1
2
3
4
5
6
7#include <crypto/aes.h>
8#include <crypto/algapi.h>
9#include <crypto/authenc.h>
10#include <crypto/internal/des.h>
11#include <crypto/xts.h>
12#include <linux/crypto.h>
13#include <linux/err.h>
14#include <linux/list.h>
15#include <linux/scatterlist.h>
16
17#include "cptvf.h"
18#include "cptvf_algs.h"
19
20struct cpt_device_handle {
21 void *cdev[MAX_DEVICES];
22 u32 dev_count;
23};
24
25static struct cpt_device_handle dev_handle;
26
27static void cvm_callback(u32 status, void *arg)
28{
29 struct crypto_async_request *req = (struct crypto_async_request *)arg;
30
31 req->complete(req, !status);
32}
33
34static inline void update_input_iv(struct cpt_request_info *req_info,
35 u8 *iv, u32 enc_iv_len,
36 u32 *argcnt)
37{
38
39 req_info->in[*argcnt].vptr = (void *)iv;
40 req_info->in[*argcnt].size = enc_iv_len;
41 req_info->req.dlen += enc_iv_len;
42
43 ++(*argcnt);
44}
45
46static inline void update_output_iv(struct cpt_request_info *req_info,
47 u8 *iv, u32 enc_iv_len,
48 u32 *argcnt)
49{
50
51 req_info->out[*argcnt].vptr = (void *)iv;
52 req_info->out[*argcnt].size = enc_iv_len;
53 req_info->rlen += enc_iv_len;
54
55 ++(*argcnt);
56}
57
58static inline void update_input_data(struct cpt_request_info *req_info,
59 struct scatterlist *inp_sg,
60 u32 nbytes, u32 *argcnt)
61{
62 req_info->req.dlen += nbytes;
63
64 while (nbytes) {
65 u32 len = min(nbytes, inp_sg->length);
66 u8 *ptr = sg_virt(inp_sg);
67
68 req_info->in[*argcnt].vptr = (void *)ptr;
69 req_info->in[*argcnt].size = len;
70 nbytes -= len;
71
72 ++(*argcnt);
73 ++inp_sg;
74 }
75}
76
77static inline void update_output_data(struct cpt_request_info *req_info,
78 struct scatterlist *outp_sg,
79 u32 nbytes, u32 *argcnt)
80{
81 req_info->rlen += nbytes;
82
83 while (nbytes) {
84 u32 len = min(nbytes, outp_sg->length);
85 u8 *ptr = sg_virt(outp_sg);
86
87 req_info->out[*argcnt].vptr = (void *)ptr;
88 req_info->out[*argcnt].size = len;
89 nbytes -= len;
90 ++(*argcnt);
91 ++outp_sg;
92 }
93}
94
95static inline u32 create_ctx_hdr(struct skcipher_request *req, u32 enc,
96 u32 *argcnt)
97{
98 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
99 struct cvm_enc_ctx *ctx = crypto_skcipher_ctx(tfm);
100 struct cvm_req_ctx *rctx = skcipher_request_ctx(req);
101 struct fc_context *fctx = &rctx->fctx;
102 u32 enc_iv_len = crypto_skcipher_ivsize(tfm);
103 struct cpt_request_info *req_info = &rctx->cpt_req;
104 __be64 *ctrl_flags = NULL;
105 __be64 *offset_control;
106
107 req_info->ctrl.s.grp = 0;
108 req_info->ctrl.s.dma_mode = DMA_GATHER_SCATTER;
109 req_info->ctrl.s.se_req = SE_CORE_REQ;
110
111 req_info->req.opcode.s.major = MAJOR_OP_FC |
112 DMA_MODE_FLAG(DMA_GATHER_SCATTER);
113 if (enc)
114 req_info->req.opcode.s.minor = 2;
115 else
116 req_info->req.opcode.s.minor = 3;
117
118 req_info->req.param1 = req->cryptlen;
119 req_info->req.param2 = 0;
120
121 fctx->enc.enc_ctrl.e.enc_cipher = ctx->cipher_type;
122 fctx->enc.enc_ctrl.e.aes_key = ctx->key_type;
123 fctx->enc.enc_ctrl.e.iv_source = FROM_DPTR;
124
125 if (ctx->cipher_type == AES_XTS)
126 memcpy(fctx->enc.encr_key, ctx->enc_key, ctx->key_len * 2);
127 else
128 memcpy(fctx->enc.encr_key, ctx->enc_key, ctx->key_len);
129 ctrl_flags = (__be64 *)&fctx->enc.enc_ctrl.flags;
130 *ctrl_flags = cpu_to_be64(fctx->enc.enc_ctrl.flags);
131
132 offset_control = (__be64 *)&rctx->control_word;
133 *offset_control = cpu_to_be64(((u64)(enc_iv_len) << 16));
134
135
136
137 req_info->in[*argcnt].vptr = (u8 *)offset_control;
138 req_info->in[*argcnt].size = CONTROL_WORD_LEN;
139 req_info->req.dlen += CONTROL_WORD_LEN;
140 ++(*argcnt);
141
142 req_info->in[*argcnt].vptr = (u8 *)fctx;
143 req_info->in[*argcnt].size = sizeof(struct fc_context);
144 req_info->req.dlen += sizeof(struct fc_context);
145
146 ++(*argcnt);
147
148 return 0;
149}
150
151static inline u32 create_input_list(struct skcipher_request *req, u32 enc,
152 u32 enc_iv_len)
153{
154 struct cvm_req_ctx *rctx = skcipher_request_ctx(req);
155 struct cpt_request_info *req_info = &rctx->cpt_req;
156 u32 argcnt = 0;
157
158 create_ctx_hdr(req, enc, &argcnt);
159 update_input_iv(req_info, req->iv, enc_iv_len, &argcnt);
160 update_input_data(req_info, req->src, req->cryptlen, &argcnt);
161 req_info->incnt = argcnt;
162
163 return 0;
164}
165
166static inline void store_cb_info(struct skcipher_request *req,
167 struct cpt_request_info *req_info)
168{
169 req_info->callback = (void *)cvm_callback;
170 req_info->callback_arg = (void *)&req->base;
171}
172
173static inline void create_output_list(struct skcipher_request *req,
174 u32 enc_iv_len)
175{
176 struct cvm_req_ctx *rctx = skcipher_request_ctx(req);
177 struct cpt_request_info *req_info = &rctx->cpt_req;
178 u32 argcnt = 0;
179
180
181
182
183
184
185
186
187
188 update_output_iv(req_info, req->iv, enc_iv_len, &argcnt);
189 update_output_data(req_info, req->dst, req->cryptlen, &argcnt);
190 req_info->outcnt = argcnt;
191}
192
193static inline int cvm_enc_dec(struct skcipher_request *req, u32 enc)
194{
195 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
196 struct cvm_req_ctx *rctx = skcipher_request_ctx(req);
197 u32 enc_iv_len = crypto_skcipher_ivsize(tfm);
198 struct fc_context *fctx = &rctx->fctx;
199 struct cpt_request_info *req_info = &rctx->cpt_req;
200 void *cdev = NULL;
201 int status;
202
203 memset(req_info, 0, sizeof(struct cpt_request_info));
204 req_info->may_sleep = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) != 0;
205 memset(fctx, 0, sizeof(struct fc_context));
206 create_input_list(req, enc, enc_iv_len);
207 create_output_list(req, enc_iv_len);
208 store_cb_info(req, req_info);
209 cdev = dev_handle.cdev[smp_processor_id()];
210 status = cptvf_do_request(cdev, req_info);
211
212
213
214
215
216 if (status)
217 return status;
218 else
219 return -EINPROGRESS;
220}
221
222static int cvm_encrypt(struct skcipher_request *req)
223{
224 return cvm_enc_dec(req, true);
225}
226
227static int cvm_decrypt(struct skcipher_request *req)
228{
229 return cvm_enc_dec(req, false);
230}
231
232static int cvm_xts_setkey(struct crypto_skcipher *cipher, const u8 *key,
233 u32 keylen)
234{
235 struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher);
236 struct cvm_enc_ctx *ctx = crypto_tfm_ctx(tfm);
237 int err;
238 const u8 *key1 = key;
239 const u8 *key2 = key + (keylen / 2);
240
241 err = xts_check_key(tfm, key, keylen);
242 if (err)
243 return err;
244 ctx->key_len = keylen;
245 memcpy(ctx->enc_key, key1, keylen / 2);
246 memcpy(ctx->enc_key + KEY2_OFFSET, key2, keylen / 2);
247 ctx->cipher_type = AES_XTS;
248 switch (ctx->key_len) {
249 case 32:
250 ctx->key_type = AES_128_BIT;
251 break;
252 case 64:
253 ctx->key_type = AES_256_BIT;
254 break;
255 default:
256 return -EINVAL;
257 }
258
259 return 0;
260}
261
262static int cvm_validate_keylen(struct cvm_enc_ctx *ctx, u32 keylen)
263{
264 if ((keylen == 16) || (keylen == 24) || (keylen == 32)) {
265 ctx->key_len = keylen;
266 switch (ctx->key_len) {
267 case 16:
268 ctx->key_type = AES_128_BIT;
269 break;
270 case 24:
271 ctx->key_type = AES_192_BIT;
272 break;
273 case 32:
274 ctx->key_type = AES_256_BIT;
275 break;
276 default:
277 return -EINVAL;
278 }
279
280 if (ctx->cipher_type == DES3_CBC)
281 ctx->key_type = 0;
282
283 return 0;
284 }
285
286 return -EINVAL;
287}
288
289static int cvm_setkey(struct crypto_skcipher *cipher, const u8 *key,
290 u32 keylen, u8 cipher_type)
291{
292 struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher);
293 struct cvm_enc_ctx *ctx = crypto_tfm_ctx(tfm);
294
295 ctx->cipher_type = cipher_type;
296 if (!cvm_validate_keylen(ctx, keylen)) {
297 memcpy(ctx->enc_key, key, keylen);
298 return 0;
299 } else {
300 return -EINVAL;
301 }
302}
303
304static int cvm_cbc_aes_setkey(struct crypto_skcipher *cipher, const u8 *key,
305 u32 keylen)
306{
307 return cvm_setkey(cipher, key, keylen, AES_CBC);
308}
309
310static int cvm_ecb_aes_setkey(struct crypto_skcipher *cipher, const u8 *key,
311 u32 keylen)
312{
313 return cvm_setkey(cipher, key, keylen, AES_ECB);
314}
315
316static int cvm_cfb_aes_setkey(struct crypto_skcipher *cipher, const u8 *key,
317 u32 keylen)
318{
319 return cvm_setkey(cipher, key, keylen, AES_CFB);
320}
321
322static int cvm_cbc_des3_setkey(struct crypto_skcipher *cipher, const u8 *key,
323 u32 keylen)
324{
325 return verify_skcipher_des3_key(cipher, key) ?:
326 cvm_setkey(cipher, key, keylen, DES3_CBC);
327}
328
329static int cvm_ecb_des3_setkey(struct crypto_skcipher *cipher, const u8 *key,
330 u32 keylen)
331{
332 return verify_skcipher_des3_key(cipher, key) ?:
333 cvm_setkey(cipher, key, keylen, DES3_ECB);
334}
335
336static int cvm_enc_dec_init(struct crypto_skcipher *tfm)
337{
338 crypto_skcipher_set_reqsize(tfm, sizeof(struct cvm_req_ctx));
339
340 return 0;
341}
342
343static struct skcipher_alg algs[] = { {
344 .base.cra_flags = CRYPTO_ALG_ASYNC |
345 CRYPTO_ALG_ALLOCATES_MEMORY,
346 .base.cra_blocksize = AES_BLOCK_SIZE,
347 .base.cra_ctxsize = sizeof(struct cvm_enc_ctx),
348 .base.cra_alignmask = 7,
349 .base.cra_priority = 4001,
350 .base.cra_name = "xts(aes)",
351 .base.cra_driver_name = "cavium-xts-aes",
352 .base.cra_module = THIS_MODULE,
353
354 .ivsize = AES_BLOCK_SIZE,
355 .min_keysize = 2 * AES_MIN_KEY_SIZE,
356 .max_keysize = 2 * AES_MAX_KEY_SIZE,
357 .setkey = cvm_xts_setkey,
358 .encrypt = cvm_encrypt,
359 .decrypt = cvm_decrypt,
360 .init = cvm_enc_dec_init,
361}, {
362 .base.cra_flags = CRYPTO_ALG_ASYNC |
363 CRYPTO_ALG_ALLOCATES_MEMORY,
364 .base.cra_blocksize = AES_BLOCK_SIZE,
365 .base.cra_ctxsize = sizeof(struct cvm_enc_ctx),
366 .base.cra_alignmask = 7,
367 .base.cra_priority = 4001,
368 .base.cra_name = "cbc(aes)",
369 .base.cra_driver_name = "cavium-cbc-aes",
370 .base.cra_module = THIS_MODULE,
371
372 .ivsize = AES_BLOCK_SIZE,
373 .min_keysize = AES_MIN_KEY_SIZE,
374 .max_keysize = AES_MAX_KEY_SIZE,
375 .setkey = cvm_cbc_aes_setkey,
376 .encrypt = cvm_encrypt,
377 .decrypt = cvm_decrypt,
378 .init = cvm_enc_dec_init,
379}, {
380 .base.cra_flags = CRYPTO_ALG_ASYNC |
381 CRYPTO_ALG_ALLOCATES_MEMORY,
382 .base.cra_blocksize = AES_BLOCK_SIZE,
383 .base.cra_ctxsize = sizeof(struct cvm_enc_ctx),
384 .base.cra_alignmask = 7,
385 .base.cra_priority = 4001,
386 .base.cra_name = "ecb(aes)",
387 .base.cra_driver_name = "cavium-ecb-aes",
388 .base.cra_module = THIS_MODULE,
389
390 .min_keysize = AES_MIN_KEY_SIZE,
391 .max_keysize = AES_MAX_KEY_SIZE,
392 .setkey = cvm_ecb_aes_setkey,
393 .encrypt = cvm_encrypt,
394 .decrypt = cvm_decrypt,
395 .init = cvm_enc_dec_init,
396}, {
397 .base.cra_flags = CRYPTO_ALG_ASYNC |
398 CRYPTO_ALG_ALLOCATES_MEMORY,
399 .base.cra_blocksize = AES_BLOCK_SIZE,
400 .base.cra_ctxsize = sizeof(struct cvm_enc_ctx),
401 .base.cra_alignmask = 7,
402 .base.cra_priority = 4001,
403 .base.cra_name = "cfb(aes)",
404 .base.cra_driver_name = "cavium-cfb-aes",
405 .base.cra_module = THIS_MODULE,
406
407 .ivsize = AES_BLOCK_SIZE,
408 .min_keysize = AES_MIN_KEY_SIZE,
409 .max_keysize = AES_MAX_KEY_SIZE,
410 .setkey = cvm_cfb_aes_setkey,
411 .encrypt = cvm_encrypt,
412 .decrypt = cvm_decrypt,
413 .init = cvm_enc_dec_init,
414}, {
415 .base.cra_flags = CRYPTO_ALG_ASYNC |
416 CRYPTO_ALG_ALLOCATES_MEMORY,
417 .base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
418 .base.cra_ctxsize = sizeof(struct cvm_des3_ctx),
419 .base.cra_alignmask = 7,
420 .base.cra_priority = 4001,
421 .base.cra_name = "cbc(des3_ede)",
422 .base.cra_driver_name = "cavium-cbc-des3_ede",
423 .base.cra_module = THIS_MODULE,
424
425 .min_keysize = DES3_EDE_KEY_SIZE,
426 .max_keysize = DES3_EDE_KEY_SIZE,
427 .ivsize = DES_BLOCK_SIZE,
428 .setkey = cvm_cbc_des3_setkey,
429 .encrypt = cvm_encrypt,
430 .decrypt = cvm_decrypt,
431 .init = cvm_enc_dec_init,
432}, {
433 .base.cra_flags = CRYPTO_ALG_ASYNC |
434 CRYPTO_ALG_ALLOCATES_MEMORY,
435 .base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
436 .base.cra_ctxsize = sizeof(struct cvm_des3_ctx),
437 .base.cra_alignmask = 7,
438 .base.cra_priority = 4001,
439 .base.cra_name = "ecb(des3_ede)",
440 .base.cra_driver_name = "cavium-ecb-des3_ede",
441 .base.cra_module = THIS_MODULE,
442
443 .min_keysize = DES3_EDE_KEY_SIZE,
444 .max_keysize = DES3_EDE_KEY_SIZE,
445 .ivsize = DES_BLOCK_SIZE,
446 .setkey = cvm_ecb_des3_setkey,
447 .encrypt = cvm_encrypt,
448 .decrypt = cvm_decrypt,
449 .init = cvm_enc_dec_init,
450} };
451
452static inline int cav_register_algs(void)
453{
454 return crypto_register_skciphers(algs, ARRAY_SIZE(algs));
455}
456
457static inline void cav_unregister_algs(void)
458{
459 crypto_unregister_skciphers(algs, ARRAY_SIZE(algs));
460}
461
462int cvm_crypto_init(struct cpt_vf *cptvf)
463{
464 struct pci_dev *pdev = cptvf->pdev;
465 u32 dev_count;
466
467 dev_count = dev_handle.dev_count;
468 dev_handle.cdev[dev_count] = cptvf;
469 dev_handle.dev_count++;
470
471 if (dev_count == 3) {
472 if (cav_register_algs()) {
473 dev_err(&pdev->dev, "Error in registering crypto algorithms\n");
474 return -EINVAL;
475 }
476 }
477
478 return 0;
479}
480
481void cvm_crypto_exit(void)
482{
483 u32 dev_count;
484
485 dev_count = --dev_handle.dev_count;
486 if (!dev_count)
487 cav_unregister_algs();
488}
489