diff options
| author | Kim Phillips <kim.phillips@freescale.com> | 2010-05-19 05:21:53 -0400 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2010-05-19 05:21:53 -0400 |
| commit | 60f208d7836216885cdcd6f77a02f31dbc66f169 (patch) | |
| tree | 03458188b947e1cddf5d0f34b316935e470f7147 | |
| parent | 497f2e6b8b21407625a4fb34bc04b50eff098085 (diff) | |
crypto: talitos - add support for sha224
SEC h/w versions 2.1 and above support sha224 via explicit instruction.
Performing sha224 ahashes on earlier versions is still possible because
they support sha256 (sha224 is sha256 with different initial constants
and a different truncation length). We do this by overriding hardware
context self-initialization, and perform it manually in s/w instead.
Thanks to Lee for his fixes for correct execution on actual sec2.0 h/w.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off by: Lee Nipper <lee.nipper@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| -rw-r--r-- | drivers/crypto/talitos.c | 81 | ||||
| -rw-r--r-- | drivers/crypto/talitos.h | 4 |
2 files changed, 75 insertions, 10 deletions
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index 1b08a3951fb4..6a0f59d1fc5c 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | /* | 1 | /* |
| 2 | * talitos - Freescale Integrated Security Engine (SEC) device driver | 2 | * talitos - Freescale Integrated Security Engine (SEC) device driver |
| 3 | * | 3 | * |
| 4 | * Copyright (c) 2008 Freescale Semiconductor, Inc. | 4 | * Copyright (c) 2008-2010 Freescale Semiconductor, Inc. |
| 5 | * | 5 | * |
| 6 | * Scatterlist Crypto API glue code copied from files with the following: | 6 | * Scatterlist Crypto API glue code copied from files with the following: |
| 7 | * Copyright (c) 2006-2007 Herbert Xu <herbert@gondor.apana.org.au> | 7 | * Copyright (c) 2006-2007 Herbert Xu <herbert@gondor.apana.org.au> |
| @@ -156,6 +156,7 @@ struct talitos_private { | |||
| 156 | /* .features flag */ | 156 | /* .features flag */ |
| 157 | #define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x00000001 | 157 | #define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x00000001 |
| 158 | #define TALITOS_FTR_HW_AUTH_CHECK 0x00000002 | 158 | #define TALITOS_FTR_HW_AUTH_CHECK 0x00000002 |
| 159 | #define TALITOS_FTR_SHA224_HWINIT 0x00000004 | ||
| 159 | 160 | ||
| 160 | static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t dma_addr) | 161 | static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t dma_addr) |
| 161 | { | 162 | { |
| @@ -720,10 +721,11 @@ struct talitos_ctx { | |||
| 720 | 721 | ||
| 721 | struct talitos_ahash_req_ctx { | 722 | struct talitos_ahash_req_ctx { |
| 722 | u64 count; | 723 | u64 count; |
| 723 | u8 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE]; | 724 | u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)]; |
| 724 | unsigned int hw_context_size; | 725 | unsigned int hw_context_size; |
| 725 | u8 buf[HASH_MAX_BLOCK_SIZE]; | 726 | u8 buf[HASH_MAX_BLOCK_SIZE]; |
| 726 | u8 bufnext[HASH_MAX_BLOCK_SIZE]; | 727 | u8 bufnext[HASH_MAX_BLOCK_SIZE]; |
| 728 | unsigned int swinit; | ||
| 727 | unsigned int first; | 729 | unsigned int first; |
| 728 | unsigned int last; | 730 | unsigned int last; |
| 729 | unsigned int to_hash_later; | 731 | unsigned int to_hash_later; |
| @@ -1631,12 +1633,13 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc, | |||
| 1631 | /* first DWORD empty */ | 1633 | /* first DWORD empty */ |
| 1632 | desc->ptr[0] = zero_entry; | 1634 | desc->ptr[0] = zero_entry; |
| 1633 | 1635 | ||
| 1634 | /* hash context in (if not first) */ | 1636 | /* hash context in */ |
| 1635 | if (!req_ctx->first) { | 1637 | if (!req_ctx->first || req_ctx->swinit) { |
| 1636 | map_single_talitos_ptr(dev, &desc->ptr[1], | 1638 | map_single_talitos_ptr(dev, &desc->ptr[1], |
| 1637 | req_ctx->hw_context_size, | 1639 | req_ctx->hw_context_size, |
| 1638 | (char *)req_ctx->hw_context, 0, | 1640 | (char *)req_ctx->hw_context, 0, |
| 1639 | DMA_TO_DEVICE); | 1641 | DMA_TO_DEVICE); |
| 1642 | req_ctx->swinit = 0; | ||
| 1640 | } else { | 1643 | } else { |
| 1641 | desc->ptr[1] = zero_entry; | 1644 | desc->ptr[1] = zero_entry; |
| 1642 | /* Indicate next op is not the first. */ | 1645 | /* Indicate next op is not the first. */ |
| @@ -1722,7 +1725,8 @@ static int ahash_init(struct ahash_request *areq) | |||
| 1722 | 1725 | ||
| 1723 | /* Initialize the context */ | 1726 | /* Initialize the context */ |
| 1724 | req_ctx->count = 0; | 1727 | req_ctx->count = 0; |
| 1725 | req_ctx->first = 1; /* first indicates h/w must init it's context */ | 1728 | req_ctx->first = 1; /* first indicates h/w must init its context */ |
| 1729 | req_ctx->swinit = 0; /* assume h/w init of context */ | ||
| 1726 | req_ctx->hw_context_size = | 1730 | req_ctx->hw_context_size = |
| 1727 | (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE) | 1731 | (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE) |
| 1728 | ? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256 | 1732 | ? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256 |
| @@ -1731,6 +1735,33 @@ static int ahash_init(struct ahash_request *areq) | |||
| 1731 | return 0; | 1735 | return 0; |
| 1732 | } | 1736 | } |
| 1733 | 1737 | ||
| 1738 | /* | ||
| 1739 | * on h/w without explicit sha224 support, we initialize h/w context | ||
| 1740 | * manually with sha224 constants, and tell it to run sha256. | ||
| 1741 | */ | ||
| 1742 | static int ahash_init_sha224_swinit(struct ahash_request *areq) | ||
| 1743 | { | ||
| 1744 | struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); | ||
| 1745 | |||
| 1746 | ahash_init(areq); | ||
| 1747 | req_ctx->swinit = 1;/* prevent h/w initting context with sha256 values*/ | ||
| 1748 | |||
| 1749 | req_ctx->hw_context[0] = cpu_to_be32(SHA224_H0); | ||
| 1750 | req_ctx->hw_context[1] = cpu_to_be32(SHA224_H1); | ||
| 1751 | req_ctx->hw_context[2] = cpu_to_be32(SHA224_H2); | ||
| 1752 | req_ctx->hw_context[3] = cpu_to_be32(SHA224_H3); | ||
| 1753 | req_ctx->hw_context[4] = cpu_to_be32(SHA224_H4); | ||
| 1754 | req_ctx->hw_context[5] = cpu_to_be32(SHA224_H5); | ||
| 1755 | req_ctx->hw_context[6] = cpu_to_be32(SHA224_H6); | ||
| 1756 | req_ctx->hw_context[7] = cpu_to_be32(SHA224_H7); | ||
| 1757 | |||
| 1758 | /* init 64-bit count */ | ||
| 1759 | req_ctx->hw_context[8] = 0; | ||
| 1760 | req_ctx->hw_context[9] = 0; | ||
| 1761 | |||
| 1762 | return 0; | ||
| 1763 | } | ||
| 1764 | |||
| 1734 | static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes) | 1765 | static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes) |
| 1735 | { | 1766 | { |
| 1736 | struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); | 1767 | struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq); |
| @@ -1799,8 +1830,8 @@ static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes) | |||
| 1799 | else | 1830 | else |
| 1800 | edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_CONT; | 1831 | edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_CONT; |
| 1801 | 1832 | ||
| 1802 | /* On first one, request SEC to INIT hash. */ | 1833 | /* request SEC to INIT hash. */ |
| 1803 | if (req_ctx->first) | 1834 | if (req_ctx->first && !req_ctx->swinit) |
| 1804 | edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_INIT; | 1835 | edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_INIT; |
| 1805 | 1836 | ||
| 1806 | /* When the tfm context has a keylen, it's an HMAC. | 1837 | /* When the tfm context has a keylen, it's an HMAC. |
| @@ -1843,8 +1874,9 @@ static int ahash_finup(struct ahash_request *areq) | |||
| 1843 | static int ahash_digest(struct ahash_request *areq) | 1874 | static int ahash_digest(struct ahash_request *areq) |
| 1844 | { | 1875 | { |
| 1845 | struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); | 1876 | struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq); |
| 1877 | struct crypto_ahash *ahash = crypto_ahash_reqtfm(areq); | ||
| 1846 | 1878 | ||
| 1847 | ahash_init(areq); | 1879 | ahash->init(areq); |
| 1848 | req_ctx->last = 1; | 1880 | req_ctx->last = 1; |
| 1849 | 1881 | ||
| 1850 | return ahash_process_req(areq, areq->nbytes); | 1882 | return ahash_process_req(areq, areq->nbytes); |
| @@ -2116,6 +2148,27 @@ static struct talitos_alg_template driver_algs[] = { | |||
| 2116 | .final = ahash_final, | 2148 | .final = ahash_final, |
| 2117 | .finup = ahash_finup, | 2149 | .finup = ahash_finup, |
| 2118 | .digest = ahash_digest, | 2150 | .digest = ahash_digest, |
| 2151 | .halg.digestsize = SHA224_DIGEST_SIZE, | ||
| 2152 | .halg.base = { | ||
| 2153 | .cra_name = "sha224", | ||
| 2154 | .cra_driver_name = "sha224-talitos", | ||
| 2155 | .cra_blocksize = SHA224_BLOCK_SIZE, | ||
| 2156 | .cra_flags = CRYPTO_ALG_TYPE_AHASH | | ||
| 2157 | CRYPTO_ALG_ASYNC, | ||
| 2158 | .cra_type = &crypto_ahash_type | ||
| 2159 | } | ||
| 2160 | }, | ||
| 2161 | .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | | ||
| 2162 | DESC_HDR_SEL0_MDEUA | | ||
| 2163 | DESC_HDR_MODE0_MDEU_SHA224, | ||
| 2164 | }, | ||
| 2165 | { .type = CRYPTO_ALG_TYPE_AHASH, | ||
| 2166 | .alg.hash = { | ||
| 2167 | .init = ahash_init, | ||
| 2168 | .update = ahash_update, | ||
| 2169 | .final = ahash_final, | ||
| 2170 | .finup = ahash_finup, | ||
| 2171 | .digest = ahash_digest, | ||
| 2119 | .halg.digestsize = SHA256_DIGEST_SIZE, | 2172 | .halg.digestsize = SHA256_DIGEST_SIZE, |
| 2120 | .halg.base = { | 2173 | .halg.base = { |
| 2121 | .cra_name = "sha256", | 2174 | .cra_name = "sha256", |
| @@ -2298,6 +2351,7 @@ static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev, | |||
| 2298 | struct talitos_alg_template | 2351 | struct talitos_alg_template |
| 2299 | *template) | 2352 | *template) |
| 2300 | { | 2353 | { |
| 2354 | struct talitos_private *priv = dev_get_drvdata(dev); | ||
| 2301 | struct talitos_crypto_alg *t_alg; | 2355 | struct talitos_crypto_alg *t_alg; |
| 2302 | struct crypto_alg *alg; | 2356 | struct crypto_alg *alg; |
| 2303 | 2357 | ||
| @@ -2319,6 +2373,14 @@ static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev, | |||
| 2319 | case CRYPTO_ALG_TYPE_AHASH: | 2373 | case CRYPTO_ALG_TYPE_AHASH: |
| 2320 | alg = &t_alg->algt.alg.hash.halg.base; | 2374 | alg = &t_alg->algt.alg.hash.halg.base; |
| 2321 | alg->cra_init = talitos_cra_init_ahash; | 2375 | alg->cra_init = talitos_cra_init_ahash; |
| 2376 | if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) && | ||
| 2377 | !strcmp(alg->cra_name, "sha224")) { | ||
| 2378 | t_alg->algt.alg.hash.init = ahash_init_sha224_swinit; | ||
| 2379 | t_alg->algt.desc_hdr_template = | ||
| 2380 | DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | | ||
| 2381 | DESC_HDR_SEL0_MDEUA | | ||
| 2382 | DESC_HDR_MODE0_MDEU_SHA256; | ||
| 2383 | } | ||
| 2322 | break; | 2384 | break; |
| 2323 | } | 2385 | } |
| 2324 | 2386 | ||
| @@ -2406,7 +2468,8 @@ static int talitos_probe(struct of_device *ofdev, | |||
| 2406 | priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT; | 2468 | priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT; |
| 2407 | 2469 | ||
| 2408 | if (of_device_is_compatible(np, "fsl,sec2.1")) | 2470 | if (of_device_is_compatible(np, "fsl,sec2.1")) |
| 2409 | priv->features |= TALITOS_FTR_HW_AUTH_CHECK; | 2471 | priv->features |= TALITOS_FTR_HW_AUTH_CHECK | |
| 2472 | TALITOS_FTR_SHA224_HWINIT; | ||
| 2410 | 2473 | ||
| 2411 | priv->chan = kzalloc(sizeof(struct talitos_channel) * | 2474 | priv->chan = kzalloc(sizeof(struct talitos_channel) * |
| 2412 | priv->num_channels, GFP_KERNEL); | 2475 | priv->num_channels, GFP_KERNEL); |
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h index 05c57b730e99..0b746aca4587 100644 --- a/drivers/crypto/talitos.h +++ b/drivers/crypto/talitos.h | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | /* | 1 | /* |
| 2 | * Freescale SEC (talitos) device register and descriptor header defines | 2 | * Freescale SEC (talitos) device register and descriptor header defines |
| 3 | * | 3 | * |
| 4 | * Copyright (c) 2006-2008 Freescale Semiconductor, Inc. | 4 | * Copyright (c) 2006-2010 Freescale Semiconductor, Inc. |
| 5 | * | 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without | 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions | 7 | * modification, are permitted provided that the following conditions |
| @@ -164,6 +164,7 @@ | |||
| 164 | #define DESC_HDR_MODE0_MDEU_INIT cpu_to_be32(0x01000000) | 164 | #define DESC_HDR_MODE0_MDEU_INIT cpu_to_be32(0x01000000) |
| 165 | #define DESC_HDR_MODE0_MDEU_HMAC cpu_to_be32(0x00800000) | 165 | #define DESC_HDR_MODE0_MDEU_HMAC cpu_to_be32(0x00800000) |
| 166 | #define DESC_HDR_MODE0_MDEU_PAD cpu_to_be32(0x00400000) | 166 | #define DESC_HDR_MODE0_MDEU_PAD cpu_to_be32(0x00400000) |
| 167 | #define DESC_HDR_MODE0_MDEU_SHA224 cpu_to_be32(0x00300000) | ||
| 167 | #define DESC_HDR_MODE0_MDEU_MD5 cpu_to_be32(0x00200000) | 168 | #define DESC_HDR_MODE0_MDEU_MD5 cpu_to_be32(0x00200000) |
| 168 | #define DESC_HDR_MODE0_MDEU_SHA256 cpu_to_be32(0x00100000) | 169 | #define DESC_HDR_MODE0_MDEU_SHA256 cpu_to_be32(0x00100000) |
| 169 | #define DESC_HDR_MODE0_MDEU_SHA1 cpu_to_be32(0x00000000) | 170 | #define DESC_HDR_MODE0_MDEU_SHA1 cpu_to_be32(0x00000000) |
| @@ -187,6 +188,7 @@ | |||
| 187 | #define DESC_HDR_MODE1_MDEU_INIT cpu_to_be32(0x00001000) | 188 | #define DESC_HDR_MODE1_MDEU_INIT cpu_to_be32(0x00001000) |
| 188 | #define DESC_HDR_MODE1_MDEU_HMAC cpu_to_be32(0x00000800) | 189 | #define DESC_HDR_MODE1_MDEU_HMAC cpu_to_be32(0x00000800) |
| 189 | #define DESC_HDR_MODE1_MDEU_PAD cpu_to_be32(0x00000400) | 190 | #define DESC_HDR_MODE1_MDEU_PAD cpu_to_be32(0x00000400) |
| 191 | #define DESC_HDR_MODE1_MDEU_SHA224 cpu_to_be32(0x00000300) | ||
| 190 | #define DESC_HDR_MODE1_MDEU_MD5 cpu_to_be32(0x00000200) | 192 | #define DESC_HDR_MODE1_MDEU_MD5 cpu_to_be32(0x00000200) |
| 191 | #define DESC_HDR_MODE1_MDEU_SHA256 cpu_to_be32(0x00000100) | 193 | #define DESC_HDR_MODE1_MDEU_SHA256 cpu_to_be32(0x00000100) |
| 192 | #define DESC_HDR_MODE1_MDEU_SHA1 cpu_to_be32(0x00000000) | 194 | #define DESC_HDR_MODE1_MDEU_SHA1 cpu_to_be32(0x00000000) |