diff options
Diffstat (limited to 'drivers/crypto/talitos.c')
| -rw-r--r-- | drivers/crypto/talitos.c | 103 |
1 files changed, 47 insertions, 56 deletions
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index 6cd0e6038583..b44f4ddc565c 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c | |||
| @@ -673,39 +673,20 @@ static int aead_setkey(struct crypto_aead *authenc, | |||
| 673 | const u8 *key, unsigned int keylen) | 673 | const u8 *key, unsigned int keylen) |
| 674 | { | 674 | { |
| 675 | struct talitos_ctx *ctx = crypto_aead_ctx(authenc); | 675 | struct talitos_ctx *ctx = crypto_aead_ctx(authenc); |
| 676 | struct rtattr *rta = (void *)key; | 676 | struct crypto_authenc_keys keys; |
| 677 | struct crypto_authenc_key_param *param; | ||
| 678 | unsigned int authkeylen; | ||
| 679 | unsigned int enckeylen; | ||
| 680 | |||
| 681 | if (!RTA_OK(rta, keylen)) | ||
| 682 | goto badkey; | ||
| 683 | 677 | ||
| 684 | if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM) | 678 | if (crypto_authenc_extractkeys(&keys, key, keylen) != 0) |
| 685 | goto badkey; | 679 | goto badkey; |
| 686 | 680 | ||
| 687 | if (RTA_PAYLOAD(rta) < sizeof(*param)) | 681 | if (keys.authkeylen + keys.enckeylen > TALITOS_MAX_KEY_SIZE) |
| 688 | goto badkey; | 682 | goto badkey; |
| 689 | 683 | ||
| 690 | param = RTA_DATA(rta); | 684 | memcpy(ctx->key, keys.authkey, keys.authkeylen); |
| 691 | enckeylen = be32_to_cpu(param->enckeylen); | 685 | memcpy(&ctx->key[keys.authkeylen], keys.enckey, keys.enckeylen); |
| 692 | |||
| 693 | key += RTA_ALIGN(rta->rta_len); | ||
| 694 | keylen -= RTA_ALIGN(rta->rta_len); | ||
| 695 | 686 | ||
| 696 | if (keylen < enckeylen) | 687 | ctx->keylen = keys.authkeylen + keys.enckeylen; |
| 697 | goto badkey; | 688 | ctx->enckeylen = keys.enckeylen; |
| 698 | 689 | ctx->authkeylen = keys.authkeylen; | |
| 699 | authkeylen = keylen - enckeylen; | ||
| 700 | |||
| 701 | if (keylen > TALITOS_MAX_KEY_SIZE) | ||
| 702 | goto badkey; | ||
| 703 | |||
| 704 | memcpy(&ctx->key, key, keylen); | ||
| 705 | |||
| 706 | ctx->keylen = keylen; | ||
| 707 | ctx->enckeylen = enckeylen; | ||
| 708 | ctx->authkeylen = authkeylen; | ||
| 709 | 690 | ||
| 710 | return 0; | 691 | return 0; |
| 711 | 692 | ||
| @@ -809,7 +790,7 @@ static void ipsec_esp_unmap(struct device *dev, | |||
| 809 | 790 | ||
| 810 | if (edesc->assoc_chained) | 791 | if (edesc->assoc_chained) |
| 811 | talitos_unmap_sg_chain(dev, areq->assoc, DMA_TO_DEVICE); | 792 | talitos_unmap_sg_chain(dev, areq->assoc, DMA_TO_DEVICE); |
| 812 | else | 793 | else if (areq->assoclen) |
| 813 | /* assoc_nents counts also for IV in non-contiguous cases */ | 794 | /* assoc_nents counts also for IV in non-contiguous cases */ |
| 814 | dma_unmap_sg(dev, areq->assoc, | 795 | dma_unmap_sg(dev, areq->assoc, |
| 815 | edesc->assoc_nents ? edesc->assoc_nents - 1 : 1, | 796 | edesc->assoc_nents ? edesc->assoc_nents - 1 : 1, |
| @@ -992,7 +973,11 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq, | |||
| 992 | dma_sync_single_for_device(dev, edesc->dma_link_tbl, | 973 | dma_sync_single_for_device(dev, edesc->dma_link_tbl, |
| 993 | edesc->dma_len, DMA_BIDIRECTIONAL); | 974 | edesc->dma_len, DMA_BIDIRECTIONAL); |
| 994 | } else { | 975 | } else { |
| 995 | to_talitos_ptr(&desc->ptr[1], sg_dma_address(areq->assoc)); | 976 | if (areq->assoclen) |
| 977 | to_talitos_ptr(&desc->ptr[1], | ||
| 978 | sg_dma_address(areq->assoc)); | ||
| 979 | else | ||
| 980 | to_talitos_ptr(&desc->ptr[1], edesc->iv_dma); | ||
| 996 | desc->ptr[1].j_extent = 0; | 981 | desc->ptr[1].j_extent = 0; |
| 997 | } | 982 | } |
| 998 | 983 | ||
| @@ -1127,7 +1112,8 @@ static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, | |||
| 1127 | unsigned int authsize, | 1112 | unsigned int authsize, |
| 1128 | unsigned int ivsize, | 1113 | unsigned int ivsize, |
| 1129 | int icv_stashing, | 1114 | int icv_stashing, |
| 1130 | u32 cryptoflags) | 1115 | u32 cryptoflags, |
| 1116 | bool encrypt) | ||
| 1131 | { | 1117 | { |
| 1132 | struct talitos_edesc *edesc; | 1118 | struct talitos_edesc *edesc; |
| 1133 | int assoc_nents = 0, src_nents, dst_nents, alloc_len, dma_len; | 1119 | int assoc_nents = 0, src_nents, dst_nents, alloc_len, dma_len; |
| @@ -1141,10 +1127,10 @@ static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, | |||
| 1141 | return ERR_PTR(-EINVAL); | 1127 | return ERR_PTR(-EINVAL); |
| 1142 | } | 1128 | } |
| 1143 | 1129 | ||
| 1144 | if (iv) | 1130 | if (ivsize) |
| 1145 | iv_dma = dma_map_single(dev, iv, ivsize, DMA_TO_DEVICE); | 1131 | iv_dma = dma_map_single(dev, iv, ivsize, DMA_TO_DEVICE); |
| 1146 | 1132 | ||
| 1147 | if (assoc) { | 1133 | if (assoclen) { |
| 1148 | /* | 1134 | /* |
| 1149 | * Currently it is assumed that iv is provided whenever assoc | 1135 | * Currently it is assumed that iv is provided whenever assoc |
| 1150 | * is. | 1136 | * is. |
| @@ -1160,19 +1146,17 @@ static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, | |||
| 1160 | assoc_nents = assoc_nents ? assoc_nents + 1 : 2; | 1146 | assoc_nents = assoc_nents ? assoc_nents + 1 : 2; |
| 1161 | } | 1147 | } |
| 1162 | 1148 | ||
| 1163 | src_nents = sg_count(src, cryptlen + authsize, &src_chained); | 1149 | if (!dst || dst == src) { |
| 1164 | src_nents = (src_nents == 1) ? 0 : src_nents; | 1150 | src_nents = sg_count(src, cryptlen + authsize, &src_chained); |
| 1165 | 1151 | src_nents = (src_nents == 1) ? 0 : src_nents; | |
| 1166 | if (!dst) { | 1152 | dst_nents = dst ? src_nents : 0; |
| 1167 | dst_nents = 0; | 1153 | } else { /* dst && dst != src*/ |
| 1168 | } else { | 1154 | src_nents = sg_count(src, cryptlen + (encrypt ? 0 : authsize), |
| 1169 | if (dst == src) { | 1155 | &src_chained); |
| 1170 | dst_nents = src_nents; | 1156 | src_nents = (src_nents == 1) ? 0 : src_nents; |
| 1171 | } else { | 1157 | dst_nents = sg_count(dst, cryptlen + (encrypt ? authsize : 0), |
| 1172 | dst_nents = sg_count(dst, cryptlen + authsize, | 1158 | &dst_chained); |
| 1173 | &dst_chained); | 1159 | dst_nents = (dst_nents == 1) ? 0 : dst_nents; |
| 1174 | dst_nents = (dst_nents == 1) ? 0 : dst_nents; | ||
| 1175 | } | ||
| 1176 | } | 1160 | } |
| 1177 | 1161 | ||
| 1178 | /* | 1162 | /* |
| @@ -1192,9 +1176,16 @@ static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, | |||
| 1192 | 1176 | ||
| 1193 | edesc = kmalloc(alloc_len, GFP_DMA | flags); | 1177 | edesc = kmalloc(alloc_len, GFP_DMA | flags); |
| 1194 | if (!edesc) { | 1178 | if (!edesc) { |
| 1195 | talitos_unmap_sg_chain(dev, assoc, DMA_TO_DEVICE); | 1179 | if (assoc_chained) |
| 1180 | talitos_unmap_sg_chain(dev, assoc, DMA_TO_DEVICE); | ||
| 1181 | else if (assoclen) | ||
| 1182 | dma_unmap_sg(dev, assoc, | ||
| 1183 | assoc_nents ? assoc_nents - 1 : 1, | ||
| 1184 | DMA_TO_DEVICE); | ||
| 1185 | |||
| 1196 | if (iv_dma) | 1186 | if (iv_dma) |
| 1197 | dma_unmap_single(dev, iv_dma, ivsize, DMA_TO_DEVICE); | 1187 | dma_unmap_single(dev, iv_dma, ivsize, DMA_TO_DEVICE); |
| 1188 | |||
| 1198 | dev_err(dev, "could not allocate edescriptor\n"); | 1189 | dev_err(dev, "could not allocate edescriptor\n"); |
| 1199 | return ERR_PTR(-ENOMEM); | 1190 | return ERR_PTR(-ENOMEM); |
| 1200 | } | 1191 | } |
| @@ -1216,7 +1207,7 @@ static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, | |||
| 1216 | } | 1207 | } |
| 1217 | 1208 | ||
| 1218 | static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, u8 *iv, | 1209 | static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, u8 *iv, |
| 1219 | int icv_stashing) | 1210 | int icv_stashing, bool encrypt) |
| 1220 | { | 1211 | { |
| 1221 | struct crypto_aead *authenc = crypto_aead_reqtfm(areq); | 1212 | struct crypto_aead *authenc = crypto_aead_reqtfm(areq); |
| 1222 | struct talitos_ctx *ctx = crypto_aead_ctx(authenc); | 1213 | struct talitos_ctx *ctx = crypto_aead_ctx(authenc); |
| @@ -1225,7 +1216,7 @@ static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, u8 *iv, | |||
| 1225 | return talitos_edesc_alloc(ctx->dev, areq->assoc, areq->src, areq->dst, | 1216 | return talitos_edesc_alloc(ctx->dev, areq->assoc, areq->src, areq->dst, |
| 1226 | iv, areq->assoclen, areq->cryptlen, | 1217 | iv, areq->assoclen, areq->cryptlen, |
| 1227 | ctx->authsize, ivsize, icv_stashing, | 1218 | ctx->authsize, ivsize, icv_stashing, |
| 1228 | areq->base.flags); | 1219 | areq->base.flags, encrypt); |
| 1229 | } | 1220 | } |
| 1230 | 1221 | ||
| 1231 | static int aead_encrypt(struct aead_request *req) | 1222 | static int aead_encrypt(struct aead_request *req) |
| @@ -1235,7 +1226,7 @@ static int aead_encrypt(struct aead_request *req) | |||
| 1235 | struct talitos_edesc *edesc; | 1226 | struct talitos_edesc *edesc; |
| 1236 | 1227 | ||
| 1237 | /* allocate extended descriptor */ | 1228 | /* allocate extended descriptor */ |
| 1238 | edesc = aead_edesc_alloc(req, req->iv, 0); | 1229 | edesc = aead_edesc_alloc(req, req->iv, 0, true); |
| 1239 | if (IS_ERR(edesc)) | 1230 | if (IS_ERR(edesc)) |
| 1240 | return PTR_ERR(edesc); | 1231 | return PTR_ERR(edesc); |
| 1241 | 1232 | ||
| @@ -1258,7 +1249,7 @@ static int aead_decrypt(struct aead_request *req) | |||
| 1258 | req->cryptlen -= authsize; | 1249 | req->cryptlen -= authsize; |
| 1259 | 1250 | ||
| 1260 | /* allocate extended descriptor */ | 1251 | /* allocate extended descriptor */ |
| 1261 | edesc = aead_edesc_alloc(req, req->iv, 1); | 1252 | edesc = aead_edesc_alloc(req, req->iv, 1, false); |
| 1262 | if (IS_ERR(edesc)) | 1253 | if (IS_ERR(edesc)) |
| 1263 | return PTR_ERR(edesc); | 1254 | return PTR_ERR(edesc); |
| 1264 | 1255 | ||
| @@ -1304,7 +1295,7 @@ static int aead_givencrypt(struct aead_givcrypt_request *req) | |||
| 1304 | struct talitos_edesc *edesc; | 1295 | struct talitos_edesc *edesc; |
| 1305 | 1296 | ||
| 1306 | /* allocate extended descriptor */ | 1297 | /* allocate extended descriptor */ |
| 1307 | edesc = aead_edesc_alloc(areq, req->giv, 0); | 1298 | edesc = aead_edesc_alloc(areq, req->giv, 0, true); |
| 1308 | if (IS_ERR(edesc)) | 1299 | if (IS_ERR(edesc)) |
| 1309 | return PTR_ERR(edesc); | 1300 | return PTR_ERR(edesc); |
| 1310 | 1301 | ||
| @@ -1460,7 +1451,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc, | |||
| 1460 | } | 1451 | } |
| 1461 | 1452 | ||
| 1462 | static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request * | 1453 | static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request * |
| 1463 | areq) | 1454 | areq, bool encrypt) |
| 1464 | { | 1455 | { |
| 1465 | struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); | 1456 | struct crypto_ablkcipher *cipher = crypto_ablkcipher_reqtfm(areq); |
| 1466 | struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); | 1457 | struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); |
| @@ -1468,7 +1459,7 @@ static struct talitos_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request * | |||
| 1468 | 1459 | ||
| 1469 | return talitos_edesc_alloc(ctx->dev, NULL, areq->src, areq->dst, | 1460 | return talitos_edesc_alloc(ctx->dev, NULL, areq->src, areq->dst, |
| 1470 | areq->info, 0, areq->nbytes, 0, ivsize, 0, | 1461 | areq->info, 0, areq->nbytes, 0, ivsize, 0, |
| 1471 | areq->base.flags); | 1462 | areq->base.flags, encrypt); |
| 1472 | } | 1463 | } |
| 1473 | 1464 | ||
| 1474 | static int ablkcipher_encrypt(struct ablkcipher_request *areq) | 1465 | static int ablkcipher_encrypt(struct ablkcipher_request *areq) |
| @@ -1478,7 +1469,7 @@ static int ablkcipher_encrypt(struct ablkcipher_request *areq) | |||
| 1478 | struct talitos_edesc *edesc; | 1469 | struct talitos_edesc *edesc; |
| 1479 | 1470 | ||
| 1480 | /* allocate extended descriptor */ | 1471 | /* allocate extended descriptor */ |
| 1481 | edesc = ablkcipher_edesc_alloc(areq); | 1472 | edesc = ablkcipher_edesc_alloc(areq, true); |
| 1482 | if (IS_ERR(edesc)) | 1473 | if (IS_ERR(edesc)) |
| 1483 | return PTR_ERR(edesc); | 1474 | return PTR_ERR(edesc); |
| 1484 | 1475 | ||
| @@ -1495,7 +1486,7 @@ static int ablkcipher_decrypt(struct ablkcipher_request *areq) | |||
| 1495 | struct talitos_edesc *edesc; | 1486 | struct talitos_edesc *edesc; |
| 1496 | 1487 | ||
| 1497 | /* allocate extended descriptor */ | 1488 | /* allocate extended descriptor */ |
| 1498 | edesc = ablkcipher_edesc_alloc(areq); | 1489 | edesc = ablkcipher_edesc_alloc(areq, false); |
| 1499 | if (IS_ERR(edesc)) | 1490 | if (IS_ERR(edesc)) |
| 1500 | return PTR_ERR(edesc); | 1491 | return PTR_ERR(edesc); |
| 1501 | 1492 | ||
| @@ -1647,7 +1638,7 @@ static struct talitos_edesc *ahash_edesc_alloc(struct ahash_request *areq, | |||
| 1647 | struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); | 1638 | struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); |
| 1648 | 1639 | ||
| 1649 | return talitos_edesc_alloc(ctx->dev, NULL, req_ctx->psrc, NULL, NULL, 0, | 1640 | return talitos_edesc_alloc(ctx->dev, NULL, req_ctx->psrc, NULL, NULL, 0, |
| 1650 | nbytes, 0, 0, 0, areq->base.flags); | 1641 | nbytes, 0, 0, 0, areq->base.flags, false); |
| 1651 | } | 1642 | } |
| 1652 | 1643 | ||
| 1653 | static int ahash_init(struct ahash_request *areq) | 1644 | static int ahash_init(struct ahash_request *areq) |