1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Copyright (c) 2010-2011 Picochip Ltd., Jamie Iles
5 #include <crypto/internal/aead.h>
6 #include <crypto/aes.h>
7 #include <crypto/algapi.h>
8 #include <crypto/authenc.h>
9 #include <crypto/des.h>
10 #include <crypto/md5.h>
11 #include <crypto/sha.h>
12 #include <crypto/internal/skcipher.h>
13 #include <linux/clk.h>
14 #include <linux/crypto.h>
15 #include <linux/delay.h>
16 #include <linux/dma-mapping.h>
17 #include <linux/dmapool.h>
18 #include <linux/err.h>
19 #include <linux/init.h>
20 #include <linux/interrupt.h>
22 #include <linux/list.h>
23 #include <linux/module.h>
25 #include <linux/platform_device.h>
27 #include <linux/rtnetlink.h>
28 #include <linux/scatterlist.h>
29 #include <linux/sched.h>
30 #include <linux/sizes.h>
31 #include <linux/slab.h>
32 #include <linux/timer.h>
34 #include "picoxcell_crypto_regs.h"
37 * The threshold for the number of entries in the CMD FIFO available before
38 * the CMD0_CNT interrupt is raised. Increasing this value will reduce the
39 * number of interrupts raised to the CPU.
41 #define CMD0_IRQ_THRESHOLD 1
44 * The timeout period (in jiffies) for a PDU. When the the number of PDUs in
45 * flight is greater than the STAT_IRQ_THRESHOLD or 0 the timer is disabled.
46 * When there are packets in flight but lower than the threshold, we enable
47 * the timer and at expiry, attempt to remove any processed packets from the
48 * queue and if there are still packets left, schedule the timer again.
50 #define PACKET_TIMEOUT 1
52 /* The priority to register each algorithm with. */
53 #define SPACC_CRYPTO_ALG_PRIORITY 10000
55 #define SPACC_CRYPTO_KASUMI_F8_KEY_LEN 16
56 #define SPACC_CRYPTO_IPSEC_CIPHER_PG_SZ 64
57 #define SPACC_CRYPTO_IPSEC_HASH_PG_SZ 64
58 #define SPACC_CRYPTO_IPSEC_MAX_CTXS 32
59 #define SPACC_CRYPTO_IPSEC_FIFO_SZ 32
60 #define SPACC_CRYPTO_L2_CIPHER_PG_SZ 64
61 #define SPACC_CRYPTO_L2_HASH_PG_SZ 64
62 #define SPACC_CRYPTO_L2_MAX_CTXS 128
63 #define SPACC_CRYPTO_L2_FIFO_SZ 128
65 #define MAX_DDT_LEN 16
67 /* DDT format. This must match the hardware DDT format exactly. */
74 * Asynchronous crypto request structure.
76 * This structure defines a request that is either queued for processing or
80 struct list_head list;
81 struct spacc_engine *engine;
82 struct crypto_async_request *req;
86 dma_addr_t src_addr, dst_addr;
87 struct spacc_ddt *src_ddt, *dst_ddt;
88 void (*complete)(struct spacc_req *req);
92 unsigned long ctrl_default;
95 struct spacc_engine *engine;
96 struct list_head entry;
101 struct spacc_engine {
103 struct list_head pending;
107 struct list_head completed;
108 struct list_head in_progress;
109 struct tasklet_struct complete;
110 unsigned long fifo_sz;
111 void __iomem *cipher_ctx_base;
112 void __iomem *hash_key_base;
113 struct spacc_alg *algs;
115 struct list_head registered_algs;
116 struct spacc_aead *aeads;
118 struct list_head registered_aeads;
125 struct timer_list packet_timeout;
126 unsigned stat_irq_thresh;
127 struct dma_pool *req_pool;
130 /* Algorithm type mask. */
131 #define SPACC_CRYPTO_ALG_MASK 0x7
133 /* SPACC definition of a crypto algorithm. */
135 unsigned long ctrl_default;
137 struct crypto_alg alg;
138 struct spacc_engine *engine;
139 struct list_head entry;
144 /* Generic context structure for any algorithm type. */
145 struct spacc_generic_ctx {
146 struct spacc_engine *engine;
152 /* Block cipher context. */
153 struct spacc_ablk_ctx {
154 struct spacc_generic_ctx generic;
155 u8 key[AES_MAX_KEY_SIZE];
158 * The fallback cipher. If the operation can't be done in hardware,
159 * fallback to a software version.
161 struct crypto_sync_skcipher *sw_cipher;
164 /* AEAD cipher context. */
165 struct spacc_aead_ctx {
166 struct spacc_generic_ctx generic;
167 u8 cipher_key[AES_MAX_KEY_SIZE];
168 u8 hash_ctx[SPACC_CRYPTO_IPSEC_HASH_PG_SZ];
171 struct crypto_aead *sw_cipher;
174 static int spacc_ablk_submit(struct spacc_req *req);
176 static inline struct spacc_alg *to_spacc_alg(struct crypto_alg *alg)
178 return alg ? container_of(alg, struct spacc_alg, alg) : NULL;
181 static inline struct spacc_aead *to_spacc_aead(struct aead_alg *alg)
183 return container_of(alg, struct spacc_aead, alg);
186 static inline int spacc_fifo_cmd_full(struct spacc_engine *engine)
188 u32 fifo_stat = readl(engine->regs + SPA_FIFO_STAT_REG_OFFSET);
190 return fifo_stat & SPA_FIFO_CMD_FULL;
194 * Given a cipher context, and a context number, get the base address of the
197 * Returns the address of the context page where the key/context may
200 static inline void __iomem *spacc_ctx_page_addr(struct spacc_generic_ctx *ctx,
204 return is_cipher_ctx ? ctx->engine->cipher_ctx_base +
205 (indx * ctx->engine->cipher_pg_sz) :
206 ctx->engine->hash_key_base + (indx * ctx->engine->hash_pg_sz);
209 /* The context pages can only be written with 32-bit accesses. */
210 static inline void memcpy_toio32(u32 __iomem *dst, const void *src,
213 const u32 *src32 = (const u32 *) src;
216 writel(*src32++, dst++);
219 static void spacc_cipher_write_ctx(struct spacc_generic_ctx *ctx,
220 void __iomem *page_addr, const u8 *key,
221 size_t key_len, const u8 *iv, size_t iv_len)
223 void __iomem *key_ptr = page_addr + ctx->key_offs;
224 void __iomem *iv_ptr = page_addr + ctx->iv_offs;
226 memcpy_toio32(key_ptr, key, key_len / 4);
227 memcpy_toio32(iv_ptr, iv, iv_len / 4);
231 * Load a context into the engines context memory.
233 * Returns the index of the context page where the context was loaded.
235 static unsigned spacc_load_ctx(struct spacc_generic_ctx *ctx,
236 const u8 *ciph_key, size_t ciph_len,
237 const u8 *iv, size_t ivlen, const u8 *hash_key,
240 unsigned indx = ctx->engine->next_ctx++;
241 void __iomem *ciph_page_addr, *hash_page_addr;
243 ciph_page_addr = spacc_ctx_page_addr(ctx, indx, 1);
244 hash_page_addr = spacc_ctx_page_addr(ctx, indx, 0);
246 ctx->engine->next_ctx &= ctx->engine->fifo_sz - 1;
247 spacc_cipher_write_ctx(ctx, ciph_page_addr, ciph_key, ciph_len, iv,
249 writel(ciph_len | (indx << SPA_KEY_SZ_CTX_INDEX_OFFSET) |
250 (1 << SPA_KEY_SZ_CIPHER_OFFSET),
251 ctx->engine->regs + SPA_KEY_SZ_REG_OFFSET);
254 memcpy_toio32(hash_page_addr, hash_key, hash_len / 4);
255 writel(hash_len | (indx << SPA_KEY_SZ_CTX_INDEX_OFFSET),
256 ctx->engine->regs + SPA_KEY_SZ_REG_OFFSET);
262 static inline void ddt_set(struct spacc_ddt *ddt, dma_addr_t phys, size_t len)
269 * Take a crypto request and scatterlists for the data and turn them into DDTs
270 * for passing to the crypto engines. This also DMA maps the data so that the
271 * crypto engines can DMA to/from them.
273 static struct spacc_ddt *spacc_sg_to_ddt(struct spacc_engine *engine,
274 struct scatterlist *payload,
276 enum dma_data_direction dir,
277 dma_addr_t *ddt_phys)
279 unsigned mapped_ents;
280 struct scatterlist *cur;
281 struct spacc_ddt *ddt;
285 nents = sg_nents_for_len(payload, nbytes);
287 dev_err(engine->dev, "Invalid numbers of SG.\n");
290 mapped_ents = dma_map_sg(engine->dev, payload, nents, dir);
292 if (mapped_ents + 1 > MAX_DDT_LEN)
295 ddt = dma_pool_alloc(engine->req_pool, GFP_ATOMIC, ddt_phys);
299 for_each_sg(payload, cur, mapped_ents, i)
300 ddt_set(&ddt[i], sg_dma_address(cur), sg_dma_len(cur));
301 ddt_set(&ddt[mapped_ents], 0, 0);
306 dma_unmap_sg(engine->dev, payload, nents, dir);
310 static int spacc_aead_make_ddts(struct aead_request *areq)
312 struct crypto_aead *aead = crypto_aead_reqtfm(areq);
313 struct spacc_req *req = aead_request_ctx(areq);
314 struct spacc_engine *engine = req->engine;
315 struct spacc_ddt *src_ddt, *dst_ddt;
317 int src_nents, dst_nents;
318 struct scatterlist *cur;
319 int i, dst_ents, src_ents;
321 total = areq->assoclen + areq->cryptlen;
323 total += crypto_aead_authsize(aead);
325 src_nents = sg_nents_for_len(areq->src, total);
327 dev_err(engine->dev, "Invalid numbers of src SG.\n");
330 if (src_nents + 1 > MAX_DDT_LEN)
334 if (areq->src != areq->dst) {
335 dst_nents = sg_nents_for_len(areq->dst, total);
337 dev_err(engine->dev, "Invalid numbers of dst SG.\n");
340 if (src_nents + 1 > MAX_DDT_LEN)
344 src_ddt = dma_pool_alloc(engine->req_pool, GFP_ATOMIC, &req->src_addr);
348 dst_ddt = dma_pool_alloc(engine->req_pool, GFP_ATOMIC, &req->dst_addr);
352 req->src_ddt = src_ddt;
353 req->dst_ddt = dst_ddt;
356 src_ents = dma_map_sg(engine->dev, areq->src, src_nents,
361 dst_ents = dma_map_sg(engine->dev, areq->dst, dst_nents,
365 dma_unmap_sg(engine->dev, areq->src, src_nents,
370 src_ents = dma_map_sg(engine->dev, areq->src, src_nents,
378 * Now map in the payload for the source and destination and terminate
379 * with the NULL pointers.
381 for_each_sg(areq->src, cur, src_ents, i)
382 ddt_set(src_ddt++, sg_dma_address(cur), sg_dma_len(cur));
384 /* For decryption we need to skip the associated data. */
385 total = req->is_encrypt ? 0 : areq->assoclen;
386 for_each_sg(areq->dst, cur, dst_ents, i) {
387 unsigned len = sg_dma_len(cur);
394 ddt_set(dst_ddt++, sg_dma_address(cur) + total, len - total);
397 ddt_set(src_ddt, 0, 0);
398 ddt_set(dst_ddt, 0, 0);
403 dma_pool_free(engine->req_pool, dst_ddt, req->dst_addr);
405 dma_pool_free(engine->req_pool, src_ddt, req->src_addr);
410 static void spacc_aead_free_ddts(struct spacc_req *req)
412 struct aead_request *areq = container_of(req->req, struct aead_request,
414 struct crypto_aead *aead = crypto_aead_reqtfm(areq);
415 unsigned total = areq->assoclen + areq->cryptlen +
416 (req->is_encrypt ? crypto_aead_authsize(aead) : 0);
417 struct spacc_aead_ctx *aead_ctx = crypto_aead_ctx(aead);
418 struct spacc_engine *engine = aead_ctx->generic.engine;
419 int nents = sg_nents_for_len(areq->src, total);
421 /* sg_nents_for_len should not fail since it works when mapping sg */
422 if (unlikely(nents < 0)) {
423 dev_err(engine->dev, "Invalid numbers of src SG.\n");
427 if (areq->src != areq->dst) {
428 dma_unmap_sg(engine->dev, areq->src, nents, DMA_TO_DEVICE);
429 nents = sg_nents_for_len(areq->dst, total);
430 if (unlikely(nents < 0)) {
431 dev_err(engine->dev, "Invalid numbers of dst SG.\n");
434 dma_unmap_sg(engine->dev, areq->dst, nents, DMA_FROM_DEVICE);
436 dma_unmap_sg(engine->dev, areq->src, nents, DMA_BIDIRECTIONAL);
438 dma_pool_free(engine->req_pool, req->src_ddt, req->src_addr);
439 dma_pool_free(engine->req_pool, req->dst_ddt, req->dst_addr);
442 static void spacc_free_ddt(struct spacc_req *req, struct spacc_ddt *ddt,
443 dma_addr_t ddt_addr, struct scatterlist *payload,
444 unsigned nbytes, enum dma_data_direction dir)
446 int nents = sg_nents_for_len(payload, nbytes);
449 dev_err(req->engine->dev, "Invalid numbers of SG.\n");
453 dma_unmap_sg(req->engine->dev, payload, nents, dir);
454 dma_pool_free(req->engine->req_pool, ddt, ddt_addr);
457 static int spacc_aead_setkey(struct crypto_aead *tfm, const u8 *key,
460 struct spacc_aead_ctx *ctx = crypto_aead_ctx(tfm);
461 struct crypto_authenc_keys keys;
464 crypto_aead_clear_flags(ctx->sw_cipher, CRYPTO_TFM_REQ_MASK);
465 crypto_aead_set_flags(ctx->sw_cipher, crypto_aead_get_flags(tfm) &
466 CRYPTO_TFM_REQ_MASK);
467 err = crypto_aead_setkey(ctx->sw_cipher, key, keylen);
468 crypto_aead_clear_flags(tfm, CRYPTO_TFM_RES_MASK);
469 crypto_aead_set_flags(tfm, crypto_aead_get_flags(ctx->sw_cipher) &
470 CRYPTO_TFM_RES_MASK);
474 if (crypto_authenc_extractkeys(&keys, key, keylen) != 0)
477 if (keys.enckeylen > AES_MAX_KEY_SIZE)
480 if (keys.authkeylen > sizeof(ctx->hash_ctx))
483 memcpy(ctx->cipher_key, keys.enckey, keys.enckeylen);
484 ctx->cipher_key_len = keys.enckeylen;
486 memcpy(ctx->hash_ctx, keys.authkey, keys.authkeylen);
487 ctx->hash_key_len = keys.authkeylen;
489 memzero_explicit(&keys, sizeof(keys));
493 crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
494 memzero_explicit(&keys, sizeof(keys));
498 static int spacc_aead_setauthsize(struct crypto_aead *tfm,
499 unsigned int authsize)
501 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(crypto_aead_tfm(tfm));
503 return crypto_aead_setauthsize(ctx->sw_cipher, authsize);
507 * Check if an AEAD request requires a fallback operation. Some requests can't
508 * be completed in hardware because the hardware may not support certain key
509 * sizes. In these cases we need to complete the request in software.
511 static int spacc_aead_need_fallback(struct aead_request *aead_req)
513 struct crypto_aead *aead = crypto_aead_reqtfm(aead_req);
514 struct aead_alg *alg = crypto_aead_alg(aead);
515 struct spacc_aead *spacc_alg = to_spacc_aead(alg);
516 struct spacc_aead_ctx *ctx = crypto_aead_ctx(aead);
519 * If we have a non-supported key-length, then we need to do a
522 if ((spacc_alg->ctrl_default & SPACC_CRYPTO_ALG_MASK) ==
523 SPA_CTRL_CIPH_ALG_AES &&
524 ctx->cipher_key_len != AES_KEYSIZE_128 &&
525 ctx->cipher_key_len != AES_KEYSIZE_256)
531 static int spacc_aead_do_fallback(struct aead_request *req, unsigned alg_type,
534 struct crypto_tfm *old_tfm = crypto_aead_tfm(crypto_aead_reqtfm(req));
535 struct spacc_aead_ctx *ctx = crypto_tfm_ctx(old_tfm);
536 struct aead_request *subreq = aead_request_ctx(req);
538 aead_request_set_tfm(subreq, ctx->sw_cipher);
539 aead_request_set_callback(subreq, req->base.flags,
540 req->base.complete, req->base.data);
541 aead_request_set_crypt(subreq, req->src, req->dst, req->cryptlen,
543 aead_request_set_ad(subreq, req->assoclen);
545 return is_encrypt ? crypto_aead_encrypt(subreq) :
546 crypto_aead_decrypt(subreq);
549 static void spacc_aead_complete(struct spacc_req *req)
551 spacc_aead_free_ddts(req);
552 req->req->complete(req->req, req->result);
555 static int spacc_aead_submit(struct spacc_req *req)
557 struct aead_request *aead_req =
558 container_of(req->req, struct aead_request, base);
559 struct crypto_aead *aead = crypto_aead_reqtfm(aead_req);
560 unsigned int authsize = crypto_aead_authsize(aead);
561 struct spacc_aead_ctx *ctx = crypto_aead_ctx(aead);
562 struct aead_alg *alg = crypto_aead_alg(aead);
563 struct spacc_aead *spacc_alg = to_spacc_aead(alg);
564 struct spacc_engine *engine = ctx->generic.engine;
565 u32 ctrl, proc_len, assoc_len;
567 req->result = -EINPROGRESS;
568 req->ctx_id = spacc_load_ctx(&ctx->generic, ctx->cipher_key,
569 ctx->cipher_key_len, aead_req->iv, crypto_aead_ivsize(aead),
570 ctx->hash_ctx, ctx->hash_key_len);
572 /* Set the source and destination DDT pointers. */
573 writel(req->src_addr, engine->regs + SPA_SRC_PTR_REG_OFFSET);
574 writel(req->dst_addr, engine->regs + SPA_DST_PTR_REG_OFFSET);
575 writel(0, engine->regs + SPA_OFFSET_REG_OFFSET);
577 assoc_len = aead_req->assoclen;
578 proc_len = aead_req->cryptlen + assoc_len;
581 * If we are decrypting, we need to take the length of the ICV out of
582 * the processing length.
584 if (!req->is_encrypt)
585 proc_len -= authsize;
587 writel(proc_len, engine->regs + SPA_PROC_LEN_REG_OFFSET);
588 writel(assoc_len, engine->regs + SPA_AAD_LEN_REG_OFFSET);
589 writel(authsize, engine->regs + SPA_ICV_LEN_REG_OFFSET);
590 writel(0, engine->regs + SPA_ICV_OFFSET_REG_OFFSET);
591 writel(0, engine->regs + SPA_AUX_INFO_REG_OFFSET);
593 ctrl = spacc_alg->ctrl_default | (req->ctx_id << SPA_CTRL_CTX_IDX) |
594 (1 << SPA_CTRL_ICV_APPEND);
596 ctrl |= (1 << SPA_CTRL_ENCRYPT_IDX) | (1 << SPA_CTRL_AAD_COPY);
598 ctrl |= (1 << SPA_CTRL_KEY_EXP);
600 mod_timer(&engine->packet_timeout, jiffies + PACKET_TIMEOUT);
602 writel(ctrl, engine->regs + SPA_CTRL_REG_OFFSET);
607 static int spacc_req_submit(struct spacc_req *req);
609 static void spacc_push(struct spacc_engine *engine)
611 struct spacc_req *req;
613 while (!list_empty(&engine->pending) &&
614 engine->in_flight + 1 <= engine->fifo_sz) {
617 req = list_first_entry(&engine->pending, struct spacc_req,
619 list_move_tail(&req->list, &engine->in_progress);
621 req->result = spacc_req_submit(req);
626 * Setup an AEAD request for processing. This will configure the engine, load
627 * the context and then start the packet processing.
629 static int spacc_aead_setup(struct aead_request *req,
630 unsigned alg_type, bool is_encrypt)
632 struct crypto_aead *aead = crypto_aead_reqtfm(req);
633 struct aead_alg *alg = crypto_aead_alg(aead);
634 struct spacc_engine *engine = to_spacc_aead(alg)->engine;
635 struct spacc_req *dev_req = aead_request_ctx(req);
639 dev_req->req = &req->base;
640 dev_req->is_encrypt = is_encrypt;
641 dev_req->result = -EBUSY;
642 dev_req->engine = engine;
643 dev_req->complete = spacc_aead_complete;
645 if (unlikely(spacc_aead_need_fallback(req) ||
646 ((err = spacc_aead_make_ddts(req)) == -E2BIG)))
647 return spacc_aead_do_fallback(req, alg_type, is_encrypt);
653 spin_lock_irqsave(&engine->hw_lock, flags);
654 if (unlikely(spacc_fifo_cmd_full(engine)) ||
655 engine->in_flight + 1 > engine->fifo_sz) {
656 if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
658 spin_unlock_irqrestore(&engine->hw_lock, flags);
661 list_add_tail(&dev_req->list, &engine->pending);
663 list_add_tail(&dev_req->list, &engine->pending);
666 spin_unlock_irqrestore(&engine->hw_lock, flags);
671 spacc_aead_free_ddts(dev_req);
676 static int spacc_aead_encrypt(struct aead_request *req)
678 struct crypto_aead *aead = crypto_aead_reqtfm(req);
679 struct spacc_aead *alg = to_spacc_aead(crypto_aead_alg(aead));
681 return spacc_aead_setup(req, alg->type, 1);
684 static int spacc_aead_decrypt(struct aead_request *req)
686 struct crypto_aead *aead = crypto_aead_reqtfm(req);
687 struct spacc_aead *alg = to_spacc_aead(crypto_aead_alg(aead));
689 return spacc_aead_setup(req, alg->type, 0);
693 * Initialise a new AEAD context. This is responsible for allocating the
694 * fallback cipher and initialising the context.
696 static int spacc_aead_cra_init(struct crypto_aead *tfm)
698 struct spacc_aead_ctx *ctx = crypto_aead_ctx(tfm);
699 struct aead_alg *alg = crypto_aead_alg(tfm);
700 struct spacc_aead *spacc_alg = to_spacc_aead(alg);
701 struct spacc_engine *engine = spacc_alg->engine;
703 ctx->generic.flags = spacc_alg->type;
704 ctx->generic.engine = engine;
705 ctx->sw_cipher = crypto_alloc_aead(alg->base.cra_name, 0,
706 CRYPTO_ALG_NEED_FALLBACK);
707 if (IS_ERR(ctx->sw_cipher))
708 return PTR_ERR(ctx->sw_cipher);
709 ctx->generic.key_offs = spacc_alg->key_offs;
710 ctx->generic.iv_offs = spacc_alg->iv_offs;
712 crypto_aead_set_reqsize(
714 max(sizeof(struct spacc_req),
715 sizeof(struct aead_request) +
716 crypto_aead_reqsize(ctx->sw_cipher)));
722 * Destructor for an AEAD context. This is called when the transform is freed
723 * and must free the fallback cipher.
725 static void spacc_aead_cra_exit(struct crypto_aead *tfm)
727 struct spacc_aead_ctx *ctx = crypto_aead_ctx(tfm);
729 crypto_free_aead(ctx->sw_cipher);
733 * Set the DES key for a block cipher transform. This also performs weak key
734 * checking if the transform has requested it.
736 static int spacc_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
739 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
740 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
741 u32 tmp[DES_EXPKEY_WORDS];
743 if (unlikely(!des_ekey(tmp, key)) &&
744 (crypto_ablkcipher_get_flags(cipher) &
745 CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
746 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
750 memcpy(ctx->key, key, len);
757 * Set the 3DES key for a block cipher transform. This also performs weak key
758 * checking if the transform has requested it.
760 static int spacc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
763 struct spacc_ablk_ctx *ctx = crypto_ablkcipher_ctx(cipher);
767 flags = crypto_ablkcipher_get_flags(cipher);
768 err = __des3_verify_key(&flags, key);
770 crypto_ablkcipher_set_flags(cipher, flags);
774 memcpy(ctx->key, key, len);
781 * Set the key for an AES block cipher. Some key lengths are not supported in
782 * hardware so this must also check whether a fallback is needed.
784 static int spacc_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
787 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
788 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
791 if (len > AES_MAX_KEY_SIZE) {
792 crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
797 * IPSec engine only supports 128 and 256 bit AES keys. If we get a
798 * request for any other size (192 bits) then we need to do a software
801 if (len != AES_KEYSIZE_128 && len != AES_KEYSIZE_256) {
806 * Set the fallback transform to use the same request flags as
807 * the hardware transform.
809 crypto_sync_skcipher_clear_flags(ctx->sw_cipher,
810 CRYPTO_TFM_REQ_MASK);
811 crypto_sync_skcipher_set_flags(ctx->sw_cipher,
812 cipher->base.crt_flags &
813 CRYPTO_TFM_REQ_MASK);
815 err = crypto_sync_skcipher_setkey(ctx->sw_cipher, key, len);
817 tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
819 crypto_sync_skcipher_get_flags(ctx->sw_cipher) &
823 goto sw_setkey_failed;
826 memcpy(ctx->key, key, len);
833 static int spacc_kasumi_f8_setkey(struct crypto_ablkcipher *cipher,
834 const u8 *key, unsigned int len)
836 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
837 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
840 if (len > AES_MAX_KEY_SIZE) {
841 crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
846 memcpy(ctx->key, key, len);
853 static int spacc_ablk_need_fallback(struct spacc_req *req)
855 struct spacc_ablk_ctx *ctx;
856 struct crypto_tfm *tfm = req->req->tfm;
857 struct crypto_alg *alg = req->req->tfm->__crt_alg;
858 struct spacc_alg *spacc_alg = to_spacc_alg(alg);
860 ctx = crypto_tfm_ctx(tfm);
862 return (spacc_alg->ctrl_default & SPACC_CRYPTO_ALG_MASK) ==
863 SPA_CTRL_CIPH_ALG_AES &&
864 ctx->key_len != AES_KEYSIZE_128 &&
865 ctx->key_len != AES_KEYSIZE_256;
868 static void spacc_ablk_complete(struct spacc_req *req)
870 struct ablkcipher_request *ablk_req = ablkcipher_request_cast(req->req);
872 if (ablk_req->src != ablk_req->dst) {
873 spacc_free_ddt(req, req->src_ddt, req->src_addr, ablk_req->src,
874 ablk_req->nbytes, DMA_TO_DEVICE);
875 spacc_free_ddt(req, req->dst_ddt, req->dst_addr, ablk_req->dst,
876 ablk_req->nbytes, DMA_FROM_DEVICE);
878 spacc_free_ddt(req, req->dst_ddt, req->dst_addr, ablk_req->dst,
879 ablk_req->nbytes, DMA_BIDIRECTIONAL);
881 req->req->complete(req->req, req->result);
884 static int spacc_ablk_submit(struct spacc_req *req)
886 struct crypto_tfm *tfm = req->req->tfm;
887 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
888 struct ablkcipher_request *ablk_req = ablkcipher_request_cast(req->req);
889 struct crypto_alg *alg = req->req->tfm->__crt_alg;
890 struct spacc_alg *spacc_alg = to_spacc_alg(alg);
891 struct spacc_engine *engine = ctx->generic.engine;
894 req->ctx_id = spacc_load_ctx(&ctx->generic, ctx->key,
895 ctx->key_len, ablk_req->info, alg->cra_ablkcipher.ivsize,
898 writel(req->src_addr, engine->regs + SPA_SRC_PTR_REG_OFFSET);
899 writel(req->dst_addr, engine->regs + SPA_DST_PTR_REG_OFFSET);
900 writel(0, engine->regs + SPA_OFFSET_REG_OFFSET);
902 writel(ablk_req->nbytes, engine->regs + SPA_PROC_LEN_REG_OFFSET);
903 writel(0, engine->regs + SPA_ICV_OFFSET_REG_OFFSET);
904 writel(0, engine->regs + SPA_AUX_INFO_REG_OFFSET);
905 writel(0, engine->regs + SPA_AAD_LEN_REG_OFFSET);
907 ctrl = spacc_alg->ctrl_default | (req->ctx_id << SPA_CTRL_CTX_IDX) |
908 (req->is_encrypt ? (1 << SPA_CTRL_ENCRYPT_IDX) :
909 (1 << SPA_CTRL_KEY_EXP));
911 mod_timer(&engine->packet_timeout, jiffies + PACKET_TIMEOUT);
913 writel(ctrl, engine->regs + SPA_CTRL_REG_OFFSET);
918 static int spacc_ablk_do_fallback(struct ablkcipher_request *req,
919 unsigned alg_type, bool is_encrypt)
921 struct crypto_tfm *old_tfm =
922 crypto_ablkcipher_tfm(crypto_ablkcipher_reqtfm(req));
923 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(old_tfm);
924 SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->sw_cipher);
928 * Change the request to use the software fallback transform, and once
929 * the ciphering has completed, put the old transform back into the
932 skcipher_request_set_sync_tfm(subreq, ctx->sw_cipher);
933 skcipher_request_set_callback(subreq, req->base.flags, NULL, NULL);
934 skcipher_request_set_crypt(subreq, req->src, req->dst,
935 req->nbytes, req->info);
936 err = is_encrypt ? crypto_skcipher_encrypt(subreq) :
937 crypto_skcipher_decrypt(subreq);
938 skcipher_request_zero(subreq);
943 static int spacc_ablk_setup(struct ablkcipher_request *req, unsigned alg_type,
946 struct crypto_alg *alg = req->base.tfm->__crt_alg;
947 struct spacc_engine *engine = to_spacc_alg(alg)->engine;
948 struct spacc_req *dev_req = ablkcipher_request_ctx(req);
952 dev_req->req = &req->base;
953 dev_req->is_encrypt = is_encrypt;
954 dev_req->engine = engine;
955 dev_req->complete = spacc_ablk_complete;
956 dev_req->result = -EINPROGRESS;
958 if (unlikely(spacc_ablk_need_fallback(dev_req)))
959 return spacc_ablk_do_fallback(req, alg_type, is_encrypt);
962 * Create the DDT's for the engine. If we share the same source and
963 * destination then we can optimize by reusing the DDT's.
965 if (req->src != req->dst) {
966 dev_req->src_ddt = spacc_sg_to_ddt(engine, req->src,
967 req->nbytes, DMA_TO_DEVICE, &dev_req->src_addr);
968 if (!dev_req->src_ddt)
971 dev_req->dst_ddt = spacc_sg_to_ddt(engine, req->dst,
972 req->nbytes, DMA_FROM_DEVICE, &dev_req->dst_addr);
973 if (!dev_req->dst_ddt)
976 dev_req->dst_ddt = spacc_sg_to_ddt(engine, req->dst,
977 req->nbytes, DMA_BIDIRECTIONAL, &dev_req->dst_addr);
978 if (!dev_req->dst_ddt)
981 dev_req->src_ddt = NULL;
982 dev_req->src_addr = dev_req->dst_addr;
986 spin_lock_irqsave(&engine->hw_lock, flags);
988 * Check if the engine will accept the operation now. If it won't then
989 * we either stick it on the end of a pending list if we can backlog,
990 * or bailout with an error if not.
992 if (unlikely(spacc_fifo_cmd_full(engine)) ||
993 engine->in_flight + 1 > engine->fifo_sz) {
994 if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
996 spin_unlock_irqrestore(&engine->hw_lock, flags);
999 list_add_tail(&dev_req->list, &engine->pending);
1001 list_add_tail(&dev_req->list, &engine->pending);
1004 spin_unlock_irqrestore(&engine->hw_lock, flags);
1009 spacc_free_ddt(dev_req, dev_req->dst_ddt, dev_req->dst_addr, req->dst,
1010 req->nbytes, req->src == req->dst ?
1011 DMA_BIDIRECTIONAL : DMA_FROM_DEVICE);
1013 if (req->src != req->dst)
1014 spacc_free_ddt(dev_req, dev_req->src_ddt, dev_req->src_addr,
1015 req->src, req->nbytes, DMA_TO_DEVICE);
1020 static int spacc_ablk_cra_init(struct crypto_tfm *tfm)
1022 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
1023 struct crypto_alg *alg = tfm->__crt_alg;
1024 struct spacc_alg *spacc_alg = to_spacc_alg(alg);
1025 struct spacc_engine *engine = spacc_alg->engine;
1027 ctx->generic.flags = spacc_alg->type;
1028 ctx->generic.engine = engine;
1029 if (alg->cra_flags & CRYPTO_ALG_NEED_FALLBACK) {
1030 ctx->sw_cipher = crypto_alloc_sync_skcipher(
1031 alg->cra_name, 0, CRYPTO_ALG_NEED_FALLBACK);
1032 if (IS_ERR(ctx->sw_cipher)) {
1033 dev_warn(engine->dev, "failed to allocate fallback for %s\n",
1035 return PTR_ERR(ctx->sw_cipher);
1038 ctx->generic.key_offs = spacc_alg->key_offs;
1039 ctx->generic.iv_offs = spacc_alg->iv_offs;
1041 tfm->crt_ablkcipher.reqsize = sizeof(struct spacc_req);
1046 static void spacc_ablk_cra_exit(struct crypto_tfm *tfm)
1048 struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
1050 crypto_free_sync_skcipher(ctx->sw_cipher);
1053 static int spacc_ablk_encrypt(struct ablkcipher_request *req)
1055 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(req);
1056 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
1057 struct spacc_alg *alg = to_spacc_alg(tfm->__crt_alg);
1059 return spacc_ablk_setup(req, alg->type, 1);
1062 static int spacc_ablk_decrypt(struct ablkcipher_request *req)
1064 struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(req);
1065 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
1066 struct spacc_alg *alg = to_spacc_alg(tfm->__crt_alg);
1068 return spacc_ablk_setup(req, alg->type, 0);
1071 static inline int spacc_fifo_stat_empty(struct spacc_engine *engine)
1073 return readl(engine->regs + SPA_FIFO_STAT_REG_OFFSET) &
1074 SPA_FIFO_STAT_EMPTY;
1077 static void spacc_process_done(struct spacc_engine *engine)
1079 struct spacc_req *req;
1080 unsigned long flags;
1082 spin_lock_irqsave(&engine->hw_lock, flags);
1084 while (!spacc_fifo_stat_empty(engine)) {
1085 req = list_first_entry(&engine->in_progress, struct spacc_req,
1087 list_move_tail(&req->list, &engine->completed);
1088 --engine->in_flight;
1090 /* POP the status register. */
1091 writel(~0, engine->regs + SPA_STAT_POP_REG_OFFSET);
1092 req->result = (readl(engine->regs + SPA_STATUS_REG_OFFSET) &
1093 SPA_STATUS_RES_CODE_MASK) >> SPA_STATUS_RES_CODE_OFFSET;
1096 * Convert the SPAcc error status into the standard POSIX error
1099 if (unlikely(req->result)) {
1100 switch (req->result) {
1101 case SPA_STATUS_ICV_FAIL:
1102 req->result = -EBADMSG;
1105 case SPA_STATUS_MEMORY_ERROR:
1106 dev_warn(engine->dev,
1107 "memory error triggered\n");
1108 req->result = -EFAULT;
1111 case SPA_STATUS_BLOCK_ERROR:
1112 dev_warn(engine->dev,
1113 "block error triggered\n");
1120 tasklet_schedule(&engine->complete);
1122 spin_unlock_irqrestore(&engine->hw_lock, flags);
1125 static irqreturn_t spacc_spacc_irq(int irq, void *dev)
1127 struct spacc_engine *engine = (struct spacc_engine *)dev;
1128 u32 spacc_irq_stat = readl(engine->regs + SPA_IRQ_STAT_REG_OFFSET);
1130 writel(spacc_irq_stat, engine->regs + SPA_IRQ_STAT_REG_OFFSET);
1131 spacc_process_done(engine);
1136 static void spacc_packet_timeout(struct timer_list *t)
1138 struct spacc_engine *engine = from_timer(engine, t, packet_timeout);
1140 spacc_process_done(engine);
1143 static int spacc_req_submit(struct spacc_req *req)
1145 struct crypto_alg *alg = req->req->tfm->__crt_alg;
1147 if (CRYPTO_ALG_TYPE_AEAD == (CRYPTO_ALG_TYPE_MASK & alg->cra_flags))
1148 return spacc_aead_submit(req);
1150 return spacc_ablk_submit(req);
1153 static void spacc_spacc_complete(unsigned long data)
1155 struct spacc_engine *engine = (struct spacc_engine *)data;
1156 struct spacc_req *req, *tmp;
1157 unsigned long flags;
1158 LIST_HEAD(completed);
1160 spin_lock_irqsave(&engine->hw_lock, flags);
1162 list_splice_init(&engine->completed, &completed);
1164 if (engine->in_flight)
1165 mod_timer(&engine->packet_timeout, jiffies + PACKET_TIMEOUT);
1167 spin_unlock_irqrestore(&engine->hw_lock, flags);
1169 list_for_each_entry_safe(req, tmp, &completed, list) {
1170 list_del(&req->list);
1176 static int spacc_suspend(struct device *dev)
1178 struct spacc_engine *engine = dev_get_drvdata(dev);
1181 * We only support standby mode. All we have to do is gate the clock to
1182 * the spacc. The hardware will preserve state until we turn it back
1185 clk_disable(engine->clk);
1190 static int spacc_resume(struct device *dev)
1192 struct spacc_engine *engine = dev_get_drvdata(dev);
1194 return clk_enable(engine->clk);
1197 static const struct dev_pm_ops spacc_pm_ops = {
1198 .suspend = spacc_suspend,
1199 .resume = spacc_resume,
1201 #endif /* CONFIG_PM */
1203 static inline struct spacc_engine *spacc_dev_to_engine(struct device *dev)
1205 return dev ? dev_get_drvdata(dev) : NULL;
1208 static ssize_t spacc_stat_irq_thresh_show(struct device *dev,
1209 struct device_attribute *attr,
1212 struct spacc_engine *engine = spacc_dev_to_engine(dev);
1214 return snprintf(buf, PAGE_SIZE, "%u\n", engine->stat_irq_thresh);
1217 static ssize_t spacc_stat_irq_thresh_store(struct device *dev,
1218 struct device_attribute *attr,
1219 const char *buf, size_t len)
1221 struct spacc_engine *engine = spacc_dev_to_engine(dev);
1222 unsigned long thresh;
1224 if (kstrtoul(buf, 0, &thresh))
1227 thresh = clamp(thresh, 1UL, engine->fifo_sz - 1);
1229 engine->stat_irq_thresh = thresh;
1230 writel(engine->stat_irq_thresh << SPA_IRQ_CTRL_STAT_CNT_OFFSET,
1231 engine->regs + SPA_IRQ_CTRL_REG_OFFSET);
1235 static DEVICE_ATTR(stat_irq_thresh, 0644, spacc_stat_irq_thresh_show,
1236 spacc_stat_irq_thresh_store);
1238 static struct spacc_alg ipsec_engine_algs[] = {
1240 .ctrl_default = SPA_CTRL_CIPH_ALG_AES | SPA_CTRL_CIPH_MODE_CBC,
1242 .iv_offs = AES_MAX_KEY_SIZE,
1244 .cra_name = "cbc(aes)",
1245 .cra_driver_name = "cbc-aes-picoxcell",
1246 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1247 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
1248 CRYPTO_ALG_KERN_DRIVER_ONLY |
1250 CRYPTO_ALG_NEED_FALLBACK,
1251 .cra_blocksize = AES_BLOCK_SIZE,
1252 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1253 .cra_type = &crypto_ablkcipher_type,
1254 .cra_module = THIS_MODULE,
1256 .setkey = spacc_aes_setkey,
1257 .encrypt = spacc_ablk_encrypt,
1258 .decrypt = spacc_ablk_decrypt,
1259 .min_keysize = AES_MIN_KEY_SIZE,
1260 .max_keysize = AES_MAX_KEY_SIZE,
1261 .ivsize = AES_BLOCK_SIZE,
1263 .cra_init = spacc_ablk_cra_init,
1264 .cra_exit = spacc_ablk_cra_exit,
1269 .iv_offs = AES_MAX_KEY_SIZE,
1270 .ctrl_default = SPA_CTRL_CIPH_ALG_AES | SPA_CTRL_CIPH_MODE_ECB,
1272 .cra_name = "ecb(aes)",
1273 .cra_driver_name = "ecb-aes-picoxcell",
1274 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1275 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
1276 CRYPTO_ALG_KERN_DRIVER_ONLY |
1277 CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK,
1278 .cra_blocksize = AES_BLOCK_SIZE,
1279 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1280 .cra_type = &crypto_ablkcipher_type,
1281 .cra_module = THIS_MODULE,
1283 .setkey = spacc_aes_setkey,
1284 .encrypt = spacc_ablk_encrypt,
1285 .decrypt = spacc_ablk_decrypt,
1286 .min_keysize = AES_MIN_KEY_SIZE,
1287 .max_keysize = AES_MAX_KEY_SIZE,
1289 .cra_init = spacc_ablk_cra_init,
1290 .cra_exit = spacc_ablk_cra_exit,
1294 .key_offs = DES_BLOCK_SIZE,
1296 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_CBC,
1298 .cra_name = "cbc(des)",
1299 .cra_driver_name = "cbc-des-picoxcell",
1300 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1301 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
1303 CRYPTO_ALG_KERN_DRIVER_ONLY,
1304 .cra_blocksize = DES_BLOCK_SIZE,
1305 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1306 .cra_type = &crypto_ablkcipher_type,
1307 .cra_module = THIS_MODULE,
1309 .setkey = spacc_des_setkey,
1310 .encrypt = spacc_ablk_encrypt,
1311 .decrypt = spacc_ablk_decrypt,
1312 .min_keysize = DES_KEY_SIZE,
1313 .max_keysize = DES_KEY_SIZE,
1314 .ivsize = DES_BLOCK_SIZE,
1316 .cra_init = spacc_ablk_cra_init,
1317 .cra_exit = spacc_ablk_cra_exit,
1321 .key_offs = DES_BLOCK_SIZE,
1323 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_ECB,
1325 .cra_name = "ecb(des)",
1326 .cra_driver_name = "ecb-des-picoxcell",
1327 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1328 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
1330 CRYPTO_ALG_KERN_DRIVER_ONLY,
1331 .cra_blocksize = DES_BLOCK_SIZE,
1332 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1333 .cra_type = &crypto_ablkcipher_type,
1334 .cra_module = THIS_MODULE,
1336 .setkey = spacc_des_setkey,
1337 .encrypt = spacc_ablk_encrypt,
1338 .decrypt = spacc_ablk_decrypt,
1339 .min_keysize = DES_KEY_SIZE,
1340 .max_keysize = DES_KEY_SIZE,
1342 .cra_init = spacc_ablk_cra_init,
1343 .cra_exit = spacc_ablk_cra_exit,
1347 .key_offs = DES_BLOCK_SIZE,
1349 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_CBC,
1351 .cra_name = "cbc(des3_ede)",
1352 .cra_driver_name = "cbc-des3-ede-picoxcell",
1353 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1354 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
1356 CRYPTO_ALG_KERN_DRIVER_ONLY,
1357 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1358 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1359 .cra_type = &crypto_ablkcipher_type,
1360 .cra_module = THIS_MODULE,
1362 .setkey = spacc_des3_setkey,
1363 .encrypt = spacc_ablk_encrypt,
1364 .decrypt = spacc_ablk_decrypt,
1365 .min_keysize = DES3_EDE_KEY_SIZE,
1366 .max_keysize = DES3_EDE_KEY_SIZE,
1367 .ivsize = DES3_EDE_BLOCK_SIZE,
1369 .cra_init = spacc_ablk_cra_init,
1370 .cra_exit = spacc_ablk_cra_exit,
1374 .key_offs = DES_BLOCK_SIZE,
1376 .ctrl_default = SPA_CTRL_CIPH_ALG_DES | SPA_CTRL_CIPH_MODE_ECB,
1378 .cra_name = "ecb(des3_ede)",
1379 .cra_driver_name = "ecb-des3-ede-picoxcell",
1380 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1381 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
1383 CRYPTO_ALG_KERN_DRIVER_ONLY,
1384 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1385 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1386 .cra_type = &crypto_ablkcipher_type,
1387 .cra_module = THIS_MODULE,
1389 .setkey = spacc_des3_setkey,
1390 .encrypt = spacc_ablk_encrypt,
1391 .decrypt = spacc_ablk_decrypt,
1392 .min_keysize = DES3_EDE_KEY_SIZE,
1393 .max_keysize = DES3_EDE_KEY_SIZE,
1395 .cra_init = spacc_ablk_cra_init,
1396 .cra_exit = spacc_ablk_cra_exit,
1401 static struct spacc_aead ipsec_engine_aeads[] = {
1403 .ctrl_default = SPA_CTRL_CIPH_ALG_AES |
1404 SPA_CTRL_CIPH_MODE_CBC |
1405 SPA_CTRL_HASH_ALG_SHA |
1406 SPA_CTRL_HASH_MODE_HMAC,
1408 .iv_offs = AES_MAX_KEY_SIZE,
1411 .cra_name = "authenc(hmac(sha1),cbc(aes))",
1412 .cra_driver_name = "authenc-hmac-sha1-"
1413 "cbc-aes-picoxcell",
1414 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1415 .cra_flags = CRYPTO_ALG_ASYNC |
1416 CRYPTO_ALG_NEED_FALLBACK |
1417 CRYPTO_ALG_KERN_DRIVER_ONLY,
1418 .cra_blocksize = AES_BLOCK_SIZE,
1419 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1420 .cra_module = THIS_MODULE,
1422 .setkey = spacc_aead_setkey,
1423 .setauthsize = spacc_aead_setauthsize,
1424 .encrypt = spacc_aead_encrypt,
1425 .decrypt = spacc_aead_decrypt,
1426 .ivsize = AES_BLOCK_SIZE,
1427 .maxauthsize = SHA1_DIGEST_SIZE,
1428 .init = spacc_aead_cra_init,
1429 .exit = spacc_aead_cra_exit,
1433 .ctrl_default = SPA_CTRL_CIPH_ALG_AES |
1434 SPA_CTRL_CIPH_MODE_CBC |
1435 SPA_CTRL_HASH_ALG_SHA256 |
1436 SPA_CTRL_HASH_MODE_HMAC,
1438 .iv_offs = AES_MAX_KEY_SIZE,
1441 .cra_name = "authenc(hmac(sha256),cbc(aes))",
1442 .cra_driver_name = "authenc-hmac-sha256-"
1443 "cbc-aes-picoxcell",
1444 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1445 .cra_flags = CRYPTO_ALG_ASYNC |
1446 CRYPTO_ALG_NEED_FALLBACK |
1447 CRYPTO_ALG_KERN_DRIVER_ONLY,
1448 .cra_blocksize = AES_BLOCK_SIZE,
1449 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1450 .cra_module = THIS_MODULE,
1452 .setkey = spacc_aead_setkey,
1453 .setauthsize = spacc_aead_setauthsize,
1454 .encrypt = spacc_aead_encrypt,
1455 .decrypt = spacc_aead_decrypt,
1456 .ivsize = AES_BLOCK_SIZE,
1457 .maxauthsize = SHA256_DIGEST_SIZE,
1458 .init = spacc_aead_cra_init,
1459 .exit = spacc_aead_cra_exit,
1464 .iv_offs = AES_MAX_KEY_SIZE,
1465 .ctrl_default = SPA_CTRL_CIPH_ALG_AES |
1466 SPA_CTRL_CIPH_MODE_CBC |
1467 SPA_CTRL_HASH_ALG_MD5 |
1468 SPA_CTRL_HASH_MODE_HMAC,
1471 .cra_name = "authenc(hmac(md5),cbc(aes))",
1472 .cra_driver_name = "authenc-hmac-md5-"
1473 "cbc-aes-picoxcell",
1474 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1475 .cra_flags = CRYPTO_ALG_ASYNC |
1476 CRYPTO_ALG_NEED_FALLBACK |
1477 CRYPTO_ALG_KERN_DRIVER_ONLY,
1478 .cra_blocksize = AES_BLOCK_SIZE,
1479 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1480 .cra_module = THIS_MODULE,
1482 .setkey = spacc_aead_setkey,
1483 .setauthsize = spacc_aead_setauthsize,
1484 .encrypt = spacc_aead_encrypt,
1485 .decrypt = spacc_aead_decrypt,
1486 .ivsize = AES_BLOCK_SIZE,
1487 .maxauthsize = MD5_DIGEST_SIZE,
1488 .init = spacc_aead_cra_init,
1489 .exit = spacc_aead_cra_exit,
1493 .key_offs = DES_BLOCK_SIZE,
1495 .ctrl_default = SPA_CTRL_CIPH_ALG_DES |
1496 SPA_CTRL_CIPH_MODE_CBC |
1497 SPA_CTRL_HASH_ALG_SHA |
1498 SPA_CTRL_HASH_MODE_HMAC,
1501 .cra_name = "authenc(hmac(sha1),cbc(des3_ede))",
1502 .cra_driver_name = "authenc-hmac-sha1-"
1503 "cbc-3des-picoxcell",
1504 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1505 .cra_flags = CRYPTO_ALG_ASYNC |
1506 CRYPTO_ALG_NEED_FALLBACK |
1507 CRYPTO_ALG_KERN_DRIVER_ONLY,
1508 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1509 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1510 .cra_module = THIS_MODULE,
1512 .setkey = spacc_aead_setkey,
1513 .setauthsize = spacc_aead_setauthsize,
1514 .encrypt = spacc_aead_encrypt,
1515 .decrypt = spacc_aead_decrypt,
1516 .ivsize = DES3_EDE_BLOCK_SIZE,
1517 .maxauthsize = SHA1_DIGEST_SIZE,
1518 .init = spacc_aead_cra_init,
1519 .exit = spacc_aead_cra_exit,
1523 .key_offs = DES_BLOCK_SIZE,
1525 .ctrl_default = SPA_CTRL_CIPH_ALG_AES |
1526 SPA_CTRL_CIPH_MODE_CBC |
1527 SPA_CTRL_HASH_ALG_SHA256 |
1528 SPA_CTRL_HASH_MODE_HMAC,
1531 .cra_name = "authenc(hmac(sha256),"
1533 .cra_driver_name = "authenc-hmac-sha256-"
1534 "cbc-3des-picoxcell",
1535 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1536 .cra_flags = CRYPTO_ALG_ASYNC |
1537 CRYPTO_ALG_NEED_FALLBACK |
1538 CRYPTO_ALG_KERN_DRIVER_ONLY,
1539 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1540 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1541 .cra_module = THIS_MODULE,
1543 .setkey = spacc_aead_setkey,
1544 .setauthsize = spacc_aead_setauthsize,
1545 .encrypt = spacc_aead_encrypt,
1546 .decrypt = spacc_aead_decrypt,
1547 .ivsize = DES3_EDE_BLOCK_SIZE,
1548 .maxauthsize = SHA256_DIGEST_SIZE,
1549 .init = spacc_aead_cra_init,
1550 .exit = spacc_aead_cra_exit,
1554 .key_offs = DES_BLOCK_SIZE,
1556 .ctrl_default = SPA_CTRL_CIPH_ALG_DES |
1557 SPA_CTRL_CIPH_MODE_CBC |
1558 SPA_CTRL_HASH_ALG_MD5 |
1559 SPA_CTRL_HASH_MODE_HMAC,
1562 .cra_name = "authenc(hmac(md5),cbc(des3_ede))",
1563 .cra_driver_name = "authenc-hmac-md5-"
1564 "cbc-3des-picoxcell",
1565 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1566 .cra_flags = CRYPTO_ALG_ASYNC |
1567 CRYPTO_ALG_NEED_FALLBACK |
1568 CRYPTO_ALG_KERN_DRIVER_ONLY,
1569 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1570 .cra_ctxsize = sizeof(struct spacc_aead_ctx),
1571 .cra_module = THIS_MODULE,
1573 .setkey = spacc_aead_setkey,
1574 .setauthsize = spacc_aead_setauthsize,
1575 .encrypt = spacc_aead_encrypt,
1576 .decrypt = spacc_aead_decrypt,
1577 .ivsize = DES3_EDE_BLOCK_SIZE,
1578 .maxauthsize = MD5_DIGEST_SIZE,
1579 .init = spacc_aead_cra_init,
1580 .exit = spacc_aead_cra_exit,
1585 static struct spacc_alg l2_engine_algs[] = {
1588 .iv_offs = SPACC_CRYPTO_KASUMI_F8_KEY_LEN,
1589 .ctrl_default = SPA_CTRL_CIPH_ALG_KASUMI |
1590 SPA_CTRL_CIPH_MODE_F8,
1592 .cra_name = "f8(kasumi)",
1593 .cra_driver_name = "f8-kasumi-picoxcell",
1594 .cra_priority = SPACC_CRYPTO_ALG_PRIORITY,
1595 .cra_flags = CRYPTO_ALG_ASYNC |
1596 CRYPTO_ALG_KERN_DRIVER_ONLY,
1598 .cra_ctxsize = sizeof(struct spacc_ablk_ctx),
1599 .cra_type = &crypto_ablkcipher_type,
1600 .cra_module = THIS_MODULE,
1602 .setkey = spacc_kasumi_f8_setkey,
1603 .encrypt = spacc_ablk_encrypt,
1604 .decrypt = spacc_ablk_decrypt,
1609 .cra_init = spacc_ablk_cra_init,
1610 .cra_exit = spacc_ablk_cra_exit,
1616 static const struct of_device_id spacc_of_id_table[] = {
1617 { .compatible = "picochip,spacc-ipsec" },
1618 { .compatible = "picochip,spacc-l2" },
1621 MODULE_DEVICE_TABLE(of, spacc_of_id_table);
1622 #endif /* CONFIG_OF */
1624 static int spacc_probe(struct platform_device *pdev)
1627 struct resource *mem, *irq;
1628 struct device_node *np = pdev->dev.of_node;
1629 struct spacc_engine *engine = devm_kzalloc(&pdev->dev, sizeof(*engine),
1634 if (of_device_is_compatible(np, "picochip,spacc-ipsec")) {
1635 engine->max_ctxs = SPACC_CRYPTO_IPSEC_MAX_CTXS;
1636 engine->cipher_pg_sz = SPACC_CRYPTO_IPSEC_CIPHER_PG_SZ;
1637 engine->hash_pg_sz = SPACC_CRYPTO_IPSEC_HASH_PG_SZ;
1638 engine->fifo_sz = SPACC_CRYPTO_IPSEC_FIFO_SZ;
1639 engine->algs = ipsec_engine_algs;
1640 engine->num_algs = ARRAY_SIZE(ipsec_engine_algs);
1641 engine->aeads = ipsec_engine_aeads;
1642 engine->num_aeads = ARRAY_SIZE(ipsec_engine_aeads);
1643 } else if (of_device_is_compatible(np, "picochip,spacc-l2")) {
1644 engine->max_ctxs = SPACC_CRYPTO_L2_MAX_CTXS;
1645 engine->cipher_pg_sz = SPACC_CRYPTO_L2_CIPHER_PG_SZ;
1646 engine->hash_pg_sz = SPACC_CRYPTO_L2_HASH_PG_SZ;
1647 engine->fifo_sz = SPACC_CRYPTO_L2_FIFO_SZ;
1648 engine->algs = l2_engine_algs;
1649 engine->num_algs = ARRAY_SIZE(l2_engine_algs);
1654 engine->name = dev_name(&pdev->dev);
1656 mem = platform_get_resource(pdev, IORESOURCE_MEM, 0);
1657 engine->regs = devm_ioremap_resource(&pdev->dev, mem);
1658 if (IS_ERR(engine->regs))
1659 return PTR_ERR(engine->regs);
1661 irq = platform_get_resource(pdev, IORESOURCE_IRQ, 0);
1663 dev_err(&pdev->dev, "no memory/irq resource for engine\n");
1667 if (devm_request_irq(&pdev->dev, irq->start, spacc_spacc_irq, 0,
1668 engine->name, engine)) {
1669 dev_err(engine->dev, "failed to request IRQ\n");
1673 engine->dev = &pdev->dev;
1674 engine->cipher_ctx_base = engine->regs + SPA_CIPH_KEY_BASE_REG_OFFSET;
1675 engine->hash_key_base = engine->regs + SPA_HASH_KEY_BASE_REG_OFFSET;
1677 engine->req_pool = dmam_pool_create(engine->name, engine->dev,
1678 MAX_DDT_LEN * sizeof(struct spacc_ddt), 8, SZ_64K);
1679 if (!engine->req_pool)
1682 spin_lock_init(&engine->hw_lock);
1684 engine->clk = clk_get(&pdev->dev, "ref");
1685 if (IS_ERR(engine->clk)) {
1686 dev_info(&pdev->dev, "clk unavailable\n");
1687 return PTR_ERR(engine->clk);
1690 if (clk_prepare_enable(engine->clk)) {
1691 dev_info(&pdev->dev, "unable to prepare/enable clk\n");
1696 ret = device_create_file(&pdev->dev, &dev_attr_stat_irq_thresh);
1698 goto err_clk_disable;
1702 * Use an IRQ threshold of 50% as a default. This seems to be a
1703 * reasonable trade off of latency against throughput but can be
1704 * changed at runtime.
1706 engine->stat_irq_thresh = (engine->fifo_sz / 2);
1709 * Configure the interrupts. We only use the STAT_CNT interrupt as we
1710 * only submit a new packet for processing when we complete another in
1711 * the queue. This minimizes time spent in the interrupt handler.
1713 writel(engine->stat_irq_thresh << SPA_IRQ_CTRL_STAT_CNT_OFFSET,
1714 engine->regs + SPA_IRQ_CTRL_REG_OFFSET);
1715 writel(SPA_IRQ_EN_STAT_EN | SPA_IRQ_EN_GLBL_EN,
1716 engine->regs + SPA_IRQ_EN_REG_OFFSET);
1718 timer_setup(&engine->packet_timeout, spacc_packet_timeout, 0);
1720 INIT_LIST_HEAD(&engine->pending);
1721 INIT_LIST_HEAD(&engine->completed);
1722 INIT_LIST_HEAD(&engine->in_progress);
1723 engine->in_flight = 0;
1724 tasklet_init(&engine->complete, spacc_spacc_complete,
1725 (unsigned long)engine);
1727 platform_set_drvdata(pdev, engine);
1730 INIT_LIST_HEAD(&engine->registered_algs);
1731 for (i = 0; i < engine->num_algs; ++i) {
1732 engine->algs[i].engine = engine;
1733 err = crypto_register_alg(&engine->algs[i].alg);
1735 list_add_tail(&engine->algs[i].entry,
1736 &engine->registered_algs);
1740 dev_err(engine->dev, "failed to register alg \"%s\"\n",
1741 engine->algs[i].alg.cra_name);
1743 dev_dbg(engine->dev, "registered alg \"%s\"\n",
1744 engine->algs[i].alg.cra_name);
1747 INIT_LIST_HEAD(&engine->registered_aeads);
1748 for (i = 0; i < engine->num_aeads; ++i) {
1749 engine->aeads[i].engine = engine;
1750 err = crypto_register_aead(&engine->aeads[i].alg);
1752 list_add_tail(&engine->aeads[i].entry,
1753 &engine->registered_aeads);
1757 dev_err(engine->dev, "failed to register alg \"%s\"\n",
1758 engine->aeads[i].alg.base.cra_name);
1760 dev_dbg(engine->dev, "registered alg \"%s\"\n",
1761 engine->aeads[i].alg.base.cra_name);
1767 del_timer_sync(&engine->packet_timeout);
1768 device_remove_file(&pdev->dev, &dev_attr_stat_irq_thresh);
1770 clk_disable_unprepare(engine->clk);
1772 clk_put(engine->clk);
1777 static int spacc_remove(struct platform_device *pdev)
1779 struct spacc_aead *aead, *an;
1780 struct spacc_alg *alg, *next;
1781 struct spacc_engine *engine = platform_get_drvdata(pdev);
1783 del_timer_sync(&engine->packet_timeout);
1784 device_remove_file(&pdev->dev, &dev_attr_stat_irq_thresh);
1786 list_for_each_entry_safe(aead, an, &engine->registered_aeads, entry) {
1787 list_del(&aead->entry);
1788 crypto_unregister_aead(&aead->alg);
1791 list_for_each_entry_safe(alg, next, &engine->registered_algs, entry) {
1792 list_del(&alg->entry);
1793 crypto_unregister_alg(&alg->alg);
1796 clk_disable_unprepare(engine->clk);
1797 clk_put(engine->clk);
1802 static struct platform_driver spacc_driver = {
1803 .probe = spacc_probe,
1804 .remove = spacc_remove,
1806 .name = "picochip,spacc",
1808 .pm = &spacc_pm_ops,
1809 #endif /* CONFIG_PM */
1810 .of_match_table = of_match_ptr(spacc_of_id_table),
1814 module_platform_driver(spacc_driver);
1816 MODULE_LICENSE("GPL");
1817 MODULE_AUTHOR("Jamie Iles");