diff options
Diffstat (limited to 'drivers/crypto/padlock-aes.c')
| -rw-r--r-- | drivers/crypto/padlock-aes.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/drivers/crypto/padlock-aes.c b/drivers/crypto/padlock-aes.c index c33334ac987e..2f3ad3f7dfea 100644 --- a/drivers/crypto/padlock-aes.c +++ b/drivers/crypto/padlock-aes.c | |||
| @@ -417,6 +417,11 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
| 417 | /* ====== Encryption/decryption routines ====== */ | 417 | /* ====== Encryption/decryption routines ====== */ |
| 418 | 418 | ||
| 419 | /* These are the real call to PadLock. */ | 419 | /* These are the real call to PadLock. */ |
| 420 | static inline void padlock_reset_key(void) | ||
| 421 | { | ||
| 422 | asm volatile ("pushfl; popfl"); | ||
| 423 | } | ||
| 424 | |||
| 420 | static inline void padlock_xcrypt(const u8 *input, u8 *output, void *key, | 425 | static inline void padlock_xcrypt(const u8 *input, u8 *output, void *key, |
| 421 | void *control_word) | 426 | void *control_word) |
| 422 | { | 427 | { |
| @@ -437,8 +442,6 @@ static void aes_crypt_copy(const u8 *in, u8 *out, u32 *key, struct cword *cword) | |||
| 437 | static inline void aes_crypt(const u8 *in, u8 *out, u32 *key, | 442 | static inline void aes_crypt(const u8 *in, u8 *out, u32 *key, |
| 438 | struct cword *cword) | 443 | struct cword *cword) |
| 439 | { | 444 | { |
| 440 | asm volatile ("pushfl; popfl"); | ||
| 441 | |||
| 442 | /* padlock_xcrypt requires at least two blocks of data. */ | 445 | /* padlock_xcrypt requires at least two blocks of data. */ |
| 443 | if (unlikely(!(((unsigned long)in ^ (PAGE_SIZE - AES_BLOCK_SIZE)) & | 446 | if (unlikely(!(((unsigned long)in ^ (PAGE_SIZE - AES_BLOCK_SIZE)) & |
| 444 | (PAGE_SIZE - 1)))) { | 447 | (PAGE_SIZE - 1)))) { |
| @@ -457,7 +460,6 @@ static inline void padlock_xcrypt_ecb(const u8 *input, u8 *output, void *key, | |||
| 457 | return; | 460 | return; |
| 458 | } | 461 | } |
| 459 | 462 | ||
| 460 | asm volatile ("pushfl; popfl"); /* enforce key reload. */ | ||
| 461 | asm volatile ("test $1, %%cl;" | 463 | asm volatile ("test $1, %%cl;" |
| 462 | "je 1f;" | 464 | "je 1f;" |
| 463 | "lea -1(%%ecx), %%eax;" | 465 | "lea -1(%%ecx), %%eax;" |
| @@ -474,8 +476,6 @@ static inline void padlock_xcrypt_ecb(const u8 *input, u8 *output, void *key, | |||
| 474 | static inline u8 *padlock_xcrypt_cbc(const u8 *input, u8 *output, void *key, | 476 | static inline u8 *padlock_xcrypt_cbc(const u8 *input, u8 *output, void *key, |
| 475 | u8 *iv, void *control_word, u32 count) | 477 | u8 *iv, void *control_word, u32 count) |
| 476 | { | 478 | { |
| 477 | /* Enforce key reload. */ | ||
| 478 | asm volatile ("pushfl; popfl"); | ||
| 479 | /* rep xcryptcbc */ | 479 | /* rep xcryptcbc */ |
| 480 | asm volatile (".byte 0xf3,0x0f,0xa7,0xd0" | 480 | asm volatile (".byte 0xf3,0x0f,0xa7,0xd0" |
| 481 | : "+S" (input), "+D" (output), "+a" (iv) | 481 | : "+S" (input), "+D" (output), "+a" (iv) |
| @@ -486,12 +486,14 @@ static inline u8 *padlock_xcrypt_cbc(const u8 *input, u8 *output, void *key, | |||
| 486 | static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 486 | static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
| 487 | { | 487 | { |
| 488 | struct aes_ctx *ctx = aes_ctx(tfm); | 488 | struct aes_ctx *ctx = aes_ctx(tfm); |
| 489 | padlock_reset_key(); | ||
| 489 | aes_crypt(in, out, ctx->E, &ctx->cword.encrypt); | 490 | aes_crypt(in, out, ctx->E, &ctx->cword.encrypt); |
| 490 | } | 491 | } |
| 491 | 492 | ||
| 492 | static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 493 | static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
| 493 | { | 494 | { |
| 494 | struct aes_ctx *ctx = aes_ctx(tfm); | 495 | struct aes_ctx *ctx = aes_ctx(tfm); |
| 496 | padlock_reset_key(); | ||
| 495 | aes_crypt(in, out, ctx->D, &ctx->cword.decrypt); | 497 | aes_crypt(in, out, ctx->D, &ctx->cword.decrypt); |
| 496 | } | 498 | } |
| 497 | 499 | ||
| @@ -524,6 +526,8 @@ static int ecb_aes_encrypt(struct blkcipher_desc *desc, | |||
| 524 | struct blkcipher_walk walk; | 526 | struct blkcipher_walk walk; |
| 525 | int err; | 527 | int err; |
| 526 | 528 | ||
| 529 | padlock_reset_key(); | ||
| 530 | |||
| 527 | blkcipher_walk_init(&walk, dst, src, nbytes); | 531 | blkcipher_walk_init(&walk, dst, src, nbytes); |
| 528 | err = blkcipher_walk_virt(desc, &walk); | 532 | err = blkcipher_walk_virt(desc, &walk); |
| 529 | 533 | ||
| @@ -546,6 +550,8 @@ static int ecb_aes_decrypt(struct blkcipher_desc *desc, | |||
| 546 | struct blkcipher_walk walk; | 550 | struct blkcipher_walk walk; |
| 547 | int err; | 551 | int err; |
| 548 | 552 | ||
| 553 | padlock_reset_key(); | ||
| 554 | |||
| 549 | blkcipher_walk_init(&walk, dst, src, nbytes); | 555 | blkcipher_walk_init(&walk, dst, src, nbytes); |
| 550 | err = blkcipher_walk_virt(desc, &walk); | 556 | err = blkcipher_walk_virt(desc, &walk); |
| 551 | 557 | ||
| @@ -590,6 +596,8 @@ static int cbc_aes_encrypt(struct blkcipher_desc *desc, | |||
| 590 | struct blkcipher_walk walk; | 596 | struct blkcipher_walk walk; |
| 591 | int err; | 597 | int err; |
| 592 | 598 | ||
| 599 | padlock_reset_key(); | ||
| 600 | |||
| 593 | blkcipher_walk_init(&walk, dst, src, nbytes); | 601 | blkcipher_walk_init(&walk, dst, src, nbytes); |
| 594 | err = blkcipher_walk_virt(desc, &walk); | 602 | err = blkcipher_walk_virt(desc, &walk); |
| 595 | 603 | ||
| @@ -614,6 +622,8 @@ static int cbc_aes_decrypt(struct blkcipher_desc *desc, | |||
| 614 | struct blkcipher_walk walk; | 622 | struct blkcipher_walk walk; |
| 615 | int err; | 623 | int err; |
| 616 | 624 | ||
| 625 | padlock_reset_key(); | ||
| 626 | |||
| 617 | blkcipher_walk_init(&walk, dst, src, nbytes); | 627 | blkcipher_walk_init(&walk, dst, src, nbytes); |
| 618 | err = blkcipher_walk_virt(desc, &walk); | 628 | err = blkcipher_walk_virt(desc, &walk); |
| 619 | 629 | ||