]>
Commit | Line | Data |
---|---|---|
bd3c7b5c NR |
1 | /* |
2 | * Cryptographic API. | |
3 | * | |
4 | * Support for ATMEL AES HW acceleration. | |
5 | * | |
6 | * Copyright (c) 2012 Eukréa Electromatique - ATMEL | |
7 | * Author: Nicolas Royer <nicolas@eukrea.com> | |
8 | * | |
9 | * This program is free software; you can redistribute it and/or modify | |
10 | * it under the terms of the GNU General Public License version 2 as published | |
11 | * by the Free Software Foundation. | |
12 | * | |
13 | * Some ideas are from omap-aes.c driver. | |
14 | */ | |
15 | ||
16 | ||
17 | #include <linux/kernel.h> | |
18 | #include <linux/module.h> | |
19 | #include <linux/slab.h> | |
20 | #include <linux/err.h> | |
21 | #include <linux/clk.h> | |
22 | #include <linux/io.h> | |
23 | #include <linux/hw_random.h> | |
24 | #include <linux/platform_device.h> | |
25 | ||
26 | #include <linux/device.h> | |
bd3c7b5c NR |
27 | #include <linux/init.h> |
28 | #include <linux/errno.h> | |
29 | #include <linux/interrupt.h> | |
bd3c7b5c | 30 | #include <linux/irq.h> |
bd3c7b5c NR |
31 | #include <linux/scatterlist.h> |
32 | #include <linux/dma-mapping.h> | |
be943c7d | 33 | #include <linux/of_device.h> |
bd3c7b5c NR |
34 | #include <linux/delay.h> |
35 | #include <linux/crypto.h> | |
bd3c7b5c NR |
36 | #include <crypto/scatterwalk.h> |
37 | #include <crypto/algapi.h> | |
38 | #include <crypto/aes.h> | |
d52db518 | 39 | #include <crypto/xts.h> |
d4419548 | 40 | #include <crypto/internal/aead.h> |
cadc4ab8 | 41 | #include <linux/platform_data/crypto-atmel.h> |
be943c7d | 42 | #include <dt-bindings/dma/at91.h> |
bd3c7b5c NR |
43 | #include "atmel-aes-regs.h" |
44 | ||
88efd9a9 CP |
45 | #define ATMEL_AES_PRIORITY 300 |
46 | ||
bbe628ed CP |
47 | #define ATMEL_AES_BUFFER_ORDER 2 |
48 | #define ATMEL_AES_BUFFER_SIZE (PAGE_SIZE << ATMEL_AES_BUFFER_ORDER) | |
49 | ||
bd3c7b5c NR |
50 | #define CFB8_BLOCK_SIZE 1 |
51 | #define CFB16_BLOCK_SIZE 2 | |
52 | #define CFB32_BLOCK_SIZE 4 | |
53 | #define CFB64_BLOCK_SIZE 8 | |
54 | ||
bbe628ed CP |
55 | #define SIZE_IN_WORDS(x) ((x) >> 2) |
56 | ||
bd3c7b5c | 57 | /* AES flags */ |
d4419548 | 58 | /* Reserve bits [18:16] [14:12] [1:0] for mode (same as for AES_MR) */ |
77dacf5f | 59 | #define AES_FLAGS_ENCRYPT AES_MR_CYPHER_ENC |
d4419548 | 60 | #define AES_FLAGS_GTAGEN AES_MR_GTAGEN |
77dacf5f CP |
61 | #define AES_FLAGS_OPMODE_MASK (AES_MR_OPMOD_MASK | AES_MR_CFBS_MASK) |
62 | #define AES_FLAGS_ECB AES_MR_OPMOD_ECB | |
63 | #define AES_FLAGS_CBC AES_MR_OPMOD_CBC | |
64 | #define AES_FLAGS_OFB AES_MR_OPMOD_OFB | |
65 | #define AES_FLAGS_CFB128 (AES_MR_OPMOD_CFB | AES_MR_CFBS_128b) | |
66 | #define AES_FLAGS_CFB64 (AES_MR_OPMOD_CFB | AES_MR_CFBS_64b) | |
67 | #define AES_FLAGS_CFB32 (AES_MR_OPMOD_CFB | AES_MR_CFBS_32b) | |
68 | #define AES_FLAGS_CFB16 (AES_MR_OPMOD_CFB | AES_MR_CFBS_16b) | |
69 | #define AES_FLAGS_CFB8 (AES_MR_OPMOD_CFB | AES_MR_CFBS_8b) | |
70 | #define AES_FLAGS_CTR AES_MR_OPMOD_CTR | |
d4419548 | 71 | #define AES_FLAGS_GCM AES_MR_OPMOD_GCM |
d52db518 | 72 | #define AES_FLAGS_XTS AES_MR_OPMOD_XTS |
77dacf5f CP |
73 | |
74 | #define AES_FLAGS_MODE_MASK (AES_FLAGS_OPMODE_MASK | \ | |
d4419548 CP |
75 | AES_FLAGS_ENCRYPT | \ |
76 | AES_FLAGS_GTAGEN) | |
77dacf5f CP |
77 | |
78 | #define AES_FLAGS_INIT BIT(2) | |
79 | #define AES_FLAGS_BUSY BIT(3) | |
4537992b | 80 | #define AES_FLAGS_DUMP_REG BIT(4) |
77dacf5f CP |
81 | |
82 | #define AES_FLAGS_PERSISTENT (AES_FLAGS_INIT | AES_FLAGS_BUSY) | |
bd3c7b5c | 83 | |
cadc4ab8 | 84 | #define ATMEL_AES_QUEUE_LENGTH 50 |
bd3c7b5c | 85 | |
129f8bb6 | 86 | #define ATMEL_AES_DMA_THRESHOLD 256 |
bd3c7b5c NR |
87 | |
88 | ||
cadc4ab8 | 89 | struct atmel_aes_caps { |
afbac17e CP |
90 | bool has_dualbuff; |
91 | bool has_cfb64; | |
fcac8365 | 92 | bool has_ctr32; |
d4419548 | 93 | bool has_gcm; |
d52db518 | 94 | bool has_xts; |
afbac17e | 95 | u32 max_burst_size; |
cadc4ab8 NR |
96 | }; |
97 | ||
bd3c7b5c NR |
98 | struct atmel_aes_dev; |
99 | ||
ccbf7298 CP |
100 | |
101 | typedef int (*atmel_aes_fn_t)(struct atmel_aes_dev *); | |
102 | ||
103 | ||
104 | struct atmel_aes_base_ctx { | |
afbac17e CP |
105 | struct atmel_aes_dev *dd; |
106 | atmel_aes_fn_t start; | |
107 | int keylen; | |
108 | u32 key[AES_KEYSIZE_256 / sizeof(u32)]; | |
109 | u16 block_size; | |
bd3c7b5c NR |
110 | }; |
111 | ||
ccbf7298 CP |
112 | struct atmel_aes_ctx { |
113 | struct atmel_aes_base_ctx base; | |
114 | }; | |
115 | ||
fcac8365 CP |
116 | struct atmel_aes_ctr_ctx { |
117 | struct atmel_aes_base_ctx base; | |
118 | ||
119 | u32 iv[AES_BLOCK_SIZE / sizeof(u32)]; | |
120 | size_t offset; | |
121 | struct scatterlist src[2]; | |
122 | struct scatterlist dst[2]; | |
123 | }; | |
124 | ||
d4419548 CP |
125 | struct atmel_aes_gcm_ctx { |
126 | struct atmel_aes_base_ctx base; | |
127 | ||
128 | struct scatterlist src[2]; | |
129 | struct scatterlist dst[2]; | |
130 | ||
131 | u32 j0[AES_BLOCK_SIZE / sizeof(u32)]; | |
132 | u32 tag[AES_BLOCK_SIZE / sizeof(u32)]; | |
133 | u32 ghash[AES_BLOCK_SIZE / sizeof(u32)]; | |
134 | size_t textlen; | |
135 | ||
136 | const u32 *ghash_in; | |
137 | u32 *ghash_out; | |
138 | atmel_aes_fn_t ghash_resume; | |
139 | }; | |
140 | ||
d52db518 CP |
141 | struct atmel_aes_xts_ctx { |
142 | struct atmel_aes_base_ctx base; | |
143 | ||
144 | u32 key2[AES_KEYSIZE_256 / sizeof(u32)]; | |
145 | }; | |
146 | ||
bd3c7b5c | 147 | struct atmel_aes_reqctx { |
afbac17e | 148 | unsigned long mode; |
bd3c7b5c NR |
149 | }; |
150 | ||
151 | struct atmel_aes_dma { | |
bbe628ed CP |
152 | struct dma_chan *chan; |
153 | struct scatterlist *sg; | |
154 | int nents; | |
155 | unsigned int remainder; | |
156 | unsigned int sg_len; | |
bd3c7b5c NR |
157 | }; |
158 | ||
159 | struct atmel_aes_dev { | |
160 | struct list_head list; | |
161 | unsigned long phys_base; | |
162 | void __iomem *io_base; | |
163 | ||
ccbf7298 CP |
164 | struct crypto_async_request *areq; |
165 | struct atmel_aes_base_ctx *ctx; | |
166 | ||
10f12c1b CP |
167 | bool is_async; |
168 | atmel_aes_fn_t resume; | |
bbe628ed | 169 | atmel_aes_fn_t cpu_transfer_complete; |
10f12c1b | 170 | |
bd3c7b5c NR |
171 | struct device *dev; |
172 | struct clk *iclk; | |
afbac17e | 173 | int irq; |
bd3c7b5c NR |
174 | |
175 | unsigned long flags; | |
bd3c7b5c NR |
176 | |
177 | spinlock_t lock; | |
178 | struct crypto_queue queue; | |
179 | ||
180 | struct tasklet_struct done_task; | |
181 | struct tasklet_struct queue_task; | |
182 | ||
bbe628ed CP |
183 | size_t total; |
184 | size_t datalen; | |
185 | u32 *data; | |
bd3c7b5c | 186 | |
bbe628ed CP |
187 | struct atmel_aes_dma src; |
188 | struct atmel_aes_dma dst; | |
bd3c7b5c | 189 | |
bbe628ed CP |
190 | size_t buflen; |
191 | void *buf; | |
192 | struct scatterlist aligned_sg; | |
193 | struct scatterlist *real_dst; | |
bd3c7b5c | 194 | |
cadc4ab8 NR |
195 | struct atmel_aes_caps caps; |
196 | ||
afbac17e | 197 | u32 hw_version; |
bd3c7b5c NR |
198 | }; |
199 | ||
200 | struct atmel_aes_drv { | |
201 | struct list_head dev_list; | |
202 | spinlock_t lock; | |
203 | }; | |
204 | ||
205 | static struct atmel_aes_drv atmel_aes = { | |
206 | .dev_list = LIST_HEAD_INIT(atmel_aes.dev_list), | |
207 | .lock = __SPIN_LOCK_UNLOCKED(atmel_aes.lock), | |
208 | }; | |
209 | ||
4537992b CP |
210 | #ifdef VERBOSE_DEBUG |
211 | static const char *atmel_aes_reg_name(u32 offset, char *tmp, size_t sz) | |
212 | { | |
213 | switch (offset) { | |
214 | case AES_CR: | |
215 | return "CR"; | |
216 | ||
217 | case AES_MR: | |
218 | return "MR"; | |
219 | ||
220 | case AES_ISR: | |
221 | return "ISR"; | |
222 | ||
223 | case AES_IMR: | |
224 | return "IMR"; | |
225 | ||
226 | case AES_IER: | |
227 | return "IER"; | |
228 | ||
229 | case AES_IDR: | |
230 | return "IDR"; | |
231 | ||
232 | case AES_KEYWR(0): | |
233 | case AES_KEYWR(1): | |
234 | case AES_KEYWR(2): | |
235 | case AES_KEYWR(3): | |
236 | case AES_KEYWR(4): | |
237 | case AES_KEYWR(5): | |
238 | case AES_KEYWR(6): | |
239 | case AES_KEYWR(7): | |
240 | snprintf(tmp, sz, "KEYWR[%u]", (offset - AES_KEYWR(0)) >> 2); | |
241 | break; | |
242 | ||
243 | case AES_IDATAR(0): | |
244 | case AES_IDATAR(1): | |
245 | case AES_IDATAR(2): | |
246 | case AES_IDATAR(3): | |
247 | snprintf(tmp, sz, "IDATAR[%u]", (offset - AES_IDATAR(0)) >> 2); | |
248 | break; | |
249 | ||
250 | case AES_ODATAR(0): | |
251 | case AES_ODATAR(1): | |
252 | case AES_ODATAR(2): | |
253 | case AES_ODATAR(3): | |
254 | snprintf(tmp, sz, "ODATAR[%u]", (offset - AES_ODATAR(0)) >> 2); | |
255 | break; | |
256 | ||
257 | case AES_IVR(0): | |
258 | case AES_IVR(1): | |
259 | case AES_IVR(2): | |
260 | case AES_IVR(3): | |
261 | snprintf(tmp, sz, "IVR[%u]", (offset - AES_IVR(0)) >> 2); | |
262 | break; | |
263 | ||
264 | case AES_AADLENR: | |
265 | return "AADLENR"; | |
266 | ||
267 | case AES_CLENR: | |
268 | return "CLENR"; | |
269 | ||
270 | case AES_GHASHR(0): | |
271 | case AES_GHASHR(1): | |
272 | case AES_GHASHR(2): | |
273 | case AES_GHASHR(3): | |
274 | snprintf(tmp, sz, "GHASHR[%u]", (offset - AES_GHASHR(0)) >> 2); | |
275 | break; | |
276 | ||
277 | case AES_TAGR(0): | |
278 | case AES_TAGR(1): | |
279 | case AES_TAGR(2): | |
280 | case AES_TAGR(3): | |
281 | snprintf(tmp, sz, "TAGR[%u]", (offset - AES_TAGR(0)) >> 2); | |
282 | break; | |
283 | ||
284 | case AES_CTRR: | |
285 | return "CTRR"; | |
286 | ||
287 | case AES_GCMHR(0): | |
288 | case AES_GCMHR(1): | |
289 | case AES_GCMHR(2): | |
290 | case AES_GCMHR(3): | |
291 | snprintf(tmp, sz, "GCMHR[%u]", (offset - AES_GCMHR(0)) >> 2); | |
e31835ad | 292 | break; |
4537992b | 293 | |
d52db518 CP |
294 | case AES_TWR(0): |
295 | case AES_TWR(1): | |
296 | case AES_TWR(2): | |
297 | case AES_TWR(3): | |
298 | snprintf(tmp, sz, "TWR[%u]", (offset - AES_TWR(0)) >> 2); | |
299 | break; | |
300 | ||
301 | case AES_ALPHAR(0): | |
302 | case AES_ALPHAR(1): | |
303 | case AES_ALPHAR(2): | |
304 | case AES_ALPHAR(3): | |
305 | snprintf(tmp, sz, "ALPHAR[%u]", (offset - AES_ALPHAR(0)) >> 2); | |
306 | break; | |
307 | ||
4537992b CP |
308 | default: |
309 | snprintf(tmp, sz, "0x%02x", offset); | |
310 | break; | |
311 | } | |
312 | ||
313 | return tmp; | |
314 | } | |
315 | #endif /* VERBOSE_DEBUG */ | |
316 | ||
e37a7e55 | 317 | /* Shared functions */ |
cadc4ab8 | 318 | |
bd3c7b5c NR |
319 | static inline u32 atmel_aes_read(struct atmel_aes_dev *dd, u32 offset) |
320 | { | |
4537992b CP |
321 | u32 value = readl_relaxed(dd->io_base + offset); |
322 | ||
323 | #ifdef VERBOSE_DEBUG | |
324 | if (dd->flags & AES_FLAGS_DUMP_REG) { | |
325 | char tmp[16]; | |
326 | ||
327 | dev_vdbg(dd->dev, "read 0x%08x from %s\n", value, | |
328 | atmel_aes_reg_name(offset, tmp, sizeof(tmp))); | |
329 | } | |
330 | #endif /* VERBOSE_DEBUG */ | |
331 | ||
332 | return value; | |
bd3c7b5c NR |
333 | } |
334 | ||
335 | static inline void atmel_aes_write(struct atmel_aes_dev *dd, | |
336 | u32 offset, u32 value) | |
337 | { | |
4537992b CP |
338 | #ifdef VERBOSE_DEBUG |
339 | if (dd->flags & AES_FLAGS_DUMP_REG) { | |
340 | char tmp[16]; | |
341 | ||
342 | dev_vdbg(dd->dev, "write 0x%08x into %s\n", value, | |
f709dc86 | 343 | atmel_aes_reg_name(offset, tmp, sizeof(tmp))); |
4537992b CP |
344 | } |
345 | #endif /* VERBOSE_DEBUG */ | |
346 | ||
bd3c7b5c NR |
347 | writel_relaxed(value, dd->io_base + offset); |
348 | } | |
349 | ||
350 | static void atmel_aes_read_n(struct atmel_aes_dev *dd, u32 offset, | |
351 | u32 *value, int count) | |
352 | { | |
353 | for (; count--; value++, offset += 4) | |
354 | *value = atmel_aes_read(dd, offset); | |
355 | } | |
356 | ||
357 | static void atmel_aes_write_n(struct atmel_aes_dev *dd, u32 offset, | |
c0b28d8c | 358 | const u32 *value, int count) |
bd3c7b5c NR |
359 | { |
360 | for (; count--; value++, offset += 4) | |
361 | atmel_aes_write(dd, offset, *value); | |
362 | } | |
363 | ||
bbe628ed CP |
364 | static inline void atmel_aes_read_block(struct atmel_aes_dev *dd, u32 offset, |
365 | u32 *value) | |
366 | { | |
367 | atmel_aes_read_n(dd, offset, value, SIZE_IN_WORDS(AES_BLOCK_SIZE)); | |
368 | } | |
369 | ||
370 | static inline void atmel_aes_write_block(struct atmel_aes_dev *dd, u32 offset, | |
371 | const u32 *value) | |
372 | { | |
373 | atmel_aes_write_n(dd, offset, value, SIZE_IN_WORDS(AES_BLOCK_SIZE)); | |
374 | } | |
375 | ||
376 | static inline int atmel_aes_wait_for_data_ready(struct atmel_aes_dev *dd, | |
377 | atmel_aes_fn_t resume) | |
378 | { | |
379 | u32 isr = atmel_aes_read(dd, AES_ISR); | |
380 | ||
381 | if (unlikely(isr & AES_INT_DATARDY)) | |
382 | return resume(dd); | |
383 | ||
384 | dd->resume = resume; | |
385 | atmel_aes_write(dd, AES_IER, AES_INT_DATARDY); | |
386 | return -EINPROGRESS; | |
387 | } | |
388 | ||
389 | static inline size_t atmel_aes_padlen(size_t len, size_t block_size) | |
390 | { | |
391 | len &= block_size - 1; | |
392 | return len ? block_size - len : 0; | |
393 | } | |
394 | ||
ccbf7298 | 395 | static struct atmel_aes_dev *atmel_aes_find_dev(struct atmel_aes_base_ctx *ctx) |
bd3c7b5c NR |
396 | { |
397 | struct atmel_aes_dev *aes_dd = NULL; | |
398 | struct atmel_aes_dev *tmp; | |
399 | ||
400 | spin_lock_bh(&atmel_aes.lock); | |
401 | if (!ctx->dd) { | |
402 | list_for_each_entry(tmp, &atmel_aes.dev_list, list) { | |
403 | aes_dd = tmp; | |
404 | break; | |
405 | } | |
406 | ctx->dd = aes_dd; | |
407 | } else { | |
408 | aes_dd = ctx->dd; | |
409 | } | |
410 | ||
411 | spin_unlock_bh(&atmel_aes.lock); | |
412 | ||
413 | return aes_dd; | |
414 | } | |
415 | ||
416 | static int atmel_aes_hw_init(struct atmel_aes_dev *dd) | |
417 | { | |
9d83d299 LC |
418 | int err; |
419 | ||
49a20454 | 420 | err = clk_enable(dd->iclk); |
9d83d299 LC |
421 | if (err) |
422 | return err; | |
bd3c7b5c NR |
423 | |
424 | if (!(dd->flags & AES_FLAGS_INIT)) { | |
425 | atmel_aes_write(dd, AES_CR, AES_CR_SWRST); | |
cadc4ab8 | 426 | atmel_aes_write(dd, AES_MR, 0xE << AES_MR_CKEY_OFFSET); |
bd3c7b5c | 427 | dd->flags |= AES_FLAGS_INIT; |
bd3c7b5c NR |
428 | } |
429 | ||
430 | return 0; | |
431 | } | |
432 | ||
cadc4ab8 NR |
433 | static inline unsigned int atmel_aes_get_version(struct atmel_aes_dev *dd) |
434 | { | |
435 | return atmel_aes_read(dd, AES_HW_VERSION) & 0x00000fff; | |
436 | } | |
437 | ||
aab0a39b | 438 | static int atmel_aes_hw_version_init(struct atmel_aes_dev *dd) |
bd3c7b5c | 439 | { |
aab0a39b CP |
440 | int err; |
441 | ||
442 | err = atmel_aes_hw_init(dd); | |
443 | if (err) | |
444 | return err; | |
bd3c7b5c | 445 | |
cadc4ab8 NR |
446 | dd->hw_version = atmel_aes_get_version(dd); |
447 | ||
aab0a39b | 448 | dev_info(dd->dev, "version: 0x%x\n", dd->hw_version); |
bd3c7b5c | 449 | |
49a20454 | 450 | clk_disable(dd->iclk); |
aab0a39b | 451 | return 0; |
bd3c7b5c NR |
452 | } |
453 | ||
77dacf5f CP |
454 | static inline void atmel_aes_set_mode(struct atmel_aes_dev *dd, |
455 | const struct atmel_aes_reqctx *rctx) | |
456 | { | |
457 | /* Clear all but persistent flags and set request flags. */ | |
458 | dd->flags = (dd->flags & AES_FLAGS_PERSISTENT) | rctx->mode; | |
459 | } | |
460 | ||
d4419548 CP |
461 | static inline bool atmel_aes_is_encrypt(const struct atmel_aes_dev *dd) |
462 | { | |
463 | return (dd->flags & AES_FLAGS_ENCRYPT); | |
464 | } | |
465 | ||
10f12c1b | 466 | static inline int atmel_aes_complete(struct atmel_aes_dev *dd, int err) |
bd3c7b5c | 467 | { |
49a20454 | 468 | clk_disable(dd->iclk); |
bd3c7b5c NR |
469 | dd->flags &= ~AES_FLAGS_BUSY; |
470 | ||
10f12c1b CP |
471 | if (dd->is_async) |
472 | dd->areq->complete(dd->areq, err); | |
473 | ||
474 | tasklet_schedule(&dd->queue_task); | |
475 | ||
476 | return err; | |
bd3c7b5c NR |
477 | } |
478 | ||
d52db518 CP |
479 | static void atmel_aes_write_ctrl_key(struct atmel_aes_dev *dd, bool use_dma, |
480 | const u32 *iv, const u32 *key, int keylen) | |
e37a7e55 CP |
481 | { |
482 | u32 valmr = 0; | |
483 | ||
484 | /* MR register must be set before IV registers */ | |
d52db518 | 485 | if (keylen == AES_KEYSIZE_128) |
e37a7e55 | 486 | valmr |= AES_MR_KEYSIZE_128; |
d52db518 | 487 | else if (keylen == AES_KEYSIZE_192) |
e37a7e55 CP |
488 | valmr |= AES_MR_KEYSIZE_192; |
489 | else | |
490 | valmr |= AES_MR_KEYSIZE_256; | |
491 | ||
492 | valmr |= dd->flags & AES_FLAGS_MODE_MASK; | |
493 | ||
494 | if (use_dma) { | |
495 | valmr |= AES_MR_SMOD_IDATAR0; | |
496 | if (dd->caps.has_dualbuff) | |
497 | valmr |= AES_MR_DUALBUFF; | |
498 | } else { | |
499 | valmr |= AES_MR_SMOD_AUTO; | |
500 | } | |
501 | ||
502 | atmel_aes_write(dd, AES_MR, valmr); | |
503 | ||
d52db518 | 504 | atmel_aes_write_n(dd, AES_KEYWR(0), key, SIZE_IN_WORDS(keylen)); |
e37a7e55 CP |
505 | |
506 | if (iv && (valmr & AES_MR_OPMOD_MASK) != AES_MR_OPMOD_ECB) | |
507 | atmel_aes_write_block(dd, AES_IVR(0), iv); | |
508 | } | |
509 | ||
d52db518 CP |
510 | static inline void atmel_aes_write_ctrl(struct atmel_aes_dev *dd, bool use_dma, |
511 | const u32 *iv) | |
512 | ||
513 | { | |
514 | atmel_aes_write_ctrl_key(dd, use_dma, iv, | |
515 | dd->ctx->key, dd->ctx->keylen); | |
516 | } | |
bbe628ed CP |
517 | |
518 | /* CPU transfer */ | |
519 | ||
520 | static int atmel_aes_cpu_transfer(struct atmel_aes_dev *dd) | |
bd3c7b5c | 521 | { |
bbe628ed CP |
522 | int err = 0; |
523 | u32 isr; | |
bd3c7b5c | 524 | |
bbe628ed CP |
525 | for (;;) { |
526 | atmel_aes_read_block(dd, AES_ODATAR(0), dd->data); | |
527 | dd->data += 4; | |
528 | dd->datalen -= AES_BLOCK_SIZE; | |
529 | ||
530 | if (dd->datalen < AES_BLOCK_SIZE) | |
531 | break; | |
532 | ||
533 | atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); | |
534 | ||
535 | isr = atmel_aes_read(dd, AES_ISR); | |
536 | if (!(isr & AES_INT_DATARDY)) { | |
537 | dd->resume = atmel_aes_cpu_transfer; | |
538 | atmel_aes_write(dd, AES_IER, AES_INT_DATARDY); | |
539 | return -EINPROGRESS; | |
540 | } | |
541 | } | |
542 | ||
543 | if (!sg_copy_from_buffer(dd->real_dst, sg_nents(dd->real_dst), | |
544 | dd->buf, dd->total)) | |
545 | err = -EINVAL; | |
546 | ||
547 | if (err) | |
548 | return atmel_aes_complete(dd, err); | |
549 | ||
550 | return dd->cpu_transfer_complete(dd); | |
bd3c7b5c NR |
551 | } |
552 | ||
bbe628ed CP |
553 | static int atmel_aes_cpu_start(struct atmel_aes_dev *dd, |
554 | struct scatterlist *src, | |
555 | struct scatterlist *dst, | |
556 | size_t len, | |
557 | atmel_aes_fn_t resume) | |
bd3c7b5c | 558 | { |
bbe628ed | 559 | size_t padlen = atmel_aes_padlen(len, AES_BLOCK_SIZE); |
77dacf5f | 560 | |
bbe628ed CP |
561 | if (unlikely(len == 0)) |
562 | return -EINVAL; | |
77dacf5f | 563 | |
bbe628ed | 564 | sg_copy_to_buffer(src, sg_nents(src), dd->buf, len); |
77dacf5f | 565 | |
bbe628ed CP |
566 | dd->total = len; |
567 | dd->real_dst = dst; | |
568 | dd->cpu_transfer_complete = resume; | |
569 | dd->datalen = len + padlen; | |
570 | dd->data = (u32 *)dd->buf; | |
571 | atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); | |
572 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_cpu_transfer); | |
573 | } | |
77dacf5f | 574 | |
77dacf5f | 575 | |
bbe628ed CP |
576 | /* DMA transfer */ |
577 | ||
578 | static void atmel_aes_dma_callback(void *data); | |
579 | ||
580 | static bool atmel_aes_check_aligned(struct atmel_aes_dev *dd, | |
581 | struct scatterlist *sg, | |
582 | size_t len, | |
583 | struct atmel_aes_dma *dma) | |
584 | { | |
585 | int nents; | |
586 | ||
587 | if (!IS_ALIGNED(len, dd->ctx->block_size)) | |
588 | return false; | |
589 | ||
590 | for (nents = 0; sg; sg = sg_next(sg), ++nents) { | |
591 | if (!IS_ALIGNED(sg->offset, sizeof(u32))) | |
592 | return false; | |
593 | ||
594 | if (len <= sg->length) { | |
595 | if (!IS_ALIGNED(len, dd->ctx->block_size)) | |
596 | return false; | |
597 | ||
598 | dma->nents = nents+1; | |
599 | dma->remainder = sg->length - len; | |
600 | sg->length = len; | |
601 | return true; | |
602 | } | |
603 | ||
604 | if (!IS_ALIGNED(sg->length, dd->ctx->block_size)) | |
605 | return false; | |
606 | ||
607 | len -= sg->length; | |
77dacf5f | 608 | } |
bd3c7b5c | 609 | |
bbe628ed CP |
610 | return false; |
611 | } | |
bd3c7b5c | 612 | |
bbe628ed CP |
613 | static inline void atmel_aes_restore_sg(const struct atmel_aes_dma *dma) |
614 | { | |
615 | struct scatterlist *sg = dma->sg; | |
616 | int nents = dma->nents; | |
bd3c7b5c | 617 | |
bbe628ed CP |
618 | if (!dma->remainder) |
619 | return; | |
bd3c7b5c | 620 | |
bbe628ed CP |
621 | while (--nents > 0 && sg) |
622 | sg = sg_next(sg); | |
bd3c7b5c | 623 | |
bbe628ed CP |
624 | if (!sg) |
625 | return; | |
bd3c7b5c | 626 | |
bbe628ed CP |
627 | sg->length += dma->remainder; |
628 | } | |
bd3c7b5c | 629 | |
bbe628ed CP |
630 | static int atmel_aes_map(struct atmel_aes_dev *dd, |
631 | struct scatterlist *src, | |
632 | struct scatterlist *dst, | |
633 | size_t len) | |
634 | { | |
635 | bool src_aligned, dst_aligned; | |
636 | size_t padlen; | |
cadc4ab8 | 637 | |
bbe628ed CP |
638 | dd->total = len; |
639 | dd->src.sg = src; | |
640 | dd->dst.sg = dst; | |
641 | dd->real_dst = dst; | |
bd3c7b5c | 642 | |
bbe628ed CP |
643 | src_aligned = atmel_aes_check_aligned(dd, src, len, &dd->src); |
644 | if (src == dst) | |
645 | dst_aligned = src_aligned; | |
646 | else | |
647 | dst_aligned = atmel_aes_check_aligned(dd, dst, len, &dd->dst); | |
648 | if (!src_aligned || !dst_aligned) { | |
649 | padlen = atmel_aes_padlen(len, dd->ctx->block_size); | |
650 | ||
651 | if (dd->buflen < len + padlen) | |
652 | return -ENOMEM; | |
653 | ||
654 | if (!src_aligned) { | |
655 | sg_copy_to_buffer(src, sg_nents(src), dd->buf, len); | |
656 | dd->src.sg = &dd->aligned_sg; | |
657 | dd->src.nents = 1; | |
658 | dd->src.remainder = 0; | |
659 | } | |
bd3c7b5c | 660 | |
bbe628ed CP |
661 | if (!dst_aligned) { |
662 | dd->dst.sg = &dd->aligned_sg; | |
663 | dd->dst.nents = 1; | |
664 | dd->dst.remainder = 0; | |
665 | } | |
bd3c7b5c | 666 | |
bbe628ed CP |
667 | sg_init_table(&dd->aligned_sg, 1); |
668 | sg_set_buf(&dd->aligned_sg, dd->buf, len + padlen); | |
669 | } | |
bd3c7b5c | 670 | |
bbe628ed CP |
671 | if (dd->src.sg == dd->dst.sg) { |
672 | dd->src.sg_len = dma_map_sg(dd->dev, dd->src.sg, dd->src.nents, | |
673 | DMA_BIDIRECTIONAL); | |
674 | dd->dst.sg_len = dd->src.sg_len; | |
675 | if (!dd->src.sg_len) | |
676 | return -EFAULT; | |
677 | } else { | |
678 | dd->src.sg_len = dma_map_sg(dd->dev, dd->src.sg, dd->src.nents, | |
679 | DMA_TO_DEVICE); | |
680 | if (!dd->src.sg_len) | |
681 | return -EFAULT; | |
682 | ||
683 | dd->dst.sg_len = dma_map_sg(dd->dev, dd->dst.sg, dd->dst.nents, | |
684 | DMA_FROM_DEVICE); | |
685 | if (!dd->dst.sg_len) { | |
686 | dma_unmap_sg(dd->dev, dd->src.sg, dd->src.nents, | |
687 | DMA_TO_DEVICE); | |
688 | return -EFAULT; | |
689 | } | |
690 | } | |
bd3c7b5c NR |
691 | |
692 | return 0; | |
bd3c7b5c NR |
693 | } |
694 | ||
bbe628ed | 695 | static void atmel_aes_unmap(struct atmel_aes_dev *dd) |
bd3c7b5c | 696 | { |
bbe628ed CP |
697 | if (dd->src.sg == dd->dst.sg) { |
698 | dma_unmap_sg(dd->dev, dd->src.sg, dd->src.nents, | |
699 | DMA_BIDIRECTIONAL); | |
ccbf7298 | 700 | |
bbe628ed CP |
701 | if (dd->src.sg != &dd->aligned_sg) |
702 | atmel_aes_restore_sg(&dd->src); | |
703 | } else { | |
704 | dma_unmap_sg(dd->dev, dd->dst.sg, dd->dst.nents, | |
705 | DMA_FROM_DEVICE); | |
289b2623 | 706 | |
bbe628ed CP |
707 | if (dd->dst.sg != &dd->aligned_sg) |
708 | atmel_aes_restore_sg(&dd->dst); | |
bd3c7b5c | 709 | |
bbe628ed CP |
710 | dma_unmap_sg(dd->dev, dd->src.sg, dd->src.nents, |
711 | DMA_TO_DEVICE); | |
712 | ||
713 | if (dd->src.sg != &dd->aligned_sg) | |
714 | atmel_aes_restore_sg(&dd->src); | |
715 | } | |
716 | ||
717 | if (dd->dst.sg == &dd->aligned_sg) | |
718 | sg_copy_from_buffer(dd->real_dst, sg_nents(dd->real_dst), | |
719 | dd->buf, dd->total); | |
720 | } | |
bd3c7b5c | 721 | |
bbe628ed CP |
722 | static int atmel_aes_dma_transfer_start(struct atmel_aes_dev *dd, |
723 | enum dma_slave_buswidth addr_width, | |
724 | enum dma_transfer_direction dir, | |
725 | u32 maxburst) | |
726 | { | |
727 | struct dma_async_tx_descriptor *desc; | |
728 | struct dma_slave_config config; | |
729 | dma_async_tx_callback callback; | |
730 | struct atmel_aes_dma *dma; | |
731 | int err; | |
732 | ||
733 | memset(&config, 0, sizeof(config)); | |
734 | config.direction = dir; | |
735 | config.src_addr_width = addr_width; | |
736 | config.dst_addr_width = addr_width; | |
737 | config.src_maxburst = maxburst; | |
738 | config.dst_maxburst = maxburst; | |
739 | ||
740 | switch (dir) { | |
741 | case DMA_MEM_TO_DEV: | |
742 | dma = &dd->src; | |
743 | callback = NULL; | |
744 | config.dst_addr = dd->phys_base + AES_IDATAR(0); | |
745 | break; | |
bd3c7b5c | 746 | |
bbe628ed CP |
747 | case DMA_DEV_TO_MEM: |
748 | dma = &dd->dst; | |
749 | callback = atmel_aes_dma_callback; | |
750 | config.src_addr = dd->phys_base + AES_ODATAR(0); | |
751 | break; | |
752 | ||
753 | default: | |
bd3c7b5c | 754 | return -EINVAL; |
bbe628ed | 755 | } |
bd3c7b5c | 756 | |
bbe628ed CP |
757 | err = dmaengine_slave_config(dma->chan, &config); |
758 | if (err) | |
759 | return err; | |
bd3c7b5c | 760 | |
bbe628ed CP |
761 | desc = dmaengine_prep_slave_sg(dma->chan, dma->sg, dma->sg_len, dir, |
762 | DMA_PREP_INTERRUPT | DMA_CTRL_ACK); | |
763 | if (!desc) | |
764 | return -ENOMEM; | |
bd3c7b5c | 765 | |
bbe628ed CP |
766 | desc->callback = callback; |
767 | desc->callback_param = dd; | |
768 | dmaengine_submit(desc); | |
769 | dma_async_issue_pending(dma->chan); | |
bd3c7b5c | 770 | |
bbe628ed CP |
771 | return 0; |
772 | } | |
10f12c1b | 773 | |
bbe628ed CP |
774 | static void atmel_aes_dma_transfer_stop(struct atmel_aes_dev *dd, |
775 | enum dma_transfer_direction dir) | |
bd3c7b5c | 776 | { |
bbe628ed | 777 | struct atmel_aes_dma *dma; |
cadc4ab8 | 778 | |
bbe628ed CP |
779 | switch (dir) { |
780 | case DMA_MEM_TO_DEV: | |
781 | dma = &dd->src; | |
782 | break; | |
783 | ||
784 | case DMA_DEV_TO_MEM: | |
785 | dma = &dd->dst; | |
786 | break; | |
cadc4ab8 | 787 | |
bbe628ed CP |
788 | default: |
789 | return; | |
cadc4ab8 NR |
790 | } |
791 | ||
bbe628ed CP |
792 | dmaengine_terminate_all(dma->chan); |
793 | } | |
cadc4ab8 | 794 | |
bbe628ed CP |
795 | static int atmel_aes_dma_start(struct atmel_aes_dev *dd, |
796 | struct scatterlist *src, | |
797 | struct scatterlist *dst, | |
798 | size_t len, | |
799 | atmel_aes_fn_t resume) | |
800 | { | |
801 | enum dma_slave_buswidth addr_width; | |
802 | u32 maxburst; | |
803 | int err; | |
cadc4ab8 | 804 | |
bbe628ed CP |
805 | switch (dd->ctx->block_size) { |
806 | case CFB8_BLOCK_SIZE: | |
807 | addr_width = DMA_SLAVE_BUSWIDTH_1_BYTE; | |
808 | maxburst = 1; | |
809 | break; | |
cadc4ab8 | 810 | |
bbe628ed CP |
811 | case CFB16_BLOCK_SIZE: |
812 | addr_width = DMA_SLAVE_BUSWIDTH_2_BYTES; | |
813 | maxburst = 1; | |
814 | break; | |
cadc4ab8 | 815 | |
bbe628ed CP |
816 | case CFB32_BLOCK_SIZE: |
817 | case CFB64_BLOCK_SIZE: | |
818 | addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES; | |
819 | maxburst = 1; | |
820 | break; | |
cadc4ab8 | 821 | |
bbe628ed CP |
822 | case AES_BLOCK_SIZE: |
823 | addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES; | |
824 | maxburst = dd->caps.max_burst_size; | |
825 | break; | |
bd3c7b5c | 826 | |
bbe628ed CP |
827 | default: |
828 | err = -EINVAL; | |
829 | goto exit; | |
830 | } | |
289b2623 | 831 | |
bbe628ed CP |
832 | err = atmel_aes_map(dd, src, dst, len); |
833 | if (err) | |
834 | goto exit; | |
cadc4ab8 | 835 | |
bbe628ed | 836 | dd->resume = resume; |
cadc4ab8 | 837 | |
bbe628ed CP |
838 | /* Set output DMA transfer first */ |
839 | err = atmel_aes_dma_transfer_start(dd, addr_width, DMA_DEV_TO_MEM, | |
840 | maxburst); | |
841 | if (err) | |
842 | goto unmap; | |
bd3c7b5c | 843 | |
bbe628ed CP |
844 | /* Then set input DMA transfer */ |
845 | err = atmel_aes_dma_transfer_start(dd, addr_width, DMA_MEM_TO_DEV, | |
846 | maxburst); | |
847 | if (err) | |
848 | goto output_transfer_stop; | |
bd3c7b5c | 849 | |
bbe628ed | 850 | return -EINPROGRESS; |
cadc4ab8 | 851 | |
bbe628ed CP |
852 | output_transfer_stop: |
853 | atmel_aes_dma_transfer_stop(dd, DMA_DEV_TO_MEM); | |
854 | unmap: | |
855 | atmel_aes_unmap(dd); | |
856 | exit: | |
857 | return atmel_aes_complete(dd, err); | |
858 | } | |
bd3c7b5c | 859 | |
bbe628ed CP |
860 | static void atmel_aes_dma_stop(struct atmel_aes_dev *dd) |
861 | { | |
862 | atmel_aes_dma_transfer_stop(dd, DMA_MEM_TO_DEV); | |
863 | atmel_aes_dma_transfer_stop(dd, DMA_DEV_TO_MEM); | |
864 | atmel_aes_unmap(dd); | |
865 | } | |
866 | ||
867 | static void atmel_aes_dma_callback(void *data) | |
868 | { | |
869 | struct atmel_aes_dev *dd = data; | |
870 | ||
871 | atmel_aes_dma_stop(dd); | |
872 | dd->is_async = true; | |
873 | (void)dd->resume(dd); | |
bd3c7b5c NR |
874 | } |
875 | ||
bd3c7b5c | 876 | static int atmel_aes_handle_queue(struct atmel_aes_dev *dd, |
ccbf7298 | 877 | struct crypto_async_request *new_areq) |
bd3c7b5c | 878 | { |
ccbf7298 CP |
879 | struct crypto_async_request *areq, *backlog; |
880 | struct atmel_aes_base_ctx *ctx; | |
bd3c7b5c NR |
881 | unsigned long flags; |
882 | int err, ret = 0; | |
883 | ||
884 | spin_lock_irqsave(&dd->lock, flags); | |
ccbf7298 CP |
885 | if (new_areq) |
886 | ret = crypto_enqueue_request(&dd->queue, new_areq); | |
bd3c7b5c NR |
887 | if (dd->flags & AES_FLAGS_BUSY) { |
888 | spin_unlock_irqrestore(&dd->lock, flags); | |
889 | return ret; | |
890 | } | |
891 | backlog = crypto_get_backlog(&dd->queue); | |
ccbf7298 CP |
892 | areq = crypto_dequeue_request(&dd->queue); |
893 | if (areq) | |
bd3c7b5c NR |
894 | dd->flags |= AES_FLAGS_BUSY; |
895 | spin_unlock_irqrestore(&dd->lock, flags); | |
896 | ||
ccbf7298 | 897 | if (!areq) |
bd3c7b5c NR |
898 | return ret; |
899 | ||
900 | if (backlog) | |
901 | backlog->complete(backlog, -EINPROGRESS); | |
902 | ||
ccbf7298 CP |
903 | ctx = crypto_tfm_ctx(areq->tfm); |
904 | ||
905 | dd->areq = areq; | |
906 | dd->ctx = ctx; | |
10f12c1b | 907 | dd->is_async = (areq != new_areq); |
ccbf7298 CP |
908 | |
909 | err = ctx->start(dd); | |
10f12c1b | 910 | return (dd->is_async) ? ret : err; |
ccbf7298 CP |
911 | } |
912 | ||
e37a7e55 CP |
913 | |
914 | /* AES async block ciphers */ | |
915 | ||
bbe628ed CP |
916 | static int atmel_aes_transfer_complete(struct atmel_aes_dev *dd) |
917 | { | |
918 | return atmel_aes_complete(dd, 0); | |
919 | } | |
920 | ||
ccbf7298 CP |
921 | static int atmel_aes_start(struct atmel_aes_dev *dd) |
922 | { | |
923 | struct ablkcipher_request *req = ablkcipher_request_cast(dd->areq); | |
bbe628ed CP |
924 | struct atmel_aes_reqctx *rctx = ablkcipher_request_ctx(req); |
925 | bool use_dma = (req->nbytes >= ATMEL_AES_DMA_THRESHOLD || | |
926 | dd->ctx->block_size != AES_BLOCK_SIZE); | |
ccbf7298 | 927 | int err; |
bd3c7b5c | 928 | |
77dacf5f | 929 | atmel_aes_set_mode(dd, rctx); |
bd3c7b5c | 930 | |
cdfab4a7 | 931 | err = atmel_aes_hw_init(dd); |
bbe628ed | 932 | if (err) |
10f12c1b | 933 | return atmel_aes_complete(dd, err); |
bd3c7b5c | 934 | |
bbe628ed CP |
935 | atmel_aes_write_ctrl(dd, use_dma, req->info); |
936 | if (use_dma) | |
937 | return atmel_aes_dma_start(dd, req->src, req->dst, req->nbytes, | |
938 | atmel_aes_transfer_complete); | |
bd3c7b5c | 939 | |
bbe628ed CP |
940 | return atmel_aes_cpu_start(dd, req->src, req->dst, req->nbytes, |
941 | atmel_aes_transfer_complete); | |
bd3c7b5c NR |
942 | } |
943 | ||
fcac8365 CP |
944 | static inline struct atmel_aes_ctr_ctx * |
945 | atmel_aes_ctr_ctx_cast(struct atmel_aes_base_ctx *ctx) | |
946 | { | |
947 | return container_of(ctx, struct atmel_aes_ctr_ctx, base); | |
948 | } | |
949 | ||
950 | static int atmel_aes_ctr_transfer(struct atmel_aes_dev *dd) | |
951 | { | |
952 | struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); | |
953 | struct ablkcipher_request *req = ablkcipher_request_cast(dd->areq); | |
954 | struct scatterlist *src, *dst; | |
955 | u32 ctr, blocks; | |
956 | size_t datalen; | |
957 | bool use_dma, fragmented = false; | |
958 | ||
959 | /* Check for transfer completion. */ | |
960 | ctx->offset += dd->total; | |
961 | if (ctx->offset >= req->nbytes) | |
962 | return atmel_aes_transfer_complete(dd); | |
963 | ||
964 | /* Compute data length. */ | |
965 | datalen = req->nbytes - ctx->offset; | |
966 | blocks = DIV_ROUND_UP(datalen, AES_BLOCK_SIZE); | |
967 | ctr = be32_to_cpu(ctx->iv[3]); | |
968 | if (dd->caps.has_ctr32) { | |
969 | /* Check 32bit counter overflow. */ | |
970 | u32 start = ctr; | |
971 | u32 end = start + blocks - 1; | |
972 | ||
973 | if (end < start) { | |
974 | ctr |= 0xffffffff; | |
975 | datalen = AES_BLOCK_SIZE * -start; | |
976 | fragmented = true; | |
977 | } | |
978 | } else { | |
979 | /* Check 16bit counter overflow. */ | |
980 | u16 start = ctr & 0xffff; | |
981 | u16 end = start + (u16)blocks - 1; | |
982 | ||
983 | if (blocks >> 16 || end < start) { | |
984 | ctr |= 0xffff; | |
985 | datalen = AES_BLOCK_SIZE * (0x10000-start); | |
986 | fragmented = true; | |
987 | } | |
988 | } | |
989 | use_dma = (datalen >= ATMEL_AES_DMA_THRESHOLD); | |
990 | ||
991 | /* Jump to offset. */ | |
992 | src = scatterwalk_ffwd(ctx->src, req->src, ctx->offset); | |
993 | dst = ((req->src == req->dst) ? src : | |
994 | scatterwalk_ffwd(ctx->dst, req->dst, ctx->offset)); | |
995 | ||
996 | /* Configure hardware. */ | |
997 | atmel_aes_write_ctrl(dd, use_dma, ctx->iv); | |
998 | if (unlikely(fragmented)) { | |
999 | /* | |
1000 | * Increment the counter manually to cope with the hardware | |
1001 | * counter overflow. | |
1002 | */ | |
1003 | ctx->iv[3] = cpu_to_be32(ctr); | |
1004 | crypto_inc((u8 *)ctx->iv, AES_BLOCK_SIZE); | |
1005 | } | |
1006 | ||
1007 | if (use_dma) | |
1008 | return atmel_aes_dma_start(dd, src, dst, datalen, | |
1009 | atmel_aes_ctr_transfer); | |
1010 | ||
1011 | return atmel_aes_cpu_start(dd, src, dst, datalen, | |
1012 | atmel_aes_ctr_transfer); | |
1013 | } | |
1014 | ||
1015 | static int atmel_aes_ctr_start(struct atmel_aes_dev *dd) | |
1016 | { | |
1017 | struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); | |
1018 | struct ablkcipher_request *req = ablkcipher_request_cast(dd->areq); | |
1019 | struct atmel_aes_reqctx *rctx = ablkcipher_request_ctx(req); | |
1020 | int err; | |
1021 | ||
1022 | atmel_aes_set_mode(dd, rctx); | |
1023 | ||
1024 | err = atmel_aes_hw_init(dd); | |
1025 | if (err) | |
1026 | return atmel_aes_complete(dd, err); | |
1027 | ||
1028 | memcpy(ctx->iv, req->info, AES_BLOCK_SIZE); | |
1029 | ctx->offset = 0; | |
1030 | dd->total = 0; | |
1031 | return atmel_aes_ctr_transfer(dd); | |
1032 | } | |
1033 | ||
bd3c7b5c NR |
1034 | static int atmel_aes_crypt(struct ablkcipher_request *req, unsigned long mode) |
1035 | { | |
afbac17e CP |
1036 | struct atmel_aes_base_ctx *ctx; |
1037 | struct atmel_aes_reqctx *rctx; | |
bd3c7b5c NR |
1038 | struct atmel_aes_dev *dd; |
1039 | ||
afbac17e | 1040 | ctx = crypto_ablkcipher_ctx(crypto_ablkcipher_reqtfm(req)); |
77dacf5f CP |
1041 | switch (mode & AES_FLAGS_OPMODE_MASK) { |
1042 | case AES_FLAGS_CFB8: | |
cadc4ab8 | 1043 | ctx->block_size = CFB8_BLOCK_SIZE; |
77dacf5f CP |
1044 | break; |
1045 | ||
1046 | case AES_FLAGS_CFB16: | |
cadc4ab8 | 1047 | ctx->block_size = CFB16_BLOCK_SIZE; |
77dacf5f CP |
1048 | break; |
1049 | ||
1050 | case AES_FLAGS_CFB32: | |
cadc4ab8 | 1051 | ctx->block_size = CFB32_BLOCK_SIZE; |
77dacf5f CP |
1052 | break; |
1053 | ||
1054 | case AES_FLAGS_CFB64: | |
9f84951f | 1055 | ctx->block_size = CFB64_BLOCK_SIZE; |
77dacf5f CP |
1056 | break; |
1057 | ||
1058 | default: | |
cadc4ab8 | 1059 | ctx->block_size = AES_BLOCK_SIZE; |
77dacf5f | 1060 | break; |
bd3c7b5c NR |
1061 | } |
1062 | ||
1063 | dd = atmel_aes_find_dev(ctx); | |
1064 | if (!dd) | |
1065 | return -ENODEV; | |
1066 | ||
afbac17e | 1067 | rctx = ablkcipher_request_ctx(req); |
bd3c7b5c NR |
1068 | rctx->mode = mode; |
1069 | ||
ccbf7298 | 1070 | return atmel_aes_handle_queue(dd, &req->base); |
bd3c7b5c NR |
1071 | } |
1072 | ||
bd3c7b5c NR |
1073 | static int atmel_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, |
1074 | unsigned int keylen) | |
1075 | { | |
ccbf7298 | 1076 | struct atmel_aes_base_ctx *ctx = crypto_ablkcipher_ctx(tfm); |
bd3c7b5c | 1077 | |
afbac17e CP |
1078 | if (keylen != AES_KEYSIZE_128 && |
1079 | keylen != AES_KEYSIZE_192 && | |
1080 | keylen != AES_KEYSIZE_256) { | |
bd3c7b5c NR |
1081 | crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); |
1082 | return -EINVAL; | |
1083 | } | |
1084 | ||
1085 | memcpy(ctx->key, key, keylen); | |
1086 | ctx->keylen = keylen; | |
1087 | ||
1088 | return 0; | |
1089 | } | |
1090 | ||
1091 | static int atmel_aes_ecb_encrypt(struct ablkcipher_request *req) | |
1092 | { | |
77dacf5f | 1093 | return atmel_aes_crypt(req, AES_FLAGS_ECB | AES_FLAGS_ENCRYPT); |
bd3c7b5c NR |
1094 | } |
1095 | ||
1096 | static int atmel_aes_ecb_decrypt(struct ablkcipher_request *req) | |
1097 | { | |
77dacf5f | 1098 | return atmel_aes_crypt(req, AES_FLAGS_ECB); |
bd3c7b5c NR |
1099 | } |
1100 | ||
1101 | static int atmel_aes_cbc_encrypt(struct ablkcipher_request *req) | |
1102 | { | |
afbac17e | 1103 | return atmel_aes_crypt(req, AES_FLAGS_CBC | AES_FLAGS_ENCRYPT); |
bd3c7b5c NR |
1104 | } |
1105 | ||
1106 | static int atmel_aes_cbc_decrypt(struct ablkcipher_request *req) | |
1107 | { | |
afbac17e | 1108 | return atmel_aes_crypt(req, AES_FLAGS_CBC); |
bd3c7b5c NR |
1109 | } |
1110 | ||
1111 | static int atmel_aes_ofb_encrypt(struct ablkcipher_request *req) | |
1112 | { | |
afbac17e | 1113 | return atmel_aes_crypt(req, AES_FLAGS_OFB | AES_FLAGS_ENCRYPT); |
bd3c7b5c NR |
1114 | } |
1115 | ||
1116 | static int atmel_aes_ofb_decrypt(struct ablkcipher_request *req) | |
1117 | { | |
afbac17e | 1118 | return atmel_aes_crypt(req, AES_FLAGS_OFB); |
bd3c7b5c NR |
1119 | } |
1120 | ||
1121 | static int atmel_aes_cfb_encrypt(struct ablkcipher_request *req) | |
1122 | { | |
77dacf5f | 1123 | return atmel_aes_crypt(req, AES_FLAGS_CFB128 | AES_FLAGS_ENCRYPT); |
bd3c7b5c NR |
1124 | } |
1125 | ||
1126 | static int atmel_aes_cfb_decrypt(struct ablkcipher_request *req) | |
1127 | { | |
77dacf5f | 1128 | return atmel_aes_crypt(req, AES_FLAGS_CFB128); |
bd3c7b5c NR |
1129 | } |
1130 | ||
1131 | static int atmel_aes_cfb64_encrypt(struct ablkcipher_request *req) | |
1132 | { | |
77dacf5f | 1133 | return atmel_aes_crypt(req, AES_FLAGS_CFB64 | AES_FLAGS_ENCRYPT); |
bd3c7b5c NR |
1134 | } |
1135 | ||
1136 | static int atmel_aes_cfb64_decrypt(struct ablkcipher_request *req) | |
1137 | { | |
77dacf5f | 1138 | return atmel_aes_crypt(req, AES_FLAGS_CFB64); |
bd3c7b5c NR |
1139 | } |
1140 | ||
1141 | static int atmel_aes_cfb32_encrypt(struct ablkcipher_request *req) | |
1142 | { | |
77dacf5f | 1143 | return atmel_aes_crypt(req, AES_FLAGS_CFB32 | AES_FLAGS_ENCRYPT); |
bd3c7b5c NR |
1144 | } |
1145 | ||
1146 | static int atmel_aes_cfb32_decrypt(struct ablkcipher_request *req) | |
1147 | { | |
77dacf5f | 1148 | return atmel_aes_crypt(req, AES_FLAGS_CFB32); |
bd3c7b5c NR |
1149 | } |
1150 | ||
1151 | static int atmel_aes_cfb16_encrypt(struct ablkcipher_request *req) | |
1152 | { | |
77dacf5f | 1153 | return atmel_aes_crypt(req, AES_FLAGS_CFB16 | AES_FLAGS_ENCRYPT); |
bd3c7b5c NR |
1154 | } |
1155 | ||
1156 | static int atmel_aes_cfb16_decrypt(struct ablkcipher_request *req) | |
1157 | { | |
77dacf5f | 1158 | return atmel_aes_crypt(req, AES_FLAGS_CFB16); |
bd3c7b5c NR |
1159 | } |
1160 | ||
1161 | static int atmel_aes_cfb8_encrypt(struct ablkcipher_request *req) | |
1162 | { | |
77dacf5f | 1163 | return atmel_aes_crypt(req, AES_FLAGS_CFB8 | AES_FLAGS_ENCRYPT); |
bd3c7b5c NR |
1164 | } |
1165 | ||
1166 | static int atmel_aes_cfb8_decrypt(struct ablkcipher_request *req) | |
1167 | { | |
77dacf5f | 1168 | return atmel_aes_crypt(req, AES_FLAGS_CFB8); |
bd3c7b5c NR |
1169 | } |
1170 | ||
1171 | static int atmel_aes_ctr_encrypt(struct ablkcipher_request *req) | |
1172 | { | |
afbac17e | 1173 | return atmel_aes_crypt(req, AES_FLAGS_CTR | AES_FLAGS_ENCRYPT); |
bd3c7b5c NR |
1174 | } |
1175 | ||
1176 | static int atmel_aes_ctr_decrypt(struct ablkcipher_request *req) | |
1177 | { | |
afbac17e | 1178 | return atmel_aes_crypt(req, AES_FLAGS_CTR); |
bd3c7b5c NR |
1179 | } |
1180 | ||
1181 | static int atmel_aes_cra_init(struct crypto_tfm *tfm) | |
1182 | { | |
ccbf7298 CP |
1183 | struct atmel_aes_ctx *ctx = crypto_tfm_ctx(tfm); |
1184 | ||
bd3c7b5c | 1185 | tfm->crt_ablkcipher.reqsize = sizeof(struct atmel_aes_reqctx); |
ccbf7298 | 1186 | ctx->base.start = atmel_aes_start; |
bd3c7b5c NR |
1187 | |
1188 | return 0; | |
1189 | } | |
1190 | ||
fcac8365 CP |
1191 | static int atmel_aes_ctr_cra_init(struct crypto_tfm *tfm) |
1192 | { | |
1193 | struct atmel_aes_ctx *ctx = crypto_tfm_ctx(tfm); | |
1194 | ||
1195 | tfm->crt_ablkcipher.reqsize = sizeof(struct atmel_aes_reqctx); | |
1196 | ctx->base.start = atmel_aes_ctr_start; | |
1197 | ||
1198 | return 0; | |
1199 | } | |
1200 | ||
bd3c7b5c NR |
1201 | static void atmel_aes_cra_exit(struct crypto_tfm *tfm) |
1202 | { | |
1203 | } | |
1204 | ||
1205 | static struct crypto_alg aes_algs[] = { | |
1206 | { | |
1207 | .cra_name = "ecb(aes)", | |
1208 | .cra_driver_name = "atmel-ecb-aes", | |
88efd9a9 | 1209 | .cra_priority = ATMEL_AES_PRIORITY, |
bd3c7b5c NR |
1210 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, |
1211 | .cra_blocksize = AES_BLOCK_SIZE, | |
1212 | .cra_ctxsize = sizeof(struct atmel_aes_ctx), | |
cadc4ab8 | 1213 | .cra_alignmask = 0xf, |
bd3c7b5c NR |
1214 | .cra_type = &crypto_ablkcipher_type, |
1215 | .cra_module = THIS_MODULE, | |
1216 | .cra_init = atmel_aes_cra_init, | |
1217 | .cra_exit = atmel_aes_cra_exit, | |
1218 | .cra_u.ablkcipher = { | |
1219 | .min_keysize = AES_MIN_KEY_SIZE, | |
1220 | .max_keysize = AES_MAX_KEY_SIZE, | |
1221 | .setkey = atmel_aes_setkey, | |
1222 | .encrypt = atmel_aes_ecb_encrypt, | |
1223 | .decrypt = atmel_aes_ecb_decrypt, | |
1224 | } | |
1225 | }, | |
1226 | { | |
1227 | .cra_name = "cbc(aes)", | |
1228 | .cra_driver_name = "atmel-cbc-aes", | |
88efd9a9 | 1229 | .cra_priority = ATMEL_AES_PRIORITY, |
bd3c7b5c NR |
1230 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, |
1231 | .cra_blocksize = AES_BLOCK_SIZE, | |
1232 | .cra_ctxsize = sizeof(struct atmel_aes_ctx), | |
cadc4ab8 | 1233 | .cra_alignmask = 0xf, |
bd3c7b5c NR |
1234 | .cra_type = &crypto_ablkcipher_type, |
1235 | .cra_module = THIS_MODULE, | |
1236 | .cra_init = atmel_aes_cra_init, | |
1237 | .cra_exit = atmel_aes_cra_exit, | |
1238 | .cra_u.ablkcipher = { | |
1239 | .min_keysize = AES_MIN_KEY_SIZE, | |
1240 | .max_keysize = AES_MAX_KEY_SIZE, | |
1241 | .ivsize = AES_BLOCK_SIZE, | |
1242 | .setkey = atmel_aes_setkey, | |
1243 | .encrypt = atmel_aes_cbc_encrypt, | |
1244 | .decrypt = atmel_aes_cbc_decrypt, | |
1245 | } | |
1246 | }, | |
1247 | { | |
1248 | .cra_name = "ofb(aes)", | |
1249 | .cra_driver_name = "atmel-ofb-aes", | |
88efd9a9 | 1250 | .cra_priority = ATMEL_AES_PRIORITY, |
bd3c7b5c NR |
1251 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, |
1252 | .cra_blocksize = AES_BLOCK_SIZE, | |
1253 | .cra_ctxsize = sizeof(struct atmel_aes_ctx), | |
cadc4ab8 | 1254 | .cra_alignmask = 0xf, |
bd3c7b5c NR |
1255 | .cra_type = &crypto_ablkcipher_type, |
1256 | .cra_module = THIS_MODULE, | |
1257 | .cra_init = atmel_aes_cra_init, | |
1258 | .cra_exit = atmel_aes_cra_exit, | |
1259 | .cra_u.ablkcipher = { | |
1260 | .min_keysize = AES_MIN_KEY_SIZE, | |
1261 | .max_keysize = AES_MAX_KEY_SIZE, | |
1262 | .ivsize = AES_BLOCK_SIZE, | |
1263 | .setkey = atmel_aes_setkey, | |
1264 | .encrypt = atmel_aes_ofb_encrypt, | |
1265 | .decrypt = atmel_aes_ofb_decrypt, | |
1266 | } | |
1267 | }, | |
1268 | { | |
1269 | .cra_name = "cfb(aes)", | |
1270 | .cra_driver_name = "atmel-cfb-aes", | |
88efd9a9 | 1271 | .cra_priority = ATMEL_AES_PRIORITY, |
bd3c7b5c NR |
1272 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, |
1273 | .cra_blocksize = AES_BLOCK_SIZE, | |
1274 | .cra_ctxsize = sizeof(struct atmel_aes_ctx), | |
cadc4ab8 | 1275 | .cra_alignmask = 0xf, |
bd3c7b5c NR |
1276 | .cra_type = &crypto_ablkcipher_type, |
1277 | .cra_module = THIS_MODULE, | |
1278 | .cra_init = atmel_aes_cra_init, | |
1279 | .cra_exit = atmel_aes_cra_exit, | |
1280 | .cra_u.ablkcipher = { | |
1281 | .min_keysize = AES_MIN_KEY_SIZE, | |
1282 | .max_keysize = AES_MAX_KEY_SIZE, | |
1283 | .ivsize = AES_BLOCK_SIZE, | |
1284 | .setkey = atmel_aes_setkey, | |
1285 | .encrypt = atmel_aes_cfb_encrypt, | |
1286 | .decrypt = atmel_aes_cfb_decrypt, | |
1287 | } | |
1288 | }, | |
1289 | { | |
1290 | .cra_name = "cfb32(aes)", | |
1291 | .cra_driver_name = "atmel-cfb32-aes", | |
88efd9a9 | 1292 | .cra_priority = ATMEL_AES_PRIORITY, |
bd3c7b5c NR |
1293 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, |
1294 | .cra_blocksize = CFB32_BLOCK_SIZE, | |
1295 | .cra_ctxsize = sizeof(struct atmel_aes_ctx), | |
cadc4ab8 | 1296 | .cra_alignmask = 0x3, |
bd3c7b5c NR |
1297 | .cra_type = &crypto_ablkcipher_type, |
1298 | .cra_module = THIS_MODULE, | |
1299 | .cra_init = atmel_aes_cra_init, | |
1300 | .cra_exit = atmel_aes_cra_exit, | |
1301 | .cra_u.ablkcipher = { | |
1302 | .min_keysize = AES_MIN_KEY_SIZE, | |
1303 | .max_keysize = AES_MAX_KEY_SIZE, | |
1304 | .ivsize = AES_BLOCK_SIZE, | |
1305 | .setkey = atmel_aes_setkey, | |
1306 | .encrypt = atmel_aes_cfb32_encrypt, | |
1307 | .decrypt = atmel_aes_cfb32_decrypt, | |
1308 | } | |
1309 | }, | |
1310 | { | |
1311 | .cra_name = "cfb16(aes)", | |
1312 | .cra_driver_name = "atmel-cfb16-aes", | |
88efd9a9 | 1313 | .cra_priority = ATMEL_AES_PRIORITY, |
bd3c7b5c NR |
1314 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, |
1315 | .cra_blocksize = CFB16_BLOCK_SIZE, | |
1316 | .cra_ctxsize = sizeof(struct atmel_aes_ctx), | |
cadc4ab8 | 1317 | .cra_alignmask = 0x1, |
bd3c7b5c NR |
1318 | .cra_type = &crypto_ablkcipher_type, |
1319 | .cra_module = THIS_MODULE, | |
1320 | .cra_init = atmel_aes_cra_init, | |
1321 | .cra_exit = atmel_aes_cra_exit, | |
1322 | .cra_u.ablkcipher = { | |
1323 | .min_keysize = AES_MIN_KEY_SIZE, | |
1324 | .max_keysize = AES_MAX_KEY_SIZE, | |
1325 | .ivsize = AES_BLOCK_SIZE, | |
1326 | .setkey = atmel_aes_setkey, | |
1327 | .encrypt = atmel_aes_cfb16_encrypt, | |
1328 | .decrypt = atmel_aes_cfb16_decrypt, | |
1329 | } | |
1330 | }, | |
1331 | { | |
1332 | .cra_name = "cfb8(aes)", | |
1333 | .cra_driver_name = "atmel-cfb8-aes", | |
88efd9a9 | 1334 | .cra_priority = ATMEL_AES_PRIORITY, |
bd3c7b5c | 1335 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, |
e5d8c961 | 1336 | .cra_blocksize = CFB8_BLOCK_SIZE, |
bd3c7b5c NR |
1337 | .cra_ctxsize = sizeof(struct atmel_aes_ctx), |
1338 | .cra_alignmask = 0x0, | |
1339 | .cra_type = &crypto_ablkcipher_type, | |
1340 | .cra_module = THIS_MODULE, | |
1341 | .cra_init = atmel_aes_cra_init, | |
1342 | .cra_exit = atmel_aes_cra_exit, | |
1343 | .cra_u.ablkcipher = { | |
1344 | .min_keysize = AES_MIN_KEY_SIZE, | |
1345 | .max_keysize = AES_MAX_KEY_SIZE, | |
1346 | .ivsize = AES_BLOCK_SIZE, | |
1347 | .setkey = atmel_aes_setkey, | |
1348 | .encrypt = atmel_aes_cfb8_encrypt, | |
1349 | .decrypt = atmel_aes_cfb8_decrypt, | |
1350 | } | |
1351 | }, | |
1352 | { | |
1353 | .cra_name = "ctr(aes)", | |
1354 | .cra_driver_name = "atmel-ctr-aes", | |
88efd9a9 | 1355 | .cra_priority = ATMEL_AES_PRIORITY, |
bd3c7b5c | 1356 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, |
da7b850e | 1357 | .cra_blocksize = 1, |
fcac8365 | 1358 | .cra_ctxsize = sizeof(struct atmel_aes_ctr_ctx), |
cadc4ab8 | 1359 | .cra_alignmask = 0xf, |
bd3c7b5c NR |
1360 | .cra_type = &crypto_ablkcipher_type, |
1361 | .cra_module = THIS_MODULE, | |
fcac8365 | 1362 | .cra_init = atmel_aes_ctr_cra_init, |
bd3c7b5c NR |
1363 | .cra_exit = atmel_aes_cra_exit, |
1364 | .cra_u.ablkcipher = { | |
1365 | .min_keysize = AES_MIN_KEY_SIZE, | |
1366 | .max_keysize = AES_MAX_KEY_SIZE, | |
1367 | .ivsize = AES_BLOCK_SIZE, | |
1368 | .setkey = atmel_aes_setkey, | |
1369 | .encrypt = atmel_aes_ctr_encrypt, | |
1370 | .decrypt = atmel_aes_ctr_decrypt, | |
1371 | } | |
1372 | }, | |
1373 | }; | |
1374 | ||
cadc4ab8 | 1375 | static struct crypto_alg aes_cfb64_alg = { |
bd3c7b5c NR |
1376 | .cra_name = "cfb64(aes)", |
1377 | .cra_driver_name = "atmel-cfb64-aes", | |
88efd9a9 | 1378 | .cra_priority = ATMEL_AES_PRIORITY, |
bd3c7b5c NR |
1379 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, |
1380 | .cra_blocksize = CFB64_BLOCK_SIZE, | |
1381 | .cra_ctxsize = sizeof(struct atmel_aes_ctx), | |
cadc4ab8 | 1382 | .cra_alignmask = 0x7, |
bd3c7b5c NR |
1383 | .cra_type = &crypto_ablkcipher_type, |
1384 | .cra_module = THIS_MODULE, | |
1385 | .cra_init = atmel_aes_cra_init, | |
1386 | .cra_exit = atmel_aes_cra_exit, | |
1387 | .cra_u.ablkcipher = { | |
1388 | .min_keysize = AES_MIN_KEY_SIZE, | |
1389 | .max_keysize = AES_MAX_KEY_SIZE, | |
1390 | .ivsize = AES_BLOCK_SIZE, | |
1391 | .setkey = atmel_aes_setkey, | |
1392 | .encrypt = atmel_aes_cfb64_encrypt, | |
1393 | .decrypt = atmel_aes_cfb64_decrypt, | |
1394 | } | |
bd3c7b5c NR |
1395 | }; |
1396 | ||
e37a7e55 | 1397 | |
d4419548 CP |
1398 | /* gcm aead functions */ |
1399 | ||
1400 | static int atmel_aes_gcm_ghash(struct atmel_aes_dev *dd, | |
1401 | const u32 *data, size_t datalen, | |
1402 | const u32 *ghash_in, u32 *ghash_out, | |
1403 | atmel_aes_fn_t resume); | |
1404 | static int atmel_aes_gcm_ghash_init(struct atmel_aes_dev *dd); | |
1405 | static int atmel_aes_gcm_ghash_finalize(struct atmel_aes_dev *dd); | |
1406 | ||
1407 | static int atmel_aes_gcm_start(struct atmel_aes_dev *dd); | |
1408 | static int atmel_aes_gcm_process(struct atmel_aes_dev *dd); | |
1409 | static int atmel_aes_gcm_length(struct atmel_aes_dev *dd); | |
1410 | static int atmel_aes_gcm_data(struct atmel_aes_dev *dd); | |
1411 | static int atmel_aes_gcm_tag_init(struct atmel_aes_dev *dd); | |
1412 | static int atmel_aes_gcm_tag(struct atmel_aes_dev *dd); | |
1413 | static int atmel_aes_gcm_finalize(struct atmel_aes_dev *dd); | |
1414 | ||
1415 | static inline struct atmel_aes_gcm_ctx * | |
1416 | atmel_aes_gcm_ctx_cast(struct atmel_aes_base_ctx *ctx) | |
1417 | { | |
1418 | return container_of(ctx, struct atmel_aes_gcm_ctx, base); | |
1419 | } | |
1420 | ||
1421 | static int atmel_aes_gcm_ghash(struct atmel_aes_dev *dd, | |
1422 | const u32 *data, size_t datalen, | |
1423 | const u32 *ghash_in, u32 *ghash_out, | |
1424 | atmel_aes_fn_t resume) | |
1425 | { | |
1426 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1427 | ||
1428 | dd->data = (u32 *)data; | |
1429 | dd->datalen = datalen; | |
1430 | ctx->ghash_in = ghash_in; | |
1431 | ctx->ghash_out = ghash_out; | |
1432 | ctx->ghash_resume = resume; | |
1433 | ||
1434 | atmel_aes_write_ctrl(dd, false, NULL); | |
1435 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_gcm_ghash_init); | |
1436 | } | |
1437 | ||
1438 | static int atmel_aes_gcm_ghash_init(struct atmel_aes_dev *dd) | |
1439 | { | |
1440 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1441 | ||
1442 | /* Set the data length. */ | |
1443 | atmel_aes_write(dd, AES_AADLENR, dd->total); | |
1444 | atmel_aes_write(dd, AES_CLENR, 0); | |
1445 | ||
1446 | /* If needed, overwrite the GCM Intermediate Hash Word Registers */ | |
1447 | if (ctx->ghash_in) | |
1448 | atmel_aes_write_block(dd, AES_GHASHR(0), ctx->ghash_in); | |
1449 | ||
1450 | return atmel_aes_gcm_ghash_finalize(dd); | |
1451 | } | |
1452 | ||
1453 | static int atmel_aes_gcm_ghash_finalize(struct atmel_aes_dev *dd) | |
1454 | { | |
1455 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1456 | u32 isr; | |
1457 | ||
1458 | /* Write data into the Input Data Registers. */ | |
1459 | while (dd->datalen > 0) { | |
1460 | atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); | |
1461 | dd->data += 4; | |
1462 | dd->datalen -= AES_BLOCK_SIZE; | |
1463 | ||
1464 | isr = atmel_aes_read(dd, AES_ISR); | |
1465 | if (!(isr & AES_INT_DATARDY)) { | |
1466 | dd->resume = atmel_aes_gcm_ghash_finalize; | |
1467 | atmel_aes_write(dd, AES_IER, AES_INT_DATARDY); | |
1468 | return -EINPROGRESS; | |
1469 | } | |
1470 | } | |
1471 | ||
1472 | /* Read the computed hash from GHASHRx. */ | |
1473 | atmel_aes_read_block(dd, AES_GHASHR(0), ctx->ghash_out); | |
1474 | ||
1475 | return ctx->ghash_resume(dd); | |
1476 | } | |
1477 | ||
1478 | ||
1479 | static int atmel_aes_gcm_start(struct atmel_aes_dev *dd) | |
1480 | { | |
1481 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1482 | struct aead_request *req = aead_request_cast(dd->areq); | |
1483 | struct crypto_aead *tfm = crypto_aead_reqtfm(req); | |
1484 | struct atmel_aes_reqctx *rctx = aead_request_ctx(req); | |
1485 | size_t ivsize = crypto_aead_ivsize(tfm); | |
1486 | size_t datalen, padlen; | |
1487 | const void *iv = req->iv; | |
1488 | u8 *data = dd->buf; | |
1489 | int err; | |
1490 | ||
1491 | atmel_aes_set_mode(dd, rctx); | |
1492 | ||
1493 | err = atmel_aes_hw_init(dd); | |
1494 | if (err) | |
1495 | return atmel_aes_complete(dd, err); | |
1496 | ||
1497 | if (likely(ivsize == 12)) { | |
1498 | memcpy(ctx->j0, iv, ivsize); | |
1499 | ctx->j0[3] = cpu_to_be32(1); | |
1500 | return atmel_aes_gcm_process(dd); | |
1501 | } | |
1502 | ||
1503 | padlen = atmel_aes_padlen(ivsize, AES_BLOCK_SIZE); | |
1504 | datalen = ivsize + padlen + AES_BLOCK_SIZE; | |
1505 | if (datalen > dd->buflen) | |
1506 | return atmel_aes_complete(dd, -EINVAL); | |
1507 | ||
1508 | memcpy(data, iv, ivsize); | |
1509 | memset(data + ivsize, 0, padlen + sizeof(u64)); | |
1510 | ((u64 *)(data + datalen))[-1] = cpu_to_be64(ivsize * 8); | |
1511 | ||
1512 | return atmel_aes_gcm_ghash(dd, (const u32 *)data, datalen, | |
1513 | NULL, ctx->j0, atmel_aes_gcm_process); | |
1514 | } | |
1515 | ||
1516 | static int atmel_aes_gcm_process(struct atmel_aes_dev *dd) | |
1517 | { | |
1518 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1519 | struct aead_request *req = aead_request_cast(dd->areq); | |
1520 | struct crypto_aead *tfm = crypto_aead_reqtfm(req); | |
1521 | bool enc = atmel_aes_is_encrypt(dd); | |
1522 | u32 authsize; | |
1523 | ||
1524 | /* Compute text length. */ | |
1525 | authsize = crypto_aead_authsize(tfm); | |
1526 | ctx->textlen = req->cryptlen - (enc ? 0 : authsize); | |
1527 | ||
1528 | /* | |
1529 | * According to tcrypt test suite, the GCM Automatic Tag Generation | |
1530 | * fails when both the message and its associated data are empty. | |
1531 | */ | |
1532 | if (likely(req->assoclen != 0 || ctx->textlen != 0)) | |
1533 | dd->flags |= AES_FLAGS_GTAGEN; | |
1534 | ||
1535 | atmel_aes_write_ctrl(dd, false, NULL); | |
1536 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_gcm_length); | |
1537 | } | |
1538 | ||
1539 | static int atmel_aes_gcm_length(struct atmel_aes_dev *dd) | |
1540 | { | |
1541 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1542 | struct aead_request *req = aead_request_cast(dd->areq); | |
1543 | u32 j0_lsw, *j0 = ctx->j0; | |
1544 | size_t padlen; | |
1545 | ||
1546 | /* Write incr32(J0) into IV. */ | |
1547 | j0_lsw = j0[3]; | |
1548 | j0[3] = cpu_to_be32(be32_to_cpu(j0[3]) + 1); | |
1549 | atmel_aes_write_block(dd, AES_IVR(0), j0); | |
1550 | j0[3] = j0_lsw; | |
1551 | ||
1552 | /* Set aad and text lengths. */ | |
1553 | atmel_aes_write(dd, AES_AADLENR, req->assoclen); | |
1554 | atmel_aes_write(dd, AES_CLENR, ctx->textlen); | |
1555 | ||
1556 | /* Check whether AAD are present. */ | |
1557 | if (unlikely(req->assoclen == 0)) { | |
1558 | dd->datalen = 0; | |
1559 | return atmel_aes_gcm_data(dd); | |
1560 | } | |
1561 | ||
1562 | /* Copy assoc data and add padding. */ | |
1563 | padlen = atmel_aes_padlen(req->assoclen, AES_BLOCK_SIZE); | |
1564 | if (unlikely(req->assoclen + padlen > dd->buflen)) | |
1565 | return atmel_aes_complete(dd, -EINVAL); | |
1566 | sg_copy_to_buffer(req->src, sg_nents(req->src), dd->buf, req->assoclen); | |
1567 | ||
1568 | /* Write assoc data into the Input Data register. */ | |
1569 | dd->data = (u32 *)dd->buf; | |
1570 | dd->datalen = req->assoclen + padlen; | |
1571 | return atmel_aes_gcm_data(dd); | |
1572 | } | |
1573 | ||
1574 | static int atmel_aes_gcm_data(struct atmel_aes_dev *dd) | |
1575 | { | |
1576 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1577 | struct aead_request *req = aead_request_cast(dd->areq); | |
1578 | bool use_dma = (ctx->textlen >= ATMEL_AES_DMA_THRESHOLD); | |
1579 | struct scatterlist *src, *dst; | |
1580 | u32 isr, mr; | |
1581 | ||
1582 | /* Write AAD first. */ | |
1583 | while (dd->datalen > 0) { | |
1584 | atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); | |
1585 | dd->data += 4; | |
1586 | dd->datalen -= AES_BLOCK_SIZE; | |
1587 | ||
1588 | isr = atmel_aes_read(dd, AES_ISR); | |
1589 | if (!(isr & AES_INT_DATARDY)) { | |
1590 | dd->resume = atmel_aes_gcm_data; | |
1591 | atmel_aes_write(dd, AES_IER, AES_INT_DATARDY); | |
1592 | return -EINPROGRESS; | |
1593 | } | |
1594 | } | |
1595 | ||
1596 | /* GMAC only. */ | |
1597 | if (unlikely(ctx->textlen == 0)) | |
1598 | return atmel_aes_gcm_tag_init(dd); | |
1599 | ||
1600 | /* Prepare src and dst scatter lists to transfer cipher/plain texts */ | |
1601 | src = scatterwalk_ffwd(ctx->src, req->src, req->assoclen); | |
1602 | dst = ((req->src == req->dst) ? src : | |
1603 | scatterwalk_ffwd(ctx->dst, req->dst, req->assoclen)); | |
1604 | ||
1605 | if (use_dma) { | |
1606 | /* Update the Mode Register for DMA transfers. */ | |
1607 | mr = atmel_aes_read(dd, AES_MR); | |
1608 | mr &= ~(AES_MR_SMOD_MASK | AES_MR_DUALBUFF); | |
1609 | mr |= AES_MR_SMOD_IDATAR0; | |
1610 | if (dd->caps.has_dualbuff) | |
1611 | mr |= AES_MR_DUALBUFF; | |
1612 | atmel_aes_write(dd, AES_MR, mr); | |
1613 | ||
1614 | return atmel_aes_dma_start(dd, src, dst, ctx->textlen, | |
1615 | atmel_aes_gcm_tag_init); | |
1616 | } | |
1617 | ||
1618 | return atmel_aes_cpu_start(dd, src, dst, ctx->textlen, | |
1619 | atmel_aes_gcm_tag_init); | |
1620 | } | |
1621 | ||
1622 | static int atmel_aes_gcm_tag_init(struct atmel_aes_dev *dd) | |
1623 | { | |
1624 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1625 | struct aead_request *req = aead_request_cast(dd->areq); | |
1626 | u64 *data = dd->buf; | |
1627 | ||
1628 | if (likely(dd->flags & AES_FLAGS_GTAGEN)) { | |
1629 | if (!(atmel_aes_read(dd, AES_ISR) & AES_INT_TAGRDY)) { | |
1630 | dd->resume = atmel_aes_gcm_tag_init; | |
1631 | atmel_aes_write(dd, AES_IER, AES_INT_TAGRDY); | |
1632 | return -EINPROGRESS; | |
1633 | } | |
1634 | ||
1635 | return atmel_aes_gcm_finalize(dd); | |
1636 | } | |
1637 | ||
1638 | /* Read the GCM Intermediate Hash Word Registers. */ | |
1639 | atmel_aes_read_block(dd, AES_GHASHR(0), ctx->ghash); | |
1640 | ||
1641 | data[0] = cpu_to_be64(req->assoclen * 8); | |
1642 | data[1] = cpu_to_be64(ctx->textlen * 8); | |
1643 | ||
1644 | return atmel_aes_gcm_ghash(dd, (const u32 *)data, AES_BLOCK_SIZE, | |
1645 | ctx->ghash, ctx->ghash, atmel_aes_gcm_tag); | |
1646 | } | |
1647 | ||
1648 | static int atmel_aes_gcm_tag(struct atmel_aes_dev *dd) | |
1649 | { | |
1650 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1651 | unsigned long flags; | |
1652 | ||
1653 | /* | |
1654 | * Change mode to CTR to complete the tag generation. | |
1655 | * Use J0 as Initialization Vector. | |
1656 | */ | |
1657 | flags = dd->flags; | |
1658 | dd->flags &= ~(AES_FLAGS_OPMODE_MASK | AES_FLAGS_GTAGEN); | |
1659 | dd->flags |= AES_FLAGS_CTR; | |
1660 | atmel_aes_write_ctrl(dd, false, ctx->j0); | |
1661 | dd->flags = flags; | |
1662 | ||
1663 | atmel_aes_write_block(dd, AES_IDATAR(0), ctx->ghash); | |
1664 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_gcm_finalize); | |
1665 | } | |
1666 | ||
1667 | static int atmel_aes_gcm_finalize(struct atmel_aes_dev *dd) | |
1668 | { | |
1669 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); | |
1670 | struct aead_request *req = aead_request_cast(dd->areq); | |
1671 | struct crypto_aead *tfm = crypto_aead_reqtfm(req); | |
1672 | bool enc = atmel_aes_is_encrypt(dd); | |
1673 | u32 offset, authsize, itag[4], *otag = ctx->tag; | |
1674 | int err; | |
1675 | ||
1676 | /* Read the computed tag. */ | |
1677 | if (likely(dd->flags & AES_FLAGS_GTAGEN)) | |
1678 | atmel_aes_read_block(dd, AES_TAGR(0), ctx->tag); | |
1679 | else | |
1680 | atmel_aes_read_block(dd, AES_ODATAR(0), ctx->tag); | |
1681 | ||
1682 | offset = req->assoclen + ctx->textlen; | |
1683 | authsize = crypto_aead_authsize(tfm); | |
1684 | if (enc) { | |
1685 | scatterwalk_map_and_copy(otag, req->dst, offset, authsize, 1); | |
1686 | err = 0; | |
1687 | } else { | |
1688 | scatterwalk_map_and_copy(itag, req->src, offset, authsize, 0); | |
1689 | err = crypto_memneq(itag, otag, authsize) ? -EBADMSG : 0; | |
1690 | } | |
1691 | ||
1692 | return atmel_aes_complete(dd, err); | |
1693 | } | |
1694 | ||
1695 | static int atmel_aes_gcm_crypt(struct aead_request *req, | |
1696 | unsigned long mode) | |
1697 | { | |
1698 | struct atmel_aes_base_ctx *ctx; | |
1699 | struct atmel_aes_reqctx *rctx; | |
1700 | struct atmel_aes_dev *dd; | |
1701 | ||
1702 | ctx = crypto_aead_ctx(crypto_aead_reqtfm(req)); | |
1703 | ctx->block_size = AES_BLOCK_SIZE; | |
1704 | ||
1705 | dd = atmel_aes_find_dev(ctx); | |
1706 | if (!dd) | |
1707 | return -ENODEV; | |
1708 | ||
1709 | rctx = aead_request_ctx(req); | |
1710 | rctx->mode = AES_FLAGS_GCM | mode; | |
1711 | ||
1712 | return atmel_aes_handle_queue(dd, &req->base); | |
1713 | } | |
1714 | ||
1715 | static int atmel_aes_gcm_setkey(struct crypto_aead *tfm, const u8 *key, | |
1716 | unsigned int keylen) | |
1717 | { | |
1718 | struct atmel_aes_base_ctx *ctx = crypto_aead_ctx(tfm); | |
1719 | ||
1720 | if (keylen != AES_KEYSIZE_256 && | |
1721 | keylen != AES_KEYSIZE_192 && | |
1722 | keylen != AES_KEYSIZE_128) { | |
1723 | crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); | |
1724 | return -EINVAL; | |
1725 | } | |
1726 | ||
1727 | memcpy(ctx->key, key, keylen); | |
1728 | ctx->keylen = keylen; | |
1729 | ||
1730 | return 0; | |
1731 | } | |
1732 | ||
1733 | static int atmel_aes_gcm_setauthsize(struct crypto_aead *tfm, | |
1734 | unsigned int authsize) | |
1735 | { | |
1736 | /* Same as crypto_gcm_authsize() from crypto/gcm.c */ | |
1737 | switch (authsize) { | |
1738 | case 4: | |
1739 | case 8: | |
1740 | case 12: | |
1741 | case 13: | |
1742 | case 14: | |
1743 | case 15: | |
1744 | case 16: | |
1745 | break; | |
1746 | default: | |
1747 | return -EINVAL; | |
1748 | } | |
1749 | ||
1750 | return 0; | |
1751 | } | |
1752 | ||
1753 | static int atmel_aes_gcm_encrypt(struct aead_request *req) | |
1754 | { | |
1755 | return atmel_aes_gcm_crypt(req, AES_FLAGS_ENCRYPT); | |
1756 | } | |
1757 | ||
1758 | static int atmel_aes_gcm_decrypt(struct aead_request *req) | |
1759 | { | |
1760 | return atmel_aes_gcm_crypt(req, 0); | |
1761 | } | |
1762 | ||
1763 | static int atmel_aes_gcm_init(struct crypto_aead *tfm) | |
1764 | { | |
1765 | struct atmel_aes_gcm_ctx *ctx = crypto_aead_ctx(tfm); | |
1766 | ||
1767 | crypto_aead_set_reqsize(tfm, sizeof(struct atmel_aes_reqctx)); | |
1768 | ctx->base.start = atmel_aes_gcm_start; | |
1769 | ||
1770 | return 0; | |
1771 | } | |
1772 | ||
1773 | static void atmel_aes_gcm_exit(struct crypto_aead *tfm) | |
1774 | { | |
1775 | ||
1776 | } | |
1777 | ||
1778 | static struct aead_alg aes_gcm_alg = { | |
1779 | .setkey = atmel_aes_gcm_setkey, | |
1780 | .setauthsize = atmel_aes_gcm_setauthsize, | |
1781 | .encrypt = atmel_aes_gcm_encrypt, | |
1782 | .decrypt = atmel_aes_gcm_decrypt, | |
1783 | .init = atmel_aes_gcm_init, | |
1784 | .exit = atmel_aes_gcm_exit, | |
1785 | .ivsize = 12, | |
1786 | .maxauthsize = AES_BLOCK_SIZE, | |
1787 | ||
1788 | .base = { | |
1789 | .cra_name = "gcm(aes)", | |
1790 | .cra_driver_name = "atmel-gcm-aes", | |
1791 | .cra_priority = ATMEL_AES_PRIORITY, | |
1792 | .cra_flags = CRYPTO_ALG_ASYNC, | |
1793 | .cra_blocksize = 1, | |
1794 | .cra_ctxsize = sizeof(struct atmel_aes_gcm_ctx), | |
1795 | .cra_alignmask = 0xf, | |
1796 | .cra_module = THIS_MODULE, | |
1797 | }, | |
1798 | }; | |
1799 | ||
1800 | ||
d52db518 CP |
1801 | /* xts functions */ |
1802 | ||
1803 | static inline struct atmel_aes_xts_ctx * | |
1804 | atmel_aes_xts_ctx_cast(struct atmel_aes_base_ctx *ctx) | |
1805 | { | |
1806 | return container_of(ctx, struct atmel_aes_xts_ctx, base); | |
1807 | } | |
1808 | ||
1809 | static int atmel_aes_xts_process_data(struct atmel_aes_dev *dd); | |
1810 | ||
1811 | static int atmel_aes_xts_start(struct atmel_aes_dev *dd) | |
1812 | { | |
1813 | struct atmel_aes_xts_ctx *ctx = atmel_aes_xts_ctx_cast(dd->ctx); | |
1814 | struct ablkcipher_request *req = ablkcipher_request_cast(dd->areq); | |
1815 | struct atmel_aes_reqctx *rctx = ablkcipher_request_ctx(req); | |
1816 | unsigned long flags; | |
1817 | int err; | |
1818 | ||
1819 | atmel_aes_set_mode(dd, rctx); | |
1820 | ||
1821 | err = atmel_aes_hw_init(dd); | |
1822 | if (err) | |
1823 | return atmel_aes_complete(dd, err); | |
1824 | ||
1825 | /* Compute the tweak value from req->info with ecb(aes). */ | |
1826 | flags = dd->flags; | |
1827 | dd->flags &= ~AES_FLAGS_MODE_MASK; | |
1828 | dd->flags |= (AES_FLAGS_ECB | AES_FLAGS_ENCRYPT); | |
1829 | atmel_aes_write_ctrl_key(dd, false, NULL, | |
1830 | ctx->key2, ctx->base.keylen); | |
1831 | dd->flags = flags; | |
1832 | ||
1833 | atmel_aes_write_block(dd, AES_IDATAR(0), req->info); | |
1834 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_xts_process_data); | |
1835 | } | |
1836 | ||
1837 | static int atmel_aes_xts_process_data(struct atmel_aes_dev *dd) | |
1838 | { | |
1839 | struct ablkcipher_request *req = ablkcipher_request_cast(dd->areq); | |
1840 | bool use_dma = (req->nbytes >= ATMEL_AES_DMA_THRESHOLD); | |
1841 | u32 tweak[AES_BLOCK_SIZE / sizeof(u32)]; | |
1842 | static const u32 one[AES_BLOCK_SIZE / sizeof(u32)] = {cpu_to_le32(1), }; | |
1843 | u8 *tweak_bytes = (u8 *)tweak; | |
1844 | int i; | |
1845 | ||
1846 | /* Read the computed ciphered tweak value. */ | |
1847 | atmel_aes_read_block(dd, AES_ODATAR(0), tweak); | |
1848 | /* | |
1849 | * Hardware quirk: | |
1850 | * the order of the ciphered tweak bytes need to be reversed before | |
1851 | * writing them into the ODATARx registers. | |
1852 | */ | |
1853 | for (i = 0; i < AES_BLOCK_SIZE/2; ++i) { | |
1854 | u8 tmp = tweak_bytes[AES_BLOCK_SIZE - 1 - i]; | |
1855 | ||
1856 | tweak_bytes[AES_BLOCK_SIZE - 1 - i] = tweak_bytes[i]; | |
1857 | tweak_bytes[i] = tmp; | |
1858 | } | |
1859 | ||
1860 | /* Process the data. */ | |
1861 | atmel_aes_write_ctrl(dd, use_dma, NULL); | |
1862 | atmel_aes_write_block(dd, AES_TWR(0), tweak); | |
1863 | atmel_aes_write_block(dd, AES_ALPHAR(0), one); | |
1864 | if (use_dma) | |
1865 | return atmel_aes_dma_start(dd, req->src, req->dst, req->nbytes, | |
1866 | atmel_aes_transfer_complete); | |
1867 | ||
1868 | return atmel_aes_cpu_start(dd, req->src, req->dst, req->nbytes, | |
1869 | atmel_aes_transfer_complete); | |
1870 | } | |
1871 | ||
1872 | static int atmel_aes_xts_setkey(struct crypto_ablkcipher *tfm, const u8 *key, | |
1873 | unsigned int keylen) | |
1874 | { | |
1875 | struct atmel_aes_xts_ctx *ctx = crypto_ablkcipher_ctx(tfm); | |
1876 | int err; | |
1877 | ||
1878 | err = xts_check_key(crypto_ablkcipher_tfm(tfm), key, keylen); | |
1879 | if (err) | |
1880 | return err; | |
1881 | ||
1882 | memcpy(ctx->base.key, key, keylen/2); | |
1883 | memcpy(ctx->key2, key + keylen/2, keylen/2); | |
1884 | ctx->base.keylen = keylen/2; | |
1885 | ||
1886 | return 0; | |
1887 | } | |
1888 | ||
1889 | static int atmel_aes_xts_encrypt(struct ablkcipher_request *req) | |
1890 | { | |
1891 | return atmel_aes_crypt(req, AES_FLAGS_XTS | AES_FLAGS_ENCRYPT); | |
1892 | } | |
1893 | ||
1894 | static int atmel_aes_xts_decrypt(struct ablkcipher_request *req) | |
1895 | { | |
1896 | return atmel_aes_crypt(req, AES_FLAGS_XTS); | |
1897 | } | |
1898 | ||
1899 | static int atmel_aes_xts_cra_init(struct crypto_tfm *tfm) | |
1900 | { | |
1901 | struct atmel_aes_xts_ctx *ctx = crypto_tfm_ctx(tfm); | |
1902 | ||
1903 | tfm->crt_ablkcipher.reqsize = sizeof(struct atmel_aes_reqctx); | |
1904 | ctx->base.start = atmel_aes_xts_start; | |
1905 | ||
1906 | return 0; | |
1907 | } | |
1908 | ||
1909 | static struct crypto_alg aes_xts_alg = { | |
1910 | .cra_name = "xts(aes)", | |
1911 | .cra_driver_name = "atmel-xts-aes", | |
1912 | .cra_priority = ATMEL_AES_PRIORITY, | |
1913 | .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, | |
1914 | .cra_blocksize = AES_BLOCK_SIZE, | |
1915 | .cra_ctxsize = sizeof(struct atmel_aes_xts_ctx), | |
1916 | .cra_alignmask = 0xf, | |
1917 | .cra_type = &crypto_ablkcipher_type, | |
1918 | .cra_module = THIS_MODULE, | |
1919 | .cra_init = atmel_aes_xts_cra_init, | |
1920 | .cra_exit = atmel_aes_cra_exit, | |
1921 | .cra_u.ablkcipher = { | |
1922 | .min_keysize = 2 * AES_MIN_KEY_SIZE, | |
1923 | .max_keysize = 2 * AES_MAX_KEY_SIZE, | |
1924 | .ivsize = AES_BLOCK_SIZE, | |
1925 | .setkey = atmel_aes_xts_setkey, | |
1926 | .encrypt = atmel_aes_xts_encrypt, | |
1927 | .decrypt = atmel_aes_xts_decrypt, | |
1928 | } | |
1929 | }; | |
1930 | ||
1931 | ||
e37a7e55 CP |
1932 | /* Probe functions */ |
1933 | ||
1934 | static int atmel_aes_buff_init(struct atmel_aes_dev *dd) | |
1935 | { | |
1936 | dd->buf = (void *)__get_free_pages(GFP_KERNEL, ATMEL_AES_BUFFER_ORDER); | |
1937 | dd->buflen = ATMEL_AES_BUFFER_SIZE; | |
1938 | dd->buflen &= ~(AES_BLOCK_SIZE - 1); | |
1939 | ||
1940 | if (!dd->buf) { | |
1941 | dev_err(dd->dev, "unable to alloc pages.\n"); | |
1942 | return -ENOMEM; | |
1943 | } | |
1944 | ||
1945 | return 0; | |
1946 | } | |
1947 | ||
1948 | static void atmel_aes_buff_cleanup(struct atmel_aes_dev *dd) | |
1949 | { | |
1950 | free_page((unsigned long)dd->buf); | |
1951 | } | |
1952 | ||
1953 | static bool atmel_aes_filter(struct dma_chan *chan, void *slave) | |
1954 | { | |
1955 | struct at_dma_slave *sl = slave; | |
1956 | ||
1957 | if (sl && sl->dma_dev == chan->device->dev) { | |
1958 | chan->private = sl; | |
1959 | return true; | |
1960 | } else { | |
1961 | return false; | |
1962 | } | |
1963 | } | |
1964 | ||
1965 | static int atmel_aes_dma_init(struct atmel_aes_dev *dd, | |
1966 | struct crypto_platform_data *pdata) | |
1967 | { | |
1968 | struct at_dma_slave *slave; | |
1969 | int err = -ENOMEM; | |
1970 | dma_cap_mask_t mask; | |
1971 | ||
1972 | dma_cap_zero(mask); | |
1973 | dma_cap_set(DMA_SLAVE, mask); | |
1974 | ||
1975 | /* Try to grab 2 DMA channels */ | |
1976 | slave = &pdata->dma_slave->rxdata; | |
1977 | dd->src.chan = dma_request_slave_channel_compat(mask, atmel_aes_filter, | |
1978 | slave, dd->dev, "tx"); | |
1979 | if (!dd->src.chan) | |
1980 | goto err_dma_in; | |
1981 | ||
1982 | slave = &pdata->dma_slave->txdata; | |
1983 | dd->dst.chan = dma_request_slave_channel_compat(mask, atmel_aes_filter, | |
1984 | slave, dd->dev, "rx"); | |
1985 | if (!dd->dst.chan) | |
1986 | goto err_dma_out; | |
1987 | ||
1988 | return 0; | |
1989 | ||
1990 | err_dma_out: | |
1991 | dma_release_channel(dd->src.chan); | |
1992 | err_dma_in: | |
1993 | dev_warn(dd->dev, "no DMA channel available\n"); | |
1994 | return err; | |
1995 | } | |
1996 | ||
1997 | static void atmel_aes_dma_cleanup(struct atmel_aes_dev *dd) | |
1998 | { | |
1999 | dma_release_channel(dd->dst.chan); | |
2000 | dma_release_channel(dd->src.chan); | |
2001 | } | |
2002 | ||
bd3c7b5c NR |
2003 | static void atmel_aes_queue_task(unsigned long data) |
2004 | { | |
2005 | struct atmel_aes_dev *dd = (struct atmel_aes_dev *)data; | |
2006 | ||
2007 | atmel_aes_handle_queue(dd, NULL); | |
2008 | } | |
2009 | ||
2010 | static void atmel_aes_done_task(unsigned long data) | |
2011 | { | |
afbac17e | 2012 | struct atmel_aes_dev *dd = (struct atmel_aes_dev *)data; |
bd3c7b5c | 2013 | |
10f12c1b CP |
2014 | dd->is_async = true; |
2015 | (void)dd->resume(dd); | |
2016 | } | |
bd3c7b5c | 2017 | |
bd3c7b5c NR |
2018 | static irqreturn_t atmel_aes_irq(int irq, void *dev_id) |
2019 | { | |
2020 | struct atmel_aes_dev *aes_dd = dev_id; | |
2021 | u32 reg; | |
2022 | ||
2023 | reg = atmel_aes_read(aes_dd, AES_ISR); | |
2024 | if (reg & atmel_aes_read(aes_dd, AES_IMR)) { | |
2025 | atmel_aes_write(aes_dd, AES_IDR, reg); | |
2026 | if (AES_FLAGS_BUSY & aes_dd->flags) | |
2027 | tasklet_schedule(&aes_dd->done_task); | |
2028 | else | |
2029 | dev_warn(aes_dd->dev, "AES interrupt when no active requests.\n"); | |
2030 | return IRQ_HANDLED; | |
2031 | } | |
2032 | ||
2033 | return IRQ_NONE; | |
2034 | } | |
2035 | ||
2036 | static void atmel_aes_unregister_algs(struct atmel_aes_dev *dd) | |
2037 | { | |
2038 | int i; | |
2039 | ||
d52db518 CP |
2040 | if (dd->caps.has_xts) |
2041 | crypto_unregister_alg(&aes_xts_alg); | |
2042 | ||
d4419548 CP |
2043 | if (dd->caps.has_gcm) |
2044 | crypto_unregister_aead(&aes_gcm_alg); | |
2045 | ||
cadc4ab8 NR |
2046 | if (dd->caps.has_cfb64) |
2047 | crypto_unregister_alg(&aes_cfb64_alg); | |
924a8bc7 CP |
2048 | |
2049 | for (i = 0; i < ARRAY_SIZE(aes_algs); i++) | |
2050 | crypto_unregister_alg(&aes_algs[i]); | |
bd3c7b5c NR |
2051 | } |
2052 | ||
2053 | static int atmel_aes_register_algs(struct atmel_aes_dev *dd) | |
2054 | { | |
2055 | int err, i, j; | |
2056 | ||
2057 | for (i = 0; i < ARRAY_SIZE(aes_algs); i++) { | |
bd3c7b5c NR |
2058 | err = crypto_register_alg(&aes_algs[i]); |
2059 | if (err) | |
2060 | goto err_aes_algs; | |
2061 | } | |
2062 | ||
cadc4ab8 NR |
2063 | if (dd->caps.has_cfb64) { |
2064 | err = crypto_register_alg(&aes_cfb64_alg); | |
bd3c7b5c NR |
2065 | if (err) |
2066 | goto err_aes_cfb64_alg; | |
2067 | } | |
2068 | ||
d4419548 CP |
2069 | if (dd->caps.has_gcm) { |
2070 | err = crypto_register_aead(&aes_gcm_alg); | |
2071 | if (err) | |
2072 | goto err_aes_gcm_alg; | |
2073 | } | |
2074 | ||
d52db518 CP |
2075 | if (dd->caps.has_xts) { |
2076 | err = crypto_register_alg(&aes_xts_alg); | |
2077 | if (err) | |
2078 | goto err_aes_xts_alg; | |
2079 | } | |
2080 | ||
bd3c7b5c NR |
2081 | return 0; |
2082 | ||
d52db518 CP |
2083 | err_aes_xts_alg: |
2084 | crypto_unregister_aead(&aes_gcm_alg); | |
d4419548 CP |
2085 | err_aes_gcm_alg: |
2086 | crypto_unregister_alg(&aes_cfb64_alg); | |
bd3c7b5c NR |
2087 | err_aes_cfb64_alg: |
2088 | i = ARRAY_SIZE(aes_algs); | |
2089 | err_aes_algs: | |
2090 | for (j = 0; j < i; j++) | |
2091 | crypto_unregister_alg(&aes_algs[j]); | |
2092 | ||
2093 | return err; | |
2094 | } | |
2095 | ||
cadc4ab8 NR |
2096 | static void atmel_aes_get_cap(struct atmel_aes_dev *dd) |
2097 | { | |
2098 | dd->caps.has_dualbuff = 0; | |
2099 | dd->caps.has_cfb64 = 0; | |
fcac8365 | 2100 | dd->caps.has_ctr32 = 0; |
d4419548 | 2101 | dd->caps.has_gcm = 0; |
d52db518 | 2102 | dd->caps.has_xts = 0; |
cadc4ab8 NR |
2103 | dd->caps.max_burst_size = 1; |
2104 | ||
2105 | /* keep only major version number */ | |
2106 | switch (dd->hw_version & 0xff0) { | |
973e209d LZ |
2107 | case 0x500: |
2108 | dd->caps.has_dualbuff = 1; | |
2109 | dd->caps.has_cfb64 = 1; | |
fcac8365 | 2110 | dd->caps.has_ctr32 = 1; |
d4419548 | 2111 | dd->caps.has_gcm = 1; |
d52db518 | 2112 | dd->caps.has_xts = 1; |
973e209d LZ |
2113 | dd->caps.max_burst_size = 4; |
2114 | break; | |
cf1f0d12 LZ |
2115 | case 0x200: |
2116 | dd->caps.has_dualbuff = 1; | |
2117 | dd->caps.has_cfb64 = 1; | |
fcac8365 | 2118 | dd->caps.has_ctr32 = 1; |
d4419548 | 2119 | dd->caps.has_gcm = 1; |
cf1f0d12 LZ |
2120 | dd->caps.max_burst_size = 4; |
2121 | break; | |
cadc4ab8 NR |
2122 | case 0x130: |
2123 | dd->caps.has_dualbuff = 1; | |
2124 | dd->caps.has_cfb64 = 1; | |
2125 | dd->caps.max_burst_size = 4; | |
2126 | break; | |
2127 | case 0x120: | |
2128 | break; | |
2129 | default: | |
2130 | dev_warn(dd->dev, | |
2131 | "Unmanaged aes version, set minimum capabilities\n"); | |
2132 | break; | |
2133 | } | |
2134 | } | |
2135 | ||
be943c7d NF |
2136 | #if defined(CONFIG_OF) |
2137 | static const struct of_device_id atmel_aes_dt_ids[] = { | |
2138 | { .compatible = "atmel,at91sam9g46-aes" }, | |
2139 | { /* sentinel */ } | |
2140 | }; | |
2141 | MODULE_DEVICE_TABLE(of, atmel_aes_dt_ids); | |
2142 | ||
2143 | static struct crypto_platform_data *atmel_aes_of_init(struct platform_device *pdev) | |
2144 | { | |
2145 | struct device_node *np = pdev->dev.of_node; | |
2146 | struct crypto_platform_data *pdata; | |
2147 | ||
2148 | if (!np) { | |
2149 | dev_err(&pdev->dev, "device node not found\n"); | |
2150 | return ERR_PTR(-EINVAL); | |
2151 | } | |
2152 | ||
2153 | pdata = devm_kzalloc(&pdev->dev, sizeof(*pdata), GFP_KERNEL); | |
2154 | if (!pdata) { | |
2155 | dev_err(&pdev->dev, "could not allocate memory for pdata\n"); | |
2156 | return ERR_PTR(-ENOMEM); | |
2157 | } | |
2158 | ||
2159 | pdata->dma_slave = devm_kzalloc(&pdev->dev, | |
2160 | sizeof(*(pdata->dma_slave)), | |
2161 | GFP_KERNEL); | |
2162 | if (!pdata->dma_slave) { | |
2163 | dev_err(&pdev->dev, "could not allocate memory for dma_slave\n"); | |
2164 | devm_kfree(&pdev->dev, pdata); | |
2165 | return ERR_PTR(-ENOMEM); | |
2166 | } | |
2167 | ||
2168 | return pdata; | |
2169 | } | |
2170 | #else | |
2171 | static inline struct crypto_platform_data *atmel_aes_of_init(struct platform_device *pdev) | |
2172 | { | |
2173 | return ERR_PTR(-EINVAL); | |
2174 | } | |
2175 | #endif | |
2176 | ||
49cfe4db | 2177 | static int atmel_aes_probe(struct platform_device *pdev) |
bd3c7b5c NR |
2178 | { |
2179 | struct atmel_aes_dev *aes_dd; | |
cadc4ab8 | 2180 | struct crypto_platform_data *pdata; |
bd3c7b5c NR |
2181 | struct device *dev = &pdev->dev; |
2182 | struct resource *aes_res; | |
bd3c7b5c NR |
2183 | int err; |
2184 | ||
2185 | pdata = pdev->dev.platform_data; | |
2186 | if (!pdata) { | |
be943c7d NF |
2187 | pdata = atmel_aes_of_init(pdev); |
2188 | if (IS_ERR(pdata)) { | |
2189 | err = PTR_ERR(pdata); | |
2190 | goto aes_dd_err; | |
2191 | } | |
2192 | } | |
2193 | ||
2194 | if (!pdata->dma_slave) { | |
bd3c7b5c NR |
2195 | err = -ENXIO; |
2196 | goto aes_dd_err; | |
2197 | } | |
2198 | ||
b0e8b341 | 2199 | aes_dd = devm_kzalloc(&pdev->dev, sizeof(*aes_dd), GFP_KERNEL); |
bd3c7b5c NR |
2200 | if (aes_dd == NULL) { |
2201 | dev_err(dev, "unable to alloc data struct.\n"); | |
2202 | err = -ENOMEM; | |
2203 | goto aes_dd_err; | |
2204 | } | |
2205 | ||
2206 | aes_dd->dev = dev; | |
2207 | ||
2208 | platform_set_drvdata(pdev, aes_dd); | |
2209 | ||
2210 | INIT_LIST_HEAD(&aes_dd->list); | |
8a10eb8d | 2211 | spin_lock_init(&aes_dd->lock); |
bd3c7b5c NR |
2212 | |
2213 | tasklet_init(&aes_dd->done_task, atmel_aes_done_task, | |
2214 | (unsigned long)aes_dd); | |
2215 | tasklet_init(&aes_dd->queue_task, atmel_aes_queue_task, | |
2216 | (unsigned long)aes_dd); | |
2217 | ||
2218 | crypto_init_queue(&aes_dd->queue, ATMEL_AES_QUEUE_LENGTH); | |
2219 | ||
2220 | aes_dd->irq = -1; | |
2221 | ||
2222 | /* Get the base address */ | |
2223 | aes_res = platform_get_resource(pdev, IORESOURCE_MEM, 0); | |
2224 | if (!aes_res) { | |
2225 | dev_err(dev, "no MEM resource info\n"); | |
2226 | err = -ENODEV; | |
2227 | goto res_err; | |
2228 | } | |
2229 | aes_dd->phys_base = aes_res->start; | |
bd3c7b5c NR |
2230 | |
2231 | /* Get the IRQ */ | |
2232 | aes_dd->irq = platform_get_irq(pdev, 0); | |
2233 | if (aes_dd->irq < 0) { | |
2234 | dev_err(dev, "no IRQ resource info\n"); | |
2235 | err = aes_dd->irq; | |
b0e8b341 | 2236 | goto res_err; |
bd3c7b5c NR |
2237 | } |
2238 | ||
b0e8b341 LC |
2239 | err = devm_request_irq(&pdev->dev, aes_dd->irq, atmel_aes_irq, |
2240 | IRQF_SHARED, "atmel-aes", aes_dd); | |
bd3c7b5c NR |
2241 | if (err) { |
2242 | dev_err(dev, "unable to request aes irq.\n"); | |
b0e8b341 | 2243 | goto res_err; |
bd3c7b5c NR |
2244 | } |
2245 | ||
2246 | /* Initializing the clock */ | |
b0e8b341 | 2247 | aes_dd->iclk = devm_clk_get(&pdev->dev, "aes_clk"); |
bd3c7b5c | 2248 | if (IS_ERR(aes_dd->iclk)) { |
be208356 | 2249 | dev_err(dev, "clock initialization failed.\n"); |
bd3c7b5c | 2250 | err = PTR_ERR(aes_dd->iclk); |
b0e8b341 | 2251 | goto res_err; |
bd3c7b5c NR |
2252 | } |
2253 | ||
b0e8b341 | 2254 | aes_dd->io_base = devm_ioremap_resource(&pdev->dev, aes_res); |
9b52d55f | 2255 | if (IS_ERR(aes_dd->io_base)) { |
bd3c7b5c | 2256 | dev_err(dev, "can't ioremap\n"); |
9b52d55f | 2257 | err = PTR_ERR(aes_dd->io_base); |
b0e8b341 | 2258 | goto res_err; |
bd3c7b5c NR |
2259 | } |
2260 | ||
49a20454 | 2261 | err = clk_prepare(aes_dd->iclk); |
aab0a39b CP |
2262 | if (err) |
2263 | goto res_err; | |
cadc4ab8 | 2264 | |
49a20454 CP |
2265 | err = atmel_aes_hw_version_init(aes_dd); |
2266 | if (err) | |
2267 | goto iclk_unprepare; | |
2268 | ||
cadc4ab8 NR |
2269 | atmel_aes_get_cap(aes_dd); |
2270 | ||
2271 | err = atmel_aes_buff_init(aes_dd); | |
2272 | if (err) | |
2273 | goto err_aes_buff; | |
2274 | ||
2275 | err = atmel_aes_dma_init(aes_dd, pdata); | |
bd3c7b5c NR |
2276 | if (err) |
2277 | goto err_aes_dma; | |
2278 | ||
2279 | spin_lock(&atmel_aes.lock); | |
2280 | list_add_tail(&aes_dd->list, &atmel_aes.dev_list); | |
2281 | spin_unlock(&atmel_aes.lock); | |
2282 | ||
2283 | err = atmel_aes_register_algs(aes_dd); | |
2284 | if (err) | |
2285 | goto err_algs; | |
2286 | ||
be943c7d | 2287 | dev_info(dev, "Atmel AES - Using %s, %s for DMA transfers\n", |
bbe628ed CP |
2288 | dma_chan_name(aes_dd->src.chan), |
2289 | dma_chan_name(aes_dd->dst.chan)); | |
bd3c7b5c NR |
2290 | |
2291 | return 0; | |
2292 | ||
2293 | err_algs: | |
2294 | spin_lock(&atmel_aes.lock); | |
2295 | list_del(&aes_dd->list); | |
2296 | spin_unlock(&atmel_aes.lock); | |
2297 | atmel_aes_dma_cleanup(aes_dd); | |
2298 | err_aes_dma: | |
cadc4ab8 NR |
2299 | atmel_aes_buff_cleanup(aes_dd); |
2300 | err_aes_buff: | |
49a20454 CP |
2301 | iclk_unprepare: |
2302 | clk_unprepare(aes_dd->iclk); | |
bd3c7b5c NR |
2303 | res_err: |
2304 | tasklet_kill(&aes_dd->done_task); | |
2305 | tasklet_kill(&aes_dd->queue_task); | |
bd3c7b5c NR |
2306 | aes_dd_err: |
2307 | dev_err(dev, "initialization failed.\n"); | |
2308 | ||
2309 | return err; | |
2310 | } | |
2311 | ||
49cfe4db | 2312 | static int atmel_aes_remove(struct platform_device *pdev) |
bd3c7b5c | 2313 | { |
fc783341 | 2314 | struct atmel_aes_dev *aes_dd; |
bd3c7b5c NR |
2315 | |
2316 | aes_dd = platform_get_drvdata(pdev); | |
2317 | if (!aes_dd) | |
2318 | return -ENODEV; | |
2319 | spin_lock(&atmel_aes.lock); | |
2320 | list_del(&aes_dd->list); | |
2321 | spin_unlock(&atmel_aes.lock); | |
2322 | ||
2323 | atmel_aes_unregister_algs(aes_dd); | |
2324 | ||
2325 | tasklet_kill(&aes_dd->done_task); | |
2326 | tasklet_kill(&aes_dd->queue_task); | |
2327 | ||
2328 | atmel_aes_dma_cleanup(aes_dd); | |
2a377828 | 2329 | atmel_aes_buff_cleanup(aes_dd); |
bd3c7b5c | 2330 | |
49a20454 CP |
2331 | clk_unprepare(aes_dd->iclk); |
2332 | ||
bd3c7b5c NR |
2333 | return 0; |
2334 | } | |
2335 | ||
2336 | static struct platform_driver atmel_aes_driver = { | |
2337 | .probe = atmel_aes_probe, | |
49cfe4db | 2338 | .remove = atmel_aes_remove, |
bd3c7b5c NR |
2339 | .driver = { |
2340 | .name = "atmel_aes", | |
be943c7d | 2341 | .of_match_table = of_match_ptr(atmel_aes_dt_ids), |
bd3c7b5c NR |
2342 | }, |
2343 | }; | |
2344 | ||
2345 | module_platform_driver(atmel_aes_driver); | |
2346 | ||
2347 | MODULE_DESCRIPTION("Atmel AES hw acceleration support."); | |
2348 | MODULE_LICENSE("GPL v2"); | |
2349 | MODULE_AUTHOR("Nicolas Royer - Eukréa Electromatique"); |