1 From 6298e948215f2a3eb8a9af5c490d025deb66f179 Mon Sep 17 00:00:00 2001
2 From: LABBE Corentin <clabbe.montjoie@gmail.com>
3 Date: Fri, 17 Jul 2015 16:39:41 +0200
4 Subject: [PATCH] crypto: sunxi-ss - Add Allwinner Security System crypto
7 Add support for the Security System included in Allwinner SoC A20.
8 The Security System is a hardware cryptographic accelerator that support:
9 - MD5 and SHA1 hash algorithms
10 - AES block cipher in CBC/ECB mode with 128/196/256bits keys.
11 - DES and 3DES block cipher in CBC/ECB mode
13 Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
14 Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
16 drivers/crypto/Kconfig | 17 +
17 drivers/crypto/Makefile | 1 +
18 drivers/crypto/sunxi-ss/Makefile | 2 +
19 drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 542 ++++++++++++++++++++++++++++++
20 drivers/crypto/sunxi-ss/sun4i-ss-core.c | 403 ++++++++++++++++++++++
21 drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 492 +++++++++++++++++++++++++++
22 drivers/crypto/sunxi-ss/sun4i-ss.h | 199 +++++++++++
23 7 files changed, 1656 insertions(+)
24 create mode 100644 drivers/crypto/sunxi-ss/Makefile
25 create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
26 create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss-core.c
27 create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss-hash.c
28 create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss.h
30 diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
31 index 4044125..07bc7aa 100644
32 --- a/drivers/crypto/Kconfig
33 +++ b/drivers/crypto/Kconfig
34 @@ -480,4 +480,21 @@ config CRYPTO_DEV_IMGTEC_HASH
35 hardware hash accelerator. Supporting MD5/SHA1/SHA224/SHA256
38 +config CRYPTO_DEV_SUN4I_SS
39 + tristate "Support for Allwinner Security System cryptographic accelerator"
40 + depends on ARCH_SUNXI
45 + select CRYPTO_BLKCIPHER
47 + Some Allwinner SoC have a crypto accelerator named
48 + Security System. Select this if you want to use it.
49 + The Security System handle AES/DES/3DES ciphers in CBC mode
50 + and SHA1 and MD5 hash algorithms.
52 + To compile this driver as a module, choose M here: the module
53 + will be called sun4i-ss.
56 diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
57 index e35c07a..c3ced6f 100644
58 --- a/drivers/crypto/Makefile
59 +++ b/drivers/crypto/Makefile
60 @@ -28,3 +28,4 @@ obj-$(CONFIG_CRYPTO_DEV_UX500) += ux500/
61 obj-$(CONFIG_CRYPTO_DEV_QAT) += qat/
62 obj-$(CONFIG_CRYPTO_DEV_QCE) += qce/
63 obj-$(CONFIG_CRYPTO_DEV_VMX) += vmx/
64 +obj-$(CONFIG_CRYPTO_DEV_SUN4I_SS) += sunxi-ss/
65 diff --git a/drivers/crypto/sunxi-ss/Makefile b/drivers/crypto/sunxi-ss/Makefile
67 index 0000000..8f4c7a2
69 +++ b/drivers/crypto/sunxi-ss/Makefile
71 +obj-$(CONFIG_CRYPTO_DEV_SUN4I_SS) += sun4i-ss.o
72 +sun4i-ss-y += sun4i-ss-core.o sun4i-ss-hash.o sun4i-ss-cipher.o
73 diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
75 index 0000000..e070c31
77 +++ b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
80 + * sun4i-ss-cipher.c - hardware cryptographic accelerator for Allwinner A20 SoC
82 + * Copyright (C) 2013-2015 Corentin LABBE <clabbe.montjoie@gmail.com>
84 + * This file add support for AES cipher with 128,192,256 bits
85 + * keysize in CBC and ECB mode.
86 + * Add support also for DES and 3DES in CBC and ECB mode.
88 + * You could find the datasheet in Documentation/arm/sunxi/README
90 + * This program is free software; you can redistribute it and/or modify
91 + * it under the terms of the GNU General Public License as published by
92 + * the Free Software Foundation; either version 2 of the License, or
93 + * (at your option) any later version.
95 +#include "sun4i-ss.h"
97 +static int sun4i_ss_opti_poll(struct ablkcipher_request *areq)
99 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
100 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
101 + struct sun4i_ss_ctx *ss = op->ss;
102 + unsigned int ivsize = crypto_ablkcipher_ivsize(tfm);
103 + struct sun4i_cipher_req_ctx *ctx = ablkcipher_request_ctx(areq);
104 + u32 mode = ctx->mode;
105 + /* when activating SS, the default FIFO space is SS_RX_DEFAULT(32) */
106 + u32 rx_cnt = SS_RX_DEFAULT;
111 + unsigned int ileft = areq->nbytes;
112 + unsigned int oleft = areq->nbytes;
114 + struct sg_mapping_iter mi, mo;
115 + unsigned int oi, oo; /* offset for in and out */
117 + if (areq->nbytes == 0)
121 + dev_err_ratelimited(ss->dev, "ERROR: Empty IV\n");
125 + if (!areq->src || !areq->dst) {
126 + dev_err_ratelimited(ss->dev, "ERROR: Some SGs are NULL\n");
130 + spin_lock_bh(&ss->slock);
132 + for (i = 0; i < op->keylen; i += 4)
133 + writel(*(op->key + i / 4), ss->base + SS_KEY0 + i);
136 + for (i = 0; i < 4 && i < ivsize / 4; i++) {
137 + v = *(u32 *)(areq->info + i * 4);
138 + writel(v, ss->base + SS_IV0 + i * 4);
141 + writel(mode, ss->base + SS_CTL);
143 + sg_miter_start(&mi, areq->src, sg_nents(areq->src),
144 + SG_MITER_FROM_SG | SG_MITER_ATOMIC);
145 + sg_miter_start(&mo, areq->dst, sg_nents(areq->dst),
146 + SG_MITER_TO_SG | SG_MITER_ATOMIC);
147 + sg_miter_next(&mi);
148 + sg_miter_next(&mo);
149 + if (!mi.addr || !mo.addr) {
150 + dev_err_ratelimited(ss->dev, "ERROR: sg_miter return null\n");
155 + ileft = areq->nbytes / 4;
156 + oleft = areq->nbytes / 4;
160 + todo = min3(rx_cnt, ileft, (mi.length - oi) / 4);
163 + writesl(ss->base + SS_RXFIFO, mi.addr + oi, todo);
166 + if (oi == mi.length) {
167 + sg_miter_next(&mi);
171 + spaces = readl(ss->base + SS_FCSR);
172 + rx_cnt = SS_RXFIFO_SPACES(spaces);
173 + tx_cnt = SS_TXFIFO_SPACES(spaces);
175 + todo = min3(tx_cnt, oleft, (mo.length - oo) / 4);
178 + readsl(ss->base + SS_TXFIFO, mo.addr + oo, todo);
181 + if (oo == mo.length) {
182 + sg_miter_next(&mo);
185 + } while (mo.length > 0);
188 + for (i = 0; i < 4 && i < ivsize / 4; i++) {
189 + v = readl(ss->base + SS_IV0 + i * 4);
190 + *(u32 *)(areq->info + i * 4) = v;
195 + sg_miter_stop(&mi);
196 + sg_miter_stop(&mo);
197 + writel(0, ss->base + SS_CTL);
198 + spin_unlock_bh(&ss->slock);
202 +/* Generic function that support SG with size not multiple of 4 */
203 +static int sun4i_ss_cipher_poll(struct ablkcipher_request *areq)
205 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
206 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
207 + struct sun4i_ss_ctx *ss = op->ss;
209 + struct scatterlist *in_sg = areq->src;
210 + struct scatterlist *out_sg = areq->dst;
211 + unsigned int ivsize = crypto_ablkcipher_ivsize(tfm);
212 + struct sun4i_cipher_req_ctx *ctx = ablkcipher_request_ctx(areq);
213 + u32 mode = ctx->mode;
214 + /* when activating SS, the default FIFO space is SS_RX_DEFAULT(32) */
215 + u32 rx_cnt = SS_RX_DEFAULT;
220 + unsigned int ileft = areq->nbytes;
221 + unsigned int oleft = areq->nbytes;
223 + struct sg_mapping_iter mi, mo;
224 + unsigned int oi, oo; /* offset for in and out */
225 + char buf[4 * SS_RX_MAX];/* buffer for linearize SG src */
226 + char bufo[4 * SS_TX_MAX]; /* buffer for linearize SG dst */
227 + unsigned int ob = 0; /* offset in buf */
228 + unsigned int obo = 0; /* offset in bufo*/
229 + unsigned int obl = 0; /* length of data in bufo */
231 + if (areq->nbytes == 0)
235 + dev_err_ratelimited(ss->dev, "ERROR: Empty IV\n");
239 + if (!areq->src || !areq->dst) {
240 + dev_err_ratelimited(ss->dev, "ERROR: Some SGs are NULL\n");
245 + * if we have only SGs with size multiple of 4,
246 + * we can use the SS optimized function
248 + while (in_sg && no_chunk == 1) {
249 + if ((in_sg->length % 4) != 0)
251 + in_sg = sg_next(in_sg);
253 + while (out_sg && no_chunk == 1) {
254 + if ((out_sg->length % 4) != 0)
256 + out_sg = sg_next(out_sg);
260 + return sun4i_ss_opti_poll(areq);
262 + spin_lock_bh(&ss->slock);
264 + for (i = 0; i < op->keylen; i += 4)
265 + writel(*(op->key + i / 4), ss->base + SS_KEY0 + i);
268 + for (i = 0; i < 4 && i < ivsize / 4; i++) {
269 + v = *(u32 *)(areq->info + i * 4);
270 + writel(v, ss->base + SS_IV0 + i * 4);
273 + writel(mode, ss->base + SS_CTL);
275 + sg_miter_start(&mi, areq->src, sg_nents(areq->src),
276 + SG_MITER_FROM_SG | SG_MITER_ATOMIC);
277 + sg_miter_start(&mo, areq->dst, sg_nents(areq->dst),
278 + SG_MITER_TO_SG | SG_MITER_ATOMIC);
279 + sg_miter_next(&mi);
280 + sg_miter_next(&mo);
281 + if (!mi.addr || !mo.addr) {
282 + dev_err_ratelimited(ss->dev, "ERROR: sg_miter return null\n");
286 + ileft = areq->nbytes;
287 + oleft = areq->nbytes;
291 + while (oleft > 0) {
294 + * todo is the number of consecutive 4byte word that we
295 + * can read from current SG
297 + todo = min3(rx_cnt, ileft / 4, (mi.length - oi) / 4);
298 + if (todo > 0 && ob == 0) {
299 + writesl(ss->base + SS_RXFIFO, mi.addr + oi,
305 + * not enough consecutive bytes, so we need to
306 + * linearize in buf. todo is in bytes
307 + * After that copy, if we have a multiple of 4
308 + * we need to be able to write all buf in one
309 + * pass, so it is why we min() with rx_cnt
311 + todo = min3(rx_cnt * 4 - ob, ileft,
313 + memcpy(buf + ob, mi.addr + oi, todo);
318 + writesl(ss->base + SS_RXFIFO, buf,
323 + if (oi == mi.length) {
324 + sg_miter_next(&mi);
329 + spaces = readl(ss->base + SS_FCSR);
330 + rx_cnt = SS_RXFIFO_SPACES(spaces);
331 + tx_cnt = SS_TXFIFO_SPACES(spaces);
332 + dev_dbg(ss->dev, "%x %u/%u %u/%u cnt=%u %u/%u %u/%u cnt=%u %u %u\n",
334 + oi, mi.length, ileft, areq->nbytes, rx_cnt,
335 + oo, mo.length, oleft, areq->nbytes, tx_cnt,
340 + /* todo in 4bytes word */
341 + todo = min3(tx_cnt, oleft / 4, (mo.length - oo) / 4);
343 + readsl(ss->base + SS_TXFIFO, mo.addr + oo, todo);
346 + if (oo == mo.length) {
347 + sg_miter_next(&mo);
352 + * read obl bytes in bufo, we read at maximum for
353 + * emptying the device
355 + readsl(ss->base + SS_TXFIFO, bufo, tx_cnt);
360 + * how many bytes we can copy ?
361 + * no more than remaining SG size
362 + * no more than remaining buffer
363 + * no need to test against oleft
365 + todo = min(mo.length - oo, obl - obo);
366 + memcpy(mo.addr + oo, bufo + obo, todo);
370 + if (oo == mo.length) {
371 + sg_miter_next(&mo);
374 + } while (obo < obl);
375 + /* bufo must be fully used here */
379 + for (i = 0; i < 4 && i < ivsize / 4; i++) {
380 + v = readl(ss->base + SS_IV0 + i * 4);
381 + *(u32 *)(areq->info + i * 4) = v;
386 + sg_miter_stop(&mi);
387 + sg_miter_stop(&mo);
388 + writel(0, ss->base + SS_CTL);
389 + spin_unlock_bh(&ss->slock);
395 +int sun4i_ss_cbc_aes_encrypt(struct ablkcipher_request *areq)
397 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
398 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
399 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
401 + rctx->mode = SS_OP_AES | SS_CBC | SS_ENABLED | SS_ENCRYPTION |
403 + return sun4i_ss_cipher_poll(areq);
406 +int sun4i_ss_cbc_aes_decrypt(struct ablkcipher_request *areq)
408 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
409 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
410 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
412 + rctx->mode = SS_OP_AES | SS_CBC | SS_ENABLED | SS_DECRYPTION |
414 + return sun4i_ss_cipher_poll(areq);
418 +int sun4i_ss_ecb_aes_encrypt(struct ablkcipher_request *areq)
420 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
421 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
422 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
424 + rctx->mode = SS_OP_AES | SS_ECB | SS_ENABLED | SS_ENCRYPTION |
426 + return sun4i_ss_cipher_poll(areq);
429 +int sun4i_ss_ecb_aes_decrypt(struct ablkcipher_request *areq)
431 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
432 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
433 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
435 + rctx->mode = SS_OP_AES | SS_ECB | SS_ENABLED | SS_DECRYPTION |
437 + return sun4i_ss_cipher_poll(areq);
441 +int sun4i_ss_cbc_des_encrypt(struct ablkcipher_request *areq)
443 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
444 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
445 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
447 + rctx->mode = SS_OP_DES | SS_CBC | SS_ENABLED | SS_ENCRYPTION |
449 + return sun4i_ss_cipher_poll(areq);
452 +int sun4i_ss_cbc_des_decrypt(struct ablkcipher_request *areq)
454 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
455 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
456 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
458 + rctx->mode = SS_OP_DES | SS_CBC | SS_ENABLED | SS_DECRYPTION |
460 + return sun4i_ss_cipher_poll(areq);
464 +int sun4i_ss_ecb_des_encrypt(struct ablkcipher_request *areq)
466 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
467 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
468 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
470 + rctx->mode = SS_OP_DES | SS_ECB | SS_ENABLED | SS_ENCRYPTION |
472 + return sun4i_ss_cipher_poll(areq);
475 +int sun4i_ss_ecb_des_decrypt(struct ablkcipher_request *areq)
477 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
478 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
479 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
481 + rctx->mode = SS_OP_DES | SS_ECB | SS_ENABLED | SS_DECRYPTION |
483 + return sun4i_ss_cipher_poll(areq);
487 +int sun4i_ss_cbc_des3_encrypt(struct ablkcipher_request *areq)
489 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
490 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
491 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
493 + rctx->mode = SS_OP_3DES | SS_CBC | SS_ENABLED | SS_ENCRYPTION |
495 + return sun4i_ss_cipher_poll(areq);
498 +int sun4i_ss_cbc_des3_decrypt(struct ablkcipher_request *areq)
500 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
501 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
502 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
504 + rctx->mode = SS_OP_3DES | SS_CBC | SS_ENABLED | SS_DECRYPTION |
506 + return sun4i_ss_cipher_poll(areq);
510 +int sun4i_ss_ecb_des3_encrypt(struct ablkcipher_request *areq)
512 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
513 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
514 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
516 + rctx->mode = SS_OP_3DES | SS_ECB | SS_ENABLED | SS_ENCRYPTION |
518 + return sun4i_ss_cipher_poll(areq);
521 +int sun4i_ss_ecb_des3_decrypt(struct ablkcipher_request *areq)
523 + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
524 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
525 + struct sun4i_cipher_req_ctx *rctx = ablkcipher_request_ctx(areq);
527 + rctx->mode = SS_OP_3DES | SS_ECB | SS_ENABLED | SS_DECRYPTION |
529 + return sun4i_ss_cipher_poll(areq);
532 +int sun4i_ss_cipher_init(struct crypto_tfm *tfm)
534 + struct sun4i_tfm_ctx *op = crypto_tfm_ctx(tfm);
535 + struct crypto_alg *alg = tfm->__crt_alg;
536 + struct sun4i_ss_alg_template *algt;
538 + memset(op, 0, sizeof(struct sun4i_tfm_ctx));
540 + algt = container_of(alg, struct sun4i_ss_alg_template, alg.crypto);
543 + tfm->crt_ablkcipher.reqsize = sizeof(struct sun4i_cipher_req_ctx);
548 +/* check and set the AES key, prepare the mode to be used */
549 +int sun4i_ss_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
550 + unsigned int keylen)
552 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
553 + struct sun4i_ss_ctx *ss = op->ss;
557 + op->keymode = SS_AES_128BITS;
560 + op->keymode = SS_AES_192BITS;
563 + op->keymode = SS_AES_256BITS;
566 + dev_err(ss->dev, "ERROR: Invalid keylen %u\n", keylen);
567 + crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
570 + op->keylen = keylen;
571 + memcpy(op->key, key, keylen);
575 +/* check and set the DES key, prepare the mode to be used */
576 +int sun4i_ss_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
577 + unsigned int keylen)
579 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
580 + struct sun4i_ss_ctx *ss = op->ss;
582 + u32 tmp[DES_EXPKEY_WORDS];
585 + if (unlikely(keylen != DES_KEY_SIZE)) {
586 + dev_err(ss->dev, "Invalid keylen %u\n", keylen);
587 + crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
591 + flags = crypto_ablkcipher_get_flags(tfm);
593 + ret = des_ekey(tmp, key);
594 + if (unlikely(ret == 0) && (flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
595 + crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
596 + dev_dbg(ss->dev, "Weak key %u\n", keylen);
600 + op->keylen = keylen;
601 + memcpy(op->key, key, keylen);
605 +/* check and set the 3DES key, prepare the mode to be used */
606 +int sun4i_ss_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
607 + unsigned int keylen)
609 + struct sun4i_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
610 + struct sun4i_ss_ctx *ss = op->ss;
612 + if (unlikely(keylen != 3 * DES_KEY_SIZE)) {
613 + dev_err(ss->dev, "Invalid keylen %u\n", keylen);
614 + crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
617 + op->keylen = keylen;
618 + memcpy(op->key, key, keylen);
621 diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-core.c b/drivers/crypto/sunxi-ss/sun4i-ss-core.c
623 index 0000000..0b79b58
625 +++ b/drivers/crypto/sunxi-ss/sun4i-ss-core.c
628 + * sun4i-ss-core.c - hardware cryptographic accelerator for Allwinner A20 SoC
630 + * Copyright (C) 2013-2015 Corentin LABBE <clabbe.montjoie@gmail.com>
632 + * Core file which registers crypto algorithms supported by the SS.
634 + * You could find a link for the datasheet in Documentation/arm/sunxi/README
636 + * This program is free software; you can redistribute it and/or modify
637 + * it under the terms of the GNU General Public License as published by
638 + * the Free Software Foundation; either version 2 of the License, or
639 + * (at your option) any later version.
641 +#include <linux/clk.h>
642 +#include <linux/crypto.h>
643 +#include <linux/io.h>
644 +#include <linux/module.h>
645 +#include <linux/of.h>
646 +#include <linux/platform_device.h>
647 +#include <crypto/scatterwalk.h>
648 +#include <linux/scatterlist.h>
649 +#include <linux/interrupt.h>
650 +#include <linux/delay.h>
652 +#include "sun4i-ss.h"
654 +static struct sun4i_ss_alg_template ss_algs[] = {
655 +{ .type = CRYPTO_ALG_TYPE_AHASH,
658 + .init = sun4i_hash_init,
659 + .update = sun4i_hash_update,
660 + .final = sun4i_hash_final,
661 + .finup = sun4i_hash_finup,
662 + .digest = sun4i_hash_digest,
663 + .export = sun4i_hash_export_md5,
664 + .import = sun4i_hash_import_md5,
666 + .digestsize = MD5_DIGEST_SIZE,
669 + .cra_driver_name = "md5-sun4i-ss",
670 + .cra_priority = 300,
671 + .cra_alignmask = 3,
672 + .cra_flags = CRYPTO_ALG_TYPE_AHASH,
673 + .cra_blocksize = MD5_HMAC_BLOCK_SIZE,
674 + .cra_ctxsize = sizeof(struct sun4i_req_ctx),
675 + .cra_module = THIS_MODULE,
676 + .cra_type = &crypto_ahash_type,
677 + .cra_init = sun4i_hash_crainit
682 +{ .type = CRYPTO_ALG_TYPE_AHASH,
683 + .mode = SS_OP_SHA1,
685 + .init = sun4i_hash_init,
686 + .update = sun4i_hash_update,
687 + .final = sun4i_hash_final,
688 + .finup = sun4i_hash_finup,
689 + .digest = sun4i_hash_digest,
690 + .export = sun4i_hash_export_sha1,
691 + .import = sun4i_hash_import_sha1,
693 + .digestsize = SHA1_DIGEST_SIZE,
695 + .cra_name = "sha1",
696 + .cra_driver_name = "sha1-sun4i-ss",
697 + .cra_priority = 300,
698 + .cra_alignmask = 3,
699 + .cra_flags = CRYPTO_ALG_TYPE_AHASH,
700 + .cra_blocksize = SHA1_BLOCK_SIZE,
701 + .cra_ctxsize = sizeof(struct sun4i_req_ctx),
702 + .cra_module = THIS_MODULE,
703 + .cra_type = &crypto_ahash_type,
704 + .cra_init = sun4i_hash_crainit
709 +{ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
711 + .cra_name = "cbc(aes)",
712 + .cra_driver_name = "cbc-aes-sun4i-ss",
713 + .cra_priority = 300,
714 + .cra_blocksize = AES_BLOCK_SIZE,
715 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
716 + .cra_ctxsize = sizeof(struct sun4i_tfm_ctx),
717 + .cra_module = THIS_MODULE,
718 + .cra_alignmask = 3,
719 + .cra_type = &crypto_ablkcipher_type,
720 + .cra_init = sun4i_ss_cipher_init,
721 + .cra_ablkcipher = {
722 + .min_keysize = AES_MIN_KEY_SIZE,
723 + .max_keysize = AES_MAX_KEY_SIZE,
724 + .ivsize = AES_BLOCK_SIZE,
725 + .setkey = sun4i_ss_aes_setkey,
726 + .encrypt = sun4i_ss_cbc_aes_encrypt,
727 + .decrypt = sun4i_ss_cbc_aes_decrypt,
731 +{ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
733 + .cra_name = "ecb(aes)",
734 + .cra_driver_name = "ecb-aes-sun4i-ss",
735 + .cra_priority = 300,
736 + .cra_blocksize = AES_BLOCK_SIZE,
737 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
738 + .cra_ctxsize = sizeof(struct sun4i_tfm_ctx),
739 + .cra_module = THIS_MODULE,
740 + .cra_alignmask = 3,
741 + .cra_type = &crypto_ablkcipher_type,
742 + .cra_init = sun4i_ss_cipher_init,
743 + .cra_ablkcipher = {
744 + .min_keysize = AES_MIN_KEY_SIZE,
745 + .max_keysize = AES_MAX_KEY_SIZE,
746 + .ivsize = AES_BLOCK_SIZE,
747 + .setkey = sun4i_ss_aes_setkey,
748 + .encrypt = sun4i_ss_ecb_aes_encrypt,
749 + .decrypt = sun4i_ss_ecb_aes_decrypt,
753 +{ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
755 + .cra_name = "cbc(des)",
756 + .cra_driver_name = "cbc-des-sun4i-ss",
757 + .cra_priority = 300,
758 + .cra_blocksize = DES_BLOCK_SIZE,
759 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
760 + .cra_ctxsize = sizeof(struct sun4i_req_ctx),
761 + .cra_module = THIS_MODULE,
762 + .cra_alignmask = 3,
763 + .cra_type = &crypto_ablkcipher_type,
764 + .cra_init = sun4i_ss_cipher_init,
765 + .cra_u.ablkcipher = {
766 + .min_keysize = DES_KEY_SIZE,
767 + .max_keysize = DES_KEY_SIZE,
768 + .ivsize = DES_BLOCK_SIZE,
769 + .setkey = sun4i_ss_des_setkey,
770 + .encrypt = sun4i_ss_cbc_des_encrypt,
771 + .decrypt = sun4i_ss_cbc_des_decrypt,
775 +{ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
777 + .cra_name = "ecb(des)",
778 + .cra_driver_name = "ecb-des-sun4i-ss",
779 + .cra_priority = 300,
780 + .cra_blocksize = DES_BLOCK_SIZE,
781 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
782 + .cra_ctxsize = sizeof(struct sun4i_req_ctx),
783 + .cra_module = THIS_MODULE,
784 + .cra_alignmask = 3,
785 + .cra_type = &crypto_ablkcipher_type,
786 + .cra_init = sun4i_ss_cipher_init,
787 + .cra_u.ablkcipher = {
788 + .min_keysize = DES_KEY_SIZE,
789 + .max_keysize = DES_KEY_SIZE,
790 + .setkey = sun4i_ss_des_setkey,
791 + .encrypt = sun4i_ss_ecb_des_encrypt,
792 + .decrypt = sun4i_ss_ecb_des_decrypt,
796 +{ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
798 + .cra_name = "cbc(des3_ede)",
799 + .cra_driver_name = "cbc-des3-sun4i-ss",
800 + .cra_priority = 300,
801 + .cra_blocksize = DES3_EDE_BLOCK_SIZE,
802 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
803 + .cra_ctxsize = sizeof(struct sun4i_req_ctx),
804 + .cra_module = THIS_MODULE,
805 + .cra_alignmask = 3,
806 + .cra_type = &crypto_ablkcipher_type,
807 + .cra_init = sun4i_ss_cipher_init,
808 + .cra_u.ablkcipher = {
809 + .min_keysize = DES3_EDE_KEY_SIZE,
810 + .max_keysize = DES3_EDE_KEY_SIZE,
811 + .ivsize = DES3_EDE_BLOCK_SIZE,
812 + .setkey = sun4i_ss_des3_setkey,
813 + .encrypt = sun4i_ss_cbc_des3_encrypt,
814 + .decrypt = sun4i_ss_cbc_des3_decrypt,
818 +{ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
820 + .cra_name = "ecb(des3_ede)",
821 + .cra_driver_name = "ecb-des3-sun4i-ss",
822 + .cra_priority = 300,
823 + .cra_blocksize = DES3_EDE_BLOCK_SIZE,
824 + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
825 + .cra_ctxsize = sizeof(struct sun4i_req_ctx),
826 + .cra_module = THIS_MODULE,
827 + .cra_alignmask = 3,
828 + .cra_type = &crypto_ablkcipher_type,
829 + .cra_init = sun4i_ss_cipher_init,
830 + .cra_u.ablkcipher = {
831 + .min_keysize = DES3_EDE_KEY_SIZE,
832 + .max_keysize = DES3_EDE_KEY_SIZE,
833 + .ivsize = DES3_EDE_BLOCK_SIZE,
834 + .setkey = sun4i_ss_des3_setkey,
835 + .encrypt = sun4i_ss_ecb_des3_encrypt,
836 + .decrypt = sun4i_ss_ecb_des3_decrypt,
842 +static int sun4i_ss_probe(struct platform_device *pdev)
844 + struct resource *res;
848 + const unsigned long cr_ahb = 24 * 1000 * 1000;
849 + const unsigned long cr_mod = 150 * 1000 * 1000;
850 + struct sun4i_ss_ctx *ss;
852 + if (!pdev->dev.of_node)
855 + ss = devm_kzalloc(&pdev->dev, sizeof(*ss), GFP_KERNEL);
859 + res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
860 + ss->base = devm_ioremap_resource(&pdev->dev, res);
861 + if (IS_ERR(ss->base)) {
862 + dev_err(&pdev->dev, "Cannot request MMIO\n");
863 + return PTR_ERR(ss->base);
866 + ss->ssclk = devm_clk_get(&pdev->dev, "mod");
867 + if (IS_ERR(ss->ssclk)) {
868 + err = PTR_ERR(ss->ssclk);
869 + dev_err(&pdev->dev, "Cannot get SS clock err=%d\n", err);
872 + dev_dbg(&pdev->dev, "clock ss acquired\n");
874 + ss->busclk = devm_clk_get(&pdev->dev, "ahb");
875 + if (IS_ERR(ss->busclk)) {
876 + err = PTR_ERR(ss->busclk);
877 + dev_err(&pdev->dev, "Cannot get AHB SS clock err=%d\n", err);
880 + dev_dbg(&pdev->dev, "clock ahb_ss acquired\n");
882 + /* Enable both clocks */
883 + err = clk_prepare_enable(ss->busclk);
885 + dev_err(&pdev->dev, "Cannot prepare_enable busclk\n");
888 + err = clk_prepare_enable(ss->ssclk);
890 + dev_err(&pdev->dev, "Cannot prepare_enable ssclk\n");
895 + * Check that clock have the correct rates given in the datasheet
896 + * Try to set the clock to the maximum allowed
898 + err = clk_set_rate(ss->ssclk, cr_mod);
900 + dev_err(&pdev->dev, "Cannot set clock rate to ssclk\n");
905 + * The only impact on clocks below requirement are bad performance,
906 + * so do not print "errors"
907 + * warn on Overclocked clocks
909 + cr = clk_get_rate(ss->busclk);
911 + dev_dbg(&pdev->dev, "Clock bus %lu (%lu MHz) (must be >= %lu)\n",
912 + cr, cr / 1000000, cr_ahb);
914 + dev_warn(&pdev->dev, "Clock bus %lu (%lu MHz) (must be >= %lu)\n",
915 + cr, cr / 1000000, cr_ahb);
917 + cr = clk_get_rate(ss->ssclk);
920 + dev_warn(&pdev->dev, "Clock ss %lu (%lu MHz) (must be <= %lu)\n",
921 + cr, cr / 1000000, cr_mod);
923 + dev_dbg(&pdev->dev, "Clock ss %lu (%lu MHz) (must be <= %lu)\n",
924 + cr, cr / 1000000, cr_mod);
926 + dev_warn(&pdev->dev, "Clock ss is at %lu (%lu MHz) (must be <= %lu)\n",
927 + cr, cr / 1000000, cr_mod);
930 + * Datasheet named it "Die Bonding ID"
931 + * I expect to be a sort of Security System Revision number.
932 + * Since the A80 seems to have an other version of SS
933 + * this info could be useful
935 + writel(SS_ENABLED, ss->base + SS_CTL);
936 + v = readl(ss->base + SS_CTL);
939 + dev_info(&pdev->dev, "Die ID %d\n", v);
940 + writel(0, ss->base + SS_CTL);
942 + ss->dev = &pdev->dev;
944 + spin_lock_init(&ss->slock);
946 + for (i = 0; i < ARRAY_SIZE(ss_algs); i++) {
947 + ss_algs[i].ss = ss;
948 + switch (ss_algs[i].type) {
949 + case CRYPTO_ALG_TYPE_ABLKCIPHER:
950 + err = crypto_register_alg(&ss_algs[i].alg.crypto);
952 + dev_err(ss->dev, "Fail to register %s\n",
953 + ss_algs[i].alg.crypto.cra_name);
957 + case CRYPTO_ALG_TYPE_AHASH:
958 + err = crypto_register_ahash(&ss_algs[i].alg.hash);
960 + dev_err(ss->dev, "Fail to register %s\n",
961 + ss_algs[i].alg.hash.halg.base.cra_name);
967 + platform_set_drvdata(pdev, ss);
971 + for (; i >= 0; i--) {
972 + switch (ss_algs[i].type) {
973 + case CRYPTO_ALG_TYPE_ABLKCIPHER:
974 + crypto_unregister_alg(&ss_algs[i].alg.crypto);
976 + case CRYPTO_ALG_TYPE_AHASH:
977 + crypto_unregister_ahash(&ss_algs[i].alg.hash);
982 + clk_disable_unprepare(ss->ssclk);
984 + clk_disable_unprepare(ss->busclk);
988 +static int sun4i_ss_remove(struct platform_device *pdev)
991 + struct sun4i_ss_ctx *ss = platform_get_drvdata(pdev);
993 + for (i = 0; i < ARRAY_SIZE(ss_algs); i++) {
994 + switch (ss_algs[i].type) {
995 + case CRYPTO_ALG_TYPE_ABLKCIPHER:
996 + crypto_unregister_alg(&ss_algs[i].alg.crypto);
998 + case CRYPTO_ALG_TYPE_AHASH:
999 + crypto_unregister_ahash(&ss_algs[i].alg.hash);
1004 + writel(0, ss->base + SS_CTL);
1005 + clk_disable_unprepare(ss->busclk);
1006 + clk_disable_unprepare(ss->ssclk);
1010 +static const struct of_device_id a20ss_crypto_of_match_table[] = {
1011 + { .compatible = "allwinner,sun4i-a10-crypto" },
1014 +MODULE_DEVICE_TABLE(of, a20ss_crypto_of_match_table);
1016 +static struct platform_driver sun4i_ss_driver = {
1017 + .probe = sun4i_ss_probe,
1018 + .remove = sun4i_ss_remove,
1020 + .name = "sun4i-ss",
1021 + .of_match_table = a20ss_crypto_of_match_table,
1025 +module_platform_driver(sun4i_ss_driver);
1027 +MODULE_DESCRIPTION("Allwinner Security System cryptographic accelerator");
1028 +MODULE_LICENSE("GPL");
1029 +MODULE_AUTHOR("Corentin LABBE <clabbe.montjoie@gmail.com>");
1030 diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-hash.c b/drivers/crypto/sunxi-ss/sun4i-ss-hash.c
1031 new file mode 100644
1032 index 0000000..ff80314
1034 +++ b/drivers/crypto/sunxi-ss/sun4i-ss-hash.c
1037 + * sun4i-ss-hash.c - hardware cryptographic accelerator for Allwinner A20 SoC
1039 + * Copyright (C) 2013-2015 Corentin LABBE <clabbe.montjoie@gmail.com>
1041 + * This file add support for MD5 and SHA1.
1043 + * You could find the datasheet in Documentation/arm/sunxi/README
1045 + * This program is free software; you can redistribute it and/or modify
1046 + * it under the terms of the GNU General Public License as published by
1047 + * the Free Software Foundation; either version 2 of the License, or
1048 + * (at your option) any later version.
1050 +#include "sun4i-ss.h"
1051 +#include <linux/scatterlist.h>
1053 +/* This is a totally arbitrary value */
1054 +#define SS_TIMEOUT 100
1056 +int sun4i_hash_crainit(struct crypto_tfm *tfm)
1058 + crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
1059 + sizeof(struct sun4i_req_ctx));
1063 +/* sun4i_hash_init: initialize request context */
1064 +int sun4i_hash_init(struct ahash_request *areq)
1066 + struct sun4i_req_ctx *op = ahash_request_ctx(areq);
1067 + struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1068 + struct ahash_alg *alg = __crypto_ahash_alg(tfm->base.__crt_alg);
1069 + struct sun4i_ss_alg_template *algt;
1070 + struct sun4i_ss_ctx *ss;
1072 + memset(op, 0, sizeof(struct sun4i_req_ctx));
1074 + algt = container_of(alg, struct sun4i_ss_alg_template, alg.hash);
1076 + op->ss = algt->ss;
1077 + op->mode = algt->mode;
1082 +int sun4i_hash_export_md5(struct ahash_request *areq, void *out)
1084 + struct sun4i_req_ctx *op = ahash_request_ctx(areq);
1085 + struct md5_state *octx = out;
1088 + octx->byte_count = op->byte_count + op->len;
1090 + memcpy(octx->block, op->buf, op->len);
1092 + if (op->byte_count > 0) {
1093 + for (i = 0; i < 4; i++)
1094 + octx->hash[i] = op->hash[i];
1096 + octx->hash[0] = SHA1_H0;
1097 + octx->hash[1] = SHA1_H1;
1098 + octx->hash[2] = SHA1_H2;
1099 + octx->hash[3] = SHA1_H3;
1105 +int sun4i_hash_import_md5(struct ahash_request *areq, const void *in)
1107 + struct sun4i_req_ctx *op = ahash_request_ctx(areq);
1108 + const struct md5_state *ictx = in;
1111 + sun4i_hash_init(areq);
1113 + op->byte_count = ictx->byte_count & ~0x3F;
1114 + op->len = ictx->byte_count & 0x3F;
1116 + memcpy(op->buf, ictx->block, op->len);
1118 + for (i = 0; i < 4; i++)
1119 + op->hash[i] = ictx->hash[i];
1124 +int sun4i_hash_export_sha1(struct ahash_request *areq, void *out)
1126 + struct sun4i_req_ctx *op = ahash_request_ctx(areq);
1127 + struct sha1_state *octx = out;
1130 + octx->count = op->byte_count + op->len;
1132 + memcpy(octx->buffer, op->buf, op->len);
1134 + if (op->byte_count > 0) {
1135 + for (i = 0; i < 5; i++)
1136 + octx->state[i] = op->hash[i];
1138 + octx->state[0] = SHA1_H0;
1139 + octx->state[1] = SHA1_H1;
1140 + octx->state[2] = SHA1_H2;
1141 + octx->state[3] = SHA1_H3;
1142 + octx->state[4] = SHA1_H4;
1148 +int sun4i_hash_import_sha1(struct ahash_request *areq, const void *in)
1150 + struct sun4i_req_ctx *op = ahash_request_ctx(areq);
1151 + const struct sha1_state *ictx = in;
1154 + sun4i_hash_init(areq);
1156 + op->byte_count = ictx->count & ~0x3F;
1157 + op->len = ictx->count & 0x3F;
1159 + memcpy(op->buf, ictx->buffer, op->len);
1161 + for (i = 0; i < 5; i++)
1162 + op->hash[i] = ictx->state[i];
1168 + * sun4i_hash_update: update hash engine
1170 + * Could be used for both SHA1 and MD5
1171 + * Write data by step of 32bits and put then in the SS.
1173 + * Since we cannot leave partial data and hash state in the engine,
1174 + * we need to get the hash state at the end of this function.
1175 + * We can get the hash state every 64 bytes
1177 + * So the first work is to get the number of bytes to write to SS modulo 64
1178 + * The extra bytes will go to a temporary buffer op->buf storing op->len bytes
1180 + * So at the begin of update()
1181 + * if op->len + areq->nbytes < 64
1182 + * => all data will be written to wait buffer (op->buf) and end=0
1183 + * if not, write all data from op->buf to the device and position end to
1184 + * complete to 64bytes
1187 + * update1 60o => op->len=60
1188 + * update2 60o => need one more word to have 64 bytes
1190 + * so write all data from op->buf and one word of SGs
1191 + * write remaining data in op->buf
1192 + * final state op->len=56
1194 +int sun4i_hash_update(struct ahash_request *areq)
1196 + u32 v, ivmode = 0;
1197 + unsigned int i = 0;
1199 + * i is the total bytes read from SGs, to be compared to areq->nbytes
1200 + * i is important because we cannot rely on SG length since the sum of
1201 + * SG->length could be greater than areq->nbytes
1204 + struct sun4i_req_ctx *op = ahash_request_ctx(areq);
1205 + struct sun4i_ss_ctx *ss = op->ss;
1206 + struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1207 + unsigned int in_i = 0; /* advancement in the current SG */
1210 + * end is the position when we need to stop writing to the device,
1211 + * to be compared to i
1213 + int in_r, err = 0;
1214 + unsigned int todo;
1215 + u32 spaces, rx_cnt = SS_RX_DEFAULT;
1216 + size_t copied = 0;
1217 + struct sg_mapping_iter mi;
1219 + dev_dbg(ss->dev, "%s %s bc=%llu len=%u mode=%x wl=%u h0=%0x",
1220 + __func__, crypto_tfm_alg_name(areq->base.tfm),
1221 + op->byte_count, areq->nbytes, op->mode,
1222 + op->len, op->hash[0]);
1224 + if (areq->nbytes == 0)
1227 + /* protect against overflow */
1228 + if (areq->nbytes > UINT_MAX - op->len) {
1229 + dev_err(ss->dev, "Cannot process too large request\n");
1233 + if (op->len + areq->nbytes < 64) {
1234 + /* linearize data to op->buf */
1235 + copied = sg_pcopy_to_buffer(areq->src, sg_nents(areq->src),
1236 + op->buf + op->len, areq->nbytes, 0);
1237 + op->len += copied;
1241 + end = ((areq->nbytes + op->len) / 64) * 64 - op->len;
1243 + if (end > areq->nbytes || areq->nbytes - end > 63) {
1244 + dev_err(ss->dev, "ERROR: Bound error %u %u\n",
1245 + end, areq->nbytes);
1249 + spin_lock_bh(&ss->slock);
1252 + * if some data have been processed before,
1253 + * we need to restore the partial hash state
1255 + if (op->byte_count > 0) {
1256 + ivmode = SS_IV_ARBITRARY;
1257 + for (i = 0; i < 5; i++)
1258 + writel(op->hash[i], ss->base + SS_IV0 + i * 4);
1260 + /* Enable the device */
1261 + writel(op->mode | SS_ENABLED | ivmode, ss->base + SS_CTL);
1264 + sg_miter_start(&mi, areq->src, sg_nents(areq->src),
1265 + SG_MITER_FROM_SG | SG_MITER_ATOMIC);
1266 + sg_miter_next(&mi);
1271 + * we need to linearize in two case:
1272 + * - the buffer is already used
1273 + * - the SG does not have enough byte remaining ( < 4)
1275 + if (op->len > 0 || (mi.length - in_i) < 4) {
1277 + * if we have entered here we have two reason to stop
1278 + * - the buffer is full
1281 + while (op->len < 64 && i < end) {
1282 + /* how many bytes we can read from current SG */
1283 + in_r = min3(mi.length - in_i, end - i,
1285 + memcpy(op->buf + op->len, mi.addr + in_i, in_r);
1289 + if (in_i == mi.length) {
1290 + sg_miter_next(&mi);
1294 + if (op->len > 3 && (op->len % 4) == 0) {
1295 + /* write buf to the device */
1296 + writesl(ss->base + SS_RXFIFO, op->buf,
1298 + op->byte_count += op->len;
1302 + if (mi.length - in_i > 3 && i < end) {
1303 + /* how many bytes we can read from current SG */
1304 + in_r = min3(mi.length - in_i, areq->nbytes - i,
1305 + ((mi.length - in_i) / 4) * 4);
1306 + /* how many bytes we can write in the device*/
1307 + todo = min3((u32)(end - i) / 4, rx_cnt, (u32)in_r / 4);
1308 + writesl(ss->base + SS_RXFIFO, mi.addr + in_i, todo);
1309 + op->byte_count += todo * 4;
1313 + if (rx_cnt == 0) {
1314 + spaces = readl(ss->base + SS_FCSR);
1315 + rx_cnt = SS_RXFIFO_SPACES(spaces);
1317 + if (in_i == mi.length) {
1318 + sg_miter_next(&mi);
1322 + } while (i < end);
1323 + /* final linear */
1324 + if ((areq->nbytes - i) < 64) {
1325 + while (i < areq->nbytes && in_i < mi.length && op->len < 64) {
1326 + /* how many bytes we can read from current SG */
1327 + in_r = min3(mi.length - in_i, areq->nbytes - i,
1329 + memcpy(op->buf + op->len, mi.addr + in_i, in_r);
1333 + if (in_i == mi.length) {
1334 + sg_miter_next(&mi);
1340 + sg_miter_stop(&mi);
1342 + writel(op->mode | SS_ENABLED | SS_DATA_END, ss->base + SS_CTL);
1345 + v = readl(ss->base + SS_CTL);
1347 + } while (i < SS_TIMEOUT && (v & SS_DATA_END) > 0);
1348 + if (i >= SS_TIMEOUT) {
1349 + dev_err_ratelimited(ss->dev,
1350 + "ERROR: hash end timeout %d>%d ctl=%x len=%u\n",
1351 + i, SS_TIMEOUT, v, areq->nbytes);
1356 + /* get the partial hash only if something was written */
1357 + for (i = 0; i < crypto_ahash_digestsize(tfm) / 4; i++)
1358 + op->hash[i] = readl(ss->base + SS_MD0 + i * 4);
1361 + writel(0, ss->base + SS_CTL);
1362 + spin_unlock_bh(&ss->slock);
1367 + * sun4i_hash_final: finalize hashing operation
1369 + * If we have some remaining bytes, we write them.
1370 + * Then ask the SS for finalizing the hashing operation
1372 + * I do not check RX FIFO size in this function since the size is 32
1373 + * after each enabling and this function neither write more than 32 words.
1375 +int sun4i_hash_final(struct ahash_request *areq)
1377 + u32 v, ivmode = 0;
1379 + unsigned int j = 0;
1380 + int zeros, err = 0;
1381 + unsigned int index, padlen;
1383 + struct sun4i_req_ctx *op = ahash_request_ctx(areq);
1384 + struct sun4i_ss_ctx *ss = op->ss;
1385 + struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1388 + unsigned int nwait, nbw = 0;
1390 + dev_dbg(ss->dev, "%s: byte=%llu len=%u mode=%x wl=%u h=%x",
1391 + __func__, op->byte_count, areq->nbytes, op->mode,
1392 + op->len, op->hash[0]);
1394 + spin_lock_bh(&ss->slock);
1397 + * if we have already written something,
1398 + * restore the partial hash state
1400 + if (op->byte_count > 0) {
1401 + ivmode = SS_IV_ARBITRARY;
1402 + for (i = 0; i < crypto_ahash_digestsize(tfm) / 4; i++)
1403 + writel(op->hash[i], ss->base + SS_IV0 + i * 4);
1405 + writel(op->mode | SS_ENABLED | ivmode, ss->base + SS_CTL);
1407 + /* write the remaining words of the wait buffer */
1408 + if (op->len > 0) {
1409 + nwait = op->len / 4;
1411 + writesl(ss->base + SS_RXFIFO, op->buf, nwait);
1412 + op->byte_count += 4 * nwait;
1414 + nbw = op->len - 4 * nwait;
1415 + wb = *(u32 *)(op->buf + nwait * 4);
1416 + wb &= (0xFFFFFFFF >> (4 - nbw) * 8);
1419 + /* write the remaining bytes of the nbw buffer */
1421 + wb |= ((1 << 7) << (nbw * 8));
1428 + * number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
1429 + * I take the operations from other MD5/SHA1 implementations
1432 + /* we have already send 4 more byte of which nbw data */
1433 + if (op->mode == SS_OP_MD5) {
1434 + index = (op->byte_count + 4) & 0x3f;
1435 + op->byte_count += nbw;
1437 + zeros = (120 - index) / 4;
1439 + zeros = (56 - index) / 4;
1441 + op->byte_count += nbw;
1442 + index = op->byte_count & 0x3f;
1443 + padlen = (index < 56) ? (56 - index) : ((64 + 56) - index);
1444 + zeros = (padlen - 1) / 4;
1447 + memset(bf + j, 0, 4 * zeros);
1450 + /* write the length of data */
1451 + if (op->mode == SS_OP_SHA1) {
1452 + bits = cpu_to_be64(op->byte_count << 3);
1453 + bf[j++] = bits & 0xffffffff;
1454 + bf[j++] = (bits >> 32) & 0xffffffff;
1456 + bf[j++] = (op->byte_count << 3) & 0xffffffff;
1457 + bf[j++] = (op->byte_count >> 29) & 0xffffffff;
1459 + writesl(ss->base + SS_RXFIFO, bf, j);
1461 + /* Tell the SS to stop the hashing */
1462 + writel(op->mode | SS_ENABLED | SS_DATA_END, ss->base + SS_CTL);
1465 + * Wait for SS to finish the hash.
1466 + * The timeout could happen only in case of bad overcloking
1471 + v = readl(ss->base + SS_CTL);
1473 + } while (i < SS_TIMEOUT && (v & SS_DATA_END) > 0);
1474 + if (i >= SS_TIMEOUT) {
1475 + dev_err_ratelimited(ss->dev,
1476 + "ERROR: hash end timeout %d>%d ctl=%x len=%u\n",
1477 + i, SS_TIMEOUT, v, areq->nbytes);
1482 + /* Get the hash from the device */
1483 + if (op->mode == SS_OP_SHA1) {
1484 + for (i = 0; i < 5; i++) {
1485 + v = cpu_to_be32(readl(ss->base + SS_MD0 + i * 4));
1486 + memcpy(areq->result + i * 4, &v, 4);
1489 + for (i = 0; i < 4; i++) {
1490 + v = readl(ss->base + SS_MD0 + i * 4);
1491 + memcpy(areq->result + i * 4, &v, 4);
1496 + writel(0, ss->base + SS_CTL);
1497 + spin_unlock_bh(&ss->slock);
1501 +/* sun4i_hash_finup: finalize hashing operation after an update */
1502 +int sun4i_hash_finup(struct ahash_request *areq)
1506 + err = sun4i_hash_update(areq);
1510 + return sun4i_hash_final(areq);
1513 +/* combo of init/update/final functions */
1514 +int sun4i_hash_digest(struct ahash_request *areq)
1518 + err = sun4i_hash_init(areq);
1522 + err = sun4i_hash_update(areq);
1526 + return sun4i_hash_final(areq);
1528 diff --git a/drivers/crypto/sunxi-ss/sun4i-ss.h b/drivers/crypto/sunxi-ss/sun4i-ss.h
1529 new file mode 100644
1530 index 0000000..db18b255
1532 +++ b/drivers/crypto/sunxi-ss/sun4i-ss.h
1535 + * sun4i-ss.h - hardware cryptographic accelerator for Allwinner A20 SoC
1537 + * Copyright (C) 2013-2015 Corentin LABBE <clabbe.montjoie@gmail.com>
1539 + * Support AES cipher with 128,192,256 bits keysize.
1540 + * Support MD5 and SHA1 hash algorithms.
1541 + * Support DES and 3DES
1543 + * You could find the datasheet in Documentation/arm/sunxi/README
1545 + * Licensed under the GPL-2.
1548 +#include <linux/clk.h>
1549 +#include <linux/crypto.h>
1550 +#include <linux/io.h>
1551 +#include <linux/module.h>
1552 +#include <linux/of.h>
1553 +#include <linux/platform_device.h>
1554 +#include <crypto/scatterwalk.h>
1555 +#include <linux/scatterlist.h>
1556 +#include <linux/interrupt.h>
1557 +#include <linux/delay.h>
1558 +#include <crypto/md5.h>
1559 +#include <crypto/sha.h>
1560 +#include <crypto/hash.h>
1561 +#include <crypto/internal/hash.h>
1562 +#include <crypto/aes.h>
1563 +#include <crypto/des.h>
1564 +#include <crypto/internal/rng.h>
1566 +#define SS_CTL 0x00
1567 +#define SS_KEY0 0x04
1568 +#define SS_KEY1 0x08
1569 +#define SS_KEY2 0x0C
1570 +#define SS_KEY3 0x10
1571 +#define SS_KEY4 0x14
1572 +#define SS_KEY5 0x18
1573 +#define SS_KEY6 0x1C
1574 +#define SS_KEY7 0x20
1576 +#define SS_IV0 0x24
1577 +#define SS_IV1 0x28
1578 +#define SS_IV2 0x2C
1579 +#define SS_IV3 0x30
1581 +#define SS_FCSR 0x44
1583 +#define SS_MD0 0x4C
1584 +#define SS_MD1 0x50
1585 +#define SS_MD2 0x54
1586 +#define SS_MD3 0x58
1587 +#define SS_MD4 0x5C
1589 +#define SS_RXFIFO 0x200
1590 +#define SS_TXFIFO 0x204
1592 +/* SS_CTL configuration values */
1594 +/* PRNG generator mode - bit 15 */
1595 +#define SS_PRNG_ONESHOT (0 << 15)
1596 +#define SS_PRNG_CONTINUE (1 << 15)
1598 +/* IV mode for hash */
1599 +#define SS_IV_ARBITRARY (1 << 14)
1601 +/* SS operation mode - bits 12-13 */
1602 +#define SS_ECB (0 << 12)
1603 +#define SS_CBC (1 << 12)
1604 +#define SS_CTS (3 << 12)
1606 +/* Counter width for CNT mode - bits 10-11 */
1607 +#define SS_CNT_16BITS (0 << 10)
1608 +#define SS_CNT_32BITS (1 << 10)
1609 +#define SS_CNT_64BITS (2 << 10)
1611 +/* Key size for AES - bits 8-9 */
1612 +#define SS_AES_128BITS (0 << 8)
1613 +#define SS_AES_192BITS (1 << 8)
1614 +#define SS_AES_256BITS (2 << 8)
1616 +/* Operation direction - bit 7 */
1617 +#define SS_ENCRYPTION (0 << 7)
1618 +#define SS_DECRYPTION (1 << 7)
1620 +/* SS Method - bits 4-6 */
1621 +#define SS_OP_AES (0 << 4)
1622 +#define SS_OP_DES (1 << 4)
1623 +#define SS_OP_3DES (2 << 4)
1624 +#define SS_OP_SHA1 (3 << 4)
1625 +#define SS_OP_MD5 (4 << 4)
1626 +#define SS_OP_PRNG (5 << 4)
1628 +/* Data end bit - bit 2 */
1629 +#define SS_DATA_END (1 << 2)
1631 +/* PRNG start bit - bit 1 */
1632 +#define SS_PRNG_START (1 << 1)
1634 +/* SS Enable bit - bit 0 */
1635 +#define SS_DISABLED (0 << 0)
1636 +#define SS_ENABLED (1 << 0)
1638 +/* SS_FCSR configuration values */
1639 +/* RX FIFO status - bit 30 */
1640 +#define SS_RXFIFO_FREE (1 << 30)
1642 +/* RX FIFO empty spaces - bits 24-29 */
1643 +#define SS_RXFIFO_SPACES(val) (((val) >> 24) & 0x3f)
1645 +/* TX FIFO status - bit 22 */
1646 +#define SS_TXFIFO_AVAILABLE (1 << 22)
1648 +/* TX FIFO available spaces - bits 16-21 */
1649 +#define SS_TXFIFO_SPACES(val) (((val) >> 16) & 0x3f)
1651 +#define SS_RX_MAX 32
1652 +#define SS_RX_DEFAULT SS_RX_MAX
1653 +#define SS_TX_MAX 33
1655 +#define SS_RXFIFO_EMP_INT_PENDING (1 << 10)
1656 +#define SS_TXFIFO_AVA_INT_PENDING (1 << 8)
1657 +#define SS_RXFIFO_EMP_INT_ENABLE (1 << 2)
1658 +#define SS_TXFIFO_AVA_INT_ENABLE (1 << 0)
1660 +struct sun4i_ss_ctx {
1661 + void __iomem *base;
1663 + struct clk *busclk;
1664 + struct clk *ssclk;
1665 + struct device *dev;
1666 + struct resource *res;
1667 + spinlock_t slock; /* control the use of the device */
1670 +struct sun4i_ss_alg_template {
1674 + struct crypto_alg crypto;
1675 + struct ahash_alg hash;
1677 + struct sun4i_ss_ctx *ss;
1680 +struct sun4i_tfm_ctx {
1681 + u32 key[AES_MAX_KEY_SIZE / 4];/* divided by sizeof(u32) */
1684 + struct sun4i_ss_ctx *ss;
1687 +struct sun4i_cipher_req_ctx {
1691 +struct sun4i_req_ctx {
1693 + u64 byte_count; /* number of bytes "uploaded" to the device */
1694 + u32 hash[5]; /* for storing SS_IVx register */
1697 + struct sun4i_ss_ctx *ss;
1700 +int sun4i_hash_crainit(struct crypto_tfm *tfm);
1701 +int sun4i_hash_init(struct ahash_request *areq);
1702 +int sun4i_hash_update(struct ahash_request *areq);
1703 +int sun4i_hash_final(struct ahash_request *areq);
1704 +int sun4i_hash_finup(struct ahash_request *areq);
1705 +int sun4i_hash_digest(struct ahash_request *areq);
1706 +int sun4i_hash_export_md5(struct ahash_request *areq, void *out);
1707 +int sun4i_hash_import_md5(struct ahash_request *areq, const void *in);
1708 +int sun4i_hash_export_sha1(struct ahash_request *areq, void *out);
1709 +int sun4i_hash_import_sha1(struct ahash_request *areq, const void *in);
1711 +int sun4i_ss_cbc_aes_encrypt(struct ablkcipher_request *areq);
1712 +int sun4i_ss_cbc_aes_decrypt(struct ablkcipher_request *areq);
1713 +int sun4i_ss_ecb_aes_encrypt(struct ablkcipher_request *areq);
1714 +int sun4i_ss_ecb_aes_decrypt(struct ablkcipher_request *areq);
1716 +int sun4i_ss_cbc_des_encrypt(struct ablkcipher_request *areq);
1717 +int sun4i_ss_cbc_des_decrypt(struct ablkcipher_request *areq);
1718 +int sun4i_ss_ecb_des_encrypt(struct ablkcipher_request *areq);
1719 +int sun4i_ss_ecb_des_decrypt(struct ablkcipher_request *areq);
1721 +int sun4i_ss_cbc_des3_encrypt(struct ablkcipher_request *areq);
1722 +int sun4i_ss_cbc_des3_decrypt(struct ablkcipher_request *areq);
1723 +int sun4i_ss_ecb_des3_encrypt(struct ablkcipher_request *areq);
1724 +int sun4i_ss_ecb_des3_decrypt(struct ablkcipher_request *areq);
1726 +int sun4i_ss_cipher_init(struct crypto_tfm *tfm);
1727 +int sun4i_ss_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
1728 + unsigned int keylen);
1729 +int sun4i_ss_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
1730 + unsigned int keylen);
1731 +int sun4i_ss_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
1732 + unsigned int keylen);
projects / openwrt.git / blob