stm32-cryp.c 68 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * Copyright (C) STMicroelectronics SA 2017
  4. * Author: Fabien Dessenne <fabien.dessenne@st.com>
  5. * Ux500 support taken from snippets in the old Ux500 cryp driver
  6. */
  7. #include <crypto/aes.h>
  8. #include <crypto/engine.h>
  9. #include <crypto/internal/aead.h>
  10. #include <crypto/internal/des.h>
  11. #include <crypto/internal/skcipher.h>
  12. #include <crypto/scatterwalk.h>
  13. #include <linux/bottom_half.h>
  14. #include <linux/clk.h>
  15. #include <linux/delay.h>
  16. #include <linux/dma-mapping.h>
  17. #include <linux/dmaengine.h>
  18. #include <linux/err.h>
  19. #include <linux/iopoll.h>
  20. #include <linux/interrupt.h>
  21. #include <linux/kernel.h>
  22. #include <linux/module.h>
  23. #include <linux/minmax.h>
  24. #include <linux/of.h>
  25. #include <linux/platform_device.h>
  26. #include <linux/pm_runtime.h>
  27. #include <linux/reset.h>
  28. #include <linux/string.h>
  29. #define DRIVER_NAME "stm32-cryp"
  30. /* Bit [0] encrypt / decrypt */
  31. #define FLG_ENCRYPT BIT(0)
  32. /* Bit [8..1] algo & operation mode */
  33. #define FLG_AES BIT(1)
  34. #define FLG_DES BIT(2)
  35. #define FLG_TDES BIT(3)
  36. #define FLG_ECB BIT(4)
  37. #define FLG_CBC BIT(5)
  38. #define FLG_CTR BIT(6)
  39. #define FLG_GCM BIT(7)
  40. #define FLG_CCM BIT(8)
  41. /* Mode mask = bits [15..0] */
  42. #define FLG_MODE_MASK GENMASK(15, 0)
  43. /* Bit [31..16] status */
  44. #define FLG_IN_OUT_DMA BIT(16)
  45. #define FLG_HEADER_DMA BIT(17)
  46. /* Registers */
  47. #define CRYP_CR 0x00000000
  48. #define CRYP_SR 0x00000004
  49. #define CRYP_DIN 0x00000008
  50. #define CRYP_DOUT 0x0000000C
  51. #define CRYP_DMACR 0x00000010
  52. #define CRYP_IMSCR 0x00000014
  53. #define CRYP_RISR 0x00000018
  54. #define CRYP_MISR 0x0000001C
  55. #define CRYP_K0LR 0x00000020
  56. #define CRYP_K0RR 0x00000024
  57. #define CRYP_K1LR 0x00000028
  58. #define CRYP_K1RR 0x0000002C
  59. #define CRYP_K2LR 0x00000030
  60. #define CRYP_K2RR 0x00000034
  61. #define CRYP_K3LR 0x00000038
  62. #define CRYP_K3RR 0x0000003C
  63. #define CRYP_IV0LR 0x00000040
  64. #define CRYP_IV0RR 0x00000044
  65. #define CRYP_IV1LR 0x00000048
  66. #define CRYP_IV1RR 0x0000004C
  67. #define CRYP_CSGCMCCM0R 0x00000050
  68. #define CRYP_CSGCM0R 0x00000070
  69. #define UX500_CRYP_CR 0x00000000
  70. #define UX500_CRYP_SR 0x00000004
  71. #define UX500_CRYP_DIN 0x00000008
  72. #define UX500_CRYP_DINSIZE 0x0000000C
  73. #define UX500_CRYP_DOUT 0x00000010
  74. #define UX500_CRYP_DOUSIZE 0x00000014
  75. #define UX500_CRYP_DMACR 0x00000018
  76. #define UX500_CRYP_IMSC 0x0000001C
  77. #define UX500_CRYP_RIS 0x00000020
  78. #define UX500_CRYP_MIS 0x00000024
  79. #define UX500_CRYP_K1L 0x00000028
  80. #define UX500_CRYP_K1R 0x0000002C
  81. #define UX500_CRYP_K2L 0x00000030
  82. #define UX500_CRYP_K2R 0x00000034
  83. #define UX500_CRYP_K3L 0x00000038
  84. #define UX500_CRYP_K3R 0x0000003C
  85. #define UX500_CRYP_K4L 0x00000040
  86. #define UX500_CRYP_K4R 0x00000044
  87. #define UX500_CRYP_IV0L 0x00000048
  88. #define UX500_CRYP_IV0R 0x0000004C
  89. #define UX500_CRYP_IV1L 0x00000050
  90. #define UX500_CRYP_IV1R 0x00000054
  91. /* Registers values */
  92. #define CR_DEC_NOT_ENC 0x00000004
  93. #define CR_TDES_ECB 0x00000000
  94. #define CR_TDES_CBC 0x00000008
  95. #define CR_DES_ECB 0x00000010
  96. #define CR_DES_CBC 0x00000018
  97. #define CR_AES_ECB 0x00000020
  98. #define CR_AES_CBC 0x00000028
  99. #define CR_AES_CTR 0x00000030
  100. #define CR_AES_KP 0x00000038 /* Not on Ux500 */
  101. #define CR_AES_XTS 0x00000038 /* Only on Ux500 */
  102. #define CR_AES_GCM 0x00080000
  103. #define CR_AES_CCM 0x00080008
  104. #define CR_AES_UNKNOWN 0xFFFFFFFF
  105. #define CR_ALGO_MASK 0x00080038
  106. #define CR_DATA32 0x00000000
  107. #define CR_DATA16 0x00000040
  108. #define CR_DATA8 0x00000080
  109. #define CR_DATA1 0x000000C0
  110. #define CR_KEY128 0x00000000
  111. #define CR_KEY192 0x00000100
  112. #define CR_KEY256 0x00000200
  113. #define CR_KEYRDEN 0x00000400 /* Only on Ux500 */
  114. #define CR_KSE 0x00000800 /* Only on Ux500 */
  115. #define CR_FFLUSH 0x00004000
  116. #define CR_CRYPEN 0x00008000
  117. #define CR_PH_INIT 0x00000000
  118. #define CR_PH_HEADER 0x00010000
  119. #define CR_PH_PAYLOAD 0x00020000
  120. #define CR_PH_FINAL 0x00030000
  121. #define CR_PH_MASK 0x00030000
  122. #define CR_NBPBL_SHIFT 20
  123. #define SR_IFNF BIT(1)
  124. #define SR_OFNE BIT(2)
  125. #define SR_BUSY BIT(8)
  126. #define DMACR_DIEN BIT(0)
  127. #define DMACR_DOEN BIT(1)
  128. #define IMSCR_IN BIT(0)
  129. #define IMSCR_OUT BIT(1)
  130. #define MISR_IN BIT(0)
  131. #define MISR_OUT BIT(1)
  132. /* Misc */
  133. #define AES_BLOCK_32 (AES_BLOCK_SIZE / sizeof(u32))
  134. #define GCM_CTR_INIT 2
  135. #define CRYP_AUTOSUSPEND_DELAY 50
  136. #define CRYP_DMA_BURST_REG 4
  137. enum stm32_dma_mode {
  138. NO_DMA,
  139. DMA_PLAIN_SG,
  140. DMA_NEED_SG_TRUNC
  141. };
  142. struct stm32_cryp_caps {
  143. bool aeads_support;
  144. bool linear_aes_key;
  145. bool kp_mode;
  146. bool iv_protection;
  147. bool swap_final;
  148. bool padding_wa;
  149. u32 cr;
  150. u32 sr;
  151. u32 din;
  152. u32 dout;
  153. u32 dmacr;
  154. u32 imsc;
  155. u32 mis;
  156. u32 k1l;
  157. u32 k1r;
  158. u32 k3r;
  159. u32 iv0l;
  160. u32 iv0r;
  161. u32 iv1l;
  162. u32 iv1r;
  163. };
  164. struct stm32_cryp_ctx {
  165. struct stm32_cryp *cryp;
  166. int keylen;
  167. __be32 key[AES_KEYSIZE_256 / sizeof(u32)];
  168. unsigned long flags;
  169. };
  170. struct stm32_cryp_reqctx {
  171. unsigned long mode;
  172. };
  173. struct stm32_cryp {
  174. struct list_head list;
  175. struct device *dev;
  176. void __iomem *regs;
  177. phys_addr_t phys_base;
  178. struct clk *clk;
  179. unsigned long flags;
  180. u32 irq_status;
  181. const struct stm32_cryp_caps *caps;
  182. struct stm32_cryp_ctx *ctx;
  183. struct crypto_engine *engine;
  184. struct skcipher_request *req;
  185. struct aead_request *areq;
  186. size_t authsize;
  187. size_t hw_blocksize;
  188. size_t payload_in;
  189. size_t header_in;
  190. size_t payload_out;
  191. /* DMA process fields */
  192. struct scatterlist *in_sg;
  193. struct scatterlist *header_sg;
  194. struct scatterlist *out_sg;
  195. size_t in_sg_len;
  196. size_t header_sg_len;
  197. size_t out_sg_len;
  198. struct completion dma_completion;
  199. struct dma_chan *dma_lch_in;
  200. struct dma_chan *dma_lch_out;
  201. enum stm32_dma_mode dma_mode;
  202. /* IT process fields */
  203. struct scatter_walk in_walk;
  204. struct scatter_walk out_walk;
  205. __be32 last_ctr[4];
  206. u32 gcm_ctr;
  207. };
  208. struct stm32_cryp_list {
  209. struct list_head dev_list;
  210. spinlock_t lock; /* protect dev_list */
  211. };
  212. static struct stm32_cryp_list cryp_list = {
  213. .dev_list = LIST_HEAD_INIT(cryp_list.dev_list),
  214. .lock = __SPIN_LOCK_UNLOCKED(cryp_list.lock),
  215. };
  216. static inline bool is_aes(struct stm32_cryp *cryp)
  217. {
  218. return cryp->flags & FLG_AES;
  219. }
  220. static inline bool is_des(struct stm32_cryp *cryp)
  221. {
  222. return cryp->flags & FLG_DES;
  223. }
  224. static inline bool is_tdes(struct stm32_cryp *cryp)
  225. {
  226. return cryp->flags & FLG_TDES;
  227. }
  228. static inline bool is_ecb(struct stm32_cryp *cryp)
  229. {
  230. return cryp->flags & FLG_ECB;
  231. }
  232. static inline bool is_cbc(struct stm32_cryp *cryp)
  233. {
  234. return cryp->flags & FLG_CBC;
  235. }
  236. static inline bool is_ctr(struct stm32_cryp *cryp)
  237. {
  238. return cryp->flags & FLG_CTR;
  239. }
  240. static inline bool is_gcm(struct stm32_cryp *cryp)
  241. {
  242. return cryp->flags & FLG_GCM;
  243. }
  244. static inline bool is_ccm(struct stm32_cryp *cryp)
  245. {
  246. return cryp->flags & FLG_CCM;
  247. }
  248. static inline bool is_encrypt(struct stm32_cryp *cryp)
  249. {
  250. return cryp->flags & FLG_ENCRYPT;
  251. }
  252. static inline bool is_decrypt(struct stm32_cryp *cryp)
  253. {
  254. return !is_encrypt(cryp);
  255. }
  256. static inline u32 stm32_cryp_read(struct stm32_cryp *cryp, u32 ofst)
  257. {
  258. return readl_relaxed(cryp->regs + ofst);
  259. }
  260. static inline void stm32_cryp_write(struct stm32_cryp *cryp, u32 ofst, u32 val)
  261. {
  262. writel_relaxed(val, cryp->regs + ofst);
  263. }
  264. static inline int stm32_cryp_wait_busy(struct stm32_cryp *cryp)
  265. {
  266. u32 status;
  267. return readl_relaxed_poll_timeout(cryp->regs + cryp->caps->sr, status,
  268. !(status & SR_BUSY), 10, 100000);
  269. }
  270. static inline void stm32_cryp_enable(struct stm32_cryp *cryp)
  271. {
  272. writel_relaxed(readl_relaxed(cryp->regs + cryp->caps->cr) | CR_CRYPEN,
  273. cryp->regs + cryp->caps->cr);
  274. }
  275. static inline int stm32_cryp_wait_enable(struct stm32_cryp *cryp)
  276. {
  277. u32 status;
  278. return readl_relaxed_poll_timeout(cryp->regs + cryp->caps->cr, status,
  279. !(status & CR_CRYPEN), 10, 100000);
  280. }
  281. static inline int stm32_cryp_wait_input(struct stm32_cryp *cryp)
  282. {
  283. u32 status;
  284. return readl_relaxed_poll_timeout_atomic(cryp->regs + cryp->caps->sr, status,
  285. status & SR_IFNF, 1, 10);
  286. }
  287. static inline int stm32_cryp_wait_output(struct stm32_cryp *cryp)
  288. {
  289. u32 status;
  290. return readl_relaxed_poll_timeout_atomic(cryp->regs + cryp->caps->sr, status,
  291. status & SR_OFNE, 1, 10);
  292. }
  293. static inline void stm32_cryp_key_read_enable(struct stm32_cryp *cryp)
  294. {
  295. writel_relaxed(readl_relaxed(cryp->regs + cryp->caps->cr) | CR_KEYRDEN,
  296. cryp->regs + cryp->caps->cr);
  297. }
  298. static inline void stm32_cryp_key_read_disable(struct stm32_cryp *cryp)
  299. {
  300. writel_relaxed(readl_relaxed(cryp->regs + cryp->caps->cr) & ~CR_KEYRDEN,
  301. cryp->regs + cryp->caps->cr);
  302. }
  303. static void stm32_cryp_irq_read_data(struct stm32_cryp *cryp);
  304. static void stm32_cryp_irq_write_data(struct stm32_cryp *cryp);
  305. static void stm32_cryp_irq_write_gcmccm_header(struct stm32_cryp *cryp);
  306. static int stm32_cryp_read_auth_tag(struct stm32_cryp *cryp);
  307. static void stm32_cryp_finish_req(struct stm32_cryp *cryp, int err);
  308. static int stm32_cryp_dma_start(struct stm32_cryp *cryp);
  309. static int stm32_cryp_it_start(struct stm32_cryp *cryp);
  310. static struct stm32_cryp *stm32_cryp_find_dev(struct stm32_cryp_ctx *ctx)
  311. {
  312. struct stm32_cryp *tmp, *cryp = NULL;
  313. spin_lock_bh(&cryp_list.lock);
  314. if (!ctx->cryp) {
  315. list_for_each_entry(tmp, &cryp_list.dev_list, list) {
  316. cryp = tmp;
  317. break;
  318. }
  319. ctx->cryp = cryp;
  320. } else {
  321. cryp = ctx->cryp;
  322. }
  323. spin_unlock_bh(&cryp_list.lock);
  324. return cryp;
  325. }
  326. static void stm32_cryp_hw_write_iv(struct stm32_cryp *cryp, __be32 *iv)
  327. {
  328. if (!iv)
  329. return;
  330. stm32_cryp_write(cryp, cryp->caps->iv0l, be32_to_cpu(*iv++));
  331. stm32_cryp_write(cryp, cryp->caps->iv0r, be32_to_cpu(*iv++));
  332. if (is_aes(cryp)) {
  333. stm32_cryp_write(cryp, cryp->caps->iv1l, be32_to_cpu(*iv++));
  334. stm32_cryp_write(cryp, cryp->caps->iv1r, be32_to_cpu(*iv++));
  335. }
  336. }
  337. static void stm32_cryp_get_iv(struct stm32_cryp *cryp)
  338. {
  339. struct skcipher_request *req = cryp->req;
  340. __be32 *tmp = (void *)req->iv;
  341. if (!tmp)
  342. return;
  343. if (cryp->caps->iv_protection)
  344. stm32_cryp_key_read_enable(cryp);
  345. *tmp++ = cpu_to_be32(stm32_cryp_read(cryp, cryp->caps->iv0l));
  346. *tmp++ = cpu_to_be32(stm32_cryp_read(cryp, cryp->caps->iv0r));
  347. if (is_aes(cryp)) {
  348. *tmp++ = cpu_to_be32(stm32_cryp_read(cryp, cryp->caps->iv1l));
  349. *tmp++ = cpu_to_be32(stm32_cryp_read(cryp, cryp->caps->iv1r));
  350. }
  351. if (cryp->caps->iv_protection)
  352. stm32_cryp_key_read_disable(cryp);
  353. }
  354. /**
  355. * ux500_swap_bits_in_byte() - mirror the bits in a byte
  356. * @b: the byte to be mirrored
  357. *
  358. * The bits are swapped the following way:
  359. * Byte b include bits 0-7, nibble 1 (n1) include bits 0-3 and
  360. * nibble 2 (n2) bits 4-7.
  361. *
  362. * Nibble 1 (n1):
  363. * (The "old" (moved) bit is replaced with a zero)
  364. * 1. Move bit 6 and 7, 4 positions to the left.
  365. * 2. Move bit 3 and 5, 2 positions to the left.
  366. * 3. Move bit 1-4, 1 position to the left.
  367. *
  368. * Nibble 2 (n2):
  369. * 1. Move bit 0 and 1, 4 positions to the right.
  370. * 2. Move bit 2 and 4, 2 positions to the right.
  371. * 3. Move bit 3-6, 1 position to the right.
  372. *
  373. * Combine the two nibbles to a complete and swapped byte.
  374. */
  375. static inline u8 ux500_swap_bits_in_byte(u8 b)
  376. {
  377. #define R_SHIFT_4_MASK 0xc0 /* Bits 6 and 7, right shift 4 */
  378. #define R_SHIFT_2_MASK 0x28 /* (After right shift 4) Bits 3 and 5,
  379. right shift 2 */
  380. #define R_SHIFT_1_MASK 0x1e /* (After right shift 2) Bits 1-4,
  381. right shift 1 */
  382. #define L_SHIFT_4_MASK 0x03 /* Bits 0 and 1, left shift 4 */
  383. #define L_SHIFT_2_MASK 0x14 /* (After left shift 4) Bits 2 and 4,
  384. left shift 2 */
  385. #define L_SHIFT_1_MASK 0x78 /* (After left shift 1) Bits 3-6,
  386. left shift 1 */
  387. u8 n1;
  388. u8 n2;
  389. /* Swap most significant nibble */
  390. /* Right shift 4, bits 6 and 7 */
  391. n1 = ((b & R_SHIFT_4_MASK) >> 4) | (b & ~(R_SHIFT_4_MASK >> 4));
  392. /* Right shift 2, bits 3 and 5 */
  393. n1 = ((n1 & R_SHIFT_2_MASK) >> 2) | (n1 & ~(R_SHIFT_2_MASK >> 2));
  394. /* Right shift 1, bits 1-4 */
  395. n1 = (n1 & R_SHIFT_1_MASK) >> 1;
  396. /* Swap least significant nibble */
  397. /* Left shift 4, bits 0 and 1 */
  398. n2 = ((b & L_SHIFT_4_MASK) << 4) | (b & ~(L_SHIFT_4_MASK << 4));
  399. /* Left shift 2, bits 2 and 4 */
  400. n2 = ((n2 & L_SHIFT_2_MASK) << 2) | (n2 & ~(L_SHIFT_2_MASK << 2));
  401. /* Left shift 1, bits 3-6 */
  402. n2 = (n2 & L_SHIFT_1_MASK) << 1;
  403. return n1 | n2;
  404. }
  405. /**
  406. * ux500_swizzle_key() - Shuffle around words and bits in the AES key
  407. * @in: key to swizzle
  408. * @out: swizzled key
  409. * @len: length of key, in bytes
  410. *
  411. * This "key swizzling procedure" is described in the examples in the
  412. * DB8500 design specification. There is no real description of why
  413. * the bits have been arranged like this in the hardware.
  414. */
  415. static inline void ux500_swizzle_key(const u8 *in, u8 *out, u32 len)
  416. {
  417. int i = 0;
  418. int bpw = sizeof(u32);
  419. int j;
  420. int index = 0;
  421. j = len - bpw;
  422. while (j >= 0) {
  423. for (i = 0; i < bpw; i++) {
  424. index = len - j - bpw + i;
  425. out[j + i] =
  426. ux500_swap_bits_in_byte(in[index]);
  427. }
  428. j -= bpw;
  429. }
  430. }
  431. static void stm32_cryp_hw_write_key(struct stm32_cryp *c)
  432. {
  433. unsigned int i;
  434. int r_id;
  435. if (is_des(c)) {
  436. stm32_cryp_write(c, c->caps->k1l, be32_to_cpu(c->ctx->key[0]));
  437. stm32_cryp_write(c, c->caps->k1r, be32_to_cpu(c->ctx->key[1]));
  438. return;
  439. }
  440. /*
  441. * On the Ux500 the AES key is considered as a single bit sequence
  442. * of 128, 192 or 256 bits length. It is written linearly into the
  443. * registers from K1L and down, and need to be processed to become
  444. * a proper big-endian bit sequence.
  445. */
  446. if (is_aes(c) && c->caps->linear_aes_key) {
  447. u32 tmpkey[8];
  448. ux500_swizzle_key((u8 *)c->ctx->key,
  449. (u8 *)tmpkey, c->ctx->keylen);
  450. r_id = c->caps->k1l;
  451. for (i = 0; i < c->ctx->keylen / sizeof(u32); i++, r_id += 4)
  452. stm32_cryp_write(c, r_id, tmpkey[i]);
  453. return;
  454. }
  455. r_id = c->caps->k3r;
  456. for (i = c->ctx->keylen / sizeof(u32); i > 0; i--, r_id -= 4)
  457. stm32_cryp_write(c, r_id, be32_to_cpu(c->ctx->key[i - 1]));
  458. }
  459. static u32 stm32_cryp_get_hw_mode(struct stm32_cryp *cryp)
  460. {
  461. if (is_aes(cryp) && is_ecb(cryp))
  462. return CR_AES_ECB;
  463. if (is_aes(cryp) && is_cbc(cryp))
  464. return CR_AES_CBC;
  465. if (is_aes(cryp) && is_ctr(cryp))
  466. return CR_AES_CTR;
  467. if (is_aes(cryp) && is_gcm(cryp))
  468. return CR_AES_GCM;
  469. if (is_aes(cryp) && is_ccm(cryp))
  470. return CR_AES_CCM;
  471. if (is_des(cryp) && is_ecb(cryp))
  472. return CR_DES_ECB;
  473. if (is_des(cryp) && is_cbc(cryp))
  474. return CR_DES_CBC;
  475. if (is_tdes(cryp) && is_ecb(cryp))
  476. return CR_TDES_ECB;
  477. if (is_tdes(cryp) && is_cbc(cryp))
  478. return CR_TDES_CBC;
  479. dev_err(cryp->dev, "Unknown mode\n");
  480. return CR_AES_UNKNOWN;
  481. }
  482. static unsigned int stm32_cryp_get_input_text_len(struct stm32_cryp *cryp)
  483. {
  484. return is_encrypt(cryp) ? cryp->areq->cryptlen :
  485. cryp->areq->cryptlen - cryp->authsize;
  486. }
  487. static int stm32_cryp_gcm_init(struct stm32_cryp *cryp, u32 cfg)
  488. {
  489. int ret;
  490. __be32 iv[4];
  491. /* Phase 1 : init */
  492. memcpy(iv, cryp->areq->iv, 12);
  493. iv[3] = cpu_to_be32(GCM_CTR_INIT);
  494. cryp->gcm_ctr = GCM_CTR_INIT;
  495. stm32_cryp_hw_write_iv(cryp, iv);
  496. stm32_cryp_write(cryp, cryp->caps->cr, cfg | CR_PH_INIT | CR_CRYPEN);
  497. /* Wait for end of processing */
  498. ret = stm32_cryp_wait_enable(cryp);
  499. if (ret) {
  500. dev_err(cryp->dev, "Timeout (gcm init)\n");
  501. return ret;
  502. }
  503. /* Prepare next phase */
  504. if (cryp->areq->assoclen) {
  505. cfg |= CR_PH_HEADER;
  506. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  507. } else if (stm32_cryp_get_input_text_len(cryp)) {
  508. cfg |= CR_PH_PAYLOAD;
  509. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  510. }
  511. return 0;
  512. }
  513. static void stm32_crypt_gcmccm_end_header(struct stm32_cryp *cryp)
  514. {
  515. u32 cfg;
  516. int err;
  517. /* Check if whole header written */
  518. if (!cryp->header_in) {
  519. /* Wait for completion */
  520. err = stm32_cryp_wait_busy(cryp);
  521. if (err) {
  522. dev_err(cryp->dev, "Timeout (gcm/ccm header)\n");
  523. stm32_cryp_write(cryp, cryp->caps->imsc, 0);
  524. stm32_cryp_finish_req(cryp, err);
  525. return;
  526. }
  527. if (stm32_cryp_get_input_text_len(cryp)) {
  528. /* Phase 3 : payload */
  529. cfg = stm32_cryp_read(cryp, cryp->caps->cr);
  530. cfg &= ~CR_CRYPEN;
  531. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  532. cfg &= ~CR_PH_MASK;
  533. cfg |= CR_PH_PAYLOAD | CR_CRYPEN;
  534. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  535. } else {
  536. /*
  537. * Phase 4 : tag.
  538. * Nothing to read, nothing to write, caller have to
  539. * end request
  540. */
  541. }
  542. }
  543. }
  544. static void stm32_cryp_write_ccm_first_header(struct stm32_cryp *cryp)
  545. {
  546. size_t written;
  547. size_t len;
  548. u32 alen = cryp->areq->assoclen;
  549. u32 block[AES_BLOCK_32] = {0};
  550. u8 *b8 = (u8 *)block;
  551. if (alen <= 65280) {
  552. /* Write first u32 of B1 */
  553. b8[0] = (alen >> 8) & 0xFF;
  554. b8[1] = alen & 0xFF;
  555. len = 2;
  556. } else {
  557. /* Build the two first u32 of B1 */
  558. b8[0] = 0xFF;
  559. b8[1] = 0xFE;
  560. b8[2] = (alen & 0xFF000000) >> 24;
  561. b8[3] = (alen & 0x00FF0000) >> 16;
  562. b8[4] = (alen & 0x0000FF00) >> 8;
  563. b8[5] = alen & 0x000000FF;
  564. len = 6;
  565. }
  566. written = min_t(size_t, AES_BLOCK_SIZE - len, alen);
  567. memcpy_from_scatterwalk((char *)block + len, &cryp->in_walk, written);
  568. writesl(cryp->regs + cryp->caps->din, block, AES_BLOCK_32);
  569. cryp->header_in -= written;
  570. stm32_crypt_gcmccm_end_header(cryp);
  571. }
  572. static int stm32_cryp_ccm_init(struct stm32_cryp *cryp, u32 cfg)
  573. {
  574. int ret;
  575. u32 iv_32[AES_BLOCK_32], b0_32[AES_BLOCK_32];
  576. u8 *iv = (u8 *)iv_32, *b0 = (u8 *)b0_32;
  577. __be32 *bd;
  578. u32 *d;
  579. unsigned int i, textlen;
  580. /* Phase 1 : init. Firstly set the CTR value to 1 (not 0) */
  581. memcpy(iv, cryp->areq->iv, AES_BLOCK_SIZE);
  582. memset(iv + AES_BLOCK_SIZE - 1 - iv[0], 0, iv[0] + 1);
  583. iv[AES_BLOCK_SIZE - 1] = 1;
  584. stm32_cryp_hw_write_iv(cryp, (__be32 *)iv);
  585. /* Build B0 */
  586. memcpy(b0, iv, AES_BLOCK_SIZE);
  587. b0[0] |= (8 * ((cryp->authsize - 2) / 2));
  588. if (cryp->areq->assoclen)
  589. b0[0] |= 0x40;
  590. textlen = stm32_cryp_get_input_text_len(cryp);
  591. b0[AES_BLOCK_SIZE - 2] = textlen >> 8;
  592. b0[AES_BLOCK_SIZE - 1] = textlen & 0xFF;
  593. /* Enable HW */
  594. stm32_cryp_write(cryp, cryp->caps->cr, cfg | CR_PH_INIT | CR_CRYPEN);
  595. /* Write B0 */
  596. d = (u32 *)b0;
  597. bd = (__be32 *)b0;
  598. for (i = 0; i < AES_BLOCK_32; i++) {
  599. u32 xd = d[i];
  600. if (!cryp->caps->padding_wa)
  601. xd = be32_to_cpu(bd[i]);
  602. stm32_cryp_write(cryp, cryp->caps->din, xd);
  603. }
  604. /* Wait for end of processing */
  605. ret = stm32_cryp_wait_enable(cryp);
  606. if (ret) {
  607. dev_err(cryp->dev, "Timeout (ccm init)\n");
  608. return ret;
  609. }
  610. /* Prepare next phase */
  611. if (cryp->areq->assoclen) {
  612. cfg |= CR_PH_HEADER | CR_CRYPEN;
  613. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  614. /* Write first (special) block (may move to next phase [payload]) */
  615. stm32_cryp_write_ccm_first_header(cryp);
  616. } else if (stm32_cryp_get_input_text_len(cryp)) {
  617. cfg |= CR_PH_PAYLOAD;
  618. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  619. }
  620. return 0;
  621. }
  622. static int stm32_cryp_hw_init(struct stm32_cryp *cryp)
  623. {
  624. int ret;
  625. u32 cfg, hw_mode;
  626. pm_runtime_get_sync(cryp->dev);
  627. /* Disable interrupt */
  628. stm32_cryp_write(cryp, cryp->caps->imsc, 0);
  629. /* Set configuration */
  630. cfg = CR_DATA8 | CR_FFLUSH;
  631. switch (cryp->ctx->keylen) {
  632. case AES_KEYSIZE_128:
  633. cfg |= CR_KEY128;
  634. break;
  635. case AES_KEYSIZE_192:
  636. cfg |= CR_KEY192;
  637. break;
  638. default:
  639. case AES_KEYSIZE_256:
  640. cfg |= CR_KEY256;
  641. break;
  642. }
  643. hw_mode = stm32_cryp_get_hw_mode(cryp);
  644. if (hw_mode == CR_AES_UNKNOWN)
  645. return -EINVAL;
  646. /* AES ECB/CBC decrypt: run key preparation first */
  647. if (is_decrypt(cryp) &&
  648. ((hw_mode == CR_AES_ECB) || (hw_mode == CR_AES_CBC))) {
  649. /* Configure in key preparation mode */
  650. if (cryp->caps->kp_mode)
  651. stm32_cryp_write(cryp, cryp->caps->cr,
  652. cfg | CR_AES_KP);
  653. else
  654. stm32_cryp_write(cryp,
  655. cryp->caps->cr, cfg | CR_AES_ECB | CR_KSE);
  656. /* Set key only after full configuration done */
  657. stm32_cryp_hw_write_key(cryp);
  658. /* Start prepare key */
  659. stm32_cryp_enable(cryp);
  660. /* Wait for end of processing */
  661. ret = stm32_cryp_wait_busy(cryp);
  662. if (ret) {
  663. dev_err(cryp->dev, "Timeout (key preparation)\n");
  664. return ret;
  665. }
  666. cfg |= hw_mode | CR_DEC_NOT_ENC;
  667. /* Apply updated config (Decrypt + algo) and flush */
  668. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  669. } else {
  670. cfg |= hw_mode;
  671. if (is_decrypt(cryp))
  672. cfg |= CR_DEC_NOT_ENC;
  673. /* Apply config and flush */
  674. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  675. /* Set key only after configuration done */
  676. stm32_cryp_hw_write_key(cryp);
  677. }
  678. switch (hw_mode) {
  679. case CR_AES_GCM:
  680. case CR_AES_CCM:
  681. /* Phase 1 : init */
  682. if (hw_mode == CR_AES_CCM)
  683. ret = stm32_cryp_ccm_init(cryp, cfg);
  684. else
  685. ret = stm32_cryp_gcm_init(cryp, cfg);
  686. if (ret)
  687. return ret;
  688. break;
  689. case CR_DES_CBC:
  690. case CR_TDES_CBC:
  691. case CR_AES_CBC:
  692. case CR_AES_CTR:
  693. stm32_cryp_hw_write_iv(cryp, (__be32 *)cryp->req->iv);
  694. break;
  695. default:
  696. break;
  697. }
  698. /* Enable now */
  699. stm32_cryp_enable(cryp);
  700. return 0;
  701. }
  702. static void stm32_cryp_finish_req(struct stm32_cryp *cryp, int err)
  703. {
  704. if (!err && (is_gcm(cryp) || is_ccm(cryp)))
  705. /* Phase 4 : output tag */
  706. err = stm32_cryp_read_auth_tag(cryp);
  707. if (!err && (!(is_gcm(cryp) || is_ccm(cryp) || is_ecb(cryp))))
  708. stm32_cryp_get_iv(cryp);
  709. pm_runtime_put_autosuspend(cryp->dev);
  710. if (is_gcm(cryp) || is_ccm(cryp))
  711. crypto_finalize_aead_request(cryp->engine, cryp->areq, err);
  712. else
  713. crypto_finalize_skcipher_request(cryp->engine, cryp->req, err);
  714. }
  715. static void stm32_cryp_header_dma_callback(void *param)
  716. {
  717. struct stm32_cryp *cryp = (struct stm32_cryp *)param;
  718. int ret;
  719. u32 reg;
  720. dma_unmap_sg(cryp->dev, cryp->header_sg, cryp->header_sg_len, DMA_TO_DEVICE);
  721. reg = stm32_cryp_read(cryp, cryp->caps->dmacr);
  722. stm32_cryp_write(cryp, cryp->caps->dmacr, reg & ~(DMACR_DOEN | DMACR_DIEN));
  723. kfree(cryp->header_sg);
  724. reg = stm32_cryp_read(cryp, cryp->caps->cr);
  725. if (cryp->header_in) {
  726. stm32_cryp_write(cryp, cryp->caps->cr, reg | CR_CRYPEN);
  727. ret = stm32_cryp_wait_input(cryp);
  728. if (ret) {
  729. dev_err(cryp->dev, "input header ready timeout after dma\n");
  730. stm32_cryp_finish_req(cryp, ret);
  731. return;
  732. }
  733. stm32_cryp_irq_write_gcmccm_header(cryp);
  734. WARN_ON(cryp->header_in);
  735. }
  736. if (stm32_cryp_get_input_text_len(cryp)) {
  737. /* Phase 3 : payload */
  738. reg = stm32_cryp_read(cryp, cryp->caps->cr);
  739. stm32_cryp_write(cryp, cryp->caps->cr, reg & ~CR_CRYPEN);
  740. reg &= ~CR_PH_MASK;
  741. reg |= CR_PH_PAYLOAD | CR_CRYPEN;
  742. stm32_cryp_write(cryp, cryp->caps->cr, reg);
  743. if (cryp->flags & FLG_IN_OUT_DMA) {
  744. ret = stm32_cryp_dma_start(cryp);
  745. if (ret)
  746. stm32_cryp_finish_req(cryp, ret);
  747. } else {
  748. stm32_cryp_it_start(cryp);
  749. }
  750. } else {
  751. /*
  752. * Phase 4 : tag.
  753. * Nothing to read, nothing to write => end request
  754. */
  755. stm32_cryp_finish_req(cryp, 0);
  756. }
  757. }
  758. static void stm32_cryp_dma_callback(void *param)
  759. {
  760. struct stm32_cryp *cryp = (struct stm32_cryp *)param;
  761. int ret;
  762. u32 reg;
  763. complete(&cryp->dma_completion); /* completion to indicate no timeout */
  764. dma_sync_sg_for_device(cryp->dev, cryp->out_sg, cryp->out_sg_len, DMA_FROM_DEVICE);
  765. if (cryp->in_sg != cryp->out_sg)
  766. dma_unmap_sg(cryp->dev, cryp->in_sg, cryp->in_sg_len, DMA_TO_DEVICE);
  767. dma_unmap_sg(cryp->dev, cryp->out_sg, cryp->out_sg_len, DMA_FROM_DEVICE);
  768. reg = stm32_cryp_read(cryp, cryp->caps->dmacr);
  769. stm32_cryp_write(cryp, cryp->caps->dmacr, reg & ~(DMACR_DOEN | DMACR_DIEN));
  770. reg = stm32_cryp_read(cryp, cryp->caps->cr);
  771. if (is_gcm(cryp) || is_ccm(cryp)) {
  772. kfree(cryp->in_sg);
  773. kfree(cryp->out_sg);
  774. } else {
  775. if (cryp->in_sg != cryp->req->src)
  776. kfree(cryp->in_sg);
  777. if (cryp->out_sg != cryp->req->dst)
  778. kfree(cryp->out_sg);
  779. }
  780. if (cryp->payload_in) {
  781. stm32_cryp_write(cryp, cryp->caps->cr, reg | CR_CRYPEN);
  782. ret = stm32_cryp_wait_input(cryp);
  783. if (ret) {
  784. dev_err(cryp->dev, "input ready timeout after dma\n");
  785. stm32_cryp_finish_req(cryp, ret);
  786. return;
  787. }
  788. stm32_cryp_irq_write_data(cryp);
  789. ret = stm32_cryp_wait_output(cryp);
  790. if (ret) {
  791. dev_err(cryp->dev, "output ready timeout after dma\n");
  792. stm32_cryp_finish_req(cryp, ret);
  793. return;
  794. }
  795. stm32_cryp_irq_read_data(cryp);
  796. }
  797. stm32_cryp_finish_req(cryp, 0);
  798. }
  799. static int stm32_cryp_header_dma_start(struct stm32_cryp *cryp)
  800. {
  801. int ret;
  802. struct dma_async_tx_descriptor *tx_in;
  803. u32 reg;
  804. size_t align_size;
  805. ret = dma_map_sg(cryp->dev, cryp->header_sg, cryp->header_sg_len, DMA_TO_DEVICE);
  806. if (!ret) {
  807. dev_err(cryp->dev, "dma_map_sg() error\n");
  808. return -ENOMEM;
  809. }
  810. dma_sync_sg_for_device(cryp->dev, cryp->header_sg, cryp->header_sg_len, DMA_TO_DEVICE);
  811. tx_in = dmaengine_prep_slave_sg(cryp->dma_lch_in, cryp->header_sg, cryp->header_sg_len,
  812. DMA_MEM_TO_DEV, DMA_PREP_INTERRUPT | DMA_CTRL_ACK);
  813. if (!tx_in) {
  814. dev_err(cryp->dev, "IN prep_slave_sg() failed\n");
  815. return -EINVAL;
  816. }
  817. tx_in->callback_param = cryp;
  818. tx_in->callback = stm32_cryp_header_dma_callback;
  819. /* Advance scatterwalk to not DMA'ed data */
  820. align_size = ALIGN_DOWN(cryp->header_in, cryp->hw_blocksize);
  821. scatterwalk_skip(&cryp->in_walk, align_size);
  822. cryp->header_in -= align_size;
  823. ret = dma_submit_error(dmaengine_submit(tx_in));
  824. if (ret < 0) {
  825. dev_err(cryp->dev, "DMA in submit failed\n");
  826. return ret;
  827. }
  828. dma_async_issue_pending(cryp->dma_lch_in);
  829. reg = stm32_cryp_read(cryp, cryp->caps->dmacr);
  830. stm32_cryp_write(cryp, cryp->caps->dmacr, reg | DMACR_DIEN);
  831. return 0;
  832. }
  833. static int stm32_cryp_dma_start(struct stm32_cryp *cryp)
  834. {
  835. int ret;
  836. size_t align_size;
  837. struct dma_async_tx_descriptor *tx_in, *tx_out;
  838. u32 reg;
  839. if (cryp->in_sg != cryp->out_sg) {
  840. ret = dma_map_sg(cryp->dev, cryp->in_sg, cryp->in_sg_len, DMA_TO_DEVICE);
  841. if (!ret) {
  842. dev_err(cryp->dev, "dma_map_sg() error\n");
  843. return -ENOMEM;
  844. }
  845. }
  846. ret = dma_map_sg(cryp->dev, cryp->out_sg, cryp->out_sg_len, DMA_FROM_DEVICE);
  847. if (!ret) {
  848. dev_err(cryp->dev, "dma_map_sg() error\n");
  849. return -ENOMEM;
  850. }
  851. dma_sync_sg_for_device(cryp->dev, cryp->in_sg, cryp->in_sg_len, DMA_TO_DEVICE);
  852. tx_in = dmaengine_prep_slave_sg(cryp->dma_lch_in, cryp->in_sg, cryp->in_sg_len,
  853. DMA_MEM_TO_DEV, DMA_PREP_INTERRUPT | DMA_CTRL_ACK);
  854. if (!tx_in) {
  855. dev_err(cryp->dev, "IN prep_slave_sg() failed\n");
  856. return -EINVAL;
  857. }
  858. /* No callback necessary */
  859. tx_in->callback_param = cryp;
  860. tx_in->callback = NULL;
  861. tx_out = dmaengine_prep_slave_sg(cryp->dma_lch_out, cryp->out_sg, cryp->out_sg_len,
  862. DMA_DEV_TO_MEM, DMA_PREP_INTERRUPT | DMA_CTRL_ACK);
  863. if (!tx_out) {
  864. dev_err(cryp->dev, "OUT prep_slave_sg() failed\n");
  865. return -EINVAL;
  866. }
  867. reinit_completion(&cryp->dma_completion);
  868. tx_out->callback = stm32_cryp_dma_callback;
  869. tx_out->callback_param = cryp;
  870. /* Advance scatterwalk to not DMA'ed data */
  871. align_size = ALIGN_DOWN(cryp->payload_in, cryp->hw_blocksize);
  872. scatterwalk_skip(&cryp->in_walk, align_size);
  873. cryp->payload_in -= align_size;
  874. ret = dma_submit_error(dmaengine_submit(tx_in));
  875. if (ret < 0) {
  876. dev_err(cryp->dev, "DMA in submit failed\n");
  877. return ret;
  878. }
  879. dma_async_issue_pending(cryp->dma_lch_in);
  880. /* Advance scatterwalk to not DMA'ed data */
  881. scatterwalk_skip(&cryp->out_walk, align_size);
  882. cryp->payload_out -= align_size;
  883. ret = dma_submit_error(dmaengine_submit(tx_out));
  884. if (ret < 0) {
  885. dev_err(cryp->dev, "DMA out submit failed\n");
  886. return ret;
  887. }
  888. dma_async_issue_pending(cryp->dma_lch_out);
  889. reg = stm32_cryp_read(cryp, cryp->caps->dmacr);
  890. stm32_cryp_write(cryp, cryp->caps->dmacr, reg | DMACR_DOEN | DMACR_DIEN);
  891. if (!wait_for_completion_timeout(&cryp->dma_completion, msecs_to_jiffies(1000))) {
  892. dev_err(cryp->dev, "DMA out timed out\n");
  893. dmaengine_terminate_sync(cryp->dma_lch_out);
  894. return -ETIMEDOUT;
  895. }
  896. return 0;
  897. }
  898. static int stm32_cryp_it_start(struct stm32_cryp *cryp)
  899. {
  900. /* Enable interrupt and let the IRQ handler do everything */
  901. stm32_cryp_write(cryp, cryp->caps->imsc, IMSCR_IN | IMSCR_OUT);
  902. return 0;
  903. }
  904. static int stm32_cryp_cipher_one_req(struct crypto_engine *engine, void *areq);
  905. static int stm32_cryp_init_tfm(struct crypto_skcipher *tfm)
  906. {
  907. crypto_skcipher_set_reqsize(tfm, sizeof(struct stm32_cryp_reqctx));
  908. return 0;
  909. }
  910. static int stm32_cryp_aead_one_req(struct crypto_engine *engine, void *areq);
  911. static int stm32_cryp_aes_aead_init(struct crypto_aead *tfm)
  912. {
  913. crypto_aead_set_reqsize(tfm, sizeof(struct stm32_cryp_reqctx));
  914. return 0;
  915. }
  916. static int stm32_cryp_crypt(struct skcipher_request *req, unsigned long mode)
  917. {
  918. struct stm32_cryp_ctx *ctx = crypto_skcipher_ctx(
  919. crypto_skcipher_reqtfm(req));
  920. struct stm32_cryp_reqctx *rctx = skcipher_request_ctx(req);
  921. struct stm32_cryp *cryp = stm32_cryp_find_dev(ctx);
  922. if (!cryp)
  923. return -ENODEV;
  924. rctx->mode = mode;
  925. return crypto_transfer_skcipher_request_to_engine(cryp->engine, req);
  926. }
  927. static int stm32_cryp_aead_crypt(struct aead_request *req, unsigned long mode)
  928. {
  929. struct stm32_cryp_ctx *ctx = crypto_aead_ctx(crypto_aead_reqtfm(req));
  930. struct stm32_cryp_reqctx *rctx = aead_request_ctx(req);
  931. struct stm32_cryp *cryp = stm32_cryp_find_dev(ctx);
  932. if (!cryp)
  933. return -ENODEV;
  934. rctx->mode = mode;
  935. return crypto_transfer_aead_request_to_engine(cryp->engine, req);
  936. }
  937. static int stm32_cryp_setkey(struct crypto_skcipher *tfm, const u8 *key,
  938. unsigned int keylen)
  939. {
  940. struct stm32_cryp_ctx *ctx = crypto_skcipher_ctx(tfm);
  941. memcpy(ctx->key, key, keylen);
  942. ctx->keylen = keylen;
  943. return 0;
  944. }
  945. static int stm32_cryp_aes_setkey(struct crypto_skcipher *tfm, const u8 *key,
  946. unsigned int keylen)
  947. {
  948. if (keylen != AES_KEYSIZE_128 && keylen != AES_KEYSIZE_192 &&
  949. keylen != AES_KEYSIZE_256)
  950. return -EINVAL;
  951. else
  952. return stm32_cryp_setkey(tfm, key, keylen);
  953. }
  954. static int stm32_cryp_des_setkey(struct crypto_skcipher *tfm, const u8 *key,
  955. unsigned int keylen)
  956. {
  957. return verify_skcipher_des_key(tfm, key) ?:
  958. stm32_cryp_setkey(tfm, key, keylen);
  959. }
  960. static int stm32_cryp_tdes_setkey(struct crypto_skcipher *tfm, const u8 *key,
  961. unsigned int keylen)
  962. {
  963. return verify_skcipher_des3_key(tfm, key) ?:
  964. stm32_cryp_setkey(tfm, key, keylen);
  965. }
  966. static int stm32_cryp_aes_aead_setkey(struct crypto_aead *tfm, const u8 *key,
  967. unsigned int keylen)
  968. {
  969. struct stm32_cryp_ctx *ctx = crypto_aead_ctx(tfm);
  970. if (keylen != AES_KEYSIZE_128 && keylen != AES_KEYSIZE_192 &&
  971. keylen != AES_KEYSIZE_256)
  972. return -EINVAL;
  973. memcpy(ctx->key, key, keylen);
  974. ctx->keylen = keylen;
  975. return 0;
  976. }
  977. static int stm32_cryp_aes_gcm_setauthsize(struct crypto_aead *tfm,
  978. unsigned int authsize)
  979. {
  980. switch (authsize) {
  981. case 4:
  982. case 8:
  983. case 12:
  984. case 13:
  985. case 14:
  986. case 15:
  987. case 16:
  988. break;
  989. default:
  990. return -EINVAL;
  991. }
  992. return 0;
  993. }
  994. static int stm32_cryp_aes_ccm_setauthsize(struct crypto_aead *tfm,
  995. unsigned int authsize)
  996. {
  997. switch (authsize) {
  998. case 4:
  999. case 6:
  1000. case 8:
  1001. case 10:
  1002. case 12:
  1003. case 14:
  1004. case 16:
  1005. break;
  1006. default:
  1007. return -EINVAL;
  1008. }
  1009. return 0;
  1010. }
  1011. static int stm32_cryp_aes_ecb_encrypt(struct skcipher_request *req)
  1012. {
  1013. if (req->cryptlen % AES_BLOCK_SIZE)
  1014. return -EINVAL;
  1015. if (req->cryptlen == 0)
  1016. return 0;
  1017. return stm32_cryp_crypt(req, FLG_AES | FLG_ECB | FLG_ENCRYPT);
  1018. }
  1019. static int stm32_cryp_aes_ecb_decrypt(struct skcipher_request *req)
  1020. {
  1021. if (req->cryptlen % AES_BLOCK_SIZE)
  1022. return -EINVAL;
  1023. if (req->cryptlen == 0)
  1024. return 0;
  1025. return stm32_cryp_crypt(req, FLG_AES | FLG_ECB);
  1026. }
  1027. static int stm32_cryp_aes_cbc_encrypt(struct skcipher_request *req)
  1028. {
  1029. if (req->cryptlen % AES_BLOCK_SIZE)
  1030. return -EINVAL;
  1031. if (req->cryptlen == 0)
  1032. return 0;
  1033. return stm32_cryp_crypt(req, FLG_AES | FLG_CBC | FLG_ENCRYPT);
  1034. }
  1035. static int stm32_cryp_aes_cbc_decrypt(struct skcipher_request *req)
  1036. {
  1037. if (req->cryptlen % AES_BLOCK_SIZE)
  1038. return -EINVAL;
  1039. if (req->cryptlen == 0)
  1040. return 0;
  1041. return stm32_cryp_crypt(req, FLG_AES | FLG_CBC);
  1042. }
  1043. static int stm32_cryp_aes_ctr_encrypt(struct skcipher_request *req)
  1044. {
  1045. if (req->cryptlen == 0)
  1046. return 0;
  1047. return stm32_cryp_crypt(req, FLG_AES | FLG_CTR | FLG_ENCRYPT);
  1048. }
  1049. static int stm32_cryp_aes_ctr_decrypt(struct skcipher_request *req)
  1050. {
  1051. if (req->cryptlen == 0)
  1052. return 0;
  1053. return stm32_cryp_crypt(req, FLG_AES | FLG_CTR);
  1054. }
  1055. static int stm32_cryp_aes_gcm_encrypt(struct aead_request *req)
  1056. {
  1057. return stm32_cryp_aead_crypt(req, FLG_AES | FLG_GCM | FLG_ENCRYPT);
  1058. }
  1059. static int stm32_cryp_aes_gcm_decrypt(struct aead_request *req)
  1060. {
  1061. return stm32_cryp_aead_crypt(req, FLG_AES | FLG_GCM);
  1062. }
  1063. static inline int crypto_ccm_check_iv(const u8 *iv)
  1064. {
  1065. /* 2 <= L <= 8, so 1 <= L' <= 7. */
  1066. if (iv[0] < 1 || iv[0] > 7)
  1067. return -EINVAL;
  1068. return 0;
  1069. }
  1070. static int stm32_cryp_aes_ccm_encrypt(struct aead_request *req)
  1071. {
  1072. int err;
  1073. err = crypto_ccm_check_iv(req->iv);
  1074. if (err)
  1075. return err;
  1076. return stm32_cryp_aead_crypt(req, FLG_AES | FLG_CCM | FLG_ENCRYPT);
  1077. }
  1078. static int stm32_cryp_aes_ccm_decrypt(struct aead_request *req)
  1079. {
  1080. int err;
  1081. err = crypto_ccm_check_iv(req->iv);
  1082. if (err)
  1083. return err;
  1084. return stm32_cryp_aead_crypt(req, FLG_AES | FLG_CCM);
  1085. }
  1086. static int stm32_cryp_des_ecb_encrypt(struct skcipher_request *req)
  1087. {
  1088. if (req->cryptlen % DES_BLOCK_SIZE)
  1089. return -EINVAL;
  1090. if (req->cryptlen == 0)
  1091. return 0;
  1092. return stm32_cryp_crypt(req, FLG_DES | FLG_ECB | FLG_ENCRYPT);
  1093. }
  1094. static int stm32_cryp_des_ecb_decrypt(struct skcipher_request *req)
  1095. {
  1096. if (req->cryptlen % DES_BLOCK_SIZE)
  1097. return -EINVAL;
  1098. if (req->cryptlen == 0)
  1099. return 0;
  1100. return stm32_cryp_crypt(req, FLG_DES | FLG_ECB);
  1101. }
  1102. static int stm32_cryp_des_cbc_encrypt(struct skcipher_request *req)
  1103. {
  1104. if (req->cryptlen % DES_BLOCK_SIZE)
  1105. return -EINVAL;
  1106. if (req->cryptlen == 0)
  1107. return 0;
  1108. return stm32_cryp_crypt(req, FLG_DES | FLG_CBC | FLG_ENCRYPT);
  1109. }
  1110. static int stm32_cryp_des_cbc_decrypt(struct skcipher_request *req)
  1111. {
  1112. if (req->cryptlen % DES_BLOCK_SIZE)
  1113. return -EINVAL;
  1114. if (req->cryptlen == 0)
  1115. return 0;
  1116. return stm32_cryp_crypt(req, FLG_DES | FLG_CBC);
  1117. }
  1118. static int stm32_cryp_tdes_ecb_encrypt(struct skcipher_request *req)
  1119. {
  1120. if (req->cryptlen % DES_BLOCK_SIZE)
  1121. return -EINVAL;
  1122. if (req->cryptlen == 0)
  1123. return 0;
  1124. return stm32_cryp_crypt(req, FLG_TDES | FLG_ECB | FLG_ENCRYPT);
  1125. }
  1126. static int stm32_cryp_tdes_ecb_decrypt(struct skcipher_request *req)
  1127. {
  1128. if (req->cryptlen % DES_BLOCK_SIZE)
  1129. return -EINVAL;
  1130. if (req->cryptlen == 0)
  1131. return 0;
  1132. return stm32_cryp_crypt(req, FLG_TDES | FLG_ECB);
  1133. }
  1134. static int stm32_cryp_tdes_cbc_encrypt(struct skcipher_request *req)
  1135. {
  1136. if (req->cryptlen % DES_BLOCK_SIZE)
  1137. return -EINVAL;
  1138. if (req->cryptlen == 0)
  1139. return 0;
  1140. return stm32_cryp_crypt(req, FLG_TDES | FLG_CBC | FLG_ENCRYPT);
  1141. }
  1142. static int stm32_cryp_tdes_cbc_decrypt(struct skcipher_request *req)
  1143. {
  1144. if (req->cryptlen % DES_BLOCK_SIZE)
  1145. return -EINVAL;
  1146. if (req->cryptlen == 0)
  1147. return 0;
  1148. return stm32_cryp_crypt(req, FLG_TDES | FLG_CBC);
  1149. }
  1150. static enum stm32_dma_mode stm32_cryp_dma_check_sg(struct scatterlist *test_sg, size_t len,
  1151. size_t block_size)
  1152. {
  1153. struct scatterlist *sg;
  1154. int i;
  1155. if (len <= 16)
  1156. return NO_DMA; /* Faster */
  1157. for_each_sg(test_sg, sg, sg_nents(test_sg), i) {
  1158. if (!IS_ALIGNED(sg->length, block_size) && !sg_is_last(sg))
  1159. return NO_DMA;
  1160. if (sg->offset % sizeof(u32))
  1161. return NO_DMA;
  1162. if (sg_is_last(sg) && !IS_ALIGNED(sg->length, AES_BLOCK_SIZE))
  1163. return DMA_NEED_SG_TRUNC;
  1164. }
  1165. return DMA_PLAIN_SG;
  1166. }
  1167. static enum stm32_dma_mode stm32_cryp_dma_check(struct stm32_cryp *cryp, struct scatterlist *in_sg,
  1168. struct scatterlist *out_sg)
  1169. {
  1170. enum stm32_dma_mode ret = DMA_PLAIN_SG;
  1171. if (!is_aes(cryp))
  1172. return NO_DMA;
  1173. if (!cryp->dma_lch_in || !cryp->dma_lch_out)
  1174. return NO_DMA;
  1175. ret = stm32_cryp_dma_check_sg(in_sg, cryp->payload_in, AES_BLOCK_SIZE);
  1176. if (ret == NO_DMA)
  1177. return ret;
  1178. ret = stm32_cryp_dma_check_sg(out_sg, cryp->payload_out, AES_BLOCK_SIZE);
  1179. if (ret == NO_DMA)
  1180. return ret;
  1181. /* Check CTR counter overflow */
  1182. if (is_aes(cryp) && is_ctr(cryp)) {
  1183. u32 c;
  1184. __be32 iv3;
  1185. memcpy(&iv3, &cryp->req->iv[3 * sizeof(u32)], sizeof(iv3));
  1186. c = be32_to_cpu(iv3);
  1187. if ((c + cryp->payload_in) < cryp->payload_in)
  1188. return NO_DMA;
  1189. }
  1190. /* Workaround */
  1191. if (is_aes(cryp) && is_ctr(cryp) && ret == DMA_NEED_SG_TRUNC)
  1192. return NO_DMA;
  1193. return ret;
  1194. }
  1195. static int stm32_cryp_truncate_sg(struct scatterlist **new_sg, size_t *new_sg_len,
  1196. struct scatterlist *sg, off_t skip, size_t size)
  1197. {
  1198. struct scatterlist *cur;
  1199. int alloc_sg_len;
  1200. *new_sg_len = 0;
  1201. if (!sg || !size) {
  1202. *new_sg = NULL;
  1203. return 0;
  1204. }
  1205. alloc_sg_len = sg_nents_for_len(sg, skip + size);
  1206. if (alloc_sg_len < 0)
  1207. return alloc_sg_len;
  1208. /* We allocate to much sg entry, but it is easier */
  1209. *new_sg = kmalloc_objs(struct scatterlist, (size_t)alloc_sg_len);
  1210. if (!*new_sg)
  1211. return -ENOMEM;
  1212. sg_init_table(*new_sg, (unsigned int)alloc_sg_len);
  1213. cur = *new_sg;
  1214. while (sg && size) {
  1215. unsigned int len = sg->length;
  1216. unsigned int offset = sg->offset;
  1217. if (skip > len) {
  1218. skip -= len;
  1219. sg = sg_next(sg);
  1220. continue;
  1221. }
  1222. if (skip) {
  1223. len -= skip;
  1224. offset += skip;
  1225. skip = 0;
  1226. }
  1227. if (size < len)
  1228. len = size;
  1229. if (len > 0) {
  1230. (*new_sg_len)++;
  1231. size -= len;
  1232. sg_set_page(cur, sg_page(sg), len, offset);
  1233. if (size == 0)
  1234. sg_mark_end(cur);
  1235. cur = sg_next(cur);
  1236. }
  1237. sg = sg_next(sg);
  1238. }
  1239. return 0;
  1240. }
  1241. static int stm32_cryp_cipher_prepare(struct stm32_cryp *cryp, struct scatterlist *in_sg,
  1242. struct scatterlist *out_sg)
  1243. {
  1244. size_t align_size;
  1245. int ret;
  1246. cryp->dma_mode = stm32_cryp_dma_check(cryp, in_sg, out_sg);
  1247. scatterwalk_start(&cryp->in_walk, in_sg);
  1248. scatterwalk_start(&cryp->out_walk, out_sg);
  1249. if (cryp->dma_mode == NO_DMA) {
  1250. cryp->flags &= ~FLG_IN_OUT_DMA;
  1251. if (is_ctr(cryp))
  1252. memset(cryp->last_ctr, 0, sizeof(cryp->last_ctr));
  1253. } else if (cryp->dma_mode == DMA_NEED_SG_TRUNC) {
  1254. cryp->flags |= FLG_IN_OUT_DMA;
  1255. align_size = ALIGN_DOWN(cryp->payload_in, cryp->hw_blocksize);
  1256. ret = stm32_cryp_truncate_sg(&cryp->in_sg, &cryp->in_sg_len, in_sg, 0, align_size);
  1257. if (ret)
  1258. return ret;
  1259. ret = stm32_cryp_truncate_sg(&cryp->out_sg, &cryp->out_sg_len, out_sg, 0,
  1260. align_size);
  1261. if (ret) {
  1262. kfree(cryp->in_sg);
  1263. return ret;
  1264. }
  1265. } else {
  1266. cryp->flags |= FLG_IN_OUT_DMA;
  1267. cryp->in_sg = in_sg;
  1268. cryp->out_sg = out_sg;
  1269. ret = sg_nents_for_len(cryp->in_sg, cryp->payload_in);
  1270. if (ret < 0)
  1271. return ret;
  1272. cryp->in_sg_len = (size_t)ret;
  1273. ret = sg_nents_for_len(out_sg, cryp->payload_out);
  1274. if (ret < 0)
  1275. return ret;
  1276. cryp->out_sg_len = (size_t)ret;
  1277. }
  1278. return 0;
  1279. }
  1280. static int stm32_cryp_aead_prepare(struct stm32_cryp *cryp, struct scatterlist *in_sg,
  1281. struct scatterlist *out_sg)
  1282. {
  1283. size_t align_size;
  1284. off_t skip;
  1285. int ret, ret2;
  1286. cryp->header_sg = NULL;
  1287. cryp->in_sg = NULL;
  1288. cryp->out_sg = NULL;
  1289. if (!cryp->dma_lch_in || !cryp->dma_lch_out) {
  1290. cryp->dma_mode = NO_DMA;
  1291. cryp->flags &= ~(FLG_IN_OUT_DMA | FLG_HEADER_DMA);
  1292. return 0;
  1293. }
  1294. /* CCM hw_init may have advanced in header */
  1295. skip = cryp->areq->assoclen - cryp->header_in;
  1296. align_size = ALIGN_DOWN(cryp->header_in, cryp->hw_blocksize);
  1297. ret = stm32_cryp_truncate_sg(&cryp->header_sg, &cryp->header_sg_len, in_sg, skip,
  1298. align_size);
  1299. if (ret)
  1300. return ret;
  1301. ret = stm32_cryp_dma_check_sg(cryp->header_sg, align_size, AES_BLOCK_SIZE);
  1302. if (ret == NO_DMA) {
  1303. /* We cannot DMA the header */
  1304. kfree(cryp->header_sg);
  1305. cryp->header_sg = NULL;
  1306. cryp->flags &= ~FLG_HEADER_DMA;
  1307. } else {
  1308. cryp->flags |= FLG_HEADER_DMA;
  1309. }
  1310. /* Now skip all header to be at payload start */
  1311. skip = cryp->areq->assoclen;
  1312. align_size = ALIGN_DOWN(cryp->payload_in, cryp->hw_blocksize);
  1313. ret = stm32_cryp_truncate_sg(&cryp->in_sg, &cryp->in_sg_len, in_sg, skip, align_size);
  1314. if (ret) {
  1315. kfree(cryp->header_sg);
  1316. return ret;
  1317. }
  1318. /* For out buffer align_size is same as in buffer */
  1319. ret = stm32_cryp_truncate_sg(&cryp->out_sg, &cryp->out_sg_len, out_sg, skip, align_size);
  1320. if (ret) {
  1321. kfree(cryp->header_sg);
  1322. kfree(cryp->in_sg);
  1323. return ret;
  1324. }
  1325. ret = stm32_cryp_dma_check_sg(cryp->in_sg, align_size, AES_BLOCK_SIZE);
  1326. ret2 = stm32_cryp_dma_check_sg(cryp->out_sg, align_size, AES_BLOCK_SIZE);
  1327. if (ret == NO_DMA || ret2 == NO_DMA) {
  1328. kfree(cryp->in_sg);
  1329. cryp->in_sg = NULL;
  1330. kfree(cryp->out_sg);
  1331. cryp->out_sg = NULL;
  1332. cryp->flags &= ~FLG_IN_OUT_DMA;
  1333. } else {
  1334. cryp->flags |= FLG_IN_OUT_DMA;
  1335. }
  1336. return 0;
  1337. }
  1338. static int stm32_cryp_prepare_req(struct skcipher_request *req,
  1339. struct aead_request *areq)
  1340. {
  1341. struct stm32_cryp_ctx *ctx;
  1342. struct stm32_cryp *cryp;
  1343. struct stm32_cryp_reqctx *rctx;
  1344. struct scatterlist *in_sg, *out_sg;
  1345. int ret;
  1346. if (!req && !areq)
  1347. return -EINVAL;
  1348. ctx = req ? crypto_skcipher_ctx(crypto_skcipher_reqtfm(req)) :
  1349. crypto_aead_ctx(crypto_aead_reqtfm(areq));
  1350. cryp = ctx->cryp;
  1351. rctx = req ? skcipher_request_ctx(req) : aead_request_ctx(areq);
  1352. rctx->mode &= FLG_MODE_MASK;
  1353. cryp->flags = (cryp->flags & ~FLG_MODE_MASK) | rctx->mode;
  1354. cryp->hw_blocksize = is_aes(cryp) ? AES_BLOCK_SIZE : DES_BLOCK_SIZE;
  1355. cryp->ctx = ctx;
  1356. if (req) {
  1357. cryp->req = req;
  1358. cryp->areq = NULL;
  1359. cryp->header_in = 0;
  1360. cryp->payload_in = req->cryptlen;
  1361. cryp->payload_out = req->cryptlen;
  1362. cryp->authsize = 0;
  1363. in_sg = req->src;
  1364. out_sg = req->dst;
  1365. ret = stm32_cryp_cipher_prepare(cryp, in_sg, out_sg);
  1366. if (ret)
  1367. return ret;
  1368. ret = stm32_cryp_hw_init(cryp);
  1369. } else {
  1370. /*
  1371. * Length of input and output data:
  1372. * Encryption case:
  1373. * INPUT = AssocData || PlainText
  1374. * <- assoclen -> <- cryptlen ->
  1375. *
  1376. * OUTPUT = AssocData || CipherText || AuthTag
  1377. * <- assoclen -> <-- cryptlen --> <- authsize ->
  1378. *
  1379. * Decryption case:
  1380. * INPUT = AssocData || CipherTex || AuthTag
  1381. * <- assoclen ---> <---------- cryptlen ---------->
  1382. *
  1383. * OUTPUT = AssocData || PlainText
  1384. * <- assoclen -> <- cryptlen - authsize ->
  1385. */
  1386. cryp->areq = areq;
  1387. cryp->req = NULL;
  1388. cryp->authsize = crypto_aead_authsize(crypto_aead_reqtfm(areq));
  1389. if (is_encrypt(cryp)) {
  1390. cryp->payload_in = areq->cryptlen;
  1391. cryp->header_in = areq->assoclen;
  1392. cryp->payload_out = areq->cryptlen;
  1393. } else {
  1394. cryp->payload_in = areq->cryptlen - cryp->authsize;
  1395. cryp->header_in = areq->assoclen;
  1396. cryp->payload_out = cryp->payload_in;
  1397. }
  1398. in_sg = areq->src;
  1399. out_sg = areq->dst;
  1400. scatterwalk_start(&cryp->in_walk, in_sg);
  1401. /* In output, jump after assoc data */
  1402. scatterwalk_start_at_pos(&cryp->out_walk, out_sg,
  1403. areq->assoclen);
  1404. ret = stm32_cryp_hw_init(cryp);
  1405. if (ret)
  1406. return ret;
  1407. ret = stm32_cryp_aead_prepare(cryp, in_sg, out_sg);
  1408. }
  1409. return ret;
  1410. }
  1411. static int stm32_cryp_cipher_one_req(struct crypto_engine *engine, void *areq)
  1412. {
  1413. struct skcipher_request *req = container_of(areq,
  1414. struct skcipher_request,
  1415. base);
  1416. struct stm32_cryp_ctx *ctx = crypto_skcipher_ctx(
  1417. crypto_skcipher_reqtfm(req));
  1418. struct stm32_cryp *cryp = ctx->cryp;
  1419. int ret;
  1420. if (!cryp)
  1421. return -ENODEV;
  1422. ret = stm32_cryp_prepare_req(req, NULL);
  1423. if (ret)
  1424. return ret;
  1425. if (cryp->flags & FLG_IN_OUT_DMA)
  1426. ret = stm32_cryp_dma_start(cryp);
  1427. else
  1428. ret = stm32_cryp_it_start(cryp);
  1429. if (ret == -ETIMEDOUT)
  1430. stm32_cryp_finish_req(cryp, ret);
  1431. return ret;
  1432. }
  1433. static int stm32_cryp_aead_one_req(struct crypto_engine *engine, void *areq)
  1434. {
  1435. struct aead_request *req = container_of(areq, struct aead_request,
  1436. base);
  1437. struct stm32_cryp_ctx *ctx = crypto_aead_ctx(crypto_aead_reqtfm(req));
  1438. struct stm32_cryp *cryp = ctx->cryp;
  1439. int err;
  1440. if (!cryp)
  1441. return -ENODEV;
  1442. err = stm32_cryp_prepare_req(NULL, req);
  1443. if (err)
  1444. return err;
  1445. if (!stm32_cryp_get_input_text_len(cryp) && !cryp->header_in &&
  1446. !(cryp->flags & FLG_HEADER_DMA)) {
  1447. /* No input data to process: get tag and finish */
  1448. stm32_cryp_finish_req(cryp, 0);
  1449. return 0;
  1450. }
  1451. if (cryp->flags & FLG_HEADER_DMA)
  1452. return stm32_cryp_header_dma_start(cryp);
  1453. if (!cryp->header_in && cryp->flags & FLG_IN_OUT_DMA)
  1454. return stm32_cryp_dma_start(cryp);
  1455. return stm32_cryp_it_start(cryp);
  1456. }
  1457. static int stm32_cryp_read_auth_tag(struct stm32_cryp *cryp)
  1458. {
  1459. u32 cfg, size_bit;
  1460. unsigned int i;
  1461. int ret = 0;
  1462. /* Update Config */
  1463. cfg = stm32_cryp_read(cryp, cryp->caps->cr);
  1464. cfg &= ~CR_PH_MASK;
  1465. cfg |= CR_PH_FINAL;
  1466. cfg &= ~CR_DEC_NOT_ENC;
  1467. cfg |= CR_CRYPEN;
  1468. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1469. if (is_gcm(cryp)) {
  1470. /* GCM: write aad and payload size (in bits) */
  1471. size_bit = cryp->areq->assoclen * 8;
  1472. if (cryp->caps->swap_final)
  1473. size_bit = (__force u32)cpu_to_be32(size_bit);
  1474. stm32_cryp_write(cryp, cryp->caps->din, 0);
  1475. stm32_cryp_write(cryp, cryp->caps->din, size_bit);
  1476. size_bit = is_encrypt(cryp) ? cryp->areq->cryptlen :
  1477. cryp->areq->cryptlen - cryp->authsize;
  1478. size_bit *= 8;
  1479. if (cryp->caps->swap_final)
  1480. size_bit = (__force u32)cpu_to_be32(size_bit);
  1481. stm32_cryp_write(cryp, cryp->caps->din, 0);
  1482. stm32_cryp_write(cryp, cryp->caps->din, size_bit);
  1483. } else {
  1484. /* CCM: write CTR0 */
  1485. u32 iv32[AES_BLOCK_32];
  1486. u8 *iv = (u8 *)iv32;
  1487. __be32 *biv = (__be32 *)iv32;
  1488. memcpy(iv, cryp->areq->iv, AES_BLOCK_SIZE);
  1489. memset(iv + AES_BLOCK_SIZE - 1 - iv[0], 0, iv[0] + 1);
  1490. for (i = 0; i < AES_BLOCK_32; i++) {
  1491. u32 xiv = iv32[i];
  1492. if (!cryp->caps->padding_wa)
  1493. xiv = be32_to_cpu(biv[i]);
  1494. stm32_cryp_write(cryp, cryp->caps->din, xiv);
  1495. }
  1496. }
  1497. /* Wait for output data */
  1498. ret = stm32_cryp_wait_output(cryp);
  1499. if (ret) {
  1500. dev_err(cryp->dev, "Timeout (read tag)\n");
  1501. return ret;
  1502. }
  1503. if (is_encrypt(cryp)) {
  1504. u32 out_tag[AES_BLOCK_32];
  1505. /* Get and write tag */
  1506. readsl(cryp->regs + cryp->caps->dout, out_tag, AES_BLOCK_32);
  1507. memcpy_to_scatterwalk(&cryp->out_walk, out_tag, cryp->authsize);
  1508. } else {
  1509. /* Get and check tag */
  1510. u32 in_tag[AES_BLOCK_32], out_tag[AES_BLOCK_32];
  1511. memcpy_from_scatterwalk(in_tag, &cryp->in_walk, cryp->authsize);
  1512. readsl(cryp->regs + cryp->caps->dout, out_tag, AES_BLOCK_32);
  1513. if (crypto_memneq(in_tag, out_tag, cryp->authsize))
  1514. ret = -EBADMSG;
  1515. }
  1516. /* Disable cryp */
  1517. cfg &= ~CR_CRYPEN;
  1518. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1519. return ret;
  1520. }
  1521. static void stm32_cryp_check_ctr_counter(struct stm32_cryp *cryp)
  1522. {
  1523. u32 cr;
  1524. if (unlikely(cryp->last_ctr[3] == cpu_to_be32(0xFFFFFFFF))) {
  1525. /*
  1526. * In this case, we need to increment manually the ctr counter,
  1527. * as HW doesn't handle the U32 carry.
  1528. */
  1529. crypto_inc((u8 *)cryp->last_ctr, sizeof(cryp->last_ctr));
  1530. cr = stm32_cryp_read(cryp, cryp->caps->cr);
  1531. stm32_cryp_write(cryp, cryp->caps->cr, cr & ~CR_CRYPEN);
  1532. stm32_cryp_hw_write_iv(cryp, cryp->last_ctr);
  1533. stm32_cryp_write(cryp, cryp->caps->cr, cr);
  1534. }
  1535. /* The IV registers are BE */
  1536. cryp->last_ctr[0] = cpu_to_be32(stm32_cryp_read(cryp, cryp->caps->iv0l));
  1537. cryp->last_ctr[1] = cpu_to_be32(stm32_cryp_read(cryp, cryp->caps->iv0r));
  1538. cryp->last_ctr[2] = cpu_to_be32(stm32_cryp_read(cryp, cryp->caps->iv1l));
  1539. cryp->last_ctr[3] = cpu_to_be32(stm32_cryp_read(cryp, cryp->caps->iv1r));
  1540. }
  1541. static void stm32_cryp_irq_read_data(struct stm32_cryp *cryp)
  1542. {
  1543. u32 block[AES_BLOCK_32];
  1544. readsl(cryp->regs + cryp->caps->dout, block, cryp->hw_blocksize / sizeof(u32));
  1545. memcpy_to_scatterwalk(&cryp->out_walk, block, min(cryp->hw_blocksize,
  1546. cryp->payload_out));
  1547. cryp->payload_out -= min(cryp->hw_blocksize, cryp->payload_out);
  1548. }
  1549. static void stm32_cryp_irq_write_block(struct stm32_cryp *cryp)
  1550. {
  1551. u32 block[AES_BLOCK_32] = {0};
  1552. memcpy_from_scatterwalk(block, &cryp->in_walk, min(cryp->hw_blocksize,
  1553. cryp->payload_in));
  1554. writesl(cryp->regs + cryp->caps->din, block, cryp->hw_blocksize / sizeof(u32));
  1555. cryp->payload_in -= min(cryp->hw_blocksize, cryp->payload_in);
  1556. }
  1557. static void stm32_cryp_irq_write_gcm_padded_data(struct stm32_cryp *cryp)
  1558. {
  1559. int err;
  1560. u32 cfg, block[AES_BLOCK_32] = {0};
  1561. unsigned int i;
  1562. /* 'Special workaround' procedure described in the datasheet */
  1563. /* a) disable ip */
  1564. stm32_cryp_write(cryp, cryp->caps->imsc, 0);
  1565. cfg = stm32_cryp_read(cryp, cryp->caps->cr);
  1566. cfg &= ~CR_CRYPEN;
  1567. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1568. /* b) Update IV1R */
  1569. stm32_cryp_write(cryp, cryp->caps->iv1r, cryp->gcm_ctr - 2);
  1570. /* c) change mode to CTR */
  1571. cfg &= ~CR_ALGO_MASK;
  1572. cfg |= CR_AES_CTR;
  1573. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1574. /* a) enable IP */
  1575. cfg |= CR_CRYPEN;
  1576. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1577. /* b) pad and write the last block */
  1578. stm32_cryp_irq_write_block(cryp);
  1579. /* wait end of process */
  1580. err = stm32_cryp_wait_output(cryp);
  1581. if (err) {
  1582. dev_err(cryp->dev, "Timeout (write gcm last data)\n");
  1583. return stm32_cryp_finish_req(cryp, err);
  1584. }
  1585. /* c) get and store encrypted data */
  1586. /*
  1587. * Same code as stm32_cryp_irq_read_data(), but we want to store
  1588. * block value
  1589. */
  1590. readsl(cryp->regs + cryp->caps->dout, block, cryp->hw_blocksize / sizeof(u32));
  1591. memcpy_to_scatterwalk(&cryp->out_walk, block, min(cryp->hw_blocksize,
  1592. cryp->payload_out));
  1593. cryp->payload_out -= min(cryp->hw_blocksize, cryp->payload_out);
  1594. /* d) change mode back to AES GCM */
  1595. cfg &= ~CR_ALGO_MASK;
  1596. cfg |= CR_AES_GCM;
  1597. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1598. /* e) change phase to Final */
  1599. cfg &= ~CR_PH_MASK;
  1600. cfg |= CR_PH_FINAL;
  1601. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1602. /* f) write padded data */
  1603. writesl(cryp->regs + cryp->caps->din, block, AES_BLOCK_32);
  1604. /* g) Empty fifo out */
  1605. err = stm32_cryp_wait_output(cryp);
  1606. if (err) {
  1607. dev_err(cryp->dev, "Timeout (write gcm padded data)\n");
  1608. return stm32_cryp_finish_req(cryp, err);
  1609. }
  1610. for (i = 0; i < AES_BLOCK_32; i++)
  1611. stm32_cryp_read(cryp, cryp->caps->dout);
  1612. /* h) run the he normal Final phase */
  1613. stm32_cryp_finish_req(cryp, 0);
  1614. }
  1615. static void stm32_cryp_irq_set_npblb(struct stm32_cryp *cryp)
  1616. {
  1617. u32 cfg;
  1618. /* disable ip, set NPBLB and reneable ip */
  1619. cfg = stm32_cryp_read(cryp, cryp->caps->cr);
  1620. cfg &= ~CR_CRYPEN;
  1621. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1622. cfg |= (cryp->hw_blocksize - cryp->payload_in) << CR_NBPBL_SHIFT;
  1623. cfg |= CR_CRYPEN;
  1624. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1625. }
  1626. static void stm32_cryp_irq_write_ccm_padded_data(struct stm32_cryp *cryp)
  1627. {
  1628. int err = 0;
  1629. u32 cfg, iv1tmp;
  1630. u32 cstmp1[AES_BLOCK_32], cstmp2[AES_BLOCK_32];
  1631. u32 block[AES_BLOCK_32] = {0};
  1632. unsigned int i;
  1633. /* 'Special workaround' procedure described in the datasheet */
  1634. /* a) disable ip */
  1635. stm32_cryp_write(cryp, cryp->caps->imsc, 0);
  1636. cfg = stm32_cryp_read(cryp, cryp->caps->cr);
  1637. cfg &= ~CR_CRYPEN;
  1638. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1639. /* b) get IV1 from CRYP_CSGCMCCM7 */
  1640. iv1tmp = stm32_cryp_read(cryp, CRYP_CSGCMCCM0R + 7 * 4);
  1641. /* c) Load CRYP_CSGCMCCMxR */
  1642. for (i = 0; i < ARRAY_SIZE(cstmp1); i++)
  1643. cstmp1[i] = stm32_cryp_read(cryp, CRYP_CSGCMCCM0R + i * 4);
  1644. /* d) Write IV1R */
  1645. stm32_cryp_write(cryp, cryp->caps->iv1r, iv1tmp);
  1646. /* e) change mode to CTR */
  1647. cfg &= ~CR_ALGO_MASK;
  1648. cfg |= CR_AES_CTR;
  1649. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1650. /* a) enable IP */
  1651. cfg |= CR_CRYPEN;
  1652. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1653. /* b) pad and write the last block */
  1654. stm32_cryp_irq_write_block(cryp);
  1655. /* wait end of process */
  1656. err = stm32_cryp_wait_output(cryp);
  1657. if (err) {
  1658. dev_err(cryp->dev, "Timeout (write ccm padded data)\n");
  1659. return stm32_cryp_finish_req(cryp, err);
  1660. }
  1661. /* c) get and store decrypted data */
  1662. /*
  1663. * Same code as stm32_cryp_irq_read_data(), but we want to store
  1664. * block value
  1665. */
  1666. readsl(cryp->regs + cryp->caps->dout, block, cryp->hw_blocksize / sizeof(u32));
  1667. memcpy_to_scatterwalk(&cryp->out_walk, block, min(cryp->hw_blocksize,
  1668. cryp->payload_out));
  1669. cryp->payload_out -= min(cryp->hw_blocksize, cryp->payload_out);
  1670. /* d) Load again CRYP_CSGCMCCMxR */
  1671. for (i = 0; i < ARRAY_SIZE(cstmp2); i++)
  1672. cstmp2[i] = stm32_cryp_read(cryp, CRYP_CSGCMCCM0R + i * 4);
  1673. /* e) change mode back to AES CCM */
  1674. cfg &= ~CR_ALGO_MASK;
  1675. cfg |= CR_AES_CCM;
  1676. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1677. /* f) change phase to header */
  1678. cfg &= ~CR_PH_MASK;
  1679. cfg |= CR_PH_HEADER;
  1680. stm32_cryp_write(cryp, cryp->caps->cr, cfg);
  1681. /* g) XOR and write padded data */
  1682. for (i = 0; i < ARRAY_SIZE(block); i++) {
  1683. block[i] ^= cstmp1[i];
  1684. block[i] ^= cstmp2[i];
  1685. stm32_cryp_write(cryp, cryp->caps->din, block[i]);
  1686. }
  1687. /* h) wait for completion */
  1688. err = stm32_cryp_wait_busy(cryp);
  1689. if (err)
  1690. dev_err(cryp->dev, "Timeout (write ccm padded data)\n");
  1691. /* i) run the he normal Final phase */
  1692. stm32_cryp_finish_req(cryp, err);
  1693. }
  1694. static void stm32_cryp_irq_write_data(struct stm32_cryp *cryp)
  1695. {
  1696. if (unlikely(!cryp->payload_in)) {
  1697. dev_warn(cryp->dev, "No more data to process\n");
  1698. return;
  1699. }
  1700. if (unlikely(cryp->payload_in < AES_BLOCK_SIZE &&
  1701. (stm32_cryp_get_hw_mode(cryp) == CR_AES_GCM) &&
  1702. is_encrypt(cryp))) {
  1703. /* Padding for AES GCM encryption */
  1704. if (cryp->caps->padding_wa) {
  1705. /* Special case 1 */
  1706. stm32_cryp_irq_write_gcm_padded_data(cryp);
  1707. return;
  1708. }
  1709. /* Setting padding bytes (NBBLB) */
  1710. stm32_cryp_irq_set_npblb(cryp);
  1711. }
  1712. if (unlikely((cryp->payload_in < AES_BLOCK_SIZE) &&
  1713. (stm32_cryp_get_hw_mode(cryp) == CR_AES_CCM) &&
  1714. is_decrypt(cryp))) {
  1715. /* Padding for AES CCM decryption */
  1716. if (cryp->caps->padding_wa) {
  1717. /* Special case 2 */
  1718. stm32_cryp_irq_write_ccm_padded_data(cryp);
  1719. return;
  1720. }
  1721. /* Setting padding bytes (NBBLB) */
  1722. stm32_cryp_irq_set_npblb(cryp);
  1723. }
  1724. if (is_aes(cryp) && is_ctr(cryp))
  1725. stm32_cryp_check_ctr_counter(cryp);
  1726. stm32_cryp_irq_write_block(cryp);
  1727. }
  1728. static void stm32_cryp_irq_write_gcmccm_header(struct stm32_cryp *cryp)
  1729. {
  1730. u32 block[AES_BLOCK_32] = {0};
  1731. size_t written;
  1732. written = min(AES_BLOCK_SIZE, cryp->header_in);
  1733. memcpy_from_scatterwalk(block, &cryp->in_walk, written);
  1734. writesl(cryp->regs + cryp->caps->din, block, AES_BLOCK_32);
  1735. cryp->header_in -= written;
  1736. stm32_crypt_gcmccm_end_header(cryp);
  1737. }
  1738. static irqreturn_t stm32_cryp_irq_thread(int irq, void *arg)
  1739. {
  1740. struct stm32_cryp *cryp = arg;
  1741. u32 ph;
  1742. u32 it_mask = stm32_cryp_read(cryp, cryp->caps->imsc);
  1743. if (cryp->irq_status & MISR_OUT)
  1744. /* Output FIFO IRQ: read data */
  1745. stm32_cryp_irq_read_data(cryp);
  1746. if (cryp->irq_status & MISR_IN) {
  1747. if (is_gcm(cryp) || is_ccm(cryp)) {
  1748. ph = stm32_cryp_read(cryp, cryp->caps->cr) & CR_PH_MASK;
  1749. if (unlikely(ph == CR_PH_HEADER))
  1750. /* Write Header */
  1751. stm32_cryp_irq_write_gcmccm_header(cryp);
  1752. else
  1753. /* Input FIFO IRQ: write data */
  1754. stm32_cryp_irq_write_data(cryp);
  1755. if (is_gcm(cryp))
  1756. cryp->gcm_ctr++;
  1757. } else {
  1758. /* Input FIFO IRQ: write data */
  1759. stm32_cryp_irq_write_data(cryp);
  1760. }
  1761. }
  1762. /* Mask useless interrupts */
  1763. if (!cryp->payload_in && !cryp->header_in)
  1764. it_mask &= ~IMSCR_IN;
  1765. if (!cryp->payload_out)
  1766. it_mask &= ~IMSCR_OUT;
  1767. stm32_cryp_write(cryp, cryp->caps->imsc, it_mask);
  1768. if (!cryp->payload_in && !cryp->header_in && !cryp->payload_out) {
  1769. local_bh_disable();
  1770. stm32_cryp_finish_req(cryp, 0);
  1771. local_bh_enable();
  1772. }
  1773. return IRQ_HANDLED;
  1774. }
  1775. static irqreturn_t stm32_cryp_irq(int irq, void *arg)
  1776. {
  1777. struct stm32_cryp *cryp = arg;
  1778. cryp->irq_status = stm32_cryp_read(cryp, cryp->caps->mis);
  1779. return IRQ_WAKE_THREAD;
  1780. }
  1781. static int stm32_cryp_dma_init(struct stm32_cryp *cryp)
  1782. {
  1783. struct dma_slave_config dma_conf;
  1784. struct dma_chan *chan;
  1785. int ret;
  1786. memset(&dma_conf, 0, sizeof(dma_conf));
  1787. dma_conf.direction = DMA_MEM_TO_DEV;
  1788. dma_conf.dst_addr = cryp->phys_base + cryp->caps->din;
  1789. dma_conf.dst_addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES;
  1790. dma_conf.dst_maxburst = CRYP_DMA_BURST_REG;
  1791. dma_conf.device_fc = false;
  1792. chan = dma_request_chan(cryp->dev, "in");
  1793. if (IS_ERR(chan))
  1794. return PTR_ERR(chan);
  1795. cryp->dma_lch_in = chan;
  1796. ret = dmaengine_slave_config(cryp->dma_lch_in, &dma_conf);
  1797. if (ret) {
  1798. dma_release_channel(cryp->dma_lch_in);
  1799. cryp->dma_lch_in = NULL;
  1800. dev_err(cryp->dev, "Couldn't configure DMA in slave.\n");
  1801. return ret;
  1802. }
  1803. memset(&dma_conf, 0, sizeof(dma_conf));
  1804. dma_conf.direction = DMA_DEV_TO_MEM;
  1805. dma_conf.src_addr = cryp->phys_base + cryp->caps->dout;
  1806. dma_conf.src_addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES;
  1807. dma_conf.src_maxburst = CRYP_DMA_BURST_REG;
  1808. dma_conf.device_fc = false;
  1809. chan = dma_request_chan(cryp->dev, "out");
  1810. if (IS_ERR(chan)) {
  1811. dma_release_channel(cryp->dma_lch_in);
  1812. cryp->dma_lch_in = NULL;
  1813. return PTR_ERR(chan);
  1814. }
  1815. cryp->dma_lch_out = chan;
  1816. ret = dmaengine_slave_config(cryp->dma_lch_out, &dma_conf);
  1817. if (ret) {
  1818. dma_release_channel(cryp->dma_lch_out);
  1819. cryp->dma_lch_out = NULL;
  1820. dev_err(cryp->dev, "Couldn't configure DMA out slave.\n");
  1821. dma_release_channel(cryp->dma_lch_in);
  1822. cryp->dma_lch_in = NULL;
  1823. return ret;
  1824. }
  1825. init_completion(&cryp->dma_completion);
  1826. return 0;
  1827. }
  1828. static struct skcipher_engine_alg crypto_algs[] = {
  1829. {
  1830. .base = {
  1831. .base.cra_name = "ecb(aes)",
  1832. .base.cra_driver_name = "stm32-ecb-aes",
  1833. .base.cra_priority = 300,
  1834. .base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY,
  1835. .base.cra_blocksize = AES_BLOCK_SIZE,
  1836. .base.cra_ctxsize = sizeof(struct stm32_cryp_ctx),
  1837. .base.cra_alignmask = 0,
  1838. .base.cra_module = THIS_MODULE,
  1839. .init = stm32_cryp_init_tfm,
  1840. .min_keysize = AES_MIN_KEY_SIZE,
  1841. .max_keysize = AES_MAX_KEY_SIZE,
  1842. .setkey = stm32_cryp_aes_setkey,
  1843. .encrypt = stm32_cryp_aes_ecb_encrypt,
  1844. .decrypt = stm32_cryp_aes_ecb_decrypt,
  1845. },
  1846. .op = {
  1847. .do_one_request = stm32_cryp_cipher_one_req,
  1848. },
  1849. },
  1850. {
  1851. .base = {
  1852. .base.cra_name = "cbc(aes)",
  1853. .base.cra_driver_name = "stm32-cbc-aes",
  1854. .base.cra_priority = 300,
  1855. .base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY,
  1856. .base.cra_blocksize = AES_BLOCK_SIZE,
  1857. .base.cra_ctxsize = sizeof(struct stm32_cryp_ctx),
  1858. .base.cra_alignmask = 0,
  1859. .base.cra_module = THIS_MODULE,
  1860. .init = stm32_cryp_init_tfm,
  1861. .min_keysize = AES_MIN_KEY_SIZE,
  1862. .max_keysize = AES_MAX_KEY_SIZE,
  1863. .ivsize = AES_BLOCK_SIZE,
  1864. .setkey = stm32_cryp_aes_setkey,
  1865. .encrypt = stm32_cryp_aes_cbc_encrypt,
  1866. .decrypt = stm32_cryp_aes_cbc_decrypt,
  1867. },
  1868. .op = {
  1869. .do_one_request = stm32_cryp_cipher_one_req,
  1870. },
  1871. },
  1872. {
  1873. .base = {
  1874. .base.cra_name = "ctr(aes)",
  1875. .base.cra_driver_name = "stm32-ctr-aes",
  1876. .base.cra_priority = 300,
  1877. .base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY,
  1878. .base.cra_blocksize = 1,
  1879. .base.cra_ctxsize = sizeof(struct stm32_cryp_ctx),
  1880. .base.cra_alignmask = 0,
  1881. .base.cra_module = THIS_MODULE,
  1882. .init = stm32_cryp_init_tfm,
  1883. .min_keysize = AES_MIN_KEY_SIZE,
  1884. .max_keysize = AES_MAX_KEY_SIZE,
  1885. .ivsize = AES_BLOCK_SIZE,
  1886. .setkey = stm32_cryp_aes_setkey,
  1887. .encrypt = stm32_cryp_aes_ctr_encrypt,
  1888. .decrypt = stm32_cryp_aes_ctr_decrypt,
  1889. },
  1890. .op = {
  1891. .do_one_request = stm32_cryp_cipher_one_req,
  1892. },
  1893. },
  1894. {
  1895. .base = {
  1896. .base.cra_name = "ecb(des)",
  1897. .base.cra_driver_name = "stm32-ecb-des",
  1898. .base.cra_priority = 300,
  1899. .base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY,
  1900. .base.cra_blocksize = DES_BLOCK_SIZE,
  1901. .base.cra_ctxsize = sizeof(struct stm32_cryp_ctx),
  1902. .base.cra_alignmask = 0,
  1903. .base.cra_module = THIS_MODULE,
  1904. .init = stm32_cryp_init_tfm,
  1905. .min_keysize = DES_BLOCK_SIZE,
  1906. .max_keysize = DES_BLOCK_SIZE,
  1907. .setkey = stm32_cryp_des_setkey,
  1908. .encrypt = stm32_cryp_des_ecb_encrypt,
  1909. .decrypt = stm32_cryp_des_ecb_decrypt,
  1910. },
  1911. .op = {
  1912. .do_one_request = stm32_cryp_cipher_one_req,
  1913. },
  1914. },
  1915. {
  1916. .base = {
  1917. .base.cra_name = "cbc(des)",
  1918. .base.cra_driver_name = "stm32-cbc-des",
  1919. .base.cra_priority = 300,
  1920. .base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY,
  1921. .base.cra_blocksize = DES_BLOCK_SIZE,
  1922. .base.cra_ctxsize = sizeof(struct stm32_cryp_ctx),
  1923. .base.cra_alignmask = 0,
  1924. .base.cra_module = THIS_MODULE,
  1925. .init = stm32_cryp_init_tfm,
  1926. .min_keysize = DES_BLOCK_SIZE,
  1927. .max_keysize = DES_BLOCK_SIZE,
  1928. .ivsize = DES_BLOCK_SIZE,
  1929. .setkey = stm32_cryp_des_setkey,
  1930. .encrypt = stm32_cryp_des_cbc_encrypt,
  1931. .decrypt = stm32_cryp_des_cbc_decrypt,
  1932. },
  1933. .op = {
  1934. .do_one_request = stm32_cryp_cipher_one_req,
  1935. },
  1936. },
  1937. {
  1938. .base = {
  1939. .base.cra_name = "ecb(des3_ede)",
  1940. .base.cra_driver_name = "stm32-ecb-des3",
  1941. .base.cra_priority = 300,
  1942. .base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY,
  1943. .base.cra_blocksize = DES_BLOCK_SIZE,
  1944. .base.cra_ctxsize = sizeof(struct stm32_cryp_ctx),
  1945. .base.cra_alignmask = 0,
  1946. .base.cra_module = THIS_MODULE,
  1947. .init = stm32_cryp_init_tfm,
  1948. .min_keysize = 3 * DES_BLOCK_SIZE,
  1949. .max_keysize = 3 * DES_BLOCK_SIZE,
  1950. .setkey = stm32_cryp_tdes_setkey,
  1951. .encrypt = stm32_cryp_tdes_ecb_encrypt,
  1952. .decrypt = stm32_cryp_tdes_ecb_decrypt,
  1953. },
  1954. .op = {
  1955. .do_one_request = stm32_cryp_cipher_one_req,
  1956. },
  1957. },
  1958. {
  1959. .base = {
  1960. .base.cra_name = "cbc(des3_ede)",
  1961. .base.cra_driver_name = "stm32-cbc-des3",
  1962. .base.cra_priority = 300,
  1963. .base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY,
  1964. .base.cra_blocksize = DES_BLOCK_SIZE,
  1965. .base.cra_ctxsize = sizeof(struct stm32_cryp_ctx),
  1966. .base.cra_alignmask = 0,
  1967. .base.cra_module = THIS_MODULE,
  1968. .init = stm32_cryp_init_tfm,
  1969. .min_keysize = 3 * DES_BLOCK_SIZE,
  1970. .max_keysize = 3 * DES_BLOCK_SIZE,
  1971. .ivsize = DES_BLOCK_SIZE,
  1972. .setkey = stm32_cryp_tdes_setkey,
  1973. .encrypt = stm32_cryp_tdes_cbc_encrypt,
  1974. .decrypt = stm32_cryp_tdes_cbc_decrypt,
  1975. },
  1976. .op = {
  1977. .do_one_request = stm32_cryp_cipher_one_req,
  1978. },
  1979. },
  1980. };
  1981. static struct aead_engine_alg aead_algs[] = {
  1982. {
  1983. .base.setkey = stm32_cryp_aes_aead_setkey,
  1984. .base.setauthsize = stm32_cryp_aes_gcm_setauthsize,
  1985. .base.encrypt = stm32_cryp_aes_gcm_encrypt,
  1986. .base.decrypt = stm32_cryp_aes_gcm_decrypt,
  1987. .base.init = stm32_cryp_aes_aead_init,
  1988. .base.ivsize = 12,
  1989. .base.maxauthsize = AES_BLOCK_SIZE,
  1990. .base.base = {
  1991. .cra_name = "gcm(aes)",
  1992. .cra_driver_name = "stm32-gcm-aes",
  1993. .cra_priority = 300,
  1994. .cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY,
  1995. .cra_blocksize = 1,
  1996. .cra_ctxsize = sizeof(struct stm32_cryp_ctx),
  1997. .cra_alignmask = 0,
  1998. .cra_module = THIS_MODULE,
  1999. },
  2000. .op = {
  2001. .do_one_request = stm32_cryp_aead_one_req,
  2002. },
  2003. },
  2004. {
  2005. .base.setkey = stm32_cryp_aes_aead_setkey,
  2006. .base.setauthsize = stm32_cryp_aes_ccm_setauthsize,
  2007. .base.encrypt = stm32_cryp_aes_ccm_encrypt,
  2008. .base.decrypt = stm32_cryp_aes_ccm_decrypt,
  2009. .base.init = stm32_cryp_aes_aead_init,
  2010. .base.ivsize = AES_BLOCK_SIZE,
  2011. .base.maxauthsize = AES_BLOCK_SIZE,
  2012. .base.base = {
  2013. .cra_name = "ccm(aes)",
  2014. .cra_driver_name = "stm32-ccm-aes",
  2015. .cra_priority = 300,
  2016. .cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY,
  2017. .cra_blocksize = 1,
  2018. .cra_ctxsize = sizeof(struct stm32_cryp_ctx),
  2019. .cra_alignmask = 0,
  2020. .cra_module = THIS_MODULE,
  2021. },
  2022. .op = {
  2023. .do_one_request = stm32_cryp_aead_one_req,
  2024. },
  2025. },
  2026. };
  2027. static const struct stm32_cryp_caps ux500_data = {
  2028. .aeads_support = false,
  2029. .linear_aes_key = true,
  2030. .kp_mode = false,
  2031. .iv_protection = true,
  2032. .swap_final = true,
  2033. .padding_wa = true,
  2034. .cr = UX500_CRYP_CR,
  2035. .sr = UX500_CRYP_SR,
  2036. .din = UX500_CRYP_DIN,
  2037. .dout = UX500_CRYP_DOUT,
  2038. .dmacr = UX500_CRYP_DMACR,
  2039. .imsc = UX500_CRYP_IMSC,
  2040. .mis = UX500_CRYP_MIS,
  2041. .k1l = UX500_CRYP_K1L,
  2042. .k1r = UX500_CRYP_K1R,
  2043. .k3r = UX500_CRYP_K3R,
  2044. .iv0l = UX500_CRYP_IV0L,
  2045. .iv0r = UX500_CRYP_IV0R,
  2046. .iv1l = UX500_CRYP_IV1L,
  2047. .iv1r = UX500_CRYP_IV1R,
  2048. };
  2049. static const struct stm32_cryp_caps f7_data = {
  2050. .aeads_support = true,
  2051. .linear_aes_key = false,
  2052. .kp_mode = true,
  2053. .iv_protection = false,
  2054. .swap_final = true,
  2055. .padding_wa = true,
  2056. .cr = CRYP_CR,
  2057. .sr = CRYP_SR,
  2058. .din = CRYP_DIN,
  2059. .dout = CRYP_DOUT,
  2060. .dmacr = CRYP_DMACR,
  2061. .imsc = CRYP_IMSCR,
  2062. .mis = CRYP_MISR,
  2063. .k1l = CRYP_K1LR,
  2064. .k1r = CRYP_K1RR,
  2065. .k3r = CRYP_K3RR,
  2066. .iv0l = CRYP_IV0LR,
  2067. .iv0r = CRYP_IV0RR,
  2068. .iv1l = CRYP_IV1LR,
  2069. .iv1r = CRYP_IV1RR,
  2070. };
  2071. static const struct stm32_cryp_caps mp1_data = {
  2072. .aeads_support = true,
  2073. .linear_aes_key = false,
  2074. .kp_mode = true,
  2075. .iv_protection = false,
  2076. .swap_final = false,
  2077. .padding_wa = false,
  2078. .cr = CRYP_CR,
  2079. .sr = CRYP_SR,
  2080. .din = CRYP_DIN,
  2081. .dout = CRYP_DOUT,
  2082. .dmacr = CRYP_DMACR,
  2083. .imsc = CRYP_IMSCR,
  2084. .mis = CRYP_MISR,
  2085. .k1l = CRYP_K1LR,
  2086. .k1r = CRYP_K1RR,
  2087. .k3r = CRYP_K3RR,
  2088. .iv0l = CRYP_IV0LR,
  2089. .iv0r = CRYP_IV0RR,
  2090. .iv1l = CRYP_IV1LR,
  2091. .iv1r = CRYP_IV1RR,
  2092. };
  2093. static const struct of_device_id stm32_dt_ids[] = {
  2094. { .compatible = "stericsson,ux500-cryp", .data = &ux500_data},
  2095. { .compatible = "st,stm32f756-cryp", .data = &f7_data},
  2096. { .compatible = "st,stm32mp1-cryp", .data = &mp1_data},
  2097. {},
  2098. };
  2099. MODULE_DEVICE_TABLE(of, stm32_dt_ids);
  2100. static int stm32_cryp_probe(struct platform_device *pdev)
  2101. {
  2102. struct device *dev = &pdev->dev;
  2103. struct stm32_cryp *cryp;
  2104. struct reset_control *rst;
  2105. int irq, ret;
  2106. cryp = devm_kzalloc(dev, sizeof(*cryp), GFP_KERNEL);
  2107. if (!cryp)
  2108. return -ENOMEM;
  2109. cryp->caps = of_device_get_match_data(dev);
  2110. if (!cryp->caps)
  2111. return -ENODEV;
  2112. cryp->dev = dev;
  2113. cryp->regs = devm_platform_ioremap_resource(pdev, 0);
  2114. if (IS_ERR(cryp->regs))
  2115. return PTR_ERR(cryp->regs);
  2116. cryp->phys_base = platform_get_resource(pdev, IORESOURCE_MEM, 0)->start;
  2117. irq = platform_get_irq(pdev, 0);
  2118. if (irq < 0)
  2119. return irq;
  2120. ret = devm_request_threaded_irq(dev, irq, stm32_cryp_irq,
  2121. stm32_cryp_irq_thread, IRQF_ONESHOT,
  2122. dev_name(dev), cryp);
  2123. if (ret) {
  2124. dev_err(dev, "Cannot grab IRQ\n");
  2125. return ret;
  2126. }
  2127. cryp->clk = devm_clk_get(dev, NULL);
  2128. if (IS_ERR(cryp->clk)) {
  2129. dev_err_probe(dev, PTR_ERR(cryp->clk), "Could not get clock\n");
  2130. return PTR_ERR(cryp->clk);
  2131. }
  2132. ret = clk_prepare_enable(cryp->clk);
  2133. if (ret) {
  2134. dev_err(cryp->dev, "Failed to enable clock\n");
  2135. return ret;
  2136. }
  2137. pm_runtime_set_autosuspend_delay(dev, CRYP_AUTOSUSPEND_DELAY);
  2138. pm_runtime_use_autosuspend(dev);
  2139. pm_runtime_get_noresume(dev);
  2140. pm_runtime_set_active(dev);
  2141. pm_runtime_enable(dev);
  2142. rst = devm_reset_control_get(dev, NULL);
  2143. if (IS_ERR(rst)) {
  2144. ret = PTR_ERR(rst);
  2145. if (ret == -EPROBE_DEFER)
  2146. goto err_rst;
  2147. } else {
  2148. reset_control_assert(rst);
  2149. udelay(2);
  2150. reset_control_deassert(rst);
  2151. }
  2152. platform_set_drvdata(pdev, cryp);
  2153. ret = stm32_cryp_dma_init(cryp);
  2154. switch (ret) {
  2155. case 0:
  2156. break;
  2157. case -ENODEV:
  2158. dev_dbg(dev, "DMA mode not available\n");
  2159. break;
  2160. default:
  2161. goto err_dma;
  2162. }
  2163. spin_lock(&cryp_list.lock);
  2164. list_add(&cryp->list, &cryp_list.dev_list);
  2165. spin_unlock(&cryp_list.lock);
  2166. /* Initialize crypto engine */
  2167. cryp->engine = crypto_engine_alloc_init(dev, 1);
  2168. if (!cryp->engine) {
  2169. dev_err(dev, "Could not init crypto engine\n");
  2170. ret = -ENOMEM;
  2171. goto err_engine1;
  2172. }
  2173. ret = crypto_engine_start(cryp->engine);
  2174. if (ret) {
  2175. dev_err(dev, "Could not start crypto engine\n");
  2176. goto err_engine2;
  2177. }
  2178. ret = crypto_engine_register_skciphers(crypto_algs, ARRAY_SIZE(crypto_algs));
  2179. if (ret) {
  2180. dev_err(dev, "Could not register algs\n");
  2181. goto err_algs;
  2182. }
  2183. if (cryp->caps->aeads_support) {
  2184. ret = crypto_engine_register_aeads(aead_algs, ARRAY_SIZE(aead_algs));
  2185. if (ret)
  2186. goto err_aead_algs;
  2187. }
  2188. dev_info(dev, "Initialized\n");
  2189. pm_runtime_put_sync(dev);
  2190. return 0;
  2191. err_aead_algs:
  2192. crypto_engine_unregister_skciphers(crypto_algs, ARRAY_SIZE(crypto_algs));
  2193. err_algs:
  2194. err_engine2:
  2195. crypto_engine_exit(cryp->engine);
  2196. err_engine1:
  2197. spin_lock(&cryp_list.lock);
  2198. list_del(&cryp->list);
  2199. spin_unlock(&cryp_list.lock);
  2200. if (cryp->dma_lch_in)
  2201. dma_release_channel(cryp->dma_lch_in);
  2202. if (cryp->dma_lch_out)
  2203. dma_release_channel(cryp->dma_lch_out);
  2204. err_dma:
  2205. err_rst:
  2206. pm_runtime_disable(dev);
  2207. pm_runtime_put_noidle(dev);
  2208. clk_disable_unprepare(cryp->clk);
  2209. return ret;
  2210. }
  2211. static void stm32_cryp_remove(struct platform_device *pdev)
  2212. {
  2213. struct stm32_cryp *cryp = platform_get_drvdata(pdev);
  2214. int ret;
  2215. ret = pm_runtime_get_sync(cryp->dev);
  2216. if (cryp->caps->aeads_support)
  2217. crypto_engine_unregister_aeads(aead_algs, ARRAY_SIZE(aead_algs));
  2218. crypto_engine_unregister_skciphers(crypto_algs, ARRAY_SIZE(crypto_algs));
  2219. crypto_engine_exit(cryp->engine);
  2220. spin_lock(&cryp_list.lock);
  2221. list_del(&cryp->list);
  2222. spin_unlock(&cryp_list.lock);
  2223. if (cryp->dma_lch_in)
  2224. dma_release_channel(cryp->dma_lch_in);
  2225. if (cryp->dma_lch_out)
  2226. dma_release_channel(cryp->dma_lch_out);
  2227. pm_runtime_disable(cryp->dev);
  2228. pm_runtime_put_noidle(cryp->dev);
  2229. if (ret >= 0)
  2230. clk_disable_unprepare(cryp->clk);
  2231. }
  2232. #ifdef CONFIG_PM
  2233. static int stm32_cryp_runtime_suspend(struct device *dev)
  2234. {
  2235. struct stm32_cryp *cryp = dev_get_drvdata(dev);
  2236. clk_disable_unprepare(cryp->clk);
  2237. return 0;
  2238. }
  2239. static int stm32_cryp_runtime_resume(struct device *dev)
  2240. {
  2241. struct stm32_cryp *cryp = dev_get_drvdata(dev);
  2242. int ret;
  2243. ret = clk_prepare_enable(cryp->clk);
  2244. if (ret) {
  2245. dev_err(cryp->dev, "Failed to prepare_enable clock\n");
  2246. return ret;
  2247. }
  2248. return 0;
  2249. }
  2250. #endif
  2251. static const struct dev_pm_ops stm32_cryp_pm_ops = {
  2252. SET_SYSTEM_SLEEP_PM_OPS(pm_runtime_force_suspend,
  2253. pm_runtime_force_resume)
  2254. SET_RUNTIME_PM_OPS(stm32_cryp_runtime_suspend,
  2255. stm32_cryp_runtime_resume, NULL)
  2256. };
  2257. static struct platform_driver stm32_cryp_driver = {
  2258. .probe = stm32_cryp_probe,
  2259. .remove = stm32_cryp_remove,
  2260. .driver = {
  2261. .name = DRIVER_NAME,
  2262. .pm = &stm32_cryp_pm_ops,
  2263. .of_match_table = stm32_dt_ids,
  2264. },
  2265. };
  2266. module_platform_driver(stm32_cryp_driver);
  2267. MODULE_AUTHOR("Fabien Dessenne <fabien.dessenne@st.com>");
  2268. MODULE_DESCRIPTION("STMicroelectronics STM32 CRYP hardware driver");
  2269. MODULE_LICENSE("GPL");