sl3516-ce-cipher.c 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * sl3516-ce-cipher.c - hardware cryptographic offloader for Storlink SL3516 SoC
  4. *
  5. * Copyright (C) 2021 Corentin LABBE <clabbe@baylibre.com>
  6. *
  7. * This file adds support for AES cipher with 128,192,256 bits keysize in
  8. * ECB mode.
  9. */
  10. #include <crypto/engine.h>
  11. #include <crypto/internal/skcipher.h>
  12. #include <crypto/scatterwalk.h>
  13. #include <linux/dma-mapping.h>
  14. #include <linux/delay.h>
  15. #include <linux/err.h>
  16. #include <linux/io.h>
  17. #include <linux/kernel.h>
  18. #include <linux/pm_runtime.h>
  19. #include <linux/slab.h>
  20. #include <linux/string.h>
  21. #include "sl3516-ce.h"
  22. /* sl3516_ce_need_fallback - check if a request can be handled by the CE */
  23. static bool sl3516_ce_need_fallback(struct skcipher_request *areq)
  24. {
  25. struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(areq);
  26. struct sl3516_ce_cipher_tfm_ctx *op = crypto_skcipher_ctx(tfm);
  27. struct sl3516_ce_dev *ce = op->ce;
  28. struct scatterlist *in_sg;
  29. struct scatterlist *out_sg;
  30. struct scatterlist *sg;
  31. if (areq->cryptlen == 0 || areq->cryptlen % 16) {
  32. ce->fallback_mod16++;
  33. return true;
  34. }
  35. /*
  36. * check if we have enough descriptors for TX
  37. * Note: TX need one control desc for each SG
  38. */
  39. if (sg_nents(areq->src) > MAXDESC / 2) {
  40. ce->fallback_sg_count_tx++;
  41. return true;
  42. }
  43. /* check if we have enough descriptors for RX */
  44. if (sg_nents(areq->dst) > MAXDESC) {
  45. ce->fallback_sg_count_rx++;
  46. return true;
  47. }
  48. sg = areq->src;
  49. while (sg) {
  50. if ((sg->length % 16) != 0) {
  51. ce->fallback_mod16++;
  52. return true;
  53. }
  54. if ((sg_dma_len(sg) % 16) != 0) {
  55. ce->fallback_mod16++;
  56. return true;
  57. }
  58. if (!IS_ALIGNED(sg->offset, 16)) {
  59. ce->fallback_align16++;
  60. return true;
  61. }
  62. sg = sg_next(sg);
  63. }
  64. sg = areq->dst;
  65. while (sg) {
  66. if ((sg->length % 16) != 0) {
  67. ce->fallback_mod16++;
  68. return true;
  69. }
  70. if ((sg_dma_len(sg) % 16) != 0) {
  71. ce->fallback_mod16++;
  72. return true;
  73. }
  74. if (!IS_ALIGNED(sg->offset, 16)) {
  75. ce->fallback_align16++;
  76. return true;
  77. }
  78. sg = sg_next(sg);
  79. }
  80. /* need same numbers of SG (with same length) for source and destination */
  81. in_sg = areq->src;
  82. out_sg = areq->dst;
  83. while (in_sg && out_sg) {
  84. if (in_sg->length != out_sg->length) {
  85. ce->fallback_not_same_len++;
  86. return true;
  87. }
  88. in_sg = sg_next(in_sg);
  89. out_sg = sg_next(out_sg);
  90. }
  91. if (in_sg || out_sg)
  92. return true;
  93. return false;
  94. }
  95. static int sl3516_ce_cipher_fallback(struct skcipher_request *areq)
  96. {
  97. struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(areq);
  98. struct sl3516_ce_cipher_tfm_ctx *op = crypto_skcipher_ctx(tfm);
  99. struct sl3516_ce_cipher_req_ctx *rctx = skcipher_request_ctx(areq);
  100. struct skcipher_alg *alg = crypto_skcipher_alg(tfm);
  101. struct sl3516_ce_alg_template *algt;
  102. int err;
  103. algt = container_of(alg, struct sl3516_ce_alg_template, alg.skcipher.base);
  104. algt->stat_fb++;
  105. skcipher_request_set_tfm(&rctx->fallback_req, op->fallback_tfm);
  106. skcipher_request_set_callback(&rctx->fallback_req, areq->base.flags,
  107. areq->base.complete, areq->base.data);
  108. skcipher_request_set_crypt(&rctx->fallback_req, areq->src, areq->dst,
  109. areq->cryptlen, areq->iv);
  110. if (rctx->op_dir == CE_DECRYPTION)
  111. err = crypto_skcipher_decrypt(&rctx->fallback_req);
  112. else
  113. err = crypto_skcipher_encrypt(&rctx->fallback_req);
  114. return err;
  115. }
  116. static int sl3516_ce_cipher(struct skcipher_request *areq)
  117. {
  118. struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(areq);
  119. struct sl3516_ce_cipher_tfm_ctx *op = crypto_skcipher_ctx(tfm);
  120. struct sl3516_ce_dev *ce = op->ce;
  121. struct sl3516_ce_cipher_req_ctx *rctx = skcipher_request_ctx(areq);
  122. struct skcipher_alg *alg = crypto_skcipher_alg(tfm);
  123. struct sl3516_ce_alg_template *algt;
  124. struct scatterlist *sg;
  125. unsigned int todo, len;
  126. struct pkt_control_ecb *ecb;
  127. int nr_sgs = 0;
  128. int nr_sgd = 0;
  129. int err = 0;
  130. int i;
  131. algt = container_of(alg, struct sl3516_ce_alg_template, alg.skcipher.base);
  132. dev_dbg(ce->dev, "%s %s %u %x IV(%p %u) key=%u\n", __func__,
  133. crypto_tfm_alg_name(areq->base.tfm),
  134. areq->cryptlen,
  135. rctx->op_dir, areq->iv, crypto_skcipher_ivsize(tfm),
  136. op->keylen);
  137. algt->stat_req++;
  138. if (areq->src == areq->dst) {
  139. nr_sgs = dma_map_sg(ce->dev, areq->src, sg_nents(areq->src),
  140. DMA_BIDIRECTIONAL);
  141. if (nr_sgs <= 0 || nr_sgs > MAXDESC / 2) {
  142. dev_err(ce->dev, "Invalid sg number %d\n", nr_sgs);
  143. err = -EINVAL;
  144. goto theend;
  145. }
  146. nr_sgd = nr_sgs;
  147. } else {
  148. nr_sgs = dma_map_sg(ce->dev, areq->src, sg_nents(areq->src),
  149. DMA_TO_DEVICE);
  150. if (nr_sgs <= 0 || nr_sgs > MAXDESC / 2) {
  151. dev_err(ce->dev, "Invalid sg number %d\n", nr_sgs);
  152. err = -EINVAL;
  153. goto theend;
  154. }
  155. nr_sgd = dma_map_sg(ce->dev, areq->dst, sg_nents(areq->dst),
  156. DMA_FROM_DEVICE);
  157. if (nr_sgd <= 0 || nr_sgd > MAXDESC) {
  158. dev_err(ce->dev, "Invalid sg number %d\n", nr_sgd);
  159. err = -EINVAL;
  160. goto theend_sgs;
  161. }
  162. }
  163. len = areq->cryptlen;
  164. i = 0;
  165. sg = areq->src;
  166. while (i < nr_sgs && sg && len) {
  167. if (sg_dma_len(sg) == 0)
  168. goto sgs_next;
  169. rctx->t_src[i].addr = sg_dma_address(sg);
  170. todo = min(len, sg_dma_len(sg));
  171. rctx->t_src[i].len = todo;
  172. dev_dbg(ce->dev, "%s total=%u SGS(%d %u off=%d) todo=%u\n", __func__,
  173. areq->cryptlen, i, rctx->t_src[i].len, sg->offset, todo);
  174. len -= todo;
  175. i++;
  176. sgs_next:
  177. sg = sg_next(sg);
  178. }
  179. if (len > 0) {
  180. dev_err(ce->dev, "remaining len %d/%u nr_sgs=%d\n", len, areq->cryptlen, nr_sgs);
  181. err = -EINVAL;
  182. goto theend_sgs;
  183. }
  184. len = areq->cryptlen;
  185. i = 0;
  186. sg = areq->dst;
  187. while (i < nr_sgd && sg && len) {
  188. if (sg_dma_len(sg) == 0)
  189. goto sgd_next;
  190. rctx->t_dst[i].addr = sg_dma_address(sg);
  191. todo = min(len, sg_dma_len(sg));
  192. rctx->t_dst[i].len = todo;
  193. dev_dbg(ce->dev, "%s total=%u SGD(%d %u off=%d) todo=%u\n", __func__,
  194. areq->cryptlen, i, rctx->t_dst[i].len, sg->offset, todo);
  195. len -= todo;
  196. i++;
  197. sgd_next:
  198. sg = sg_next(sg);
  199. }
  200. if (len > 0) {
  201. dev_err(ce->dev, "remaining len %d\n", len);
  202. err = -EINVAL;
  203. goto theend_sgs;
  204. }
  205. switch (algt->mode) {
  206. case ECB_AES:
  207. rctx->pctrllen = sizeof(struct pkt_control_ecb);
  208. ecb = (struct pkt_control_ecb *)ce->pctrl;
  209. rctx->tqflag = TQ0_TYPE_CTRL;
  210. rctx->tqflag |= TQ1_CIPHER;
  211. ecb->control.op_mode = rctx->op_dir;
  212. ecb->control.cipher_algorithm = ECB_AES;
  213. ecb->cipher.header_len = 0;
  214. ecb->cipher.algorithm_len = areq->cryptlen;
  215. cpu_to_be32_array((__be32 *)ecb->key, (u32 *)op->key, op->keylen / 4);
  216. rctx->h = &ecb->cipher;
  217. rctx->tqflag |= TQ4_KEY0;
  218. rctx->tqflag |= TQ5_KEY4;
  219. rctx->tqflag |= TQ6_KEY6;
  220. ecb->control.aesnk = op->keylen / 4;
  221. break;
  222. }
  223. rctx->nr_sgs = nr_sgs;
  224. rctx->nr_sgd = nr_sgd;
  225. err = sl3516_ce_run_task(ce, rctx, crypto_tfm_alg_name(areq->base.tfm));
  226. theend_sgs:
  227. if (areq->src == areq->dst) {
  228. dma_unmap_sg(ce->dev, areq->src, sg_nents(areq->src),
  229. DMA_BIDIRECTIONAL);
  230. } else {
  231. dma_unmap_sg(ce->dev, areq->src, sg_nents(areq->src),
  232. DMA_TO_DEVICE);
  233. dma_unmap_sg(ce->dev, areq->dst, sg_nents(areq->dst),
  234. DMA_FROM_DEVICE);
  235. }
  236. theend:
  237. return err;
  238. }
  239. int sl3516_ce_handle_cipher_request(struct crypto_engine *engine, void *areq)
  240. {
  241. int err;
  242. struct skcipher_request *breq = container_of(areq, struct skcipher_request, base);
  243. err = sl3516_ce_cipher(breq);
  244. local_bh_disable();
  245. crypto_finalize_skcipher_request(engine, breq, err);
  246. local_bh_enable();
  247. return 0;
  248. }
  249. int sl3516_ce_skdecrypt(struct skcipher_request *areq)
  250. {
  251. struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(areq);
  252. struct sl3516_ce_cipher_tfm_ctx *op = crypto_skcipher_ctx(tfm);
  253. struct sl3516_ce_cipher_req_ctx *rctx = skcipher_request_ctx(areq);
  254. struct crypto_engine *engine;
  255. memset(rctx, 0, sizeof(struct sl3516_ce_cipher_req_ctx));
  256. rctx->op_dir = CE_DECRYPTION;
  257. if (sl3516_ce_need_fallback(areq))
  258. return sl3516_ce_cipher_fallback(areq);
  259. engine = op->ce->engine;
  260. return crypto_transfer_skcipher_request_to_engine(engine, areq);
  261. }
  262. int sl3516_ce_skencrypt(struct skcipher_request *areq)
  263. {
  264. struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(areq);
  265. struct sl3516_ce_cipher_tfm_ctx *op = crypto_skcipher_ctx(tfm);
  266. struct sl3516_ce_cipher_req_ctx *rctx = skcipher_request_ctx(areq);
  267. struct crypto_engine *engine;
  268. memset(rctx, 0, sizeof(struct sl3516_ce_cipher_req_ctx));
  269. rctx->op_dir = CE_ENCRYPTION;
  270. if (sl3516_ce_need_fallback(areq))
  271. return sl3516_ce_cipher_fallback(areq);
  272. engine = op->ce->engine;
  273. return crypto_transfer_skcipher_request_to_engine(engine, areq);
  274. }
  275. int sl3516_ce_cipher_init(struct crypto_tfm *tfm)
  276. {
  277. struct sl3516_ce_cipher_tfm_ctx *op = crypto_tfm_ctx(tfm);
  278. struct sl3516_ce_alg_template *algt;
  279. const char *name = crypto_tfm_alg_name(tfm);
  280. struct crypto_skcipher *sktfm = __crypto_skcipher_cast(tfm);
  281. struct skcipher_alg *alg = crypto_skcipher_alg(sktfm);
  282. int err;
  283. memset(op, 0, sizeof(struct sl3516_ce_cipher_tfm_ctx));
  284. algt = container_of(alg, struct sl3516_ce_alg_template, alg.skcipher.base);
  285. op->ce = algt->ce;
  286. op->fallback_tfm = crypto_alloc_skcipher(name, 0, CRYPTO_ALG_NEED_FALLBACK);
  287. if (IS_ERR(op->fallback_tfm)) {
  288. dev_err(op->ce->dev, "ERROR: Cannot allocate fallback for %s %ld\n",
  289. name, PTR_ERR(op->fallback_tfm));
  290. return PTR_ERR(op->fallback_tfm);
  291. }
  292. crypto_skcipher_set_reqsize(sktfm, sizeof(struct sl3516_ce_cipher_req_ctx) +
  293. crypto_skcipher_reqsize(op->fallback_tfm));
  294. dev_info(op->ce->dev, "Fallback for %s is %s\n",
  295. crypto_tfm_alg_driver_name(&sktfm->base),
  296. crypto_tfm_alg_driver_name(crypto_skcipher_tfm(op->fallback_tfm)));
  297. err = pm_runtime_get_sync(op->ce->dev);
  298. if (err < 0)
  299. goto error_pm;
  300. return 0;
  301. error_pm:
  302. pm_runtime_put_noidle(op->ce->dev);
  303. crypto_free_skcipher(op->fallback_tfm);
  304. return err;
  305. }
  306. void sl3516_ce_cipher_exit(struct crypto_tfm *tfm)
  307. {
  308. struct sl3516_ce_cipher_tfm_ctx *op = crypto_tfm_ctx(tfm);
  309. kfree_sensitive(op->key);
  310. crypto_free_skcipher(op->fallback_tfm);
  311. pm_runtime_put_sync_suspend(op->ce->dev);
  312. }
  313. int sl3516_ce_aes_setkey(struct crypto_skcipher *tfm, const u8 *key,
  314. unsigned int keylen)
  315. {
  316. struct sl3516_ce_cipher_tfm_ctx *op = crypto_skcipher_ctx(tfm);
  317. struct sl3516_ce_dev *ce = op->ce;
  318. switch (keylen) {
  319. case 128 / 8:
  320. break;
  321. case 192 / 8:
  322. break;
  323. case 256 / 8:
  324. break;
  325. default:
  326. dev_dbg(ce->dev, "ERROR: Invalid keylen %u\n", keylen);
  327. return -EINVAL;
  328. }
  329. kfree_sensitive(op->key);
  330. op->keylen = keylen;
  331. op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
  332. if (!op->key)
  333. return -ENOMEM;
  334. crypto_skcipher_clear_flags(op->fallback_tfm, CRYPTO_TFM_REQ_MASK);
  335. crypto_skcipher_set_flags(op->fallback_tfm, tfm->base.crt_flags & CRYPTO_TFM_REQ_MASK);
  336. return crypto_skcipher_setkey(op->fallback_tfm, key, keylen);
  337. }