crypto_engine.c 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656
  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /*
  3. * Handle async block request by crypto hardware engine.
  4. *
  5. * Copyright (C) 2016 Linaro, Inc.
  6. *
  7. * Author: Baolin Wang <baolin.wang@linaro.org>
  8. */
  9. #include <crypto/internal/aead.h>
  10. #include <crypto/internal/akcipher.h>
  11. #include <crypto/internal/engine.h>
  12. #include <crypto/internal/hash.h>
  13. #include <crypto/internal/kpp.h>
  14. #include <crypto/internal/skcipher.h>
  15. #include <linux/err.h>
  16. #include <linux/delay.h>
  17. #include <linux/device.h>
  18. #include <linux/kernel.h>
  19. #include <linux/module.h>
  20. #include <uapi/linux/sched/types.h>
  21. #include "internal.h"
  22. #define CRYPTO_ENGINE_MAX_QLEN 10
  23. struct crypto_engine_alg {
  24. struct crypto_alg base;
  25. struct crypto_engine_op op;
  26. };
  27. /**
  28. * crypto_finalize_request - finalize one request if the request is done
  29. * @engine: the hardware engine
  30. * @req: the request need to be finalized
  31. * @err: error number
  32. */
  33. static void crypto_finalize_request(struct crypto_engine *engine,
  34. struct crypto_async_request *req, int err)
  35. {
  36. unsigned long flags;
  37. /*
  38. * If hardware cannot enqueue more requests
  39. * and retry mechanism is not supported
  40. * make sure we are completing the current request
  41. */
  42. if (!engine->retry_support) {
  43. spin_lock_irqsave(&engine->queue_lock, flags);
  44. if (engine->cur_req == req) {
  45. engine->cur_req = NULL;
  46. }
  47. spin_unlock_irqrestore(&engine->queue_lock, flags);
  48. }
  49. lockdep_assert_in_softirq();
  50. crypto_request_complete(req, err);
  51. kthread_queue_work(engine->kworker, &engine->pump_requests);
  52. }
  53. /**
  54. * crypto_pump_requests - dequeue one request from engine queue to process
  55. * @engine: the hardware engine
  56. * @in_kthread: true if we are in the context of the request pump thread
  57. *
  58. * This function checks if there is any request in the engine queue that
  59. * needs processing and if so call out to the driver to initialize hardware
  60. * and handle each request.
  61. */
  62. static void crypto_pump_requests(struct crypto_engine *engine,
  63. bool in_kthread)
  64. {
  65. struct crypto_async_request *async_req, *backlog;
  66. struct crypto_engine_alg *alg;
  67. struct crypto_engine_op *op;
  68. unsigned long flags;
  69. int ret;
  70. spin_lock_irqsave(&engine->queue_lock, flags);
  71. /* Make sure we are not already running a request */
  72. if (!engine->retry_support && engine->cur_req)
  73. goto out;
  74. /* Check if the engine queue is idle */
  75. if (!crypto_queue_len(&engine->queue) || !engine->running) {
  76. if (!engine->busy)
  77. goto out;
  78. /* Only do teardown in the thread */
  79. if (!in_kthread) {
  80. kthread_queue_work(engine->kworker,
  81. &engine->pump_requests);
  82. goto out;
  83. }
  84. engine->busy = false;
  85. goto out;
  86. }
  87. start_request:
  88. /* Get the fist request from the engine queue to handle */
  89. backlog = crypto_get_backlog(&engine->queue);
  90. async_req = crypto_dequeue_request(&engine->queue);
  91. if (!async_req)
  92. goto out;
  93. /*
  94. * If hardware doesn't support the retry mechanism,
  95. * keep track of the request we are processing now.
  96. * We'll need it on completion (crypto_finalize_request).
  97. */
  98. if (!engine->retry_support)
  99. engine->cur_req = async_req;
  100. if (!engine->busy)
  101. engine->busy = true;
  102. spin_unlock_irqrestore(&engine->queue_lock, flags);
  103. alg = container_of(async_req->tfm->__crt_alg,
  104. struct crypto_engine_alg, base);
  105. op = &alg->op;
  106. ret = op->do_one_request(engine, async_req);
  107. /* Request unsuccessfully executed by hardware */
  108. if (ret < 0) {
  109. /*
  110. * If hardware queue is full (-ENOSPC), requeue request
  111. * regardless of backlog flag.
  112. * Otherwise, unprepare and complete the request.
  113. */
  114. if (!engine->retry_support ||
  115. (ret != -ENOSPC)) {
  116. dev_err(engine->dev,
  117. "Failed to do one request from queue: %d\n",
  118. ret);
  119. goto req_err_1;
  120. }
  121. spin_lock_irqsave(&engine->queue_lock, flags);
  122. /*
  123. * If hardware was unable to execute request, enqueue it
  124. * back in front of crypto-engine queue, to keep the order
  125. * of requests.
  126. */
  127. crypto_enqueue_request_head(&engine->queue, async_req);
  128. kthread_queue_work(engine->kworker, &engine->pump_requests);
  129. goto out;
  130. }
  131. goto retry;
  132. req_err_1:
  133. crypto_request_complete(async_req, ret);
  134. retry:
  135. if (backlog)
  136. crypto_request_complete(backlog, -EINPROGRESS);
  137. /* If retry mechanism is supported, send new requests to engine */
  138. if (engine->retry_support) {
  139. spin_lock_irqsave(&engine->queue_lock, flags);
  140. goto start_request;
  141. }
  142. return;
  143. out:
  144. spin_unlock_irqrestore(&engine->queue_lock, flags);
  145. return;
  146. }
  147. static void crypto_pump_work(struct kthread_work *work)
  148. {
  149. struct crypto_engine *engine =
  150. container_of(work, struct crypto_engine, pump_requests);
  151. crypto_pump_requests(engine, true);
  152. }
  153. /**
  154. * crypto_transfer_request - transfer the new request into the engine queue
  155. * @engine: the hardware engine
  156. * @req: the request need to be listed into the engine queue
  157. * @need_pump: indicates whether queue the pump of request to kthread_work
  158. */
  159. static int crypto_transfer_request(struct crypto_engine *engine,
  160. struct crypto_async_request *req,
  161. bool need_pump)
  162. {
  163. unsigned long flags;
  164. int ret;
  165. spin_lock_irqsave(&engine->queue_lock, flags);
  166. if (!engine->running) {
  167. spin_unlock_irqrestore(&engine->queue_lock, flags);
  168. return -ESHUTDOWN;
  169. }
  170. ret = crypto_enqueue_request(&engine->queue, req);
  171. if (!engine->busy && need_pump)
  172. kthread_queue_work(engine->kworker, &engine->pump_requests);
  173. spin_unlock_irqrestore(&engine->queue_lock, flags);
  174. return ret;
  175. }
  176. /**
  177. * crypto_transfer_request_to_engine - transfer one request to list
  178. * into the engine queue
  179. * @engine: the hardware engine
  180. * @req: the request need to be listed into the engine queue
  181. */
  182. static int crypto_transfer_request_to_engine(struct crypto_engine *engine,
  183. struct crypto_async_request *req)
  184. {
  185. return crypto_transfer_request(engine, req, true);
  186. }
  187. /**
  188. * crypto_transfer_aead_request_to_engine - transfer one aead_request
  189. * to list into the engine queue
  190. * @engine: the hardware engine
  191. * @req: the request need to be listed into the engine queue
  192. */
  193. int crypto_transfer_aead_request_to_engine(struct crypto_engine *engine,
  194. struct aead_request *req)
  195. {
  196. return crypto_transfer_request_to_engine(engine, &req->base);
  197. }
  198. EXPORT_SYMBOL_GPL(crypto_transfer_aead_request_to_engine);
  199. /**
  200. * crypto_transfer_akcipher_request_to_engine - transfer one akcipher_request
  201. * to list into the engine queue
  202. * @engine: the hardware engine
  203. * @req: the request need to be listed into the engine queue
  204. */
  205. int crypto_transfer_akcipher_request_to_engine(struct crypto_engine *engine,
  206. struct akcipher_request *req)
  207. {
  208. return crypto_transfer_request_to_engine(engine, &req->base);
  209. }
  210. EXPORT_SYMBOL_GPL(crypto_transfer_akcipher_request_to_engine);
  211. /**
  212. * crypto_transfer_hash_request_to_engine - transfer one ahash_request
  213. * to list into the engine queue
  214. * @engine: the hardware engine
  215. * @req: the request need to be listed into the engine queue
  216. */
  217. int crypto_transfer_hash_request_to_engine(struct crypto_engine *engine,
  218. struct ahash_request *req)
  219. {
  220. return crypto_transfer_request_to_engine(engine, &req->base);
  221. }
  222. EXPORT_SYMBOL_GPL(crypto_transfer_hash_request_to_engine);
  223. /**
  224. * crypto_transfer_kpp_request_to_engine - transfer one kpp_request to list
  225. * into the engine queue
  226. * @engine: the hardware engine
  227. * @req: the request need to be listed into the engine queue
  228. */
  229. int crypto_transfer_kpp_request_to_engine(struct crypto_engine *engine,
  230. struct kpp_request *req)
  231. {
  232. return crypto_transfer_request_to_engine(engine, &req->base);
  233. }
  234. EXPORT_SYMBOL_GPL(crypto_transfer_kpp_request_to_engine);
  235. /**
  236. * crypto_transfer_skcipher_request_to_engine - transfer one skcipher_request
  237. * to list into the engine queue
  238. * @engine: the hardware engine
  239. * @req: the request need to be listed into the engine queue
  240. */
  241. int crypto_transfer_skcipher_request_to_engine(struct crypto_engine *engine,
  242. struct skcipher_request *req)
  243. {
  244. return crypto_transfer_request_to_engine(engine, &req->base);
  245. }
  246. EXPORT_SYMBOL_GPL(crypto_transfer_skcipher_request_to_engine);
  247. /**
  248. * crypto_finalize_aead_request - finalize one aead_request if
  249. * the request is done
  250. * @engine: the hardware engine
  251. * @req: the request need to be finalized
  252. * @err: error number
  253. */
  254. void crypto_finalize_aead_request(struct crypto_engine *engine,
  255. struct aead_request *req, int err)
  256. {
  257. return crypto_finalize_request(engine, &req->base, err);
  258. }
  259. EXPORT_SYMBOL_GPL(crypto_finalize_aead_request);
  260. /**
  261. * crypto_finalize_akcipher_request - finalize one akcipher_request if
  262. * the request is done
  263. * @engine: the hardware engine
  264. * @req: the request need to be finalized
  265. * @err: error number
  266. */
  267. void crypto_finalize_akcipher_request(struct crypto_engine *engine,
  268. struct akcipher_request *req, int err)
  269. {
  270. return crypto_finalize_request(engine, &req->base, err);
  271. }
  272. EXPORT_SYMBOL_GPL(crypto_finalize_akcipher_request);
  273. /**
  274. * crypto_finalize_hash_request - finalize one ahash_request if
  275. * the request is done
  276. * @engine: the hardware engine
  277. * @req: the request need to be finalized
  278. * @err: error number
  279. */
  280. void crypto_finalize_hash_request(struct crypto_engine *engine,
  281. struct ahash_request *req, int err)
  282. {
  283. return crypto_finalize_request(engine, &req->base, err);
  284. }
  285. EXPORT_SYMBOL_GPL(crypto_finalize_hash_request);
  286. /**
  287. * crypto_finalize_kpp_request - finalize one kpp_request if the request is done
  288. * @engine: the hardware engine
  289. * @req: the request need to be finalized
  290. * @err: error number
  291. */
  292. void crypto_finalize_kpp_request(struct crypto_engine *engine,
  293. struct kpp_request *req, int err)
  294. {
  295. return crypto_finalize_request(engine, &req->base, err);
  296. }
  297. EXPORT_SYMBOL_GPL(crypto_finalize_kpp_request);
  298. /**
  299. * crypto_finalize_skcipher_request - finalize one skcipher_request if
  300. * the request is done
  301. * @engine: the hardware engine
  302. * @req: the request need to be finalized
  303. * @err: error number
  304. */
  305. void crypto_finalize_skcipher_request(struct crypto_engine *engine,
  306. struct skcipher_request *req, int err)
  307. {
  308. return crypto_finalize_request(engine, &req->base, err);
  309. }
  310. EXPORT_SYMBOL_GPL(crypto_finalize_skcipher_request);
  311. /**
  312. * crypto_engine_start - start the hardware engine
  313. * @engine: the hardware engine need to be started
  314. *
  315. * Return 0 on success, else on fail.
  316. */
  317. int crypto_engine_start(struct crypto_engine *engine)
  318. {
  319. unsigned long flags;
  320. spin_lock_irqsave(&engine->queue_lock, flags);
  321. if (engine->running || engine->busy) {
  322. spin_unlock_irqrestore(&engine->queue_lock, flags);
  323. return -EBUSY;
  324. }
  325. engine->running = true;
  326. spin_unlock_irqrestore(&engine->queue_lock, flags);
  327. kthread_queue_work(engine->kworker, &engine->pump_requests);
  328. return 0;
  329. }
  330. EXPORT_SYMBOL_GPL(crypto_engine_start);
  331. /**
  332. * crypto_engine_stop - stop the hardware engine
  333. * @engine: the hardware engine need to be stopped
  334. *
  335. * Return 0 on success, else on fail.
  336. */
  337. int crypto_engine_stop(struct crypto_engine *engine)
  338. {
  339. unsigned long flags;
  340. unsigned int limit = 500;
  341. int ret = 0;
  342. spin_lock_irqsave(&engine->queue_lock, flags);
  343. /*
  344. * If the engine queue is not empty or the engine is on busy state,
  345. * we need to wait for a while to pump the requests of engine queue.
  346. */
  347. while ((crypto_queue_len(&engine->queue) || engine->busy) && limit--) {
  348. spin_unlock_irqrestore(&engine->queue_lock, flags);
  349. msleep(20);
  350. spin_lock_irqsave(&engine->queue_lock, flags);
  351. }
  352. if (crypto_queue_len(&engine->queue) || engine->busy)
  353. ret = -EBUSY;
  354. else
  355. engine->running = false;
  356. spin_unlock_irqrestore(&engine->queue_lock, flags);
  357. if (ret)
  358. dev_warn(engine->dev, "could not stop engine\n");
  359. return ret;
  360. }
  361. EXPORT_SYMBOL_GPL(crypto_engine_stop);
  362. /**
  363. * crypto_engine_alloc_init_and_set - allocate crypto hardware engine structure
  364. * and initialize it by setting the maximum number of entries in the software
  365. * crypto-engine queue.
  366. * @dev: the device attached with one hardware engine
  367. * @retry_support: whether hardware has support for retry mechanism
  368. * @rt: whether this queue is set to run as a realtime task
  369. * @qlen: maximum size of the crypto-engine queue
  370. *
  371. * This must be called from context that can sleep.
  372. * Return: the crypto engine structure on success, else NULL.
  373. */
  374. struct crypto_engine *crypto_engine_alloc_init_and_set(struct device *dev,
  375. bool retry_support,
  376. bool rt, int qlen)
  377. {
  378. struct crypto_engine *engine;
  379. if (!dev)
  380. return NULL;
  381. engine = devm_kzalloc(dev, sizeof(*engine), GFP_KERNEL);
  382. if (!engine)
  383. return NULL;
  384. engine->dev = dev;
  385. engine->rt = rt;
  386. engine->running = false;
  387. engine->busy = false;
  388. engine->retry_support = retry_support;
  389. engine->priv_data = dev;
  390. snprintf(engine->name, sizeof(engine->name),
  391. "%s-engine", dev_name(dev));
  392. guard(spinlock_init)(&engine->queue_lock);
  393. crypto_init_queue(&engine->queue, qlen);
  394. engine->kworker = kthread_run_worker(0, "%s", engine->name);
  395. if (IS_ERR(engine->kworker)) {
  396. dev_err(dev, "failed to create crypto request pump task\n");
  397. return NULL;
  398. }
  399. kthread_init_work(&engine->pump_requests, crypto_pump_work);
  400. if (engine->rt) {
  401. dev_info(dev, "will run requests pump with realtime priority\n");
  402. sched_set_fifo(engine->kworker->task);
  403. }
  404. return engine;
  405. }
  406. EXPORT_SYMBOL_GPL(crypto_engine_alloc_init_and_set);
  407. /**
  408. * crypto_engine_alloc_init - allocate crypto hardware engine structure and
  409. * initialize it.
  410. * @dev: the device attached with one hardware engine
  411. * @rt: whether this queue is set to run as a realtime task
  412. *
  413. * This must be called from context that can sleep.
  414. * Return: the crypto engine structure on success, else NULL.
  415. */
  416. struct crypto_engine *crypto_engine_alloc_init(struct device *dev, bool rt)
  417. {
  418. return crypto_engine_alloc_init_and_set(dev, false, rt,
  419. CRYPTO_ENGINE_MAX_QLEN);
  420. }
  421. EXPORT_SYMBOL_GPL(crypto_engine_alloc_init);
  422. /**
  423. * crypto_engine_exit - free the resources of hardware engine when exit
  424. * @engine: the hardware engine need to be freed
  425. */
  426. void crypto_engine_exit(struct crypto_engine *engine)
  427. {
  428. int ret;
  429. ret = crypto_engine_stop(engine);
  430. if (ret)
  431. return;
  432. kthread_destroy_worker(engine->kworker);
  433. }
  434. EXPORT_SYMBOL_GPL(crypto_engine_exit);
  435. int crypto_engine_register_aead(struct aead_engine_alg *alg)
  436. {
  437. if (!alg->op.do_one_request)
  438. return -EINVAL;
  439. return crypto_register_aead(&alg->base);
  440. }
  441. EXPORT_SYMBOL_GPL(crypto_engine_register_aead);
  442. void crypto_engine_unregister_aead(struct aead_engine_alg *alg)
  443. {
  444. crypto_unregister_aead(&alg->base);
  445. }
  446. EXPORT_SYMBOL_GPL(crypto_engine_unregister_aead);
  447. int crypto_engine_register_aeads(struct aead_engine_alg *algs, int count)
  448. {
  449. int i, ret;
  450. for (i = 0; i < count; i++) {
  451. ret = crypto_engine_register_aead(&algs[i]);
  452. if (ret) {
  453. crypto_engine_unregister_aeads(algs, i);
  454. return ret;
  455. }
  456. }
  457. return 0;
  458. }
  459. EXPORT_SYMBOL_GPL(crypto_engine_register_aeads);
  460. void crypto_engine_unregister_aeads(struct aead_engine_alg *algs, int count)
  461. {
  462. int i;
  463. for (i = count - 1; i >= 0; --i)
  464. crypto_engine_unregister_aead(&algs[i]);
  465. }
  466. EXPORT_SYMBOL_GPL(crypto_engine_unregister_aeads);
  467. int crypto_engine_register_ahash(struct ahash_engine_alg *alg)
  468. {
  469. if (!alg->op.do_one_request)
  470. return -EINVAL;
  471. return crypto_register_ahash(&alg->base);
  472. }
  473. EXPORT_SYMBOL_GPL(crypto_engine_register_ahash);
  474. void crypto_engine_unregister_ahash(struct ahash_engine_alg *alg)
  475. {
  476. crypto_unregister_ahash(&alg->base);
  477. }
  478. EXPORT_SYMBOL_GPL(crypto_engine_unregister_ahash);
  479. int crypto_engine_register_ahashes(struct ahash_engine_alg *algs, int count)
  480. {
  481. int i, ret;
  482. for (i = 0; i < count; i++) {
  483. ret = crypto_engine_register_ahash(&algs[i]);
  484. if (ret) {
  485. crypto_engine_unregister_ahashes(algs, i);
  486. return ret;
  487. }
  488. }
  489. return 0;
  490. }
  491. EXPORT_SYMBOL_GPL(crypto_engine_register_ahashes);
  492. void crypto_engine_unregister_ahashes(struct ahash_engine_alg *algs,
  493. int count)
  494. {
  495. int i;
  496. for (i = count - 1; i >= 0; --i)
  497. crypto_engine_unregister_ahash(&algs[i]);
  498. }
  499. EXPORT_SYMBOL_GPL(crypto_engine_unregister_ahashes);
  500. int crypto_engine_register_akcipher(struct akcipher_engine_alg *alg)
  501. {
  502. if (!alg->op.do_one_request)
  503. return -EINVAL;
  504. return crypto_register_akcipher(&alg->base);
  505. }
  506. EXPORT_SYMBOL_GPL(crypto_engine_register_akcipher);
  507. void crypto_engine_unregister_akcipher(struct akcipher_engine_alg *alg)
  508. {
  509. crypto_unregister_akcipher(&alg->base);
  510. }
  511. EXPORT_SYMBOL_GPL(crypto_engine_unregister_akcipher);
  512. int crypto_engine_register_kpp(struct kpp_engine_alg *alg)
  513. {
  514. if (!alg->op.do_one_request)
  515. return -EINVAL;
  516. return crypto_register_kpp(&alg->base);
  517. }
  518. EXPORT_SYMBOL_GPL(crypto_engine_register_kpp);
  519. void crypto_engine_unregister_kpp(struct kpp_engine_alg *alg)
  520. {
  521. crypto_unregister_kpp(&alg->base);
  522. }
  523. EXPORT_SYMBOL_GPL(crypto_engine_unregister_kpp);
  524. int crypto_engine_register_skcipher(struct skcipher_engine_alg *alg)
  525. {
  526. if (!alg->op.do_one_request)
  527. return -EINVAL;
  528. return crypto_register_skcipher(&alg->base);
  529. }
  530. EXPORT_SYMBOL_GPL(crypto_engine_register_skcipher);
  531. void crypto_engine_unregister_skcipher(struct skcipher_engine_alg *alg)
  532. {
  533. return crypto_unregister_skcipher(&alg->base);
  534. }
  535. EXPORT_SYMBOL_GPL(crypto_engine_unregister_skcipher);
  536. int crypto_engine_register_skciphers(struct skcipher_engine_alg *algs,
  537. int count)
  538. {
  539. int i, ret;
  540. for (i = 0; i < count; i++) {
  541. ret = crypto_engine_register_skcipher(&algs[i]);
  542. if (ret) {
  543. crypto_engine_unregister_skciphers(algs, i);
  544. return ret;
  545. }
  546. }
  547. return 0;
  548. }
  549. EXPORT_SYMBOL_GPL(crypto_engine_register_skciphers);
  550. void crypto_engine_unregister_skciphers(struct skcipher_engine_alg *algs,
  551. int count)
  552. {
  553. int i;
  554. for (i = count - 1; i >= 0; --i)
  555. crypto_engine_unregister_skcipher(&algs[i]);
  556. }
  557. EXPORT_SYMBOL_GPL(crypto_engine_unregister_skciphers);
  558. MODULE_LICENSE("GPL");
  559. MODULE_DESCRIPTION("Crypto hardware engine framework");