LXR linux/arch/x86/crypto/blowfish

   1/*
   2 * Glue Code for assembler optimized version of Blowfish
   3 *
   4 * Copyright (c) 2011 Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
   5 *
   6 * CBC & ECB parts based on code (crypto/cbc.c,ecb.c) by:
   7 *   Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>
   8 * CTR part based on code (crypto/ctr.c) by:
   9 *   (C) Copyright IBM Corp. 2007 - Joy Latten <latten@us.ibm.com>
  10 *
  11 * This program is free software; you can redistribute it and/or modify
  12 * it under the terms of the GNU General Public License as published by
  13 * the Free Software Foundation; either version 2 of the License, or
  14 * (at your option) any later version.
  15 *
  16 * This program is distributed in the hope that it will be useful,
  17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  19 * GNU General Public License for more details.
  20 *
  21 * You should have received a copy of the GNU General Public License
  22 * along with this program; if not, write to the Free Software
  23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
  24 * USA
  25 *
  26 */
  27
  28#include <asm/processor.h>
  29#include <crypto/blowfish.h>
  30#include <linux/crypto.h>
  31#include <linux/init.h>
  32#include <linux/module.h>
  33#include <linux/types.h>
  34#include <crypto/algapi.h>
  35
  36/* regular block cipher functions */
  37asmlinkage void __blowfish_enc_blk(struct bf_ctx *ctx, u8 *dst, const u8 *src,
  38                                   bool xor);
  39asmlinkage void blowfish_dec_blk(struct bf_ctx *ctx, u8 *dst, const u8 *src);
  40
  41/* 4-way parallel cipher functions */
  42asmlinkage void __blowfish_enc_blk_4way(struct bf_ctx *ctx, u8 *dst,
  43                                        const u8 *src, bool xor);
  44asmlinkage void blowfish_dec_blk_4way(struct bf_ctx *ctx, u8 *dst,
  45                                      const u8 *src);
  46
  47static inline void blowfish_enc_blk(struct bf_ctx *ctx, u8 *dst, const u8 *src)
  48{
  49        __blowfish_enc_blk(ctx, dst, src, false);
  50}
  51
  52static inline void blowfish_enc_blk_xor(struct bf_ctx *ctx, u8 *dst,
  53                                        const u8 *src)
  54{
  55        __blowfish_enc_blk(ctx, dst, src, true);
  56}
  57
  58static inline void blowfish_enc_blk_4way(struct bf_ctx *ctx, u8 *dst,
  59                                         const u8 *src)
  60{
  61        __blowfish_enc_blk_4way(ctx, dst, src, false);
  62}
  63
  64static inline void blowfish_enc_blk_xor_4way(struct bf_ctx *ctx, u8 *dst,
  65                                      const u8 *src)
  66{
  67        __blowfish_enc_blk_4way(ctx, dst, src, true);
  68}
  69
  70static void blowfish_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
  71{
  72        blowfish_enc_blk(crypto_tfm_ctx(tfm), dst, src);
  73}
  74
  75static void blowfish_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
  76{
  77        blowfish_dec_blk(crypto_tfm_ctx(tfm), dst, src);
  78}
  79
  80static int ecb_crypt(struct blkcipher_desc *desc, struct blkcipher_walk *walk,
  81                     void (*fn)(struct bf_ctx *, u8 *, const u8 *),
  82                     void (*fn_4way)(struct bf_ctx *, u8 *, const u8 *))
  83{
  84        struct bf_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
  85        unsigned int bsize = BF_BLOCK_SIZE;
  86        unsigned int nbytes;
  87        int err;
  88
  89        err = blkcipher_walk_virt(desc, walk);
  90
  91        while ((nbytes = walk->nbytes)) {
  92                u8 *wsrc = walk->src.virt.addr;
  93                u8 *wdst = walk->dst.virt.addr;
  94
  95                /* Process four block batch */
  96                if (nbytes >= bsize * 4) {
  97                        do {
  98                                fn_4way(ctx, wdst, wsrc);
  99
 100                                wsrc += bsize * 4;
 101                                wdst += bsize * 4;
 102                                nbytes -= bsize * 4;
 103                        } while (nbytes >= bsize * 4);
 104
 105                        if (nbytes < bsize)
 106                                goto done;
 107                }
 108
 109                /* Handle leftovers */
 110                do {
 111                        fn(ctx, wdst, wsrc);
 112
 113                        wsrc += bsize;
 114                        wdst += bsize;
 115                        nbytes -= bsize;
 116                } while (nbytes >= bsize);
 117
 118done:
 119                err = blkcipher_walk_done(desc, walk, nbytes);
 120        }
 121
 122        return err;
 123}
 124
 125static int ecb_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
 126                       struct scatterlist *src, unsigned int nbytes)
 127{
 128        struct blkcipher_walk walk;
 129
 130        blkcipher_walk_init(&walk, dst, src, nbytes);
 131        return ecb_crypt(desc, &walk, blowfish_enc_blk, blowfish_enc_blk_4way);
 132}
 133
 134static int ecb_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
 135                       struct scatterlist *src, unsigned int nbytes)
 136{
 137        struct blkcipher_walk walk;
 138
 139        blkcipher_walk_init(&walk, dst, src, nbytes);
 140        return ecb_crypt(desc, &walk, blowfish_dec_blk, blowfish_dec_blk_4way);
 141}
 142
 143static unsigned int __cbc_encrypt(struct blkcipher_desc *desc,
 144                                  struct blkcipher_walk *walk)
 145{
 146        struct bf_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
 147        unsigned int bsize = BF_BLOCK_SIZE;
 148        unsigned int nbytes = walk->nbytes;
 149        u64 *src = (u64 *)walk->src.virt.addr;
 150        u64 *dst = (u64 *)walk->dst.virt.addr;
 151        u64 *iv = (u64 *)walk->iv;
 152
 153        do {
 154                *dst = *src ^ *iv;
 155                blowfish_enc_blk(ctx, (u8 *)dst, (u8 *)dst);
 156                iv = dst;
 157
 158                src += 1;
 159                dst += 1;
 160                nbytes -= bsize;
 161        } while (nbytes >= bsize);
 162
 163        *(u64 *)walk->iv = *iv;
 164        return nbytes;
 165}
 166
 167static int cbc_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
 168                       struct scatterlist *src, unsigned int nbytes)
 169{
 170        struct blkcipher_walk walk;
 171        int err;
 172
 173        blkcipher_walk_init(&walk, dst, src, nbytes);
 174        err = blkcipher_walk_virt(desc, &walk);
 175
 176        while ((nbytes = walk.nbytes)) {
 177                nbytes = __cbc_encrypt(desc, &walk);
 178                err = blkcipher_walk_done(desc, &walk, nbytes);
 179        }
 180
 181        return err;
 182}
 183
 184static unsigned int __cbc_decrypt(struct blkcipher_desc *desc,
 185                                  struct blkcipher_walk *walk)
 186{
 187        struct bf_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
 188        unsigned int bsize = BF_BLOCK_SIZE;
 189        unsigned int nbytes = walk->nbytes;
 190        u64 *src = (u64 *)walk->src.virt.addr;
 191        u64 *dst = (u64 *)walk->dst.virt.addr;
 192        u64 ivs[4 - 1];
 193        u64 last_iv;
 194
 195        /* Start of the last block. */
 196        src += nbytes / bsize - 1;
 197        dst += nbytes / bsize - 1;
 198
 199        last_iv = *src;
 200
 201        /* Process four block batch */
 202        if (nbytes >= bsize * 4) {
 203                do {
 204                        nbytes -= bsize * 4 - bsize;
 205                        src -= 4 - 1;
 206                        dst -= 4 - 1;
 207
 208                        ivs[0] = src[0];
 209                        ivs[1] = src[1];
 210                        ivs[2] = src[2];
 211
 212                        blowfish_dec_blk_4way(ctx, (u8 *)dst, (u8 *)src);
 213
 214                        dst[1] ^= ivs[0];
 215                        dst[2] ^= ivs[1];
 216                        dst[3] ^= ivs[2];
 217
 218                        nbytes -= bsize;
 219                        if (nbytes < bsize)
 220                                goto done;
 221
 222                        *dst ^= *(src - 1);
 223                        src -= 1;
 224                        dst -= 1;
 225                } while (nbytes >= bsize * 4);
 226        }
 227
 228        /* Handle leftovers */
 229        for (;;) {
 230                blowfish_dec_blk(ctx, (u8 *)dst, (u8 *)src);
 231
 232                nbytes -= bsize;
 233                if (nbytes < bsize)
 234                        break;
 235
 236                *dst ^= *(src - 1);
 237                src -= 1;
 238                dst -= 1;
 239        }
 240
 241done:
 242        *dst ^= *(u64 *)walk->iv;
 243        *(u64 *)walk->iv = last_iv;
 244
 245        return nbytes;
 246}
 247
 248static int cbc_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
 249                       struct scatterlist *src, unsigned int nbytes)
 250{
 251        struct blkcipher_walk walk;
 252        int err;
 253
 254        blkcipher_walk_init(&walk, dst, src, nbytes);
 255        err = blkcipher_walk_virt(desc, &walk);
 256
 257        while ((nbytes = walk.nbytes)) {
 258                nbytes = __cbc_decrypt(desc, &walk);
 259                err = blkcipher_walk_done(desc, &walk, nbytes);
 260        }
 261
 262        return err;
 263}
 264
 265static void ctr_crypt_final(struct bf_ctx *ctx, struct blkcipher_walk *walk)
 266{
 267        u8 *ctrblk = walk->iv;
 268        u8 keystream[BF_BLOCK_SIZE];
 269        u8 *src = walk->src.virt.addr;
 270        u8 *dst = walk->dst.virt.addr;
 271        unsigned int nbytes = walk->nbytes;
 272
 273        blowfish_enc_blk(ctx, keystream, ctrblk);
 274        crypto_xor(keystream, src, nbytes);
 275        memcpy(dst, keystream, nbytes);
 276
 277        crypto_inc(ctrblk, BF_BLOCK_SIZE);
 278}
 279
 280static unsigned int __ctr_crypt(struct blkcipher_desc *desc,
 281                                struct blkcipher_walk *walk)
 282{
 283        struct bf_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
 284        unsigned int bsize = BF_BLOCK_SIZE;
 285        unsigned int nbytes = walk->nbytes;
 286        u64 *src = (u64 *)walk->src.virt.addr;
 287        u64 *dst = (u64 *)walk->dst.virt.addr;
 288        u64 ctrblk = be64_to_cpu(*(__be64 *)walk->iv);
 289        __be64 ctrblocks[4];
 290
 291        /* Process four block batch */
 292        if (nbytes >= bsize * 4) {
 293                do {
 294                        if (dst != src) {
 295                                dst[0] = src[0];
 296                                dst[1] = src[1];
 297                                dst[2] = src[2];
 298                                dst[3] = src[3];
 299                        }
 300
 301                        /* create ctrblks for parallel encrypt */
 302                        ctrblocks[0] = cpu_to_be64(ctrblk++);
 303                        ctrblocks[1] = cpu_to_be64(ctrblk++);
 304                        ctrblocks[2] = cpu_to_be64(ctrblk++);
 305                        ctrblocks[3] = cpu_to_be64(ctrblk++);
 306
 307                        blowfish_enc_blk_xor_4way(ctx, (u8 *)dst,
 308                                                  (u8 *)ctrblocks);
 309
 310                        src += 4;
 311                        dst += 4;
 312                } while ((nbytes -= bsize * 4) >= bsize * 4);
 313
 314                if (nbytes < bsize)
 315                        goto done;
 316        }
 317
 318        /* Handle leftovers */
 319        do {
 320                if (dst != src)
 321                        *dst = *src;
 322
 323                ctrblocks[0] = cpu_to_be64(ctrblk++);
 324
 325                blowfish_enc_blk_xor(ctx, (u8 *)dst, (u8 *)ctrblocks);
 326
 327                src += 1;
 328                dst += 1;
 329        } while ((nbytes -= bsize) >= bsize);
 330
 331done:
 332        *(__be64 *)walk->iv = cpu_to_be64(ctrblk);
 333        return nbytes;
 334}
 335
 336static int ctr_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
 337                     struct scatterlist *src, unsigned int nbytes)
 338{
 339        struct blkcipher_walk walk;
 340        int err;
 341
 342        blkcipher_walk_init(&walk, dst, src, nbytes);
 343        err = blkcipher_walk_virt_block(desc, &walk, BF_BLOCK_SIZE);
 344
 345        while ((nbytes = walk.nbytes) >= BF_BLOCK_SIZE) {
 346                nbytes = __ctr_crypt(desc, &walk);
 347                err = blkcipher_walk_done(desc, &walk, nbytes);
 348        }
 349
 350        if (walk.nbytes) {
 351                ctr_crypt_final(crypto_blkcipher_ctx(desc->tfm), &walk);
 352                err = blkcipher_walk_done(desc, &walk, 0);
 353        }
 354
 355        return err;
 356}
 357
 358static struct crypto_alg bf_algs[4] = { {
 359        .cra_name               = "blowfish",
 360        .cra_driver_name        = "blowfish-asm",
 361        .cra_priority           = 200,
 362        .cra_flags              = CRYPTO_ALG_TYPE_CIPHER,
 363        .cra_blocksize          = BF_BLOCK_SIZE,
 364        .cra_ctxsize            = sizeof(struct bf_ctx),
 365        .cra_alignmask          = 0,
 366        .cra_module             = THIS_MODULE,
 367        .cra_u = {
 368                .cipher = {
 369                        .cia_min_keysize        = BF_MIN_KEY_SIZE,
 370                        .cia_max_keysize        = BF_MAX_KEY_SIZE,
 371                        .cia_setkey             = blowfish_setkey,
 372                        .cia_encrypt            = blowfish_encrypt,
 373                        .cia_decrypt            = blowfish_decrypt,
 374                }
 375        }
 376}, {
 377        .cra_name               = "ecb(blowfish)",
 378        .cra_driver_name        = "ecb-blowfish-asm",
 379        .cra_priority           = 300,
 380        .cra_flags              = CRYPTO_ALG_TYPE_BLKCIPHER,
 381        .cra_blocksize          = BF_BLOCK_SIZE,
 382        .cra_ctxsize            = sizeof(struct bf_ctx),
 383        .cra_alignmask          = 0,
 384        .cra_type               = &crypto_blkcipher_type,
 385        .cra_module             = THIS_MODULE,
 386        .cra_u = {
 387                .blkcipher = {
 388                        .min_keysize    = BF_MIN_KEY_SIZE,
 389                        .max_keysize    = BF_MAX_KEY_SIZE,
 390                        .setkey         = blowfish_setkey,
 391                        .encrypt        = ecb_encrypt,
 392                        .decrypt        = ecb_decrypt,
 393                },
 394        },
 395}, {
 396        .cra_name               = "cbc(blowfish)",
 397        .cra_driver_name        = "cbc-blowfish-asm",
 398        .cra_priority           = 300,
 399        .cra_flags              = CRYPTO_ALG_TYPE_BLKCIPHER,
 400        .cra_blocksize          = BF_BLOCK_SIZE,
 401        .cra_ctxsize            = sizeof(struct bf_ctx),
 402        .cra_alignmask          = 0,
 403        .cra_type               = &crypto_blkcipher_type,
 404        .cra_module             = THIS_MODULE,
 405        .cra_u = {
 406                .blkcipher = {
 407                        .min_keysize    = BF_MIN_KEY_SIZE,
 408                        .max_keysize    = BF_MAX_KEY_SIZE,
 409                        .ivsize         = BF_BLOCK_SIZE,
 410                        .setkey         = blowfish_setkey,
 411                        .encrypt        = cbc_encrypt,
 412                        .decrypt        = cbc_decrypt,
 413                },
 414        },
 415}, {
 416        .cra_name               = "ctr(blowfish)",
 417        .cra_driver_name        = "ctr-blowfish-asm",
 418        .cra_priority           = 300,
 419        .cra_flags              = CRYPTO_ALG_TYPE_BLKCIPHER,
 420        .cra_blocksize          = 1,
 421        .cra_ctxsize            = sizeof(struct bf_ctx),
 422        .cra_alignmask          = 0,
 423        .cra_type               = &crypto_blkcipher_type,
 424        .cra_module             = THIS_MODULE,
 425        .cra_u = {
 426                .blkcipher = {
 427                        .min_keysize    = BF_MIN_KEY_SIZE,
 428                        .max_keysize    = BF_MAX_KEY_SIZE,
 429                        .ivsize         = BF_BLOCK_SIZE,
 430                        .setkey         = blowfish_setkey,
 431                        .encrypt        = ctr_crypt,
 432                        .decrypt        = ctr_crypt,
 433                },
 434        },
 435} };
 436
 437static bool is_blacklisted_cpu(void)
 438{
 439        if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL)
 440                return false;
 441
 442        if (boot_cpu_data.x86 == 0x0f) {
 443                /*
 444                 * On Pentium 4, blowfish-x86_64 is slower than generic C
 445                 * implementation because use of 64bit rotates (which are really
 446                 * slow on P4). Therefore blacklist P4s.
 447                 */
 448                return true;
 449        }
 450
 451        return false;
 452}
 453
 454static int force;
 455module_param(force, int, 0);
 456MODULE_PARM_DESC(force, "Force module load, ignore CPU blacklist");
 457
 458static int __init init(void)
 459{
 460        if (!force && is_blacklisted_cpu()) {
 461                printk(KERN_INFO
 462                        "blowfish-x86_64: performance on this CPU "
 463                        "would be suboptimal: disabling "
 464                        "blowfish-x86_64.\n");
 465                return -ENODEV;
 466        }
 467
 468        return crypto_register_algs(bf_algs, ARRAY_SIZE(bf_algs));
 469}
 470
 471static void __exit fini(void)
 472{
 473        crypto_unregister_algs(bf_algs, ARRAY_SIZE(bf_algs));
 474}
 475
 476module_init(init);
 477module_exit(fini);
 478
 479MODULE_LICENSE("GPL");
 480MODULE_DESCRIPTION("Blowfish Cipher Algorithm, asm optimized");
 481MODULE_ALIAS_CRYPTO("blowfish");
 482MODULE_ALIAS_CRYPTO("blowfish-asm");
 483