aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Phillips <kim.phillips@freescale.com>2011-05-14 23:08:17 -0400
committerHerbert Xu <herbert@gondor.apana.org.au>2011-05-19 00:38:00 -0400
commit4427b1b4ec111622071ec872c94594e05635c6e9 (patch)
tree7dc473bef53f78ea754260081f0de110e899d4e9
parent66664487b137d71fd43667ac2a6a90970a040eb7 (diff)
crypto: caam - add support for sha512 variants of existing AEAD algorithms
In doing so, sha512 sized keys would not fit with the current descriptor inlining mechanism, so we now calculate whether keys should be referenced instead by pointers in the shared descriptor. also, use symbols for descriptor text lengths, and, ahem, unmap and free key i/o memory in cra_exit. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--drivers/crypto/caam/caamalg.c119
-rw-r--r--drivers/crypto/caam/desc_constr.h1
2 files changed, 107 insertions, 13 deletions
diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 672abf35d037..d0e65d6ddc77 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -61,6 +61,12 @@
61/* max IV is max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */ 61/* max IV is max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */
62#define CAAM_MAX_IV_LENGTH 16 62#define CAAM_MAX_IV_LENGTH 16
63 63
64/* length of descriptors text */
65#define DESC_AEAD_SHARED_TEXT_LEN 4
66#define DESC_AEAD_ENCRYPT_TEXT_LEN 21
67#define DESC_AEAD_DECRYPT_TEXT_LEN 24
68#define DESC_AEAD_GIVENCRYPT_TEXT_LEN 27
69
64#ifdef DEBUG 70#ifdef DEBUG
65/* for print_hex_dumps with line references */ 71/* for print_hex_dumps with line references */
66#define xstr(s) str(s) 72#define xstr(s) str(s)
@@ -219,10 +225,22 @@ static int build_sh_desc_ipsec(struct caam_ctx *ctx)
219 struct device *jrdev = ctx->jrdev; 225 struct device *jrdev = ctx->jrdev;
220 u32 *sh_desc; 226 u32 *sh_desc;
221 u32 *jump_cmd; 227 u32 *jump_cmd;
228 bool keys_fit_inline = 0;
229
230 /*
231 * largest Job Descriptor and its Shared Descriptor
232 * must both fit into the 64-word Descriptor h/w Buffer
233 */
234 if ((DESC_AEAD_GIVENCRYPT_TEXT_LEN +
235 DESC_AEAD_SHARED_TEXT_LEN) * CAAM_CMD_SZ +
236 ctx->split_key_pad_len + ctx->enckeylen <= CAAM_DESC_BYTES_MAX)
237 keys_fit_inline = 1;
222 238
223 /* build shared descriptor for this session */ 239 /* build shared descriptor for this session */
224 sh_desc = kmalloc(CAAM_CMD_SZ * 4 + ctx->split_key_pad_len + 240 sh_desc = kmalloc(CAAM_CMD_SZ * DESC_AEAD_SHARED_TEXT_LEN +
225 ctx->enckeylen, GFP_DMA | GFP_KERNEL); 241 keys_fit_inline ?
242 ctx->split_key_pad_len + ctx->enckeylen :
243 CAAM_PTR_SZ * 2, GFP_DMA | GFP_KERNEL);
226 if (!sh_desc) { 244 if (!sh_desc) {
227 dev_err(jrdev, "could not allocate shared descriptor\n"); 245 dev_err(jrdev, "could not allocate shared descriptor\n");
228 return -ENOMEM; 246 return -ENOMEM;
@@ -233,14 +251,23 @@ static int build_sh_desc_ipsec(struct caam_ctx *ctx)
233 jump_cmd = append_jump(sh_desc, CLASS_BOTH | JUMP_TEST_ALL | 251 jump_cmd = append_jump(sh_desc, CLASS_BOTH | JUMP_TEST_ALL |
234 JUMP_COND_SHRD | JUMP_COND_SELF); 252 JUMP_COND_SHRD | JUMP_COND_SELF);
235 253
236 /* process keys, starting with class 2/authentication */ 254 /*
237 append_key_as_imm(sh_desc, ctx->key, ctx->split_key_pad_len, 255 * process keys, starting with class 2/authentication.
238 ctx->split_key_len, 256 */
239 CLASS_2 | KEY_DEST_MDHA_SPLIT | KEY_ENC); 257 if (keys_fit_inline) {
240 258 append_key_as_imm(sh_desc, ctx->key, ctx->split_key_pad_len,
241 append_key_as_imm(sh_desc, (void *)ctx->key + ctx->split_key_pad_len, 259 ctx->split_key_len,
242 ctx->enckeylen, ctx->enckeylen, 260 CLASS_2 | KEY_DEST_MDHA_SPLIT | KEY_ENC);
243 CLASS_1 | KEY_DEST_CLASS_REG); 261
262 append_key_as_imm(sh_desc, (void *)ctx->key +
263 ctx->split_key_pad_len, ctx->enckeylen,
264 ctx->enckeylen, CLASS_1 | KEY_DEST_CLASS_REG);
265 } else {
266 append_key(sh_desc, ctx->key_phys, ctx->split_key_len, CLASS_2 |
267 KEY_DEST_MDHA_SPLIT | KEY_ENC);
268 append_key(sh_desc, ctx->key_phys + ctx->split_key_pad_len,
269 ctx->enckeylen, CLASS_1 | KEY_DEST_CLASS_REG);
270 }
244 271
245 /* update jump cmd now that we are at the jump target */ 272 /* update jump cmd now that we are at the jump target */
246 set_jump_tgt_here(sh_desc, jump_cmd); 273 set_jump_tgt_here(sh_desc, jump_cmd);
@@ -746,7 +773,8 @@ static int aead_authenc_encrypt(struct aead_request *areq)
746 dma_addr_t iv_dma; 773 dma_addr_t iv_dma;
747 774
748 /* allocate extended descriptor */ 775 /* allocate extended descriptor */
749 edesc = ipsec_esp_edesc_alloc(areq, 21 * sizeof(u32)); 776 edesc = ipsec_esp_edesc_alloc(areq, DESC_AEAD_ENCRYPT_TEXT_LEN *
777 CAAM_CMD_SZ);
750 if (IS_ERR(edesc)) 778 if (IS_ERR(edesc))
751 return PTR_ERR(edesc); 779 return PTR_ERR(edesc);
752 780
@@ -778,7 +806,8 @@ static int aead_authenc_decrypt(struct aead_request *req)
778 req->cryptlen -= ctx->authsize; 806 req->cryptlen -= ctx->authsize;
779 807
780 /* allocate extended descriptor */ 808 /* allocate extended descriptor */
781 edesc = ipsec_esp_edesc_alloc(req, 24 * sizeof(u32)); 809 edesc = ipsec_esp_edesc_alloc(req, DESC_AEAD_DECRYPT_TEXT_LEN *
810 CAAM_CMD_SZ);
782 if (IS_ERR(edesc)) 811 if (IS_ERR(edesc))
783 return PTR_ERR(edesc); 812 return PTR_ERR(edesc);
784 813
@@ -813,7 +842,8 @@ static int aead_authenc_givencrypt(struct aead_givcrypt_request *req)
813 debug("%s: giv %p\n", __func__, req->giv); 842 debug("%s: giv %p\n", __func__, req->giv);
814 843
815 /* allocate extended descriptor */ 844 /* allocate extended descriptor */
816 edesc = ipsec_esp_edesc_alloc(areq, 27 * sizeof(u32)); 845 edesc = ipsec_esp_edesc_alloc(areq, DESC_AEAD_GIVENCRYPT_TEXT_LEN *
846 CAAM_CMD_SZ);
817 if (IS_ERR(edesc)) 847 if (IS_ERR(edesc))
818 return PTR_ERR(edesc); 848 return PTR_ERR(edesc);
819 849
@@ -904,6 +934,25 @@ static struct caam_alg_template driver_algs[] = {
904 .alg_op = OP_ALG_ALGSEL_SHA256 | OP_ALG_AAI_HMAC, 934 .alg_op = OP_ALG_ALGSEL_SHA256 | OP_ALG_AAI_HMAC,
905 }, 935 },
906 { 936 {
937 .name = "authenc(hmac(sha512),cbc(aes))",
938 .driver_name = "authenc-hmac-sha512-cbc-aes-caam",
939 .blocksize = AES_BLOCK_SIZE,
940 .aead = {
941 .setkey = aead_authenc_setkey,
942 .setauthsize = aead_authenc_setauthsize,
943 .encrypt = aead_authenc_encrypt,
944 .decrypt = aead_authenc_decrypt,
945 .givencrypt = aead_authenc_givencrypt,
946 .geniv = "<built-in>",
947 .ivsize = AES_BLOCK_SIZE,
948 .maxauthsize = SHA512_DIGEST_SIZE,
949 },
950 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
951 .class2_alg_type = OP_ALG_ALGSEL_SHA512 |
952 OP_ALG_AAI_HMAC_PRECOMP,
953 .alg_op = OP_ALG_ALGSEL_SHA512 | OP_ALG_AAI_HMAC,
954 },
955 {
907 .name = "authenc(hmac(sha1),cbc(des3_ede))", 956 .name = "authenc(hmac(sha1),cbc(des3_ede))",
908 .driver_name = "authenc-hmac-sha1-cbc-des3_ede-caam", 957 .driver_name = "authenc-hmac-sha1-cbc-des3_ede-caam",
909 .blocksize = DES3_EDE_BLOCK_SIZE, 958 .blocksize = DES3_EDE_BLOCK_SIZE,
@@ -941,6 +990,25 @@ static struct caam_alg_template driver_algs[] = {
941 .alg_op = OP_ALG_ALGSEL_SHA256 | OP_ALG_AAI_HMAC, 990 .alg_op = OP_ALG_ALGSEL_SHA256 | OP_ALG_AAI_HMAC,
942 }, 991 },
943 { 992 {
993 .name = "authenc(hmac(sha512),cbc(des3_ede))",
994 .driver_name = "authenc-hmac-sha512-cbc-des3_ede-caam",
995 .blocksize = DES3_EDE_BLOCK_SIZE,
996 .aead = {
997 .setkey = aead_authenc_setkey,
998 .setauthsize = aead_authenc_setauthsize,
999 .encrypt = aead_authenc_encrypt,
1000 .decrypt = aead_authenc_decrypt,
1001 .givencrypt = aead_authenc_givencrypt,
1002 .geniv = "<built-in>",
1003 .ivsize = DES3_EDE_BLOCK_SIZE,
1004 .maxauthsize = SHA512_DIGEST_SIZE,
1005 },
1006 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1007 .class2_alg_type = OP_ALG_ALGSEL_SHA512 |
1008 OP_ALG_AAI_HMAC_PRECOMP,
1009 .alg_op = OP_ALG_ALGSEL_SHA512 | OP_ALG_AAI_HMAC,
1010 },
1011 {
944 .name = "authenc(hmac(sha1),cbc(des))", 1012 .name = "authenc(hmac(sha1),cbc(des))",
945 .driver_name = "authenc-hmac-sha1-cbc-des-caam", 1013 .driver_name = "authenc-hmac-sha1-cbc-des-caam",
946 .blocksize = DES_BLOCK_SIZE, 1014 .blocksize = DES_BLOCK_SIZE,
@@ -977,6 +1045,25 @@ static struct caam_alg_template driver_algs[] = {
977 OP_ALG_AAI_HMAC_PRECOMP, 1045 OP_ALG_AAI_HMAC_PRECOMP,
978 .alg_op = OP_ALG_ALGSEL_SHA256 | OP_ALG_AAI_HMAC, 1046 .alg_op = OP_ALG_ALGSEL_SHA256 | OP_ALG_AAI_HMAC,
979 }, 1047 },
1048 {
1049 .name = "authenc(hmac(sha512),cbc(des))",
1050 .driver_name = "authenc-hmac-sha512-cbc-des-caam",
1051 .blocksize = DES_BLOCK_SIZE,
1052 .aead = {
1053 .setkey = aead_authenc_setkey,
1054 .setauthsize = aead_authenc_setauthsize,
1055 .encrypt = aead_authenc_encrypt,
1056 .decrypt = aead_authenc_decrypt,
1057 .givencrypt = aead_authenc_givencrypt,
1058 .geniv = "<built-in>",
1059 .ivsize = DES_BLOCK_SIZE,
1060 .maxauthsize = SHA512_DIGEST_SIZE,
1061 },
1062 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
1063 .class2_alg_type = OP_ALG_ALGSEL_SHA512 |
1064 OP_ALG_AAI_HMAC_PRECOMP,
1065 .alg_op = OP_ALG_ALGSEL_SHA512 | OP_ALG_AAI_HMAC,
1066 },
980}; 1067};
981 1068
982struct caam_crypto_alg { 1069struct caam_crypto_alg {
@@ -1019,6 +1106,12 @@ static void caam_cra_exit(struct crypto_tfm *tfm)
1019 dma_unmap_single(ctx->jrdev, ctx->shared_desc_phys, 1106 dma_unmap_single(ctx->jrdev, ctx->shared_desc_phys,
1020 desc_bytes(ctx->sh_desc), DMA_TO_DEVICE); 1107 desc_bytes(ctx->sh_desc), DMA_TO_DEVICE);
1021 kfree(ctx->sh_desc); 1108 kfree(ctx->sh_desc);
1109
1110 if (!dma_mapping_error(ctx->jrdev, ctx->key_phys))
1111 dma_unmap_single(ctx->jrdev, ctx->key_phys,
1112 ctx->split_key_pad_len + ctx->enckeylen,
1113 DMA_TO_DEVICE);
1114 kfree(ctx->key);
1022} 1115}
1023 1116
1024static void __exit caam_algapi_exit(void) 1117static void __exit caam_algapi_exit(void)
diff --git a/drivers/crypto/caam/desc_constr.h b/drivers/crypto/caam/desc_constr.h
index c224f39e94a7..46915800c26f 100644
--- a/drivers/crypto/caam/desc_constr.h
+++ b/drivers/crypto/caam/desc_constr.h
@@ -9,6 +9,7 @@
9#define IMMEDIATE (1 << 23) 9#define IMMEDIATE (1 << 23)
10#define CAAM_CMD_SZ sizeof(u32) 10#define CAAM_CMD_SZ sizeof(u32)
11#define CAAM_PTR_SZ sizeof(dma_addr_t) 11#define CAAM_PTR_SZ sizeof(dma_addr_t)
12#define CAAM_DESC_BYTES_MAX (CAAM_CMD_SZ * 64)
12 13
13#ifdef DEBUG 14#ifdef DEBUG
14#define PRINT_POS do { printk(KERN_DEBUG "%02d: %s\n", desc_len(desc),\ 15#define PRINT_POS do { printk(KERN_DEBUG "%02d: %s\n", desc_len(desc),\