crypto: ccp - Add XTS-AES-256 support for CCP version 5

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/drivers/crypto/ccp/ccp-crypto-aes-xts.c b/drivers/crypto/ccp/ccp-crypto-aes-xts.c
index 5c2df880ab488edc6c9c49d0b9ec6403da4d7792..94b5bcf5b628a1ddd585914f9d48e4ad0a6a2cb7 100644 (file)
--- a/drivers/crypto/ccp/ccp-crypto-aes-xts.c
+++ b/drivers/crypto/ccp/ccp-crypto-aes-xts.c
@@ -80,19 +80,24 @@ static int ccp_aes_xts_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
 {
        struct crypto_tfm *xfm = crypto_ablkcipher_tfm(tfm);
        struct ccp_ctx *ctx = crypto_tfm_ctx(xfm);
+       unsigned int ccpversion = ccp_version();
        int ret;
 
        ret = xts_check_key(xfm, key, key_len);
        if (ret)
                return ret;
 
-       /* Only support 128-bit AES key with a 128-bit Tweak key,
-        * otherwise use the fallback
+       /* Version 3 devices support 128-bit keys; version 5 devices can
+        * accommodate 128- and 256-bit keys.
         */
        switch (key_len) {
        case AES_KEYSIZE_128 * 2:
                memcpy(ctx->u.aes.key, key, key_len);
                break;
+       case AES_KEYSIZE_256 * 2:
+               if (ccpversion > CCP_VERSION(3, 0))
+                       memcpy(ctx->u.aes.key, key, key_len);
+               break;
        }
        ctx->u.aes.key_len = key_len / 2;
        sg_init_one(&ctx->u.aes.key_sg, ctx->u.aes.key, key_len);
@@ -105,6 +110,8 @@ static int ccp_aes_xts_crypt(struct ablkcipher_request *req,
 {
        struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
        struct ccp_aes_req_ctx *rctx = ablkcipher_request_ctx(req);
+       unsigned int ccpversion = ccp_version();
+       unsigned int fallback = 0;
        unsigned int unit;
        u32 unit_size;
        int ret;
@@ -131,8 +138,19 @@ static int ccp_aes_xts_crypt(struct ablkcipher_request *req,
                        break;
                }
        }
-       if ((unit_size == CCP_XTS_AES_UNIT_SIZE__LAST) ||
-           (ctx->u.aes.key_len != AES_KEYSIZE_128)) {
+       /* The CCP has restrictions on block sizes. Also, a version 3 device
+        * only supports AES-128 operations; version 5 CCPs support both
+        * AES-128 and -256 operations.
+        */
+       if (unit_size == CCP_XTS_AES_UNIT_SIZE__LAST)
+               fallback = 1;
+       if ((ccpversion < CCP_VERSION(5, 0)) &&
+           (ctx->u.aes.key_len != AES_KEYSIZE_128))
+               fallback = 1;
+       if ((ctx->u.aes.key_len != AES_KEYSIZE_128) &&
+           (ctx->u.aes.key_len != AES_KEYSIZE_256))
+               fallback = 1;
+       if (fallback) {
                SKCIPHER_REQUEST_ON_STACK(subreq, ctx->u.aes.tfm_skcipher);
 
                /* Use the fallback to process the request for any

diff --git a/drivers/crypto/ccp/ccp-crypto.h b/drivers/crypto/ccp/ccp-crypto.h
index 67c7620029e38df7f4fa8517bd77e5a6d98066b6..b9fd090c46c250439080d5ac3fcb59864a383eeb 100644 (file)
--- a/drivers/crypto/ccp/ccp-crypto.h
+++ b/drivers/crypto/ccp/ccp-crypto.h
@@ -99,7 +99,7 @@ struct ccp_aes_ctx {
 
        struct scatterlist key_sg;
        unsigned int key_len;
-       u8 key[AES_MAX_KEY_SIZE];
+       u8 key[AES_MAX_KEY_SIZE * 2];
 
        u8 nonce[CTR_RFC3686_NONCE_SIZE];
 

diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 10e3be8d93ced233ff25272eb77053690b46513c..cc16cb0fc3af4340c049755f84185a09cc961e59 100644 (file)
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -1065,6 +1065,8 @@ static int ccp_run_xts_aes_cmd(struct ccp_cmd_queue *cmd_q,
 
        if (xts->key_len == AES_KEYSIZE_128)
                aestype = CCP_AES_TYPE_128;
+       else if (xts->key_len == AES_KEYSIZE_256)
+               aestype = CCP_AES_TYPE_256;
        else
                return -EINVAL;