1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
55
56#include <crypto/internal/hash.h>
57#include <linux/init.h>
58#include <linux/module.h>
59#include <linux/mm.h>
60#include <linux/cryptohash.h>
61#include <linux/types.h>
62#include <linux/list.h>
63#include <crypto/scatterwalk.h>
64#include <crypto/sha.h>
65#include <crypto/mcryptd.h>
66#include <crypto/crypto_wq.h>
67#include <asm/byteorder.h>
68#include <linux/hardirq.h>
69#include <asm/fpu/api.h>
70#include "sha256_mb_ctx.h"
71
72#define FLUSH_INTERVAL 1000
73
74static struct mcryptd_alg_state sha256_mb_alg_state;
75
76struct sha256_mb_ctx {
77 struct mcryptd_ahash *mcryptd_tfm;
78};
79
80static inline struct mcryptd_hash_request_ctx
81 *cast_hash_to_mcryptd_ctx(struct sha256_hash_ctx *hash_ctx)
82{
83 struct ahash_request *areq;
84
85 areq = container_of((void *) hash_ctx, struct ahash_request, __ctx);
86 return container_of(areq, struct mcryptd_hash_request_ctx, areq);
87}
88
89static inline struct ahash_request
90 *cast_mcryptd_ctx_to_req(struct mcryptd_hash_request_ctx *ctx)
91{
92 return container_of((void *) ctx, struct ahash_request, __ctx);
93}
94
95static void req_ctx_init(struct mcryptd_hash_request_ctx *rctx,
96 struct ahash_request *areq)
97{
98 rctx->flag = HASH_UPDATE;
99}
100
101static asmlinkage void (*sha256_job_mgr_init)(struct sha256_mb_mgr *state);
102static asmlinkage struct job_sha256* (*sha256_job_mgr_submit)
103 (struct sha256_mb_mgr *state, struct job_sha256 *job);
104static asmlinkage struct job_sha256* (*sha256_job_mgr_flush)
105 (struct sha256_mb_mgr *state);
106static asmlinkage struct job_sha256* (*sha256_job_mgr_get_comp_job)
107 (struct sha256_mb_mgr *state);
108
109inline void sha256_init_digest(uint32_t *digest)
110{
111 static const uint32_t initial_digest[SHA256_DIGEST_LENGTH] = {
112 SHA256_H0, SHA256_H1, SHA256_H2, SHA256_H3,
113 SHA256_H4, SHA256_H5, SHA256_H6, SHA256_H7};
114 memcpy(digest, initial_digest, sizeof(initial_digest));
115}
116
117inline uint32_t sha256_pad(uint8_t padblock[SHA256_BLOCK_SIZE * 2],
118 uint64_t total_len)
119{
120 uint32_t i = total_len & (SHA256_BLOCK_SIZE - 1);
121
122 memset(&padblock[i], 0, SHA256_BLOCK_SIZE);
123 padblock[i] = 0x80;
124
125 i += ((SHA256_BLOCK_SIZE - 1) &
126 (0 - (total_len + SHA256_PADLENGTHFIELD_SIZE + 1)))
127 + 1 + SHA256_PADLENGTHFIELD_SIZE;
128
129#if SHA256_PADLENGTHFIELD_SIZE == 16
130 *((uint64_t *) &padblock[i - 16]) = 0;
131#endif
132
133 *((uint64_t *) &padblock[i - 8]) = cpu_to_be64(total_len << 3);
134
135
136 return i >> SHA256_LOG2_BLOCK_SIZE;
137}
138
139static struct sha256_hash_ctx
140 *sha256_ctx_mgr_resubmit(struct sha256_ctx_mgr *mgr,
141 struct sha256_hash_ctx *ctx)
142{
143 while (ctx) {
144 if (ctx->status & HASH_CTX_STS_COMPLETE) {
145
146 ctx->status = HASH_CTX_STS_COMPLETE;
147 return ctx;
148 }
149
150
151
152
153
154 if (ctx->partial_block_buffer_length == 0 &&
155 ctx->incoming_buffer_length) {
156
157 const void *buffer = ctx->incoming_buffer;
158 uint32_t len = ctx->incoming_buffer_length;
159 uint32_t copy_len;
160
161
162
163
164
165 copy_len = len & (SHA256_BLOCK_SIZE-1);
166
167 if (copy_len) {
168 len -= copy_len;
169 memcpy(ctx->partial_block_buffer,
170 ((const char *) buffer + len),
171 copy_len);
172 ctx->partial_block_buffer_length = copy_len;
173 }
174
175 ctx->incoming_buffer_length = 0;
176
177
178 assert((len % SHA256_BLOCK_SIZE) == 0);
179
180
181 len >>= SHA256_LOG2_BLOCK_SIZE;
182
183 if (len) {
184
185 ctx->job.buffer = (uint8_t *) buffer;
186 ctx->job.len = len;
187 ctx = (struct sha256_hash_ctx *)
188 sha256_job_mgr_submit(&mgr->mgr, &ctx->job);
189 continue;
190 }
191 }
192
193
194
195
196
197
198 if (ctx->status & HASH_CTX_STS_LAST) {
199
200 uint8_t *buf = ctx->partial_block_buffer;
201 uint32_t n_extra_blocks =
202 sha256_pad(buf, ctx->total_length);
203
204 ctx->status = (HASH_CTX_STS_PROCESSING |
205 HASH_CTX_STS_COMPLETE);
206 ctx->job.buffer = buf;
207 ctx->job.len = (uint32_t) n_extra_blocks;
208 ctx = (struct sha256_hash_ctx *)
209 sha256_job_mgr_submit(&mgr->mgr, &ctx->job);
210 continue;
211 }
212
213 ctx->status = HASH_CTX_STS_IDLE;
214 return ctx;
215 }
216
217 return NULL;
218}
219
220static struct sha256_hash_ctx
221 *sha256_ctx_mgr_get_comp_ctx(struct sha256_ctx_mgr *mgr)
222{
223
224
225
226
227
228
229
230
231 struct sha256_hash_ctx *ctx;
232
233 ctx = (struct sha256_hash_ctx *) sha256_job_mgr_get_comp_job(&mgr->mgr);
234 return sha256_ctx_mgr_resubmit(mgr, ctx);
235}
236
237static void sha256_ctx_mgr_init(struct sha256_ctx_mgr *mgr)
238{
239 sha256_job_mgr_init(&mgr->mgr);
240}
241
242static struct sha256_hash_ctx *sha256_ctx_mgr_submit(struct sha256_ctx_mgr *mgr,
243 struct sha256_hash_ctx *ctx,
244 const void *buffer,
245 uint32_t len,
246 int flags)
247{
248 if (flags & (~HASH_ENTIRE)) {
249
250
251
252 ctx->error = HASH_CTX_ERROR_INVALID_FLAGS;
253 return ctx;
254 }
255
256 if (ctx->status & HASH_CTX_STS_PROCESSING) {
257
258 ctx->error = HASH_CTX_ERROR_ALREADY_PROCESSING;
259 return ctx;
260 }
261
262 if ((ctx->status & HASH_CTX_STS_COMPLETE) && !(flags & HASH_FIRST)) {
263
264 ctx->error = HASH_CTX_ERROR_ALREADY_COMPLETED;
265 return ctx;
266 }
267
268 if (flags & HASH_FIRST) {
269
270 sha256_init_digest(ctx->job.result_digest);
271
272
273 ctx->total_length = 0;
274
275
276 ctx->partial_block_buffer_length = 0;
277 }
278
279
280 ctx->error = HASH_CTX_ERROR_NONE;
281
282
283 ctx->incoming_buffer = buffer;
284 ctx->incoming_buffer_length = len;
285
286
287
288
289
290 ctx->status = (flags & HASH_LAST) ?
291 (HASH_CTX_STS_PROCESSING | HASH_CTX_STS_LAST) :
292 HASH_CTX_STS_PROCESSING;
293
294
295 ctx->total_length += len;
296
297
298
299
300
301
302
303 if (ctx->partial_block_buffer_length || len < SHA256_BLOCK_SIZE) {
304
305
306
307
308 uint32_t copy_len = SHA256_BLOCK_SIZE -
309 ctx->partial_block_buffer_length;
310 if (len < copy_len)
311 copy_len = len;
312
313 if (copy_len) {
314
315 memcpy(
316 &ctx->partial_block_buffer[ctx->partial_block_buffer_length],
317 buffer, copy_len);
318
319 ctx->partial_block_buffer_length += copy_len;
320 ctx->incoming_buffer = (const void *)
321 ((const char *)buffer + copy_len);
322 ctx->incoming_buffer_length = len - copy_len;
323 }
324
325
326 assert(ctx->partial_block_buffer_length <= SHA256_BLOCK_SIZE);
327
328
329
330
331
332 if (ctx->partial_block_buffer_length >= SHA256_BLOCK_SIZE) {
333 ctx->partial_block_buffer_length = 0;
334
335 ctx->job.buffer = ctx->partial_block_buffer;
336 ctx->job.len = 1;
337 ctx = (struct sha256_hash_ctx *)
338 sha256_job_mgr_submit(&mgr->mgr, &ctx->job);
339 }
340 }
341
342 return sha256_ctx_mgr_resubmit(mgr, ctx);
343}
344
345static struct sha256_hash_ctx *sha256_ctx_mgr_flush(struct sha256_ctx_mgr *mgr)
346{
347 struct sha256_hash_ctx *ctx;
348
349 while (1) {
350 ctx = (struct sha256_hash_ctx *)
351 sha256_job_mgr_flush(&mgr->mgr);
352
353
354 if (!ctx)
355 return NULL;
356
357
358
359
360
361 ctx = sha256_ctx_mgr_resubmit(mgr, ctx);
362
363
364
365
366
367
368 if (ctx)
369 return ctx;
370 }
371}
372
373static int sha256_mb_init(struct ahash_request *areq)
374{
375 struct sha256_hash_ctx *sctx = ahash_request_ctx(areq);
376
377 hash_ctx_init(sctx);
378 sctx->job.result_digest[0] = SHA256_H0;
379 sctx->job.result_digest[1] = SHA256_H1;
380 sctx->job.result_digest[2] = SHA256_H2;
381 sctx->job.result_digest[3] = SHA256_H3;
382 sctx->job.result_digest[4] = SHA256_H4;
383 sctx->job.result_digest[5] = SHA256_H5;
384 sctx->job.result_digest[6] = SHA256_H6;
385 sctx->job.result_digest[7] = SHA256_H7;
386 sctx->total_length = 0;
387 sctx->partial_block_buffer_length = 0;
388 sctx->status = HASH_CTX_STS_IDLE;
389
390 return 0;
391}
392
393static int sha256_mb_set_results(struct mcryptd_hash_request_ctx *rctx)
394{
395 int i;
396 struct sha256_hash_ctx *sctx = ahash_request_ctx(&rctx->areq);
397 __be32 *dst = (__be32 *) rctx->out;
398
399 for (i = 0; i < 8; ++i)
400 dst[i] = cpu_to_be32(sctx->job.result_digest[i]);
401
402 return 0;
403}
404
405static int sha_finish_walk(struct mcryptd_hash_request_ctx **ret_rctx,
406 struct mcryptd_alg_cstate *cstate, bool flush)
407{
408 int flag = HASH_UPDATE;
409 int nbytes, err = 0;
410 struct mcryptd_hash_request_ctx *rctx = *ret_rctx;
411 struct sha256_hash_ctx *sha_ctx;
412
413
414 while (!(rctx->flag & HASH_DONE)) {
415 nbytes = crypto_ahash_walk_done(&rctx->walk, 0);
416 if (nbytes < 0) {
417 err = nbytes;
418 goto out;
419 }
420
421 if (crypto_ahash_walk_last(&rctx->walk)) {
422 rctx->flag |= HASH_DONE;
423 if (rctx->flag & HASH_FINAL)
424 flag |= HASH_LAST;
425
426 }
427 sha_ctx = (struct sha256_hash_ctx *)
428 ahash_request_ctx(&rctx->areq);
429 kernel_fpu_begin();
430 sha_ctx = sha256_ctx_mgr_submit(cstate->mgr, sha_ctx,
431 rctx->walk.data, nbytes, flag);
432 if (!sha_ctx) {
433 if (flush)
434 sha_ctx = sha256_ctx_mgr_flush(cstate->mgr);
435 }
436 kernel_fpu_end();
437 if (sha_ctx)
438 rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
439 else {
440 rctx = NULL;
441 goto out;
442 }
443 }
444
445
446 if (rctx->flag & HASH_FINAL)
447 sha256_mb_set_results(rctx);
448
449out:
450 *ret_rctx = rctx;
451 return err;
452}
453
454static int sha_complete_job(struct mcryptd_hash_request_ctx *rctx,
455 struct mcryptd_alg_cstate *cstate,
456 int err)
457{
458 struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
459 struct sha256_hash_ctx *sha_ctx;
460 struct mcryptd_hash_request_ctx *req_ctx;
461 int ret;
462
463
464 spin_lock(&cstate->work_lock);
465 list_del(&rctx->waiter);
466 spin_unlock(&cstate->work_lock);
467
468 if (irqs_disabled())
469 rctx->complete(&req->base, err);
470 else {
471 local_bh_disable();
472 rctx->complete(&req->base, err);
473 local_bh_enable();
474 }
475
476
477 sha_ctx = sha256_ctx_mgr_get_comp_ctx(cstate->mgr);
478 while (sha_ctx) {
479 req_ctx = cast_hash_to_mcryptd_ctx(sha_ctx);
480 ret = sha_finish_walk(&req_ctx, cstate, false);
481 if (req_ctx) {
482 spin_lock(&cstate->work_lock);
483 list_del(&req_ctx->waiter);
484 spin_unlock(&cstate->work_lock);
485
486 req = cast_mcryptd_ctx_to_req(req_ctx);
487 if (irqs_disabled())
488 req_ctx->complete(&req->base, ret);
489 else {
490 local_bh_disable();
491 req_ctx->complete(&req->base, ret);
492 local_bh_enable();
493 }
494 }
495 sha_ctx = sha256_ctx_mgr_get_comp_ctx(cstate->mgr);
496 }
497
498 return 0;
499}
500
501static void sha256_mb_add_list(struct mcryptd_hash_request_ctx *rctx,
502 struct mcryptd_alg_cstate *cstate)
503{
504 unsigned long next_flush;
505 unsigned long delay = usecs_to_jiffies(FLUSH_INTERVAL);
506
507
508 rctx->tag.arrival = jiffies;
509 rctx->tag.seq_num = cstate->next_seq_num++;
510 next_flush = rctx->tag.arrival + delay;
511 rctx->tag.expire = next_flush;
512
513 spin_lock(&cstate->work_lock);
514 list_add_tail(&rctx->waiter, &cstate->work_list);
515 spin_unlock(&cstate->work_lock);
516
517 mcryptd_arm_flusher(cstate, delay);
518}
519
520static int sha256_mb_update(struct ahash_request *areq)
521{
522 struct mcryptd_hash_request_ctx *rctx =
523 container_of(areq, struct mcryptd_hash_request_ctx, areq);
524 struct mcryptd_alg_cstate *cstate =
525 this_cpu_ptr(sha256_mb_alg_state.alg_cstate);
526
527 struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
528 struct sha256_hash_ctx *sha_ctx;
529 int ret = 0, nbytes;
530
531
532 if (rctx->tag.cpu != smp_processor_id()) {
533 pr_err("mcryptd error: cpu clash\n");
534 goto done;
535 }
536
537
538 req_ctx_init(rctx, areq);
539
540 nbytes = crypto_ahash_walk_first(req, &rctx->walk);
541
542 if (nbytes < 0) {
543 ret = nbytes;
544 goto done;
545 }
546
547 if (crypto_ahash_walk_last(&rctx->walk))
548 rctx->flag |= HASH_DONE;
549
550
551 sha_ctx = (struct sha256_hash_ctx *) ahash_request_ctx(areq);
552 sha256_mb_add_list(rctx, cstate);
553 kernel_fpu_begin();
554 sha_ctx = sha256_ctx_mgr_submit(cstate->mgr, sha_ctx, rctx->walk.data,
555 nbytes, HASH_UPDATE);
556 kernel_fpu_end();
557
558
559 if (!sha_ctx)
560 return -EINPROGRESS;
561
562 if (sha_ctx->error) {
563 ret = sha_ctx->error;
564 rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
565 goto done;
566 }
567
568 rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
569 ret = sha_finish_walk(&rctx, cstate, false);
570
571 if (!rctx)
572 return -EINPROGRESS;
573done:
574 sha_complete_job(rctx, cstate, ret);
575 return ret;
576}
577
578static int sha256_mb_finup(struct ahash_request *areq)
579{
580 struct mcryptd_hash_request_ctx *rctx =
581 container_of(areq, struct mcryptd_hash_request_ctx, areq);
582 struct mcryptd_alg_cstate *cstate =
583 this_cpu_ptr(sha256_mb_alg_state.alg_cstate);
584
585 struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
586 struct sha256_hash_ctx *sha_ctx;
587 int ret = 0, flag = HASH_UPDATE, nbytes;
588
589
590 if (rctx->tag.cpu != smp_processor_id()) {
591 pr_err("mcryptd error: cpu clash\n");
592 goto done;
593 }
594
595
596 req_ctx_init(rctx, areq);
597
598 nbytes = crypto_ahash_walk_first(req, &rctx->walk);
599
600 if (nbytes < 0) {
601 ret = nbytes;
602 goto done;
603 }
604
605 if (crypto_ahash_walk_last(&rctx->walk)) {
606 rctx->flag |= HASH_DONE;
607 flag = HASH_LAST;
608 }
609
610
611 rctx->flag |= HASH_FINAL;
612 sha_ctx = (struct sha256_hash_ctx *) ahash_request_ctx(areq);
613 sha256_mb_add_list(rctx, cstate);
614
615 kernel_fpu_begin();
616 sha_ctx = sha256_ctx_mgr_submit(cstate->mgr, sha_ctx, rctx->walk.data,
617 nbytes, flag);
618 kernel_fpu_end();
619
620
621 if (!sha_ctx)
622 return -EINPROGRESS;
623
624 if (sha_ctx->error) {
625 ret = sha_ctx->error;
626 goto done;
627 }
628
629 rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
630 ret = sha_finish_walk(&rctx, cstate, false);
631 if (!rctx)
632 return -EINPROGRESS;
633done:
634 sha_complete_job(rctx, cstate, ret);
635 return ret;
636}
637
638static int sha256_mb_final(struct ahash_request *areq)
639{
640 struct mcryptd_hash_request_ctx *rctx =
641 container_of(areq, struct mcryptd_hash_request_ctx,
642 areq);
643 struct mcryptd_alg_cstate *cstate =
644 this_cpu_ptr(sha256_mb_alg_state.alg_cstate);
645
646 struct sha256_hash_ctx *sha_ctx;
647 int ret = 0;
648 u8 data;
649
650
651 if (rctx->tag.cpu != smp_processor_id()) {
652 pr_err("mcryptd error: cpu clash\n");
653 goto done;
654 }
655
656
657 req_ctx_init(rctx, areq);
658
659 rctx->flag |= HASH_DONE | HASH_FINAL;
660
661 sha_ctx = (struct sha256_hash_ctx *) ahash_request_ctx(areq);
662
663 sha256_mb_add_list(rctx, cstate);
664 kernel_fpu_begin();
665 sha_ctx = sha256_ctx_mgr_submit(cstate->mgr, sha_ctx, &data, 0,
666 HASH_LAST);
667 kernel_fpu_end();
668
669
670 if (!sha_ctx)
671 return -EINPROGRESS;
672
673 if (sha_ctx->error) {
674 ret = sha_ctx->error;
675 rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
676 goto done;
677 }
678
679 rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
680 ret = sha_finish_walk(&rctx, cstate, false);
681 if (!rctx)
682 return -EINPROGRESS;
683done:
684 sha_complete_job(rctx, cstate, ret);
685 return ret;
686}
687
688static int sha256_mb_export(struct ahash_request *areq, void *out)
689{
690 struct sha256_hash_ctx *sctx = ahash_request_ctx(areq);
691
692 memcpy(out, sctx, sizeof(*sctx));
693
694 return 0;
695}
696
697static int sha256_mb_import(struct ahash_request *areq, const void *in)
698{
699 struct sha256_hash_ctx *sctx = ahash_request_ctx(areq);
700
701 memcpy(sctx, in, sizeof(*sctx));
702
703 return 0;
704}
705
706static int sha256_mb_async_init_tfm(struct crypto_tfm *tfm)
707{
708 struct mcryptd_ahash *mcryptd_tfm;
709 struct sha256_mb_ctx *ctx = crypto_tfm_ctx(tfm);
710 struct mcryptd_hash_ctx *mctx;
711
712 mcryptd_tfm = mcryptd_alloc_ahash("__intel_sha256-mb",
713 CRYPTO_ALG_INTERNAL,
714 CRYPTO_ALG_INTERNAL);
715 if (IS_ERR(mcryptd_tfm))
716 return PTR_ERR(mcryptd_tfm);
717 mctx = crypto_ahash_ctx(&mcryptd_tfm->base);
718 mctx->alg_state = &sha256_mb_alg_state;
719 ctx->mcryptd_tfm = mcryptd_tfm;
720 crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
721 sizeof(struct ahash_request) +
722 crypto_ahash_reqsize(&mcryptd_tfm->base));
723
724 return 0;
725}
726
727static void sha256_mb_async_exit_tfm(struct crypto_tfm *tfm)
728{
729 struct sha256_mb_ctx *ctx = crypto_tfm_ctx(tfm);
730
731 mcryptd_free_ahash(ctx->mcryptd_tfm);
732}
733
734static int sha256_mb_areq_init_tfm(struct crypto_tfm *tfm)
735{
736 crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
737 sizeof(struct ahash_request) +
738 sizeof(struct sha256_hash_ctx));
739
740 return 0;
741}
742
743static void sha256_mb_areq_exit_tfm(struct crypto_tfm *tfm)
744{
745 struct sha256_mb_ctx *ctx = crypto_tfm_ctx(tfm);
746
747 mcryptd_free_ahash(ctx->mcryptd_tfm);
748}
749
750static struct ahash_alg sha256_mb_areq_alg = {
751 .init = sha256_mb_init,
752 .update = sha256_mb_update,
753 .final = sha256_mb_final,
754 .finup = sha256_mb_finup,
755 .export = sha256_mb_export,
756 .import = sha256_mb_import,
757 .halg = {
758 .digestsize = SHA256_DIGEST_SIZE,
759 .statesize = sizeof(struct sha256_hash_ctx),
760 .base = {
761 .cra_name = "__sha256-mb",
762 .cra_driver_name = "__intel_sha256-mb",
763 .cra_priority = 100,
764
765
766
767
768
769 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
770 CRYPTO_ALG_ASYNC |
771 CRYPTO_ALG_INTERNAL,
772 .cra_blocksize = SHA256_BLOCK_SIZE,
773 .cra_module = THIS_MODULE,
774 .cra_list = LIST_HEAD_INIT
775 (sha256_mb_areq_alg.halg.base.cra_list),
776 .cra_init = sha256_mb_areq_init_tfm,
777 .cra_exit = sha256_mb_areq_exit_tfm,
778 .cra_ctxsize = sizeof(struct sha256_hash_ctx),
779 }
780 }
781};
782
783static int sha256_mb_async_init(struct ahash_request *req)
784{
785 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
786 struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
787 struct ahash_request *mcryptd_req = ahash_request_ctx(req);
788 struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
789
790 memcpy(mcryptd_req, req, sizeof(*req));
791 ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
792 return crypto_ahash_init(mcryptd_req);
793}
794
795static int sha256_mb_async_update(struct ahash_request *req)
796{
797 struct ahash_request *mcryptd_req = ahash_request_ctx(req);
798
799 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
800 struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
801 struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
802
803 memcpy(mcryptd_req, req, sizeof(*req));
804 ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
805 return crypto_ahash_update(mcryptd_req);
806}
807
808static int sha256_mb_async_finup(struct ahash_request *req)
809{
810 struct ahash_request *mcryptd_req = ahash_request_ctx(req);
811
812 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
813 struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
814 struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
815
816 memcpy(mcryptd_req, req, sizeof(*req));
817 ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
818 return crypto_ahash_finup(mcryptd_req);
819}
820
821static int sha256_mb_async_final(struct ahash_request *req)
822{
823 struct ahash_request *mcryptd_req = ahash_request_ctx(req);
824
825 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
826 struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
827 struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
828
829 memcpy(mcryptd_req, req, sizeof(*req));
830 ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
831 return crypto_ahash_final(mcryptd_req);
832}
833
834static int sha256_mb_async_digest(struct ahash_request *req)
835{
836 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
837 struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
838 struct ahash_request *mcryptd_req = ahash_request_ctx(req);
839 struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
840
841 memcpy(mcryptd_req, req, sizeof(*req));
842 ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
843 return crypto_ahash_digest(mcryptd_req);
844}
845
846static int sha256_mb_async_export(struct ahash_request *req, void *out)
847{
848 struct ahash_request *mcryptd_req = ahash_request_ctx(req);
849 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
850 struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
851 struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
852
853 memcpy(mcryptd_req, req, sizeof(*req));
854 ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
855 return crypto_ahash_export(mcryptd_req, out);
856}
857
858static int sha256_mb_async_import(struct ahash_request *req, const void *in)
859{
860 struct ahash_request *mcryptd_req = ahash_request_ctx(req);
861 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
862 struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
863 struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
864 struct crypto_ahash *child = mcryptd_ahash_child(mcryptd_tfm);
865 struct mcryptd_hash_request_ctx *rctx;
866 struct ahash_request *areq;
867
868 memcpy(mcryptd_req, req, sizeof(*req));
869 ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
870 rctx = ahash_request_ctx(mcryptd_req);
871 areq = &rctx->areq;
872
873 ahash_request_set_tfm(areq, child);
874 ahash_request_set_callback(areq, CRYPTO_TFM_REQ_MAY_SLEEP,
875 rctx->complete, req);
876
877 return crypto_ahash_import(mcryptd_req, in);
878}
879
880static struct ahash_alg sha256_mb_async_alg = {
881 .init = sha256_mb_async_init,
882 .update = sha256_mb_async_update,
883 .final = sha256_mb_async_final,
884 .finup = sha256_mb_async_finup,
885 .export = sha256_mb_async_export,
886 .import = sha256_mb_async_import,
887 .digest = sha256_mb_async_digest,
888 .halg = {
889 .digestsize = SHA256_DIGEST_SIZE,
890 .statesize = sizeof(struct sha256_hash_ctx),
891 .base = {
892 .cra_name = "sha256",
893 .cra_driver_name = "sha256_mb",
894 .cra_priority = 200,
895 .cra_flags = CRYPTO_ALG_TYPE_AHASH |
896 CRYPTO_ALG_ASYNC,
897 .cra_blocksize = SHA256_BLOCK_SIZE,
898 .cra_type = &crypto_ahash_type,
899 .cra_module = THIS_MODULE,
900 .cra_list = LIST_HEAD_INIT
901 (sha256_mb_async_alg.halg.base.cra_list),
902 .cra_init = sha256_mb_async_init_tfm,
903 .cra_exit = sha256_mb_async_exit_tfm,
904 .cra_ctxsize = sizeof(struct sha256_mb_ctx),
905 .cra_alignmask = 0,
906 },
907 },
908};
909
910static unsigned long sha256_mb_flusher(struct mcryptd_alg_cstate *cstate)
911{
912 struct mcryptd_hash_request_ctx *rctx;
913 unsigned long cur_time;
914 unsigned long next_flush = 0;
915 struct sha256_hash_ctx *sha_ctx;
916
917
918 cur_time = jiffies;
919
920 while (!list_empty(&cstate->work_list)) {
921 rctx = list_entry(cstate->work_list.next,
922 struct mcryptd_hash_request_ctx, waiter);
923 if (time_before(cur_time, rctx->tag.expire))
924 break;
925 kernel_fpu_begin();
926 sha_ctx = (struct sha256_hash_ctx *)
927 sha256_ctx_mgr_flush(cstate->mgr);
928 kernel_fpu_end();
929 if (!sha_ctx) {
930 pr_err("sha256_mb error: nothing got"
931 " flushed for non-empty list\n");
932 break;
933 }
934 rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
935 sha_finish_walk(&rctx, cstate, true);
936 sha_complete_job(rctx, cstate, 0);
937 }
938
939 if (!list_empty(&cstate->work_list)) {
940 rctx = list_entry(cstate->work_list.next,
941 struct mcryptd_hash_request_ctx, waiter);
942
943 next_flush = rctx->tag.expire;
944 mcryptd_arm_flusher(cstate, get_delay(next_flush));
945 }
946 return next_flush;
947}
948
949static int __init sha256_mb_mod_init(void)
950{
951
952 int cpu;
953 int err;
954 struct mcryptd_alg_cstate *cpu_state;
955
956
957 if (!boot_cpu_has(X86_FEATURE_AVX2) ||
958 !boot_cpu_has(X86_FEATURE_BMI2))
959 return -ENODEV;
960
961
962 sha256_mb_alg_state.alg_cstate = alloc_percpu
963 (struct mcryptd_alg_cstate);
964
965 sha256_job_mgr_init = sha256_mb_mgr_init_avx2;
966 sha256_job_mgr_submit = sha256_mb_mgr_submit_avx2;
967 sha256_job_mgr_flush = sha256_mb_mgr_flush_avx2;
968 sha256_job_mgr_get_comp_job = sha256_mb_mgr_get_comp_job_avx2;
969
970 if (!sha256_mb_alg_state.alg_cstate)
971 return -ENOMEM;
972 for_each_possible_cpu(cpu) {
973 cpu_state = per_cpu_ptr(sha256_mb_alg_state.alg_cstate, cpu);
974 cpu_state->next_flush = 0;
975 cpu_state->next_seq_num = 0;
976 cpu_state->flusher_engaged = false;
977 INIT_DELAYED_WORK(&cpu_state->flush, mcryptd_flusher);
978 cpu_state->cpu = cpu;
979 cpu_state->alg_state = &sha256_mb_alg_state;
980 cpu_state->mgr = kzalloc(sizeof(struct sha256_ctx_mgr),
981 GFP_KERNEL);
982 if (!cpu_state->mgr)
983 goto err2;
984 sha256_ctx_mgr_init(cpu_state->mgr);
985 INIT_LIST_HEAD(&cpu_state->work_list);
986 spin_lock_init(&cpu_state->work_lock);
987 }
988 sha256_mb_alg_state.flusher = &sha256_mb_flusher;
989
990 err = crypto_register_ahash(&sha256_mb_areq_alg);
991 if (err)
992 goto err2;
993 err = crypto_register_ahash(&sha256_mb_async_alg);
994 if (err)
995 goto err1;
996
997
998 return 0;
999err1:
1000 crypto_unregister_ahash(&sha256_mb_areq_alg);
1001err2:
1002 for_each_possible_cpu(cpu) {
1003 cpu_state = per_cpu_ptr(sha256_mb_alg_state.alg_cstate, cpu);
1004 kfree(cpu_state->mgr);
1005 }
1006 free_percpu(sha256_mb_alg_state.alg_cstate);
1007 return -ENODEV;
1008}
1009
1010static void __exit sha256_mb_mod_fini(void)
1011{
1012 int cpu;
1013 struct mcryptd_alg_cstate *cpu_state;
1014
1015 crypto_unregister_ahash(&sha256_mb_async_alg);
1016 crypto_unregister_ahash(&sha256_mb_areq_alg);
1017 for_each_possible_cpu(cpu) {
1018 cpu_state = per_cpu_ptr(sha256_mb_alg_state.alg_cstate, cpu);
1019 kfree(cpu_state->mgr);
1020 }
1021 free_percpu(sha256_mb_alg_state.alg_cstate);
1022}
1023
1024module_init(sha256_mb_mod_init);
1025module_exit(sha256_mb_mod_fini);
1026
1027MODULE_LICENSE("GPL");
1028MODULE_DESCRIPTION("SHA256 Secure Hash Algorithm, multi buffer accelerated");
1029
1030MODULE_ALIAS_CRYPTO("sha256");
1031