LXR linux/drivers/staging/ccree/ssi

   1/*
   2 * Copyright (C) 2012-2017 ARM Limited or its affiliates.
   3 *
   4 * This program is free software; you can redistribute it and/or modify
   5 * it under the terms of the GNU General Public License version 2 as
   6 * published by the Free Software Foundation.
   7 *
   8 * This program is distributed in the hope that it will be useful,
   9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  11 * GNU General Public License for more details.
  12 *
  13 * You should have received a copy of the GNU General Public License
  14 * along with this program; if not, see <http://www.gnu.org/licenses/>.
  15 */
  16
  17#include <linux/platform_device.h>
  18#include <crypto/ctr.h>
  19#include "ssi_config.h"
  20#include "ssi_driver.h"
  21#include "ssi_ivgen.h"
  22#include "ssi_request_mgr.h"
  23#include "ssi_sram_mgr.h"
  24#include "ssi_buffer_mgr.h"
  25
  26/* The max. size of pool *MUST* be <= SRAM total size */
  27#define SSI_IVPOOL_SIZE 1024
  28/* The first 32B fraction of pool are dedicated to the
  29 * next encryption "key" & "IV" for pool regeneration
  30 */
  31#define SSI_IVPOOL_META_SIZE (CC_AES_IV_SIZE + AES_KEYSIZE_128)
  32#define SSI_IVPOOL_GEN_SEQ_LEN  4
  33
  34/**
  35 * struct ssi_ivgen_ctx -IV pool generation context
  36 * @pool:          the start address of the iv-pool resides in internal RAM
  37 * @ctr_key_dma:   address of pool's encryption key material in internal RAM
  38 * @ctr_iv_dma:    address of pool's counter iv in internal RAM
  39 * @next_iv_ofs:   the offset to the next available IV in pool
  40 * @pool_meta:     virt. address of the initial enc. key/IV
  41 * @pool_meta_dma: phys. address of the initial enc. key/IV
  42 */
  43struct ssi_ivgen_ctx {
  44        ssi_sram_addr_t pool;
  45        ssi_sram_addr_t ctr_key;
  46        ssi_sram_addr_t ctr_iv;
  47        u32 next_iv_ofs;
  48        u8 *pool_meta;
  49        dma_addr_t pool_meta_dma;
  50};
  51
  52/*!
  53 * Generates SSI_IVPOOL_SIZE of random bytes by
  54 * encrypting 0's using AES128-CTR.
  55 *
  56 * \param ivgen iv-pool context
  57 * \param iv_seq IN/OUT array to the descriptors sequence
  58 * \param iv_seq_len IN/OUT pointer to the sequence length
  59 */
  60static int ssi_ivgen_generate_pool(
  61        struct ssi_ivgen_ctx *ivgen_ctx,
  62        struct cc_hw_desc iv_seq[],
  63        unsigned int *iv_seq_len)
  64{
  65        unsigned int idx = *iv_seq_len;
  66
  67        if ((*iv_seq_len + SSI_IVPOOL_GEN_SEQ_LEN) > SSI_IVPOOL_SEQ_LEN) {
  68                /* The sequence will be longer than allowed */
  69                return -EINVAL;
  70        }
  71        /* Setup key */
  72        hw_desc_init(&iv_seq[idx]);
  73        set_din_sram(&iv_seq[idx], ivgen_ctx->ctr_key, AES_KEYSIZE_128);
  74        set_setup_mode(&iv_seq[idx], SETUP_LOAD_KEY0);
  75        set_cipher_config0(&iv_seq[idx], DESC_DIRECTION_ENCRYPT_ENCRYPT);
  76        set_flow_mode(&iv_seq[idx], S_DIN_to_AES);
  77        set_key_size_aes(&iv_seq[idx], CC_AES_128_BIT_KEY_SIZE);
  78        set_cipher_mode(&iv_seq[idx], DRV_CIPHER_CTR);
  79        idx++;
  80
  81        /* Setup cipher state */
  82        hw_desc_init(&iv_seq[idx]);
  83        set_din_sram(&iv_seq[idx], ivgen_ctx->ctr_iv, CC_AES_IV_SIZE);
  84        set_cipher_config0(&iv_seq[idx], DESC_DIRECTION_ENCRYPT_ENCRYPT);
  85        set_flow_mode(&iv_seq[idx], S_DIN_to_AES);
  86        set_setup_mode(&iv_seq[idx], SETUP_LOAD_STATE1);
  87        set_key_size_aes(&iv_seq[idx], CC_AES_128_BIT_KEY_SIZE);
  88        set_cipher_mode(&iv_seq[idx], DRV_CIPHER_CTR);
  89        idx++;
  90
  91        /* Perform dummy encrypt to skip first block */
  92        hw_desc_init(&iv_seq[idx]);
  93        set_din_const(&iv_seq[idx], 0, CC_AES_IV_SIZE);
  94        set_dout_sram(&iv_seq[idx], ivgen_ctx->pool, CC_AES_IV_SIZE);
  95        set_flow_mode(&iv_seq[idx], DIN_AES_DOUT);
  96        idx++;
  97
  98        /* Generate IV pool */
  99        hw_desc_init(&iv_seq[idx]);
 100        set_din_const(&iv_seq[idx], 0, SSI_IVPOOL_SIZE);
 101        set_dout_sram(&iv_seq[idx], ivgen_ctx->pool, SSI_IVPOOL_SIZE);
 102        set_flow_mode(&iv_seq[idx], DIN_AES_DOUT);
 103        idx++;
 104
 105        *iv_seq_len = idx; /* Update sequence length */
 106
 107        /* queue ordering assures pool readiness */
 108        ivgen_ctx->next_iv_ofs = SSI_IVPOOL_META_SIZE;
 109
 110        return 0;
 111}
 112
 113/*!
 114 * Generates the initial pool in SRAM.
 115 * This function should be invoked when resuming DX driver.
 116 *
 117 * \param drvdata
 118 *
 119 * \return int Zero for success, negative value otherwise.
 120 */
 121int ssi_ivgen_init_sram_pool(struct ssi_drvdata *drvdata)
 122{
 123        struct ssi_ivgen_ctx *ivgen_ctx = drvdata->ivgen_handle;
 124        struct cc_hw_desc iv_seq[SSI_IVPOOL_SEQ_LEN];
 125        unsigned int iv_seq_len = 0;
 126        int rc;
 127
 128        /* Generate initial enc. key/iv */
 129        get_random_bytes(ivgen_ctx->pool_meta, SSI_IVPOOL_META_SIZE);
 130
 131        /* The first 32B reserved for the enc. Key/IV */
 132        ivgen_ctx->ctr_key = ivgen_ctx->pool;
 133        ivgen_ctx->ctr_iv = ivgen_ctx->pool + AES_KEYSIZE_128;
 134
 135        /* Copy initial enc. key and IV to SRAM at a single descriptor */
 136        hw_desc_init(&iv_seq[iv_seq_len]);
 137        set_din_type(&iv_seq[iv_seq_len], DMA_DLLI, ivgen_ctx->pool_meta_dma,
 138                     SSI_IVPOOL_META_SIZE, NS_BIT);
 139        set_dout_sram(&iv_seq[iv_seq_len], ivgen_ctx->pool,
 140                      SSI_IVPOOL_META_SIZE);
 141        set_flow_mode(&iv_seq[iv_seq_len], BYPASS);
 142        iv_seq_len++;
 143
 144        /* Generate initial pool */
 145        rc = ssi_ivgen_generate_pool(ivgen_ctx, iv_seq, &iv_seq_len);
 146        if (unlikely(rc != 0))
 147                return rc;
 148
 149        /* Fire-and-forget */
 150        return send_request_init(drvdata, iv_seq, iv_seq_len);
 151}
 152
 153/*!
 154 * Free iv-pool and ivgen context.
 155 *
 156 * \param drvdata
 157 */
 158void ssi_ivgen_fini(struct ssi_drvdata *drvdata)
 159{
 160        struct ssi_ivgen_ctx *ivgen_ctx = drvdata->ivgen_handle;
 161        struct device *device = &(drvdata->plat_dev->dev);
 162
 163        if (!ivgen_ctx)
 164                return;
 165
 166        if (ivgen_ctx->pool_meta) {
 167                memset(ivgen_ctx->pool_meta, 0, SSI_IVPOOL_META_SIZE);
 168                dma_free_coherent(device, SSI_IVPOOL_META_SIZE,
 169                        ivgen_ctx->pool_meta, ivgen_ctx->pool_meta_dma);
 170        }
 171
 172        ivgen_ctx->pool = NULL_SRAM_ADDR;
 173
 174        /* release "this" context */
 175        kfree(ivgen_ctx);
 176}
 177
 178/*!
 179 * Allocates iv-pool and maps resources.
 180 * This function generates the first IV pool.
 181 *
 182 * \param drvdata Driver's private context
 183 *
 184 * \return int Zero for success, negative value otherwise.
 185 */
 186int ssi_ivgen_init(struct ssi_drvdata *drvdata)
 187{
 188        struct ssi_ivgen_ctx *ivgen_ctx;
 189        struct device *device = &drvdata->plat_dev->dev;
 190        int rc;
 191
 192        /* Allocate "this" context */
 193        drvdata->ivgen_handle = kzalloc(sizeof(struct ssi_ivgen_ctx), GFP_KERNEL);
 194        if (!drvdata->ivgen_handle) {
 195                SSI_LOG_ERR("Not enough memory to allocate IVGEN context "
 196                           "(%zu B)\n", sizeof(struct ssi_ivgen_ctx));
 197                rc = -ENOMEM;
 198                goto out;
 199        }
 200        ivgen_ctx = drvdata->ivgen_handle;
 201
 202        /* Allocate pool's header for intial enc. key/IV */
 203        ivgen_ctx->pool_meta = dma_alloc_coherent(device, SSI_IVPOOL_META_SIZE,
 204                        &ivgen_ctx->pool_meta_dma, GFP_KERNEL);
 205        if (!ivgen_ctx->pool_meta) {
 206                SSI_LOG_ERR("Not enough memory to allocate DMA of pool_meta "
 207                           "(%u B)\n", SSI_IVPOOL_META_SIZE);
 208                rc = -ENOMEM;
 209                goto out;
 210        }
 211        /* Allocate IV pool in SRAM */
 212        ivgen_ctx->pool = ssi_sram_mgr_alloc(drvdata, SSI_IVPOOL_SIZE);
 213        if (ivgen_ctx->pool == NULL_SRAM_ADDR) {
 214                SSI_LOG_ERR("SRAM pool exhausted\n");
 215                rc = -ENOMEM;
 216                goto out;
 217        }
 218
 219        return ssi_ivgen_init_sram_pool(drvdata);
 220
 221out:
 222        ssi_ivgen_fini(drvdata);
 223        return rc;
 224}
 225
 226/*!
 227 * Acquires 16 Bytes IV from the iv-pool
 228 *
 229 * \param drvdata Driver private context
 230 * \param iv_out_dma Array of physical IV out addresses
 231 * \param iv_out_dma_len Length of iv_out_dma array (additional elements of iv_out_dma array are ignore)
 232 * \param iv_out_size May be 8 or 16 bytes long
 233 * \param iv_seq IN/OUT array to the descriptors sequence
 234 * \param iv_seq_len IN/OUT pointer to the sequence length
 235 *
 236 * \return int Zero for success, negative value otherwise.
 237 */
 238int ssi_ivgen_getiv(
 239        struct ssi_drvdata *drvdata,
 240        dma_addr_t iv_out_dma[],
 241        unsigned int iv_out_dma_len,
 242        unsigned int iv_out_size,
 243        struct cc_hw_desc iv_seq[],
 244        unsigned int *iv_seq_len)
 245{
 246        struct ssi_ivgen_ctx *ivgen_ctx = drvdata->ivgen_handle;
 247        unsigned int idx = *iv_seq_len;
 248        unsigned int t;
 249
 250        if ((iv_out_size != CC_AES_IV_SIZE) &&
 251            (iv_out_size != CTR_RFC3686_IV_SIZE)) {
 252                return -EINVAL;
 253        }
 254        if ((iv_out_dma_len + 1) > SSI_IVPOOL_SEQ_LEN) {
 255                /* The sequence will be longer than allowed */
 256                return -EINVAL;
 257        }
 258
 259        //check that number of generated IV is limited to max dma address iv buffer size
 260        if (iv_out_dma_len > SSI_MAX_IVGEN_DMA_ADDRESSES) {
 261                /* The sequence will be longer than allowed */
 262                return -EINVAL;
 263        }
 264
 265        for (t = 0; t < iv_out_dma_len; t++) {
 266                /* Acquire IV from pool */
 267                hw_desc_init(&iv_seq[idx]);
 268                set_din_sram(&iv_seq[idx], (ivgen_ctx->pool +
 269                                            ivgen_ctx->next_iv_ofs),
 270                             iv_out_size);
 271                set_dout_dlli(&iv_seq[idx], iv_out_dma[t], iv_out_size,
 272                              NS_BIT, 0);
 273                set_flow_mode(&iv_seq[idx], BYPASS);
 274                idx++;
 275        }
 276
 277        /* Bypass operation is proceeded by crypto sequence, hence must
 278         *  assure bypass-write-transaction by a memory barrier
 279         */
 280        hw_desc_init(&iv_seq[idx]);
 281        set_din_no_dma(&iv_seq[idx], 0, 0xfffff0);
 282        set_dout_no_dma(&iv_seq[idx], 0, 0, 1);
 283        idx++;
 284
 285        *iv_seq_len = idx; /* update seq length */
 286
 287        /* Update iv index */
 288        ivgen_ctx->next_iv_ofs += iv_out_size;
 289
 290        if ((SSI_IVPOOL_SIZE - ivgen_ctx->next_iv_ofs) < CC_AES_IV_SIZE) {
 291                SSI_LOG_DEBUG("Pool exhausted, regenerating iv-pool\n");
 292                /* pool is drained -regenerate it! */
 293                return ssi_ivgen_generate_pool(ivgen_ctx, iv_seq, iv_seq_len);
 294        }
 295
 296        return 0;
 297}
 298
 299