projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
crypto: sun4i-ss - Always use sun4i_tfm_ctx for storing pointer to dev ss
[deliverable/linux.git] / drivers / crypto / sunxi-ss / sun4i-ss-hash.c
1 /*
2 * sun4i-ss-hash.c - hardware cryptographic accelerator for Allwinner A20 SoC
3 *
4 * Copyright (C) 2013-2015 Corentin LABBE <clabbe.montjoie@gmail.com>
5 *
6 * This file add support for MD5 and SHA1.
7 *
8 * You could find the datasheet in Documentation/arm/sunxi/README
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 */
15 #include "sun4i-ss.h"
16 #include <linux/scatterlist.h>
17
18 /* This is a totally arbitrary value */
19 #define SS_TIMEOUT 100
20
21 int sun4i_hash_crainit(struct crypto_tfm *tfm)
22 {
23 struct sun4i_tfm_ctx *op = crypto_tfm_ctx(tfm);
24 struct ahash_alg *alg = __crypto_ahash_alg(tfm->__crt_alg);
25 struct sun4i_ss_alg_template *algt;
26
27 memset(op, 0, sizeof(struct sun4i_tfm_ctx));
28
29 algt = container_of(alg, struct sun4i_ss_alg_template, alg.hash);
30 op->ss = algt->ss;
31
32 crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
33 sizeof(struct sun4i_req_ctx));
34 return 0;
35 }
36
37 /* sun4i_hash_init: initialize request context */
38 int sun4i_hash_init(struct ahash_request *areq)
39 {
40 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
41 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
42 struct ahash_alg *alg = __crypto_ahash_alg(tfm->base.__crt_alg);
43 struct sun4i_ss_alg_template *algt;
44
45 memset(op, 0, sizeof(struct sun4i_req_ctx));
46
47 algt = container_of(alg, struct sun4i_ss_alg_template, alg.hash);
48 op->mode = algt->mode;
49
50 return 0;
51 }
52
53 int sun4i_hash_export_md5(struct ahash_request *areq, void *out)
54 {
55 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
56 struct md5_state *octx = out;
57 int i;
58
59 octx->byte_count = op->byte_count + op->len;
60
61 memcpy(octx->block, op->buf, op->len);
62
63 if (op->byte_count > 0) {
64 for (i = 0; i < 4; i++)
65 octx->hash[i] = op->hash[i];
66 } else {
67 octx->hash[0] = SHA1_H0;
68 octx->hash[1] = SHA1_H1;
69 octx->hash[2] = SHA1_H2;
70 octx->hash[3] = SHA1_H3;
71 }
72
73 return 0;
74 }
75
76 int sun4i_hash_import_md5(struct ahash_request *areq, const void *in)
77 {
78 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
79 const struct md5_state *ictx = in;
80 int i;
81
82 sun4i_hash_init(areq);
83
84 op->byte_count = ictx->byte_count & ~0x3F;
85 op->len = ictx->byte_count & 0x3F;
86
87 memcpy(op->buf, ictx->block, op->len);
88
89 for (i = 0; i < 4; i++)
90 op->hash[i] = ictx->hash[i];
91
92 return 0;
93 }
94
95 int sun4i_hash_export_sha1(struct ahash_request *areq, void *out)
96 {
97 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
98 struct sha1_state *octx = out;
99 int i;
100
101 octx->count = op->byte_count + op->len;
102
103 memcpy(octx->buffer, op->buf, op->len);
104
105 if (op->byte_count > 0) {
106 for (i = 0; i < 5; i++)
107 octx->state[i] = op->hash[i];
108 } else {
109 octx->state[0] = SHA1_H0;
110 octx->state[1] = SHA1_H1;
111 octx->state[2] = SHA1_H2;
112 octx->state[3] = SHA1_H3;
113 octx->state[4] = SHA1_H4;
114 }
115
116 return 0;
117 }
118
119 int sun4i_hash_import_sha1(struct ahash_request *areq, const void *in)
120 {
121 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
122 const struct sha1_state *ictx = in;
123 int i;
124
125 sun4i_hash_init(areq);
126
127 op->byte_count = ictx->count & ~0x3F;
128 op->len = ictx->count & 0x3F;
129
130 memcpy(op->buf, ictx->buffer, op->len);
131
132 for (i = 0; i < 5; i++)
133 op->hash[i] = ictx->state[i];
134
135 return 0;
136 }
137
138 #define SS_HASH_UPDATE 1
139 #define SS_HASH_FINAL 2
140
141 /*
142 * sun4i_hash_update: update hash engine
143 *
144 * Could be used for both SHA1 and MD5
145 * Write data by step of 32bits and put then in the SS.
146 *
147 * Since we cannot leave partial data and hash state in the engine,
148 * we need to get the hash state at the end of this function.
149 * We can get the hash state every 64 bytes
150 *
151 * So the first work is to get the number of bytes to write to SS modulo 64
152 * The extra bytes will go to a temporary buffer op->buf storing op->len bytes
153 *
154 * So at the begin of update()
155 * if op->len + areq->nbytes < 64
156 * => all data will be written to wait buffer (op->buf) and end=0
157 * if not, write all data from op->buf to the device and position end to
158 * complete to 64bytes
159 *
160 * example 1:
161 * update1 60o => op->len=60
162 * update2 60o => need one more word to have 64 bytes
163 * end=4
164 * so write all data from op->buf and one word of SGs
165 * write remaining data in op->buf
166 * final state op->len=56
167 */
168 int sun4i_hash(struct ahash_request *areq)
169 {
170 u32 v, ivmode = 0;
171 unsigned int i = 0;
172 /*
173 * i is the total bytes read from SGs, to be compared to areq->nbytes
174 * i is important because we cannot rely on SG length since the sum of
175 * SG->length could be greater than areq->nbytes
176 */
177
178 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
179 struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
180 struct sun4i_tfm_ctx *tfmctx = crypto_ahash_ctx(tfm);
181 struct sun4i_ss_ctx *ss = tfmctx->ss;
182 unsigned int in_i = 0; /* advancement in the current SG */
183 unsigned int end;
184 /*
185 * end is the position when we need to stop writing to the device,
186 * to be compared to i
187 */
188 int in_r, err = 0;
189 unsigned int todo;
190 u32 spaces, rx_cnt = SS_RX_DEFAULT;
191 size_t copied = 0;
192 struct sg_mapping_iter mi;
193 unsigned int j = 0;
194 int zeros;
195 unsigned int index, padlen;
196 __be64 bits;
197 u32 bf[32];
198 u32 wb = 0;
199 unsigned int nwait, nbw = 0;
200 struct scatterlist *in_sg = areq->src;
201
202 dev_dbg(ss->dev, "%s %s bc=%llu len=%u mode=%x wl=%u h0=%0x",
203 __func__, crypto_tfm_alg_name(areq->base.tfm),
204 op->byte_count, areq->nbytes, op->mode,
205 op->len, op->hash[0]);
206
207 if (unlikely(areq->nbytes == 0) && (op->flags & SS_HASH_FINAL) == 0)
208 return 0;
209
210 /* protect against overflow */
211 if (unlikely(areq->nbytes > UINT_MAX - op->len)) {
212 dev_err(ss->dev, "Cannot process too large request\n");
213 return -EINVAL;
214 }
215
216 if (op->len + areq->nbytes < 64 && (op->flags & SS_HASH_FINAL) == 0) {
217 /* linearize data to op->buf */
218 copied = sg_pcopy_to_buffer(areq->src, sg_nents(areq->src),
219 op->buf + op->len, areq->nbytes, 0);
220 op->len += copied;
221 return 0;
222 }
223
224 spin_lock_bh(&ss->slock);
225
226 /*
227 * if some data have been processed before,
228 * we need to restore the partial hash state
229 */
230 if (op->byte_count > 0) {
231 ivmode = SS_IV_ARBITRARY;
232 for (i = 0; i < 5; i++)
233 writel(op->hash[i], ss->base + SS_IV0 + i * 4);
234 }
235 /* Enable the device */
236 writel(op->mode | SS_ENABLED | ivmode, ss->base + SS_CTL);
237
238 if ((op->flags & SS_HASH_UPDATE) == 0)
239 goto hash_final;
240
241 /* start of handling data */
242 if ((op->flags & SS_HASH_FINAL) == 0) {
243 end = ((areq->nbytes + op->len) / 64) * 64 - op->len;
244
245 if (end > areq->nbytes || areq->nbytes - end > 63) {
246 dev_err(ss->dev, "ERROR: Bound error %u %u\n",
247 end, areq->nbytes);
248 return -EINVAL;
249 }
250 } else {
251 /* Since we have the flag final, we can go up to modulo 4 */
252 end = ((areq->nbytes + op->len) / 4) * 4 - op->len;
253 }
254
255 /* TODO if SGlen % 4 and op->len == 0 then DMA */
256 i = 1;
257 while (in_sg && i == 1) {
258 if ((in_sg->length % 4) != 0)
259 i = 0;
260 in_sg = sg_next(in_sg);
261 }
262 if (i == 1 && op->len == 0)
263 dev_dbg(ss->dev, "We can DMA\n");
264
265 i = 0;
266 sg_miter_start(&mi, areq->src, sg_nents(areq->src),
267 SG_MITER_FROM_SG | SG_MITER_ATOMIC);
268 sg_miter_next(&mi);
269 in_i = 0;
270
271 do {
272 /*
273 * we need to linearize in two case:
274 * - the buffer is already used
275 * - the SG does not have enough byte remaining ( < 4)
276 */
277 if (op->len > 0 || (mi.length - in_i) < 4) {
278 /*
279 * if we have entered here we have two reason to stop
280 * - the buffer is full
281 * - reach the end
282 */
283 while (op->len < 64 && i < end) {
284 /* how many bytes we can read from current SG */
285 in_r = min3(mi.length - in_i, end - i,
286 64 - op->len);
287 memcpy(op->buf + op->len, mi.addr + in_i, in_r);
288 op->len += in_r;
289 i += in_r;
290 in_i += in_r;
291 if (in_i == mi.length) {
292 sg_miter_next(&mi);
293 in_i = 0;
294 }
295 }
296 if (op->len > 3 && (op->len % 4) == 0) {
297 /* write buf to the device */
298 writesl(ss->base + SS_RXFIFO, op->buf,
299 op->len / 4);
300 op->byte_count += op->len;
301 op->len = 0;
302 }
303 }
304 if (mi.length - in_i > 3 && i < end) {
305 /* how many bytes we can read from current SG */
306 in_r = min3(mi.length - in_i, areq->nbytes - i,
307 ((mi.length - in_i) / 4) * 4);
308 /* how many bytes we can write in the device*/
309 todo = min3((u32)(end - i) / 4, rx_cnt, (u32)in_r / 4);
310 writesl(ss->base + SS_RXFIFO, mi.addr + in_i, todo);
311 op->byte_count += todo * 4;
312 i += todo * 4;
313 in_i += todo * 4;
314 rx_cnt -= todo;
315 if (rx_cnt == 0) {
316 spaces = readl(ss->base + SS_FCSR);
317 rx_cnt = SS_RXFIFO_SPACES(spaces);
318 }
319 if (in_i == mi.length) {
320 sg_miter_next(&mi);
321 in_i = 0;
322 }
323 }
324 } while (i < end);
325
326 /*
327 * Now we have written to the device all that we can,
328 * store the remaining bytes in op->buf
329 */
330 if ((areq->nbytes - i) < 64) {
331 while (i < areq->nbytes && in_i < mi.length && op->len < 64) {
332 /* how many bytes we can read from current SG */
333 in_r = min3(mi.length - in_i, areq->nbytes - i,
334 64 - op->len);
335 memcpy(op->buf + op->len, mi.addr + in_i, in_r);
336 op->len += in_r;
337 i += in_r;
338 in_i += in_r;
339 if (in_i == mi.length) {
340 sg_miter_next(&mi);
341 in_i = 0;
342 }
343 }
344 }
345
346 sg_miter_stop(&mi);
347
348 /*
349 * End of data process
350 * Now if we have the flag final go to finalize part
351 * If not, store the partial hash
352 */
353 if ((op->flags & SS_HASH_FINAL) > 0)
354 goto hash_final;
355
356 writel(op->mode | SS_ENABLED | SS_DATA_END, ss->base + SS_CTL);
357 i = 0;
358 do {
359 v = readl(ss->base + SS_CTL);
360 i++;
361 } while (i < SS_TIMEOUT && (v & SS_DATA_END) > 0);
362 if (unlikely(i >= SS_TIMEOUT)) {
363 dev_err_ratelimited(ss->dev,
364 "ERROR: hash end timeout %d>%d ctl=%x len=%u\n",
365 i, SS_TIMEOUT, v, areq->nbytes);
366 err = -EIO;
367 goto release_ss;
368 }
369
370 for (i = 0; i < crypto_ahash_digestsize(tfm) / 4; i++)
371 op->hash[i] = readl(ss->base + SS_MD0 + i * 4);
372
373 goto release_ss;
374
375 /*
376 * hash_final: finalize hashing operation
377 *
378 * If we have some remaining bytes, we write them.
379 * Then ask the SS for finalizing the hashing operation
380 *
381 * I do not check RX FIFO size in this function since the size is 32
382 * after each enabling and this function neither write more than 32 words.
383 * If we come from the update part, we cannot have more than
384 * 3 remaining bytes to write and SS is fast enough to not care about it.
385 */
386
387 hash_final:
388
389 /* write the remaining words of the wait buffer */
390 if (op->len > 0) {
391 nwait = op->len / 4;
392 if (nwait > 0) {
393 writesl(ss->base + SS_RXFIFO, op->buf, nwait);
394 op->byte_count += 4 * nwait;
395 }
396 nbw = op->len - 4 * nwait;
397 wb = *(u32 *)(op->buf + nwait * 4);
398 wb &= (0xFFFFFFFF >> (4 - nbw) * 8);
399 }
400
401 /* write the remaining bytes of the nbw buffer */
402 if (nbw > 0) {
403 wb |= ((1 << 7) << (nbw * 8));
404 bf[j++] = wb;
405 } else {
406 bf[j++] = 1 << 7;
407 }
408
409 /*
410 * number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
411 * I take the operations from other MD5/SHA1 implementations
412 */
413
414 /* we have already send 4 more byte of which nbw data */
415 if (op->mode == SS_OP_MD5) {
416 index = (op->byte_count + 4) & 0x3f;
417 op->byte_count += nbw;
418 if (index > 56)
419 zeros = (120 - index) / 4;
420 else
421 zeros = (56 - index) / 4;
422 } else {
423 op->byte_count += nbw;
424 index = op->byte_count & 0x3f;
425 padlen = (index < 56) ? (56 - index) : ((64 + 56) - index);
426 zeros = (padlen - 1) / 4;
427 }
428
429 memset(bf + j, 0, 4 * zeros);
430 j += zeros;
431
432 /* write the length of data */
433 if (op->mode == SS_OP_SHA1) {
434 bits = cpu_to_be64(op->byte_count << 3);
435 bf[j++] = bits & 0xffffffff;
436 bf[j++] = (bits >> 32) & 0xffffffff;
437 } else {
438 bf[j++] = (op->byte_count << 3) & 0xffffffff;
439 bf[j++] = (op->byte_count >> 29) & 0xffffffff;
440 }
441 writesl(ss->base + SS_RXFIFO, bf, j);
442
443 /* Tell the SS to stop the hashing */
444 writel(op->mode | SS_ENABLED | SS_DATA_END, ss->base + SS_CTL);
445
446 /*
447 * Wait for SS to finish the hash.
448 * The timeout could happen only in case of bad overclocking
449 * or driver bug.
450 */
451 i = 0;
452 do {
453 v = readl(ss->base + SS_CTL);
454 i++;
455 } while (i < SS_TIMEOUT && (v & SS_DATA_END) > 0);
456 if (unlikely(i >= SS_TIMEOUT)) {
457 dev_err_ratelimited(ss->dev,
458 "ERROR: hash end timeout %d>%d ctl=%x len=%u\n",
459 i, SS_TIMEOUT, v, areq->nbytes);
460 err = -EIO;
461 goto release_ss;
462 }
463
464 /* Get the hash from the device */
465 if (op->mode == SS_OP_SHA1) {
466 for (i = 0; i < 5; i++) {
467 v = cpu_to_be32(readl(ss->base + SS_MD0 + i * 4));
468 memcpy(areq->result + i * 4, &v, 4);
469 }
470 } else {
471 for (i = 0; i < 4; i++) {
472 v = readl(ss->base + SS_MD0 + i * 4);
473 memcpy(areq->result + i * 4, &v, 4);
474 }
475 }
476
477 release_ss:
478 writel(0, ss->base + SS_CTL);
479 spin_unlock_bh(&ss->slock);
480 return err;
481 }
482
483 int sun4i_hash_final(struct ahash_request *areq)
484 {
485 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
486
487 op->flags = SS_HASH_FINAL;
488 return sun4i_hash(areq);
489 }
490
491 int sun4i_hash_update(struct ahash_request *areq)
492 {
493 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
494
495 op->flags = SS_HASH_UPDATE;
496 return sun4i_hash(areq);
497 }
498
499 /* sun4i_hash_finup: finalize hashing operation after an update */
500 int sun4i_hash_finup(struct ahash_request *areq)
501 {
502 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
503
504 op->flags = SS_HASH_UPDATE | SS_HASH_FINAL;
505 return sun4i_hash(areq);
506 }
507
508 /* combo of init/update/final functions */
509 int sun4i_hash_digest(struct ahash_request *areq)
510 {
511 int err;
512 struct sun4i_req_ctx *op = ahash_request_ctx(areq);
513
514 err = sun4i_hash_init(areq);
515 if (err != 0)
516 return err;
517
518 op->flags = SS_HASH_UPDATE | SS_HASH_FINAL;
519 return sun4i_hash(areq);
520 }
Linux kernel - Deliverables
This page took 0.043688 seconds and 6 git commands to generate.