int cc_buffer_mgr_init(struct cc_drvdata *drvdata) { struct buff_mgr_handle *buff_mgr_handle; struct device *dev = drvdata_to_dev(drvdata); buff_mgr_handle = kmalloc(sizeof(*buff_mgr_handle), GFP_KERNEL); if (!buff_mgr_handle) return -ENOMEM; drvdata->buff_mgr_handle = buff_mgr_handle; buff_mgr_handle->mlli_buffs_pool = dma_pool_create("dx_single_mlli_tables", dev, MAX_NUM_OF_TOTAL_MLLI_ENTRIES * LLI_ENTRY_BYTE_SIZE, MLLI_TABLE_MIN_ALIGNMENT, 0); if (!buff_mgr_handle->mlli_buffs_pool) goto error; return 0; error: cc_buffer_mgr_fini(drvdata); return -ENOMEM; }
static void cc_cipher_exit(struct crypto_tfm *tfm) { struct cc_cipher_ctx *ctx_p = crypto_tfm_ctx(tfm); struct device *dev = drvdata_to_dev(ctx_p->drvdata); unsigned int max_key_buf_size = get_max_keysize(tfm); dev_dbg(dev, "Clearing context @%p for %s\n", crypto_tfm_ctx(tfm), crypto_tfm_alg_name(tfm)); if (ctx_p->cipher_mode == DRV_CIPHER_ESSIV) { /* Free hash tfm for essiv */ crypto_free_shash(ctx_p->shash_tfm); ctx_p->shash_tfm = NULL; } /* Unmap key buffer */ dma_unmap_single(dev, ctx_p->user.key_dma_addr, max_key_buf_size, DMA_TO_DEVICE); dev_dbg(dev, "Unmapped key buffer key_dma_addr=%pad\n", &ctx_p->user.key_dma_addr); /* Free key buffer in context */ kfree(ctx_p->user.key); dev_dbg(dev, "Free key buffer in context. key=@%p\n", ctx_p->user.key); }
/*! * Acquires 16 Bytes IV from the iv-pool * * \param drvdata Driver private context * \param iv_out_dma Array of physical IV out addresses * \param iv_out_dma_len Length of iv_out_dma array (additional elements * of iv_out_dma array are ignore) * \param iv_out_size May be 8 or 16 bytes long * \param iv_seq IN/OUT array to the descriptors sequence * \param iv_seq_len IN/OUT pointer to the sequence length * * \return int Zero for success, negative value otherwise. */ int cc_get_iv(struct cc_drvdata *drvdata, dma_addr_t iv_out_dma[], unsigned int iv_out_dma_len, unsigned int iv_out_size, struct cc_hw_desc iv_seq[], unsigned int *iv_seq_len) { struct cc_ivgen_ctx *ivgen_ctx = drvdata->ivgen_handle; unsigned int idx = *iv_seq_len; struct device *dev = drvdata_to_dev(drvdata); unsigned int t; if (iv_out_size != CC_AES_IV_SIZE && iv_out_size != CTR_RFC3686_IV_SIZE) { return -EINVAL; } if ((iv_out_dma_len + 1) > CC_IVPOOL_SEQ_LEN) { /* The sequence will be longer than allowed */ return -EINVAL; } /* check that number of generated IV is limited to max dma address * iv buffer size */ if (iv_out_dma_len > CC_MAX_IVGEN_DMA_ADDRESSES) { /* The sequence will be longer than allowed */ return -EINVAL; } for (t = 0; t < iv_out_dma_len; t++) { /* Acquire IV from pool */ hw_desc_init(&iv_seq[idx]); set_din_sram(&iv_seq[idx], (ivgen_ctx->pool + ivgen_ctx->next_iv_ofs), iv_out_size); set_dout_dlli(&iv_seq[idx], iv_out_dma[t], iv_out_size, NS_BIT, 0); set_flow_mode(&iv_seq[idx], BYPASS); idx++; } /* Bypass operation is proceeded by crypto sequence, hence must * assure bypass-write-transaction by a memory barrier */ hw_desc_init(&iv_seq[idx]); set_din_no_dma(&iv_seq[idx], 0, 0xfffff0); set_dout_no_dma(&iv_seq[idx], 0, 0, 1); idx++; *iv_seq_len = idx; /* update seq length */ /* Update iv index */ ivgen_ctx->next_iv_ofs += iv_out_size; if ((CC_IVPOOL_SIZE - ivgen_ctx->next_iv_ofs) < CC_AES_IV_SIZE) { dev_dbg(dev, "Pool exhausted, regenerating iv-pool\n"); /* pool is drained -regenerate it! */ return cc_gen_iv_pool(ivgen_ctx, iv_seq, iv_seq_len); } return 0; }
static int cc_cipher_init(struct crypto_tfm *tfm) { struct cc_cipher_ctx *ctx_p = crypto_tfm_ctx(tfm); struct crypto_alg *alg = tfm->__crt_alg; struct cc_crypto_alg *cc_alg = container_of(alg, struct cc_crypto_alg, crypto_alg); struct device *dev = drvdata_to_dev(cc_alg->drvdata); int rc = 0; unsigned int max_key_buf_size = get_max_keysize(tfm); struct ablkcipher_tfm *ablktfm = &tfm->crt_ablkcipher; dev_dbg(dev, "Initializing context @%p for %s\n", ctx_p, crypto_tfm_alg_name(tfm)); ablktfm->reqsize = sizeof(struct blkcipher_req_ctx); ctx_p->cipher_mode = cc_alg->cipher_mode; ctx_p->flow_mode = cc_alg->flow_mode; ctx_p->drvdata = cc_alg->drvdata; /* Allocate key buffer, cache line aligned */ ctx_p->user.key = kmalloc(max_key_buf_size, GFP_KERNEL); if (!ctx_p->user.key) return -ENOMEM; dev_dbg(dev, "Allocated key buffer in context. key=@%p\n", ctx_p->user.key); /* Map key buffer */ ctx_p->user.key_dma_addr = dma_map_single(dev, (void *)ctx_p->user.key, max_key_buf_size, DMA_TO_DEVICE); if (dma_mapping_error(dev, ctx_p->user.key_dma_addr)) { dev_err(dev, "Mapping Key %u B at va=%pK for DMA failed\n", max_key_buf_size, ctx_p->user.key); return -ENOMEM; } dev_dbg(dev, "Mapped key %u B at va=%pK to dma=%pad\n", max_key_buf_size, ctx_p->user.key, &ctx_p->user.key_dma_addr); if (ctx_p->cipher_mode == DRV_CIPHER_ESSIV) { /* Alloc hash tfm for essiv */ ctx_p->shash_tfm = crypto_alloc_shash("sha256-generic", 0, 0); if (IS_ERR(ctx_p->shash_tfm)) { dev_err(dev, "Error allocating hash tfm for ESSIV.\n"); return PTR_ERR(ctx_p->shash_tfm); } } return rc; }
static int cc_aead_chain_iv(struct cc_drvdata *drvdata, struct aead_request *req, struct buffer_array *sg_data, bool is_last, bool do_chain) { struct aead_req_ctx *areq_ctx = aead_request_ctx(req); unsigned int hw_iv_size = areq_ctx->hw_iv_size; struct device *dev = drvdata_to_dev(drvdata); int rc = 0; if (!req->iv) { areq_ctx->gen_ctx.iv_dma_addr = 0; goto chain_iv_exit; } areq_ctx->gen_ctx.iv_dma_addr = dma_map_single(dev, req->iv, hw_iv_size, DMA_BIDIRECTIONAL); if (dma_mapping_error(dev, areq_ctx->gen_ctx.iv_dma_addr)) { dev_err(dev, "Mapping iv %u B at va=%pK for DMA failed\n", hw_iv_size, req->iv); rc = -ENOMEM; goto chain_iv_exit; } dev_dbg(dev, "Mapped iv %u B at va=%pK to dma=%pad\n", hw_iv_size, req->iv, &areq_ctx->gen_ctx.iv_dma_addr); // TODO: what about CTR?? ask Ron if (do_chain && areq_ctx->plaintext_authenticate_only) { struct crypto_aead *tfm = crypto_aead_reqtfm(req); unsigned int iv_size_to_authenc = crypto_aead_ivsize(tfm); unsigned int iv_ofs = GCM_BLOCK_RFC4_IV_OFFSET; /* Chain to given list */ cc_add_buffer_entry(dev, sg_data, (areq_ctx->gen_ctx.iv_dma_addr + iv_ofs), iv_size_to_authenc, is_last, &areq_ctx->assoc.mlli_nents); areq_ctx->assoc_buff_type = CC_DMA_BUF_MLLI; } chain_iv_exit: return rc; }
int init_cc_regs(struct cc_drvdata *drvdata, bool is_probe) { unsigned int val, cache_params; struct device *dev = drvdata_to_dev(drvdata); /* Unmask all AXI interrupt sources AXI_CFG1 register */ val = cc_ioread(drvdata, CC_REG(AXIM_CFG)); cc_iowrite(drvdata, CC_REG(AXIM_CFG), val & ~CC_AXI_IRQ_MASK); dev_dbg(dev, "AXIM_CFG=0x%08X\n", cc_ioread(drvdata, CC_REG(AXIM_CFG))); /* Clear all pending interrupts */ val = cc_ioread(drvdata, CC_REG(HOST_IRR)); dev_dbg(dev, "IRR=0x%08X\n", val); cc_iowrite(drvdata, CC_REG(HOST_ICR), val); /* Unmask relevant interrupt cause */ val = (unsigned int)(~(CC_COMP_IRQ_MASK | CC_AXI_ERR_IRQ_MASK | CC_GPR0_IRQ_MASK)); cc_iowrite(drvdata, CC_REG(HOST_IMR), val); cache_params = (drvdata->coherent ? CC_COHERENT_CACHE_PARAMS : 0x0); val = cc_ioread(drvdata, CC_REG(AXIM_CACHE_PARAMS)); if (is_probe) dev_info(dev, "Cache params previous: 0x%08X\n", val); cc_iowrite(drvdata, CC_REG(AXIM_CACHE_PARAMS), cache_params); val = cc_ioread(drvdata, CC_REG(AXIM_CACHE_PARAMS)); if (is_probe) dev_info(dev, "Cache params current: 0x%08X (expect: 0x%08X)\n", val, cache_params); return 0; }
static int cc_prepare_aead_data_mlli(struct cc_drvdata *drvdata, struct aead_request *req, struct buffer_array *sg_data, u32 *src_last_bytes, u32 *dst_last_bytes, bool is_last_table) { struct aead_req_ctx *areq_ctx = aead_request_ctx(req); enum drv_crypto_direction direct = areq_ctx->gen_ctx.op_type; unsigned int authsize = areq_ctx->req_authsize; int rc = 0, icv_nents; struct device *dev = drvdata_to_dev(drvdata); struct scatterlist *sg; if (req->src == req->dst) { /*INPLACE*/ cc_add_sg_entry(dev, sg_data, areq_ctx->src.nents, areq_ctx->src_sgl, areq_ctx->cryptlen, areq_ctx->src_offset, is_last_table, &areq_ctx->src.mlli_nents); icv_nents = cc_get_aead_icv_nents(dev, areq_ctx->src_sgl, areq_ctx->src.nents, authsize, *src_last_bytes, &areq_ctx->is_icv_fragmented); if (icv_nents < 0) { rc = -ENOTSUPP; goto prepare_data_mlli_exit; } if (areq_ctx->is_icv_fragmented) { /* Backup happens only when ICV is fragmented, ICV * verification is made by CPU compare in order to * simplify MAC verification upon request completion */ if (direct == DRV_CRYPTO_DIRECTION_DECRYPT) { /* In coherent platforms (e.g. ACP) * already copying ICV for any * INPLACE-DECRYPT operation, hence * we must neglect this code. */ if (!drvdata->coherent) cc_copy_mac(dev, req, CC_SG_TO_BUF); areq_ctx->icv_virt_addr = areq_ctx->backup_mac; } else { areq_ctx->icv_virt_addr = areq_ctx->mac_buf; areq_ctx->icv_dma_addr = areq_ctx->mac_buf_dma_addr; } } else { /* Contig. ICV */ sg = &areq_ctx->src_sgl[areq_ctx->src.nents - 1]; /*Should hanlde if the sg is not contig.*/ areq_ctx->icv_dma_addr = sg_dma_address(sg) + (*src_last_bytes - authsize); areq_ctx->icv_virt_addr = sg_virt(sg) + (*src_last_bytes - authsize); } } else if (direct == DRV_CRYPTO_DIRECTION_DECRYPT) { /*NON-INPLACE and DECRYPT*/ cc_add_sg_entry(dev, sg_data, areq_ctx->src.nents, areq_ctx->src_sgl, areq_ctx->cryptlen, areq_ctx->src_offset, is_last_table, &areq_ctx->src.mlli_nents); cc_add_sg_entry(dev, sg_data, areq_ctx->dst.nents, areq_ctx->dst_sgl, areq_ctx->cryptlen, areq_ctx->dst_offset, is_last_table, &areq_ctx->dst.mlli_nents); icv_nents = cc_get_aead_icv_nents(dev, areq_ctx->src_sgl, areq_ctx->src.nents, authsize, *src_last_bytes, &areq_ctx->is_icv_fragmented); if (icv_nents < 0) { rc = -ENOTSUPP; goto prepare_data_mlli_exit; } /* Backup happens only when ICV is fragmented, ICV * verification is made by CPU compare in order to simplify * MAC verification upon request completion */ if (areq_ctx->is_icv_fragmented) { cc_copy_mac(dev, req, CC_SG_TO_BUF); areq_ctx->icv_virt_addr = areq_ctx->backup_mac; } else { /* Contig. ICV */ sg = &areq_ctx->src_sgl[areq_ctx->src.nents - 1]; /*Should hanlde if the sg is not contig.*/ areq_ctx->icv_dma_addr = sg_dma_address(sg) + (*src_last_bytes - authsize); areq_ctx->icv_virt_addr = sg_virt(sg) + (*src_last_bytes - authsize); } } else { /*NON-INPLACE and ENCRYPT*/ cc_add_sg_entry(dev, sg_data, areq_ctx->dst.nents, areq_ctx->dst_sgl, areq_ctx->cryptlen, areq_ctx->dst_offset, is_last_table, &areq_ctx->dst.mlli_nents); cc_add_sg_entry(dev, sg_data, areq_ctx->src.nents, areq_ctx->src_sgl, areq_ctx->cryptlen, areq_ctx->src_offset, is_last_table, &areq_ctx->src.mlli_nents); icv_nents = cc_get_aead_icv_nents(dev, areq_ctx->dst_sgl, areq_ctx->dst.nents, authsize, *dst_last_bytes, &areq_ctx->is_icv_fragmented); if (icv_nents < 0) { rc = -ENOTSUPP; goto prepare_data_mlli_exit; } if (!areq_ctx->is_icv_fragmented) { sg = &areq_ctx->dst_sgl[areq_ctx->dst.nents - 1]; /* Contig. ICV */ areq_ctx->icv_dma_addr = sg_dma_address(sg) + (*dst_last_bytes - authsize); areq_ctx->icv_virt_addr = sg_virt(sg) + (*dst_last_bytes - authsize); } else { areq_ctx->icv_dma_addr = areq_ctx->mac_buf_dma_addr; areq_ctx->icv_virt_addr = areq_ctx->mac_buf; } } prepare_data_mlli_exit: return rc; }
int cc_map_aead_request(struct cc_drvdata *drvdata, struct aead_request *req) { struct aead_req_ctx *areq_ctx = aead_request_ctx(req); struct mlli_params *mlli_params = &areq_ctx->mlli_params; struct device *dev = drvdata_to_dev(drvdata); struct buffer_array sg_data; unsigned int authsize = areq_ctx->req_authsize; struct buff_mgr_handle *buff_mgr = drvdata->buff_mgr_handle; int rc = 0; struct crypto_aead *tfm = crypto_aead_reqtfm(req); bool is_gcm4543 = areq_ctx->is_gcm4543; dma_addr_t dma_addr; u32 mapped_nents = 0; u32 dummy = 0; /*used for the assoc data fragments */ u32 size_to_map = 0; gfp_t flags = cc_gfp_flags(&req->base); mlli_params->curr_pool = NULL; sg_data.num_of_buffers = 0; /* copy mac to a temporary location to deal with possible * data memory overriding that caused by cache coherence problem. */ if (drvdata->coherent && areq_ctx->gen_ctx.op_type == DRV_CRYPTO_DIRECTION_DECRYPT && req->src == req->dst) cc_copy_mac(dev, req, CC_SG_TO_BUF); /* cacluate the size for cipher remove ICV in decrypt*/ areq_ctx->cryptlen = (areq_ctx->gen_ctx.op_type == DRV_CRYPTO_DIRECTION_ENCRYPT) ? req->cryptlen : (req->cryptlen - authsize); dma_addr = dma_map_single(dev, areq_ctx->mac_buf, MAX_MAC_SIZE, DMA_BIDIRECTIONAL); if (dma_mapping_error(dev, dma_addr)) { dev_err(dev, "Mapping mac_buf %u B at va=%pK for DMA failed\n", MAX_MAC_SIZE, areq_ctx->mac_buf); rc = -ENOMEM; goto aead_map_failure; } areq_ctx->mac_buf_dma_addr = dma_addr; if (areq_ctx->ccm_hdr_size != ccm_header_size_null) { void *addr = areq_ctx->ccm_config + CCM_CTR_COUNT_0_OFFSET; dma_addr = dma_map_single(dev, addr, AES_BLOCK_SIZE, DMA_TO_DEVICE); if (dma_mapping_error(dev, dma_addr)) { dev_err(dev, "Mapping mac_buf %u B at va=%pK for DMA failed\n", AES_BLOCK_SIZE, addr); areq_ctx->ccm_iv0_dma_addr = 0; rc = -ENOMEM; goto aead_map_failure; } areq_ctx->ccm_iv0_dma_addr = dma_addr; rc = cc_set_aead_conf_buf(dev, areq_ctx, areq_ctx->ccm_config, &sg_data, req->assoclen); if (rc) goto aead_map_failure; } if (areq_ctx->cipher_mode == DRV_CIPHER_GCTR) { dma_addr = dma_map_single(dev, areq_ctx->hkey, AES_BLOCK_SIZE, DMA_BIDIRECTIONAL); if (dma_mapping_error(dev, dma_addr)) { dev_err(dev, "Mapping hkey %u B at va=%pK for DMA failed\n", AES_BLOCK_SIZE, areq_ctx->hkey); rc = -ENOMEM; goto aead_map_failure; } areq_ctx->hkey_dma_addr = dma_addr; dma_addr = dma_map_single(dev, &areq_ctx->gcm_len_block, AES_BLOCK_SIZE, DMA_TO_DEVICE); if (dma_mapping_error(dev, dma_addr)) { dev_err(dev, "Mapping gcm_len_block %u B at va=%pK for DMA failed\n", AES_BLOCK_SIZE, &areq_ctx->gcm_len_block); rc = -ENOMEM; goto aead_map_failure; } areq_ctx->gcm_block_len_dma_addr = dma_addr; dma_addr = dma_map_single(dev, areq_ctx->gcm_iv_inc1, AES_BLOCK_SIZE, DMA_TO_DEVICE); if (dma_mapping_error(dev, dma_addr)) { dev_err(dev, "Mapping gcm_iv_inc1 %u B at va=%pK for DMA failed\n", AES_BLOCK_SIZE, (areq_ctx->gcm_iv_inc1)); areq_ctx->gcm_iv_inc1_dma_addr = 0; rc = -ENOMEM; goto aead_map_failure; } areq_ctx->gcm_iv_inc1_dma_addr = dma_addr; dma_addr = dma_map_single(dev, areq_ctx->gcm_iv_inc2, AES_BLOCK_SIZE, DMA_TO_DEVICE); if (dma_mapping_error(dev, dma_addr)) { dev_err(dev, "Mapping gcm_iv_inc2 %u B at va=%pK for DMA failed\n", AES_BLOCK_SIZE, (areq_ctx->gcm_iv_inc2)); areq_ctx->gcm_iv_inc2_dma_addr = 0; rc = -ENOMEM; goto aead_map_failure; } areq_ctx->gcm_iv_inc2_dma_addr = dma_addr; } size_to_map = req->cryptlen + req->assoclen; if (areq_ctx->gen_ctx.op_type == DRV_CRYPTO_DIRECTION_ENCRYPT) size_to_map += authsize; if (is_gcm4543) size_to_map += crypto_aead_ivsize(tfm); rc = cc_map_sg(dev, req->src, size_to_map, DMA_BIDIRECTIONAL, &areq_ctx->src.nents, (LLI_MAX_NUM_OF_ASSOC_DATA_ENTRIES + LLI_MAX_NUM_OF_DATA_ENTRIES), &dummy, &mapped_nents); if (rc) goto aead_map_failure; if (areq_ctx->is_single_pass) { /* * Create MLLI table for: * (1) Assoc. data * (2) Src/Dst SGLs * Note: IV is contg. buffer (not an SGL) */ rc = cc_aead_chain_assoc(drvdata, req, &sg_data, true, false); if (rc) goto aead_map_failure; rc = cc_aead_chain_iv(drvdata, req, &sg_data, true, false); if (rc) goto aead_map_failure; rc = cc_aead_chain_data(drvdata, req, &sg_data, true, false); if (rc) goto aead_map_failure; } else { /* DOUBLE-PASS flow */ /* * Prepare MLLI table(s) in this order: * * If ENCRYPT/DECRYPT (inplace): * (1) MLLI table for assoc * (2) IV entry (chained right after end of assoc) * (3) MLLI for src/dst (inplace operation) * * If ENCRYPT (non-inplace) * (1) MLLI table for assoc * (2) IV entry (chained right after end of assoc) * (3) MLLI for dst * (4) MLLI for src * * If DECRYPT (non-inplace) * (1) MLLI table for assoc * (2) IV entry (chained right after end of assoc) * (3) MLLI for src * (4) MLLI for dst */ rc = cc_aead_chain_assoc(drvdata, req, &sg_data, false, true); if (rc) goto aead_map_failure; rc = cc_aead_chain_iv(drvdata, req, &sg_data, false, true); if (rc) goto aead_map_failure; rc = cc_aead_chain_data(drvdata, req, &sg_data, true, true); if (rc) goto aead_map_failure; } /* Mlli support -start building the MLLI according to the above * results */ if (areq_ctx->assoc_buff_type == CC_DMA_BUF_MLLI || areq_ctx->data_buff_type == CC_DMA_BUF_MLLI) { mlli_params->curr_pool = buff_mgr->mlli_buffs_pool; rc = cc_generate_mlli(dev, &sg_data, mlli_params, flags); if (rc) goto aead_map_failure; cc_update_aead_mlli_nents(drvdata, req); dev_dbg(dev, "assoc params mn %d\n", areq_ctx->assoc.mlli_nents); dev_dbg(dev, "src params mn %d\n", areq_ctx->src.mlli_nents); dev_dbg(dev, "dst params mn %d\n", areq_ctx->dst.mlli_nents); } return 0; aead_map_failure: cc_unmap_aead_request(dev, req); return rc; }
static int cc_cipher_sethkey(struct crypto_skcipher *sktfm, const u8 *key, unsigned int keylen) { struct crypto_tfm *tfm = crypto_skcipher_tfm(sktfm); struct cc_cipher_ctx *ctx_p = crypto_tfm_ctx(tfm); struct device *dev = drvdata_to_dev(ctx_p->drvdata); struct cc_hkey_info hki; dev_dbg(dev, "Setting HW key in context @%p for %s. keylen=%u\n", ctx_p, crypto_tfm_alg_name(tfm), keylen); dump_byte_array("key", (u8 *)key, keylen); /* STAT_PHASE_0: Init and sanity checks */ /* This check the size of the hardware key token */ if (keylen != sizeof(hki)) { dev_err(dev, "Unsupported HW key size %d.\n", keylen); crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); return -EINVAL; } if (ctx_p->flow_mode != S_DIN_to_AES) { dev_err(dev, "HW key not supported for non-AES flows\n"); return -EINVAL; } memcpy(&hki, key, keylen); /* The real key len for crypto op is the size of the HW key * referenced by the HW key slot, not the hardware key token */ keylen = hki.keylen; if (validate_keys_sizes(ctx_p, keylen)) { dev_err(dev, "Unsupported key size %d.\n", keylen); crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); return -EINVAL; } ctx_p->hw.key1_slot = cc_slot_to_hw_key(hki.hw_key1); if (ctx_p->hw.key1_slot == END_OF_KEYS) { dev_err(dev, "Unsupported hw key1 number (%d)\n", hki.hw_key1); return -EINVAL; } if (ctx_p->cipher_mode == DRV_CIPHER_XTS || ctx_p->cipher_mode == DRV_CIPHER_ESSIV || ctx_p->cipher_mode == DRV_CIPHER_BITLOCKER) { if (hki.hw_key1 == hki.hw_key2) { dev_err(dev, "Illegal hw key numbers (%d,%d)\n", hki.hw_key1, hki.hw_key2); return -EINVAL; } ctx_p->hw.key2_slot = cc_slot_to_hw_key(hki.hw_key2); if (ctx_p->hw.key2_slot == END_OF_KEYS) { dev_err(dev, "Unsupported hw key2 number (%d)\n", hki.hw_key2); return -EINVAL; } } ctx_p->keylen = keylen; ctx_p->hw_key = true; dev_dbg(dev, "cc_is_hw_key ret 0"); return 0; }
static int cc_aead_chain_assoc(struct cc_drvdata *drvdata, struct aead_request *req, struct buffer_array *sg_data, bool is_last, bool do_chain) { struct aead_req_ctx *areq_ctx = aead_request_ctx(req); int rc = 0; u32 mapped_nents = 0; struct scatterlist *current_sg = req->src; struct crypto_aead *tfm = crypto_aead_reqtfm(req); unsigned int sg_index = 0; u32 size_of_assoc = req->assoclen; struct device *dev = drvdata_to_dev(drvdata); if (areq_ctx->is_gcm4543) size_of_assoc += crypto_aead_ivsize(tfm); if (!sg_data) { rc = -EINVAL; goto chain_assoc_exit; } if (req->assoclen == 0) { areq_ctx->assoc_buff_type = CC_DMA_BUF_NULL; areq_ctx->assoc.nents = 0; areq_ctx->assoc.mlli_nents = 0; dev_dbg(dev, "Chain assoc of length 0: buff_type=%s nents=%u\n", cc_dma_buf_type(areq_ctx->assoc_buff_type), areq_ctx->assoc.nents); goto chain_assoc_exit; } //iterate over the sgl to see how many entries are for associated data //it is assumed that if we reach here , the sgl is already mapped sg_index = current_sg->length; //the first entry in the scatter list contains all the associated data if (sg_index > size_of_assoc) { mapped_nents++; } else { while (sg_index <= size_of_assoc) { current_sg = sg_next(current_sg); /* if have reached the end of the sgl, then this is * unexpected */ if (!current_sg) { dev_err(dev, "reached end of sg list. unexpected\n"); return -EINVAL; } sg_index += current_sg->length; mapped_nents++; } } if (mapped_nents > LLI_MAX_NUM_OF_ASSOC_DATA_ENTRIES) { dev_err(dev, "Too many fragments. current %d max %d\n", mapped_nents, LLI_MAX_NUM_OF_ASSOC_DATA_ENTRIES); return -ENOMEM; } areq_ctx->assoc.nents = mapped_nents; /* in CCM case we have additional entry for * ccm header configurations */ if (areq_ctx->ccm_hdr_size != ccm_header_size_null) { if ((mapped_nents + 1) > LLI_MAX_NUM_OF_ASSOC_DATA_ENTRIES) { dev_err(dev, "CCM case.Too many fragments. Current %d max %d\n", (areq_ctx->assoc.nents + 1), LLI_MAX_NUM_OF_ASSOC_DATA_ENTRIES); rc = -ENOMEM; goto chain_assoc_exit; } } if (mapped_nents == 1 && areq_ctx->ccm_hdr_size == ccm_header_size_null) areq_ctx->assoc_buff_type = CC_DMA_BUF_DLLI; else areq_ctx->assoc_buff_type = CC_DMA_BUF_MLLI; if (do_chain || areq_ctx->assoc_buff_type == CC_DMA_BUF_MLLI) { dev_dbg(dev, "Chain assoc: buff_type=%s nents=%u\n", cc_dma_buf_type(areq_ctx->assoc_buff_type), areq_ctx->assoc.nents); cc_add_sg_entry(dev, sg_data, areq_ctx->assoc.nents, req->src, req->assoclen, 0, is_last, &areq_ctx->assoc.mlli_nents); areq_ctx->assoc_buff_type = CC_DMA_BUF_MLLI; } chain_assoc_exit: return rc; }
static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key, unsigned int keylen) { struct crypto_tfm *tfm = crypto_skcipher_tfm(sktfm); struct cc_cipher_ctx *ctx_p = crypto_tfm_ctx(tfm); struct device *dev = drvdata_to_dev(ctx_p->drvdata); u32 tmp[DES3_EDE_EXPKEY_WORDS]; struct cc_crypto_alg *cc_alg = container_of(tfm->__crt_alg, struct cc_crypto_alg, skcipher_alg.base); unsigned int max_key_buf_size = cc_alg->skcipher_alg.max_keysize; dev_dbg(dev, "Setting key in context @%p for %s. keylen=%u\n", ctx_p, crypto_tfm_alg_name(tfm), keylen); dump_byte_array("key", (u8 *)key, keylen); /* STAT_PHASE_0: Init and sanity checks */ if (validate_keys_sizes(ctx_p, keylen)) { dev_err(dev, "Unsupported key size %d.\n", keylen); crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); return -EINVAL; } ctx_p->hw_key = false; /* * Verify DES weak keys * Note that we're dropping the expanded key since the * HW does the expansion on its own. */ if (ctx_p->flow_mode == S_DIN_to_DES) { if (keylen == DES3_EDE_KEY_SIZE && __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) { dev_dbg(dev, "weak 3DES key"); return -EINVAL; } else if (!des_ekey(tmp, key) && (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; dev_dbg(dev, "weak DES key"); return -EINVAL; } } if (ctx_p->cipher_mode == DRV_CIPHER_XTS && xts_check_key(tfm, key, keylen)) { dev_dbg(dev, "weak XTS key"); return -EINVAL; } /* STAT_PHASE_1: Copy key to ctx */ dma_sync_single_for_cpu(dev, ctx_p->user.key_dma_addr, max_key_buf_size, DMA_TO_DEVICE); memcpy(ctx_p->user.key, key, keylen); if (keylen == 24) memset(ctx_p->user.key + 24, 0, CC_AES_KEY_SIZE_MAX - 24); if (ctx_p->cipher_mode == DRV_CIPHER_ESSIV) { /* sha256 for key2 - use sw implementation */ int key_len = keylen >> 1; int err; SHASH_DESC_ON_STACK(desc, ctx_p->shash_tfm); desc->tfm = ctx_p->shash_tfm; err = crypto_shash_digest(desc, ctx_p->user.key, key_len, ctx_p->user.key + key_len); if (err) { dev_err(dev, "Failed to hash ESSIV key.\n"); return err; } }
int cc_map_cipher_request(struct cc_drvdata *drvdata, void *ctx, unsigned int ivsize, unsigned int nbytes, void *info, struct scatterlist *src, struct scatterlist *dst, gfp_t flags) { struct cipher_req_ctx *req_ctx = (struct cipher_req_ctx *)ctx; struct mlli_params *mlli_params = &req_ctx->mlli_params; struct buff_mgr_handle *buff_mgr = drvdata->buff_mgr_handle; struct device *dev = drvdata_to_dev(drvdata); struct buffer_array sg_data; u32 dummy = 0; int rc = 0; u32 mapped_nents = 0; req_ctx->dma_buf_type = CC_DMA_BUF_DLLI; mlli_params->curr_pool = NULL; sg_data.num_of_buffers = 0; /* Map IV buffer */ if (ivsize) { dump_byte_array("iv", (u8 *)info, ivsize); req_ctx->gen_ctx.iv_dma_addr = dma_map_single(dev, (void *)info, ivsize, DMA_TO_DEVICE); if (dma_mapping_error(dev, req_ctx->gen_ctx.iv_dma_addr)) { dev_err(dev, "Mapping iv %u B at va=%pK for DMA failed\n", ivsize, info); return -ENOMEM; } dev_dbg(dev, "Mapped iv %u B at va=%pK to dma=%pad\n", ivsize, info, &req_ctx->gen_ctx.iv_dma_addr); } else { req_ctx->gen_ctx.iv_dma_addr = 0; } /* Map the src SGL */ rc = cc_map_sg(dev, src, nbytes, DMA_BIDIRECTIONAL, &req_ctx->in_nents, LLI_MAX_NUM_OF_DATA_ENTRIES, &dummy, &mapped_nents); if (rc) goto cipher_exit; if (mapped_nents > 1) req_ctx->dma_buf_type = CC_DMA_BUF_MLLI; if (src == dst) { /* Handle inplace operation */ if (req_ctx->dma_buf_type == CC_DMA_BUF_MLLI) { req_ctx->out_nents = 0; cc_add_sg_entry(dev, &sg_data, req_ctx->in_nents, src, nbytes, 0, true, &req_ctx->in_mlli_nents); } } else { /* Map the dst sg */ rc = cc_map_sg(dev, dst, nbytes, DMA_BIDIRECTIONAL, &req_ctx->out_nents, LLI_MAX_NUM_OF_DATA_ENTRIES, &dummy, &mapped_nents); if (rc) goto cipher_exit; if (mapped_nents > 1) req_ctx->dma_buf_type = CC_DMA_BUF_MLLI; if (req_ctx->dma_buf_type == CC_DMA_BUF_MLLI) { cc_add_sg_entry(dev, &sg_data, req_ctx->in_nents, src, nbytes, 0, true, &req_ctx->in_mlli_nents); cc_add_sg_entry(dev, &sg_data, req_ctx->out_nents, dst, nbytes, 0, true, &req_ctx->out_mlli_nents); } } if (req_ctx->dma_buf_type == CC_DMA_BUF_MLLI) { mlli_params->curr_pool = buff_mgr->mlli_buffs_pool; rc = cc_generate_mlli(dev, &sg_data, mlli_params, flags); if (rc) goto cipher_exit; } dev_dbg(dev, "areq_ctx->dma_buf_type = %s\n", cc_dma_buf_type(req_ctx->dma_buf_type)); return 0; cipher_exit: cc_unmap_cipher_request(dev, req_ctx, ivsize, src, dst); return rc; }
int cc_map_hash_request_update(struct cc_drvdata *drvdata, void *ctx, struct scatterlist *src, unsigned int nbytes, unsigned int block_size, gfp_t flags) { struct ahash_req_ctx *areq_ctx = (struct ahash_req_ctx *)ctx; struct device *dev = drvdata_to_dev(drvdata); u8 *curr_buff = cc_hash_buf(areq_ctx); u32 *curr_buff_cnt = cc_hash_buf_cnt(areq_ctx); u8 *next_buff = cc_next_buf(areq_ctx); u32 *next_buff_cnt = cc_next_buf_cnt(areq_ctx); struct mlli_params *mlli_params = &areq_ctx->mlli_params; unsigned int update_data_len; u32 total_in_len = nbytes + *curr_buff_cnt; struct buffer_array sg_data; struct buff_mgr_handle *buff_mgr = drvdata->buff_mgr_handle; unsigned int swap_index = 0; int rc = 0; u32 dummy = 0; u32 mapped_nents = 0; dev_dbg(dev, " update params : curr_buff=%pK curr_buff_cnt=0x%X nbytes=0x%X src=%pK curr_index=%u\n", curr_buff, *curr_buff_cnt, nbytes, src, areq_ctx->buff_index); /* Init the type of the dma buffer */ areq_ctx->data_dma_buf_type = CC_DMA_BUF_NULL; mlli_params->curr_pool = NULL; areq_ctx->curr_sg = NULL; sg_data.num_of_buffers = 0; areq_ctx->in_nents = 0; if (total_in_len < block_size) { dev_dbg(dev, " less than one block: curr_buff=%pK *curr_buff_cnt=0x%X copy_to=%pK\n", curr_buff, *curr_buff_cnt, &curr_buff[*curr_buff_cnt]); areq_ctx->in_nents = cc_get_sgl_nents(dev, src, nbytes, &dummy, NULL); sg_copy_to_buffer(src, areq_ctx->in_nents, &curr_buff[*curr_buff_cnt], nbytes); *curr_buff_cnt += nbytes; return 1; } /* Calculate the residue size*/ *next_buff_cnt = total_in_len & (block_size - 1); /* update data len */ update_data_len = total_in_len - *next_buff_cnt; dev_dbg(dev, " temp length : *next_buff_cnt=0x%X update_data_len=0x%X\n", *next_buff_cnt, update_data_len); /* Copy the new residue to next buffer */ if (*next_buff_cnt) { dev_dbg(dev, " handle residue: next buff %pK skip data %u residue %u\n", next_buff, (update_data_len - *curr_buff_cnt), *next_buff_cnt); cc_copy_sg_portion(dev, next_buff, src, (update_data_len - *curr_buff_cnt), nbytes, CC_SG_TO_BUF); /* change the buffer index for next operation */ swap_index = 1; } if (*curr_buff_cnt) { rc = cc_set_hash_buf(dev, areq_ctx, curr_buff, *curr_buff_cnt, &sg_data); if (rc) return rc; /* change the buffer index for next operation */ swap_index = 1; } if (update_data_len > *curr_buff_cnt) { rc = cc_map_sg(dev, src, (update_data_len - *curr_buff_cnt), DMA_TO_DEVICE, &areq_ctx->in_nents, LLI_MAX_NUM_OF_DATA_ENTRIES, &dummy, &mapped_nents); if (rc) goto unmap_curr_buff; if (mapped_nents == 1 && areq_ctx->data_dma_buf_type == CC_DMA_BUF_NULL) { /* only one entry in the SG and no previous data */ memcpy(areq_ctx->buff_sg, src, sizeof(struct scatterlist)); areq_ctx->buff_sg->length = update_data_len; areq_ctx->data_dma_buf_type = CC_DMA_BUF_DLLI; areq_ctx->curr_sg = areq_ctx->buff_sg; } else { areq_ctx->data_dma_buf_type = CC_DMA_BUF_MLLI; } } if (areq_ctx->data_dma_buf_type == CC_DMA_BUF_MLLI) { mlli_params->curr_pool = buff_mgr->mlli_buffs_pool; /* add the src data to the sg_data */ cc_add_sg_entry(dev, &sg_data, areq_ctx->in_nents, src, (update_data_len - *curr_buff_cnt), 0, true, &areq_ctx->mlli_nents); rc = cc_generate_mlli(dev, &sg_data, mlli_params, flags); if (rc) goto fail_unmap_din; } areq_ctx->buff_index = (areq_ctx->buff_index ^ swap_index); return 0; fail_unmap_din: dma_unmap_sg(dev, src, areq_ctx->in_nents, DMA_TO_DEVICE); unmap_curr_buff: if (*curr_buff_cnt) dma_unmap_sg(dev, areq_ctx->buff_sg, 1, DMA_TO_DEVICE); return rc; }
int cc_map_hash_request_final(struct cc_drvdata *drvdata, void *ctx, struct scatterlist *src, unsigned int nbytes, bool do_update, gfp_t flags) { struct ahash_req_ctx *areq_ctx = (struct ahash_req_ctx *)ctx; struct device *dev = drvdata_to_dev(drvdata); u8 *curr_buff = cc_hash_buf(areq_ctx); u32 *curr_buff_cnt = cc_hash_buf_cnt(areq_ctx); struct mlli_params *mlli_params = &areq_ctx->mlli_params; struct buffer_array sg_data; struct buff_mgr_handle *buff_mgr = drvdata->buff_mgr_handle; int rc = 0; u32 dummy = 0; u32 mapped_nents = 0; dev_dbg(dev, "final params : curr_buff=%pK curr_buff_cnt=0x%X nbytes = 0x%X src=%pK curr_index=%u\n", curr_buff, *curr_buff_cnt, nbytes, src, areq_ctx->buff_index); /* Init the type of the dma buffer */ areq_ctx->data_dma_buf_type = CC_DMA_BUF_NULL; mlli_params->curr_pool = NULL; sg_data.num_of_buffers = 0; areq_ctx->in_nents = 0; if (nbytes == 0 && *curr_buff_cnt == 0) { /* nothing to do */ return 0; } /*TODO: copy data in case that buffer is enough for operation */ /* map the previous buffer */ if (*curr_buff_cnt) { rc = cc_set_hash_buf(dev, areq_ctx, curr_buff, *curr_buff_cnt, &sg_data); if (rc) return rc; } if (src && nbytes > 0 && do_update) { rc = cc_map_sg(dev, src, nbytes, DMA_TO_DEVICE, &areq_ctx->in_nents, LLI_MAX_NUM_OF_DATA_ENTRIES, &dummy, &mapped_nents); if (rc) goto unmap_curr_buff; if (src && mapped_nents == 1 && areq_ctx->data_dma_buf_type == CC_DMA_BUF_NULL) { memcpy(areq_ctx->buff_sg, src, sizeof(struct scatterlist)); areq_ctx->buff_sg->length = nbytes; areq_ctx->curr_sg = areq_ctx->buff_sg; areq_ctx->data_dma_buf_type = CC_DMA_BUF_DLLI; } else { areq_ctx->data_dma_buf_type = CC_DMA_BUF_MLLI; } } /*build mlli */ if (areq_ctx->data_dma_buf_type == CC_DMA_BUF_MLLI) { mlli_params->curr_pool = buff_mgr->mlli_buffs_pool; /* add the src data to the sg_data */ cc_add_sg_entry(dev, &sg_data, areq_ctx->in_nents, src, nbytes, 0, true, &areq_ctx->mlli_nents); rc = cc_generate_mlli(dev, &sg_data, mlli_params, flags); if (rc) goto fail_unmap_din; } /* change the buffer index for the unmap function */ areq_ctx->buff_index = (areq_ctx->buff_index ^ 1); dev_dbg(dev, "areq_ctx->data_dma_buf_type = %s\n", cc_dma_buf_type(areq_ctx->data_dma_buf_type)); return 0; fail_unmap_din: dma_unmap_sg(dev, src, areq_ctx->in_nents, DMA_TO_DEVICE); unmap_curr_buff: if (*curr_buff_cnt) dma_unmap_sg(dev, areq_ctx->buff_sg, 1, DMA_TO_DEVICE); return rc; }
static irqreturn_t cc_isr(int irq, void *dev_id) { struct cc_drvdata *drvdata = (struct cc_drvdata *)dev_id; struct device *dev = drvdata_to_dev(drvdata); u32 irr; u32 imr; /* STAT_OP_TYPE_GENERIC STAT_PHASE_0: Interrupt */ /* read the interrupt status */ irr = cc_ioread(drvdata, CC_REG(HOST_IRR)); dev_dbg(dev, "Got IRR=0x%08X\n", irr); if (irr == 0) { /* Probably shared interrupt line */ dev_err(dev, "Got interrupt with empty IRR\n"); return IRQ_NONE; } imr = cc_ioread(drvdata, CC_REG(HOST_IMR)); /* clear interrupt - must be before processing events */ cc_iowrite(drvdata, CC_REG(HOST_ICR), irr); drvdata->irq = irr; /* Completion interrupt - most probable */ if (irr & CC_COMP_IRQ_MASK) { /* Mask AXI completion interrupt - will be unmasked in * Deferred service handler */ cc_iowrite(drvdata, CC_REG(HOST_IMR), imr | CC_COMP_IRQ_MASK); irr &= ~CC_COMP_IRQ_MASK; complete_request(drvdata); } #ifdef CONFIG_CRYPTO_FIPS /* TEE FIPS interrupt */ if (irr & CC_GPR0_IRQ_MASK) { /* Mask interrupt - will be unmasked in Deferred service * handler */ cc_iowrite(drvdata, CC_REG(HOST_IMR), imr | CC_GPR0_IRQ_MASK); irr &= ~CC_GPR0_IRQ_MASK; fips_handler(drvdata); } #endif /* AXI error interrupt */ if (irr & CC_AXI_ERR_IRQ_MASK) { u32 axi_err; /* Read the AXI error ID */ axi_err = cc_ioread(drvdata, CC_REG(AXIM_MON_ERR)); dev_dbg(dev, "AXI completion error: axim_mon_err=0x%08X\n", axi_err); irr &= ~CC_AXI_ERR_IRQ_MASK; } if (irr) { dev_dbg(dev, "IRR includes unknown cause bits (0x%08X)\n", irr); /* Just warning */ } return IRQ_HANDLED; }
static int cc_aead_chain_data(struct cc_drvdata *drvdata, struct aead_request *req, struct buffer_array *sg_data, bool is_last_table, bool do_chain) { struct aead_req_ctx *areq_ctx = aead_request_ctx(req); struct device *dev = drvdata_to_dev(drvdata); enum drv_crypto_direction direct = areq_ctx->gen_ctx.op_type; unsigned int authsize = areq_ctx->req_authsize; unsigned int src_last_bytes = 0, dst_last_bytes = 0; int rc = 0; u32 src_mapped_nents = 0, dst_mapped_nents = 0; u32 offset = 0; /* non-inplace mode */ unsigned int size_for_map = req->assoclen + req->cryptlen; struct crypto_aead *tfm = crypto_aead_reqtfm(req); u32 sg_index = 0; bool chained = false; bool is_gcm4543 = areq_ctx->is_gcm4543; u32 size_to_skip = req->assoclen; if (is_gcm4543) size_to_skip += crypto_aead_ivsize(tfm); offset = size_to_skip; if (!sg_data) return -EINVAL; areq_ctx->src_sgl = req->src; areq_ctx->dst_sgl = req->dst; if (is_gcm4543) size_for_map += crypto_aead_ivsize(tfm); size_for_map += (direct == DRV_CRYPTO_DIRECTION_ENCRYPT) ? authsize : 0; src_mapped_nents = cc_get_sgl_nents(dev, req->src, size_for_map, &src_last_bytes, &chained); sg_index = areq_ctx->src_sgl->length; //check where the data starts while (sg_index <= size_to_skip) { offset -= areq_ctx->src_sgl->length; areq_ctx->src_sgl = sg_next(areq_ctx->src_sgl); //if have reached the end of the sgl, then this is unexpected if (!areq_ctx->src_sgl) { dev_err(dev, "reached end of sg list. unexpected\n"); return -EINVAL; } sg_index += areq_ctx->src_sgl->length; src_mapped_nents--; } if (src_mapped_nents > LLI_MAX_NUM_OF_DATA_ENTRIES) { dev_err(dev, "Too many fragments. current %d max %d\n", src_mapped_nents, LLI_MAX_NUM_OF_DATA_ENTRIES); return -ENOMEM; } areq_ctx->src.nents = src_mapped_nents; areq_ctx->src_offset = offset; if (req->src != req->dst) { size_for_map = req->assoclen + req->cryptlen; size_for_map += (direct == DRV_CRYPTO_DIRECTION_ENCRYPT) ? authsize : 0; if (is_gcm4543) size_for_map += crypto_aead_ivsize(tfm); rc = cc_map_sg(dev, req->dst, size_for_map, DMA_BIDIRECTIONAL, &areq_ctx->dst.nents, LLI_MAX_NUM_OF_DATA_ENTRIES, &dst_last_bytes, &dst_mapped_nents); if (rc) goto chain_data_exit; } dst_mapped_nents = cc_get_sgl_nents(dev, req->dst, size_for_map, &dst_last_bytes, &chained); sg_index = areq_ctx->dst_sgl->length; offset = size_to_skip; //check where the data starts while (sg_index <= size_to_skip) { offset -= areq_ctx->dst_sgl->length; areq_ctx->dst_sgl = sg_next(areq_ctx->dst_sgl); //if have reached the end of the sgl, then this is unexpected if (!areq_ctx->dst_sgl) { dev_err(dev, "reached end of sg list. unexpected\n"); return -EINVAL; } sg_index += areq_ctx->dst_sgl->length; dst_mapped_nents--; } if (dst_mapped_nents > LLI_MAX_NUM_OF_DATA_ENTRIES) { dev_err(dev, "Too many fragments. current %d max %d\n", dst_mapped_nents, LLI_MAX_NUM_OF_DATA_ENTRIES); return -ENOMEM; } areq_ctx->dst.nents = dst_mapped_nents; areq_ctx->dst_offset = offset; if (src_mapped_nents > 1 || dst_mapped_nents > 1 || do_chain) { areq_ctx->data_buff_type = CC_DMA_BUF_MLLI; rc = cc_prepare_aead_data_mlli(drvdata, req, sg_data, &src_last_bytes, &dst_last_bytes, is_last_table); } else { areq_ctx->data_buff_type = CC_DMA_BUF_DLLI; cc_prepare_aead_data_dlli(req, &src_last_bytes, &dst_last_bytes); } chain_data_exit: return rc; }
static int cc_cipher_setkey(struct crypto_ablkcipher *atfm, const u8 *key, unsigned int keylen) { struct crypto_tfm *tfm = crypto_ablkcipher_tfm(atfm); struct cc_cipher_ctx *ctx_p = crypto_tfm_ctx(tfm); struct device *dev = drvdata_to_dev(ctx_p->drvdata); u32 tmp[DES_EXPKEY_WORDS]; unsigned int max_key_buf_size = get_max_keysize(tfm); dev_dbg(dev, "Setting key in context @%p for %s. keylen=%u\n", ctx_p, crypto_tfm_alg_name(tfm), keylen); dump_byte_array("key", (u8 *)key, keylen); /* STAT_PHASE_0: Init and sanity checks */ if (validate_keys_sizes(ctx_p, keylen)) { dev_err(dev, "Unsupported key size %d.\n", keylen); crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); return -EINVAL; } if (cc_is_hw_key(tfm)) { /* setting HW key slots */ struct arm_hw_key_info *hki = (struct arm_hw_key_info *)key; if (ctx_p->flow_mode != S_DIN_to_AES) { dev_err(dev, "HW key not supported for non-AES flows\n"); return -EINVAL; } ctx_p->hw.key1_slot = hw_key_to_cc_hw_key(hki->hw_key1); if (ctx_p->hw.key1_slot == END_OF_KEYS) { dev_err(dev, "Unsupported hw key1 number (%d)\n", hki->hw_key1); return -EINVAL; } if (ctx_p->cipher_mode == DRV_CIPHER_XTS || ctx_p->cipher_mode == DRV_CIPHER_ESSIV || ctx_p->cipher_mode == DRV_CIPHER_BITLOCKER) { if (hki->hw_key1 == hki->hw_key2) { dev_err(dev, "Illegal hw key numbers (%d,%d)\n", hki->hw_key1, hki->hw_key2); return -EINVAL; } ctx_p->hw.key2_slot = hw_key_to_cc_hw_key(hki->hw_key2); if (ctx_p->hw.key2_slot == END_OF_KEYS) { dev_err(dev, "Unsupported hw key2 number (%d)\n", hki->hw_key2); return -EINVAL; } } ctx_p->keylen = keylen; dev_dbg(dev, "cc_is_hw_key ret 0"); return 0; } // verify weak keys if (ctx_p->flow_mode == S_DIN_to_DES) { if (!des_ekey(tmp, key) && (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_WEAK_KEY)) { tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; dev_dbg(dev, "weak DES key"); return -EINVAL; } } if (ctx_p->cipher_mode == DRV_CIPHER_XTS && xts_check_key(tfm, key, keylen)) { dev_dbg(dev, "weak XTS key"); return -EINVAL; } if (ctx_p->flow_mode == S_DIN_to_DES && keylen == DES3_EDE_KEY_SIZE && cc_verify_3des_keys(key, keylen)) { dev_dbg(dev, "weak 3DES key"); return -EINVAL; } /* STAT_PHASE_1: Copy key to ctx */ dma_sync_single_for_cpu(dev, ctx_p->user.key_dma_addr, max_key_buf_size, DMA_TO_DEVICE); memcpy(ctx_p->user.key, key, keylen); if (keylen == 24) memset(ctx_p->user.key + 24, 0, CC_AES_KEY_SIZE_MAX - 24); if (ctx_p->cipher_mode == DRV_CIPHER_ESSIV) { /* sha256 for key2 - use sw implementation */ int key_len = keylen >> 1; int err; SHASH_DESC_ON_STACK(desc, ctx_p->shash_tfm); desc->tfm = ctx_p->shash_tfm; err = crypto_shash_digest(desc, ctx_p->user.key, key_len, ctx_p->user.key + key_len); if (err) { dev_err(dev, "Failed to hash ESSIV key.\n"); return err; } }