Tudor Ambarus | 820684c | 2018-08-21 16:36:09 +0300 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0 |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2 | /* |
| 3 | * Cryptographic API. |
| 4 | * |
| 5 | * Support for ATMEL AES HW acceleration. |
| 6 | * |
| 7 | * Copyright (c) 2012 Eukréa Electromatique - ATMEL |
| 8 | * Author: Nicolas Royer <nicolas@eukrea.com> |
| 9 | * |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 10 | * Some ideas are from omap-aes.c driver. |
| 11 | */ |
| 12 | |
| 13 | |
| 14 | #include <linux/kernel.h> |
| 15 | #include <linux/module.h> |
| 16 | #include <linux/slab.h> |
| 17 | #include <linux/err.h> |
| 18 | #include <linux/clk.h> |
| 19 | #include <linux/io.h> |
| 20 | #include <linux/hw_random.h> |
| 21 | #include <linux/platform_device.h> |
| 22 | |
| 23 | #include <linux/device.h> |
Tudor Ambarus | b46f36c | 2020-01-15 12:53:53 +0000 | [diff] [blame] | 24 | #include <linux/dmaengine.h> |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 25 | #include <linux/init.h> |
| 26 | #include <linux/errno.h> |
| 27 | #include <linux/interrupt.h> |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 28 | #include <linux/irq.h> |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 29 | #include <linux/scatterlist.h> |
| 30 | #include <linux/dma-mapping.h> |
Nicolas Ferre | be943c7 | 2013-10-14 17:52:38 +0200 | [diff] [blame] | 31 | #include <linux/of_device.h> |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 32 | #include <linux/delay.h> |
| 33 | #include <linux/crypto.h> |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 34 | #include <crypto/scatterwalk.h> |
| 35 | #include <crypto/algapi.h> |
| 36 | #include <crypto/aes.h> |
Corentin LABBE | 219d51c | 2017-08-22 10:08:12 +0200 | [diff] [blame] | 37 | #include <crypto/gcm.h> |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 38 | #include <crypto/xts.h> |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 39 | #include <crypto/internal/aead.h> |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 40 | #include <crypto/internal/skcipher.h> |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 41 | #include "atmel-aes-regs.h" |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 42 | #include "atmel-authenc.h" |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 43 | |
Cyrille Pitchen | 88efd9a | 2015-12-17 17:48:34 +0100 | [diff] [blame] | 44 | #define ATMEL_AES_PRIORITY 300 |
| 45 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 46 | #define ATMEL_AES_BUFFER_ORDER 2 |
| 47 | #define ATMEL_AES_BUFFER_SIZE (PAGE_SIZE << ATMEL_AES_BUFFER_ORDER) |
| 48 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 49 | #define CFB8_BLOCK_SIZE 1 |
| 50 | #define CFB16_BLOCK_SIZE 2 |
| 51 | #define CFB32_BLOCK_SIZE 4 |
| 52 | #define CFB64_BLOCK_SIZE 8 |
| 53 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 54 | #define SIZE_IN_WORDS(x) ((x) >> 2) |
| 55 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 56 | /* AES flags */ |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 57 | /* Reserve bits [18:16] [14:12] [1:0] for mode (same as for AES_MR) */ |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 58 | #define AES_FLAGS_ENCRYPT AES_MR_CYPHER_ENC |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 59 | #define AES_FLAGS_GTAGEN AES_MR_GTAGEN |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 60 | #define AES_FLAGS_OPMODE_MASK (AES_MR_OPMOD_MASK | AES_MR_CFBS_MASK) |
| 61 | #define AES_FLAGS_ECB AES_MR_OPMOD_ECB |
| 62 | #define AES_FLAGS_CBC AES_MR_OPMOD_CBC |
| 63 | #define AES_FLAGS_OFB AES_MR_OPMOD_OFB |
| 64 | #define AES_FLAGS_CFB128 (AES_MR_OPMOD_CFB | AES_MR_CFBS_128b) |
| 65 | #define AES_FLAGS_CFB64 (AES_MR_OPMOD_CFB | AES_MR_CFBS_64b) |
| 66 | #define AES_FLAGS_CFB32 (AES_MR_OPMOD_CFB | AES_MR_CFBS_32b) |
| 67 | #define AES_FLAGS_CFB16 (AES_MR_OPMOD_CFB | AES_MR_CFBS_16b) |
| 68 | #define AES_FLAGS_CFB8 (AES_MR_OPMOD_CFB | AES_MR_CFBS_8b) |
| 69 | #define AES_FLAGS_CTR AES_MR_OPMOD_CTR |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 70 | #define AES_FLAGS_GCM AES_MR_OPMOD_GCM |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 71 | #define AES_FLAGS_XTS AES_MR_OPMOD_XTS |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 72 | |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 73 | #define AES_FLAGS_MODE_MASK (AES_FLAGS_OPMODE_MASK | \ |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 74 | AES_FLAGS_ENCRYPT | \ |
| 75 | AES_FLAGS_GTAGEN) |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 76 | |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 77 | #define AES_FLAGS_BUSY BIT(3) |
Cyrille Pitchen | 4537992 | 2015-12-17 18:13:08 +0100 | [diff] [blame] | 78 | #define AES_FLAGS_DUMP_REG BIT(4) |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 79 | #define AES_FLAGS_OWN_SHA BIT(5) |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 80 | |
Romain Izard | 7a373fd | 2017-10-31 16:25:24 +0100 | [diff] [blame] | 81 | #define AES_FLAGS_PERSISTENT AES_FLAGS_BUSY |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 82 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 83 | #define ATMEL_AES_QUEUE_LENGTH 50 |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 84 | |
Cyrille Pitchen | 129f8bb | 2015-12-17 18:13:06 +0100 | [diff] [blame] | 85 | #define ATMEL_AES_DMA_THRESHOLD 256 |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 86 | |
| 87 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 88 | struct atmel_aes_caps { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 89 | bool has_dualbuff; |
| 90 | bool has_cfb64; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 91 | bool has_gcm; |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 92 | bool has_xts; |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 93 | bool has_authenc; |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 94 | u32 max_burst_size; |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 95 | }; |
| 96 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 97 | struct atmel_aes_dev; |
| 98 | |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 99 | |
| 100 | typedef int (*atmel_aes_fn_t)(struct atmel_aes_dev *); |
| 101 | |
| 102 | |
| 103 | struct atmel_aes_base_ctx { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 104 | struct atmel_aes_dev *dd; |
| 105 | atmel_aes_fn_t start; |
| 106 | int keylen; |
| 107 | u32 key[AES_KEYSIZE_256 / sizeof(u32)]; |
| 108 | u16 block_size; |
Romain Izard | 9130801 | 2017-10-31 16:25:23 +0100 | [diff] [blame] | 109 | bool is_aead; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 110 | }; |
| 111 | |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 112 | struct atmel_aes_ctx { |
| 113 | struct atmel_aes_base_ctx base; |
| 114 | }; |
| 115 | |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 116 | struct atmel_aes_ctr_ctx { |
| 117 | struct atmel_aes_base_ctx base; |
| 118 | |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 119 | __be32 iv[AES_BLOCK_SIZE / sizeof(u32)]; |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 120 | size_t offset; |
| 121 | struct scatterlist src[2]; |
| 122 | struct scatterlist dst[2]; |
Tudor Ambarus | 3907ccf | 2019-12-13 14:45:44 +0000 | [diff] [blame] | 123 | u32 blocks; |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 124 | }; |
| 125 | |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 126 | struct atmel_aes_gcm_ctx { |
| 127 | struct atmel_aes_base_ctx base; |
| 128 | |
| 129 | struct scatterlist src[2]; |
| 130 | struct scatterlist dst[2]; |
| 131 | |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 132 | __be32 j0[AES_BLOCK_SIZE / sizeof(u32)]; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 133 | u32 tag[AES_BLOCK_SIZE / sizeof(u32)]; |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 134 | __be32 ghash[AES_BLOCK_SIZE / sizeof(u32)]; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 135 | size_t textlen; |
| 136 | |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 137 | const __be32 *ghash_in; |
| 138 | __be32 *ghash_out; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 139 | atmel_aes_fn_t ghash_resume; |
| 140 | }; |
| 141 | |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 142 | struct atmel_aes_xts_ctx { |
| 143 | struct atmel_aes_base_ctx base; |
| 144 | |
| 145 | u32 key2[AES_KEYSIZE_256 / sizeof(u32)]; |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 146 | struct crypto_skcipher *fallback_tfm; |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 147 | }; |
| 148 | |
Herbert Xu | 1520c72 | 2019-10-28 15:39:07 +0800 | [diff] [blame] | 149 | #if IS_ENABLED(CONFIG_CRYPTO_DEV_ATMEL_AUTHENC) |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 150 | struct atmel_aes_authenc_ctx { |
| 151 | struct atmel_aes_base_ctx base; |
| 152 | struct atmel_sha_authenc_ctx *auth; |
| 153 | }; |
| 154 | #endif |
| 155 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 156 | struct atmel_aes_reqctx { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 157 | unsigned long mode; |
Tudor Ambarus | 57d8154 | 2019-11-15 13:49:09 +0000 | [diff] [blame] | 158 | u8 lastc[AES_BLOCK_SIZE]; |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 159 | struct skcipher_request fallback_req; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 160 | }; |
| 161 | |
Herbert Xu | 1520c72 | 2019-10-28 15:39:07 +0800 | [diff] [blame] | 162 | #if IS_ENABLED(CONFIG_CRYPTO_DEV_ATMEL_AUTHENC) |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 163 | struct atmel_aes_authenc_reqctx { |
| 164 | struct atmel_aes_reqctx base; |
| 165 | |
| 166 | struct scatterlist src[2]; |
| 167 | struct scatterlist dst[2]; |
| 168 | size_t textlen; |
| 169 | u32 digest[SHA512_DIGEST_SIZE / sizeof(u32)]; |
| 170 | |
| 171 | /* auth_req MUST be place last. */ |
| 172 | struct ahash_request auth_req; |
| 173 | }; |
| 174 | #endif |
| 175 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 176 | struct atmel_aes_dma { |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 177 | struct dma_chan *chan; |
| 178 | struct scatterlist *sg; |
| 179 | int nents; |
| 180 | unsigned int remainder; |
| 181 | unsigned int sg_len; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 182 | }; |
| 183 | |
| 184 | struct atmel_aes_dev { |
| 185 | struct list_head list; |
| 186 | unsigned long phys_base; |
| 187 | void __iomem *io_base; |
| 188 | |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 189 | struct crypto_async_request *areq; |
| 190 | struct atmel_aes_base_ctx *ctx; |
| 191 | |
Cyrille Pitchen | 10f12c1 | 2015-12-17 17:48:42 +0100 | [diff] [blame] | 192 | bool is_async; |
| 193 | atmel_aes_fn_t resume; |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 194 | atmel_aes_fn_t cpu_transfer_complete; |
Cyrille Pitchen | 10f12c1 | 2015-12-17 17:48:42 +0100 | [diff] [blame] | 195 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 196 | struct device *dev; |
| 197 | struct clk *iclk; |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 198 | int irq; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 199 | |
| 200 | unsigned long flags; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 201 | |
| 202 | spinlock_t lock; |
| 203 | struct crypto_queue queue; |
| 204 | |
| 205 | struct tasklet_struct done_task; |
| 206 | struct tasklet_struct queue_task; |
| 207 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 208 | size_t total; |
| 209 | size_t datalen; |
| 210 | u32 *data; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 211 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 212 | struct atmel_aes_dma src; |
| 213 | struct atmel_aes_dma dst; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 214 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 215 | size_t buflen; |
| 216 | void *buf; |
| 217 | struct scatterlist aligned_sg; |
| 218 | struct scatterlist *real_dst; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 219 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 220 | struct atmel_aes_caps caps; |
| 221 | |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 222 | u32 hw_version; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 223 | }; |
| 224 | |
| 225 | struct atmel_aes_drv { |
| 226 | struct list_head dev_list; |
| 227 | spinlock_t lock; |
| 228 | }; |
| 229 | |
| 230 | static struct atmel_aes_drv atmel_aes = { |
| 231 | .dev_list = LIST_HEAD_INIT(atmel_aes.dev_list), |
| 232 | .lock = __SPIN_LOCK_UNLOCKED(atmel_aes.lock), |
| 233 | }; |
| 234 | |
Cyrille Pitchen | 4537992 | 2015-12-17 18:13:08 +0100 | [diff] [blame] | 235 | #ifdef VERBOSE_DEBUG |
| 236 | static const char *atmel_aes_reg_name(u32 offset, char *tmp, size_t sz) |
| 237 | { |
| 238 | switch (offset) { |
| 239 | case AES_CR: |
| 240 | return "CR"; |
| 241 | |
| 242 | case AES_MR: |
| 243 | return "MR"; |
| 244 | |
| 245 | case AES_ISR: |
| 246 | return "ISR"; |
| 247 | |
| 248 | case AES_IMR: |
| 249 | return "IMR"; |
| 250 | |
| 251 | case AES_IER: |
| 252 | return "IER"; |
| 253 | |
| 254 | case AES_IDR: |
| 255 | return "IDR"; |
| 256 | |
| 257 | case AES_KEYWR(0): |
| 258 | case AES_KEYWR(1): |
| 259 | case AES_KEYWR(2): |
| 260 | case AES_KEYWR(3): |
| 261 | case AES_KEYWR(4): |
| 262 | case AES_KEYWR(5): |
| 263 | case AES_KEYWR(6): |
| 264 | case AES_KEYWR(7): |
| 265 | snprintf(tmp, sz, "KEYWR[%u]", (offset - AES_KEYWR(0)) >> 2); |
| 266 | break; |
| 267 | |
| 268 | case AES_IDATAR(0): |
| 269 | case AES_IDATAR(1): |
| 270 | case AES_IDATAR(2): |
| 271 | case AES_IDATAR(3): |
| 272 | snprintf(tmp, sz, "IDATAR[%u]", (offset - AES_IDATAR(0)) >> 2); |
| 273 | break; |
| 274 | |
| 275 | case AES_ODATAR(0): |
| 276 | case AES_ODATAR(1): |
| 277 | case AES_ODATAR(2): |
| 278 | case AES_ODATAR(3): |
| 279 | snprintf(tmp, sz, "ODATAR[%u]", (offset - AES_ODATAR(0)) >> 2); |
| 280 | break; |
| 281 | |
| 282 | case AES_IVR(0): |
| 283 | case AES_IVR(1): |
| 284 | case AES_IVR(2): |
| 285 | case AES_IVR(3): |
| 286 | snprintf(tmp, sz, "IVR[%u]", (offset - AES_IVR(0)) >> 2); |
| 287 | break; |
| 288 | |
| 289 | case AES_AADLENR: |
| 290 | return "AADLENR"; |
| 291 | |
| 292 | case AES_CLENR: |
| 293 | return "CLENR"; |
| 294 | |
| 295 | case AES_GHASHR(0): |
| 296 | case AES_GHASHR(1): |
| 297 | case AES_GHASHR(2): |
| 298 | case AES_GHASHR(3): |
| 299 | snprintf(tmp, sz, "GHASHR[%u]", (offset - AES_GHASHR(0)) >> 2); |
| 300 | break; |
| 301 | |
| 302 | case AES_TAGR(0): |
| 303 | case AES_TAGR(1): |
| 304 | case AES_TAGR(2): |
| 305 | case AES_TAGR(3): |
| 306 | snprintf(tmp, sz, "TAGR[%u]", (offset - AES_TAGR(0)) >> 2); |
| 307 | break; |
| 308 | |
| 309 | case AES_CTRR: |
| 310 | return "CTRR"; |
| 311 | |
| 312 | case AES_GCMHR(0): |
| 313 | case AES_GCMHR(1): |
| 314 | case AES_GCMHR(2): |
| 315 | case AES_GCMHR(3): |
| 316 | snprintf(tmp, sz, "GCMHR[%u]", (offset - AES_GCMHR(0)) >> 2); |
Herbert Xu | e31835a | 2016-01-19 09:05:43 +0800 | [diff] [blame] | 317 | break; |
Cyrille Pitchen | 4537992 | 2015-12-17 18:13:08 +0100 | [diff] [blame] | 318 | |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 319 | case AES_EMR: |
| 320 | return "EMR"; |
| 321 | |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 322 | case AES_TWR(0): |
| 323 | case AES_TWR(1): |
| 324 | case AES_TWR(2): |
| 325 | case AES_TWR(3): |
| 326 | snprintf(tmp, sz, "TWR[%u]", (offset - AES_TWR(0)) >> 2); |
| 327 | break; |
| 328 | |
| 329 | case AES_ALPHAR(0): |
| 330 | case AES_ALPHAR(1): |
| 331 | case AES_ALPHAR(2): |
| 332 | case AES_ALPHAR(3): |
| 333 | snprintf(tmp, sz, "ALPHAR[%u]", (offset - AES_ALPHAR(0)) >> 2); |
| 334 | break; |
| 335 | |
Cyrille Pitchen | 4537992 | 2015-12-17 18:13:08 +0100 | [diff] [blame] | 336 | default: |
| 337 | snprintf(tmp, sz, "0x%02x", offset); |
| 338 | break; |
| 339 | } |
| 340 | |
| 341 | return tmp; |
| 342 | } |
| 343 | #endif /* VERBOSE_DEBUG */ |
| 344 | |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 345 | /* Shared functions */ |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 346 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 347 | static inline u32 atmel_aes_read(struct atmel_aes_dev *dd, u32 offset) |
| 348 | { |
Cyrille Pitchen | 4537992 | 2015-12-17 18:13:08 +0100 | [diff] [blame] | 349 | u32 value = readl_relaxed(dd->io_base + offset); |
| 350 | |
| 351 | #ifdef VERBOSE_DEBUG |
| 352 | if (dd->flags & AES_FLAGS_DUMP_REG) { |
| 353 | char tmp[16]; |
| 354 | |
| 355 | dev_vdbg(dd->dev, "read 0x%08x from %s\n", value, |
| 356 | atmel_aes_reg_name(offset, tmp, sizeof(tmp))); |
| 357 | } |
| 358 | #endif /* VERBOSE_DEBUG */ |
| 359 | |
| 360 | return value; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 361 | } |
| 362 | |
| 363 | static inline void atmel_aes_write(struct atmel_aes_dev *dd, |
| 364 | u32 offset, u32 value) |
| 365 | { |
Cyrille Pitchen | 4537992 | 2015-12-17 18:13:08 +0100 | [diff] [blame] | 366 | #ifdef VERBOSE_DEBUG |
| 367 | if (dd->flags & AES_FLAGS_DUMP_REG) { |
| 368 | char tmp[16]; |
| 369 | |
| 370 | dev_vdbg(dd->dev, "write 0x%08x into %s\n", value, |
Cyrille Pitchen | f709dc8 | 2016-09-29 18:46:57 +0200 | [diff] [blame] | 371 | atmel_aes_reg_name(offset, tmp, sizeof(tmp))); |
Cyrille Pitchen | 4537992 | 2015-12-17 18:13:08 +0100 | [diff] [blame] | 372 | } |
| 373 | #endif /* VERBOSE_DEBUG */ |
| 374 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 375 | writel_relaxed(value, dd->io_base + offset); |
| 376 | } |
| 377 | |
| 378 | static void atmel_aes_read_n(struct atmel_aes_dev *dd, u32 offset, |
| 379 | u32 *value, int count) |
| 380 | { |
| 381 | for (; count--; value++, offset += 4) |
| 382 | *value = atmel_aes_read(dd, offset); |
| 383 | } |
| 384 | |
| 385 | static void atmel_aes_write_n(struct atmel_aes_dev *dd, u32 offset, |
Cyrille Pitchen | c0b28d8 | 2015-12-17 17:48:33 +0100 | [diff] [blame] | 386 | const u32 *value, int count) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 387 | { |
| 388 | for (; count--; value++, offset += 4) |
| 389 | atmel_aes_write(dd, offset, *value); |
| 390 | } |
| 391 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 392 | static inline void atmel_aes_read_block(struct atmel_aes_dev *dd, u32 offset, |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 393 | void *value) |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 394 | { |
| 395 | atmel_aes_read_n(dd, offset, value, SIZE_IN_WORDS(AES_BLOCK_SIZE)); |
| 396 | } |
| 397 | |
| 398 | static inline void atmel_aes_write_block(struct atmel_aes_dev *dd, u32 offset, |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 399 | const void *value) |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 400 | { |
| 401 | atmel_aes_write_n(dd, offset, value, SIZE_IN_WORDS(AES_BLOCK_SIZE)); |
| 402 | } |
| 403 | |
| 404 | static inline int atmel_aes_wait_for_data_ready(struct atmel_aes_dev *dd, |
| 405 | atmel_aes_fn_t resume) |
| 406 | { |
| 407 | u32 isr = atmel_aes_read(dd, AES_ISR); |
| 408 | |
| 409 | if (unlikely(isr & AES_INT_DATARDY)) |
| 410 | return resume(dd); |
| 411 | |
| 412 | dd->resume = resume; |
| 413 | atmel_aes_write(dd, AES_IER, AES_INT_DATARDY); |
| 414 | return -EINPROGRESS; |
| 415 | } |
| 416 | |
| 417 | static inline size_t atmel_aes_padlen(size_t len, size_t block_size) |
| 418 | { |
| 419 | len &= block_size - 1; |
| 420 | return len ? block_size - len : 0; |
| 421 | } |
| 422 | |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 423 | static struct atmel_aes_dev *atmel_aes_dev_alloc(struct atmel_aes_base_ctx *ctx) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 424 | { |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 425 | struct atmel_aes_dev *aes_dd; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 426 | |
| 427 | spin_lock_bh(&atmel_aes.lock); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 428 | /* One AES IP per SoC. */ |
| 429 | aes_dd = list_first_entry_or_null(&atmel_aes.dev_list, |
| 430 | struct atmel_aes_dev, list); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 431 | spin_unlock_bh(&atmel_aes.lock); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 432 | return aes_dd; |
| 433 | } |
| 434 | |
| 435 | static int atmel_aes_hw_init(struct atmel_aes_dev *dd) |
| 436 | { |
LABBE Corentin | 9d83d29 | 2015-10-02 14:12:58 +0200 | [diff] [blame] | 437 | int err; |
| 438 | |
Cyrille Pitchen | 49a2045 | 2016-01-29 17:53:33 +0100 | [diff] [blame] | 439 | err = clk_enable(dd->iclk); |
LABBE Corentin | 9d83d29 | 2015-10-02 14:12:58 +0200 | [diff] [blame] | 440 | if (err) |
| 441 | return err; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 442 | |
Romain Izard | 7a373fd | 2017-10-31 16:25:24 +0100 | [diff] [blame] | 443 | atmel_aes_write(dd, AES_CR, AES_CR_SWRST); |
| 444 | atmel_aes_write(dd, AES_MR, 0xE << AES_MR_CKEY_OFFSET); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 445 | |
| 446 | return 0; |
| 447 | } |
| 448 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 449 | static inline unsigned int atmel_aes_get_version(struct atmel_aes_dev *dd) |
| 450 | { |
| 451 | return atmel_aes_read(dd, AES_HW_VERSION) & 0x00000fff; |
| 452 | } |
| 453 | |
Cyrille Pitchen | aab0a39 | 2015-12-17 17:48:37 +0100 | [diff] [blame] | 454 | static int atmel_aes_hw_version_init(struct atmel_aes_dev *dd) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 455 | { |
Cyrille Pitchen | aab0a39 | 2015-12-17 17:48:37 +0100 | [diff] [blame] | 456 | int err; |
| 457 | |
| 458 | err = atmel_aes_hw_init(dd); |
| 459 | if (err) |
| 460 | return err; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 461 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 462 | dd->hw_version = atmel_aes_get_version(dd); |
| 463 | |
Cyrille Pitchen | aab0a39 | 2015-12-17 17:48:37 +0100 | [diff] [blame] | 464 | dev_info(dd->dev, "version: 0x%x\n", dd->hw_version); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 465 | |
Cyrille Pitchen | 49a2045 | 2016-01-29 17:53:33 +0100 | [diff] [blame] | 466 | clk_disable(dd->iclk); |
Cyrille Pitchen | aab0a39 | 2015-12-17 17:48:37 +0100 | [diff] [blame] | 467 | return 0; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 468 | } |
| 469 | |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 470 | static inline void atmel_aes_set_mode(struct atmel_aes_dev *dd, |
| 471 | const struct atmel_aes_reqctx *rctx) |
| 472 | { |
| 473 | /* Clear all but persistent flags and set request flags. */ |
| 474 | dd->flags = (dd->flags & AES_FLAGS_PERSISTENT) | rctx->mode; |
| 475 | } |
| 476 | |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 477 | static inline bool atmel_aes_is_encrypt(const struct atmel_aes_dev *dd) |
| 478 | { |
| 479 | return (dd->flags & AES_FLAGS_ENCRYPT); |
| 480 | } |
| 481 | |
Herbert Xu | 1520c72 | 2019-10-28 15:39:07 +0800 | [diff] [blame] | 482 | #if IS_ENABLED(CONFIG_CRYPTO_DEV_ATMEL_AUTHENC) |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 483 | static void atmel_aes_authenc_complete(struct atmel_aes_dev *dd, int err); |
| 484 | #endif |
| 485 | |
Tudor Ambarus | 86ef1df | 2019-10-04 08:55:37 +0000 | [diff] [blame] | 486 | static void atmel_aes_set_iv_as_last_ciphertext_block(struct atmel_aes_dev *dd) |
| 487 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 488 | struct skcipher_request *req = skcipher_request_cast(dd->areq); |
| 489 | struct atmel_aes_reqctx *rctx = skcipher_request_ctx(req); |
| 490 | struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); |
| 491 | unsigned int ivsize = crypto_skcipher_ivsize(skcipher); |
Tudor Ambarus | 86ef1df | 2019-10-04 08:55:37 +0000 | [diff] [blame] | 492 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 493 | if (req->cryptlen < ivsize) |
Tudor Ambarus | 86ef1df | 2019-10-04 08:55:37 +0000 | [diff] [blame] | 494 | return; |
| 495 | |
| 496 | if (rctx->mode & AES_FLAGS_ENCRYPT) { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 497 | scatterwalk_map_and_copy(req->iv, req->dst, |
| 498 | req->cryptlen - ivsize, ivsize, 0); |
Tudor Ambarus | 86ef1df | 2019-10-04 08:55:37 +0000 | [diff] [blame] | 499 | } else { |
| 500 | if (req->src == req->dst) |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 501 | memcpy(req->iv, rctx->lastc, ivsize); |
Tudor Ambarus | 86ef1df | 2019-10-04 08:55:37 +0000 | [diff] [blame] | 502 | else |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 503 | scatterwalk_map_and_copy(req->iv, req->src, |
| 504 | req->cryptlen - ivsize, |
Tudor Ambarus | 86ef1df | 2019-10-04 08:55:37 +0000 | [diff] [blame] | 505 | ivsize, 0); |
| 506 | } |
| 507 | } |
| 508 | |
Tudor Ambarus | 371731e | 2019-12-05 09:54:03 +0000 | [diff] [blame] | 509 | static inline struct atmel_aes_ctr_ctx * |
| 510 | atmel_aes_ctr_ctx_cast(struct atmel_aes_base_ctx *ctx) |
| 511 | { |
| 512 | return container_of(ctx, struct atmel_aes_ctr_ctx, base); |
| 513 | } |
| 514 | |
| 515 | static void atmel_aes_ctr_update_req_iv(struct atmel_aes_dev *dd) |
| 516 | { |
| 517 | struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); |
| 518 | struct skcipher_request *req = skcipher_request_cast(dd->areq); |
| 519 | struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); |
| 520 | unsigned int ivsize = crypto_skcipher_ivsize(skcipher); |
| 521 | int i; |
| 522 | |
Tudor Ambarus | 3907ccf | 2019-12-13 14:45:44 +0000 | [diff] [blame] | 523 | /* |
| 524 | * The CTR transfer works in fragments of data of maximum 1 MByte |
| 525 | * because of the 16 bit CTR counter embedded in the IP. When reaching |
| 526 | * here, ctx->blocks contains the number of blocks of the last fragment |
| 527 | * processed, there is no need to explicit cast it to u16. |
| 528 | */ |
Tudor Ambarus | 371731e | 2019-12-05 09:54:03 +0000 | [diff] [blame] | 529 | for (i = 0; i < ctx->blocks; i++) |
| 530 | crypto_inc((u8 *)ctx->iv, AES_BLOCK_SIZE); |
| 531 | |
| 532 | memcpy(req->iv, ctx->iv, ivsize); |
| 533 | } |
| 534 | |
Cyrille Pitchen | 10f12c1 | 2015-12-17 17:48:42 +0100 | [diff] [blame] | 535 | static inline int atmel_aes_complete(struct atmel_aes_dev *dd, int err) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 536 | { |
Tudor Ambarus | c65d123 | 2019-12-05 09:54:00 +0000 | [diff] [blame] | 537 | struct skcipher_request *req = skcipher_request_cast(dd->areq); |
| 538 | struct atmel_aes_reqctx *rctx = skcipher_request_ctx(req); |
| 539 | |
Herbert Xu | 1520c72 | 2019-10-28 15:39:07 +0800 | [diff] [blame] | 540 | #if IS_ENABLED(CONFIG_CRYPTO_DEV_ATMEL_AUTHENC) |
Romain Izard | 9130801 | 2017-10-31 16:25:23 +0100 | [diff] [blame] | 541 | if (dd->ctx->is_aead) |
| 542 | atmel_aes_authenc_complete(dd, err); |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 543 | #endif |
| 544 | |
Cyrille Pitchen | 49a2045 | 2016-01-29 17:53:33 +0100 | [diff] [blame] | 545 | clk_disable(dd->iclk); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 546 | dd->flags &= ~AES_FLAGS_BUSY; |
| 547 | |
Tudor Ambarus | 27f4adf | 2019-12-13 09:54:56 +0000 | [diff] [blame] | 548 | if (!err && !dd->ctx->is_aead && |
Tudor Ambarus | 371731e | 2019-12-05 09:54:03 +0000 | [diff] [blame] | 549 | (rctx->mode & AES_FLAGS_OPMODE_MASK) != AES_FLAGS_ECB) { |
| 550 | if ((rctx->mode & AES_FLAGS_OPMODE_MASK) != AES_FLAGS_CTR) |
| 551 | atmel_aes_set_iv_as_last_ciphertext_block(dd); |
| 552 | else |
| 553 | atmel_aes_ctr_update_req_iv(dd); |
| 554 | } |
Romain Izard | 9130801 | 2017-10-31 16:25:23 +0100 | [diff] [blame] | 555 | |
Cyrille Pitchen | 10f12c1 | 2015-12-17 17:48:42 +0100 | [diff] [blame] | 556 | if (dd->is_async) |
| 557 | dd->areq->complete(dd->areq, err); |
| 558 | |
| 559 | tasklet_schedule(&dd->queue_task); |
| 560 | |
| 561 | return err; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 562 | } |
| 563 | |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 564 | static void atmel_aes_write_ctrl_key(struct atmel_aes_dev *dd, bool use_dma, |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 565 | const __be32 *iv, const u32 *key, int keylen) |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 566 | { |
| 567 | u32 valmr = 0; |
| 568 | |
| 569 | /* MR register must be set before IV registers */ |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 570 | if (keylen == AES_KEYSIZE_128) |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 571 | valmr |= AES_MR_KEYSIZE_128; |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 572 | else if (keylen == AES_KEYSIZE_192) |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 573 | valmr |= AES_MR_KEYSIZE_192; |
| 574 | else |
| 575 | valmr |= AES_MR_KEYSIZE_256; |
| 576 | |
| 577 | valmr |= dd->flags & AES_FLAGS_MODE_MASK; |
| 578 | |
| 579 | if (use_dma) { |
| 580 | valmr |= AES_MR_SMOD_IDATAR0; |
| 581 | if (dd->caps.has_dualbuff) |
| 582 | valmr |= AES_MR_DUALBUFF; |
| 583 | } else { |
| 584 | valmr |= AES_MR_SMOD_AUTO; |
| 585 | } |
| 586 | |
| 587 | atmel_aes_write(dd, AES_MR, valmr); |
| 588 | |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 589 | atmel_aes_write_n(dd, AES_KEYWR(0), key, SIZE_IN_WORDS(keylen)); |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 590 | |
| 591 | if (iv && (valmr & AES_MR_OPMOD_MASK) != AES_MR_OPMOD_ECB) |
| 592 | atmel_aes_write_block(dd, AES_IVR(0), iv); |
| 593 | } |
| 594 | |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 595 | static inline void atmel_aes_write_ctrl(struct atmel_aes_dev *dd, bool use_dma, |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 596 | const __be32 *iv) |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 597 | |
| 598 | { |
| 599 | atmel_aes_write_ctrl_key(dd, use_dma, iv, |
| 600 | dd->ctx->key, dd->ctx->keylen); |
| 601 | } |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 602 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 603 | /* CPU transfer */ |
| 604 | |
| 605 | static int atmel_aes_cpu_transfer(struct atmel_aes_dev *dd) |
| 606 | { |
| 607 | int err = 0; |
| 608 | u32 isr; |
| 609 | |
| 610 | for (;;) { |
| 611 | atmel_aes_read_block(dd, AES_ODATAR(0), dd->data); |
| 612 | dd->data += 4; |
| 613 | dd->datalen -= AES_BLOCK_SIZE; |
| 614 | |
| 615 | if (dd->datalen < AES_BLOCK_SIZE) |
| 616 | break; |
| 617 | |
| 618 | atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); |
| 619 | |
| 620 | isr = atmel_aes_read(dd, AES_ISR); |
| 621 | if (!(isr & AES_INT_DATARDY)) { |
| 622 | dd->resume = atmel_aes_cpu_transfer; |
| 623 | atmel_aes_write(dd, AES_IER, AES_INT_DATARDY); |
| 624 | return -EINPROGRESS; |
| 625 | } |
| 626 | } |
| 627 | |
| 628 | if (!sg_copy_from_buffer(dd->real_dst, sg_nents(dd->real_dst), |
| 629 | dd->buf, dd->total)) |
| 630 | err = -EINVAL; |
| 631 | |
| 632 | if (err) |
| 633 | return atmel_aes_complete(dd, err); |
| 634 | |
| 635 | return dd->cpu_transfer_complete(dd); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 636 | } |
| 637 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 638 | static int atmel_aes_cpu_start(struct atmel_aes_dev *dd, |
| 639 | struct scatterlist *src, |
| 640 | struct scatterlist *dst, |
| 641 | size_t len, |
| 642 | atmel_aes_fn_t resume) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 643 | { |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 644 | size_t padlen = atmel_aes_padlen(len, AES_BLOCK_SIZE); |
| 645 | |
| 646 | if (unlikely(len == 0)) |
| 647 | return -EINVAL; |
| 648 | |
| 649 | sg_copy_to_buffer(src, sg_nents(src), dd->buf, len); |
| 650 | |
| 651 | dd->total = len; |
| 652 | dd->real_dst = dst; |
| 653 | dd->cpu_transfer_complete = resume; |
| 654 | dd->datalen = len + padlen; |
| 655 | dd->data = (u32 *)dd->buf; |
| 656 | atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); |
| 657 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_cpu_transfer); |
| 658 | } |
| 659 | |
| 660 | |
| 661 | /* DMA transfer */ |
| 662 | |
| 663 | static void atmel_aes_dma_callback(void *data); |
| 664 | |
| 665 | static bool atmel_aes_check_aligned(struct atmel_aes_dev *dd, |
| 666 | struct scatterlist *sg, |
| 667 | size_t len, |
| 668 | struct atmel_aes_dma *dma) |
| 669 | { |
| 670 | int nents; |
| 671 | |
| 672 | if (!IS_ALIGNED(len, dd->ctx->block_size)) |
| 673 | return false; |
| 674 | |
| 675 | for (nents = 0; sg; sg = sg_next(sg), ++nents) { |
| 676 | if (!IS_ALIGNED(sg->offset, sizeof(u32))) |
| 677 | return false; |
| 678 | |
| 679 | if (len <= sg->length) { |
| 680 | if (!IS_ALIGNED(len, dd->ctx->block_size)) |
| 681 | return false; |
| 682 | |
| 683 | dma->nents = nents+1; |
| 684 | dma->remainder = sg->length - len; |
| 685 | sg->length = len; |
| 686 | return true; |
| 687 | } |
| 688 | |
| 689 | if (!IS_ALIGNED(sg->length, dd->ctx->block_size)) |
| 690 | return false; |
| 691 | |
| 692 | len -= sg->length; |
| 693 | } |
| 694 | |
| 695 | return false; |
| 696 | } |
| 697 | |
| 698 | static inline void atmel_aes_restore_sg(const struct atmel_aes_dma *dma) |
| 699 | { |
| 700 | struct scatterlist *sg = dma->sg; |
| 701 | int nents = dma->nents; |
| 702 | |
| 703 | if (!dma->remainder) |
| 704 | return; |
| 705 | |
| 706 | while (--nents > 0 && sg) |
| 707 | sg = sg_next(sg); |
| 708 | |
| 709 | if (!sg) |
| 710 | return; |
| 711 | |
| 712 | sg->length += dma->remainder; |
| 713 | } |
| 714 | |
| 715 | static int atmel_aes_map(struct atmel_aes_dev *dd, |
| 716 | struct scatterlist *src, |
| 717 | struct scatterlist *dst, |
| 718 | size_t len) |
| 719 | { |
| 720 | bool src_aligned, dst_aligned; |
| 721 | size_t padlen; |
| 722 | |
| 723 | dd->total = len; |
| 724 | dd->src.sg = src; |
| 725 | dd->dst.sg = dst; |
| 726 | dd->real_dst = dst; |
| 727 | |
| 728 | src_aligned = atmel_aes_check_aligned(dd, src, len, &dd->src); |
| 729 | if (src == dst) |
| 730 | dst_aligned = src_aligned; |
| 731 | else |
| 732 | dst_aligned = atmel_aes_check_aligned(dd, dst, len, &dd->dst); |
| 733 | if (!src_aligned || !dst_aligned) { |
| 734 | padlen = atmel_aes_padlen(len, dd->ctx->block_size); |
| 735 | |
| 736 | if (dd->buflen < len + padlen) |
| 737 | return -ENOMEM; |
| 738 | |
| 739 | if (!src_aligned) { |
| 740 | sg_copy_to_buffer(src, sg_nents(src), dd->buf, len); |
| 741 | dd->src.sg = &dd->aligned_sg; |
| 742 | dd->src.nents = 1; |
| 743 | dd->src.remainder = 0; |
| 744 | } |
| 745 | |
| 746 | if (!dst_aligned) { |
| 747 | dd->dst.sg = &dd->aligned_sg; |
| 748 | dd->dst.nents = 1; |
| 749 | dd->dst.remainder = 0; |
| 750 | } |
| 751 | |
| 752 | sg_init_table(&dd->aligned_sg, 1); |
| 753 | sg_set_buf(&dd->aligned_sg, dd->buf, len + padlen); |
| 754 | } |
| 755 | |
| 756 | if (dd->src.sg == dd->dst.sg) { |
| 757 | dd->src.sg_len = dma_map_sg(dd->dev, dd->src.sg, dd->src.nents, |
| 758 | DMA_BIDIRECTIONAL); |
| 759 | dd->dst.sg_len = dd->src.sg_len; |
| 760 | if (!dd->src.sg_len) |
| 761 | return -EFAULT; |
| 762 | } else { |
| 763 | dd->src.sg_len = dma_map_sg(dd->dev, dd->src.sg, dd->src.nents, |
| 764 | DMA_TO_DEVICE); |
| 765 | if (!dd->src.sg_len) |
| 766 | return -EFAULT; |
| 767 | |
| 768 | dd->dst.sg_len = dma_map_sg(dd->dev, dd->dst.sg, dd->dst.nents, |
| 769 | DMA_FROM_DEVICE); |
| 770 | if (!dd->dst.sg_len) { |
| 771 | dma_unmap_sg(dd->dev, dd->src.sg, dd->src.nents, |
| 772 | DMA_TO_DEVICE); |
| 773 | return -EFAULT; |
| 774 | } |
| 775 | } |
| 776 | |
| 777 | return 0; |
| 778 | } |
| 779 | |
| 780 | static void atmel_aes_unmap(struct atmel_aes_dev *dd) |
| 781 | { |
| 782 | if (dd->src.sg == dd->dst.sg) { |
| 783 | dma_unmap_sg(dd->dev, dd->src.sg, dd->src.nents, |
| 784 | DMA_BIDIRECTIONAL); |
| 785 | |
| 786 | if (dd->src.sg != &dd->aligned_sg) |
| 787 | atmel_aes_restore_sg(&dd->src); |
| 788 | } else { |
| 789 | dma_unmap_sg(dd->dev, dd->dst.sg, dd->dst.nents, |
| 790 | DMA_FROM_DEVICE); |
| 791 | |
| 792 | if (dd->dst.sg != &dd->aligned_sg) |
| 793 | atmel_aes_restore_sg(&dd->dst); |
| 794 | |
| 795 | dma_unmap_sg(dd->dev, dd->src.sg, dd->src.nents, |
| 796 | DMA_TO_DEVICE); |
| 797 | |
| 798 | if (dd->src.sg != &dd->aligned_sg) |
| 799 | atmel_aes_restore_sg(&dd->src); |
| 800 | } |
| 801 | |
| 802 | if (dd->dst.sg == &dd->aligned_sg) |
| 803 | sg_copy_from_buffer(dd->real_dst, sg_nents(dd->real_dst), |
| 804 | dd->buf, dd->total); |
| 805 | } |
| 806 | |
| 807 | static int atmel_aes_dma_transfer_start(struct atmel_aes_dev *dd, |
| 808 | enum dma_slave_buswidth addr_width, |
| 809 | enum dma_transfer_direction dir, |
| 810 | u32 maxburst) |
| 811 | { |
| 812 | struct dma_async_tx_descriptor *desc; |
| 813 | struct dma_slave_config config; |
| 814 | dma_async_tx_callback callback; |
| 815 | struct atmel_aes_dma *dma; |
| 816 | int err; |
| 817 | |
| 818 | memset(&config, 0, sizeof(config)); |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 819 | config.src_addr_width = addr_width; |
| 820 | config.dst_addr_width = addr_width; |
| 821 | config.src_maxburst = maxburst; |
| 822 | config.dst_maxburst = maxburst; |
| 823 | |
| 824 | switch (dir) { |
| 825 | case DMA_MEM_TO_DEV: |
| 826 | dma = &dd->src; |
| 827 | callback = NULL; |
| 828 | config.dst_addr = dd->phys_base + AES_IDATAR(0); |
| 829 | break; |
| 830 | |
| 831 | case DMA_DEV_TO_MEM: |
| 832 | dma = &dd->dst; |
| 833 | callback = atmel_aes_dma_callback; |
| 834 | config.src_addr = dd->phys_base + AES_ODATAR(0); |
| 835 | break; |
| 836 | |
| 837 | default: |
| 838 | return -EINVAL; |
| 839 | } |
| 840 | |
| 841 | err = dmaengine_slave_config(dma->chan, &config); |
| 842 | if (err) |
| 843 | return err; |
| 844 | |
| 845 | desc = dmaengine_prep_slave_sg(dma->chan, dma->sg, dma->sg_len, dir, |
| 846 | DMA_PREP_INTERRUPT | DMA_CTRL_ACK); |
| 847 | if (!desc) |
| 848 | return -ENOMEM; |
| 849 | |
| 850 | desc->callback = callback; |
| 851 | desc->callback_param = dd; |
| 852 | dmaengine_submit(desc); |
| 853 | dma_async_issue_pending(dma->chan); |
| 854 | |
| 855 | return 0; |
| 856 | } |
| 857 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 858 | static int atmel_aes_dma_start(struct atmel_aes_dev *dd, |
| 859 | struct scatterlist *src, |
| 860 | struct scatterlist *dst, |
| 861 | size_t len, |
| 862 | atmel_aes_fn_t resume) |
| 863 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 864 | enum dma_slave_buswidth addr_width; |
| 865 | u32 maxburst; |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 866 | int err; |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 867 | |
| 868 | switch (dd->ctx->block_size) { |
| 869 | case CFB8_BLOCK_SIZE: |
| 870 | addr_width = DMA_SLAVE_BUSWIDTH_1_BYTE; |
| 871 | maxburst = 1; |
| 872 | break; |
| 873 | |
| 874 | case CFB16_BLOCK_SIZE: |
| 875 | addr_width = DMA_SLAVE_BUSWIDTH_2_BYTES; |
| 876 | maxburst = 1; |
| 877 | break; |
| 878 | |
| 879 | case CFB32_BLOCK_SIZE: |
| 880 | case CFB64_BLOCK_SIZE: |
| 881 | addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES; |
| 882 | maxburst = 1; |
| 883 | break; |
| 884 | |
| 885 | case AES_BLOCK_SIZE: |
| 886 | addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES; |
| 887 | maxburst = dd->caps.max_burst_size; |
| 888 | break; |
| 889 | |
| 890 | default: |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 891 | err = -EINVAL; |
| 892 | goto exit; |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 893 | } |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 894 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 895 | err = atmel_aes_map(dd, src, dst, len); |
| 896 | if (err) |
| 897 | goto exit; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 898 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 899 | dd->resume = resume; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 900 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 901 | /* Set output DMA transfer first */ |
| 902 | err = atmel_aes_dma_transfer_start(dd, addr_width, DMA_DEV_TO_MEM, |
| 903 | maxburst); |
| 904 | if (err) |
| 905 | goto unmap; |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 906 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 907 | /* Then set input DMA transfer */ |
| 908 | err = atmel_aes_dma_transfer_start(dd, addr_width, DMA_MEM_TO_DEV, |
| 909 | maxburst); |
| 910 | if (err) |
| 911 | goto output_transfer_stop; |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 912 | |
Cyrille Pitchen | 10f12c1 | 2015-12-17 17:48:42 +0100 | [diff] [blame] | 913 | return -EINPROGRESS; |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 914 | |
| 915 | output_transfer_stop: |
Tudor Ambarus | 0e69378 | 2019-12-13 09:54:42 +0000 | [diff] [blame] | 916 | dmaengine_terminate_sync(dd->dst.chan); |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 917 | unmap: |
| 918 | atmel_aes_unmap(dd); |
| 919 | exit: |
| 920 | return atmel_aes_complete(dd, err); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 921 | } |
| 922 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 923 | static void atmel_aes_dma_callback(void *data) |
| 924 | { |
| 925 | struct atmel_aes_dev *dd = data; |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 926 | |
Tudor Ambarus | 0e69378 | 2019-12-13 09:54:42 +0000 | [diff] [blame] | 927 | atmel_aes_unmap(dd); |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 928 | dd->is_async = true; |
| 929 | (void)dd->resume(dd); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 930 | } |
| 931 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 932 | static int atmel_aes_handle_queue(struct atmel_aes_dev *dd, |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 933 | struct crypto_async_request *new_areq) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 934 | { |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 935 | struct crypto_async_request *areq, *backlog; |
| 936 | struct atmel_aes_base_ctx *ctx; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 937 | unsigned long flags; |
Cyrille Pitchen | a1f613f | 2017-01-26 17:07:55 +0100 | [diff] [blame] | 938 | bool start_async; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 939 | int err, ret = 0; |
| 940 | |
| 941 | spin_lock_irqsave(&dd->lock, flags); |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 942 | if (new_areq) |
| 943 | ret = crypto_enqueue_request(&dd->queue, new_areq); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 944 | if (dd->flags & AES_FLAGS_BUSY) { |
| 945 | spin_unlock_irqrestore(&dd->lock, flags); |
| 946 | return ret; |
| 947 | } |
| 948 | backlog = crypto_get_backlog(&dd->queue); |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 949 | areq = crypto_dequeue_request(&dd->queue); |
| 950 | if (areq) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 951 | dd->flags |= AES_FLAGS_BUSY; |
| 952 | spin_unlock_irqrestore(&dd->lock, flags); |
| 953 | |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 954 | if (!areq) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 955 | return ret; |
| 956 | |
| 957 | if (backlog) |
| 958 | backlog->complete(backlog, -EINPROGRESS); |
| 959 | |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 960 | ctx = crypto_tfm_ctx(areq->tfm); |
| 961 | |
| 962 | dd->areq = areq; |
Cyrille Pitchen | a1f613f | 2017-01-26 17:07:55 +0100 | [diff] [blame] | 963 | start_async = (areq != new_areq); |
| 964 | dd->is_async = start_async; |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 965 | |
Cyrille Pitchen | a1f613f | 2017-01-26 17:07:55 +0100 | [diff] [blame] | 966 | /* WARNING: ctx->start() MAY change dd->is_async. */ |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 967 | err = ctx->start(dd); |
Cyrille Pitchen | a1f613f | 2017-01-26 17:07:55 +0100 | [diff] [blame] | 968 | return (start_async) ? ret : err; |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 969 | } |
| 970 | |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 971 | |
| 972 | /* AES async block ciphers */ |
| 973 | |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 974 | static int atmel_aes_transfer_complete(struct atmel_aes_dev *dd) |
| 975 | { |
| 976 | return atmel_aes_complete(dd, 0); |
| 977 | } |
| 978 | |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 979 | static int atmel_aes_start(struct atmel_aes_dev *dd) |
| 980 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 981 | struct skcipher_request *req = skcipher_request_cast(dd->areq); |
| 982 | struct atmel_aes_reqctx *rctx = skcipher_request_ctx(req); |
| 983 | bool use_dma = (req->cryptlen >= ATMEL_AES_DMA_THRESHOLD || |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 984 | dd->ctx->block_size != AES_BLOCK_SIZE); |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 985 | int err; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 986 | |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 987 | atmel_aes_set_mode(dd, rctx); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 988 | |
Cyrille Pitchen | cdfab4a | 2015-12-17 17:48:38 +0100 | [diff] [blame] | 989 | err = atmel_aes_hw_init(dd); |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 990 | if (err) |
Cyrille Pitchen | 10f12c1 | 2015-12-17 17:48:42 +0100 | [diff] [blame] | 991 | return atmel_aes_complete(dd, err); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 992 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 993 | atmel_aes_write_ctrl(dd, use_dma, (void *)req->iv); |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 994 | if (use_dma) |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 995 | return atmel_aes_dma_start(dd, req->src, req->dst, |
| 996 | req->cryptlen, |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 997 | atmel_aes_transfer_complete); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 998 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 999 | return atmel_aes_cpu_start(dd, req->src, req->dst, req->cryptlen, |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 1000 | atmel_aes_transfer_complete); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1001 | } |
| 1002 | |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1003 | static int atmel_aes_ctr_transfer(struct atmel_aes_dev *dd) |
| 1004 | { |
| 1005 | struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1006 | struct skcipher_request *req = skcipher_request_cast(dd->areq); |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1007 | struct scatterlist *src, *dst; |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1008 | size_t datalen; |
Tudor Ambarus | 781a08d | 2019-12-05 09:54:01 +0000 | [diff] [blame] | 1009 | u32 ctr; |
Tudor Ambarus | 371731e | 2019-12-05 09:54:03 +0000 | [diff] [blame] | 1010 | u16 start, end; |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1011 | bool use_dma, fragmented = false; |
| 1012 | |
| 1013 | /* Check for transfer completion. */ |
| 1014 | ctx->offset += dd->total; |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1015 | if (ctx->offset >= req->cryptlen) |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1016 | return atmel_aes_transfer_complete(dd); |
| 1017 | |
| 1018 | /* Compute data length. */ |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1019 | datalen = req->cryptlen - ctx->offset; |
Tudor Ambarus | 371731e | 2019-12-05 09:54:03 +0000 | [diff] [blame] | 1020 | ctx->blocks = DIV_ROUND_UP(datalen, AES_BLOCK_SIZE); |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1021 | ctr = be32_to_cpu(ctx->iv[3]); |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1022 | |
Tudor Ambarus | 781a08d | 2019-12-05 09:54:01 +0000 | [diff] [blame] | 1023 | /* Check 16bit counter overflow. */ |
| 1024 | start = ctr & 0xffff; |
Tudor Ambarus | 371731e | 2019-12-05 09:54:03 +0000 | [diff] [blame] | 1025 | end = start + ctx->blocks - 1; |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1026 | |
Tudor Ambarus | 371731e | 2019-12-05 09:54:03 +0000 | [diff] [blame] | 1027 | if (ctx->blocks >> 16 || end < start) { |
Tudor Ambarus | 781a08d | 2019-12-05 09:54:01 +0000 | [diff] [blame] | 1028 | ctr |= 0xffff; |
| 1029 | datalen = AES_BLOCK_SIZE * (0x10000 - start); |
| 1030 | fragmented = true; |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1031 | } |
Tudor Ambarus | 781a08d | 2019-12-05 09:54:01 +0000 | [diff] [blame] | 1032 | |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1033 | use_dma = (datalen >= ATMEL_AES_DMA_THRESHOLD); |
| 1034 | |
| 1035 | /* Jump to offset. */ |
| 1036 | src = scatterwalk_ffwd(ctx->src, req->src, ctx->offset); |
| 1037 | dst = ((req->src == req->dst) ? src : |
| 1038 | scatterwalk_ffwd(ctx->dst, req->dst, ctx->offset)); |
| 1039 | |
| 1040 | /* Configure hardware. */ |
| 1041 | atmel_aes_write_ctrl(dd, use_dma, ctx->iv); |
| 1042 | if (unlikely(fragmented)) { |
| 1043 | /* |
| 1044 | * Increment the counter manually to cope with the hardware |
| 1045 | * counter overflow. |
| 1046 | */ |
| 1047 | ctx->iv[3] = cpu_to_be32(ctr); |
| 1048 | crypto_inc((u8 *)ctx->iv, AES_BLOCK_SIZE); |
| 1049 | } |
| 1050 | |
| 1051 | if (use_dma) |
| 1052 | return atmel_aes_dma_start(dd, src, dst, datalen, |
| 1053 | atmel_aes_ctr_transfer); |
| 1054 | |
| 1055 | return atmel_aes_cpu_start(dd, src, dst, datalen, |
| 1056 | atmel_aes_ctr_transfer); |
| 1057 | } |
| 1058 | |
| 1059 | static int atmel_aes_ctr_start(struct atmel_aes_dev *dd) |
| 1060 | { |
| 1061 | struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1062 | struct skcipher_request *req = skcipher_request_cast(dd->areq); |
| 1063 | struct atmel_aes_reqctx *rctx = skcipher_request_ctx(req); |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1064 | int err; |
| 1065 | |
| 1066 | atmel_aes_set_mode(dd, rctx); |
| 1067 | |
| 1068 | err = atmel_aes_hw_init(dd); |
| 1069 | if (err) |
| 1070 | return atmel_aes_complete(dd, err); |
| 1071 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1072 | memcpy(ctx->iv, req->iv, AES_BLOCK_SIZE); |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1073 | ctx->offset = 0; |
| 1074 | dd->total = 0; |
| 1075 | return atmel_aes_ctr_transfer(dd); |
| 1076 | } |
| 1077 | |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 1078 | static int atmel_aes_xts_fallback(struct skcipher_request *req, bool enc) |
| 1079 | { |
| 1080 | struct atmel_aes_reqctx *rctx = skcipher_request_ctx(req); |
| 1081 | struct atmel_aes_xts_ctx *ctx = crypto_skcipher_ctx( |
| 1082 | crypto_skcipher_reqtfm(req)); |
| 1083 | |
| 1084 | skcipher_request_set_tfm(&rctx->fallback_req, ctx->fallback_tfm); |
| 1085 | skcipher_request_set_callback(&rctx->fallback_req, req->base.flags, |
| 1086 | req->base.complete, req->base.data); |
| 1087 | skcipher_request_set_crypt(&rctx->fallback_req, req->src, req->dst, |
| 1088 | req->cryptlen, req->iv); |
| 1089 | |
| 1090 | return enc ? crypto_skcipher_encrypt(&rctx->fallback_req) : |
| 1091 | crypto_skcipher_decrypt(&rctx->fallback_req); |
| 1092 | } |
| 1093 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1094 | static int atmel_aes_crypt(struct skcipher_request *req, unsigned long mode) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1095 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1096 | struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); |
| 1097 | struct atmel_aes_base_ctx *ctx = crypto_skcipher_ctx(skcipher); |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 1098 | struct atmel_aes_reqctx *rctx; |
Tudor Ambarus | 534b32a | 2021-07-20 11:55:29 +0300 | [diff] [blame] | 1099 | u32 opmode = mode & AES_FLAGS_OPMODE_MASK; |
| 1100 | |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 1101 | if (opmode == AES_FLAGS_XTS) { |
| 1102 | if (req->cryptlen < XTS_BLOCK_SIZE) |
| 1103 | return -EINVAL; |
| 1104 | |
| 1105 | if (!IS_ALIGNED(req->cryptlen, XTS_BLOCK_SIZE)) |
| 1106 | return atmel_aes_xts_fallback(req, |
| 1107 | mode & AES_FLAGS_ENCRYPT); |
| 1108 | } |
Tudor Ambarus | 26d769a | 2021-07-20 11:55:30 +0300 | [diff] [blame] | 1109 | |
Tudor Ambarus | 0d04335 | 2021-07-20 11:55:31 +0300 | [diff] [blame] | 1110 | /* |
| 1111 | * ECB, CBC, CFB, OFB or CTR mode require the plaintext and ciphertext |
| 1112 | * to have a positve integer length. |
| 1113 | */ |
| 1114 | if (!req->cryptlen && opmode != AES_FLAGS_XTS) |
| 1115 | return 0; |
| 1116 | |
Tudor Ambarus | 534b32a | 2021-07-20 11:55:29 +0300 | [diff] [blame] | 1117 | if ((opmode == AES_FLAGS_ECB || opmode == AES_FLAGS_CBC) && |
| 1118 | !IS_ALIGNED(req->cryptlen, crypto_skcipher_blocksize(skcipher))) |
| 1119 | return -EINVAL; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1120 | |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1121 | switch (mode & AES_FLAGS_OPMODE_MASK) { |
| 1122 | case AES_FLAGS_CFB8: |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 1123 | ctx->block_size = CFB8_BLOCK_SIZE; |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1124 | break; |
| 1125 | |
| 1126 | case AES_FLAGS_CFB16: |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 1127 | ctx->block_size = CFB16_BLOCK_SIZE; |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1128 | break; |
| 1129 | |
| 1130 | case AES_FLAGS_CFB32: |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 1131 | ctx->block_size = CFB32_BLOCK_SIZE; |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1132 | break; |
| 1133 | |
| 1134 | case AES_FLAGS_CFB64: |
Leilei Zhao | 9f84951 | 2014-04-22 15:23:24 +0800 | [diff] [blame] | 1135 | ctx->block_size = CFB64_BLOCK_SIZE; |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1136 | break; |
| 1137 | |
| 1138 | default: |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 1139 | ctx->block_size = AES_BLOCK_SIZE; |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1140 | break; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1141 | } |
Romain Izard | 9130801 | 2017-10-31 16:25:23 +0100 | [diff] [blame] | 1142 | ctx->is_aead = false; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1143 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1144 | rctx = skcipher_request_ctx(req); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1145 | rctx->mode = mode; |
| 1146 | |
Tudor Ambarus | 534b32a | 2021-07-20 11:55:29 +0300 | [diff] [blame] | 1147 | if (opmode != AES_FLAGS_ECB && |
Tudor Ambarus | c65d123 | 2019-12-05 09:54:00 +0000 | [diff] [blame] | 1148 | !(mode & AES_FLAGS_ENCRYPT) && req->src == req->dst) { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1149 | unsigned int ivsize = crypto_skcipher_ivsize(skcipher); |
Romain Izard | 9130801 | 2017-10-31 16:25:23 +0100 | [diff] [blame] | 1150 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1151 | if (req->cryptlen >= ivsize) |
Tudor Ambarus | 86ef1df | 2019-10-04 08:55:37 +0000 | [diff] [blame] | 1152 | scatterwalk_map_and_copy(rctx->lastc, req->src, |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1153 | req->cryptlen - ivsize, |
Tudor Ambarus | 86ef1df | 2019-10-04 08:55:37 +0000 | [diff] [blame] | 1154 | ivsize, 0); |
Romain Izard | 9130801 | 2017-10-31 16:25:23 +0100 | [diff] [blame] | 1155 | } |
| 1156 | |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1157 | return atmel_aes_handle_queue(ctx->dd, &req->base); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1158 | } |
| 1159 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1160 | static int atmel_aes_setkey(struct crypto_skcipher *tfm, const u8 *key, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1161 | unsigned int keylen) |
| 1162 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1163 | struct atmel_aes_base_ctx *ctx = crypto_skcipher_ctx(tfm); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1164 | |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 1165 | if (keylen != AES_KEYSIZE_128 && |
| 1166 | keylen != AES_KEYSIZE_192 && |
Eric Biggers | 674f368 | 2019-12-30 21:19:36 -0600 | [diff] [blame] | 1167 | keylen != AES_KEYSIZE_256) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1168 | return -EINVAL; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1169 | |
| 1170 | memcpy(ctx->key, key, keylen); |
| 1171 | ctx->keylen = keylen; |
| 1172 | |
| 1173 | return 0; |
| 1174 | } |
| 1175 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1176 | static int atmel_aes_ecb_encrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1177 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1178 | return atmel_aes_crypt(req, AES_FLAGS_ECB | AES_FLAGS_ENCRYPT); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1179 | } |
| 1180 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1181 | static int atmel_aes_ecb_decrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1182 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1183 | return atmel_aes_crypt(req, AES_FLAGS_ECB); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1184 | } |
| 1185 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1186 | static int atmel_aes_cbc_encrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1187 | { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 1188 | return atmel_aes_crypt(req, AES_FLAGS_CBC | AES_FLAGS_ENCRYPT); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1189 | } |
| 1190 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1191 | static int atmel_aes_cbc_decrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1192 | { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 1193 | return atmel_aes_crypt(req, AES_FLAGS_CBC); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1194 | } |
| 1195 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1196 | static int atmel_aes_ofb_encrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1197 | { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 1198 | return atmel_aes_crypt(req, AES_FLAGS_OFB | AES_FLAGS_ENCRYPT); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1199 | } |
| 1200 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1201 | static int atmel_aes_ofb_decrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1202 | { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 1203 | return atmel_aes_crypt(req, AES_FLAGS_OFB); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1204 | } |
| 1205 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1206 | static int atmel_aes_cfb_encrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1207 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1208 | return atmel_aes_crypt(req, AES_FLAGS_CFB128 | AES_FLAGS_ENCRYPT); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1209 | } |
| 1210 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1211 | static int atmel_aes_cfb_decrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1212 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1213 | return atmel_aes_crypt(req, AES_FLAGS_CFB128); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1214 | } |
| 1215 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1216 | static int atmel_aes_cfb64_encrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1217 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1218 | return atmel_aes_crypt(req, AES_FLAGS_CFB64 | AES_FLAGS_ENCRYPT); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1219 | } |
| 1220 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1221 | static int atmel_aes_cfb64_decrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1222 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1223 | return atmel_aes_crypt(req, AES_FLAGS_CFB64); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1224 | } |
| 1225 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1226 | static int atmel_aes_cfb32_encrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1227 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1228 | return atmel_aes_crypt(req, AES_FLAGS_CFB32 | AES_FLAGS_ENCRYPT); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1229 | } |
| 1230 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1231 | static int atmel_aes_cfb32_decrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1232 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1233 | return atmel_aes_crypt(req, AES_FLAGS_CFB32); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1234 | } |
| 1235 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1236 | static int atmel_aes_cfb16_encrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1237 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1238 | return atmel_aes_crypt(req, AES_FLAGS_CFB16 | AES_FLAGS_ENCRYPT); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1239 | } |
| 1240 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1241 | static int atmel_aes_cfb16_decrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1242 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1243 | return atmel_aes_crypt(req, AES_FLAGS_CFB16); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1244 | } |
| 1245 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1246 | static int atmel_aes_cfb8_encrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1247 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1248 | return atmel_aes_crypt(req, AES_FLAGS_CFB8 | AES_FLAGS_ENCRYPT); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1249 | } |
| 1250 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1251 | static int atmel_aes_cfb8_decrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1252 | { |
Cyrille Pitchen | 77dacf5 | 2015-12-17 17:48:41 +0100 | [diff] [blame] | 1253 | return atmel_aes_crypt(req, AES_FLAGS_CFB8); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1254 | } |
| 1255 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1256 | static int atmel_aes_ctr_encrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1257 | { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 1258 | return atmel_aes_crypt(req, AES_FLAGS_CTR | AES_FLAGS_ENCRYPT); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1259 | } |
| 1260 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1261 | static int atmel_aes_ctr_decrypt(struct skcipher_request *req) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1262 | { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 1263 | return atmel_aes_crypt(req, AES_FLAGS_CTR); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1264 | } |
| 1265 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1266 | static int atmel_aes_init_tfm(struct crypto_skcipher *tfm) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1267 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1268 | struct atmel_aes_ctx *ctx = crypto_skcipher_ctx(tfm); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1269 | struct atmel_aes_dev *dd; |
| 1270 | |
| 1271 | dd = atmel_aes_dev_alloc(&ctx->base); |
| 1272 | if (!dd) |
| 1273 | return -ENODEV; |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 1274 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1275 | crypto_skcipher_set_reqsize(tfm, sizeof(struct atmel_aes_reqctx)); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1276 | ctx->base.dd = dd; |
| 1277 | ctx->base.dd->ctx = &ctx->base; |
Cyrille Pitchen | ccbf729 | 2015-12-17 17:48:39 +0100 | [diff] [blame] | 1278 | ctx->base.start = atmel_aes_start; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1279 | |
| 1280 | return 0; |
| 1281 | } |
| 1282 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1283 | static int atmel_aes_ctr_init_tfm(struct crypto_skcipher *tfm) |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1284 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1285 | struct atmel_aes_ctx *ctx = crypto_skcipher_ctx(tfm); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1286 | struct atmel_aes_dev *dd; |
| 1287 | |
| 1288 | dd = atmel_aes_dev_alloc(&ctx->base); |
| 1289 | if (!dd) |
| 1290 | return -ENODEV; |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1291 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1292 | crypto_skcipher_set_reqsize(tfm, sizeof(struct atmel_aes_reqctx)); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1293 | ctx->base.dd = dd; |
| 1294 | ctx->base.dd->ctx = &ctx->base; |
Cyrille Pitchen | fcac8365 | 2015-12-17 18:13:05 +0100 | [diff] [blame] | 1295 | ctx->base.start = atmel_aes_ctr_start; |
| 1296 | |
| 1297 | return 0; |
| 1298 | } |
| 1299 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1300 | static struct skcipher_alg aes_algs[] = { |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1301 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1302 | .base.cra_name = "ecb(aes)", |
| 1303 | .base.cra_driver_name = "atmel-ecb-aes", |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1304 | .base.cra_blocksize = AES_BLOCK_SIZE, |
| 1305 | .base.cra_ctxsize = sizeof(struct atmel_aes_ctx), |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1306 | |
| 1307 | .init = atmel_aes_init_tfm, |
| 1308 | .min_keysize = AES_MIN_KEY_SIZE, |
| 1309 | .max_keysize = AES_MAX_KEY_SIZE, |
| 1310 | .setkey = atmel_aes_setkey, |
| 1311 | .encrypt = atmel_aes_ecb_encrypt, |
| 1312 | .decrypt = atmel_aes_ecb_decrypt, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1313 | }, |
| 1314 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1315 | .base.cra_name = "cbc(aes)", |
| 1316 | .base.cra_driver_name = "atmel-cbc-aes", |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1317 | .base.cra_blocksize = AES_BLOCK_SIZE, |
| 1318 | .base.cra_ctxsize = sizeof(struct atmel_aes_ctx), |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1319 | |
| 1320 | .init = atmel_aes_init_tfm, |
| 1321 | .min_keysize = AES_MIN_KEY_SIZE, |
| 1322 | .max_keysize = AES_MAX_KEY_SIZE, |
| 1323 | .setkey = atmel_aes_setkey, |
| 1324 | .encrypt = atmel_aes_cbc_encrypt, |
| 1325 | .decrypt = atmel_aes_cbc_decrypt, |
| 1326 | .ivsize = AES_BLOCK_SIZE, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1327 | }, |
| 1328 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1329 | .base.cra_name = "ofb(aes)", |
| 1330 | .base.cra_driver_name = "atmel-ofb-aes", |
Tudor Ambarus | 76d579f | 2021-07-20 11:55:33 +0300 | [diff] [blame] | 1331 | .base.cra_blocksize = 1, |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1332 | .base.cra_ctxsize = sizeof(struct atmel_aes_ctx), |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1333 | |
| 1334 | .init = atmel_aes_init_tfm, |
| 1335 | .min_keysize = AES_MIN_KEY_SIZE, |
| 1336 | .max_keysize = AES_MAX_KEY_SIZE, |
| 1337 | .setkey = atmel_aes_setkey, |
| 1338 | .encrypt = atmel_aes_ofb_encrypt, |
| 1339 | .decrypt = atmel_aes_ofb_decrypt, |
| 1340 | .ivsize = AES_BLOCK_SIZE, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1341 | }, |
| 1342 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1343 | .base.cra_name = "cfb(aes)", |
| 1344 | .base.cra_driver_name = "atmel-cfb-aes", |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1345 | .base.cra_blocksize = AES_BLOCK_SIZE, |
| 1346 | .base.cra_ctxsize = sizeof(struct atmel_aes_ctx), |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1347 | |
| 1348 | .init = atmel_aes_init_tfm, |
| 1349 | .min_keysize = AES_MIN_KEY_SIZE, |
| 1350 | .max_keysize = AES_MAX_KEY_SIZE, |
| 1351 | .setkey = atmel_aes_setkey, |
| 1352 | .encrypt = atmel_aes_cfb_encrypt, |
| 1353 | .decrypt = atmel_aes_cfb_decrypt, |
| 1354 | .ivsize = AES_BLOCK_SIZE, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1355 | }, |
| 1356 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1357 | .base.cra_name = "cfb32(aes)", |
| 1358 | .base.cra_driver_name = "atmel-cfb32-aes", |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1359 | .base.cra_blocksize = CFB32_BLOCK_SIZE, |
| 1360 | .base.cra_ctxsize = sizeof(struct atmel_aes_ctx), |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1361 | |
| 1362 | .init = atmel_aes_init_tfm, |
| 1363 | .min_keysize = AES_MIN_KEY_SIZE, |
| 1364 | .max_keysize = AES_MAX_KEY_SIZE, |
| 1365 | .setkey = atmel_aes_setkey, |
| 1366 | .encrypt = atmel_aes_cfb32_encrypt, |
| 1367 | .decrypt = atmel_aes_cfb32_decrypt, |
| 1368 | .ivsize = AES_BLOCK_SIZE, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1369 | }, |
| 1370 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1371 | .base.cra_name = "cfb16(aes)", |
| 1372 | .base.cra_driver_name = "atmel-cfb16-aes", |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1373 | .base.cra_blocksize = CFB16_BLOCK_SIZE, |
| 1374 | .base.cra_ctxsize = sizeof(struct atmel_aes_ctx), |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1375 | |
| 1376 | .init = atmel_aes_init_tfm, |
| 1377 | .min_keysize = AES_MIN_KEY_SIZE, |
| 1378 | .max_keysize = AES_MAX_KEY_SIZE, |
| 1379 | .setkey = atmel_aes_setkey, |
| 1380 | .encrypt = atmel_aes_cfb16_encrypt, |
| 1381 | .decrypt = atmel_aes_cfb16_decrypt, |
| 1382 | .ivsize = AES_BLOCK_SIZE, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1383 | }, |
| 1384 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1385 | .base.cra_name = "cfb8(aes)", |
| 1386 | .base.cra_driver_name = "atmel-cfb8-aes", |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1387 | .base.cra_blocksize = CFB8_BLOCK_SIZE, |
| 1388 | .base.cra_ctxsize = sizeof(struct atmel_aes_ctx), |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1389 | |
| 1390 | .init = atmel_aes_init_tfm, |
| 1391 | .min_keysize = AES_MIN_KEY_SIZE, |
| 1392 | .max_keysize = AES_MAX_KEY_SIZE, |
| 1393 | .setkey = atmel_aes_setkey, |
| 1394 | .encrypt = atmel_aes_cfb8_encrypt, |
| 1395 | .decrypt = atmel_aes_cfb8_decrypt, |
| 1396 | .ivsize = AES_BLOCK_SIZE, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1397 | }, |
| 1398 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1399 | .base.cra_name = "ctr(aes)", |
| 1400 | .base.cra_driver_name = "atmel-ctr-aes", |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1401 | .base.cra_blocksize = 1, |
| 1402 | .base.cra_ctxsize = sizeof(struct atmel_aes_ctr_ctx), |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1403 | |
| 1404 | .init = atmel_aes_ctr_init_tfm, |
| 1405 | .min_keysize = AES_MIN_KEY_SIZE, |
| 1406 | .max_keysize = AES_MAX_KEY_SIZE, |
| 1407 | .setkey = atmel_aes_setkey, |
| 1408 | .encrypt = atmel_aes_ctr_encrypt, |
| 1409 | .decrypt = atmel_aes_ctr_decrypt, |
| 1410 | .ivsize = AES_BLOCK_SIZE, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1411 | }, |
| 1412 | }; |
| 1413 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1414 | static struct skcipher_alg aes_cfb64_alg = { |
| 1415 | .base.cra_name = "cfb64(aes)", |
| 1416 | .base.cra_driver_name = "atmel-cfb64-aes", |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1417 | .base.cra_blocksize = CFB64_BLOCK_SIZE, |
| 1418 | .base.cra_ctxsize = sizeof(struct atmel_aes_ctx), |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1419 | |
| 1420 | .init = atmel_aes_init_tfm, |
| 1421 | .min_keysize = AES_MIN_KEY_SIZE, |
| 1422 | .max_keysize = AES_MAX_KEY_SIZE, |
| 1423 | .setkey = atmel_aes_setkey, |
| 1424 | .encrypt = atmel_aes_cfb64_encrypt, |
| 1425 | .decrypt = atmel_aes_cfb64_decrypt, |
| 1426 | .ivsize = AES_BLOCK_SIZE, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 1427 | }; |
| 1428 | |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 1429 | |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1430 | /* gcm aead functions */ |
| 1431 | |
| 1432 | static int atmel_aes_gcm_ghash(struct atmel_aes_dev *dd, |
| 1433 | const u32 *data, size_t datalen, |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 1434 | const __be32 *ghash_in, __be32 *ghash_out, |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1435 | atmel_aes_fn_t resume); |
| 1436 | static int atmel_aes_gcm_ghash_init(struct atmel_aes_dev *dd); |
| 1437 | static int atmel_aes_gcm_ghash_finalize(struct atmel_aes_dev *dd); |
| 1438 | |
| 1439 | static int atmel_aes_gcm_start(struct atmel_aes_dev *dd); |
| 1440 | static int atmel_aes_gcm_process(struct atmel_aes_dev *dd); |
| 1441 | static int atmel_aes_gcm_length(struct atmel_aes_dev *dd); |
| 1442 | static int atmel_aes_gcm_data(struct atmel_aes_dev *dd); |
| 1443 | static int atmel_aes_gcm_tag_init(struct atmel_aes_dev *dd); |
| 1444 | static int atmel_aes_gcm_tag(struct atmel_aes_dev *dd); |
| 1445 | static int atmel_aes_gcm_finalize(struct atmel_aes_dev *dd); |
| 1446 | |
| 1447 | static inline struct atmel_aes_gcm_ctx * |
| 1448 | atmel_aes_gcm_ctx_cast(struct atmel_aes_base_ctx *ctx) |
| 1449 | { |
| 1450 | return container_of(ctx, struct atmel_aes_gcm_ctx, base); |
| 1451 | } |
| 1452 | |
| 1453 | static int atmel_aes_gcm_ghash(struct atmel_aes_dev *dd, |
| 1454 | const u32 *data, size_t datalen, |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 1455 | const __be32 *ghash_in, __be32 *ghash_out, |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1456 | atmel_aes_fn_t resume) |
| 1457 | { |
| 1458 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1459 | |
| 1460 | dd->data = (u32 *)data; |
| 1461 | dd->datalen = datalen; |
| 1462 | ctx->ghash_in = ghash_in; |
| 1463 | ctx->ghash_out = ghash_out; |
| 1464 | ctx->ghash_resume = resume; |
| 1465 | |
| 1466 | atmel_aes_write_ctrl(dd, false, NULL); |
| 1467 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_gcm_ghash_init); |
| 1468 | } |
| 1469 | |
| 1470 | static int atmel_aes_gcm_ghash_init(struct atmel_aes_dev *dd) |
| 1471 | { |
| 1472 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1473 | |
| 1474 | /* Set the data length. */ |
| 1475 | atmel_aes_write(dd, AES_AADLENR, dd->total); |
| 1476 | atmel_aes_write(dd, AES_CLENR, 0); |
| 1477 | |
| 1478 | /* If needed, overwrite the GCM Intermediate Hash Word Registers */ |
| 1479 | if (ctx->ghash_in) |
| 1480 | atmel_aes_write_block(dd, AES_GHASHR(0), ctx->ghash_in); |
| 1481 | |
| 1482 | return atmel_aes_gcm_ghash_finalize(dd); |
| 1483 | } |
| 1484 | |
| 1485 | static int atmel_aes_gcm_ghash_finalize(struct atmel_aes_dev *dd) |
| 1486 | { |
| 1487 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1488 | u32 isr; |
| 1489 | |
| 1490 | /* Write data into the Input Data Registers. */ |
| 1491 | while (dd->datalen > 0) { |
| 1492 | atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); |
| 1493 | dd->data += 4; |
| 1494 | dd->datalen -= AES_BLOCK_SIZE; |
| 1495 | |
| 1496 | isr = atmel_aes_read(dd, AES_ISR); |
| 1497 | if (!(isr & AES_INT_DATARDY)) { |
| 1498 | dd->resume = atmel_aes_gcm_ghash_finalize; |
| 1499 | atmel_aes_write(dd, AES_IER, AES_INT_DATARDY); |
| 1500 | return -EINPROGRESS; |
| 1501 | } |
| 1502 | } |
| 1503 | |
| 1504 | /* Read the computed hash from GHASHRx. */ |
| 1505 | atmel_aes_read_block(dd, AES_GHASHR(0), ctx->ghash_out); |
| 1506 | |
| 1507 | return ctx->ghash_resume(dd); |
| 1508 | } |
| 1509 | |
| 1510 | |
| 1511 | static int atmel_aes_gcm_start(struct atmel_aes_dev *dd) |
| 1512 | { |
| 1513 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1514 | struct aead_request *req = aead_request_cast(dd->areq); |
| 1515 | struct crypto_aead *tfm = crypto_aead_reqtfm(req); |
| 1516 | struct atmel_aes_reqctx *rctx = aead_request_ctx(req); |
| 1517 | size_t ivsize = crypto_aead_ivsize(tfm); |
| 1518 | size_t datalen, padlen; |
| 1519 | const void *iv = req->iv; |
| 1520 | u8 *data = dd->buf; |
| 1521 | int err; |
| 1522 | |
| 1523 | atmel_aes_set_mode(dd, rctx); |
| 1524 | |
| 1525 | err = atmel_aes_hw_init(dd); |
| 1526 | if (err) |
| 1527 | return atmel_aes_complete(dd, err); |
| 1528 | |
Corentin LABBE | 219d51c | 2017-08-22 10:08:12 +0200 | [diff] [blame] | 1529 | if (likely(ivsize == GCM_AES_IV_SIZE)) { |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1530 | memcpy(ctx->j0, iv, ivsize); |
| 1531 | ctx->j0[3] = cpu_to_be32(1); |
| 1532 | return atmel_aes_gcm_process(dd); |
| 1533 | } |
| 1534 | |
| 1535 | padlen = atmel_aes_padlen(ivsize, AES_BLOCK_SIZE); |
| 1536 | datalen = ivsize + padlen + AES_BLOCK_SIZE; |
| 1537 | if (datalen > dd->buflen) |
| 1538 | return atmel_aes_complete(dd, -EINVAL); |
| 1539 | |
| 1540 | memcpy(data, iv, ivsize); |
| 1541 | memset(data + ivsize, 0, padlen + sizeof(u64)); |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 1542 | ((__be64 *)(data + datalen))[-1] = cpu_to_be64(ivsize * 8); |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1543 | |
| 1544 | return atmel_aes_gcm_ghash(dd, (const u32 *)data, datalen, |
| 1545 | NULL, ctx->j0, atmel_aes_gcm_process); |
| 1546 | } |
| 1547 | |
| 1548 | static int atmel_aes_gcm_process(struct atmel_aes_dev *dd) |
| 1549 | { |
| 1550 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1551 | struct aead_request *req = aead_request_cast(dd->areq); |
| 1552 | struct crypto_aead *tfm = crypto_aead_reqtfm(req); |
| 1553 | bool enc = atmel_aes_is_encrypt(dd); |
| 1554 | u32 authsize; |
| 1555 | |
| 1556 | /* Compute text length. */ |
| 1557 | authsize = crypto_aead_authsize(tfm); |
| 1558 | ctx->textlen = req->cryptlen - (enc ? 0 : authsize); |
| 1559 | |
| 1560 | /* |
| 1561 | * According to tcrypt test suite, the GCM Automatic Tag Generation |
| 1562 | * fails when both the message and its associated data are empty. |
| 1563 | */ |
| 1564 | if (likely(req->assoclen != 0 || ctx->textlen != 0)) |
| 1565 | dd->flags |= AES_FLAGS_GTAGEN; |
| 1566 | |
| 1567 | atmel_aes_write_ctrl(dd, false, NULL); |
| 1568 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_gcm_length); |
| 1569 | } |
| 1570 | |
| 1571 | static int atmel_aes_gcm_length(struct atmel_aes_dev *dd) |
| 1572 | { |
| 1573 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1574 | struct aead_request *req = aead_request_cast(dd->areq); |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 1575 | __be32 j0_lsw, *j0 = ctx->j0; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1576 | size_t padlen; |
| 1577 | |
| 1578 | /* Write incr32(J0) into IV. */ |
| 1579 | j0_lsw = j0[3]; |
Liu Shixin | fb7c2f4 | 2020-09-14 12:17:46 +0800 | [diff] [blame] | 1580 | be32_add_cpu(&j0[3], 1); |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1581 | atmel_aes_write_block(dd, AES_IVR(0), j0); |
| 1582 | j0[3] = j0_lsw; |
| 1583 | |
| 1584 | /* Set aad and text lengths. */ |
| 1585 | atmel_aes_write(dd, AES_AADLENR, req->assoclen); |
| 1586 | atmel_aes_write(dd, AES_CLENR, ctx->textlen); |
| 1587 | |
| 1588 | /* Check whether AAD are present. */ |
| 1589 | if (unlikely(req->assoclen == 0)) { |
| 1590 | dd->datalen = 0; |
| 1591 | return atmel_aes_gcm_data(dd); |
| 1592 | } |
| 1593 | |
| 1594 | /* Copy assoc data and add padding. */ |
| 1595 | padlen = atmel_aes_padlen(req->assoclen, AES_BLOCK_SIZE); |
| 1596 | if (unlikely(req->assoclen + padlen > dd->buflen)) |
| 1597 | return atmel_aes_complete(dd, -EINVAL); |
| 1598 | sg_copy_to_buffer(req->src, sg_nents(req->src), dd->buf, req->assoclen); |
| 1599 | |
| 1600 | /* Write assoc data into the Input Data register. */ |
| 1601 | dd->data = (u32 *)dd->buf; |
| 1602 | dd->datalen = req->assoclen + padlen; |
| 1603 | return atmel_aes_gcm_data(dd); |
| 1604 | } |
| 1605 | |
| 1606 | static int atmel_aes_gcm_data(struct atmel_aes_dev *dd) |
| 1607 | { |
| 1608 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1609 | struct aead_request *req = aead_request_cast(dd->areq); |
| 1610 | bool use_dma = (ctx->textlen >= ATMEL_AES_DMA_THRESHOLD); |
| 1611 | struct scatterlist *src, *dst; |
| 1612 | u32 isr, mr; |
| 1613 | |
| 1614 | /* Write AAD first. */ |
| 1615 | while (dd->datalen > 0) { |
| 1616 | atmel_aes_write_block(dd, AES_IDATAR(0), dd->data); |
| 1617 | dd->data += 4; |
| 1618 | dd->datalen -= AES_BLOCK_SIZE; |
| 1619 | |
| 1620 | isr = atmel_aes_read(dd, AES_ISR); |
| 1621 | if (!(isr & AES_INT_DATARDY)) { |
| 1622 | dd->resume = atmel_aes_gcm_data; |
| 1623 | atmel_aes_write(dd, AES_IER, AES_INT_DATARDY); |
| 1624 | return -EINPROGRESS; |
| 1625 | } |
| 1626 | } |
| 1627 | |
| 1628 | /* GMAC only. */ |
| 1629 | if (unlikely(ctx->textlen == 0)) |
| 1630 | return atmel_aes_gcm_tag_init(dd); |
| 1631 | |
| 1632 | /* Prepare src and dst scatter lists to transfer cipher/plain texts */ |
| 1633 | src = scatterwalk_ffwd(ctx->src, req->src, req->assoclen); |
| 1634 | dst = ((req->src == req->dst) ? src : |
| 1635 | scatterwalk_ffwd(ctx->dst, req->dst, req->assoclen)); |
| 1636 | |
| 1637 | if (use_dma) { |
| 1638 | /* Update the Mode Register for DMA transfers. */ |
| 1639 | mr = atmel_aes_read(dd, AES_MR); |
| 1640 | mr &= ~(AES_MR_SMOD_MASK | AES_MR_DUALBUFF); |
| 1641 | mr |= AES_MR_SMOD_IDATAR0; |
| 1642 | if (dd->caps.has_dualbuff) |
| 1643 | mr |= AES_MR_DUALBUFF; |
| 1644 | atmel_aes_write(dd, AES_MR, mr); |
| 1645 | |
| 1646 | return atmel_aes_dma_start(dd, src, dst, ctx->textlen, |
| 1647 | atmel_aes_gcm_tag_init); |
| 1648 | } |
| 1649 | |
| 1650 | return atmel_aes_cpu_start(dd, src, dst, ctx->textlen, |
| 1651 | atmel_aes_gcm_tag_init); |
| 1652 | } |
| 1653 | |
| 1654 | static int atmel_aes_gcm_tag_init(struct atmel_aes_dev *dd) |
| 1655 | { |
| 1656 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1657 | struct aead_request *req = aead_request_cast(dd->areq); |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 1658 | __be64 *data = dd->buf; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1659 | |
| 1660 | if (likely(dd->flags & AES_FLAGS_GTAGEN)) { |
| 1661 | if (!(atmel_aes_read(dd, AES_ISR) & AES_INT_TAGRDY)) { |
| 1662 | dd->resume = atmel_aes_gcm_tag_init; |
| 1663 | atmel_aes_write(dd, AES_IER, AES_INT_TAGRDY); |
| 1664 | return -EINPROGRESS; |
| 1665 | } |
| 1666 | |
| 1667 | return atmel_aes_gcm_finalize(dd); |
| 1668 | } |
| 1669 | |
| 1670 | /* Read the GCM Intermediate Hash Word Registers. */ |
| 1671 | atmel_aes_read_block(dd, AES_GHASHR(0), ctx->ghash); |
| 1672 | |
| 1673 | data[0] = cpu_to_be64(req->assoclen * 8); |
| 1674 | data[1] = cpu_to_be64(ctx->textlen * 8); |
| 1675 | |
| 1676 | return atmel_aes_gcm_ghash(dd, (const u32 *)data, AES_BLOCK_SIZE, |
| 1677 | ctx->ghash, ctx->ghash, atmel_aes_gcm_tag); |
| 1678 | } |
| 1679 | |
| 1680 | static int atmel_aes_gcm_tag(struct atmel_aes_dev *dd) |
| 1681 | { |
| 1682 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1683 | unsigned long flags; |
| 1684 | |
| 1685 | /* |
| 1686 | * Change mode to CTR to complete the tag generation. |
| 1687 | * Use J0 as Initialization Vector. |
| 1688 | */ |
| 1689 | flags = dd->flags; |
| 1690 | dd->flags &= ~(AES_FLAGS_OPMODE_MASK | AES_FLAGS_GTAGEN); |
| 1691 | dd->flags |= AES_FLAGS_CTR; |
| 1692 | atmel_aes_write_ctrl(dd, false, ctx->j0); |
| 1693 | dd->flags = flags; |
| 1694 | |
| 1695 | atmel_aes_write_block(dd, AES_IDATAR(0), ctx->ghash); |
| 1696 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_gcm_finalize); |
| 1697 | } |
| 1698 | |
| 1699 | static int atmel_aes_gcm_finalize(struct atmel_aes_dev *dd) |
| 1700 | { |
| 1701 | struct atmel_aes_gcm_ctx *ctx = atmel_aes_gcm_ctx_cast(dd->ctx); |
| 1702 | struct aead_request *req = aead_request_cast(dd->areq); |
| 1703 | struct crypto_aead *tfm = crypto_aead_reqtfm(req); |
| 1704 | bool enc = atmel_aes_is_encrypt(dd); |
| 1705 | u32 offset, authsize, itag[4], *otag = ctx->tag; |
| 1706 | int err; |
| 1707 | |
| 1708 | /* Read the computed tag. */ |
| 1709 | if (likely(dd->flags & AES_FLAGS_GTAGEN)) |
| 1710 | atmel_aes_read_block(dd, AES_TAGR(0), ctx->tag); |
| 1711 | else |
| 1712 | atmel_aes_read_block(dd, AES_ODATAR(0), ctx->tag); |
| 1713 | |
| 1714 | offset = req->assoclen + ctx->textlen; |
| 1715 | authsize = crypto_aead_authsize(tfm); |
| 1716 | if (enc) { |
| 1717 | scatterwalk_map_and_copy(otag, req->dst, offset, authsize, 1); |
| 1718 | err = 0; |
| 1719 | } else { |
| 1720 | scatterwalk_map_and_copy(itag, req->src, offset, authsize, 0); |
| 1721 | err = crypto_memneq(itag, otag, authsize) ? -EBADMSG : 0; |
| 1722 | } |
| 1723 | |
| 1724 | return atmel_aes_complete(dd, err); |
| 1725 | } |
| 1726 | |
| 1727 | static int atmel_aes_gcm_crypt(struct aead_request *req, |
| 1728 | unsigned long mode) |
| 1729 | { |
| 1730 | struct atmel_aes_base_ctx *ctx; |
| 1731 | struct atmel_aes_reqctx *rctx; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1732 | |
| 1733 | ctx = crypto_aead_ctx(crypto_aead_reqtfm(req)); |
| 1734 | ctx->block_size = AES_BLOCK_SIZE; |
Romain Izard | 9130801 | 2017-10-31 16:25:23 +0100 | [diff] [blame] | 1735 | ctx->is_aead = true; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1736 | |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1737 | rctx = aead_request_ctx(req); |
| 1738 | rctx->mode = AES_FLAGS_GCM | mode; |
| 1739 | |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1740 | return atmel_aes_handle_queue(ctx->dd, &req->base); |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1741 | } |
| 1742 | |
| 1743 | static int atmel_aes_gcm_setkey(struct crypto_aead *tfm, const u8 *key, |
| 1744 | unsigned int keylen) |
| 1745 | { |
| 1746 | struct atmel_aes_base_ctx *ctx = crypto_aead_ctx(tfm); |
| 1747 | |
| 1748 | if (keylen != AES_KEYSIZE_256 && |
| 1749 | keylen != AES_KEYSIZE_192 && |
Eric Biggers | 674f368 | 2019-12-30 21:19:36 -0600 | [diff] [blame] | 1750 | keylen != AES_KEYSIZE_128) |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1751 | return -EINVAL; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1752 | |
| 1753 | memcpy(ctx->key, key, keylen); |
| 1754 | ctx->keylen = keylen; |
| 1755 | |
| 1756 | return 0; |
| 1757 | } |
| 1758 | |
| 1759 | static int atmel_aes_gcm_setauthsize(struct crypto_aead *tfm, |
| 1760 | unsigned int authsize) |
| 1761 | { |
Tudor Ambarus | 7db15aa | 2019-12-05 09:54:08 +0000 | [diff] [blame] | 1762 | return crypto_gcm_check_authsize(authsize); |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1763 | } |
| 1764 | |
| 1765 | static int atmel_aes_gcm_encrypt(struct aead_request *req) |
| 1766 | { |
| 1767 | return atmel_aes_gcm_crypt(req, AES_FLAGS_ENCRYPT); |
| 1768 | } |
| 1769 | |
| 1770 | static int atmel_aes_gcm_decrypt(struct aead_request *req) |
| 1771 | { |
| 1772 | return atmel_aes_gcm_crypt(req, 0); |
| 1773 | } |
| 1774 | |
| 1775 | static int atmel_aes_gcm_init(struct crypto_aead *tfm) |
| 1776 | { |
| 1777 | struct atmel_aes_gcm_ctx *ctx = crypto_aead_ctx(tfm); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1778 | struct atmel_aes_dev *dd; |
| 1779 | |
| 1780 | dd = atmel_aes_dev_alloc(&ctx->base); |
| 1781 | if (!dd) |
| 1782 | return -ENODEV; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1783 | |
| 1784 | crypto_aead_set_reqsize(tfm, sizeof(struct atmel_aes_reqctx)); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1785 | ctx->base.dd = dd; |
| 1786 | ctx->base.dd->ctx = &ctx->base; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1787 | ctx->base.start = atmel_aes_gcm_start; |
| 1788 | |
| 1789 | return 0; |
| 1790 | } |
| 1791 | |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1792 | static struct aead_alg aes_gcm_alg = { |
| 1793 | .setkey = atmel_aes_gcm_setkey, |
| 1794 | .setauthsize = atmel_aes_gcm_setauthsize, |
| 1795 | .encrypt = atmel_aes_gcm_encrypt, |
| 1796 | .decrypt = atmel_aes_gcm_decrypt, |
| 1797 | .init = atmel_aes_gcm_init, |
Corentin LABBE | 219d51c | 2017-08-22 10:08:12 +0200 | [diff] [blame] | 1798 | .ivsize = GCM_AES_IV_SIZE, |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1799 | .maxauthsize = AES_BLOCK_SIZE, |
| 1800 | |
| 1801 | .base = { |
| 1802 | .cra_name = "gcm(aes)", |
| 1803 | .cra_driver_name = "atmel-gcm-aes", |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1804 | .cra_blocksize = 1, |
| 1805 | .cra_ctxsize = sizeof(struct atmel_aes_gcm_ctx), |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 1806 | }, |
| 1807 | }; |
| 1808 | |
| 1809 | |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1810 | /* xts functions */ |
| 1811 | |
| 1812 | static inline struct atmel_aes_xts_ctx * |
| 1813 | atmel_aes_xts_ctx_cast(struct atmel_aes_base_ctx *ctx) |
| 1814 | { |
| 1815 | return container_of(ctx, struct atmel_aes_xts_ctx, base); |
| 1816 | } |
| 1817 | |
| 1818 | static int atmel_aes_xts_process_data(struct atmel_aes_dev *dd); |
| 1819 | |
| 1820 | static int atmel_aes_xts_start(struct atmel_aes_dev *dd) |
| 1821 | { |
| 1822 | struct atmel_aes_xts_ctx *ctx = atmel_aes_xts_ctx_cast(dd->ctx); |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1823 | struct skcipher_request *req = skcipher_request_cast(dd->areq); |
| 1824 | struct atmel_aes_reqctx *rctx = skcipher_request_ctx(req); |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1825 | unsigned long flags; |
| 1826 | int err; |
| 1827 | |
| 1828 | atmel_aes_set_mode(dd, rctx); |
| 1829 | |
| 1830 | err = atmel_aes_hw_init(dd); |
| 1831 | if (err) |
| 1832 | return atmel_aes_complete(dd, err); |
| 1833 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1834 | /* Compute the tweak value from req->iv with ecb(aes). */ |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1835 | flags = dd->flags; |
| 1836 | dd->flags &= ~AES_FLAGS_MODE_MASK; |
| 1837 | dd->flags |= (AES_FLAGS_ECB | AES_FLAGS_ENCRYPT); |
| 1838 | atmel_aes_write_ctrl_key(dd, false, NULL, |
| 1839 | ctx->key2, ctx->base.keylen); |
| 1840 | dd->flags = flags; |
| 1841 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1842 | atmel_aes_write_block(dd, AES_IDATAR(0), req->iv); |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1843 | return atmel_aes_wait_for_data_ready(dd, atmel_aes_xts_process_data); |
| 1844 | } |
| 1845 | |
| 1846 | static int atmel_aes_xts_process_data(struct atmel_aes_dev *dd) |
| 1847 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1848 | struct skcipher_request *req = skcipher_request_cast(dd->areq); |
| 1849 | bool use_dma = (req->cryptlen >= ATMEL_AES_DMA_THRESHOLD); |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1850 | u32 tweak[AES_BLOCK_SIZE / sizeof(u32)]; |
Ben Dooks (Codethink) | 49c4cd8 | 2019-10-16 13:26:33 +0100 | [diff] [blame] | 1851 | static const __le32 one[AES_BLOCK_SIZE / sizeof(u32)] = {cpu_to_le32(1), }; |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1852 | u8 *tweak_bytes = (u8 *)tweak; |
| 1853 | int i; |
| 1854 | |
| 1855 | /* Read the computed ciphered tweak value. */ |
| 1856 | atmel_aes_read_block(dd, AES_ODATAR(0), tweak); |
| 1857 | /* |
| 1858 | * Hardware quirk: |
| 1859 | * the order of the ciphered tweak bytes need to be reversed before |
| 1860 | * writing them into the ODATARx registers. |
| 1861 | */ |
| 1862 | for (i = 0; i < AES_BLOCK_SIZE/2; ++i) { |
| 1863 | u8 tmp = tweak_bytes[AES_BLOCK_SIZE - 1 - i]; |
| 1864 | |
| 1865 | tweak_bytes[AES_BLOCK_SIZE - 1 - i] = tweak_bytes[i]; |
| 1866 | tweak_bytes[i] = tmp; |
| 1867 | } |
| 1868 | |
| 1869 | /* Process the data. */ |
| 1870 | atmel_aes_write_ctrl(dd, use_dma, NULL); |
| 1871 | atmel_aes_write_block(dd, AES_TWR(0), tweak); |
| 1872 | atmel_aes_write_block(dd, AES_ALPHAR(0), one); |
| 1873 | if (use_dma) |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1874 | return atmel_aes_dma_start(dd, req->src, req->dst, |
| 1875 | req->cryptlen, |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1876 | atmel_aes_transfer_complete); |
| 1877 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1878 | return atmel_aes_cpu_start(dd, req->src, req->dst, req->cryptlen, |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1879 | atmel_aes_transfer_complete); |
| 1880 | } |
| 1881 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1882 | static int atmel_aes_xts_setkey(struct crypto_skcipher *tfm, const u8 *key, |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1883 | unsigned int keylen) |
| 1884 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1885 | struct atmel_aes_xts_ctx *ctx = crypto_skcipher_ctx(tfm); |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1886 | int err; |
| 1887 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1888 | err = xts_check_key(crypto_skcipher_tfm(tfm), key, keylen); |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1889 | if (err) |
| 1890 | return err; |
| 1891 | |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 1892 | crypto_skcipher_clear_flags(ctx->fallback_tfm, CRYPTO_TFM_REQ_MASK); |
| 1893 | crypto_skcipher_set_flags(ctx->fallback_tfm, tfm->base.crt_flags & |
| 1894 | CRYPTO_TFM_REQ_MASK); |
| 1895 | err = crypto_skcipher_setkey(ctx->fallback_tfm, key, keylen); |
| 1896 | if (err) |
| 1897 | return err; |
| 1898 | |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1899 | memcpy(ctx->base.key, key, keylen/2); |
| 1900 | memcpy(ctx->key2, key + keylen/2, keylen/2); |
| 1901 | ctx->base.keylen = keylen/2; |
| 1902 | |
| 1903 | return 0; |
| 1904 | } |
| 1905 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1906 | static int atmel_aes_xts_encrypt(struct skcipher_request *req) |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1907 | { |
| 1908 | return atmel_aes_crypt(req, AES_FLAGS_XTS | AES_FLAGS_ENCRYPT); |
| 1909 | } |
| 1910 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1911 | static int atmel_aes_xts_decrypt(struct skcipher_request *req) |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1912 | { |
| 1913 | return atmel_aes_crypt(req, AES_FLAGS_XTS); |
| 1914 | } |
| 1915 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1916 | static int atmel_aes_xts_init_tfm(struct crypto_skcipher *tfm) |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1917 | { |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1918 | struct atmel_aes_xts_ctx *ctx = crypto_skcipher_ctx(tfm); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1919 | struct atmel_aes_dev *dd; |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 1920 | const char *tfm_name = crypto_tfm_alg_name(&tfm->base); |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1921 | |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1922 | dd = atmel_aes_dev_alloc(&ctx->base); |
| 1923 | if (!dd) |
| 1924 | return -ENODEV; |
| 1925 | |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 1926 | ctx->fallback_tfm = crypto_alloc_skcipher(tfm_name, 0, |
| 1927 | CRYPTO_ALG_NEED_FALLBACK); |
| 1928 | if (IS_ERR(ctx->fallback_tfm)) |
| 1929 | return PTR_ERR(ctx->fallback_tfm); |
| 1930 | |
| 1931 | crypto_skcipher_set_reqsize(tfm, sizeof(struct atmel_aes_reqctx) + |
| 1932 | crypto_skcipher_reqsize(ctx->fallback_tfm)); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 1933 | ctx->base.dd = dd; |
| 1934 | ctx->base.dd->ctx = &ctx->base; |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1935 | ctx->base.start = atmel_aes_xts_start; |
| 1936 | |
| 1937 | return 0; |
| 1938 | } |
| 1939 | |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 1940 | static void atmel_aes_xts_exit_tfm(struct crypto_skcipher *tfm) |
| 1941 | { |
| 1942 | struct atmel_aes_xts_ctx *ctx = crypto_skcipher_ctx(tfm); |
| 1943 | |
| 1944 | crypto_free_skcipher(ctx->fallback_tfm); |
| 1945 | } |
| 1946 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1947 | static struct skcipher_alg aes_xts_alg = { |
| 1948 | .base.cra_name = "xts(aes)", |
| 1949 | .base.cra_driver_name = "atmel-xts-aes", |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1950 | .base.cra_blocksize = AES_BLOCK_SIZE, |
| 1951 | .base.cra_ctxsize = sizeof(struct atmel_aes_xts_ctx), |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 1952 | .base.cra_flags = CRYPTO_ALG_NEED_FALLBACK, |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 1953 | |
| 1954 | .min_keysize = 2 * AES_MIN_KEY_SIZE, |
| 1955 | .max_keysize = 2 * AES_MAX_KEY_SIZE, |
| 1956 | .ivsize = AES_BLOCK_SIZE, |
| 1957 | .setkey = atmel_aes_xts_setkey, |
| 1958 | .encrypt = atmel_aes_xts_encrypt, |
| 1959 | .decrypt = atmel_aes_xts_decrypt, |
| 1960 | .init = atmel_aes_xts_init_tfm, |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 1961 | .exit = atmel_aes_xts_exit_tfm, |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 1962 | }; |
| 1963 | |
Herbert Xu | 1520c72 | 2019-10-28 15:39:07 +0800 | [diff] [blame] | 1964 | #if IS_ENABLED(CONFIG_CRYPTO_DEV_ATMEL_AUTHENC) |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 1965 | /* authenc aead functions */ |
| 1966 | |
| 1967 | static int atmel_aes_authenc_start(struct atmel_aes_dev *dd); |
| 1968 | static int atmel_aes_authenc_init(struct atmel_aes_dev *dd, int err, |
| 1969 | bool is_async); |
| 1970 | static int atmel_aes_authenc_transfer(struct atmel_aes_dev *dd, int err, |
| 1971 | bool is_async); |
| 1972 | static int atmel_aes_authenc_digest(struct atmel_aes_dev *dd); |
| 1973 | static int atmel_aes_authenc_final(struct atmel_aes_dev *dd, int err, |
| 1974 | bool is_async); |
| 1975 | |
| 1976 | static void atmel_aes_authenc_complete(struct atmel_aes_dev *dd, int err) |
| 1977 | { |
| 1978 | struct aead_request *req = aead_request_cast(dd->areq); |
| 1979 | struct atmel_aes_authenc_reqctx *rctx = aead_request_ctx(req); |
| 1980 | |
| 1981 | if (err && (dd->flags & AES_FLAGS_OWN_SHA)) |
| 1982 | atmel_sha_authenc_abort(&rctx->auth_req); |
| 1983 | dd->flags &= ~AES_FLAGS_OWN_SHA; |
| 1984 | } |
| 1985 | |
| 1986 | static int atmel_aes_authenc_start(struct atmel_aes_dev *dd) |
| 1987 | { |
| 1988 | struct aead_request *req = aead_request_cast(dd->areq); |
| 1989 | struct atmel_aes_authenc_reqctx *rctx = aead_request_ctx(req); |
| 1990 | struct crypto_aead *tfm = crypto_aead_reqtfm(req); |
| 1991 | struct atmel_aes_authenc_ctx *ctx = crypto_aead_ctx(tfm); |
| 1992 | int err; |
| 1993 | |
| 1994 | atmel_aes_set_mode(dd, &rctx->base); |
| 1995 | |
| 1996 | err = atmel_aes_hw_init(dd); |
| 1997 | if (err) |
| 1998 | return atmel_aes_complete(dd, err); |
| 1999 | |
| 2000 | return atmel_sha_authenc_schedule(&rctx->auth_req, ctx->auth, |
| 2001 | atmel_aes_authenc_init, dd); |
| 2002 | } |
| 2003 | |
| 2004 | static int atmel_aes_authenc_init(struct atmel_aes_dev *dd, int err, |
| 2005 | bool is_async) |
| 2006 | { |
| 2007 | struct aead_request *req = aead_request_cast(dd->areq); |
| 2008 | struct atmel_aes_authenc_reqctx *rctx = aead_request_ctx(req); |
| 2009 | |
| 2010 | if (is_async) |
| 2011 | dd->is_async = true; |
| 2012 | if (err) |
| 2013 | return atmel_aes_complete(dd, err); |
| 2014 | |
| 2015 | /* If here, we've got the ownership of the SHA device. */ |
| 2016 | dd->flags |= AES_FLAGS_OWN_SHA; |
| 2017 | |
| 2018 | /* Configure the SHA device. */ |
| 2019 | return atmel_sha_authenc_init(&rctx->auth_req, |
| 2020 | req->src, req->assoclen, |
| 2021 | rctx->textlen, |
| 2022 | atmel_aes_authenc_transfer, dd); |
| 2023 | } |
| 2024 | |
| 2025 | static int atmel_aes_authenc_transfer(struct atmel_aes_dev *dd, int err, |
| 2026 | bool is_async) |
| 2027 | { |
| 2028 | struct aead_request *req = aead_request_cast(dd->areq); |
| 2029 | struct atmel_aes_authenc_reqctx *rctx = aead_request_ctx(req); |
| 2030 | bool enc = atmel_aes_is_encrypt(dd); |
| 2031 | struct scatterlist *src, *dst; |
Herbert Xu | 427e6e3 | 2019-10-28 15:45:02 +0800 | [diff] [blame] | 2032 | __be32 iv[AES_BLOCK_SIZE / sizeof(u32)]; |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2033 | u32 emr; |
| 2034 | |
| 2035 | if (is_async) |
| 2036 | dd->is_async = true; |
| 2037 | if (err) |
| 2038 | return atmel_aes_complete(dd, err); |
| 2039 | |
| 2040 | /* Prepare src and dst scatter-lists to transfer cipher/plain texts. */ |
| 2041 | src = scatterwalk_ffwd(rctx->src, req->src, req->assoclen); |
| 2042 | dst = src; |
| 2043 | |
| 2044 | if (req->src != req->dst) |
| 2045 | dst = scatterwalk_ffwd(rctx->dst, req->dst, req->assoclen); |
| 2046 | |
| 2047 | /* Configure the AES device. */ |
| 2048 | memcpy(iv, req->iv, sizeof(iv)); |
| 2049 | |
| 2050 | /* |
| 2051 | * Here we always set the 2nd parameter of atmel_aes_write_ctrl() to |
| 2052 | * 'true' even if the data transfer is actually performed by the CPU (so |
| 2053 | * not by the DMA) because we must force the AES_MR_SMOD bitfield to the |
| 2054 | * value AES_MR_SMOD_IDATAR0. Indeed, both AES_MR_SMOD and SHA_MR_SMOD |
| 2055 | * must be set to *_MR_SMOD_IDATAR0. |
| 2056 | */ |
| 2057 | atmel_aes_write_ctrl(dd, true, iv); |
| 2058 | emr = AES_EMR_PLIPEN; |
| 2059 | if (!enc) |
| 2060 | emr |= AES_EMR_PLIPD; |
| 2061 | atmel_aes_write(dd, AES_EMR, emr); |
| 2062 | |
| 2063 | /* Transfer data. */ |
| 2064 | return atmel_aes_dma_start(dd, src, dst, rctx->textlen, |
| 2065 | atmel_aes_authenc_digest); |
| 2066 | } |
| 2067 | |
| 2068 | static int atmel_aes_authenc_digest(struct atmel_aes_dev *dd) |
| 2069 | { |
| 2070 | struct aead_request *req = aead_request_cast(dd->areq); |
| 2071 | struct atmel_aes_authenc_reqctx *rctx = aead_request_ctx(req); |
| 2072 | |
| 2073 | /* atmel_sha_authenc_final() releases the SHA device. */ |
| 2074 | dd->flags &= ~AES_FLAGS_OWN_SHA; |
| 2075 | return atmel_sha_authenc_final(&rctx->auth_req, |
| 2076 | rctx->digest, sizeof(rctx->digest), |
| 2077 | atmel_aes_authenc_final, dd); |
| 2078 | } |
| 2079 | |
| 2080 | static int atmel_aes_authenc_final(struct atmel_aes_dev *dd, int err, |
| 2081 | bool is_async) |
| 2082 | { |
| 2083 | struct aead_request *req = aead_request_cast(dd->areq); |
| 2084 | struct atmel_aes_authenc_reqctx *rctx = aead_request_ctx(req); |
| 2085 | struct crypto_aead *tfm = crypto_aead_reqtfm(req); |
| 2086 | bool enc = atmel_aes_is_encrypt(dd); |
| 2087 | u32 idigest[SHA512_DIGEST_SIZE / sizeof(u32)], *odigest = rctx->digest; |
| 2088 | u32 offs, authsize; |
| 2089 | |
| 2090 | if (is_async) |
| 2091 | dd->is_async = true; |
| 2092 | if (err) |
| 2093 | goto complete; |
| 2094 | |
| 2095 | offs = req->assoclen + rctx->textlen; |
| 2096 | authsize = crypto_aead_authsize(tfm); |
| 2097 | if (enc) { |
| 2098 | scatterwalk_map_and_copy(odigest, req->dst, offs, authsize, 1); |
| 2099 | } else { |
| 2100 | scatterwalk_map_and_copy(idigest, req->src, offs, authsize, 0); |
| 2101 | if (crypto_memneq(idigest, odigest, authsize)) |
| 2102 | err = -EBADMSG; |
| 2103 | } |
| 2104 | |
| 2105 | complete: |
| 2106 | return atmel_aes_complete(dd, err); |
| 2107 | } |
| 2108 | |
| 2109 | static int atmel_aes_authenc_setkey(struct crypto_aead *tfm, const u8 *key, |
| 2110 | unsigned int keylen) |
| 2111 | { |
| 2112 | struct atmel_aes_authenc_ctx *ctx = crypto_aead_ctx(tfm); |
| 2113 | struct crypto_authenc_keys keys; |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2114 | int err; |
| 2115 | |
| 2116 | if (crypto_authenc_extractkeys(&keys, key, keylen) != 0) |
| 2117 | goto badkey; |
| 2118 | |
| 2119 | if (keys.enckeylen > sizeof(ctx->base.key)) |
| 2120 | goto badkey; |
| 2121 | |
| 2122 | /* Save auth key. */ |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2123 | err = atmel_sha_authenc_setkey(ctx->auth, |
| 2124 | keys.authkey, keys.authkeylen, |
Eric Biggers | af5034e | 2019-12-30 21:19:38 -0600 | [diff] [blame] | 2125 | crypto_aead_get_flags(tfm)); |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2126 | if (err) { |
| 2127 | memzero_explicit(&keys, sizeof(keys)); |
| 2128 | return err; |
| 2129 | } |
| 2130 | |
| 2131 | /* Save enc key. */ |
| 2132 | ctx->base.keylen = keys.enckeylen; |
| 2133 | memcpy(ctx->base.key, keys.enckey, keys.enckeylen); |
| 2134 | |
| 2135 | memzero_explicit(&keys, sizeof(keys)); |
| 2136 | return 0; |
| 2137 | |
| 2138 | badkey: |
Antoine Tenart | 5d804a51 | 2018-02-23 10:01:40 +0100 | [diff] [blame] | 2139 | memzero_explicit(&keys, sizeof(keys)); |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2140 | return -EINVAL; |
| 2141 | } |
| 2142 | |
| 2143 | static int atmel_aes_authenc_init_tfm(struct crypto_aead *tfm, |
| 2144 | unsigned long auth_mode) |
| 2145 | { |
| 2146 | struct atmel_aes_authenc_ctx *ctx = crypto_aead_ctx(tfm); |
| 2147 | unsigned int auth_reqsize = atmel_sha_authenc_get_reqsize(); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 2148 | struct atmel_aes_dev *dd; |
| 2149 | |
| 2150 | dd = atmel_aes_dev_alloc(&ctx->base); |
| 2151 | if (!dd) |
| 2152 | return -ENODEV; |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2153 | |
| 2154 | ctx->auth = atmel_sha_authenc_spawn(auth_mode); |
| 2155 | if (IS_ERR(ctx->auth)) |
| 2156 | return PTR_ERR(ctx->auth); |
| 2157 | |
| 2158 | crypto_aead_set_reqsize(tfm, (sizeof(struct atmel_aes_authenc_reqctx) + |
| 2159 | auth_reqsize)); |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 2160 | ctx->base.dd = dd; |
| 2161 | ctx->base.dd->ctx = &ctx->base; |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2162 | ctx->base.start = atmel_aes_authenc_start; |
| 2163 | |
| 2164 | return 0; |
| 2165 | } |
| 2166 | |
| 2167 | static int atmel_aes_authenc_hmac_sha1_init_tfm(struct crypto_aead *tfm) |
| 2168 | { |
| 2169 | return atmel_aes_authenc_init_tfm(tfm, SHA_FLAGS_HMAC_SHA1); |
| 2170 | } |
| 2171 | |
| 2172 | static int atmel_aes_authenc_hmac_sha224_init_tfm(struct crypto_aead *tfm) |
| 2173 | { |
| 2174 | return atmel_aes_authenc_init_tfm(tfm, SHA_FLAGS_HMAC_SHA224); |
| 2175 | } |
| 2176 | |
| 2177 | static int atmel_aes_authenc_hmac_sha256_init_tfm(struct crypto_aead *tfm) |
| 2178 | { |
| 2179 | return atmel_aes_authenc_init_tfm(tfm, SHA_FLAGS_HMAC_SHA256); |
| 2180 | } |
| 2181 | |
| 2182 | static int atmel_aes_authenc_hmac_sha384_init_tfm(struct crypto_aead *tfm) |
| 2183 | { |
| 2184 | return atmel_aes_authenc_init_tfm(tfm, SHA_FLAGS_HMAC_SHA384); |
| 2185 | } |
| 2186 | |
| 2187 | static int atmel_aes_authenc_hmac_sha512_init_tfm(struct crypto_aead *tfm) |
| 2188 | { |
| 2189 | return atmel_aes_authenc_init_tfm(tfm, SHA_FLAGS_HMAC_SHA512); |
| 2190 | } |
| 2191 | |
| 2192 | static void atmel_aes_authenc_exit_tfm(struct crypto_aead *tfm) |
| 2193 | { |
| 2194 | struct atmel_aes_authenc_ctx *ctx = crypto_aead_ctx(tfm); |
| 2195 | |
| 2196 | atmel_sha_authenc_free(ctx->auth); |
| 2197 | } |
| 2198 | |
| 2199 | static int atmel_aes_authenc_crypt(struct aead_request *req, |
| 2200 | unsigned long mode) |
| 2201 | { |
| 2202 | struct atmel_aes_authenc_reqctx *rctx = aead_request_ctx(req); |
| 2203 | struct crypto_aead *tfm = crypto_aead_reqtfm(req); |
| 2204 | struct atmel_aes_base_ctx *ctx = crypto_aead_ctx(tfm); |
| 2205 | u32 authsize = crypto_aead_authsize(tfm); |
| 2206 | bool enc = (mode & AES_FLAGS_ENCRYPT); |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2207 | |
| 2208 | /* Compute text length. */ |
| 2209 | if (!enc && req->cryptlen < authsize) |
| 2210 | return -EINVAL; |
| 2211 | rctx->textlen = req->cryptlen - (enc ? 0 : authsize); |
| 2212 | |
| 2213 | /* |
| 2214 | * Currently, empty messages are not supported yet: |
| 2215 | * the SHA auto-padding can be used only on non-empty messages. |
| 2216 | * Hence a special case needs to be implemented for empty message. |
| 2217 | */ |
| 2218 | if (!rctx->textlen && !req->assoclen) |
| 2219 | return -EINVAL; |
| 2220 | |
| 2221 | rctx->base.mode = mode; |
| 2222 | ctx->block_size = AES_BLOCK_SIZE; |
Romain Izard | 9130801 | 2017-10-31 16:25:23 +0100 | [diff] [blame] | 2223 | ctx->is_aead = true; |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2224 | |
Tudor Ambarus | ec2088b | 2021-07-20 11:55:35 +0300 | [diff] [blame^] | 2225 | return atmel_aes_handle_queue(ctx->dd, &req->base); |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2226 | } |
| 2227 | |
| 2228 | static int atmel_aes_authenc_cbc_aes_encrypt(struct aead_request *req) |
| 2229 | { |
| 2230 | return atmel_aes_authenc_crypt(req, AES_FLAGS_CBC | AES_FLAGS_ENCRYPT); |
| 2231 | } |
| 2232 | |
| 2233 | static int atmel_aes_authenc_cbc_aes_decrypt(struct aead_request *req) |
| 2234 | { |
| 2235 | return atmel_aes_authenc_crypt(req, AES_FLAGS_CBC); |
| 2236 | } |
| 2237 | |
| 2238 | static struct aead_alg aes_authenc_algs[] = { |
| 2239 | { |
| 2240 | .setkey = atmel_aes_authenc_setkey, |
| 2241 | .encrypt = atmel_aes_authenc_cbc_aes_encrypt, |
| 2242 | .decrypt = atmel_aes_authenc_cbc_aes_decrypt, |
| 2243 | .init = atmel_aes_authenc_hmac_sha1_init_tfm, |
| 2244 | .exit = atmel_aes_authenc_exit_tfm, |
| 2245 | .ivsize = AES_BLOCK_SIZE, |
| 2246 | .maxauthsize = SHA1_DIGEST_SIZE, |
| 2247 | |
| 2248 | .base = { |
| 2249 | .cra_name = "authenc(hmac(sha1),cbc(aes))", |
| 2250 | .cra_driver_name = "atmel-authenc-hmac-sha1-cbc-aes", |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2251 | .cra_blocksize = AES_BLOCK_SIZE, |
| 2252 | .cra_ctxsize = sizeof(struct atmel_aes_authenc_ctx), |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2253 | }, |
| 2254 | }, |
| 2255 | { |
| 2256 | .setkey = atmel_aes_authenc_setkey, |
| 2257 | .encrypt = atmel_aes_authenc_cbc_aes_encrypt, |
| 2258 | .decrypt = atmel_aes_authenc_cbc_aes_decrypt, |
| 2259 | .init = atmel_aes_authenc_hmac_sha224_init_tfm, |
| 2260 | .exit = atmel_aes_authenc_exit_tfm, |
| 2261 | .ivsize = AES_BLOCK_SIZE, |
| 2262 | .maxauthsize = SHA224_DIGEST_SIZE, |
| 2263 | |
| 2264 | .base = { |
| 2265 | .cra_name = "authenc(hmac(sha224),cbc(aes))", |
| 2266 | .cra_driver_name = "atmel-authenc-hmac-sha224-cbc-aes", |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2267 | .cra_blocksize = AES_BLOCK_SIZE, |
| 2268 | .cra_ctxsize = sizeof(struct atmel_aes_authenc_ctx), |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2269 | }, |
| 2270 | }, |
| 2271 | { |
| 2272 | .setkey = atmel_aes_authenc_setkey, |
| 2273 | .encrypt = atmel_aes_authenc_cbc_aes_encrypt, |
| 2274 | .decrypt = atmel_aes_authenc_cbc_aes_decrypt, |
| 2275 | .init = atmel_aes_authenc_hmac_sha256_init_tfm, |
| 2276 | .exit = atmel_aes_authenc_exit_tfm, |
| 2277 | .ivsize = AES_BLOCK_SIZE, |
| 2278 | .maxauthsize = SHA256_DIGEST_SIZE, |
| 2279 | |
| 2280 | .base = { |
| 2281 | .cra_name = "authenc(hmac(sha256),cbc(aes))", |
| 2282 | .cra_driver_name = "atmel-authenc-hmac-sha256-cbc-aes", |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2283 | .cra_blocksize = AES_BLOCK_SIZE, |
| 2284 | .cra_ctxsize = sizeof(struct atmel_aes_authenc_ctx), |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2285 | }, |
| 2286 | }, |
| 2287 | { |
| 2288 | .setkey = atmel_aes_authenc_setkey, |
| 2289 | .encrypt = atmel_aes_authenc_cbc_aes_encrypt, |
| 2290 | .decrypt = atmel_aes_authenc_cbc_aes_decrypt, |
| 2291 | .init = atmel_aes_authenc_hmac_sha384_init_tfm, |
| 2292 | .exit = atmel_aes_authenc_exit_tfm, |
| 2293 | .ivsize = AES_BLOCK_SIZE, |
| 2294 | .maxauthsize = SHA384_DIGEST_SIZE, |
| 2295 | |
| 2296 | .base = { |
| 2297 | .cra_name = "authenc(hmac(sha384),cbc(aes))", |
| 2298 | .cra_driver_name = "atmel-authenc-hmac-sha384-cbc-aes", |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2299 | .cra_blocksize = AES_BLOCK_SIZE, |
| 2300 | .cra_ctxsize = sizeof(struct atmel_aes_authenc_ctx), |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2301 | }, |
| 2302 | }, |
| 2303 | { |
| 2304 | .setkey = atmel_aes_authenc_setkey, |
| 2305 | .encrypt = atmel_aes_authenc_cbc_aes_encrypt, |
| 2306 | .decrypt = atmel_aes_authenc_cbc_aes_decrypt, |
| 2307 | .init = atmel_aes_authenc_hmac_sha512_init_tfm, |
| 2308 | .exit = atmel_aes_authenc_exit_tfm, |
| 2309 | .ivsize = AES_BLOCK_SIZE, |
| 2310 | .maxauthsize = SHA512_DIGEST_SIZE, |
| 2311 | |
| 2312 | .base = { |
| 2313 | .cra_name = "authenc(hmac(sha512),cbc(aes))", |
| 2314 | .cra_driver_name = "atmel-authenc-hmac-sha512-cbc-aes", |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2315 | .cra_blocksize = AES_BLOCK_SIZE, |
| 2316 | .cra_ctxsize = sizeof(struct atmel_aes_authenc_ctx), |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2317 | }, |
| 2318 | }, |
| 2319 | }; |
| 2320 | #endif /* CONFIG_CRYPTO_DEV_ATMEL_AUTHENC */ |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 2321 | |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 2322 | /* Probe functions */ |
| 2323 | |
| 2324 | static int atmel_aes_buff_init(struct atmel_aes_dev *dd) |
| 2325 | { |
| 2326 | dd->buf = (void *)__get_free_pages(GFP_KERNEL, ATMEL_AES_BUFFER_ORDER); |
| 2327 | dd->buflen = ATMEL_AES_BUFFER_SIZE; |
| 2328 | dd->buflen &= ~(AES_BLOCK_SIZE - 1); |
| 2329 | |
| 2330 | if (!dd->buf) { |
| 2331 | dev_err(dd->dev, "unable to alloc pages.\n"); |
| 2332 | return -ENOMEM; |
| 2333 | } |
| 2334 | |
| 2335 | return 0; |
| 2336 | } |
| 2337 | |
| 2338 | static void atmel_aes_buff_cleanup(struct atmel_aes_dev *dd) |
| 2339 | { |
| 2340 | free_page((unsigned long)dd->buf); |
| 2341 | } |
| 2342 | |
Tudor Ambarus | 827a98d | 2019-12-13 09:54:49 +0000 | [diff] [blame] | 2343 | static int atmel_aes_dma_init(struct atmel_aes_dev *dd) |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 2344 | { |
Peter Ujfalusi | 62f72cb | 2019-11-21 12:16:00 +0200 | [diff] [blame] | 2345 | int ret; |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 2346 | |
| 2347 | /* Try to grab 2 DMA channels */ |
Peter Ujfalusi | 62f72cb | 2019-11-21 12:16:00 +0200 | [diff] [blame] | 2348 | dd->src.chan = dma_request_chan(dd->dev, "tx"); |
| 2349 | if (IS_ERR(dd->src.chan)) { |
| 2350 | ret = PTR_ERR(dd->src.chan); |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 2351 | goto err_dma_in; |
Peter Ujfalusi | 62f72cb | 2019-11-21 12:16:00 +0200 | [diff] [blame] | 2352 | } |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 2353 | |
Peter Ujfalusi | 62f72cb | 2019-11-21 12:16:00 +0200 | [diff] [blame] | 2354 | dd->dst.chan = dma_request_chan(dd->dev, "rx"); |
| 2355 | if (IS_ERR(dd->dst.chan)) { |
| 2356 | ret = PTR_ERR(dd->dst.chan); |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 2357 | goto err_dma_out; |
Peter Ujfalusi | 62f72cb | 2019-11-21 12:16:00 +0200 | [diff] [blame] | 2358 | } |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 2359 | |
| 2360 | return 0; |
| 2361 | |
| 2362 | err_dma_out: |
| 2363 | dma_release_channel(dd->src.chan); |
| 2364 | err_dma_in: |
Tudor Ambarus | e9ce6ae | 2019-12-13 09:54:54 +0000 | [diff] [blame] | 2365 | dev_err(dd->dev, "no DMA channel available\n"); |
Peter Ujfalusi | 62f72cb | 2019-11-21 12:16:00 +0200 | [diff] [blame] | 2366 | return ret; |
Cyrille Pitchen | e37a7e5 | 2015-12-17 18:13:03 +0100 | [diff] [blame] | 2367 | } |
| 2368 | |
| 2369 | static void atmel_aes_dma_cleanup(struct atmel_aes_dev *dd) |
| 2370 | { |
| 2371 | dma_release_channel(dd->dst.chan); |
| 2372 | dma_release_channel(dd->src.chan); |
| 2373 | } |
| 2374 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2375 | static void atmel_aes_queue_task(unsigned long data) |
| 2376 | { |
| 2377 | struct atmel_aes_dev *dd = (struct atmel_aes_dev *)data; |
| 2378 | |
| 2379 | atmel_aes_handle_queue(dd, NULL); |
| 2380 | } |
| 2381 | |
| 2382 | static void atmel_aes_done_task(unsigned long data) |
| 2383 | { |
Cyrille Pitchen | afbac17 | 2015-12-17 18:13:02 +0100 | [diff] [blame] | 2384 | struct atmel_aes_dev *dd = (struct atmel_aes_dev *)data; |
Cyrille Pitchen | 10f12c1 | 2015-12-17 17:48:42 +0100 | [diff] [blame] | 2385 | |
| 2386 | dd->is_async = true; |
| 2387 | (void)dd->resume(dd); |
| 2388 | } |
| 2389 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2390 | static irqreturn_t atmel_aes_irq(int irq, void *dev_id) |
| 2391 | { |
| 2392 | struct atmel_aes_dev *aes_dd = dev_id; |
| 2393 | u32 reg; |
| 2394 | |
| 2395 | reg = atmel_aes_read(aes_dd, AES_ISR); |
| 2396 | if (reg & atmel_aes_read(aes_dd, AES_IMR)) { |
| 2397 | atmel_aes_write(aes_dd, AES_IDR, reg); |
| 2398 | if (AES_FLAGS_BUSY & aes_dd->flags) |
| 2399 | tasklet_schedule(&aes_dd->done_task); |
| 2400 | else |
| 2401 | dev_warn(aes_dd->dev, "AES interrupt when no active requests.\n"); |
| 2402 | return IRQ_HANDLED; |
| 2403 | } |
| 2404 | |
| 2405 | return IRQ_NONE; |
| 2406 | } |
| 2407 | |
| 2408 | static void atmel_aes_unregister_algs(struct atmel_aes_dev *dd) |
| 2409 | { |
| 2410 | int i; |
| 2411 | |
Herbert Xu | 1520c72 | 2019-10-28 15:39:07 +0800 | [diff] [blame] | 2412 | #if IS_ENABLED(CONFIG_CRYPTO_DEV_ATMEL_AUTHENC) |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2413 | if (dd->caps.has_authenc) |
| 2414 | for (i = 0; i < ARRAY_SIZE(aes_authenc_algs); i++) |
| 2415 | crypto_unregister_aead(&aes_authenc_algs[i]); |
| 2416 | #endif |
| 2417 | |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 2418 | if (dd->caps.has_xts) |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 2419 | crypto_unregister_skcipher(&aes_xts_alg); |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 2420 | |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 2421 | if (dd->caps.has_gcm) |
| 2422 | crypto_unregister_aead(&aes_gcm_alg); |
| 2423 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2424 | if (dd->caps.has_cfb64) |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 2425 | crypto_unregister_skcipher(&aes_cfb64_alg); |
Cyrille Pitchen | 924a8bc | 2015-12-17 17:48:35 +0100 | [diff] [blame] | 2426 | |
| 2427 | for (i = 0; i < ARRAY_SIZE(aes_algs); i++) |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 2428 | crypto_unregister_skcipher(&aes_algs[i]); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2429 | } |
| 2430 | |
Tudor Ambarus | aebe5bd | 2019-12-05 13:48:39 +0000 | [diff] [blame] | 2431 | static void atmel_aes_crypto_alg_init(struct crypto_alg *alg) |
| 2432 | { |
Tudor Ambarus | bf2db8e | 2021-07-20 11:55:34 +0300 | [diff] [blame] | 2433 | alg->cra_flags |= CRYPTO_ALG_ASYNC; |
Tudor Ambarus | aebe5bd | 2019-12-05 13:48:39 +0000 | [diff] [blame] | 2434 | alg->cra_alignmask = 0xf; |
| 2435 | alg->cra_priority = ATMEL_AES_PRIORITY; |
| 2436 | alg->cra_module = THIS_MODULE; |
| 2437 | } |
| 2438 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2439 | static int atmel_aes_register_algs(struct atmel_aes_dev *dd) |
| 2440 | { |
| 2441 | int err, i, j; |
| 2442 | |
| 2443 | for (i = 0; i < ARRAY_SIZE(aes_algs); i++) { |
Tudor Ambarus | aebe5bd | 2019-12-05 13:48:39 +0000 | [diff] [blame] | 2444 | atmel_aes_crypto_alg_init(&aes_algs[i].base); |
| 2445 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 2446 | err = crypto_register_skcipher(&aes_algs[i]); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2447 | if (err) |
| 2448 | goto err_aes_algs; |
| 2449 | } |
| 2450 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2451 | if (dd->caps.has_cfb64) { |
Tudor Ambarus | aebe5bd | 2019-12-05 13:48:39 +0000 | [diff] [blame] | 2452 | atmel_aes_crypto_alg_init(&aes_cfb64_alg.base); |
| 2453 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 2454 | err = crypto_register_skcipher(&aes_cfb64_alg); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2455 | if (err) |
| 2456 | goto err_aes_cfb64_alg; |
| 2457 | } |
| 2458 | |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 2459 | if (dd->caps.has_gcm) { |
Tudor Ambarus | aebe5bd | 2019-12-05 13:48:39 +0000 | [diff] [blame] | 2460 | atmel_aes_crypto_alg_init(&aes_gcm_alg.base); |
| 2461 | |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 2462 | err = crypto_register_aead(&aes_gcm_alg); |
| 2463 | if (err) |
| 2464 | goto err_aes_gcm_alg; |
| 2465 | } |
| 2466 | |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 2467 | if (dd->caps.has_xts) { |
Tudor Ambarus | aebe5bd | 2019-12-05 13:48:39 +0000 | [diff] [blame] | 2468 | atmel_aes_crypto_alg_init(&aes_xts_alg.base); |
| 2469 | |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 2470 | err = crypto_register_skcipher(&aes_xts_alg); |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 2471 | if (err) |
| 2472 | goto err_aes_xts_alg; |
| 2473 | } |
| 2474 | |
Herbert Xu | 1520c72 | 2019-10-28 15:39:07 +0800 | [diff] [blame] | 2475 | #if IS_ENABLED(CONFIG_CRYPTO_DEV_ATMEL_AUTHENC) |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2476 | if (dd->caps.has_authenc) { |
| 2477 | for (i = 0; i < ARRAY_SIZE(aes_authenc_algs); i++) { |
Tudor Ambarus | aebe5bd | 2019-12-05 13:48:39 +0000 | [diff] [blame] | 2478 | atmel_aes_crypto_alg_init(&aes_authenc_algs[i].base); |
| 2479 | |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2480 | err = crypto_register_aead(&aes_authenc_algs[i]); |
| 2481 | if (err) |
| 2482 | goto err_aes_authenc_alg; |
| 2483 | } |
| 2484 | } |
| 2485 | #endif |
| 2486 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2487 | return 0; |
| 2488 | |
Herbert Xu | 1520c72 | 2019-10-28 15:39:07 +0800 | [diff] [blame] | 2489 | #if IS_ENABLED(CONFIG_CRYPTO_DEV_ATMEL_AUTHENC) |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2490 | /* i = ARRAY_SIZE(aes_authenc_algs); */ |
| 2491 | err_aes_authenc_alg: |
| 2492 | for (j = 0; j < i; j++) |
| 2493 | crypto_unregister_aead(&aes_authenc_algs[j]); |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 2494 | crypto_unregister_skcipher(&aes_xts_alg); |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2495 | #endif |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 2496 | err_aes_xts_alg: |
| 2497 | crypto_unregister_aead(&aes_gcm_alg); |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 2498 | err_aes_gcm_alg: |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 2499 | crypto_unregister_skcipher(&aes_cfb64_alg); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2500 | err_aes_cfb64_alg: |
| 2501 | i = ARRAY_SIZE(aes_algs); |
| 2502 | err_aes_algs: |
| 2503 | for (j = 0; j < i; j++) |
Ard Biesheuvel | 7ada42d | 2019-11-09 18:09:33 +0100 | [diff] [blame] | 2504 | crypto_unregister_skcipher(&aes_algs[j]); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2505 | |
| 2506 | return err; |
| 2507 | } |
| 2508 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2509 | static void atmel_aes_get_cap(struct atmel_aes_dev *dd) |
| 2510 | { |
| 2511 | dd->caps.has_dualbuff = 0; |
| 2512 | dd->caps.has_cfb64 = 0; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 2513 | dd->caps.has_gcm = 0; |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 2514 | dd->caps.has_xts = 0; |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2515 | dd->caps.has_authenc = 0; |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2516 | dd->caps.max_burst_size = 1; |
| 2517 | |
| 2518 | /* keep only major version number */ |
| 2519 | switch (dd->hw_version & 0xff0) { |
Leilei Zhao | 973e209 | 2015-12-17 17:48:32 +0100 | [diff] [blame] | 2520 | case 0x500: |
| 2521 | dd->caps.has_dualbuff = 1; |
| 2522 | dd->caps.has_cfb64 = 1; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 2523 | dd->caps.has_gcm = 1; |
Cyrille Pitchen | d52db51 | 2016-10-03 14:33:16 +0200 | [diff] [blame] | 2524 | dd->caps.has_xts = 1; |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2525 | dd->caps.has_authenc = 1; |
Leilei Zhao | 973e209 | 2015-12-17 17:48:32 +0100 | [diff] [blame] | 2526 | dd->caps.max_burst_size = 4; |
| 2527 | break; |
Leilei Zhao | cf1f0d1 | 2015-04-07 17:45:02 +0800 | [diff] [blame] | 2528 | case 0x200: |
| 2529 | dd->caps.has_dualbuff = 1; |
| 2530 | dd->caps.has_cfb64 = 1; |
Cyrille Pitchen | d441954 | 2015-12-17 18:13:07 +0100 | [diff] [blame] | 2531 | dd->caps.has_gcm = 1; |
Leilei Zhao | cf1f0d1 | 2015-04-07 17:45:02 +0800 | [diff] [blame] | 2532 | dd->caps.max_burst_size = 4; |
| 2533 | break; |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2534 | case 0x130: |
| 2535 | dd->caps.has_dualbuff = 1; |
| 2536 | dd->caps.has_cfb64 = 1; |
| 2537 | dd->caps.max_burst_size = 4; |
| 2538 | break; |
| 2539 | case 0x120: |
| 2540 | break; |
| 2541 | default: |
| 2542 | dev_warn(dd->dev, |
| 2543 | "Unmanaged aes version, set minimum capabilities\n"); |
| 2544 | break; |
| 2545 | } |
| 2546 | } |
| 2547 | |
Nicolas Ferre | be943c7 | 2013-10-14 17:52:38 +0200 | [diff] [blame] | 2548 | #if defined(CONFIG_OF) |
| 2549 | static const struct of_device_id atmel_aes_dt_ids[] = { |
| 2550 | { .compatible = "atmel,at91sam9g46-aes" }, |
| 2551 | { /* sentinel */ } |
| 2552 | }; |
| 2553 | MODULE_DEVICE_TABLE(of, atmel_aes_dt_ids); |
Nicolas Ferre | be943c7 | 2013-10-14 17:52:38 +0200 | [diff] [blame] | 2554 | #endif |
| 2555 | |
Greg Kroah-Hartman | 49cfe4d | 2012-12-21 13:14:09 -0800 | [diff] [blame] | 2556 | static int atmel_aes_probe(struct platform_device *pdev) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2557 | { |
| 2558 | struct atmel_aes_dev *aes_dd; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2559 | struct device *dev = &pdev->dev; |
| 2560 | struct resource *aes_res; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2561 | int err; |
| 2562 | |
LABBE Corentin | b0e8b34 | 2015-10-12 19:47:03 +0200 | [diff] [blame] | 2563 | aes_dd = devm_kzalloc(&pdev->dev, sizeof(*aes_dd), GFP_KERNEL); |
Tudor Ambarus | c9063a0 | 2019-12-05 09:53:51 +0000 | [diff] [blame] | 2564 | if (!aes_dd) |
| 2565 | return -ENOMEM; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2566 | |
| 2567 | aes_dd->dev = dev; |
| 2568 | |
| 2569 | platform_set_drvdata(pdev, aes_dd); |
| 2570 | |
| 2571 | INIT_LIST_HEAD(&aes_dd->list); |
Leilei Zhao | 8a10eb8 | 2015-04-07 17:45:09 +0800 | [diff] [blame] | 2572 | spin_lock_init(&aes_dd->lock); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2573 | |
| 2574 | tasklet_init(&aes_dd->done_task, atmel_aes_done_task, |
| 2575 | (unsigned long)aes_dd); |
| 2576 | tasklet_init(&aes_dd->queue_task, atmel_aes_queue_task, |
| 2577 | (unsigned long)aes_dd); |
| 2578 | |
| 2579 | crypto_init_queue(&aes_dd->queue, ATMEL_AES_QUEUE_LENGTH); |
| 2580 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2581 | /* Get the base address */ |
| 2582 | aes_res = platform_get_resource(pdev, IORESOURCE_MEM, 0); |
| 2583 | if (!aes_res) { |
| 2584 | dev_err(dev, "no MEM resource info\n"); |
| 2585 | err = -ENODEV; |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2586 | goto err_tasklet_kill; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2587 | } |
| 2588 | aes_dd->phys_base = aes_res->start; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2589 | |
| 2590 | /* Get the IRQ */ |
| 2591 | aes_dd->irq = platform_get_irq(pdev, 0); |
| 2592 | if (aes_dd->irq < 0) { |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2593 | err = aes_dd->irq; |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2594 | goto err_tasklet_kill; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2595 | } |
| 2596 | |
LABBE Corentin | b0e8b34 | 2015-10-12 19:47:03 +0200 | [diff] [blame] | 2597 | err = devm_request_irq(&pdev->dev, aes_dd->irq, atmel_aes_irq, |
| 2598 | IRQF_SHARED, "atmel-aes", aes_dd); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2599 | if (err) { |
| 2600 | dev_err(dev, "unable to request aes irq.\n"); |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2601 | goto err_tasklet_kill; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2602 | } |
| 2603 | |
| 2604 | /* Initializing the clock */ |
LABBE Corentin | b0e8b34 | 2015-10-12 19:47:03 +0200 | [diff] [blame] | 2605 | aes_dd->iclk = devm_clk_get(&pdev->dev, "aes_clk"); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2606 | if (IS_ERR(aes_dd->iclk)) { |
Colin Ian King | be20835 | 2015-02-28 20:40:10 +0000 | [diff] [blame] | 2607 | dev_err(dev, "clock initialization failed.\n"); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2608 | err = PTR_ERR(aes_dd->iclk); |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2609 | goto err_tasklet_kill; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2610 | } |
| 2611 | |
LABBE Corentin | b0e8b34 | 2015-10-12 19:47:03 +0200 | [diff] [blame] | 2612 | aes_dd->io_base = devm_ioremap_resource(&pdev->dev, aes_res); |
Vladimir Zapolskiy | 9b52d55 | 2016-03-06 03:21:52 +0200 | [diff] [blame] | 2613 | if (IS_ERR(aes_dd->io_base)) { |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2614 | dev_err(dev, "can't ioremap\n"); |
Vladimir Zapolskiy | 9b52d55 | 2016-03-06 03:21:52 +0200 | [diff] [blame] | 2615 | err = PTR_ERR(aes_dd->io_base); |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2616 | goto err_tasklet_kill; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2617 | } |
| 2618 | |
Cyrille Pitchen | 49a2045 | 2016-01-29 17:53:33 +0100 | [diff] [blame] | 2619 | err = clk_prepare(aes_dd->iclk); |
Cyrille Pitchen | aab0a39 | 2015-12-17 17:48:37 +0100 | [diff] [blame] | 2620 | if (err) |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2621 | goto err_tasklet_kill; |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2622 | |
Cyrille Pitchen | 49a2045 | 2016-01-29 17:53:33 +0100 | [diff] [blame] | 2623 | err = atmel_aes_hw_version_init(aes_dd); |
| 2624 | if (err) |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2625 | goto err_iclk_unprepare; |
Cyrille Pitchen | 49a2045 | 2016-01-29 17:53:33 +0100 | [diff] [blame] | 2626 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2627 | atmel_aes_get_cap(aes_dd); |
| 2628 | |
Herbert Xu | 1520c72 | 2019-10-28 15:39:07 +0800 | [diff] [blame] | 2629 | #if IS_ENABLED(CONFIG_CRYPTO_DEV_ATMEL_AUTHENC) |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2630 | if (aes_dd->caps.has_authenc && !atmel_sha_authenc_is_ready()) { |
| 2631 | err = -EPROBE_DEFER; |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2632 | goto err_iclk_unprepare; |
Cyrille Pitchen | 89a82ef | 2017-01-26 17:07:56 +0100 | [diff] [blame] | 2633 | } |
| 2634 | #endif |
| 2635 | |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2636 | err = atmel_aes_buff_init(aes_dd); |
| 2637 | if (err) |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2638 | goto err_iclk_unprepare; |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2639 | |
Tudor Ambarus | 827a98d | 2019-12-13 09:54:49 +0000 | [diff] [blame] | 2640 | err = atmel_aes_dma_init(aes_dd); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2641 | if (err) |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2642 | goto err_buff_cleanup; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2643 | |
| 2644 | spin_lock(&atmel_aes.lock); |
| 2645 | list_add_tail(&aes_dd->list, &atmel_aes.dev_list); |
| 2646 | spin_unlock(&atmel_aes.lock); |
| 2647 | |
| 2648 | err = atmel_aes_register_algs(aes_dd); |
| 2649 | if (err) |
| 2650 | goto err_algs; |
| 2651 | |
Nicolas Ferre | be943c7 | 2013-10-14 17:52:38 +0200 | [diff] [blame] | 2652 | dev_info(dev, "Atmel AES - Using %s, %s for DMA transfers\n", |
Cyrille Pitchen | bbe628e | 2015-12-17 18:13:00 +0100 | [diff] [blame] | 2653 | dma_chan_name(aes_dd->src.chan), |
| 2654 | dma_chan_name(aes_dd->dst.chan)); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2655 | |
| 2656 | return 0; |
| 2657 | |
| 2658 | err_algs: |
| 2659 | spin_lock(&atmel_aes.lock); |
| 2660 | list_del(&aes_dd->list); |
| 2661 | spin_unlock(&atmel_aes.lock); |
| 2662 | atmel_aes_dma_cleanup(aes_dd); |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2663 | err_buff_cleanup: |
Nicolas Royer | cadc4ab | 2013-02-20 17:10:24 +0100 | [diff] [blame] | 2664 | atmel_aes_buff_cleanup(aes_dd); |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2665 | err_iclk_unprepare: |
Cyrille Pitchen | 49a2045 | 2016-01-29 17:53:33 +0100 | [diff] [blame] | 2666 | clk_unprepare(aes_dd->iclk); |
Tudor Ambarus | e783651 | 2019-12-05 09:53:53 +0000 | [diff] [blame] | 2667 | err_tasklet_kill: |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2668 | tasklet_kill(&aes_dd->done_task); |
| 2669 | tasklet_kill(&aes_dd->queue_task); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2670 | |
| 2671 | return err; |
| 2672 | } |
| 2673 | |
Greg Kroah-Hartman | 49cfe4d | 2012-12-21 13:14:09 -0800 | [diff] [blame] | 2674 | static int atmel_aes_remove(struct platform_device *pdev) |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2675 | { |
Wei Yongjun | fc78334 | 2016-10-24 14:51:22 +0000 | [diff] [blame] | 2676 | struct atmel_aes_dev *aes_dd; |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2677 | |
| 2678 | aes_dd = platform_get_drvdata(pdev); |
| 2679 | if (!aes_dd) |
| 2680 | return -ENODEV; |
| 2681 | spin_lock(&atmel_aes.lock); |
| 2682 | list_del(&aes_dd->list); |
| 2683 | spin_unlock(&atmel_aes.lock); |
| 2684 | |
| 2685 | atmel_aes_unregister_algs(aes_dd); |
| 2686 | |
| 2687 | tasklet_kill(&aes_dd->done_task); |
| 2688 | tasklet_kill(&aes_dd->queue_task); |
| 2689 | |
| 2690 | atmel_aes_dma_cleanup(aes_dd); |
Cyrille Pitchen | 2a37782 | 2015-12-17 17:48:46 +0100 | [diff] [blame] | 2691 | atmel_aes_buff_cleanup(aes_dd); |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2692 | |
Cyrille Pitchen | 49a2045 | 2016-01-29 17:53:33 +0100 | [diff] [blame] | 2693 | clk_unprepare(aes_dd->iclk); |
| 2694 | |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2695 | return 0; |
| 2696 | } |
| 2697 | |
| 2698 | static struct platform_driver atmel_aes_driver = { |
| 2699 | .probe = atmel_aes_probe, |
Greg Kroah-Hartman | 49cfe4d | 2012-12-21 13:14:09 -0800 | [diff] [blame] | 2700 | .remove = atmel_aes_remove, |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2701 | .driver = { |
| 2702 | .name = "atmel_aes", |
Nicolas Ferre | be943c7 | 2013-10-14 17:52:38 +0200 | [diff] [blame] | 2703 | .of_match_table = of_match_ptr(atmel_aes_dt_ids), |
Nicolas Royer | bd3c7b5 | 2012-07-01 19:19:44 +0200 | [diff] [blame] | 2704 | }, |
| 2705 | }; |
| 2706 | |
| 2707 | module_platform_driver(atmel_aes_driver); |
| 2708 | |
| 2709 | MODULE_DESCRIPTION("Atmel AES hw acceleration support."); |
| 2710 | MODULE_LICENSE("GPL v2"); |
| 2711 | MODULE_AUTHOR("Nicolas Royer - Eukréa Electromatique"); |