1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* Driver for Virtio crypto device. 3 * 4 * Copyright 2016 HUAWEI TECHNOLOGIES CO., LTD. 5 */ 6 7 #include <linux/err.h> 8 #include <linux/module.h> 9 #include <linux/virtio_config.h> 10 #include <linux/cpu.h> 11 12 #include <uapi/linux/virtio_crypto.h> 13 #include "virtio_crypto_common.h" 14 15 16 void 17 virtcrypto_clear_request(struct virtio_crypto_request *vc_req) 18 { 19 if (vc_req) { 20 kfree_sensitive(vc_req->req_data); 21 kfree(vc_req->sgs); 22 } 23 } 24 25 static void virtio_crypto_ctrlq_callback(struct virtio_crypto_ctrl_request *vc_ctrl_req) 26 { 27 complete(&vc_ctrl_req->compl); 28 } 29 30 static void virtcrypto_ctrlq_callback(struct virtqueue *vq) 31 { 32 struct virtio_crypto *vcrypto = vq->vdev->priv; 33 struct virtio_crypto_ctrl_request *vc_ctrl_req; 34 unsigned long flags; 35 unsigned int len; 36 37 spin_lock_irqsave(&vcrypto->ctrl_lock, flags); 38 do { 39 virtqueue_disable_cb(vq); 40 while ((vc_ctrl_req = virtqueue_get_buf(vq, &len)) != NULL) { 41 spin_unlock_irqrestore(&vcrypto->ctrl_lock, flags); 42 virtio_crypto_ctrlq_callback(vc_ctrl_req); 43 spin_lock_irqsave(&vcrypto->ctrl_lock, flags); 44 } 45 } while (!virtqueue_enable_cb(vq)); 46 spin_unlock_irqrestore(&vcrypto->ctrl_lock, flags); 47 } 48 49 int virtio_crypto_ctrl_vq_request(struct virtio_crypto *vcrypto, struct scatterlist *sgs[], 50 unsigned int out_sgs, unsigned int in_sgs, 51 struct virtio_crypto_ctrl_request *vc_ctrl_req) 52 { 53 int err; 54 unsigned long flags; 55 56 init_completion(&vc_ctrl_req->compl); 57 58 spin_lock_irqsave(&vcrypto->ctrl_lock, flags); 59 err = virtqueue_add_sgs(vcrypto->ctrl_vq, sgs, out_sgs, in_sgs, vc_ctrl_req, GFP_ATOMIC); 60 if (err < 0) { 61 spin_unlock_irqrestore(&vcrypto->ctrl_lock, flags); 62 return err; 63 } 64 65 virtqueue_kick(vcrypto->ctrl_vq); 66 spin_unlock_irqrestore(&vcrypto->ctrl_lock, flags); 67 68 wait_for_completion(&vc_ctrl_req->compl); 69 70 return 0; 71 } 72 73 static void virtcrypto_done_task(unsigned long data) 74 { 75 struct data_queue *data_vq = (struct data_queue *)data; 76 struct virtqueue *vq = data_vq->vq; 77 struct virtio_crypto_request *vc_req; 78 unsigned long flags; 79 unsigned int len; 80 81 spin_lock_irqsave(&data_vq->lock, flags); 82 do { 83 virtqueue_disable_cb(vq); 84 while ((vc_req = virtqueue_get_buf(vq, &len)) != NULL) { 85 spin_unlock_irqrestore(&data_vq->lock, flags); 86 if (vc_req->alg_cb) 87 vc_req->alg_cb(vc_req, len); 88 spin_lock_irqsave(&data_vq->lock, flags); 89 } 90 } while (!virtqueue_enable_cb(vq)); 91 spin_unlock_irqrestore(&data_vq->lock, flags); 92 } 93 94 static void virtcrypto_dataq_callback(struct virtqueue *vq) 95 { 96 struct virtio_crypto *vcrypto = vq->vdev->priv; 97 struct data_queue *dq = &vcrypto->data_vq[vq->index]; 98 99 tasklet_schedule(&dq->done_task); 100 } 101 102 static int virtcrypto_find_vqs(struct virtio_crypto *vi) 103 { 104 struct virtqueue_info *vqs_info; 105 struct virtqueue **vqs; 106 int ret = -ENOMEM; 107 int i, total_vqs; 108 struct device *dev = &vi->vdev->dev; 109 110 /* 111 * We expect 1 data virtqueue, followed by 112 * possible N-1 data queues used in multiqueue mode, 113 * followed by control vq. 114 */ 115 total_vqs = vi->max_data_queues + 1; 116 117 /* Allocate space for find_vqs parameters */ 118 vqs = kzalloc_objs(*vqs, total_vqs); 119 if (!vqs) 120 goto err_vq; 121 vqs_info = kzalloc_objs(*vqs_info, total_vqs); 122 if (!vqs_info) 123 goto err_vqs_info; 124 125 /* Parameters for control virtqueue */ 126 vqs_info[total_vqs - 1].callback = virtcrypto_ctrlq_callback; 127 vqs_info[total_vqs - 1].name = "controlq"; 128 129 /* Allocate/initialize parameters for data virtqueues */ 130 for (i = 0; i < vi->max_data_queues; i++) { 131 vqs_info[i].callback = virtcrypto_dataq_callback; 132 snprintf(vi->data_vq[i].name, sizeof(vi->data_vq[i].name), 133 "dataq.%d", i); 134 vqs_info[i].name = vi->data_vq[i].name; 135 } 136 137 ret = virtio_find_vqs(vi->vdev, total_vqs, vqs, vqs_info, NULL); 138 if (ret) 139 goto err_find; 140 141 vi->ctrl_vq = vqs[total_vqs - 1]; 142 143 for (i = 0; i < vi->max_data_queues; i++) { 144 spin_lock_init(&vi->data_vq[i].lock); 145 vi->data_vq[i].vq = vqs[i]; 146 /* Initialize crypto engine */ 147 vi->data_vq[i].engine = crypto_engine_alloc_init_and_set(dev, true, true, 148 virtqueue_get_vring_size(vqs[i])); 149 if (!vi->data_vq[i].engine) { 150 ret = -ENOMEM; 151 goto err_engine; 152 } 153 tasklet_init(&vi->data_vq[i].done_task, virtcrypto_done_task, 154 (unsigned long)&vi->data_vq[i]); 155 } 156 157 kfree(vqs_info); 158 kfree(vqs); 159 160 return 0; 161 162 err_engine: 163 err_find: 164 kfree(vqs_info); 165 err_vqs_info: 166 kfree(vqs); 167 err_vq: 168 return ret; 169 } 170 171 static int virtcrypto_alloc_queues(struct virtio_crypto *vi) 172 { 173 vi->data_vq = kzalloc_objs(*vi->data_vq, vi->max_data_queues); 174 if (!vi->data_vq) 175 return -ENOMEM; 176 177 return 0; 178 } 179 180 static void virtcrypto_clean_affinity(struct virtio_crypto *vi, long hcpu) 181 { 182 int i; 183 184 if (vi->affinity_hint_set) { 185 for (i = 0; i < vi->max_data_queues; i++) 186 virtqueue_set_affinity(vi->data_vq[i].vq, NULL); 187 188 vi->affinity_hint_set = false; 189 } 190 } 191 192 static void virtcrypto_set_affinity(struct virtio_crypto *vcrypto) 193 { 194 int i = 0; 195 int cpu; 196 197 /* 198 * In single queue mode, we don't set the cpu affinity. 199 */ 200 if (vcrypto->curr_queue == 1 || vcrypto->max_data_queues == 1) { 201 virtcrypto_clean_affinity(vcrypto, -1); 202 return; 203 } 204 205 /* 206 * In multiqueue mode, we let the queue to be private to one cpu 207 * by setting the affinity hint to eliminate the contention. 208 * 209 * TODO: adds cpu hotplug support by register cpu notifier. 210 * 211 */ 212 for_each_online_cpu(cpu) { 213 virtqueue_set_affinity(vcrypto->data_vq[i].vq, cpumask_of(cpu)); 214 if (++i >= vcrypto->max_data_queues) 215 break; 216 } 217 218 vcrypto->affinity_hint_set = true; 219 } 220 221 static void virtcrypto_free_queues(struct virtio_crypto *vi) 222 { 223 kfree(vi->data_vq); 224 } 225 226 static int virtcrypto_init_vqs(struct virtio_crypto *vi) 227 { 228 int ret; 229 230 /* Allocate send & receive queues */ 231 ret = virtcrypto_alloc_queues(vi); 232 if (ret) 233 goto err; 234 235 ret = virtcrypto_find_vqs(vi); 236 if (ret) 237 goto err_free; 238 239 cpus_read_lock(); 240 virtcrypto_set_affinity(vi); 241 cpus_read_unlock(); 242 243 return 0; 244 245 err_free: 246 virtcrypto_free_queues(vi); 247 err: 248 return ret; 249 } 250 251 static int virtcrypto_update_status(struct virtio_crypto *vcrypto) 252 { 253 u32 status; 254 int err; 255 256 virtio_cread_le(vcrypto->vdev, 257 struct virtio_crypto_config, status, &status); 258 259 /* 260 * Unknown status bits would be a host error and the driver 261 * should consider the device to be broken. 262 */ 263 if (status & (~VIRTIO_CRYPTO_S_HW_READY)) { 264 dev_warn(&vcrypto->vdev->dev, 265 "Unknown status bits: 0x%x\n", status); 266 267 virtio_break_device(vcrypto->vdev); 268 return -EPERM; 269 } 270 271 if (vcrypto->status == status) 272 return 0; 273 274 vcrypto->status = status; 275 276 if (vcrypto->status & VIRTIO_CRYPTO_S_HW_READY) { 277 err = virtcrypto_dev_start(vcrypto); 278 if (err) { 279 dev_err(&vcrypto->vdev->dev, 280 "Failed to start virtio crypto device.\n"); 281 282 return -EPERM; 283 } 284 dev_info(&vcrypto->vdev->dev, "Accelerator device is ready\n"); 285 } else { 286 virtcrypto_dev_stop(vcrypto); 287 dev_info(&vcrypto->vdev->dev, "Accelerator is not ready\n"); 288 } 289 290 return 0; 291 } 292 293 static int virtcrypto_start_crypto_engines(struct virtio_crypto *vcrypto) 294 { 295 int32_t i; 296 int ret; 297 298 for (i = 0; i < vcrypto->max_data_queues; i++) { 299 if (vcrypto->data_vq[i].engine) { 300 ret = crypto_engine_start(vcrypto->data_vq[i].engine); 301 if (ret) 302 goto err; 303 } 304 } 305 306 return 0; 307 308 err: 309 while (--i >= 0) 310 if (vcrypto->data_vq[i].engine) 311 crypto_engine_exit(vcrypto->data_vq[i].engine); 312 313 return ret; 314 } 315 316 static void virtcrypto_clear_crypto_engines(struct virtio_crypto *vcrypto) 317 { 318 u32 i; 319 320 for (i = 0; i < vcrypto->max_data_queues; i++) 321 if (vcrypto->data_vq[i].engine) 322 crypto_engine_exit(vcrypto->data_vq[i].engine); 323 } 324 325 static void virtcrypto_del_vqs(struct virtio_crypto *vcrypto) 326 { 327 struct virtio_device *vdev = vcrypto->vdev; 328 329 virtcrypto_clean_affinity(vcrypto, -1); 330 331 vdev->config->del_vqs(vdev); 332 333 virtcrypto_free_queues(vcrypto); 334 } 335 336 static void vcrypto_config_changed_work(struct work_struct *work) 337 { 338 struct virtio_crypto *vcrypto = 339 container_of(work, struct virtio_crypto, config_work); 340 341 virtcrypto_update_status(vcrypto); 342 } 343 344 static int virtcrypto_probe(struct virtio_device *vdev) 345 { 346 int err = -EFAULT; 347 struct virtio_crypto *vcrypto; 348 u32 max_data_queues = 0, max_cipher_key_len = 0; 349 u32 max_auth_key_len = 0; 350 u64 max_size = 0; 351 u32 cipher_algo_l = 0; 352 u32 cipher_algo_h = 0; 353 u32 hash_algo = 0; 354 u32 mac_algo_l = 0; 355 u32 mac_algo_h = 0; 356 u32 aead_algo = 0; 357 u32 akcipher_algo = 0; 358 u32 crypto_services = 0; 359 360 if (!virtio_has_feature(vdev, VIRTIO_F_VERSION_1)) 361 return -ENODEV; 362 363 if (!vdev->config->get) { 364 dev_err(&vdev->dev, "%s failure: config access disabled\n", 365 __func__); 366 return -EINVAL; 367 } 368 369 if (num_possible_nodes() > 1 && dev_to_node(&vdev->dev) < 0) { 370 /* 371 * If the accelerator is connected to a node with no memory 372 * there is no point in using the accelerator since the remote 373 * memory transaction will be very slow. 374 */ 375 dev_err(&vdev->dev, "Invalid NUMA configuration.\n"); 376 return -EINVAL; 377 } 378 379 vcrypto = kzalloc_node(sizeof(*vcrypto), GFP_KERNEL, 380 dev_to_node(&vdev->dev)); 381 if (!vcrypto) 382 return -ENOMEM; 383 384 virtio_cread_le(vdev, struct virtio_crypto_config, 385 max_dataqueues, &max_data_queues); 386 if (max_data_queues < 1) 387 max_data_queues = 1; 388 389 virtio_cread_le(vdev, struct virtio_crypto_config, 390 max_cipher_key_len, &max_cipher_key_len); 391 virtio_cread_le(vdev, struct virtio_crypto_config, 392 max_auth_key_len, &max_auth_key_len); 393 virtio_cread_le(vdev, struct virtio_crypto_config, 394 max_size, &max_size); 395 virtio_cread_le(vdev, struct virtio_crypto_config, 396 crypto_services, &crypto_services); 397 virtio_cread_le(vdev, struct virtio_crypto_config, 398 cipher_algo_l, &cipher_algo_l); 399 virtio_cread_le(vdev, struct virtio_crypto_config, 400 cipher_algo_h, &cipher_algo_h); 401 virtio_cread_le(vdev, struct virtio_crypto_config, 402 hash_algo, &hash_algo); 403 virtio_cread_le(vdev, struct virtio_crypto_config, 404 mac_algo_l, &mac_algo_l); 405 virtio_cread_le(vdev, struct virtio_crypto_config, 406 mac_algo_h, &mac_algo_h); 407 virtio_cread_le(vdev, struct virtio_crypto_config, 408 aead_algo, &aead_algo); 409 if (crypto_services & (1 << VIRTIO_CRYPTO_SERVICE_AKCIPHER)) 410 virtio_cread_le(vdev, struct virtio_crypto_config, 411 akcipher_algo, &akcipher_algo); 412 413 /* Add virtio crypto device to global table */ 414 err = virtcrypto_devmgr_add_dev(vcrypto); 415 if (err) { 416 dev_err(&vdev->dev, "Failed to add new virtio crypto device.\n"); 417 goto free; 418 } 419 vcrypto->owner = THIS_MODULE; 420 vcrypto = vdev->priv = vcrypto; 421 vcrypto->vdev = vdev; 422 423 spin_lock_init(&vcrypto->ctrl_lock); 424 425 /* Use single data queue as default */ 426 vcrypto->curr_queue = 1; 427 vcrypto->max_data_queues = max_data_queues; 428 vcrypto->max_cipher_key_len = max_cipher_key_len; 429 vcrypto->max_auth_key_len = max_auth_key_len; 430 vcrypto->max_size = max_size; 431 vcrypto->crypto_services = crypto_services; 432 vcrypto->cipher_algo_l = cipher_algo_l; 433 vcrypto->cipher_algo_h = cipher_algo_h; 434 vcrypto->mac_algo_l = mac_algo_l; 435 vcrypto->mac_algo_h = mac_algo_h; 436 vcrypto->hash_algo = hash_algo; 437 vcrypto->aead_algo = aead_algo; 438 vcrypto->akcipher_algo = akcipher_algo; 439 440 dev_info(&vdev->dev, 441 "max_queues: %u, max_cipher_key_len: %u, max_auth_key_len: %u, max_size 0x%llx\n", 442 vcrypto->max_data_queues, 443 vcrypto->max_cipher_key_len, 444 vcrypto->max_auth_key_len, 445 vcrypto->max_size); 446 447 err = virtcrypto_init_vqs(vcrypto); 448 if (err) { 449 dev_err(&vdev->dev, "Failed to initialize vqs.\n"); 450 goto free_dev; 451 } 452 453 err = virtcrypto_start_crypto_engines(vcrypto); 454 if (err) 455 goto free_vqs; 456 457 virtio_device_ready(vdev); 458 459 err = virtcrypto_update_status(vcrypto); 460 if (err) 461 goto free_engines; 462 463 INIT_WORK(&vcrypto->config_work, vcrypto_config_changed_work); 464 465 return 0; 466 467 free_engines: 468 virtcrypto_clear_crypto_engines(vcrypto); 469 free_vqs: 470 virtio_reset_device(vdev); 471 virtcrypto_del_vqs(vcrypto); 472 free_dev: 473 virtcrypto_devmgr_rm_dev(vcrypto); 474 free: 475 kfree(vcrypto); 476 return err; 477 } 478 479 static void virtcrypto_free_unused_reqs(struct virtio_crypto *vcrypto) 480 { 481 struct virtio_crypto_request *vc_req; 482 int i; 483 struct virtqueue *vq; 484 485 for (i = 0; i < vcrypto->max_data_queues; i++) { 486 vq = vcrypto->data_vq[i].vq; 487 while ((vc_req = virtqueue_detach_unused_buf(vq)) != NULL) 488 virtcrypto_clear_request(vc_req); 489 cond_resched(); 490 } 491 } 492 493 static void virtcrypto_remove(struct virtio_device *vdev) 494 { 495 struct virtio_crypto *vcrypto = vdev->priv; 496 int i; 497 498 dev_info(&vdev->dev, "Start virtcrypto_remove.\n"); 499 500 flush_work(&vcrypto->config_work); 501 if (virtcrypto_dev_started(vcrypto)) 502 virtcrypto_dev_stop(vcrypto); 503 for (i = 0; i < vcrypto->max_data_queues; i++) 504 tasklet_kill(&vcrypto->data_vq[i].done_task); 505 virtio_reset_device(vdev); 506 virtcrypto_free_unused_reqs(vcrypto); 507 virtcrypto_clear_crypto_engines(vcrypto); 508 virtcrypto_del_vqs(vcrypto); 509 virtcrypto_devmgr_rm_dev(vcrypto); 510 kfree(vcrypto); 511 } 512 513 static void virtcrypto_config_changed(struct virtio_device *vdev) 514 { 515 struct virtio_crypto *vcrypto = vdev->priv; 516 517 schedule_work(&vcrypto->config_work); 518 } 519 520 #ifdef CONFIG_PM_SLEEP 521 static int virtcrypto_freeze(struct virtio_device *vdev) 522 { 523 struct virtio_crypto *vcrypto = vdev->priv; 524 525 flush_work(&vcrypto->config_work); 526 virtio_reset_device(vdev); 527 virtcrypto_free_unused_reqs(vcrypto); 528 if (virtcrypto_dev_started(vcrypto)) 529 virtcrypto_dev_stop(vcrypto); 530 531 virtcrypto_clear_crypto_engines(vcrypto); 532 virtcrypto_del_vqs(vcrypto); 533 return 0; 534 } 535 536 static int virtcrypto_restore(struct virtio_device *vdev) 537 { 538 struct virtio_crypto *vcrypto = vdev->priv; 539 int err; 540 541 err = virtcrypto_init_vqs(vcrypto); 542 if (err) 543 return err; 544 545 err = virtcrypto_start_crypto_engines(vcrypto); 546 if (err) 547 goto free_vqs; 548 549 virtio_device_ready(vdev); 550 551 err = virtcrypto_dev_start(vcrypto); 552 if (err) { 553 dev_err(&vdev->dev, "Failed to start virtio crypto device.\n"); 554 goto free_engines; 555 } 556 557 return 0; 558 559 free_engines: 560 virtcrypto_clear_crypto_engines(vcrypto); 561 free_vqs: 562 virtio_reset_device(vdev); 563 virtcrypto_del_vqs(vcrypto); 564 return err; 565 } 566 #endif 567 568 static const unsigned int features[] = { 569 /* none */ 570 }; 571 572 static const struct virtio_device_id id_table[] = { 573 { VIRTIO_ID_CRYPTO, VIRTIO_DEV_ANY_ID }, 574 { 0 }, 575 }; 576 577 static struct virtio_driver virtio_crypto_driver = { 578 .driver.name = KBUILD_MODNAME, 579 .feature_table = features, 580 .feature_table_size = ARRAY_SIZE(features), 581 .id_table = id_table, 582 .probe = virtcrypto_probe, 583 .remove = virtcrypto_remove, 584 .config_changed = virtcrypto_config_changed, 585 #ifdef CONFIG_PM_SLEEP 586 .freeze = virtcrypto_freeze, 587 .restore = virtcrypto_restore, 588 #endif 589 }; 590 591 module_virtio_driver(virtio_crypto_driver); 592 593 MODULE_DEVICE_TABLE(virtio, id_table); 594 MODULE_DESCRIPTION("virtio crypto device driver"); 595 MODULE_LICENSE("GPL"); 596 MODULE_AUTHOR("Gonglei <arei.gonglei@huawei.com>"); 597