /* Empty this entry, and move to previous one */ 961 cryptlen += be16_to_cpu(link_tbl_ptr->len); 962 link_tbl_ptr->len = 0; 963 sg_count--; 964 link_tbl_ptr--; 965 } 966 link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len) 967 + cryptlen); 968 969 /* tag end of link table */ 970 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; 971 972 return sg_count; 973 } 974 975 /* 976 * fill in and submit ipsec_esp descriptor 977 */ 978 static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq, 979 u8 *giv, u64 seq, 980 void (*callback) (struct device *dev, 981 struct talitos_desc *desc, 982 void *context, int error)) 983 { 984 struct crypto_aead *aead = crypto_aead_reqtfm(areq); 985 struct talitos_ctx *ctx = crypto_aead_ctx(aead); 986 struct device *dev = ctx->dev; 987 struct talitos_desc *desc = &edesc->desc; 988 unsigned int cryptlen = areq->cryptlen; 989 unsigned int authsize = ctx->authsize; 990 unsigned int ivsize = crypto_aead_ivsize(aead); 991 int sg_count, ret; 992 int sg_link_tbl_len; 993 994 /* hmac key */ 995 map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key, 996 0, DMA_TO_DEVICE); 997 /* hmac data */ 998 map_single_talitos_ptr(dev, &desc->ptr[1], areq->assoclen + ivsize, 999 sg_virt(areq->assoc), 0, DMA_TO_DEVICE); 1000 /* cipher iv */ 1001 map_single_talitos_ptr(dev, &desc->ptr[2], ivsize, giv ?: areq->iv, 0, 1002 DMA_TO_DEVICE); 1003 1004 /* cipher key */ 1005 map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen, 1006 (char *)&ctx->key + ctx->authkeylen, 0, 1007 DMA_TO_DEVICE); 1008 1009 /* 1010 * cipher in 1011 * map and adjust cipher len to aead request cryptlen. 1012 * extent is bytes of HMAC postpended to ciphertext, 1013 * typically 12 for ipsec 1014 */ 1015 desc->ptr[4].len = cpu_to_be16(cryptlen); 1016 desc->ptr[4].j_extent = authsize; 1017 1018 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1, 1019 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL 1020 : DMA_TO_DEVICE, 1021 edesc->src_is_chained); 1022 1023 if (sg_count == 1) { 1024 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->src)); 1025 } else { 1026 sg_link_tbl_len = cryptlen; 1027 1028 if (edesc->desc.hdr & DESC_HDR_MODE1_MDEU_CICV) 1029 sg_link_tbl_len = cryptlen + authsize; 1030 1031 sg_count = sg_to_link_tbl(areq->src, sg_count, sg_link_tbl_len, 1032 &edesc->link_tbl[0]); 1033 if (sg_count > 1) { 1034 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; 1035 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl); 1036 dma_sync_single_for_device(dev, edesc->dma_link_tbl, 1037 edesc->dma_len, 1038 DMA_BIDIRECTIONAL); 1039 } else { 1040 /* Only one segment now, so no link tbl needed */ 1041 to_talitos_ptr(&desc->ptr[4], 1042 sg_dma_address(areq->src)); 1043 } 1044 } 1045 1046 /* cipher out */ 1047 desc->ptr[5].len = cpu_to_be16(cryptlen); 1048 desc->ptr[5].j_extent = authsize; 1049 1050 if (areq->src != areq->dst) 1051 sg_count = talitos_map_sg(dev, areq->dst, 1052 edesc->dst_nents ? : 1, 1053 DMA_FROM_DEVICE, 1054 edesc->dst_is_chained); 1055 1056 if (sg_count == 1) { 1057 to_talitos_ptr(&desc->ptr[5], sg_dma_address(areq->dst)); 1058 } else { 1059 struct talitos_ptr *link_tbl_ptr = 1060 &edesc->link_tbl[edesc->src_nents + 1]; 1061 1062 to_talitos_ptr(&desc->ptr[5], edesc->dma_link_tbl + 1063 (edesc->src_nents + 1) * 1064 sizeof(struct talitos_ptr)); 1065 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, 1066 link_tbl_ptr); 1067 1068 /* Add an entry to the link table for ICV data */ 1069 link_tbl_ptr += sg_count - 1; 1070 link_tbl_ptr->j_extent = 0; 1071 sg_count++; 1072 link_tbl_ptr++; 1073 link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; 1074 link_tbl_ptr->len = cpu_to_be16(authsize); 1075 1076 /* icv data follows link tables */ 1077 to_talitos_ptr(link_tbl_ptr, edesc->dma_link_tbl + 1078 (edesc->src_nents + edesc->dst_nents + 2) * 1079 sizeof(struct talitos_ptr)); 1080 desc->ptr[5].j_extent |= DESC_PTR_LNKTBL_JUMP; 1081 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, 1082 edesc->dma_len, DMA_BIDIRECTIONAL); 1083 } 1084 1085 /* iv out */ 1086 map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, 0, 1087 DMA_FROM_DEVICE); 1088 1089 ret = talitos_submit(dev, desc, callback, areq); 1090 if (ret != -EINPROGRESS) { 1091 ipsec_esp_unmap(dev, edesc, areq); 1092 kfree(edesc); 1093 } 1094 return ret; 1095 } 1096 1097 /* 1098 * derive number of elements in scatterlist 1099 */ 1100 static int sg_count(struct scatterlist *sg_list, int nbytes, int *chained) 1101 { 1102 struct scatterlist *sg = sg_list; 1103 int sg_nents = 0; 1104 1105 *chained = 0; 1106 while (nbytes > 0) { 1107 sg_nents++; 1108 nbytes -= sg->length; 1109 if (!sg_is_last(sg) && (sg + 1)->length == 0) 1110 *chained = 1; 1111 sg = scatterwalk_sg_next(sg); 1112 } 1113 1114 return sg_nents; 1115 } 1116 1117 /* 1118 * allocate and map the extended descriptor 1119 */ 1120 static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, 1121 struct scatterlist *src, 1122 struct scatterlist *dst, 1123 unsigned int cryptlen, 1124 unsigned int authsize, 1125 int icv_stashing, 1126 u32 cryptoflags) 1127 { 1128 struct talitos_edesc *edesc; 1129 int src_nents, dst_nents, alloc_len, dma_len; 1130 int src_chained, dst_chained = 0; 1131 gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : 1132 GFP_ATOMIC; 1133 1134 if (cryptlen + authsize > TALITOS_MAX_DATA_LEN) { 1135 dev_err(dev, "length exceeds h/w max limit\n"); 1136 return ERR_PTR(-EINVAL); 1137 } 1138 1139 src_nents = sg_count(src, cryptlen + authsize, &src_chained); 1140 src_nents = (src_nents == 1) ? 0 : src_nents; 1141 1142 if (dst == src) { 1143 dst_nents = src_nents; 1144 } else { 1145 dst_nents = sg_count(dst, cryptlen + authsize, &dst_chained); 1146 dst_nents = (dst_nents == 1) ? 0 : dst_nents; 1147 } 1148 1149 /* 1150 * allocate space for base edesc plus the link tables, 1151 * allowing for two separate entries for ICV and generated ICV (+ 2), 1152 * and the ICV data itself 1153 */ 1154 alloc_len = sizeof(struct talitos_edesc); 1155 if (src_nents || dst_nents) { 1156 dma_len = (src_nents + dst_nents + 2) * 1157 sizeof(struct talitos_ptr) + authsize; 1158 alloc_len += dma_len; 1159 } else { 1160 dma_len = 0; 1161 alloc_len += icv_stashing ? authsize : 0; 1162 } 1163 1164 edesc = kmalloc(alloc_len, GFP_DMA | flags); 1165 if (!edesc) { 1166 dev_err(dev, "could not allocate edescriptor\n"); 1167 return ERR_PTR(-ENOMEM); 1168 } 1169 1170 edesc->src_nents = src_nents; 1171 edesc->dst_nents = dst_nents; 1172 edesc->src_is_chained = src_chained; 1173 edesc->dst_is_chained = dst_chained; 1174 edesc->dma_len = dma_len; 1175 edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0], 1176 edesc->dma_len, DMA_BIDIRECTIONAL); 1177 1178 return edesc; 1179 } 1180 1181 static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, 1182 int icv_stashing) 1183 { 1184 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 1185 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1186 1187 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, 1188 areq->cryptlen, ctx->authsize, icv_stashing, 1189 areq->base.flags); 1190 } 1191 1192 static int aead_encrypt(struct aead_request *req) 1193 { 1194 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 1195 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1196 struct talitos_edesc *edesc; 1197 1198 /* allocate extended descriptor */ 1199 edesc = aead_edesc_alloc(req, 0); 1200 if (IS_ERR(edesc)) 1201 return PTR_ERR(edesc); 1202 1203 /* set encrypt */ 1204 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1205 1206 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_encrypt_done); 1207 } 1208 1209 static int aead_decrypt(struct aead_request *req) 1210 { 1211 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 1212 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1213 unsigned int authsize = ctx->authsize; 1214 struct talitos_private *priv = dev_get_drvdata(ctx->dev); 1215 struct talitos_edesc *edesc; 1216 struct scatterlist *sg; 1217 void *icvdata; 1218 1219 req->cryptlen -= authsize; 1220 1221 /* allocate extended descriptor */ 1222 edesc = aead_edesc_alloc(req, 1); 1223 if (IS_ERR(edesc)) 1224 return PTR_ERR(edesc); 1225 1226 if ((priv->features & TALITOS_FTR_HW_AUTH_CHECK) && 1227 ((!edesc->src_nents && !edesc->dst_nents) || 1228 priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) { 1229 1230 /* decrypt and check the ICV */ 1231 edesc->desc.hdr = ctx->desc_hdr_template | 1232 DESC_HDR_DIR_INBOUND | 1233 DESC_HDR_MODE1_MDEU_CICV; 1234 1235 /* reset integrity check result bits */ 1236 edesc->desc.hdr_lo = 0; 1237 1238 return ipsec_esp(edesc, req, NULL, 0, 1239 ipsec_esp_decrypt_hwauth_done); 1240 1241 } 1242 1243 /* Have to check the ICV with software */ 1244 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND; 1245 1246 /* stash incoming ICV for later cmp with ICV generated by the h/w */ 1247 if (edesc->dma_len) 1248 icvdata = &edesc->link_tbl[edesc->src_nents + 1249 edesc->dst_nents + 2]; 1250 else 1251 icvdata = &edesc->link_tbl[0]; 1252 1253 sg = sg_last(req->src, edesc->src_nents ? : 1); 1254 1255 memcpy(icvdata, (char *)sg_virt(sg) + sg->length - ctx->authsize, 1256 ctx->authsize); 1257 1258 return ipsec_esp(edesc, req, NULL, 0, ipsec_esp_decrypt_swauth_done); 1259 } 1260 1261 static int aead_givencrypt(struct aead_givcrypt_request *req) 1262 { 1263 struct aead_request *areq = &req->areq; 1264 struct crypto_aead *authenc = crypto_aead_reqtfm(areq); 1265 struct talitos_ctx *ctx = crypto_aead_ctx(authenc); 1266 struct talitos_edesc *edesc; 1267 1268 /* allocate extended descriptor */ 1269 edesc = aead_edesc_alloc(areq, 0); 1270 if (IS_ERR(edesc)) 1271 return PTR_ERR(edesc); 1272 1273 /* set encrypt */ 1274 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1275 1276 memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc)); 1277 /* avoid consecutive packets going out with same IV */ 1278 *(__be64 *)req->giv ^= cpu_to_be64(req->seq); 1279 1280 return ipsec_esp(edesc, areq, req->giv, req->seq, 1281 ipsec_esp_encrypt_done); 1282 } 1283 1284 static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, 1285 const u8 *key, unsigned int keylen) 1286 { 1287 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1288 struct ablkcipher_alg *alg = crypto_ablkcipher_alg(cipher); 1289 1290 if (keylen > TALITOS_MAX_KEY_SIZE) 1291 goto badkey; 1292 1293 if (keylen < alg->min_keysize || keylen > alg->max_keysize) 1294 goto badkey; 1295 1296 memcpy(&ctx->key, key, keylen); 1297 ctx->keylen = keylen; 1298 1299 return 0; 1300 1301 badkey: 1302 crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); 1303 return -EINVAL; 1304 } 1305 1306 static void common_nonsnoop_unmap(struct device *dev, 1307 struct talitos_edesc *edesc, 1308 struct ablkcipher_request *areq) 1309 { 1310 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE); 1311 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE); 1312 unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE); 1313 1314 talitos_sg_unmap(dev, edesc, areq->src, areq->dst); 1315 1316 if (edesc->dma_len) 1317 dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len, 1318 DMA_BIDIRECTIONAL); 1319 } 1320 1321 static void ablkcipher_done(struct device *dev, 1322 struct talitos_desc *desc, void *context, 1323 int err) 1324 { 1325 struct ablkcipher_request *areq = context; 1326 struct talitos_edesc *edesc; 1327 1328 edesc = container_of(desc, struct talitos_edesc, desc); 1329 1330 common_nonsnoop_unmap(dev, edesc, areq); 1331 1332 kfree(edesc); 1333 1334 areq->base.complete(&areq->base, err); 1335 } 1336 1337 static int common_nonsnoop(struct talitos_edesc *edesc, 1338 struct ablkcipher_request *areq, 1339 u8 *giv, 1340 void (*callback) (struct device *dev, 1341 struct talitos_desc *desc, 1342 void *context, int error)) 1343 { 1344 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1345 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1346 struct device *dev = ctx->dev; 1347 struct talitos_desc *desc = &edesc->desc; 1348 unsigned int cryptlen = areq->nbytes; 1349 unsigned int ivsize; 1350 int sg_count, ret; 1351 1352 /* first DWORD empty */ 1353 desc->ptr[0].len = 0; 1354 to_talitos_ptr(&desc->ptr[0], 0); 1355 desc->ptr[0].j_extent = 0; 1356 1357 /* cipher iv */ 1358 ivsize = crypto_ablkcipher_ivsize(cipher); 1359 map_single_talitos_ptr(dev, &desc->ptr[1], ivsize, giv ?: areq->info, 0, 1360 DMA_TO_DEVICE); 1361 1362 /* cipher key */ 1363 map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen, 1364 (char *)&ctx->key, 0, DMA_TO_DEVICE); 1365 1366 /* 1367 * cipher in 1368 */ 1369 desc->ptr[3].len = cpu_to_be16(cryptlen); 1370 desc->ptr[3].j_extent = 0; 1371 1372 sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1, 1373 (areq->src == areq->dst) ? DMA_BIDIRECTIONAL 1374 : DMA_TO_DEVICE, 1375 edesc->src_is_chained); 1376 1377 if (sg_count == 1) { 1378 to_talitos_ptr(&desc->ptr[3], sg_dma_address(areq->src)); 1379 } else { 1380 sg_count = sg_to_link_tbl(areq->src, sg_count, cryptlen, 1381 &edesc->link_tbl[0]); 1382 if (sg_count > 1) { 1383 to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl); 1384 desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP; 1385 dma_sync_single_for_device(dev, edesc->dma_link_tbl, 1386 edesc->dma_len, 1387 DMA_BIDIRECTIONAL); 1388 } else { 1389 /* Only one segment now, so no link tbl needed */ 1390 to_talitos_ptr(&desc->ptr[3], 1391 sg_dma_address(areq->src)); 1392 } 1393 } 1394 1395 /* cipher out */ 1396 desc->ptr[4].len = cpu_to_be16(cryptlen); 1397 desc->ptr[4].j_extent = 0; 1398 1399 if (areq->src != areq->dst) 1400 sg_count = talitos_map_sg(dev, areq->dst, 1401 edesc->dst_nents ? : 1, 1402 DMA_FROM_DEVICE, 1403 edesc->dst_is_chained); 1404 1405 if (sg_count == 1) { 1406 to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->dst)); 1407 } else { 1408 struct talitos_ptr *link_tbl_ptr = 1409 &edesc->link_tbl[edesc->src_nents + 1]; 1410 1411 to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl + 1412 (edesc->src_nents + 1) * 1413 sizeof(struct talitos_ptr)); 1414 desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP; 1415 sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen, 1416 link_tbl_ptr); 1417 dma_sync_single_for_device(ctx->dev, edesc->dma_link_tbl, 1418 edesc->dma_len, DMA_BIDIRECTIONAL); 1419 } 1420 1421 /* iv out */ 1422 map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv, 0, 1423 DMA_FROM_DEVICE); 1424 1425 /* last DWORD empty */ 1426 desc->ptr[6].len = 0; 1427 to_talitos_ptr(&desc->ptr[6], 0); 1428 desc->ptr[6].j_extent = 0; 1429 1430 ret = talitos_submit(dev, desc, callback, areq); 1431 if (ret != -EINPROGRESS) { 1432 common_nonsnoop_unmap(dev, edesc, areq); 1433 kfree(edesc); 1434 } 1435 return ret; 1436 } 1437 1438 static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request * 1439 areq) 1440 { 1441 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1442 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1443 1444 return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst, areq->nbytes, 1445 0, 0, areq->base.flags); 1446 } 1447 1448 static int ablkcipher_encrypt(struct ablkcipher_request *areq) 1449 { 1450 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1451 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1452 struct talitos_edesc *edesc; 1453 1454 /* allocate extended descriptor */ 1455 edesc = ablkcipher_edesc_alloc(areq); 1456 if (IS_ERR(edesc)) 1457 return PTR_ERR(edesc); 1458 1459 /* set encrypt */ 1460 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; 1461 1462 return common_nonsnoop(edesc, areq, NULL, ablkcipher_done); 1463 } 1464 1465 static int ablkcipher_decrypt(struct ablkcipher_request *areq) 1466 { 1467 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); 1468 struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); 1469 struct talitos_edesc *edesc; 1470 1471 /* allocate extended descriptor */ 1472 edesc = ablkcipher_edesc_alloc(areq); 1473 if (IS_ERR(edesc)) 1474 return PTR_ERR(edesc); 1475 1476 edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND; 1477 1478 return common_nonsnoop(edesc, areq, NULL, ablkcipher_done); 1479 } 1480 1481 struct talitos_alg_template { 1482 struct crypto_alg alg; 1483 __be32 desc_hdr_template; 1484 }; 1485 1486 static struct talitos_alg_template driver_algs[] = { 1487 /* AEAD algorithms. These use a single-pass ipsec_esp descriptor */ 1488 { 1489 .alg = { 1490 .cra_name = "authenc(hmac(sha1),cbc(aes))", 1491 .cra_driver_name = "authenc-hmac-sha1-cbc-aes-talitos", 1492 .cra_blocksize = AES_BLOCK_SIZE, 1493 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1494 .cra_type = &crypto_aead_type, 1495 .cra_aead = { 1496 .setkey = aead_setkey, 1497 .setauthsize = aead_setauthsize, 1498 .encrypt = aead_encrypt, 1499 .decrypt = aead_decrypt, 1500 .givencrypt = aead_givencrypt, 1501 .geniv = "<built-in>", 1502 .ivsize = AES_BLOCK_SIZE, 1503 .maxauthsize = SHA1_DIGEST_SIZE, 1504 } 1505 }, 1506 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1507 DESC_HDR_SEL0_AESU | 1508 DESC_HDR_MODE0_AESU_CBC | 1509 DESC_HDR_SEL1_MDEUA | 1510 DESC_HDR_MODE1_MDEU_INIT | 1511 DESC_HDR_MODE1_MDEU_PAD | 1512 DESC_HDR_MODE1_MDEU_SHA1_HMAC, 1513 }, 1514 { 1515 .alg = { 1516 .cra_name = "authenc(hmac(sha1),cbc(des3_ede))", 1517 .cra_driver_name = "authenc-hmac-sha1-cbc-3des-talitos", 1518 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1519 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1520 .cra_type = &crypto_aead_type, 1521 .cra_aead = { 1522 .setkey = aead_setkey, 1523 .setauthsize = aead_setauthsize, 1524 .encrypt = aead_encrypt, 1525 .decrypt = aead_decrypt, 1526 .givencrypt = aead_givencrypt, 1527 .geniv = "<built-in>", 1528 .ivsize = DES3_EDE_BLOCK_SIZE, 1529 .maxauthsize = SHA1_DIGEST_SIZE, 1530 } 1531 }, 1532 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1533 DESC_HDR_SEL0_DEU | 1534 DESC_HDR_MODE0_DEU_CBC | 1535 DESC_HDR_MODE0_DEU_3DES | 1536 DESC_HDR_SEL1_MDEUA | 1537 DESC_HDR_MODE1_MDEU_INIT | 1538 DESC_HDR_MODE1_MDEU_PAD | 1539 DESC_HDR_MODE1_MDEU_SHA1_HMAC, 1540 }, 1541 { 1542 .alg = { 1543 .cra_name = "authenc(hmac(sha256),cbc(aes))", 1544 .cra_driver_name = "authenc-hmac-sha256-cbc-aes-talitos", 1545 .cra_blocksize = AES_BLOCK_SIZE, 1546 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1547 .cra_type = &crypto_aead_type, 1548 .cra_aead = { 1549 .setkey = aead_setkey, 1550 .setauthsize = aead_setauthsize, 1551 .encrypt = aead_encrypt, 1552 .decrypt = aead_decrypt, 1553 .givencrypt = aead_givencrypt, 1554 .geniv = "<built-in>", 1555 .ivsize = AES_BLOCK_SIZE, 1556 .maxauthsize = SHA256_DIGEST_SIZE, 1557 } 1558 }, 1559 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1560 DESC_HDR_SEL0_AESU | 1561 DESC_HDR_MODE0_AESU_CBC | 1562 DESC_HDR_SEL1_MDEUA | 1563 DESC_HDR_MODE1_MDEU_INIT | 1564 DESC_HDR_MODE1_MDEU_PAD | 1565 DESC_HDR_MODE1_MDEU_SHA256_HMAC, 1566 }, 1567 { 1568 .alg = { 1569 .cra_name = "authenc(hmac(sha256),cbc(des3_ede))", 1570 .cra_driver_name = "authenc-hmac-sha256-cbc-3des-talitos", 1571 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1572 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1573 .cra_type = &crypto_aead_type, 1574 .cra_aead = { 1575 .setkey = aead_setkey, 1576 .setauthsize = aead_setauthsize, 1577 .encrypt = aead_encrypt, 1578 .decrypt = aead_decrypt, 1579 .givencrypt = aead_givencrypt, 1580 .geniv = "<built-in>", 1581 .ivsize = DES3_EDE_BLOCK_SIZE, 1582 .maxauthsize = SHA256_DIGEST_SIZE, 1583 } 1584 }, 1585 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1586 DESC_HDR_SEL0_DEU | 1587 DESC_HDR_MODE0_DEU_CBC | 1588 DESC_HDR_MODE0_DEU_3DES | 1589 DESC_HDR_SEL1_MDEUA | 1590 DESC_HDR_MODE1_MDEU_INIT | 1591 DESC_HDR_MODE1_MDEU_PAD | 1592 DESC_HDR_MODE1_MDEU_SHA256_HMAC, 1593 }, 1594 { 1595 .alg = { 1596 .cra_name = "authenc(hmac(md5),cbc(aes))", 1597 .cra_driver_name = "authenc-hmac-md5-cbc-aes-talitos", 1598 .cra_blocksize = AES_BLOCK_SIZE, 1599 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1600 .cra_type = &crypto_aead_type, 1601 .cra_aead = { 1602 .setkey = aead_setkey, 1603 .setauthsize = aead_setauthsize, 1604 .encrypt = aead_encrypt, 1605 .decrypt = aead_decrypt, 1606 .givencrypt = aead_givencrypt, 1607 .geniv = "<built-in>", 1608 .ivsize = AES_BLOCK_SIZE, 1609 .maxauthsize = MD5_DIGEST_SIZE, 1610 } 1611 }, 1612 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1613 DESC_HDR_SEL0_AESU | 1614 DESC_HDR_MODE0_AESU_CBC | 1615 DESC_HDR_SEL1_MDEUA | 1616 DESC_HDR_MODE1_MDEU_INIT | 1617 DESC_HDR_MODE1_MDEU_PAD | 1618 DESC_HDR_MODE1_MDEU_MD5_HMAC, 1619 }, 1620 { 1621 .alg = { 1622 .cra_name = "authenc(hmac(md5),cbc(des3_ede))", 1623 .cra_driver_name = "authenc-hmac-md5-cbc-3des-talitos", 1624 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1625 .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, 1626 .cra_type = &crypto_aead_type, 1627 .cra_aead = { 1628 .setkey = aead_setkey, 1629 .setauthsize = aead_setauthsize, 1630 .encrypt = aead_encrypt, 1631 .decrypt = aead_decrypt, 1632 .givencrypt = aead_givencrypt, 1633 .geniv = "<built-in>", 1634 .ivsize = DES3_EDE_BLOCK_SIZE, 1635 .maxauthsize = MD5_DIGEST_SIZE, 1636 } 1637 }, 1638 .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP | 1639 DESC_HDR_SEL0_DEU | 1640 DESC_HDR_MODE0_DEU_CBC | 1641 DESC_HDR_MODE0_DEU_3DES | 1642 DESC_HDR_SEL1_MDEUA | 1643 DESC_HDR_MODE1_MDEU_INIT | 1644 DESC_HDR_MODE1_MDEU_PAD | 1645 DESC_HDR_MODE1_MDEU_MD5_HMAC, 1646 }, 1647 /* ABLKCIPHER algorithms. */ 1648 { 1649 .alg = { 1650 .cra_name = "cbc(aes)", 1651 .cra_driver_name = "cbc-aes-talitos", 1652 .cra_blocksize = AES_BLOCK_SIZE, 1653 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 1654 CRYPTO_ALG_ASYNC, 1655 .cra_type = &crypto_ablkcipher_type, 1656 .cra_ablkcipher = { 1657 .setkey = ablkcipher_setkey, 1658 .encrypt = ablkcipher_encrypt, 1659 .decrypt = ablkcipher_decrypt, 1660 .geniv = "eseqiv", 1661 .min_keysize = AES_MIN_KEY_SIZE, 1662 .max_keysize = AES_MAX_KEY_SIZE, 1663 .ivsize = AES_BLOCK_SIZE, 1664 } 1665 }, 1666 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 1667 DESC_HDR_SEL0_AESU | 1668 DESC_HDR_MODE0_AESU_CBC, 1669 }, 1670 { 1671 .alg = { 1672 .cra_name = "cbc(des3_ede)", 1673 .cra_driver_name = "cbc-3des-talitos", 1674 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 1675 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 1676 CRYPTO_ALG_ASYNC, 1677 .cra_type = &crypto_ablkcipher_type, 1678 .cra_ablkcipher = { 1679 .setkey = ablkcipher_setkey, 1680 .encrypt = ablkcipher_encrypt, 1681 .decrypt = ablkcipher_decrypt, 1682 .geniv = "eseqiv", 1683 .min_keysize = DES3_EDE_KEY_SIZE, 1684 .max_keysize = DES3_EDE_KEY_SIZE, 1685 .ivsize = DES3_EDE_BLOCK_SIZE, 1686 } 1687 }, 1688 .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | 1689 DESC_HDR_SEL0_DEU | 1690 DESC_HDR_MODE0_DEU_CBC | 1691 DESC_HDR_MODE0_DEU_3DES, 1692 } 1693 }; 1694 1695 struct talitos_crypto_alg { 1696 struct list_head entry; 1697 struct device *dev; 1698 __be32 desc_hdr_template; 1699 struct crypto_alg crypto_alg; 1700 }; 1701 1702 static int talitos_cra_init(struct crypto_tfm *tfm) 1703 { 1704 struct crypto_alg *alg = tfm->__crt_alg; 1705 struct talitos_crypto_alg *talitos_alg; 1706 struct talitos_ctx *ctx = crypto_tfm_ctx(tfm); 1707 1708 talitos_alg = container_of(alg, struct talitos_crypto_alg, crypto_alg); 1709 1710 /* update context with ptr to dev */ 1711 ctx->dev = talitos_alg->dev; 1712 1713 /* copy descriptor header template value */ 1714 ctx->desc_hdr_template = talitos_alg->desc_hdr_template; 1715 1716 /* random first IV */ 1717 get_random_bytes(ctx->iv, TALITOS_MAX_IV_LENGTH); 1718 1719 return 0; 1720 } 1721 1722 /* 1723 * given the alg's descriptor header template, determine whether descriptor 1724 * type and primary/secondary execution units required match the hw 1725 * capabilities description provided in the device tree node. 1726 */ 1727 static int hw_supports(struct device *dev, __be32 desc_hdr_template) 1728 { 1729 struct talitos_private *priv = dev_get_drvdata(dev); 1730 int ret; 1731 1732 ret = (1 << DESC_TYPE(desc_hdr_template) & priv->desc_types) && 1733 (1 << PRIMARY_EU(desc_hdr_template) & priv->exec_units); 1734 1735 if (SECONDARY_EU(desc_hdr_template)) 1736 ret = ret && (1 << SECONDARY_EU(desc_hdr_template) 1737 & priv->exec_units); 1738 1739 return ret; 1740 } 1741 1742 static int talitos_remove(struct of_device *ofdev) 1743 { 1744 struct device *dev = &ofdev->dev; 1745 struct talitos_private *priv = dev_get_drvdata(dev); 1746 struct talitos_crypto_alg *t_alg, *n; 1747 int i; 1748 1749 list_for_each_entry_safe(t_alg, n, &priv->alg_list, entry) { 1750 crypto_unregister_alg(&t_alg->crypto_alg); 1751 list_del(&t_alg->entry); 1752 kfree(t_alg); 1753 } 1754 1755 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) 1756 talitos_unregister_rng(dev); 1757 1758 for (i = 0; i < priv->num_channels; i++) 1759 if (priv->chan[i].fifo) 1760 kfree(priv->chan[i].fifo); 1761 1762 kfree(priv->chan); 1763 1764 if (priv->irq != NO_IRQ) { 1765 free_irq(priv->irq, dev); 1766 irq_dispose_mapping(priv->irq); 1767 } 1768 1769 tasklet_kill(&priv->done_task); 1770 1771 iounmap(priv->reg); 1772 1773 dev_set_drvdata(dev, NULL); 1774 1775 kfree(priv); 1776 1777 return 0; 1778 } 1779 1780 static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev, 1781 struct talitos_alg_template 1782 *template) 1783 { 1784 struct talitos_crypto_alg *t_alg; 1785 struct crypto_alg *alg; 1786 1787 t_alg = kzalloc(sizeof(struct talitos_crypto_alg), GFP_KERNEL); 1788 if (!t_alg) 1789 return ERR_PTR(-ENOMEM); 1790 1791 alg = &t_alg->crypto_alg; 1792 *alg = template->alg; 1793 1794 alg->cra_module = THIS_MODULE; 1795 alg->cra_init = talitos_cra_init; 1796 alg->cra_priority = TALITOS_CRA_PRIORITY; 1797 alg->cra_alignmask = 0; 1798 alg->cra_ctxsize = sizeof(struct talitos_ctx); 1799 1800 t_alg->desc_hdr_template = template->desc_hdr_template; 1801 t_alg->dev = dev; 1802 1803 return t_alg; 1804 } 1805 1806 static int talitos_probe(struct of_device *ofdev, 1807 const struct of_device_id *match) 1808 { 1809 struct device *dev = &ofdev->dev; 1810 struct device_node *np = ofdev->node; 1811 struct talitos_private *priv; 1812 const unsigned int *prop; 1813 int i, err; 1814 1815 priv = kzalloc(sizeof(struct talitos_private), GFP_KERNEL); 1816 if (!priv) 1817 return -ENOMEM; 1818 1819 dev_set_drvdata(dev, priv); 1820 1821 priv->ofdev = ofdev; 1822 1823 tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev); 1824 1825 INIT_LIST_HEAD(&priv->alg_list); 1826 1827 priv->irq = irq_of_parse_and_map(np, 0); 1828 1829 if (priv->irq == NO_IRQ) { 1830 dev_err(dev, "failed to map irq\n"); 1831 err = -EINVAL; 1832 goto err_out; 1833 } 1834 1835 /* get the irq line */ 1836 err = request_irq(priv->irq, talitos_interrupt, 0, 1837 dev_driver_string(dev), dev); 1838 if (err) { 1839 dev_err(dev, "failed to request irq %d\n", priv->irq); 1840 irq_dispose_mapping(priv->irq); 1841 priv->irq = NO_IRQ; 1842 goto err_out; 1843 } 1844 1845 priv->reg = of_iomap(np, 0); 1846 if (!priv->reg) { 1847 dev_err(dev, "failed to of_iomap\n"); 1848 err = -ENOMEM; 1849 goto err_out; 1850 } 1851 1852 /* get SEC version capabilities from device tree */ 1853 prop = of_get_property(np, "fsl,num-channels", NULL); 1854 if (prop) 1855 priv->num_channels = *prop; 1856 1857 prop = of_get_property(np, "fsl,channel-fifo-len", NULL); 1858 if (prop) 1859 priv->chfifo_len = *prop; 1860 1861 prop = of_get_property(np, "fsl,exec-units-mask", NULL); 1862 if (prop) 1863 priv->exec_units = *prop; 1864 1865 prop = of_get_property(np, "fsl,descriptor-types-mask", NULL); 1866 if (prop) 1867 priv->desc_types = *prop; 1868 1869 if (!is_power_of_2(priv->num_channels) || !priv->chfifo_len || 1870 !priv->exec_units || !priv->desc_types) { 1871 dev_err(dev, "invalid property data in device tree node\n"); 1872 err = -EINVAL; 1873 goto err_out; 1874 } 1875 1876 if (of_device_is_compatible(np, "fsl,sec3.0")) 1877 priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT; 1878 1879 if (of_device_is_compatible(np, "fsl,sec2.1")) 1880 priv->features |= TALITOS_FTR_HW_AUTH_CHECK; 1881 1882 priv->chan = kzalloc(sizeof(struct talitos_channel) * 1883 priv->num_channels, GFP_KERNEL); 1884 if (!priv->chan) { 1885 dev_err(dev, "failed to allocate channel management space\n"); 1886 err = -ENOMEM; 1887 goto err_out; 1888 } 1889 1890 for (i = 0; i < priv->num_channels; i++) { 1891 spin_lock_init(&priv->chan[i].head_lock); 1892 spin_lock_init(&priv->chan[i].tail_lock); 1893 } 1894 1895 priv->fifo_len = roundup_pow_of_two(priv->chfifo_len); 1896 1897 for (i = 0; i < priv->num_channels; i++) { 1898 priv->chan[i].fifo = kzalloc(sizeof(struct talitos_request) * 1899 priv->fifo_len, GFP_KERNEL); 1900 if (!priv->chan[i].fifo) { 1901 dev_err(dev, "failed to allocate request fifo %d\n", i); 1902 err = -ENOMEM; 1903 goto err_out; 1904 } 1905 } 1906 1907 for (i = 0; i < priv->num_channels; i++) 1908 atomic_set(&priv->chan[i].submit_count, 1909 -(priv->chfifo_len - 1)); 1910 1911 dma_set_mask(dev, DMA_BIT_MASK(36)); 1912 1913 /* reset and initialize the h/w */ 1914 err = init_device(dev); 1915 if (err) { 1916 dev_err(dev, "failed to initialize device\n"); 1917 goto err_out; 1918 } 1919 1920 /* register the RNG, if available */ 1921 if (hw_supports(dev, DESC_HDR_SEL0_RNG)) { 1922 err = talitos_register_rng(dev); 1923 if (err) { 1924 dev_err(dev, "failed to register hwrng: %d\n", err); 1925 goto err_out; 1926 } else 1927 dev_info(dev, "hwrng\n"); 1928 } 1929 1930 /* register crypto algorithms the device supports */ 1931 for (i = 0; i < ARRAY_SIZE(driver_algs); i++) { 1932 if (hw_supports(dev, driver_algs[i].desc_hdr_template)) { 1933 struct talitos_crypto_alg *t_alg; 1934 1935 t_alg = talitos_alg_alloc(dev, &driver_algs[i]); 1936 if (IS_ERR(t_alg)) { 1937 err = PTR_ERR(t_alg); 1938 goto err_out; 1939 } 1940 1941 err = crypto_register_alg(&t_alg->crypto_alg); 1942 if (err) { 1943 dev_err(dev, "%s alg registration failed\n", 1944 t_alg->crypto_alg.cra_driver_name); 1945 kfree(t_alg); 1946 } else { 1947 list_add_tail(&t_alg->entry, &priv->alg_list); 1948 dev_info(dev, "%s\n", 1949 t_alg->crypto_alg.cra_driver_name); 1950 } 1951 } 1952 } 1953 1954 return 0; 1955 1956 err_out: 1957 talitos_remove(ofdev); 1958 1959 return err; 1960 } 1961 1962 static const struct of_device_id talitos_match[] = { 1963 { 1964 .compatible = "fsl,sec2.0", 1965 }, 1966 {}, 1967 }; 1968 MODULE_DEVICE_TABLE(of, talitos_match); 1969 1970 static struct of_platform_driver talitos_driver = { 1971 .name = "talitos", 1972 .match_table = talitos_match, 1973 .probe = talitos_probe, 1974 .remove = talitos_remove, 1975 }; 1976 1977 static int __init talitos_init(void) 1978 { 1979 return of_register_platform_driver(&talitos_driver); 1980 } 1981 module_init(talitos_init); 1982 1983 static void __exit talitos_exit(void) 1984 { 1985 of_unregister_platform_driver(&talitos_driver); 1986 } 1987 module_exit(talitos_exit); 1988 1989 MODULE_LICENSE("GPL"); 1990 MODULE_AUTHOR("Kim Phillips <kim.phillips@freescale.com>"); 1991 MODULE_DESCRIPTION("Freescale integrated security engine (SEC) driver"); 1992