Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
talitos.c
Go to the documentation of this file.
1 /*
2  * talitos - Freescale Integrated Security Engine (SEC) device driver
3  *
4  * Copyright (c) 2008-2011 Freescale Semiconductor, Inc.
5  *
6  * Scatterlist Crypto API glue code copied from files with the following:
7  * Copyright (c) 2006-2007 Herbert Xu <[email protected]>
8  *
9  * Crypto algorithm registration code copied from hifn driver:
10  * 2007+ Copyright (c) Evgeniy Polyakov <[email protected]>
11  * All rights reserved.
12  *
13  * This program is free software; you can redistribute it and/or modify
14  * it under the terms of the GNU General Public License as published by
15  * the Free Software Foundation; either version 2 of the License, or
16  * (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software
25  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26  */
27 
28 #include <linux/kernel.h>
29 #include <linux/module.h>
30 #include <linux/mod_devicetable.h>
31 #include <linux/device.h>
32 #include <linux/interrupt.h>
33 #include <linux/crypto.h>
34 #include <linux/hw_random.h>
35 #include <linux/of_platform.h>
36 #include <linux/dma-mapping.h>
37 #include <linux/io.h>
38 #include <linux/spinlock.h>
39 #include <linux/rtnetlink.h>
40 #include <linux/slab.h>
41 #include <linux/string.h>
42 
43 #include <crypto/algapi.h>
44 #include <crypto/aes.h>
45 #include <crypto/des.h>
46 #include <crypto/sha.h>
47 #include <crypto/md5.h>
48 #include <crypto/aead.h>
49 #include <crypto/authenc.h>
50 #include <crypto/skcipher.h>
51 #include <crypto/hash.h>
52 #include <crypto/internal/hash.h>
53 #include <crypto/scatterwalk.h>
54 
55 #include "talitos.h"
56 
57 static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t dma_addr)
58 {
59  talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
60  talitos_ptr->eptr = upper_32_bits(dma_addr);
61 }
62 
63 /*
64  * map virtual single (contiguous) pointer to h/w descriptor pointer
65  */
66 static void map_single_talitos_ptr(struct device *dev,
67  struct talitos_ptr *talitos_ptr,
68  unsigned short len, void *data,
69  unsigned char extent,
70  enum dma_data_direction dir)
71 {
72  dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
73 
74  talitos_ptr->len = cpu_to_be16(len);
75  to_talitos_ptr(talitos_ptr, dma_addr);
76  talitos_ptr->j_extent = extent;
77 }
78 
79 /*
80  * unmap bus single (contiguous) h/w descriptor pointer
81  */
82 static void unmap_single_talitos_ptr(struct device *dev,
83  struct talitos_ptr *talitos_ptr,
84  enum dma_data_direction dir)
85 {
86  dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr),
87  be16_to_cpu(talitos_ptr->len), dir);
88 }
89 
90 static int reset_channel(struct device *dev, int ch)
91 {
92  struct talitos_private *priv = dev_get_drvdata(dev);
93  unsigned int timeout = TALITOS_TIMEOUT;
94 
95  setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
96 
97  while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) & TALITOS_CCCR_RESET)
98  && --timeout)
99  cpu_relax();
100 
101  if (timeout == 0) {
102  dev_err(dev, "failed to reset channel %d\n", ch);
103  return -EIO;
104  }
105 
106  /* set 36-bit addressing, done writeback enable and done IRQ enable */
107  setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO, TALITOS_CCCR_LO_EAE |
109 
110  /* and ICCR writeback, if available */
112  setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO,
114 
115  return 0;
116 }
117 
118 static int reset_device(struct device *dev)
119 {
120  struct talitos_private *priv = dev_get_drvdata(dev);
121  unsigned int timeout = TALITOS_TIMEOUT;
122  u32 mcr = TALITOS_MCR_SWR;
123 
124  setbits32(priv->reg + TALITOS_MCR, mcr);
125 
126  while ((in_be32(priv->reg + TALITOS_MCR) & TALITOS_MCR_SWR)
127  && --timeout)
128  cpu_relax();
129 
130  if (priv->irq[1]) {
132  setbits32(priv->reg + TALITOS_MCR, mcr);
133  }
134 
135  if (timeout == 0) {
136  dev_err(dev, "failed to reset device\n");
137  return -EIO;
138  }
139 
140  return 0;
141 }
142 
143 /*
144  * Reset and initialize the device
145  */
146 static int init_device(struct device *dev)
147 {
148  struct talitos_private *priv = dev_get_drvdata(dev);
149  int ch, err;
150 
151  /*
152  * Master reset
153  * errata documentation: warning: certain SEC interrupts
154  * are not fully cleared by writing the MCR:SWR bit,
155  * set bit twice to completely reset
156  */
157  err = reset_device(dev);
158  if (err)
159  return err;
160 
161  err = reset_device(dev);
162  if (err)
163  return err;
164 
165  /* reset channels */
166  for (ch = 0; ch < priv->num_channels; ch++) {
167  err = reset_channel(dev, ch);
168  if (err)
169  return err;
170  }
171 
172  /* enable channel done and error interrupts */
173  setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
174  setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
175 
176  /* disable integrity check error interrupts (use writeback instead) */
178  setbits32(priv->reg + TALITOS_MDEUICR_LO,
180 
181  return 0;
182 }
183 
196 int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc,
197  void (*callback)(struct device *dev,
198  struct talitos_desc *desc,
199  void *context, int error),
200  void *context)
201 {
202  struct talitos_private *priv = dev_get_drvdata(dev);
203  struct talitos_request *request;
204  unsigned long flags;
205  int head;
206 
207  spin_lock_irqsave(&priv->chan[ch].head_lock, flags);
208 
209  if (!atomic_inc_not_zero(&priv->chan[ch].submit_count)) {
210  /* h/w fifo is full */
211  spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
212  return -EAGAIN;
213  }
214 
215  head = priv->chan[ch].head;
216  request = &priv->chan[ch].fifo[head];
217 
218  /* map descriptor and save caller data */
219  request->dma_desc = dma_map_single(dev, desc, sizeof(*desc),
221  request->callback = callback;
222  request->context = context;
223 
224  /* increment fifo head */
225  priv->chan[ch].head = (priv->chan[ch].head + 1) & (priv->fifo_len - 1);
226 
227  smp_wmb();
228  request->desc = desc;
229 
230  /* GO! */
231  wmb();
232  out_be32(priv->chan[ch].reg + TALITOS_FF,
233  upper_32_bits(request->dma_desc));
234  out_be32(priv->chan[ch].reg + TALITOS_FF_LO,
235  lower_32_bits(request->dma_desc));
236 
237  spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
238 
239  return -EINPROGRESS;
240 }
242 
243 /*
244  * process what was done, notify callback of error if not
245  */
246 static void flush_channel(struct device *dev, int ch, int error, int reset_ch)
247 {
248  struct talitos_private *priv = dev_get_drvdata(dev);
249  struct talitos_request *request, saved_req;
250  unsigned long flags;
251  int tail, status;
252 
253  spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
254 
255  tail = priv->chan[ch].tail;
256  while (priv->chan[ch].fifo[tail].desc) {
257  request = &priv->chan[ch].fifo[tail];
258 
259  /* descriptors with their done bits set don't get the error */
260  rmb();
261  if ((request->desc->hdr & DESC_HDR_DONE) == DESC_HDR_DONE)
262  status = 0;
263  else
264  if (!error)
265  break;
266  else
267  status = error;
268 
269  dma_unmap_single(dev, request->dma_desc,
270  sizeof(struct talitos_desc),
272 
273  /* copy entries so we can call callback outside lock */
274  saved_req.desc = request->desc;
275  saved_req.callback = request->callback;
276  saved_req.context = request->context;
277 
278  /* release request entry in fifo */
279  smp_wmb();
280  request->desc = NULL;
281 
282  /* increment fifo tail */
283  priv->chan[ch].tail = (tail + 1) & (priv->fifo_len - 1);
284 
285  spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
286 
287  atomic_dec(&priv->chan[ch].submit_count);
288 
289  saved_req.callback(dev, saved_req.desc, saved_req.context,
290  status);
291  /* channel may resume processing in single desc error case */
292  if (error && !reset_ch && status == error)
293  return;
294  spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
295  tail = priv->chan[ch].tail;
296  }
297 
298  spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
299 }
300 
301 /*
302  * process completed requests for channels that have done status
303  */
304 #define DEF_TALITOS_DONE(name, ch_done_mask) \
305 static void talitos_done_##name(unsigned long data) \
306 { \
307  struct device *dev = (struct device *)data; \
308  struct talitos_private *priv = dev_get_drvdata(dev); \
309  unsigned long flags; \
310  \
311  if (ch_done_mask & 1) \
312  flush_channel(dev, 0, 0, 0); \
313  if (priv->num_channels == 1) \
314  goto out; \
315  if (ch_done_mask & (1 << 2)) \
316  flush_channel(dev, 1, 0, 0); \
317  if (ch_done_mask & (1 << 4)) \
318  flush_channel(dev, 2, 0, 0); \
319  if (ch_done_mask & (1 << 6)) \
320  flush_channel(dev, 3, 0, 0); \
321  \
322 out: \
323  /* At this point, all completed channels have been processed */ \
324  /* Unmask done interrupts for channels completed later on. */ \
325  spin_lock_irqsave(&priv->reg_lock, flags); \
326  setbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
327  setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); \
328  spin_unlock_irqrestore(&priv->reg_lock, flags); \
329 }
333 
334 /*
335  * locate current (offending) descriptor
336  */
337 static u32 current_desc_hdr(struct device *dev, int ch)
338 {
339  struct talitos_private *priv = dev_get_drvdata(dev);
340  int tail = priv->chan[ch].tail;
341  dma_addr_t cur_desc;
342 
343  cur_desc = in_be32(priv->chan[ch].reg + TALITOS_CDPR_LO);
344 
345  while (priv->chan[ch].fifo[tail].dma_desc != cur_desc) {
346  tail = (tail + 1) & (priv->fifo_len - 1);
347  if (tail == priv->chan[ch].tail) {
348  dev_err(dev, "couldn't locate current descriptor\n");
349  return 0;
350  }
351  }
352 
353  return priv->chan[ch].fifo[tail].desc->hdr;
354 }
355 
356 /*
357  * user diagnostics; report root cause of error based on execution unit status
358  */
359 static void report_eu_error(struct device *dev, int ch, u32 desc_hdr)
360 {
361  struct talitos_private *priv = dev_get_drvdata(dev);
362  int i;
363 
364  if (!desc_hdr)
365  desc_hdr = in_be32(priv->chan[ch].reg + TALITOS_DESCBUF);
366 
367  switch (desc_hdr & DESC_HDR_SEL0_MASK) {
368  case DESC_HDR_SEL0_AFEU:
369  dev_err(dev, "AFEUISR 0x%08x_%08x\n",
370  in_be32(priv->reg + TALITOS_AFEUISR),
371  in_be32(priv->reg + TALITOS_AFEUISR_LO));
372  break;
373  case DESC_HDR_SEL0_DEU:
374  dev_err(dev, "DEUISR 0x%08x_%08x\n",
375  in_be32(priv->reg + TALITOS_DEUISR),
376  in_be32(priv->reg + TALITOS_DEUISR_LO));
377  break;
378  case DESC_HDR_SEL0_MDEUA:
379  case DESC_HDR_SEL0_MDEUB:
380  dev_err(dev, "MDEUISR 0x%08x_%08x\n",
381  in_be32(priv->reg + TALITOS_MDEUISR),
382  in_be32(priv->reg + TALITOS_MDEUISR_LO));
383  break;
384  case DESC_HDR_SEL0_RNG:
385  dev_err(dev, "RNGUISR 0x%08x_%08x\n",
386  in_be32(priv->reg + TALITOS_RNGUISR),
387  in_be32(priv->reg + TALITOS_RNGUISR_LO));
388  break;
389  case DESC_HDR_SEL0_PKEU:
390  dev_err(dev, "PKEUISR 0x%08x_%08x\n",
391  in_be32(priv->reg + TALITOS_PKEUISR),
392  in_be32(priv->reg + TALITOS_PKEUISR_LO));
393  break;
394  case DESC_HDR_SEL0_AESU:
395  dev_err(dev, "AESUISR 0x%08x_%08x\n",
396  in_be32(priv->reg + TALITOS_AESUISR),
397  in_be32(priv->reg + TALITOS_AESUISR_LO));
398  break;
399  case DESC_HDR_SEL0_CRCU:
400  dev_err(dev, "CRCUISR 0x%08x_%08x\n",
401  in_be32(priv->reg + TALITOS_CRCUISR),
402  in_be32(priv->reg + TALITOS_CRCUISR_LO));
403  break;
404  case DESC_HDR_SEL0_KEU:
405  dev_err(dev, "KEUISR 0x%08x_%08x\n",
406  in_be32(priv->reg + TALITOS_KEUISR),
407  in_be32(priv->reg + TALITOS_KEUISR_LO));
408  break;
409  }
410 
411  switch (desc_hdr & DESC_HDR_SEL1_MASK) {
412  case DESC_HDR_SEL1_MDEUA:
413  case DESC_HDR_SEL1_MDEUB:
414  dev_err(dev, "MDEUISR 0x%08x_%08x\n",
415  in_be32(priv->reg + TALITOS_MDEUISR),
416  in_be32(priv->reg + TALITOS_MDEUISR_LO));
417  break;
418  case DESC_HDR_SEL1_CRCU:
419  dev_err(dev, "CRCUISR 0x%08x_%08x\n",
420  in_be32(priv->reg + TALITOS_CRCUISR),
421  in_be32(priv->reg + TALITOS_CRCUISR_LO));
422  break;
423  }
424 
425  for (i = 0; i < 8; i++)
426  dev_err(dev, "DESCBUF 0x%08x_%08x\n",
427  in_be32(priv->chan[ch].reg + TALITOS_DESCBUF + 8*i),
428  in_be32(priv->chan[ch].reg + TALITOS_DESCBUF_LO + 8*i));
429 }
430 
431 /*
432  * recover from error interrupts
433  */
434 static void talitos_error(struct device *dev, u32 isr, u32 isr_lo)
435 {
436  struct talitos_private *priv = dev_get_drvdata(dev);
437  unsigned int timeout = TALITOS_TIMEOUT;
438  int ch, error, reset_dev = 0, reset_ch = 0;
439  u32 v, v_lo;
440 
441  for (ch = 0; ch < priv->num_channels; ch++) {
442  /* skip channels without errors */
443  if (!(isr & (1 << (ch * 2 + 1))))
444  continue;
445 
446  error = -EINVAL;
447 
448  v = in_be32(priv->chan[ch].reg + TALITOS_CCPSR);
449  v_lo = in_be32(priv->chan[ch].reg + TALITOS_CCPSR_LO);
450 
451  if (v_lo & TALITOS_CCPSR_LO_DOF) {
452  dev_err(dev, "double fetch fifo overflow error\n");
453  error = -EAGAIN;
454  reset_ch = 1;
455  }
456  if (v_lo & TALITOS_CCPSR_LO_SOF) {
457  /* h/w dropped descriptor */
458  dev_err(dev, "single fetch fifo overflow error\n");
459  error = -EAGAIN;
460  }
461  if (v_lo & TALITOS_CCPSR_LO_MDTE)
462  dev_err(dev, "master data transfer error\n");
463  if (v_lo & TALITOS_CCPSR_LO_SGDLZ)
464  dev_err(dev, "s/g data length zero error\n");
465  if (v_lo & TALITOS_CCPSR_LO_FPZ)
466  dev_err(dev, "fetch pointer zero error\n");
467  if (v_lo & TALITOS_CCPSR_LO_IDH)
468  dev_err(dev, "illegal descriptor header error\n");
469  if (v_lo & TALITOS_CCPSR_LO_IEU)
470  dev_err(dev, "invalid execution unit error\n");
471  if (v_lo & TALITOS_CCPSR_LO_EU)
472  report_eu_error(dev, ch, current_desc_hdr(dev, ch));
473  if (v_lo & TALITOS_CCPSR_LO_GB)
474  dev_err(dev, "gather boundary error\n");
475  if (v_lo & TALITOS_CCPSR_LO_GRL)
476  dev_err(dev, "gather return/length error\n");
477  if (v_lo & TALITOS_CCPSR_LO_SB)
478  dev_err(dev, "scatter boundary error\n");
479  if (v_lo & TALITOS_CCPSR_LO_SRL)
480  dev_err(dev, "scatter return/length error\n");
481 
482  flush_channel(dev, ch, error, reset_ch);
483 
484  if (reset_ch) {
485  reset_channel(dev, ch);
486  } else {
487  setbits32(priv->chan[ch].reg + TALITOS_CCCR,
489  setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO, 0);
490  while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) &
491  TALITOS_CCCR_CONT) && --timeout)
492  cpu_relax();
493  if (timeout == 0) {
494  dev_err(dev, "failed to restart channel %d\n",
495  ch);
496  reset_dev = 1;
497  }
498  }
499  }
500  if (reset_dev || isr & ~TALITOS_ISR_4CHERR || isr_lo) {
501  dev_err(dev, "done overflow, internal time out, or rngu error: "
502  "ISR 0x%08x_%08x\n", isr, isr_lo);
503 
504  /* purge request queues */
505  for (ch = 0; ch < priv->num_channels; ch++)
506  flush_channel(dev, ch, -EIO, 1);
507 
508  /* reset and reinitialize the device */
509  init_device(dev);
510  }
511 }
512 
513 #define DEF_TALITOS_INTERRUPT(name, ch_done_mask, ch_err_mask, tlet) \
514 static irqreturn_t talitos_interrupt_##name(int irq, void *data) \
515 { \
516  struct device *dev = data; \
517  struct talitos_private *priv = dev_get_drvdata(dev); \
518  u32 isr, isr_lo; \
519  unsigned long flags; \
520  \
521  spin_lock_irqsave(&priv->reg_lock, flags); \
522  isr = in_be32(priv->reg + TALITOS_ISR); \
523  isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); \
524  /* Acknowledge interrupt */ \
525  out_be32(priv->reg + TALITOS_ICR, isr & (ch_done_mask | ch_err_mask)); \
526  out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); \
527  \
528  if (unlikely(isr & ch_err_mask || isr_lo)) { \
529  spin_unlock_irqrestore(&priv->reg_lock, flags); \
530  talitos_error(dev, isr & ch_err_mask, isr_lo); \
531  } \
532  else { \
533  if (likely(isr & ch_done_mask)) { \
534  /* mask further done interrupts. */ \
535  clrbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
536  /* done_task will unmask done interrupts at exit */ \
537  tasklet_schedule(&priv->done_task[tlet]); \
538  } \
539  spin_unlock_irqrestore(&priv->reg_lock, flags); \
540  } \
541  \
542  return (isr & (ch_done_mask | ch_err_mask) || isr_lo) ? IRQ_HANDLED : \
543  IRQ_NONE; \
544 }
548 
549 /*
550  * hwrng
551  */
552 static int talitos_rng_data_present(struct hwrng *rng, int wait)
553 {
554  struct device *dev = (struct device *)rng->priv;
555  struct talitos_private *priv = dev_get_drvdata(dev);
556  u32 ofl;
557  int i;
558 
559  for (i = 0; i < 20; i++) {
560  ofl = in_be32(priv->reg + TALITOS_RNGUSR_LO) &
562  if (ofl || !wait)
563  break;
564  udelay(10);
565  }
566 
567  return !!ofl;
568 }
569 
570 static int talitos_rng_data_read(struct hwrng *rng, u32 *data)
571 {
572  struct device *dev = (struct device *)rng->priv;
573  struct talitos_private *priv = dev_get_drvdata(dev);
574 
575  /* rng fifo requires 64-bit accesses */
576  *data = in_be32(priv->reg + TALITOS_RNGU_FIFO);
577  *data = in_be32(priv->reg + TALITOS_RNGU_FIFO_LO);
578 
579  return sizeof(u32);
580 }
581 
582 static int talitos_rng_init(struct hwrng *rng)
583 {
584  struct device *dev = (struct device *)rng->priv;
585  struct talitos_private *priv = dev_get_drvdata(dev);
586  unsigned int timeout = TALITOS_TIMEOUT;
587 
588  setbits32(priv->reg + TALITOS_RNGURCR_LO, TALITOS_RNGURCR_LO_SR);
590  && --timeout)
591  cpu_relax();
592  if (timeout == 0) {
593  dev_err(dev, "failed to reset rng hw\n");
594  return -ENODEV;
595  }
596 
597  /* start generating */
598  setbits32(priv->reg + TALITOS_RNGUDSR_LO, 0);
599 
600  return 0;
601 }
602 
603 static int talitos_register_rng(struct device *dev)
604 {
605  struct talitos_private *priv = dev_get_drvdata(dev);
606 
607  priv->rng.name = dev_driver_string(dev),
608  priv->rng.init = talitos_rng_init,
609  priv->rng.data_present = talitos_rng_data_present,
610  priv->rng.data_read = talitos_rng_data_read,
611  priv->rng.priv = (unsigned long)dev;
612 
613  return hwrng_register(&priv->rng);
614 }
615 
616 static void talitos_unregister_rng(struct device *dev)
617 {
618  struct talitos_private *priv = dev_get_drvdata(dev);
619 
620  hwrng_unregister(&priv->rng);
621 }
622 
623 /*
624  * crypto alg
625  */
626 #define TALITOS_CRA_PRIORITY 3000
627 #define TALITOS_MAX_KEY_SIZE 96
628 #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */
629 
630 #define MD5_BLOCK_SIZE 64
631 
632 struct talitos_ctx {
633  struct device *dev;
634  int ch;
638  unsigned int keylen;
639  unsigned int enckeylen;
640  unsigned int authkeylen;
641  unsigned int authsize;
642 };
643 
644 #define HASH_MAX_BLOCK_SIZE SHA512_BLOCK_SIZE
645 #define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
646 
649  unsigned int hw_context_size;
652  unsigned int swinit;
653  unsigned int first;
654  unsigned int last;
655  unsigned int to_hash_later;
657  struct scatterlist bufsl[2];
658  struct scatterlist *psrc;
659 };
660 
661 static int aead_setauthsize(struct crypto_aead *authenc,
662  unsigned int authsize)
663 {
664  struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
665 
666  ctx->authsize = authsize;
667 
668  return 0;
669 }
670 
671 static int aead_setkey(struct crypto_aead *authenc,
672  const u8 *key, unsigned int keylen)
673 {
674  struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
675  struct rtattr *rta = (void *)key;
677  unsigned int authkeylen;
678  unsigned int enckeylen;
679 
680  if (!RTA_OK(rta, keylen))
681  goto badkey;
682 
684  goto badkey;
685 
686  if (RTA_PAYLOAD(rta) < sizeof(*param))
687  goto badkey;
688 
689  param = RTA_DATA(rta);
690  enckeylen = be32_to_cpu(param->enckeylen);
691 
692  key += RTA_ALIGN(rta->rta_len);
693  keylen -= RTA_ALIGN(rta->rta_len);
694 
695  if (keylen < enckeylen)
696  goto badkey;
697 
698  authkeylen = keylen - enckeylen;
699 
700  if (keylen > TALITOS_MAX_KEY_SIZE)
701  goto badkey;
702 
703  memcpy(&ctx->key, key, keylen);
704 
705  ctx->keylen = keylen;
706  ctx->enckeylen = enckeylen;
707  ctx->authkeylen = authkeylen;
708 
709  return 0;
710 
711 badkey:
712  crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN);
713  return -EINVAL;
714 }
715 
716 /*
717  * talitos_edesc - s/w-extended descriptor
718  * @assoc_nents: number of segments in associated data scatterlist
719  * @src_nents: number of segments in input scatterlist
720  * @dst_nents: number of segments in output scatterlist
721  * @assoc_chained: whether assoc is chained or not
722  * @src_chained: whether src is chained or not
723  * @dst_chained: whether dst is chained or not
724  * @iv_dma: dma address of iv for checking continuity and link table
725  * @dma_len: length of dma mapped link_tbl space
726  * @dma_link_tbl: bus physical address of link_tbl
727  * @desc: h/w descriptor
728  * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1)
729  *
730  * if decrypting (with authcheck), or either one of src_nents or dst_nents
731  * is greater than 1, an integrity check value is concatenated to the end
732  * of link_tbl data
733  */
742  int dma_len;
744  struct talitos_desc desc;
745  struct talitos_ptr link_tbl[0];
746 };
747 
748 static int talitos_map_sg(struct device *dev, struct scatterlist *sg,
749  unsigned int nents, enum dma_data_direction dir,
750  bool chained)
751 {
752  if (unlikely(chained))
753  while (sg) {
754  dma_map_sg(dev, sg, 1, dir);
755  sg = scatterwalk_sg_next(sg);
756  }
757  else
758  dma_map_sg(dev, sg, nents, dir);
759  return nents;
760 }
761 
762 static void talitos_unmap_sg_chain(struct device *dev, struct scatterlist *sg,
763  enum dma_data_direction dir)
764 {
765  while (sg) {
766  dma_unmap_sg(dev, sg, 1, dir);
767  sg = scatterwalk_sg_next(sg);
768  }
769 }
770 
771 static void talitos_sg_unmap(struct device *dev,
772  struct talitos_edesc *edesc,
773  struct scatterlist *src,
774  struct scatterlist *dst)
775 {
776  unsigned int src_nents = edesc->src_nents ? : 1;
777  unsigned int dst_nents = edesc->dst_nents ? : 1;
778 
779  if (src != dst) {
780  if (edesc->src_chained)
781  talitos_unmap_sg_chain(dev, src, DMA_TO_DEVICE);
782  else
783  dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE);
784 
785  if (dst) {
786  if (edesc->dst_chained)
787  talitos_unmap_sg_chain(dev, dst,
789  else
790  dma_unmap_sg(dev, dst, dst_nents,
792  }
793  } else
794  if (edesc->src_chained)
795  talitos_unmap_sg_chain(dev, src, DMA_BIDIRECTIONAL);
796  else
797  dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL);
798 }
799 
800 static void ipsec_esp_unmap(struct device *dev,
801  struct talitos_edesc *edesc,
802  struct aead_request *areq)
803 {
804  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6], DMA_FROM_DEVICE);
805  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[3], DMA_TO_DEVICE);
806  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
807  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[0], DMA_TO_DEVICE);
808 
809  if (edesc->assoc_chained)
810  talitos_unmap_sg_chain(dev, areq->assoc, DMA_TO_DEVICE);
811  else
812  /* assoc_nents counts also for IV in non-contiguous cases */
813  dma_unmap_sg(dev, areq->assoc,
814  edesc->assoc_nents ? edesc->assoc_nents - 1 : 1,
815  DMA_TO_DEVICE);
816 
817  talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
818 
819  if (edesc->dma_len)
820  dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
822 }
823 
824 /*
825  * ipsec_esp descriptor callbacks
826  */
827 static void ipsec_esp_encrypt_done(struct device *dev,
828  struct talitos_desc *desc, void *context,
829  int err)
830 {
831  struct aead_request *areq = context;
832  struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
833  struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
834  struct talitos_edesc *edesc;
835  struct scatterlist *sg;
836  void *icvdata;
837 
838  edesc = container_of(desc, struct talitos_edesc, desc);
839 
840  ipsec_esp_unmap(dev, edesc, areq);
841 
842  /* copy the generated ICV to dst */
843  if (edesc->dst_nents) {
844  icvdata = &edesc->link_tbl[edesc->src_nents +
845  edesc->dst_nents + 2 +
846  edesc->assoc_nents];
847  sg = sg_last(areq->dst, edesc->dst_nents);
848  memcpy((char *)sg_virt(sg) + sg->length - ctx->authsize,
849  icvdata, ctx->authsize);
850  }
851 
852  kfree(edesc);
853 
854  aead_request_complete(areq, err);
855 }
856 
857 static void ipsec_esp_decrypt_swauth_done(struct device *dev,
858  struct talitos_desc *desc,
859  void *context, int err)
860 {
861  struct aead_request *req = context;
862  struct crypto_aead *authenc = crypto_aead_reqtfm(req);
863  struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
864  struct talitos_edesc *edesc;
865  struct scatterlist *sg;
866  void *icvdata;
867 
868  edesc = container_of(desc, struct talitos_edesc, desc);
869 
870  ipsec_esp_unmap(dev, edesc, req);
871 
872  if (!err) {
873  /* auth check */
874  if (edesc->dma_len)
875  icvdata = &edesc->link_tbl[edesc->src_nents +
876  edesc->dst_nents + 2 +
877  edesc->assoc_nents];
878  else
879  icvdata = &edesc->link_tbl[0];
880 
881  sg = sg_last(req->dst, edesc->dst_nents ? : 1);
882  err = memcmp(icvdata, (char *)sg_virt(sg) + sg->length -
883  ctx->authsize, ctx->authsize) ? -EBADMSG : 0;
884  }
885 
886  kfree(edesc);
887 
888  aead_request_complete(req, err);
889 }
890 
891 static void ipsec_esp_decrypt_hwauth_done(struct device *dev,
892  struct talitos_desc *desc,
893  void *context, int err)
894 {
895  struct aead_request *req = context;
896  struct talitos_edesc *edesc;
897 
898  edesc = container_of(desc, struct talitos_edesc, desc);
899 
900  ipsec_esp_unmap(dev, edesc, req);
901 
902  /* check ICV auth status */
903  if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) !=
905  err = -EBADMSG;
906 
907  kfree(edesc);
908 
909  aead_request_complete(req, err);
910 }
911 
912 /*
913  * convert scatterlist to SEC h/w link table format
914  * stop at cryptlen bytes
915  */
916 static int sg_to_link_tbl(struct scatterlist *sg, int sg_count,
917  int cryptlen, struct talitos_ptr *link_tbl_ptr)
918 {
919  int n_sg = sg_count;
920 
921  while (n_sg--) {
922  to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg));
923  link_tbl_ptr->len = cpu_to_be16(sg_dma_len(sg));
924  link_tbl_ptr->j_extent = 0;
925  link_tbl_ptr++;
926  cryptlen -= sg_dma_len(sg);
927  sg = scatterwalk_sg_next(sg);
928  }
929 
930  /* adjust (decrease) last one (or two) entry's len to cryptlen */
931  link_tbl_ptr--;
932  while (be16_to_cpu(link_tbl_ptr->len) <= (-cryptlen)) {
933  /* Empty this entry, and move to previous one */
934  cryptlen += be16_to_cpu(link_tbl_ptr->len);
935  link_tbl_ptr->len = 0;
936  sg_count--;
937  link_tbl_ptr--;
938  }
939  link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len)
940  + cryptlen);
941 
942  /* tag end of link table */
943  link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
944 
945  return sg_count;
946 }
947 
948 /*
949  * fill in and submit ipsec_esp descriptor
950  */
951 static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq,
952  u64 seq, void (*callback) (struct device *dev,
953  struct talitos_desc *desc,
954  void *context, int error))
955 {
956  struct crypto_aead *aead = crypto_aead_reqtfm(areq);
957  struct talitos_ctx *ctx = crypto_aead_ctx(aead);
958  struct device *dev = ctx->dev;
959  struct talitos_desc *desc = &edesc->desc;
960  unsigned int cryptlen = areq->cryptlen;
961  unsigned int authsize = ctx->authsize;
962  unsigned int ivsize = crypto_aead_ivsize(aead);
963  int sg_count, ret;
964  int sg_link_tbl_len;
965 
966  /* hmac key */
967  map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key,
968  0, DMA_TO_DEVICE);
969 
970  /* hmac data */
971  desc->ptr[1].len = cpu_to_be16(areq->assoclen + ivsize);
972  if (edesc->assoc_nents) {
973  int tbl_off = edesc->src_nents + edesc->dst_nents + 2;
974  struct talitos_ptr *tbl_ptr = &edesc->link_tbl[tbl_off];
975 
976  to_talitos_ptr(&desc->ptr[1], edesc->dma_link_tbl + tbl_off *
977  sizeof(struct talitos_ptr));
978  desc->ptr[1].j_extent = DESC_PTR_LNKTBL_JUMP;
979 
980  /* assoc_nents - 1 entries for assoc, 1 for IV */
981  sg_count = sg_to_link_tbl(areq->assoc, edesc->assoc_nents - 1,
982  areq->assoclen, tbl_ptr);
983 
984  /* add IV to link table */
985  tbl_ptr += sg_count - 1;
986  tbl_ptr->j_extent = 0;
987  tbl_ptr++;
988  to_talitos_ptr(tbl_ptr, edesc->iv_dma);
989  tbl_ptr->len = cpu_to_be16(ivsize);
990  tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
991 
993  edesc->dma_len, DMA_BIDIRECTIONAL);
994  } else {
995  to_talitos_ptr(&desc->ptr[1], sg_dma_address(areq->assoc));
996  desc->ptr[1].j_extent = 0;
997  }
998 
999  /* cipher iv */
1000  to_talitos_ptr(&desc->ptr[2], edesc->iv_dma);
1001  desc->ptr[2].len = cpu_to_be16(ivsize);
1002  desc->ptr[2].j_extent = 0;
1003  /* Sync needed for the aead_givencrypt case */
1004  dma_sync_single_for_device(dev, edesc->iv_dma, ivsize, DMA_TO_DEVICE);
1005 
1006  /* cipher key */
1007  map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen,
1008  (char *)&ctx->key + ctx->authkeylen, 0,
1009  DMA_TO_DEVICE);
1010 
1011  /*
1012  * cipher in
1013  * map and adjust cipher len to aead request cryptlen.
1014  * extent is bytes of HMAC postpended to ciphertext,
1015  * typically 12 for ipsec
1016  */
1017  desc->ptr[4].len = cpu_to_be16(cryptlen);
1018  desc->ptr[4].j_extent = authsize;
1019 
1020  sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
1021  (areq->src == areq->dst) ? DMA_BIDIRECTIONAL
1022  : DMA_TO_DEVICE,
1023  edesc->src_chained);
1024 
1025  if (sg_count == 1) {
1026  to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->src));
1027  } else {
1028  sg_link_tbl_len = cryptlen;
1029 
1030  if (edesc->desc.hdr & DESC_HDR_MODE1_MDEU_CICV)
1031  sg_link_tbl_len = cryptlen + authsize;
1032 
1033  sg_count = sg_to_link_tbl(areq->src, sg_count, sg_link_tbl_len,
1034  &edesc->link_tbl[0]);
1035  if (sg_count > 1) {
1036  desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP;
1037  to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl);
1039  edesc->dma_len,
1041  } else {
1042  /* Only one segment now, so no link tbl needed */
1043  to_talitos_ptr(&desc->ptr[4],
1044  sg_dma_address(areq->src));
1045  }
1046  }
1047 
1048  /* cipher out */
1049  desc->ptr[5].len = cpu_to_be16(cryptlen);
1050  desc->ptr[5].j_extent = authsize;
1051 
1052  if (areq->src != areq->dst)
1053  sg_count = talitos_map_sg(dev, areq->dst,
1054  edesc->dst_nents ? : 1,
1055  DMA_FROM_DEVICE, edesc->dst_chained);
1056 
1057  if (sg_count == 1) {
1058  to_talitos_ptr(&desc->ptr[5], sg_dma_address(areq->dst));
1059  } else {
1060  int tbl_off = edesc->src_nents + 1;
1061  struct talitos_ptr *tbl_ptr = &edesc->link_tbl[tbl_off];
1062 
1063  to_talitos_ptr(&desc->ptr[5], edesc->dma_link_tbl +
1064  tbl_off * sizeof(struct talitos_ptr));
1065  sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen,
1066  tbl_ptr);
1067 
1068  /* Add an entry to the link table for ICV data */
1069  tbl_ptr += sg_count - 1;
1070  tbl_ptr->j_extent = 0;
1071  tbl_ptr++;
1072  tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
1073  tbl_ptr->len = cpu_to_be16(authsize);
1074 
1075  /* icv data follows link tables */
1076  to_talitos_ptr(tbl_ptr, edesc->dma_link_tbl +
1077  (tbl_off + edesc->dst_nents + 1 +
1078  edesc->assoc_nents) *
1079  sizeof(struct talitos_ptr));
1080  desc->ptr[5].j_extent |= DESC_PTR_LNKTBL_JUMP;
1082  edesc->dma_len, DMA_BIDIRECTIONAL);
1083  }
1084 
1085  /* iv out */
1086  map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, 0,
1087  DMA_FROM_DEVICE);
1088 
1089  ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
1090  if (ret != -EINPROGRESS) {
1091  ipsec_esp_unmap(dev, edesc, areq);
1092  kfree(edesc);
1093  }
1094  return ret;
1095 }
1096 
1097 /*
1098  * derive number of elements in scatterlist
1099  */
1100 static int sg_count(struct scatterlist *sg_list, int nbytes, bool *chained)
1101 {
1102  struct scatterlist *sg = sg_list;
1103  int sg_nents = 0;
1104 
1105  *chained = false;
1106  while (nbytes > 0) {
1107  sg_nents++;
1108  nbytes -= sg->length;
1109  if (!sg_is_last(sg) && (sg + 1)->length == 0)
1110  *chained = true;
1111  sg = scatterwalk_sg_next(sg);
1112  }
1113 
1114  return sg_nents;
1115 }
1116 
1129 static size_t sg_copy_end_to_buffer(struct scatterlist *sgl, unsigned int nents,
1130  void *buf, size_t buflen, unsigned int skip)
1131 {
1132  unsigned int offset = 0;
1133  unsigned int boffset = 0;
1134  struct sg_mapping_iter miter;
1135  unsigned long flags;
1136  unsigned int sg_flags = SG_MITER_ATOMIC;
1137  size_t total_buffer = buflen + skip;
1138 
1139  sg_flags |= SG_MITER_FROM_SG;
1140 
1141  sg_miter_start(&miter, sgl, nents, sg_flags);
1142 
1143  local_irq_save(flags);
1144 
1145  while (sg_miter_next(&miter) && offset < total_buffer) {
1146  unsigned int len;
1147  unsigned int ignore;
1148 
1149  if ((offset + miter.length) > skip) {
1150  if (offset < skip) {
1151  /* Copy part of this segment */
1152  ignore = skip - offset;
1153  len = miter.length - ignore;
1154  if (boffset + len > buflen)
1155  len = buflen - boffset;
1156  memcpy(buf + boffset, miter.addr + ignore, len);
1157  } else {
1158  /* Copy all of this segment (up to buflen) */
1159  len = miter.length;
1160  if (boffset + len > buflen)
1161  len = buflen - boffset;
1162  memcpy(buf + boffset, miter.addr, len);
1163  }
1164  boffset += len;
1165  }
1166  offset += miter.length;
1167  }
1168 
1169  sg_miter_stop(&miter);
1170 
1171  local_irq_restore(flags);
1172  return boffset;
1173 }
1174 
1175 /*
1176  * allocate and map the extended descriptor
1177  */
1178 static struct talitos_edesc *talitos_edesc_alloc(struct device *dev,
1179  struct scatterlist *assoc,
1180  struct scatterlist *src,
1181  struct scatterlist *dst,
1182  u8 *iv,
1183  unsigned int assoclen,
1184  unsigned int cryptlen,
1185  unsigned int authsize,
1186  unsigned int ivsize,
1187  int icv_stashing,
1188  u32 cryptoflags)
1189 {
1190  struct talitos_edesc *edesc;
1191  int assoc_nents = 0, src_nents, dst_nents, alloc_len, dma_len;
1192  bool assoc_chained = false, src_chained = false, dst_chained = false;
1193  dma_addr_t iv_dma = 0;
1194  gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL :
1195  GFP_ATOMIC;
1196 
1197  if (cryptlen + authsize > TALITOS_MAX_DATA_LEN) {
1198  dev_err(dev, "length exceeds h/w max limit\n");
1199  return ERR_PTR(-EINVAL);
1200  }
1201 
1202  if (iv)
1203  iv_dma = dma_map_single(dev, iv, ivsize, DMA_TO_DEVICE);
1204 
1205  if (assoc) {
1206  /*
1207  * Currently it is assumed that iv is provided whenever assoc
1208  * is.
1209  */
1210  BUG_ON(!iv);
1211 
1212  assoc_nents = sg_count(assoc, assoclen, &assoc_chained);
1213  talitos_map_sg(dev, assoc, assoc_nents, DMA_TO_DEVICE,
1214  assoc_chained);
1215  assoc_nents = (assoc_nents == 1) ? 0 : assoc_nents;
1216 
1217  if (assoc_nents || sg_dma_address(assoc) + assoclen != iv_dma)
1218  assoc_nents = assoc_nents ? assoc_nents + 1 : 2;
1219  }
1220 
1221  src_nents = sg_count(src, cryptlen + authsize, &src_chained);
1222  src_nents = (src_nents == 1) ? 0 : src_nents;
1223 
1224  if (!dst) {
1225  dst_nents = 0;
1226  } else {
1227  if (dst == src) {
1228  dst_nents = src_nents;
1229  } else {
1230  dst_nents = sg_count(dst, cryptlen + authsize,
1231  &dst_chained);
1232  dst_nents = (dst_nents == 1) ? 0 : dst_nents;
1233  }
1234  }
1235 
1236  /*
1237  * allocate space for base edesc plus the link tables,
1238  * allowing for two separate entries for ICV and generated ICV (+ 2),
1239  * and the ICV data itself
1240  */
1241  alloc_len = sizeof(struct talitos_edesc);
1242  if (assoc_nents || src_nents || dst_nents) {
1243  dma_len = (src_nents + dst_nents + 2 + assoc_nents) *
1244  sizeof(struct talitos_ptr) + authsize;
1245  alloc_len += dma_len;
1246  } else {
1247  dma_len = 0;
1248  alloc_len += icv_stashing ? authsize : 0;
1249  }
1250 
1251  edesc = kmalloc(alloc_len, GFP_DMA | flags);
1252  if (!edesc) {
1253  talitos_unmap_sg_chain(dev, assoc, DMA_TO_DEVICE);
1254  if (iv_dma)
1255  dma_unmap_single(dev, iv_dma, ivsize, DMA_TO_DEVICE);
1256  dev_err(dev, "could not allocate edescriptor\n");
1257  return ERR_PTR(-ENOMEM);
1258  }
1259 
1260  edesc->assoc_nents = assoc_nents;
1261  edesc->src_nents = src_nents;
1262  edesc->dst_nents = dst_nents;
1263  edesc->assoc_chained = assoc_chained;
1264  edesc->src_chained = src_chained;
1265  edesc->dst_chained = dst_chained;
1266  edesc->iv_dma = iv_dma;
1267  edesc->dma_len = dma_len;
1268  if (dma_len)
1269  edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0],
1270  edesc->dma_len,
1272 
1273  return edesc;
1274 }
1275 
1276 static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, u8 *iv,
1277  int icv_stashing)
1278 {
1279  struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
1280  struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1281  unsigned int ivsize = crypto_aead_ivsize(authenc);
1282 
1283  return talitos_edesc_alloc(ctx->dev, areq->assoc, areq->src, areq->dst,
1284  iv, areq->assoclen, areq->cryptlen,
1285  ctx->authsize, ivsize, icv_stashing,
1286  areq->base.flags);
1287 }
1288 
1289 static int aead_encrypt(struct aead_request *req)
1290 {
1291  struct crypto_aead *authenc = crypto_aead_reqtfm(req);
1292  struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1293  struct talitos_edesc *edesc;
1294 
1295  /* allocate extended descriptor */
1296  edesc = aead_edesc_alloc(req, req->iv, 0);
1297  if (IS_ERR(edesc))
1298  return PTR_ERR(edesc);
1299 
1300  /* set encrypt */
1301  edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1302 
1303  return ipsec_esp(edesc, req, 0, ipsec_esp_encrypt_done);
1304 }
1305 
1306 static int aead_decrypt(struct aead_request *req)
1307 {
1308  struct crypto_aead *authenc = crypto_aead_reqtfm(req);
1309  struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1310  unsigned int authsize = ctx->authsize;
1311  struct talitos_private *priv = dev_get_drvdata(ctx->dev);
1312  struct talitos_edesc *edesc;
1313  struct scatterlist *sg;
1314  void *icvdata;
1315 
1316  req->cryptlen -= authsize;
1317 
1318  /* allocate extended descriptor */
1319  edesc = aead_edesc_alloc(req, req->iv, 1);
1320  if (IS_ERR(edesc))
1321  return PTR_ERR(edesc);
1322 
1323  if ((priv->features & TALITOS_FTR_HW_AUTH_CHECK) &&
1324  ((!edesc->src_nents && !edesc->dst_nents) ||
1326 
1327  /* decrypt and check the ICV */
1328  edesc->desc.hdr = ctx->desc_hdr_template |
1331 
1332  /* reset integrity check result bits */
1333  edesc->desc.hdr_lo = 0;
1334 
1335  return ipsec_esp(edesc, req, 0, ipsec_esp_decrypt_hwauth_done);
1336  }
1337 
1338  /* Have to check the ICV with software */
1339  edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
1340 
1341  /* stash incoming ICV for later cmp with ICV generated by the h/w */
1342  if (edesc->dma_len)
1343  icvdata = &edesc->link_tbl[edesc->src_nents +
1344  edesc->dst_nents + 2 +
1345  edesc->assoc_nents];
1346  else
1347  icvdata = &edesc->link_tbl[0];
1348 
1349  sg = sg_last(req->src, edesc->src_nents ? : 1);
1350 
1351  memcpy(icvdata, (char *)sg_virt(sg) + sg->length - ctx->authsize,
1352  ctx->authsize);
1353 
1354  return ipsec_esp(edesc, req, 0, ipsec_esp_decrypt_swauth_done);
1355 }
1356 
1357 static int aead_givencrypt(struct aead_givcrypt_request *req)
1358 {
1359  struct aead_request *areq = &req->areq;
1360  struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
1361  struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1362  struct talitos_edesc *edesc;
1363 
1364  /* allocate extended descriptor */
1365  edesc = aead_edesc_alloc(areq, req->giv, 0);
1366  if (IS_ERR(edesc))
1367  return PTR_ERR(edesc);
1368 
1369  /* set encrypt */
1370  edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1371 
1372  memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc));
1373  /* avoid consecutive packets going out with same IV */
1374  *(__be64 *)req->giv ^= cpu_to_be64(req->seq);
1375 
1376  return ipsec_esp(edesc, areq, req->seq, ipsec_esp_encrypt_done);
1377 }
1378 
1379 static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
1380  const u8 *key, unsigned int keylen)
1381 {
1382  struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1383 
1384  memcpy(&ctx->key, key, keylen);
1385  ctx->keylen = keylen;
1386 
1387  return 0;
1388 }
1389 
1390 static void common_nonsnoop_unmap(struct device *dev,
1391  struct talitos_edesc *edesc,
1392  struct ablkcipher_request *areq)
1393 {
1394  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
1395  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
1396  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE);
1397 
1398  talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
1399 
1400  if (edesc->dma_len)
1401  dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
1403 }
1404 
1405 static void ablkcipher_done(struct device *dev,
1406  struct talitos_desc *desc, void *context,
1407  int err)
1408 {
1409  struct ablkcipher_request *areq = context;
1410  struct talitos_edesc *edesc;
1411 
1412  edesc = container_of(desc, struct talitos_edesc, desc);
1413 
1414  common_nonsnoop_unmap(dev, edesc, areq);
1415 
1416  kfree(edesc);
1417 
1418  areq->base.complete(&areq->base, err);
1419 }
1420 
1421 static int common_nonsnoop(struct talitos_edesc *edesc,
1422  struct ablkcipher_request *areq,
1423  void (*callback) (struct device *dev,
1424  struct talitos_desc *desc,
1425  void *context, int error))
1426 {
1427  struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1428  struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1429  struct device *dev = ctx->dev;
1430  struct talitos_desc *desc = &edesc->desc;
1431  unsigned int cryptlen = areq->nbytes;
1432  unsigned int ivsize = crypto_ablkcipher_ivsize(cipher);
1433  int sg_count, ret;
1434 
1435  /* first DWORD empty */
1436  desc->ptr[0].len = 0;
1437  to_talitos_ptr(&desc->ptr[0], 0);
1438  desc->ptr[0].j_extent = 0;
1439 
1440  /* cipher iv */
1441  to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
1442  desc->ptr[1].len = cpu_to_be16(ivsize);
1443  desc->ptr[1].j_extent = 0;
1444 
1445  /* cipher key */
1446  map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
1447  (char *)&ctx->key, 0, DMA_TO_DEVICE);
1448 
1449  /*
1450  * cipher in
1451  */
1452  desc->ptr[3].len = cpu_to_be16(cryptlen);
1453  desc->ptr[3].j_extent = 0;
1454 
1455  sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
1456  (areq->src == areq->dst) ? DMA_BIDIRECTIONAL
1457  : DMA_TO_DEVICE,
1458  edesc->src_chained);
1459 
1460  if (sg_count == 1) {
1461  to_talitos_ptr(&desc->ptr[3], sg_dma_address(areq->src));
1462  } else {
1463  sg_count = sg_to_link_tbl(areq->src, sg_count, cryptlen,
1464  &edesc->link_tbl[0]);
1465  if (sg_count > 1) {
1466  to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl);
1467  desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP;
1469  edesc->dma_len,
1471  } else {
1472  /* Only one segment now, so no link tbl needed */
1473  to_talitos_ptr(&desc->ptr[3],
1474  sg_dma_address(areq->src));
1475  }
1476  }
1477 
1478  /* cipher out */
1479  desc->ptr[4].len = cpu_to_be16(cryptlen);
1480  desc->ptr[4].j_extent = 0;
1481 
1482  if (areq->src != areq->dst)
1483  sg_count = talitos_map_sg(dev, areq->dst,
1484  edesc->dst_nents ? : 1,
1485  DMA_FROM_DEVICE, edesc->dst_chained);
1486 
1487  if (sg_count == 1) {
1488  to_talitos_ptr(&desc->ptr[4], sg_dma_address(areq->dst));
1489  } else {
1490  struct talitos_ptr *link_tbl_ptr =
1491  &edesc->link_tbl[edesc->src_nents + 1];
1492 
1493  to_talitos_ptr(&desc->ptr[4], edesc->dma_link_tbl +
1494  (edesc->src_nents + 1) *
1495  sizeof(struct talitos_ptr));
1496  desc->ptr[4].j_extent |= DESC_PTR_LNKTBL_JUMP;
1497  sg_count = sg_to_link_tbl(areq->dst, sg_count, cryptlen,
1498  link_tbl_ptr);
1500  edesc->dma_len, DMA_BIDIRECTIONAL);
1501  }
1502 
1503  /* iv out */
1504  map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv, 0,
1505  DMA_FROM_DEVICE);
1506 
1507  /* last DWORD empty */
1508  desc->ptr[6].len = 0;
1509  to_talitos_ptr(&desc->ptr[6], 0);
1510  desc->ptr[6].j_extent = 0;
1511 
1512  ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
1513  if (ret != -EINPROGRESS) {
1514  common_nonsnoop_unmap(dev, edesc, areq);
1515  kfree(edesc);
1516  }
1517  return ret;
1518 }
1519 
1520 static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request *
1521  areq)
1522 {
1523  struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1524  struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1525  unsigned int ivsize = crypto_ablkcipher_ivsize(cipher);
1526 
1527  return talitos_edesc_alloc(ctx->dev, NULL, areq->src, areq->dst,
1528  areq->info, 0, areq->nbytes, 0, ivsize, 0,
1529  areq->base.flags);
1530 }
1531 
1532 static int ablkcipher_encrypt(struct ablkcipher_request *areq)
1533 {
1534  struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1535  struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1536  struct talitos_edesc *edesc;
1537 
1538  /* allocate extended descriptor */
1539  edesc = ablkcipher_edesc_alloc(areq);
1540  if (IS_ERR(edesc))
1541  return PTR_ERR(edesc);
1542 
1543  /* set encrypt */
1544  edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1545 
1546  return common_nonsnoop(edesc, areq, ablkcipher_done);
1547 }
1548 
1549 static int ablkcipher_decrypt(struct ablkcipher_request *areq)
1550 {
1551  struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq);
1552  struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
1553  struct talitos_edesc *edesc;
1554 
1555  /* allocate extended descriptor */
1556  edesc = ablkcipher_edesc_alloc(areq);
1557  if (IS_ERR(edesc))
1558  return PTR_ERR(edesc);
1559 
1560  edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
1561 
1562  return common_nonsnoop(edesc, areq, ablkcipher_done);
1563 }
1564 
1565 static void common_nonsnoop_hash_unmap(struct device *dev,
1566  struct talitos_edesc *edesc,
1567  struct ahash_request *areq)
1568 {
1569  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1570 
1571  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
1572 
1573  /* When using hashctx-in, must unmap it. */
1574  if (edesc->desc.ptr[1].len)
1575  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1],
1576  DMA_TO_DEVICE);
1577 
1578  if (edesc->desc.ptr[2].len)
1579  unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2],
1580  DMA_TO_DEVICE);
1581 
1582  talitos_sg_unmap(dev, edesc, req_ctx->psrc, NULL);
1583 
1584  if (edesc->dma_len)
1585  dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
1587 
1588 }
1589 
1590 static void ahash_done(struct device *dev,
1591  struct talitos_desc *desc, void *context,
1592  int err)
1593 {
1594  struct ahash_request *areq = context;
1595  struct talitos_edesc *edesc =
1596  container_of(desc, struct talitos_edesc, desc);
1597  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1598 
1599  if (!req_ctx->last && req_ctx->to_hash_later) {
1600  /* Position any partial block for next update/final/finup */
1601  memcpy(req_ctx->buf, req_ctx->bufnext, req_ctx->to_hash_later);
1602  req_ctx->nbuf = req_ctx->to_hash_later;
1603  }
1604  common_nonsnoop_hash_unmap(dev, edesc, areq);
1605 
1606  kfree(edesc);
1607 
1608  areq->base.complete(&areq->base, err);
1609 }
1610 
1611 static int common_nonsnoop_hash(struct talitos_edesc *edesc,
1612  struct ahash_request *areq, unsigned int length,
1613  void (*callback) (struct device *dev,
1614  struct talitos_desc *desc,
1615  void *context, int error))
1616 {
1617  struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1618  struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1619  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1620  struct device *dev = ctx->dev;
1621  struct talitos_desc *desc = &edesc->desc;
1622  int sg_count, ret;
1623 
1624  /* first DWORD empty */
1625  desc->ptr[0] = zero_entry;
1626 
1627  /* hash context in */
1628  if (!req_ctx->first || req_ctx->swinit) {
1629  map_single_talitos_ptr(dev, &desc->ptr[1],
1630  req_ctx->hw_context_size,
1631  (char *)req_ctx->hw_context, 0,
1632  DMA_TO_DEVICE);
1633  req_ctx->swinit = 0;
1634  } else {
1635  desc->ptr[1] = zero_entry;
1636  /* Indicate next op is not the first. */
1637  req_ctx->first = 0;
1638  }
1639 
1640  /* HMAC key */
1641  if (ctx->keylen)
1642  map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
1643  (char *)&ctx->key, 0, DMA_TO_DEVICE);
1644  else
1645  desc->ptr[2] = zero_entry;
1646 
1647  /*
1648  * data in
1649  */
1650  desc->ptr[3].len = cpu_to_be16(length);
1651  desc->ptr[3].j_extent = 0;
1652 
1653  sg_count = talitos_map_sg(dev, req_ctx->psrc,
1654  edesc->src_nents ? : 1,
1655  DMA_TO_DEVICE, edesc->src_chained);
1656 
1657  if (sg_count == 1) {
1658  to_talitos_ptr(&desc->ptr[3], sg_dma_address(req_ctx->psrc));
1659  } else {
1660  sg_count = sg_to_link_tbl(req_ctx->psrc, sg_count, length,
1661  &edesc->link_tbl[0]);
1662  if (sg_count > 1) {
1663  desc->ptr[3].j_extent |= DESC_PTR_LNKTBL_JUMP;
1664  to_talitos_ptr(&desc->ptr[3], edesc->dma_link_tbl);
1666  edesc->dma_link_tbl,
1667  edesc->dma_len,
1669  } else {
1670  /* Only one segment now, so no link tbl needed */
1671  to_talitos_ptr(&desc->ptr[3],
1672  sg_dma_address(req_ctx->psrc));
1673  }
1674  }
1675 
1676  /* fifth DWORD empty */
1677  desc->ptr[4] = zero_entry;
1678 
1679  /* hash/HMAC out -or- hash context out */
1680  if (req_ctx->last)
1681  map_single_talitos_ptr(dev, &desc->ptr[5],
1682  crypto_ahash_digestsize(tfm),
1683  areq->result, 0, DMA_FROM_DEVICE);
1684  else
1685  map_single_talitos_ptr(dev, &desc->ptr[5],
1686  req_ctx->hw_context_size,
1687  req_ctx->hw_context, 0, DMA_FROM_DEVICE);
1688 
1689  /* last DWORD empty */
1690  desc->ptr[6] = zero_entry;
1691 
1692  ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
1693  if (ret != -EINPROGRESS) {
1694  common_nonsnoop_hash_unmap(dev, edesc, areq);
1695  kfree(edesc);
1696  }
1697  return ret;
1698 }
1699 
1700 static struct talitos_edesc *ahash_edesc_alloc(struct ahash_request *areq,
1701  unsigned int nbytes)
1702 {
1703  struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1704  struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1705  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1706 
1707  return talitos_edesc_alloc(ctx->dev, NULL, req_ctx->psrc, NULL, NULL, 0,
1708  nbytes, 0, 0, 0, areq->base.flags);
1709 }
1710 
1711 static int ahash_init(struct ahash_request *areq)
1712 {
1713  struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1714  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1715 
1716  /* Initialize the context */
1717  req_ctx->nbuf = 0;
1718  req_ctx->first = 1; /* first indicates h/w must init its context */
1719  req_ctx->swinit = 0; /* assume h/w init of context */
1720  req_ctx->hw_context_size =
1721  (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE)
1724 
1725  return 0;
1726 }
1727 
1728 /*
1729  * on h/w without explicit sha224 support, we initialize h/w context
1730  * manually with sha224 constants, and tell it to run sha256.
1731  */
1732 static int ahash_init_sha224_swinit(struct ahash_request *areq)
1733 {
1734  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1735 
1736  ahash_init(areq);
1737  req_ctx->swinit = 1;/* prevent h/w initting context with sha256 values*/
1738 
1739  req_ctx->hw_context[0] = SHA224_H0;
1740  req_ctx->hw_context[1] = SHA224_H1;
1741  req_ctx->hw_context[2] = SHA224_H2;
1742  req_ctx->hw_context[3] = SHA224_H3;
1743  req_ctx->hw_context[4] = SHA224_H4;
1744  req_ctx->hw_context[5] = SHA224_H5;
1745  req_ctx->hw_context[6] = SHA224_H6;
1746  req_ctx->hw_context[7] = SHA224_H7;
1747 
1748  /* init 64-bit count */
1749  req_ctx->hw_context[8] = 0;
1750  req_ctx->hw_context[9] = 0;
1751 
1752  return 0;
1753 }
1754 
1755 static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
1756 {
1757  struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1758  struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1759  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1760  struct talitos_edesc *edesc;
1761  unsigned int blocksize =
1762  crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
1763  unsigned int nbytes_to_hash;
1764  unsigned int to_hash_later;
1765  unsigned int nsg;
1766  bool chained;
1767 
1768  if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) {
1769  /* Buffer up to one whole block */
1770  sg_copy_to_buffer(areq->src,
1771  sg_count(areq->src, nbytes, &chained),
1772  req_ctx->buf + req_ctx->nbuf, nbytes);
1773  req_ctx->nbuf += nbytes;
1774  return 0;
1775  }
1776 
1777  /* At least (blocksize + 1) bytes are available to hash */
1778  nbytes_to_hash = nbytes + req_ctx->nbuf;
1779  to_hash_later = nbytes_to_hash & (blocksize - 1);
1780 
1781  if (req_ctx->last)
1782  to_hash_later = 0;
1783  else if (to_hash_later)
1784  /* There is a partial block. Hash the full block(s) now */
1785  nbytes_to_hash -= to_hash_later;
1786  else {
1787  /* Keep one block buffered */
1788  nbytes_to_hash -= blocksize;
1789  to_hash_later = blocksize;
1790  }
1791 
1792  /* Chain in any previously buffered data */
1793  if (req_ctx->nbuf) {
1794  nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
1795  sg_init_table(req_ctx->bufsl, nsg);
1796  sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
1797  if (nsg > 1)
1798  scatterwalk_sg_chain(req_ctx->bufsl, 2, areq->src);
1799  req_ctx->psrc = req_ctx->bufsl;
1800  } else
1801  req_ctx->psrc = areq->src;
1802 
1803  if (to_hash_later) {
1804  int nents = sg_count(areq->src, nbytes, &chained);
1805  sg_copy_end_to_buffer(areq->src, nents,
1806  req_ctx->bufnext,
1807  to_hash_later,
1808  nbytes - to_hash_later);
1809  }
1810  req_ctx->to_hash_later = to_hash_later;
1811 
1812  /* Allocate extended descriptor */
1813  edesc = ahash_edesc_alloc(areq, nbytes_to_hash);
1814  if (IS_ERR(edesc))
1815  return PTR_ERR(edesc);
1816 
1817  edesc->desc.hdr = ctx->desc_hdr_template;
1818 
1819  /* On last one, request SEC to pad; otherwise continue */
1820  if (req_ctx->last)
1821  edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_PAD;
1822  else
1823  edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_CONT;
1824 
1825  /* request SEC to INIT hash. */
1826  if (req_ctx->first && !req_ctx->swinit)
1827  edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_INIT;
1828 
1829  /* When the tfm context has a keylen, it's an HMAC.
1830  * A first or last (ie. not middle) descriptor must request HMAC.
1831  */
1832  if (ctx->keylen && (req_ctx->first || req_ctx->last))
1833  edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_HMAC;
1834 
1835  return common_nonsnoop_hash(edesc, areq, nbytes_to_hash,
1836  ahash_done);
1837 }
1838 
1839 static int ahash_update(struct ahash_request *areq)
1840 {
1841  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1842 
1843  req_ctx->last = 0;
1844 
1845  return ahash_process_req(areq, areq->nbytes);
1846 }
1847 
1848 static int ahash_final(struct ahash_request *areq)
1849 {
1850  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1851 
1852  req_ctx->last = 1;
1853 
1854  return ahash_process_req(areq, 0);
1855 }
1856 
1857 static int ahash_finup(struct ahash_request *areq)
1858 {
1859  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1860 
1861  req_ctx->last = 1;
1862 
1863  return ahash_process_req(areq, areq->nbytes);
1864 }
1865 
1866 static int ahash_digest(struct ahash_request *areq)
1867 {
1868  struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1869  struct crypto_ahash *ahash = crypto_ahash_reqtfm(areq);
1870 
1871  ahash->init(areq);
1872  req_ctx->last = 1;
1873 
1874  return ahash_process_req(areq, areq->nbytes);
1875 }
1876 
1879  int err;
1880 };
1881 
1882 static void keyhash_complete(struct crypto_async_request *req, int err)
1883 {
1884  struct keyhash_result *res = req->data;
1885 
1886  if (err == -EINPROGRESS)
1887  return;
1888 
1889  res->err = err;
1890  complete(&res->completion);
1891 }
1892 
1893 static int keyhash(struct crypto_ahash *tfm, const u8 *key, unsigned int keylen,
1894  u8 *hash)
1895 {
1896  struct talitos_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm));
1897 
1898  struct scatterlist sg[1];
1899  struct ahash_request *req;
1900  struct keyhash_result hresult;
1901  int ret;
1902 
1903  init_completion(&hresult.completion);
1904 
1905  req = ahash_request_alloc(tfm, GFP_KERNEL);
1906  if (!req)
1907  return -ENOMEM;
1908 
1909  /* Keep tfm keylen == 0 during hash of the long key */
1910  ctx->keylen = 0;
1911  ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1912  keyhash_complete, &hresult);
1913 
1914  sg_init_one(&sg[0], key, keylen);
1915 
1916  ahash_request_set_crypt(req, sg, hash, keylen);
1917  ret = crypto_ahash_digest(req);
1918  switch (ret) {
1919  case 0:
1920  break;
1921  case -EINPROGRESS:
1922  case -EBUSY:
1924  &hresult.completion);
1925  if (!ret)
1926  ret = hresult.err;
1927  break;
1928  default:
1929  break;
1930  }
1931  ahash_request_free(req);
1932 
1933  return ret;
1934 }
1935 
1936 static int ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
1937  unsigned int keylen)
1938 {
1939  struct talitos_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm));
1940  unsigned int blocksize =
1941  crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
1942  unsigned int digestsize = crypto_ahash_digestsize(tfm);
1943  unsigned int keysize = keylen;
1944  u8 hash[SHA512_DIGEST_SIZE];
1945  int ret;
1946 
1947  if (keylen <= blocksize)
1948  memcpy(ctx->key, key, keysize);
1949  else {
1950  /* Must get the hash of the long key */
1951  ret = keyhash(tfm, key, keylen, hash);
1952 
1953  if (ret) {
1954  crypto_ahash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
1955  return -EINVAL;
1956  }
1957 
1958  keysize = digestsize;
1959  memcpy(ctx->key, hash, digestsize);
1960  }
1961 
1962  ctx->keylen = keysize;
1963 
1964  return 0;
1965 }
1966 
1967 
1970  union {
1972  struct ahash_alg hash;
1973  } alg;
1975 };
1976 
1977 static struct talitos_alg_template driver_algs[] = {
1978  /*
1979  * AEAD algorithms. These use a single-pass ipsec_esp descriptor.
1980  * authencesn(*,*) is also registered, although not present
1981  * explicitly here.
1982  */
1983  { .type = CRYPTO_ALG_TYPE_AEAD,
1984  .alg.crypto = {
1985  .cra_name = "authenc(hmac(sha1),cbc(aes))",
1986  .cra_driver_name = "authenc-hmac-sha1-cbc-aes-talitos",
1987  .cra_blocksize = AES_BLOCK_SIZE,
1988  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
1989  .cra_aead = {
1990  .ivsize = AES_BLOCK_SIZE,
1991  .maxauthsize = SHA1_DIGEST_SIZE,
1992  }
1993  },
1994  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2001  },
2002  { .type = CRYPTO_ALG_TYPE_AEAD,
2003  .alg.crypto = {
2004  .cra_name = "authenc(hmac(sha1),cbc(des3_ede))",
2005  .cra_driver_name = "authenc-hmac-sha1-cbc-3des-talitos",
2006  .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2007  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2008  .cra_aead = {
2009  .ivsize = DES3_EDE_BLOCK_SIZE,
2010  .maxauthsize = SHA1_DIGEST_SIZE,
2011  }
2012  },
2013  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2021  },
2022  { .type = CRYPTO_ALG_TYPE_AEAD,
2023  .alg.crypto = {
2024  .cra_name = "authenc(hmac(sha224),cbc(aes))",
2025  .cra_driver_name = "authenc-hmac-sha224-cbc-aes-talitos",
2026  .cra_blocksize = AES_BLOCK_SIZE,
2027  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2028  .cra_aead = {
2029  .ivsize = AES_BLOCK_SIZE,
2030  .maxauthsize = SHA224_DIGEST_SIZE,
2031  }
2032  },
2033  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2040  },
2041  { .type = CRYPTO_ALG_TYPE_AEAD,
2042  .alg.crypto = {
2043  .cra_name = "authenc(hmac(sha224),cbc(des3_ede))",
2044  .cra_driver_name = "authenc-hmac-sha224-cbc-3des-talitos",
2045  .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2046  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2047  .cra_aead = {
2048  .ivsize = DES3_EDE_BLOCK_SIZE,
2049  .maxauthsize = SHA224_DIGEST_SIZE,
2050  }
2051  },
2052  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2060  },
2061  { .type = CRYPTO_ALG_TYPE_AEAD,
2062  .alg.crypto = {
2063  .cra_name = "authenc(hmac(sha256),cbc(aes))",
2064  .cra_driver_name = "authenc-hmac-sha256-cbc-aes-talitos",
2065  .cra_blocksize = AES_BLOCK_SIZE,
2066  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2067  .cra_aead = {
2068  .ivsize = AES_BLOCK_SIZE,
2069  .maxauthsize = SHA256_DIGEST_SIZE,
2070  }
2071  },
2072  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2079  },
2080  { .type = CRYPTO_ALG_TYPE_AEAD,
2081  .alg.crypto = {
2082  .cra_name = "authenc(hmac(sha256),cbc(des3_ede))",
2083  .cra_driver_name = "authenc-hmac-sha256-cbc-3des-talitos",
2084  .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2085  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2086  .cra_aead = {
2087  .ivsize = DES3_EDE_BLOCK_SIZE,
2088  .maxauthsize = SHA256_DIGEST_SIZE,
2089  }
2090  },
2091  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2099  },
2100  { .type = CRYPTO_ALG_TYPE_AEAD,
2101  .alg.crypto = {
2102  .cra_name = "authenc(hmac(sha384),cbc(aes))",
2103  .cra_driver_name = "authenc-hmac-sha384-cbc-aes-talitos",
2104  .cra_blocksize = AES_BLOCK_SIZE,
2105  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2106  .cra_aead = {
2107  .ivsize = AES_BLOCK_SIZE,
2108  .maxauthsize = SHA384_DIGEST_SIZE,
2109  }
2110  },
2111  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2118  },
2119  { .type = CRYPTO_ALG_TYPE_AEAD,
2120  .alg.crypto = {
2121  .cra_name = "authenc(hmac(sha384),cbc(des3_ede))",
2122  .cra_driver_name = "authenc-hmac-sha384-cbc-3des-talitos",
2123  .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2124  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2125  .cra_aead = {
2126  .ivsize = DES3_EDE_BLOCK_SIZE,
2127  .maxauthsize = SHA384_DIGEST_SIZE,
2128  }
2129  },
2130  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2138  },
2139  { .type = CRYPTO_ALG_TYPE_AEAD,
2140  .alg.crypto = {
2141  .cra_name = "authenc(hmac(sha512),cbc(aes))",
2142  .cra_driver_name = "authenc-hmac-sha512-cbc-aes-talitos",
2143  .cra_blocksize = AES_BLOCK_SIZE,
2144  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2145  .cra_aead = {
2146  .ivsize = AES_BLOCK_SIZE,
2147  .maxauthsize = SHA512_DIGEST_SIZE,
2148  }
2149  },
2150  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2157  },
2158  { .type = CRYPTO_ALG_TYPE_AEAD,
2159  .alg.crypto = {
2160  .cra_name = "authenc(hmac(sha512),cbc(des3_ede))",
2161  .cra_driver_name = "authenc-hmac-sha512-cbc-3des-talitos",
2162  .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2163  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2164  .cra_aead = {
2165  .ivsize = DES3_EDE_BLOCK_SIZE,
2166  .maxauthsize = SHA512_DIGEST_SIZE,
2167  }
2168  },
2169  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2177  },
2178  { .type = CRYPTO_ALG_TYPE_AEAD,
2179  .alg.crypto = {
2180  .cra_name = "authenc(hmac(md5),cbc(aes))",
2181  .cra_driver_name = "authenc-hmac-md5-cbc-aes-talitos",
2182  .cra_blocksize = AES_BLOCK_SIZE,
2183  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2184  .cra_aead = {
2185  .ivsize = AES_BLOCK_SIZE,
2186  .maxauthsize = MD5_DIGEST_SIZE,
2187  }
2188  },
2189  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2196  },
2197  { .type = CRYPTO_ALG_TYPE_AEAD,
2198  .alg.crypto = {
2199  .cra_name = "authenc(hmac(md5),cbc(des3_ede))",
2200  .cra_driver_name = "authenc-hmac-md5-cbc-3des-talitos",
2201  .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2202  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
2203  .cra_aead = {
2204  .ivsize = DES3_EDE_BLOCK_SIZE,
2205  .maxauthsize = MD5_DIGEST_SIZE,
2206  }
2207  },
2208  .desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2216  },
2217  /* ABLKCIPHER algorithms. */
2218  { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
2219  .alg.crypto = {
2220  .cra_name = "cbc(aes)",
2221  .cra_driver_name = "cbc-aes-talitos",
2222  .cra_blocksize = AES_BLOCK_SIZE,
2223  .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
2225  .cra_ablkcipher = {
2226  .min_keysize = AES_MIN_KEY_SIZE,
2227  .max_keysize = AES_MAX_KEY_SIZE,
2228  .ivsize = AES_BLOCK_SIZE,
2229  }
2230  },
2231  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2234  },
2235  { .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
2236  .alg.crypto = {
2237  .cra_name = "cbc(des3_ede)",
2238  .cra_driver_name = "cbc-3des-talitos",
2239  .cra_blocksize = DES3_EDE_BLOCK_SIZE,
2240  .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
2242  .cra_ablkcipher = {
2243  .min_keysize = DES3_EDE_KEY_SIZE,
2244  .max_keysize = DES3_EDE_KEY_SIZE,
2245  .ivsize = DES3_EDE_BLOCK_SIZE,
2246  }
2247  },
2248  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2252  },
2253  /* AHASH algorithms. */
2254  { .type = CRYPTO_ALG_TYPE_AHASH,
2255  .alg.hash = {
2256  .halg.digestsize = MD5_DIGEST_SIZE,
2257  .halg.base = {
2258  .cra_name = "md5",
2259  .cra_driver_name = "md5-talitos",
2260  .cra_blocksize = MD5_BLOCK_SIZE,
2261  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2263  }
2264  },
2265  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2268  },
2269  { .type = CRYPTO_ALG_TYPE_AHASH,
2270  .alg.hash = {
2271  .halg.digestsize = SHA1_DIGEST_SIZE,
2272  .halg.base = {
2273  .cra_name = "sha1",
2274  .cra_driver_name = "sha1-talitos",
2275  .cra_blocksize = SHA1_BLOCK_SIZE,
2276  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2278  }
2279  },
2280  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2283  },
2284  { .type = CRYPTO_ALG_TYPE_AHASH,
2285  .alg.hash = {
2286  .halg.digestsize = SHA224_DIGEST_SIZE,
2287  .halg.base = {
2288  .cra_name = "sha224",
2289  .cra_driver_name = "sha224-talitos",
2290  .cra_blocksize = SHA224_BLOCK_SIZE,
2291  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2293  }
2294  },
2295  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2298  },
2299  { .type = CRYPTO_ALG_TYPE_AHASH,
2300  .alg.hash = {
2301  .halg.digestsize = SHA256_DIGEST_SIZE,
2302  .halg.base = {
2303  .cra_name = "sha256",
2304  .cra_driver_name = "sha256-talitos",
2305  .cra_blocksize = SHA256_BLOCK_SIZE,
2306  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2308  }
2309  },
2310  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2313  },
2314  { .type = CRYPTO_ALG_TYPE_AHASH,
2315  .alg.hash = {
2316  .halg.digestsize = SHA384_DIGEST_SIZE,
2317  .halg.base = {
2318  .cra_name = "sha384",
2319  .cra_driver_name = "sha384-talitos",
2320  .cra_blocksize = SHA384_BLOCK_SIZE,
2321  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2323  }
2324  },
2325  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2328  },
2329  { .type = CRYPTO_ALG_TYPE_AHASH,
2330  .alg.hash = {
2331  .halg.digestsize = SHA512_DIGEST_SIZE,
2332  .halg.base = {
2333  .cra_name = "sha512",
2334  .cra_driver_name = "sha512-talitos",
2335  .cra_blocksize = SHA512_BLOCK_SIZE,
2336  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2338  }
2339  },
2340  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2343  },
2344  { .type = CRYPTO_ALG_TYPE_AHASH,
2345  .alg.hash = {
2346  .halg.digestsize = MD5_DIGEST_SIZE,
2347  .halg.base = {
2348  .cra_name = "hmac(md5)",
2349  .cra_driver_name = "hmac-md5-talitos",
2350  .cra_blocksize = MD5_BLOCK_SIZE,
2351  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2353  }
2354  },
2355  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2358  },
2359  { .type = CRYPTO_ALG_TYPE_AHASH,
2360  .alg.hash = {
2361  .halg.digestsize = SHA1_DIGEST_SIZE,
2362  .halg.base = {
2363  .cra_name = "hmac(sha1)",
2364  .cra_driver_name = "hmac-sha1-talitos",
2365  .cra_blocksize = SHA1_BLOCK_SIZE,
2366  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2368  }
2369  },
2370  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2373  },
2374  { .type = CRYPTO_ALG_TYPE_AHASH,
2375  .alg.hash = {
2376  .halg.digestsize = SHA224_DIGEST_SIZE,
2377  .halg.base = {
2378  .cra_name = "hmac(sha224)",
2379  .cra_driver_name = "hmac-sha224-talitos",
2380  .cra_blocksize = SHA224_BLOCK_SIZE,
2381  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2383  }
2384  },
2385  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2388  },
2389  { .type = CRYPTO_ALG_TYPE_AHASH,
2390  .alg.hash = {
2391  .halg.digestsize = SHA256_DIGEST_SIZE,
2392  .halg.base = {
2393  .cra_name = "hmac(sha256)",
2394  .cra_driver_name = "hmac-sha256-talitos",
2395  .cra_blocksize = SHA256_BLOCK_SIZE,
2396  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2398  }
2399  },
2400  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2403  },
2404  { .type = CRYPTO_ALG_TYPE_AHASH,
2405  .alg.hash = {
2406  .halg.digestsize = SHA384_DIGEST_SIZE,
2407  .halg.base = {
2408  .cra_name = "hmac(sha384)",
2409  .cra_driver_name = "hmac-sha384-talitos",
2410  .cra_blocksize = SHA384_BLOCK_SIZE,
2411  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2413  }
2414  },
2415  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2418  },
2419  { .type = CRYPTO_ALG_TYPE_AHASH,
2420  .alg.hash = {
2421  .halg.digestsize = SHA512_DIGEST_SIZE,
2422  .halg.base = {
2423  .cra_name = "hmac(sha512)",
2424  .cra_driver_name = "hmac-sha512-talitos",
2425  .cra_blocksize = SHA512_BLOCK_SIZE,
2426  .cra_flags = CRYPTO_ALG_TYPE_AHASH |
2428  }
2429  },
2430  .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2433  }
2434 };
2435 
2438  struct device *dev;
2440 };
2441 
2442 static int talitos_cra_init(struct crypto_tfm *tfm)
2443 {
2444  struct crypto_alg *alg = tfm->__crt_alg;
2445  struct talitos_crypto_alg *talitos_alg;
2446  struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
2447  struct talitos_private *priv;
2448 
2450  talitos_alg = container_of(__crypto_ahash_alg(alg),
2451  struct talitos_crypto_alg,
2452  algt.alg.hash);
2453  else
2454  talitos_alg = container_of(alg, struct talitos_crypto_alg,
2455  algt.alg.crypto);
2456 
2457  /* update context with ptr to dev */
2458  ctx->dev = talitos_alg->dev;
2459 
2460  /* assign SEC channel to tfm in round-robin fashion */
2461  priv = dev_get_drvdata(ctx->dev);
2462  ctx->ch = atomic_inc_return(&priv->last_chan) &
2463  (priv->num_channels - 1);
2464 
2465  /* copy descriptor header template value */
2466  ctx->desc_hdr_template = talitos_alg->algt.desc_hdr_template;
2467 
2468  /* select done notification */
2470 
2471  return 0;
2472 }
2473 
2474 static int talitos_cra_init_aead(struct crypto_tfm *tfm)
2475 {
2476  struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
2477 
2478  talitos_cra_init(tfm);
2479 
2480  /* random first IV */
2482 
2483  return 0;
2484 }
2485 
2486 static int talitos_cra_init_ahash(struct crypto_tfm *tfm)
2487 {
2488  struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
2489 
2490  talitos_cra_init(tfm);
2491 
2492  ctx->keylen = 0;
2493  crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
2494  sizeof(struct talitos_ahash_req_ctx));
2495 
2496  return 0;
2497 }
2498 
2499 /*
2500  * given the alg's descriptor header template, determine whether descriptor
2501  * type and primary/secondary execution units required match the hw
2502  * capabilities description provided in the device tree node.
2503  */
2504 static int hw_supports(struct device *dev, __be32 desc_hdr_template)
2505 {
2506  struct talitos_private *priv = dev_get_drvdata(dev);
2507  int ret;
2508 
2509  ret = (1 << DESC_TYPE(desc_hdr_template) & priv->desc_types) &&
2510  (1 << PRIMARY_EU(desc_hdr_template) & priv->exec_units);
2511 
2512  if (SECONDARY_EU(desc_hdr_template))
2513  ret = ret && (1 << SECONDARY_EU(desc_hdr_template)
2514  & priv->exec_units);
2515 
2516  return ret;
2517 }
2518 
2519 static int talitos_remove(struct platform_device *ofdev)
2520 {
2521  struct device *dev = &ofdev->dev;
2522  struct talitos_private *priv = dev_get_drvdata(dev);
2523  struct talitos_crypto_alg *t_alg, *n;
2524  int i;
2525 
2526  list_for_each_entry_safe(t_alg, n, &priv->alg_list, entry) {
2527  switch (t_alg->algt.type) {
2529  case CRYPTO_ALG_TYPE_AEAD:
2530  crypto_unregister_alg(&t_alg->algt.alg.crypto);
2531  break;
2532  case CRYPTO_ALG_TYPE_AHASH:
2533  crypto_unregister_ahash(&t_alg->algt.alg.hash);
2534  break;
2535  }
2536  list_del(&t_alg->entry);
2537  kfree(t_alg);
2538  }
2539 
2540  if (hw_supports(dev, DESC_HDR_SEL0_RNG))
2541  talitos_unregister_rng(dev);
2542 
2543  for (i = 0; i < priv->num_channels; i++)
2544  kfree(priv->chan[i].fifo);
2545 
2546  kfree(priv->chan);
2547 
2548  for (i = 0; i < 2; i++)
2549  if (priv->irq[i]) {
2550  free_irq(priv->irq[i], dev);
2551  irq_dispose_mapping(priv->irq[i]);
2552  }
2553 
2554  tasklet_kill(&priv->done_task[0]);
2555  if (priv->irq[1])
2556  tasklet_kill(&priv->done_task[1]);
2557 
2558  iounmap(priv->reg);
2559 
2560  dev_set_drvdata(dev, NULL);
2561 
2562  kfree(priv);
2563 
2564  return 0;
2565 }
2566 
2567 static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev,
2568  struct talitos_alg_template
2569  *template)
2570 {
2571  struct talitos_private *priv = dev_get_drvdata(dev);
2572  struct talitos_crypto_alg *t_alg;
2573  struct crypto_alg *alg;
2574 
2575  t_alg = kzalloc(sizeof(struct talitos_crypto_alg), GFP_KERNEL);
2576  if (!t_alg)
2577  return ERR_PTR(-ENOMEM);
2578 
2579  t_alg->algt = *template;
2580 
2581  switch (t_alg->algt.type) {
2583  alg = &t_alg->algt.alg.crypto;
2584  alg->cra_init = talitos_cra_init;
2586  alg->cra_ablkcipher.setkey = ablkcipher_setkey;
2587  alg->cra_ablkcipher.encrypt = ablkcipher_encrypt;
2588  alg->cra_ablkcipher.decrypt = ablkcipher_decrypt;
2589  alg->cra_ablkcipher.geniv = "eseqiv";
2590  break;
2591  case CRYPTO_ALG_TYPE_AEAD:
2592  alg = &t_alg->algt.alg.crypto;
2593  alg->cra_init = talitos_cra_init_aead;
2594  alg->cra_type = &crypto_aead_type;
2595  alg->cra_aead.setkey = aead_setkey;
2596  alg->cra_aead.setauthsize = aead_setauthsize;
2597  alg->cra_aead.encrypt = aead_encrypt;
2598  alg->cra_aead.decrypt = aead_decrypt;
2599  alg->cra_aead.givencrypt = aead_givencrypt;
2600  alg->cra_aead.geniv = "<built-in>";
2601  break;
2602  case CRYPTO_ALG_TYPE_AHASH:
2603  alg = &t_alg->algt.alg.hash.halg.base;
2604  alg->cra_init = talitos_cra_init_ahash;
2605  alg->cra_type = &crypto_ahash_type;
2606  t_alg->algt.alg.hash.init = ahash_init;
2607  t_alg->algt.alg.hash.update = ahash_update;
2608  t_alg->algt.alg.hash.final = ahash_final;
2609  t_alg->algt.alg.hash.finup = ahash_finup;
2610  t_alg->algt.alg.hash.digest = ahash_digest;
2611  t_alg->algt.alg.hash.setkey = ahash_setkey;
2612 
2613  if (!(priv->features & TALITOS_FTR_HMAC_OK) &&
2614  !strncmp(alg->cra_name, "hmac", 4)) {
2615  kfree(t_alg);
2616  return ERR_PTR(-ENOTSUPP);
2617  }
2618  if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) &&
2619  (!strcmp(alg->cra_name, "sha224") ||
2620  !strcmp(alg->cra_name, "hmac(sha224)"))) {
2621  t_alg->algt.alg.hash.init = ahash_init_sha224_swinit;
2622  t_alg->algt.desc_hdr_template =
2626  }
2627  break;
2628  default:
2629  dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type);
2630  return ERR_PTR(-EINVAL);
2631  }
2632 
2633  alg->cra_module = THIS_MODULE;
2635  alg->cra_alignmask = 0;
2636  alg->cra_ctxsize = sizeof(struct talitos_ctx);
2638 
2639  t_alg->dev = dev;
2640 
2641  return t_alg;
2642 }
2643 
2644 static int talitos_probe_irq(struct platform_device *ofdev)
2645 {
2646  struct device *dev = &ofdev->dev;
2647  struct device_node *np = ofdev->dev.of_node;
2648  struct talitos_private *priv = dev_get_drvdata(dev);
2649  int err;
2650 
2651  priv->irq[0] = irq_of_parse_and_map(np, 0);
2652  if (!priv->irq[0]) {
2653  dev_err(dev, "failed to map irq\n");
2654  return -EINVAL;
2655  }
2656 
2657  priv->irq[1] = irq_of_parse_and_map(np, 1);
2658 
2659  /* get the primary irq line */
2660  if (!priv->irq[1]) {
2661  err = request_irq(priv->irq[0], talitos_interrupt_4ch, 0,
2662  dev_driver_string(dev), dev);
2663  goto primary_out;
2664  }
2665 
2666  err = request_irq(priv->irq[0], talitos_interrupt_ch0_2, 0,
2667  dev_driver_string(dev), dev);
2668  if (err)
2669  goto primary_out;
2670 
2671  /* get the secondary irq line */
2672  err = request_irq(priv->irq[1], talitos_interrupt_ch1_3, 0,
2673  dev_driver_string(dev), dev);
2674  if (err) {
2675  dev_err(dev, "failed to request secondary irq\n");
2676  irq_dispose_mapping(priv->irq[1]);
2677  priv->irq[1] = 0;
2678  }
2679 
2680  return err;
2681 
2682 primary_out:
2683  if (err) {
2684  dev_err(dev, "failed to request primary irq\n");
2685  irq_dispose_mapping(priv->irq[0]);
2686  priv->irq[0] = 0;
2687  }
2688 
2689  return err;
2690 }
2691 
2692 static int talitos_probe(struct platform_device *ofdev)
2693 {
2694  struct device *dev = &ofdev->dev;
2695  struct device_node *np = ofdev->dev.of_node;
2696  struct talitos_private *priv;
2697  const unsigned int *prop;
2698  int i, err;
2699 
2700  priv = kzalloc(sizeof(struct talitos_private), GFP_KERNEL);
2701  if (!priv)
2702  return -ENOMEM;
2703 
2704  dev_set_drvdata(dev, priv);
2705 
2706  priv->ofdev = ofdev;
2707 
2708  spin_lock_init(&priv->reg_lock);
2709 
2710  err = talitos_probe_irq(ofdev);
2711  if (err)
2712  goto err_out;
2713 
2714  if (!priv->irq[1]) {
2715  tasklet_init(&priv->done_task[0], talitos_done_4ch,
2716  (unsigned long)dev);
2717  } else {
2718  tasklet_init(&priv->done_task[0], talitos_done_ch0_2,
2719  (unsigned long)dev);
2720  tasklet_init(&priv->done_task[1], talitos_done_ch1_3,
2721  (unsigned long)dev);
2722  }
2723 
2724  INIT_LIST_HEAD(&priv->alg_list);
2725 
2726  priv->reg = of_iomap(np, 0);
2727  if (!priv->reg) {
2728  dev_err(dev, "failed to of_iomap\n");
2729  err = -ENOMEM;
2730  goto err_out;
2731  }
2732 
2733  /* get SEC version capabilities from device tree */
2734  prop = of_get_property(np, "fsl,num-channels", NULL);
2735  if (prop)
2736  priv->num_channels = *prop;
2737 
2738  prop = of_get_property(np, "fsl,channel-fifo-len", NULL);
2739  if (prop)
2740  priv->chfifo_len = *prop;
2741 
2742  prop = of_get_property(np, "fsl,exec-units-mask", NULL);
2743  if (prop)
2744  priv->exec_units = *prop;
2745 
2746  prop = of_get_property(np, "fsl,descriptor-types-mask", NULL);
2747  if (prop)
2748  priv->desc_types = *prop;
2749 
2750  if (!is_power_of_2(priv->num_channels) || !priv->chfifo_len ||
2751  !priv->exec_units || !priv->desc_types) {
2752  dev_err(dev, "invalid property data in device tree node\n");
2753  err = -EINVAL;
2754  goto err_out;
2755  }
2756 
2757  if (of_device_is_compatible(np, "fsl,sec3.0"))
2759 
2760  if (of_device_is_compatible(np, "fsl,sec2.1"))
2764 
2765  priv->chan = kzalloc(sizeof(struct talitos_channel) *
2766  priv->num_channels, GFP_KERNEL);
2767  if (!priv->chan) {
2768  dev_err(dev, "failed to allocate channel management space\n");
2769  err = -ENOMEM;
2770  goto err_out;
2771  }
2772 
2773  for (i = 0; i < priv->num_channels; i++) {
2774  priv->chan[i].reg = priv->reg + TALITOS_CH_STRIDE * (i + 1);
2775  if (!priv->irq[1] || !(i & 1))
2776  priv->chan[i].reg += TALITOS_CH_BASE_OFFSET;
2777  }
2778 
2779  for (i = 0; i < priv->num_channels; i++) {
2780  spin_lock_init(&priv->chan[i].head_lock);
2781  spin_lock_init(&priv->chan[i].tail_lock);
2782  }
2783 
2784  priv->fifo_len = roundup_pow_of_two(priv->chfifo_len);
2785 
2786  for (i = 0; i < priv->num_channels; i++) {
2787  priv->chan[i].fifo = kzalloc(sizeof(struct talitos_request) *
2788  priv->fifo_len, GFP_KERNEL);
2789  if (!priv->chan[i].fifo) {
2790  dev_err(dev, "failed to allocate request fifo %d\n", i);
2791  err = -ENOMEM;
2792  goto err_out;
2793  }
2794  }
2795 
2796  for (i = 0; i < priv->num_channels; i++)
2797  atomic_set(&priv->chan[i].submit_count,
2798  -(priv->chfifo_len - 1));
2799 
2800  dma_set_mask(dev, DMA_BIT_MASK(36));
2801 
2802  /* reset and initialize the h/w */
2803  err = init_device(dev);
2804  if (err) {
2805  dev_err(dev, "failed to initialize device\n");
2806  goto err_out;
2807  }
2808 
2809  /* register the RNG, if available */
2810  if (hw_supports(dev, DESC_HDR_SEL0_RNG)) {
2811  err = talitos_register_rng(dev);
2812  if (err) {
2813  dev_err(dev, "failed to register hwrng: %d\n", err);
2814  goto err_out;
2815  } else
2816  dev_info(dev, "hwrng\n");
2817  }
2818 
2819  /* register crypto algorithms the device supports */
2820  for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {
2821  if (hw_supports(dev, driver_algs[i].desc_hdr_template)) {
2822  struct talitos_crypto_alg *t_alg;
2823  char *name = NULL;
2824  bool authenc = false;
2825 
2826 authencesn:
2827  t_alg = talitos_alg_alloc(dev, &driver_algs[i]);
2828  if (IS_ERR(t_alg)) {
2829  err = PTR_ERR(t_alg);
2830  if (err == -ENOTSUPP)
2831  continue;
2832  goto err_out;
2833  }
2834 
2835  switch (t_alg->algt.type) {
2837  case CRYPTO_ALG_TYPE_AEAD:
2838  err = crypto_register_alg(
2839  &t_alg->algt.alg.crypto);
2840  name = t_alg->algt.alg.crypto.cra_driver_name;
2841  authenc = authenc ? !authenc :
2842  !(bool)memcmp(name, "authenc", 7);
2843  break;
2844  case CRYPTO_ALG_TYPE_AHASH:
2845  err = crypto_register_ahash(
2846  &t_alg->algt.alg.hash);
2847  name =
2848  t_alg->algt.alg.hash.halg.base.cra_driver_name;
2849  break;
2850  }
2851  if (err) {
2852  dev_err(dev, "%s alg registration failed\n",
2853  name);
2854  kfree(t_alg);
2855  } else {
2856  list_add_tail(&t_alg->entry, &priv->alg_list);
2857  if (authenc) {
2858  struct crypto_alg *alg =
2859  &driver_algs[i].alg.crypto;
2860 
2861  name = alg->cra_name;
2862  memmove(name + 10, name + 7,
2863  strlen(name) - 7);
2864  memcpy(name + 7, "esn", 3);
2865 
2866  name = alg->cra_driver_name;
2867  memmove(name + 10, name + 7,
2868  strlen(name) - 7);
2869  memcpy(name + 7, "esn", 3);
2870 
2871  goto authencesn;
2872  }
2873  }
2874  }
2875  }
2876  if (!list_empty(&priv->alg_list))
2877  dev_info(dev, "%s algorithms registered in /proc/crypto\n",
2878  (char *)of_get_property(np, "compatible", NULL));
2879 
2880  return 0;
2881 
2882 err_out:
2883  talitos_remove(ofdev);
2884 
2885  return err;
2886 }
2887 
2888 static const struct of_device_id talitos_match[] = {
2889  {
2890  .compatible = "fsl,sec2.0",
2891  },
2892  {},
2893 };
2894 MODULE_DEVICE_TABLE(of, talitos_match);
2895 
2896 static struct platform_driver talitos_driver = {
2897  .driver = {
2898  .name = "talitos",
2899  .owner = THIS_MODULE,
2900  .of_match_table = talitos_match,
2901  },
2902  .probe = talitos_probe,
2903  .remove = talitos_remove,
2904 };
2905 
2906 module_platform_driver(talitos_driver);
2907 
2908 MODULE_LICENSE("GPL");
2909 MODULE_AUTHOR("Kim Phillips <[email protected]>");
2910 MODULE_DESCRIPTION("Freescale integrated security engine (SEC) driver");