2 * sun4i-ss-hash.c - hardware cryptographic accelerator for Allwinner A20 SoC
4 * Copyright (C) 2013-2015 Corentin LABBE <clabbe.montjoie@gmail.com>
6 * This file add support for MD5 and SHA1.
8 * You could find the datasheet in Documentation/arm/sunxi/README
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
16 #include <linux/scatterlist.h>
18 /* This is a totally arbitrary value */
19 #define SS_TIMEOUT 100
21 int sun4i_hash_crainit(struct crypto_tfm
*tfm
)
23 crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm
),
24 sizeof(struct sun4i_req_ctx
));
28 /* sun4i_hash_init: initialize request context */
29 int sun4i_hash_init(struct ahash_request
*areq
)
31 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
32 struct crypto_ahash
*tfm
= crypto_ahash_reqtfm(areq
);
33 struct ahash_alg
*alg
= __crypto_ahash_alg(tfm
->base
.__crt_alg
);
34 struct sun4i_ss_alg_template
*algt
;
36 memset(op
, 0, sizeof(struct sun4i_req_ctx
));
38 algt
= container_of(alg
, struct sun4i_ss_alg_template
, alg
.hash
);
40 op
->mode
= algt
->mode
;
45 int sun4i_hash_export_md5(struct ahash_request
*areq
, void *out
)
47 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
48 struct md5_state
*octx
= out
;
51 octx
->byte_count
= op
->byte_count
+ op
->len
;
53 memcpy(octx
->block
, op
->buf
, op
->len
);
55 if (op
->byte_count
> 0) {
56 for (i
= 0; i
< 4; i
++)
57 octx
->hash
[i
] = op
->hash
[i
];
59 octx
->hash
[0] = SHA1_H0
;
60 octx
->hash
[1] = SHA1_H1
;
61 octx
->hash
[2] = SHA1_H2
;
62 octx
->hash
[3] = SHA1_H3
;
68 int sun4i_hash_import_md5(struct ahash_request
*areq
, const void *in
)
70 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
71 const struct md5_state
*ictx
= in
;
74 sun4i_hash_init(areq
);
76 op
->byte_count
= ictx
->byte_count
& ~0x3F;
77 op
->len
= ictx
->byte_count
& 0x3F;
79 memcpy(op
->buf
, ictx
->block
, op
->len
);
81 for (i
= 0; i
< 4; i
++)
82 op
->hash
[i
] = ictx
->hash
[i
];
87 int sun4i_hash_export_sha1(struct ahash_request
*areq
, void *out
)
89 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
90 struct sha1_state
*octx
= out
;
93 octx
->count
= op
->byte_count
+ op
->len
;
95 memcpy(octx
->buffer
, op
->buf
, op
->len
);
97 if (op
->byte_count
> 0) {
98 for (i
= 0; i
< 5; i
++)
99 octx
->state
[i
] = op
->hash
[i
];
101 octx
->state
[0] = SHA1_H0
;
102 octx
->state
[1] = SHA1_H1
;
103 octx
->state
[2] = SHA1_H2
;
104 octx
->state
[3] = SHA1_H3
;
105 octx
->state
[4] = SHA1_H4
;
111 int sun4i_hash_import_sha1(struct ahash_request
*areq
, const void *in
)
113 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
114 const struct sha1_state
*ictx
= in
;
117 sun4i_hash_init(areq
);
119 op
->byte_count
= ictx
->count
& ~0x3F;
120 op
->len
= ictx
->count
& 0x3F;
122 memcpy(op
->buf
, ictx
->buffer
, op
->len
);
124 for (i
= 0; i
< 5; i
++)
125 op
->hash
[i
] = ictx
->state
[i
];
130 #define SS_HASH_UPDATE 1
131 #define SS_HASH_FINAL 2
134 * sun4i_hash_update: update hash engine
136 * Could be used for both SHA1 and MD5
137 * Write data by step of 32bits and put then in the SS.
139 * Since we cannot leave partial data and hash state in the engine,
140 * we need to get the hash state at the end of this function.
141 * We can get the hash state every 64 bytes
143 * So the first work is to get the number of bytes to write to SS modulo 64
144 * The extra bytes will go to a temporary buffer op->buf storing op->len bytes
146 * So at the begin of update()
147 * if op->len + areq->nbytes < 64
148 * => all data will be written to wait buffer (op->buf) and end=0
149 * if not, write all data from op->buf to the device and position end to
150 * complete to 64bytes
153 * update1 60o => op->len=60
154 * update2 60o => need one more word to have 64 bytes
156 * so write all data from op->buf and one word of SGs
157 * write remaining data in op->buf
158 * final state op->len=56
160 int sun4i_hash(struct ahash_request
*areq
)
165 * i is the total bytes read from SGs, to be compared to areq->nbytes
166 * i is important because we cannot rely on SG length since the sum of
167 * SG->length could be greater than areq->nbytes
170 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
171 struct sun4i_ss_ctx
*ss
= op
->ss
;
172 struct crypto_ahash
*tfm
= crypto_ahash_reqtfm(areq
);
173 unsigned int in_i
= 0; /* advancement in the current SG */
176 * end is the position when we need to stop writing to the device,
177 * to be compared to i
181 u32 spaces
, rx_cnt
= SS_RX_DEFAULT
;
183 struct sg_mapping_iter mi
;
186 unsigned int index
, padlen
;
190 unsigned int nwait
, nbw
= 0;
191 struct scatterlist
*in_sg
= areq
->src
;
193 dev_dbg(ss
->dev
, "%s %s bc=%llu len=%u mode=%x wl=%u h0=%0x",
194 __func__
, crypto_tfm_alg_name(areq
->base
.tfm
),
195 op
->byte_count
, areq
->nbytes
, op
->mode
,
196 op
->len
, op
->hash
[0]);
198 if (unlikely(areq
->nbytes
== 0) && (op
->flags
& SS_HASH_FINAL
) == 0)
201 /* protect against overflow */
202 if (unlikely(areq
->nbytes
> UINT_MAX
- op
->len
)) {
203 dev_err(ss
->dev
, "Cannot process too large request\n");
207 if (op
->len
+ areq
->nbytes
< 64 && (op
->flags
& SS_HASH_FINAL
) == 0) {
208 /* linearize data to op->buf */
209 copied
= sg_pcopy_to_buffer(areq
->src
, sg_nents(areq
->src
),
210 op
->buf
+ op
->len
, areq
->nbytes
, 0);
215 spin_lock_bh(&ss
->slock
);
218 * if some data have been processed before,
219 * we need to restore the partial hash state
221 if (op
->byte_count
> 0) {
222 ivmode
= SS_IV_ARBITRARY
;
223 for (i
= 0; i
< 5; i
++)
224 writel(op
->hash
[i
], ss
->base
+ SS_IV0
+ i
* 4);
226 /* Enable the device */
227 writel(op
->mode
| SS_ENABLED
| ivmode
, ss
->base
+ SS_CTL
);
229 if ((op
->flags
& SS_HASH_UPDATE
) == 0)
232 /* start of handling data */
233 if ((op
->flags
& SS_HASH_FINAL
) == 0) {
234 end
= ((areq
->nbytes
+ op
->len
) / 64) * 64 - op
->len
;
236 if (end
> areq
->nbytes
|| areq
->nbytes
- end
> 63) {
237 dev_err(ss
->dev
, "ERROR: Bound error %u %u\n",
242 /* Since we have the flag final, we can go up to modulo 4 */
243 end
= ((areq
->nbytes
+ op
->len
) / 4) * 4 - op
->len
;
246 /* TODO if SGlen % 4 and op->len == 0 then DMA */
248 while (in_sg
&& i
== 1) {
249 if ((in_sg
->length
% 4) != 0)
251 in_sg
= sg_next(in_sg
);
253 if (i
== 1 && op
->len
== 0)
254 dev_dbg(ss
->dev
, "We can DMA\n");
257 sg_miter_start(&mi
, areq
->src
, sg_nents(areq
->src
),
258 SG_MITER_FROM_SG
| SG_MITER_ATOMIC
);
264 * we need to linearize in two case:
265 * - the buffer is already used
266 * - the SG does not have enough byte remaining ( < 4)
268 if (op
->len
> 0 || (mi
.length
- in_i
) < 4) {
270 * if we have entered here we have two reason to stop
271 * - the buffer is full
274 while (op
->len
< 64 && i
< end
) {
275 /* how many bytes we can read from current SG */
276 in_r
= min3(mi
.length
- in_i
, end
- i
,
278 memcpy(op
->buf
+ op
->len
, mi
.addr
+ in_i
, in_r
);
282 if (in_i
== mi
.length
) {
287 if (op
->len
> 3 && (op
->len
% 4) == 0) {
288 /* write buf to the device */
289 writesl(ss
->base
+ SS_RXFIFO
, op
->buf
,
291 op
->byte_count
+= op
->len
;
295 if (mi
.length
- in_i
> 3 && i
< end
) {
296 /* how many bytes we can read from current SG */
297 in_r
= min3(mi
.length
- in_i
, areq
->nbytes
- i
,
298 ((mi
.length
- in_i
) / 4) * 4);
299 /* how many bytes we can write in the device*/
300 todo
= min3((u32
)(end
- i
) / 4, rx_cnt
, (u32
)in_r
/ 4);
301 writesl(ss
->base
+ SS_RXFIFO
, mi
.addr
+ in_i
, todo
);
302 op
->byte_count
+= todo
* 4;
307 spaces
= readl(ss
->base
+ SS_FCSR
);
308 rx_cnt
= SS_RXFIFO_SPACES(spaces
);
310 if (in_i
== mi
.length
) {
318 * Now we have written to the device all that we can,
319 * store the remaining bytes in op->buf
321 if ((areq
->nbytes
- i
) < 64) {
322 while (i
< areq
->nbytes
&& in_i
< mi
.length
&& op
->len
< 64) {
323 /* how many bytes we can read from current SG */
324 in_r
= min3(mi
.length
- in_i
, areq
->nbytes
- i
,
326 memcpy(op
->buf
+ op
->len
, mi
.addr
+ in_i
, in_r
);
330 if (in_i
== mi
.length
) {
340 * End of data process
341 * Now if we have the flag final go to finalize part
342 * If not, store the partial hash
344 if ((op
->flags
& SS_HASH_FINAL
) > 0)
347 writel(op
->mode
| SS_ENABLED
| SS_DATA_END
, ss
->base
+ SS_CTL
);
350 v
= readl(ss
->base
+ SS_CTL
);
352 } while (i
< SS_TIMEOUT
&& (v
& SS_DATA_END
) > 0);
353 if (unlikely(i
>= SS_TIMEOUT
)) {
354 dev_err_ratelimited(ss
->dev
,
355 "ERROR: hash end timeout %d>%d ctl=%x len=%u\n",
356 i
, SS_TIMEOUT
, v
, areq
->nbytes
);
361 for (i
= 0; i
< crypto_ahash_digestsize(tfm
) / 4; i
++)
362 op
->hash
[i
] = readl(ss
->base
+ SS_MD0
+ i
* 4);
367 * hash_final: finalize hashing operation
369 * If we have some remaining bytes, we write them.
370 * Then ask the SS for finalizing the hashing operation
372 * I do not check RX FIFO size in this function since the size is 32
373 * after each enabling and this function neither write more than 32 words.
374 * If we come from the update part, we cannot have more than
375 * 3 remainings bytes to write and SS is fast enought to not care about it.
380 /* write the remaining words of the wait buffer */
384 writesl(ss
->base
+ SS_RXFIFO
, op
->buf
, nwait
);
385 op
->byte_count
+= 4 * nwait
;
387 nbw
= op
->len
- 4 * nwait
;
388 wb
= *(u32
*)(op
->buf
+ nwait
* 4);
389 wb
&= (0xFFFFFFFF >> (4 - nbw
) * 8);
392 /* write the remaining bytes of the nbw buffer */
394 wb
|= ((1 << 7) << (nbw
* 8));
401 * number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
402 * I take the operations from other MD5/SHA1 implementations
405 /* we have already send 4 more byte of which nbw data */
406 if (op
->mode
== SS_OP_MD5
) {
407 index
= (op
->byte_count
+ 4) & 0x3f;
408 op
->byte_count
+= nbw
;
410 zeros
= (120 - index
) / 4;
412 zeros
= (56 - index
) / 4;
414 op
->byte_count
+= nbw
;
415 index
= op
->byte_count
& 0x3f;
416 padlen
= (index
< 56) ? (56 - index
) : ((64 + 56) - index
);
417 zeros
= (padlen
- 1) / 4;
420 memset(bf
+ j
, 0, 4 * zeros
);
423 /* write the length of data */
424 if (op
->mode
== SS_OP_SHA1
) {
425 bits
= cpu_to_be64(op
->byte_count
<< 3);
426 bf
[j
++] = bits
& 0xffffffff;
427 bf
[j
++] = (bits
>> 32) & 0xffffffff;
429 bf
[j
++] = (op
->byte_count
<< 3) & 0xffffffff;
430 bf
[j
++] = (op
->byte_count
>> 29) & 0xffffffff;
432 writesl(ss
->base
+ SS_RXFIFO
, bf
, j
);
434 /* Tell the SS to stop the hashing */
435 writel(op
->mode
| SS_ENABLED
| SS_DATA_END
, ss
->base
+ SS_CTL
);
438 * Wait for SS to finish the hash.
439 * The timeout could happen only in case of bad overcloking
444 v
= readl(ss
->base
+ SS_CTL
);
446 } while (i
< SS_TIMEOUT
&& (v
& SS_DATA_END
) > 0);
447 if (unlikely(i
>= SS_TIMEOUT
)) {
448 dev_err_ratelimited(ss
->dev
,
449 "ERROR: hash end timeout %d>%d ctl=%x len=%u\n",
450 i
, SS_TIMEOUT
, v
, areq
->nbytes
);
455 /* Get the hash from the device */
456 if (op
->mode
== SS_OP_SHA1
) {
457 for (i
= 0; i
< 5; i
++) {
458 v
= cpu_to_be32(readl(ss
->base
+ SS_MD0
+ i
* 4));
459 memcpy(areq
->result
+ i
* 4, &v
, 4);
462 for (i
= 0; i
< 4; i
++) {
463 v
= readl(ss
->base
+ SS_MD0
+ i
* 4);
464 memcpy(areq
->result
+ i
* 4, &v
, 4);
469 writel(0, ss
->base
+ SS_CTL
);
470 spin_unlock_bh(&ss
->slock
);
474 int sun4i_hash_final(struct ahash_request
*areq
)
476 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
478 op
->flags
= SS_HASH_FINAL
;
479 return sun4i_hash(areq
);
482 int sun4i_hash_update(struct ahash_request
*areq
)
484 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
486 op
->flags
= SS_HASH_UPDATE
;
487 return sun4i_hash(areq
);
490 /* sun4i_hash_finup: finalize hashing operation after an update */
491 int sun4i_hash_finup(struct ahash_request
*areq
)
493 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
495 op
->flags
= SS_HASH_UPDATE
| SS_HASH_FINAL
;
496 return sun4i_hash(areq
);
499 /* combo of init/update/final functions */
500 int sun4i_hash_digest(struct ahash_request
*areq
)
503 struct sun4i_req_ctx
*op
= ahash_request_ctx(areq
);
505 err
= sun4i_hash_init(areq
);
509 op
->flags
= SS_HASH_UPDATE
| SS_HASH_FINAL
;
510 return sun4i_hash(areq
);
This page took 0.050588 seconds and 5 git commands to generate.