From patchwork Tue Jun 18 12:08:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001481 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 02285924 for ; Tue, 18 Jun 2019 12:09:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E5591289B7 for ; Tue, 18 Jun 2019 12:09:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D8F2728A60; Tue, 18 Jun 2019 12:09:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 6C64D289B7 for ; Tue, 18 Jun 2019 12:09:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=t3SJCTEGYSLStjMmD/pdhz3FRqJr450ClVuQxFtVUcI=; b=qtWguTPtJ3VPDi lvToKdN4cPD1MAntypLj10yqn1nHBjtRLWc34g99IEFNoAtxiLjTAKh9B0fMcq4feJACkazLLv9eM v8sMEJWTgjZoiXu5P0ngpDj74KLoCKG3H58f9tYO0zYS48SQGZ9WguhbKXObVgO4MMICZ+xUaqMzb ehYBfht3YqtGPjyzTt8SWNpGOmkIDn6jlo6IAUD4kgjVdMpAj6SEQLbx9qWaagPaxKBD6SxJ2OHA1 KwpRGMJGWfsPAOUVJpIz1ePnW9xMRwJONPqNoIQm5KX27nwE0eB+rp9D8Bknpu6MckXIykM1nEJHj 8UZooMqJoiAIdCnc+y9g==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCv3-000342-6C; Tue, 18 Jun 2019 12:08:57 +0000 Received: from lelv0142.ext.ti.com ([198.47.23.249]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCud-0002kb-71 for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:08:33 +0000 Received: from fllv0034.itg.ti.com ([10.64.40.246]) by lelv0142.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8FXk077575; Tue, 18 Jun 2019 07:08:15 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859695; bh=Naw4jhqGjLB8jwbjXzxM4e42Xzg07p8Ordo2UvFves4=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=YRbjHIVgc4ylYRzzIIT84srJFSZdp8mdSomew7StaOSNj/SnV2lJVTVLPzLA3yBMd JZ7rxj2tUfDmz8hJFlNC2JrVHcRIL/FvjgX27azBHyITLH0xHnkc0GCcW4GqXB9ncz 80JudIZgZjGOxkK4TbTchlCMbE9V0G5Pu0yOfy/c= Received: from DFLE103.ent.ti.com (dfle103.ent.ti.com [10.64.6.24]) by fllv0034.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8F3O089147 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:15 -0500 Received: from DFLE114.ent.ti.com (10.64.6.35) by DFLE103.ent.ti.com (10.64.6.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:15 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DFLE114.ent.ti.com (10.64.6.35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:15 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89GZ080327; Tue, 18 Jun 2019 07:08:12 -0500 From: Keerthy To: , , Subject: [PATCH 01/10] dt-bindings: crypto: k3: Add sa2ul bindings documentation Date: Tue, 18 Jun 2019 17:38:34 +0530 Message-ID: <20190618120843.18777-2-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050831_402196_1924478E X-CRM114-Status: GOOD ( 13.05 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP The series adds Crypto hardware accelerator support for SA2UL. SA2UL stands for security accelerator ultra lite. The Security Accelerator (SA2_UL) subsystem provides hardware cryptographic acceleration for the following use cases: • Encryption and authentication for secure boot • Encryption and authentication of content in applications requiring DRM (digital rights management) and content/asset protection The device includes one instantiation of SA2_UL named SA2_UL0 SA2UL needs on tx channel and a pair of rx dma channels. Signed-off-by: Keerthy --- .../devicetree/bindings/crypto/sa2ul.txt | 47 +++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 Documentation/devicetree/bindings/crypto/sa2ul.txt diff --git a/Documentation/devicetree/bindings/crypto/sa2ul.txt b/Documentation/devicetree/bindings/crypto/sa2ul.txt new file mode 100644 index 000000000000..81cc039673b4 --- /dev/null +++ b/Documentation/devicetree/bindings/crypto/sa2ul.txt @@ -0,0 +1,47 @@ +K3 SoC SA2UL crypto module + +Required properties: + +- compatible : Should be: + - "ti,sa2ul-crypto" +- reg : Offset and length of the register set for the module + +- dmas: DMA specifiers for tx and rx dma. sa2ul needs one tx channel + and 2 rx channels. First rx channel for < 256 bytes and + the other one for >=256 bytes. See the DMA client binding, + Documentation/devicetree/bindings/dma/dma.txt +- dma-names: DMA request names has to have one tx and 2 rx names + corresponding to dmas abive. +- ti,psil-config* - UDMA PSIL native Peripheral using packet mode. + SA2UL must have EPIB(Extended protocal information block) + and PSDATA(protocol specific data) properties. + +Example AM654 SA2UL: +crypto: crypto@4E00000 { + compatible = "ti,sa2ul-crypto"; + reg = <0x0 0x4E00000 0x0 0x1200>; + ti,psil-base = <0x4000>; + + dmas = <&main_udmap &crypto 0 UDMA_DIR_TX>, + <&main_udmap &crypto 0 UDMA_DIR_RX>, + <&main_udmap &crypto 1 UDMA_DIR_RX>; + dma-names = "tx", "rx1", "rx2"; + + ti,psil-config0 { + linux,udma-mode = ; + ti,needs-epib; + ti,psd-size = <64>; + }; + + ti,psil-config1 { + linux,udma-mode = ; + ti,needs-epib; + ti,psd-size = <64>; + }; + + ti,psil-config2 { + linux,udma-mode = ; + ti,needs-epib; + ti,psd-size = <64>; + }; +}; From patchwork Tue Jun 18 12:08:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001485 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E6A2E76 for ; Tue, 18 Jun 2019 12:09:38 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D2685289B7 for ; Tue, 18 Jun 2019 12:09:38 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C66D928A6A; Tue, 18 Jun 2019 12:09:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3E844289B7 for ; Tue, 18 Jun 2019 12:09:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ByZ1Q1n6gPRg1TqIXUOM2262U9XYK/t7r5Bu/f+c8XI=; b=t1Cvivxt2p1U1v SRCI90RGdxIa5hNSzA51spnpzcfp3tJZZyhg4IjcQRpHr09zSmw58JDG2H4LRKKQyWOeVKzXFjnl7 yq6oEvucyFh+Y5Zenh5SGUR3mW9XVkQGWSwZrG3S24q2M+gJOcGr5kr4UfVK0XiS5Ko/DziLFEN6O v+iTkMvFq9NfRSS5A5+on0Vzhf13NRqrOIntTTPSta9V5/NPw+FdIDyVYjrRcmQ5n0bK2B+BaS69N 6JegfNbNwz/RNDSFhbFu1gobvxBcBawJKvXUjiyfuHp4nCR6AtGkm7IuD3wsjtc1q+XP0U9pZNJUf hjifky+6+b+oyrEQJPtg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCve-0003YS-Ic; Tue, 18 Jun 2019 12:09:34 +0000 Received: from lelv0142.ext.ti.com ([198.47.23.249]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCud-0002kl-14 for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:08:36 +0000 Received: from fllv0035.itg.ti.com ([10.64.41.0]) by lelv0142.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8IRA077590; Tue, 18 Jun 2019 07:08:18 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859698; bh=FehHwOOdVMctdOago5xa8n5T2ZOnQCMHDR1SFCGPe6U=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=Fifgz2gKOdcVXL6cQ6nOQ34Ubh5PtUN7CUcA5Hyy7IszF/wurMTDfMxTP8EpKHyi9 W3WDpi5SD/PY98X0q0JFvMb66nAs+UAWH3i5fNX7D23XDCswZctKngSbXoNFDlHb61 VoizsvSJ8AFq9y+wJzxEg+q2KUOLYn7ZOtAg8KRI= Received: from DLEE105.ent.ti.com (dlee105.ent.ti.com [157.170.170.35]) by fllv0035.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8Ind068908 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:18 -0500 Received: from DLEE102.ent.ti.com (157.170.170.32) by DLEE105.ent.ti.com (157.170.170.35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:18 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DLEE102.ent.ti.com (157.170.170.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:18 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89Ga080327; Tue, 18 Jun 2019 07:08:15 -0500 From: Keerthy To: , , Subject: [PATCH 02/10] crypto: sa2ul: Add crypto driver Date: Tue, 18 Jun 2019 17:38:35 +0530 Message-ID: <20190618120843.18777-3-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050831_259579_8AA8137B X-CRM114-Status: GOOD ( 20.06 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP The Security Accelerator (SA2_UL) subsystem provides hardware cryptographic acceleration for the following use cases: • Encryption and authentication for secure boot • Encryption and authentication of content in applications requiring DRM (digital rights management) and content/asset protection The device includes one instantiation of SA2_UL named SA2_UL0 SA2_UL supports the following cryptographic industry standards to enable data authentication, data integrity and data confidentiality. Crypto function library for software acceleration o AES operation o 3DES operation o SHA1 operation o MD5 operation o SHA2 – 224, 256, 384, 512 operation Authentication supported via following hardware cores o SHA1 o MD5 o SHA2 -224 o SHA2-256 o SHA2-384 o SHA2-512 Patch adds a basic crypto driver and currently supports AES in cbc mode for both encryption and decryption. Signed-off-by: Keerthy --- drivers/crypto/Kconfig | 17 + drivers/crypto/Makefile | 1 + drivers/crypto/sa2ul.c | 1151 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/sa2ul.h | 384 +++++++++++++ 4 files changed, 1553 insertions(+) create mode 100644 drivers/crypto/sa2ul.c create mode 100644 drivers/crypto/sa2ul.h diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 603413f28fa3..b9a3fa026c74 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -785,4 +785,21 @@ config CRYPTO_DEV_CCREE source "drivers/crypto/hisilicon/Kconfig" +config CRYPTO_DEV_SA2UL + tristate "Support for TI security accelerator" + depends on ARCH_K3 || COMPILE_TEST + select ARM64_CRYPTO + select CRYPTO_AES + select CRYPTO_AES_ARM64 + select CRYPTO_SHA1 + select CRYPTO_MD5 + select CRYPTO_ALGAPI + select CRYPTO_AUTHENC + select HW_RANDOM + default m if ARCH_K3 + help + Keystone devices include a security accelerator engine that may be + used for crypto offload. Select this if you want to use hardware + acceleration for cryptographic algorithms on these devices. + endif # CRYPTO_HW diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile index afc4753b5d28..300d31fd24db 100644 --- a/drivers/crypto/Makefile +++ b/drivers/crypto/Makefile @@ -47,4 +47,5 @@ obj-$(CONFIG_CRYPTO_DEV_VMX) += vmx/ obj-$(CONFIG_CRYPTO_DEV_BCM_SPU) += bcm/ obj-$(CONFIG_CRYPTO_DEV_SAFEXCEL) += inside-secure/ obj-$(CONFIG_CRYPTO_DEV_ARTPEC6) += axis/ +obj-$(CONFIG_CRYPTO_DEV_SA2UL) += sa2ul.o obj-y += hisilicon/ diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c new file mode 100644 index 000000000000..64bdf6b2b879 --- /dev/null +++ b/drivers/crypto/sa2ul.c @@ -0,0 +1,1151 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * AM6 SA2UL crypto accelerator driver + * + * Copyright (C) 2018 Texas Instruments Incorporated - http://www.ti.com + * + * Authors: Keerthy + * Vitaly Andrianov + */ +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "sa2ul.h" + +/* Byte offset for key in encryption security context */ +#define SC_ENC_KEY_OFFSET (1 + 27 + 4) +/* Byte offset for Aux-1 in encryption security context */ +#define SC_ENC_AUX1_OFFSET (1 + 27 + 4 + 32) + +#define SA_CMDL_UPD_ENC 0x0001 +#define SA_CMDL_UPD_AUTH 0x0002 +#define SA_CMDL_UPD_ENC_IV 0x0004 +#define SA_CMDL_UPD_AUTH_IV 0x0008 +#define SA_CMDL_UPD_AUX_KEY 0x0010 + +#define SA_AUTH_SUBKEY_LEN 16 +#define SA_CMDL_PAYLOAD_LENGTH_MASK 0xFFFF +#define SA_CMDL_SOP_BYPASS_LEN_MASK 0xFF000000 + +#define MODE_CONTROL_BYTES 27 +#define SA_HASH_PROCESSING 0 +#define SA_CRYPTO_PROCESSING 0 +#define SA_UPLOAD_HASH_TO_TLR BIT(6) + +#define SA_SW0_FLAGS_MASK 0xF0000 +#define SA_SW0_CMDL_INFO_MASK 0x1F00000 +#define SA_SW0_CMDL_PRESENT BIT(4) +#define SA_SW0_ENG_ID_MASK 0x3E000000 +#define SA_SW0_DEST_INFO_PRESENT BIT(30) +#define SA_SW2_EGRESS_LENGTH 0xFF000000 + +#define SHA256_DIGEST_WORDS 8 +/* Make 32-bit word from 4 bytes */ +#define SA_MK_U32(b0, b1, b2, b3) (((b0) << 24) | ((b1) << 16) | \ + ((b2) << 8) | (b3)) + +/* size of SCCTL structure in bytes */ +#define SA_SCCTL_SZ 16 + +/* Max Authentication tag size */ +#define SA_MAX_AUTH_TAG_SZ 64 + +#define PRIV_ID 0x1 +#define PRIV 0x1 + +static struct device *sa_k3_dev; + +/** + * struct sa_cmdl_cfg - Command label configuration descriptor + * @enc1st: If the iteration needs encryption before authentication + * @aalg: authentication algorithm ID + * @enc_eng_id: Encryption Engine ID supported by the SA hardware + * @auth_eng_id: authentication Engine ID + * @iv_size: Initialization Vector size + * @akey: Authentication key + * @akey_len: Authentication key length + */ +struct sa_cmdl_cfg { + int enc1st; + int aalg; + u8 enc_eng_id; + u8 auth_eng_id; + u8 iv_size; + const u8 *akey; + u16 akey_len; + u16 auth_subkey_len; +}; + +/** + * struct algo_data - Crypto algorithm specific data + * @enc_eng: Encryption engine info structure + * @auth_eng: Authentication engine info structure + * @auth_ctrl: Authentication control word + * @hash_size: Size of Digest + * @ealg_id: Encryption Algorithm ID + * @aalg_id: Authentication algorithm ID + * @mci_enc: Mode Control Instruction for Encryption algorithm + * @mci_dec: Mode Control Instruction for Decryption + * @inv_key: Whether the encryption algorithm demands key inversion + * @keyed_mac: Whether the Authentication algorithm has Key + * @prep_iopad: Function pointer to generate intermediate ipad/opad + */ +struct algo_data { + struct sa_eng_info enc_eng; + struct sa_eng_info auth_eng; + u8 auth_ctrl; + u8 hash_size; + u8 ealg_id; + u8 aalg_id; + u8 *mci_enc; + u8 *mci_dec; + bool inv_key; + bool keyed_mac; + void (*prep_iopad)(const u8 *key, u16 key_sz, u32 *ipad, u32 *opad); +}; + +/** + * struct sa_alg_tmpl: A generic template encompassing crypto/aead algorithms + * @alg: A union of aead/crypto algorithm type. + * @registered: Flag indicating if the crypto algorithm is already registered + */ +struct sa_alg_tmpl { + u32 type; /* CRYPTO_ALG_TYPE from */ + union { + struct crypto_alg crypto; + struct aead_alg aead; + } alg; + int registered; +}; + +/** + * struct sa_rx_data: RX Packet miscellaneous data place holder + * @req: crypto request data pointer + * @ddev: DMA device pointer + * @tx_in: dma_async_tx_descriptor pointer for rx channel + * @enc: Flag indicating either encryption or decryption + */ +struct sa_rx_data { + void *req; + struct device *ddev; + struct dma_async_tx_descriptor *tx_in; + u8 enc; +}; + +/* + * Mode Control Instructions for various Key lengths 128, 192, 256 + * For CBC (Cipher Block Chaining) mode for encryption + */ +static u8 mci_cbc_enc_array[3][MODE_CONTROL_BYTES] = { + { 0x21, 0x00, 0x00, 0x18, 0x88, 0x0a, 0xaa, 0x4b, 0x7e, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x21, 0x00, 0x00, 0x18, 0x88, 0x4a, 0xaa, 0x4b, 0x7e, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x21, 0x00, 0x00, 0x18, 0x88, 0x8a, 0xaa, 0x4b, 0x7e, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, +}; + +/* + * Mode Control Instructions for various Key lengths 128, 192, 256 + * For CBC (Cipher Block Chaining) mode for decryption + */ +static u8 mci_cbc_dec_array[3][MODE_CONTROL_BYTES] = { + { 0x31, 0x00, 0x00, 0x80, 0x8a, 0xca, 0x98, 0xf4, 0x40, 0xc0, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x31, 0x00, 0x00, 0x84, 0x8a, 0xca, 0x98, 0xf4, 0x40, 0xc0, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x31, 0x00, 0x00, 0x88, 0x8a, 0xca, 0x98, 0xf4, 0x40, 0xc0, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, +}; + +/* + * Perform 16 byte or 128 bit swizzling + * The SA2UL Expects the security context to + * be in little Endian and the bus width is 128 bits or 16 bytes + * Hence swap 16 bytes at a time from higher to lower address + */ +static void sa_swiz_128(u8 *in, u16 len) +{ + u8 data[16]; + int i, j; + + for (i = 0; i < len; i += 16) { + memcpy(data, &in[i], 16); + for (j = 0; j < 16; j++) + in[i + j] = data[15 - j]; + } +} + +/* Derive the inverse key used in AES-CBC decryption operation */ +static inline int sa_aes_inv_key(u8 *inv_key, const u8 *key, u16 key_sz) +{ + struct crypto_aes_ctx ctx; + int key_pos; + + if (crypto_aes_expand_key(&ctx, key, key_sz)) { + pr_err("%s: bad key len(%d)\n", __func__, key_sz); + return -EINVAL; + } + + /* Based crypto_aes_expand_key logic */ + switch (key_sz) { + case AES_KEYSIZE_128: + case AES_KEYSIZE_192: + key_pos = key_sz + 24; + break; + + case AES_KEYSIZE_256: + key_pos = key_sz + 24 - 4; + break; + + default: + pr_err("%s: bad key len(%d)\n", __func__, key_sz); + return -EINVAL; + } + + memcpy(inv_key, &ctx.key_enc[key_pos], key_sz); + return 0; +} + +/* Set Security context for the encryption engine */ +static int sa_set_sc_enc(struct algo_data *ad, const u8 *key, u16 key_sz, + u16 aad_len, u8 enc, u8 *sc_buf) +{ + const u8 *mci = NULL; + + /* Set Encryption mode selector to crypto processing */ + sc_buf[0] = SA_CRYPTO_PROCESSING; + + if (enc) + mci = ad->mci_enc; + else + mci = ad->mci_dec; + /* Set the mode control instructions in security context */ + if (mci) + memcpy(&sc_buf[1], mci, MODE_CONTROL_BYTES); + + /* For AES-CBC decryption get the inverse key */ + if (ad->inv_key && !enc) { + if (sa_aes_inv_key(&sc_buf[SC_ENC_KEY_OFFSET], key, key_sz)) + return -EINVAL; + /* For all other cases: key is used */ + } else { + memcpy(&sc_buf[SC_ENC_KEY_OFFSET], key, key_sz); + } + + return 0; +} + +/* Set Security context for the authentication engine */ +static void sa_set_sc_auth(struct algo_data *ad, const u8 *key, u16 key_sz, + u8 *sc_buf) +{ + u32 ipad[64], opad[64]; + + /* Set Authentication mode selector to hash processing */ + sc_buf[0] = SA_HASH_PROCESSING; + /* Auth SW ctrl word: bit[6]=1 (upload computed hash to TLR section) */ + sc_buf[1] = SA_UPLOAD_HASH_TO_TLR; + sc_buf[1] |= ad->auth_ctrl; + + /* Copy the keys or ipad/opad */ + if (ad->keyed_mac) { + ad->prep_iopad(key, key_sz, ipad, opad); + /* Copy ipad to AuthKey */ + memcpy(&sc_buf[32], ipad, ad->hash_size); + /* Copy opad to Aux-1 */ + memcpy(&sc_buf[64], opad, ad->hash_size); + } +} + +static inline void sa_copy_iv(u32 *out, const u8 *iv, bool size16) +{ + int j; + + for (j = 0; j < ((size16) ? 4 : 2); j++) { + *out = cpu_to_be32(*((u32 *)iv)); + iv += 4; + out++; + } +} + +/* Format general command label */ +static int sa_format_cmdl_gen(struct sa_cmdl_cfg *cfg, u8 *cmdl, + struct sa_cmdl_upd_info *upd_info) +{ + u8 enc_offset = 0, auth_offset = 0, total = 0; + u8 enc_next_eng = SA_ENG_ID_OUTPORT2; + u8 auth_next_eng = SA_ENG_ID_OUTPORT2; + u32 *word_ptr = (u32 *)cmdl; + int i; + + /* Clear the command label */ + memzero_explicit(cmdl, (SA_MAX_CMDL_WORDS * sizeof(u32))); + + /* Iniialize the command update structure */ + memzero_explicit(upd_info, sizeof(*upd_info)); + + if (cfg->enc1st) { + if (cfg->enc_eng_id != SA_ENG_ID_NONE) + auth_offset = SA_CMDL_HEADER_SIZE_BYTES; + + if (cfg->iv_size) + auth_offset += cfg->iv_size; + + if (cfg->auth_eng_id != SA_ENG_ID_NONE) + enc_next_eng = cfg->auth_eng_id; + else + enc_next_eng = SA_ENG_ID_OUTPORT2; + } else { + if (cfg->auth_eng_id != SA_ENG_ID_NONE) + enc_offset = SA_CMDL_HEADER_SIZE_BYTES; + + if (cfg->auth_subkey_len) + enc_offset += cfg->auth_subkey_len; + + if (cfg->enc_eng_id != SA_ENG_ID_NONE) + auth_next_eng = cfg->enc_eng_id; + else + auth_next_eng = SA_ENG_ID_OUTPORT2; + } + + if (cfg->enc_eng_id != SA_ENG_ID_NONE) { + upd_info->flags |= SA_CMDL_UPD_ENC; + upd_info->enc_size.index = enc_offset >> 2; + upd_info->enc_offset.index = upd_info->enc_size.index + 1; + /* Encryption command label */ + cmdl[enc_offset + SA_CMDL_OFFSET_NESC] = enc_next_eng; + + /* Encryption modes requiring IV */ + if (cfg->iv_size) { + upd_info->flags |= SA_CMDL_UPD_ENC_IV; + upd_info->enc_iv.index = + (enc_offset + SA_CMDL_HEADER_SIZE_BYTES) >> 2; + upd_info->enc_iv.size = cfg->iv_size; + + cmdl[enc_offset + SA_CMDL_OFFSET_LABEL_LEN] = + SA_CMDL_HEADER_SIZE_BYTES + cfg->iv_size; + + cmdl[enc_offset + SA_CMDL_OFFSET_OPTION_CTRL1] = + (SA_CTX_ENC_AUX2_OFFSET | (cfg->iv_size >> 3)); + enc_offset += SA_CMDL_HEADER_SIZE_BYTES + cfg->iv_size; + } else { + cmdl[enc_offset + SA_CMDL_OFFSET_LABEL_LEN] = + SA_CMDL_HEADER_SIZE_BYTES; + enc_offset += SA_CMDL_HEADER_SIZE_BYTES; + } + } + + if (cfg->auth_eng_id != SA_ENG_ID_NONE) { + upd_info->flags |= SA_CMDL_UPD_AUTH; + upd_info->auth_size.index = auth_offset >> 2; + upd_info->auth_offset.index = upd_info->auth_size.index + 1; + cmdl[auth_offset + SA_CMDL_OFFSET_NESC] = auth_next_eng; + + /* Algorithm with subkeys */ + if (cfg->aalg == SA_AALG_ID_AES_XCBC || + cfg->aalg == SA_AALG_ID_CMAC) { + upd_info->flags |= SA_CMDL_UPD_AUX_KEY; + upd_info->aux_key_info.index = + (auth_offset + SA_CMDL_HEADER_SIZE_BYTES) >> 2; + cmdl[auth_offset + SA_CMDL_OFFSET_LABEL_LEN] = + SA_CMDL_HEADER_SIZE_BYTES + + cfg->auth_subkey_len; + cmdl[auth_offset + SA_CMDL_OFFSET_OPTION_CTRL1] = + (SA_CTX_ENC_AUX1_OFFSET | + (cfg->auth_subkey_len >> 3)); + + auth_offset += SA_CMDL_HEADER_SIZE_BYTES + + cfg->auth_subkey_len; + } else { + cmdl[auth_offset + SA_CMDL_OFFSET_LABEL_LEN] = + SA_CMDL_HEADER_SIZE_BYTES; + auth_offset += SA_CMDL_HEADER_SIZE_BYTES; + } + } + + if (cfg->enc1st) + total = auth_offset; + else + total = enc_offset; + + total = roundup(total, 8); + + for (i = 0; i < total / 4; i++) + word_ptr[i] = be32_to_cpu(word_ptr[i]); + + return total; +} + +/* Update Command label */ +static inline void +sa_update_cmdl(struct device *dev, u8 enc_offset, u16 enc_size, u8 *enc_iv, + u8 auth_offset, u16 auth_size, u8 *auth_iv, u8 aad_size, + u8 *aad, struct sa_cmdl_upd_info *upd_info, u32 *cmdl) +{ + int i = 0, j; + + if (upd_info->submode != SA_MODE_GEN) { + dev_err(dev, "unsupported mode(%d)\n", upd_info->submode); + return; + } + + if (likely(upd_info->flags & SA_CMDL_UPD_ENC)) { + cmdl[upd_info->enc_size.index] &= ~SA_CMDL_PAYLOAD_LENGTH_MASK; + cmdl[upd_info->enc_size.index] |= enc_size; + cmdl[upd_info->enc_offset.index] &= + ~SA_CMDL_SOP_BYPASS_LEN_MASK; + cmdl[upd_info->enc_offset.index] |= + ((u32)enc_offset << __ffs(SA_CMDL_SOP_BYPASS_LEN_MASK)); + + if (likely(upd_info->flags & SA_CMDL_UPD_ENC_IV)) { + u32 *data = &cmdl[upd_info->enc_iv.index]; + + for (j = 0; i < upd_info->enc_iv.size; i += 4, j++) { + data[j] = cpu_to_be32(*((u32 *)enc_iv)); + enc_iv += 4; + } + } + } + + if (likely(upd_info->flags & SA_CMDL_UPD_AUTH)) { + cmdl[upd_info->auth_size.index] &= ~SA_CMDL_PAYLOAD_LENGTH_MASK; + cmdl[upd_info->auth_size.index] |= auth_size; + cmdl[upd_info->auth_offset.index] &= + ~SA_CMDL_SOP_BYPASS_LEN_MASK; + cmdl[upd_info->auth_offset.index] |= ((u32)auth_offset << + __ffs(SA_CMDL_SOP_BYPASS_LEN_MASK)); + if (upd_info->flags & SA_CMDL_UPD_AUTH_IV) { + sa_copy_iv(&cmdl[upd_info->auth_iv.index], auth_iv, + (upd_info->auth_iv.size > 8)); + } + + if (upd_info->flags & SA_CMDL_UPD_AUX_KEY) { + int offset = (auth_size & 0xF) ? 4 : 0; + + memcpy(&cmdl[upd_info->aux_key_info.index], + &upd_info->aux_key[offset], 16); + } + } +} + +/* Format SWINFO words to be sent to SA */ +static +void sa_set_swinfo(u8 eng_id, u16 sc_id, dma_addr_t sc_phys, + u8 cmdl_present, u8 cmdl_offset, u8 flags, + u8 hash_size, u32 *swinfo) +{ + swinfo[0] = sc_id; + swinfo[0] |= (flags << __ffs(SA_SW0_FLAGS_MASK)); + if (likely(cmdl_present)) + swinfo[0] |= ((cmdl_offset | SA_SW0_CMDL_PRESENT) << + __ffs(SA_SW0_CMDL_INFO_MASK)); + swinfo[0] |= (eng_id << __ffs(SA_SW0_ENG_ID_MASK)); + + swinfo[0] |= SA_SW0_DEST_INFO_PRESENT; + swinfo[1] = (u32)(sc_phys & 0xFFFFFFFFULL); + swinfo[2] = (u32)((sc_phys & 0xFFFFFFFF00000000ULL) >> 32); + swinfo[2] |= (hash_size << __ffs(SA_SW2_EGRESS_LENGTH)); +} + +/* Dump the security context */ +static void sa_dump_sc(u8 *buf, dma_addr_t dma_addr) +{ +#ifdef DEBUG + dev_info(sa_k3_dev, "Security context dump:: 0x%pad\n", &dma_addr); + print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET, + 16, 1, buf, SA_CTX_MAX_SZ, false); +#endif +} + +static +int sa_init_sc(struct sa_ctx_info *ctx, const u8 *enc_key, + u16 enc_key_sz, const u8 *auth_key, u16 auth_key_sz, + struct algo_data *ad, u8 enc, u32 *swinfo, bool auth_req) +{ + int use_enc = 0; + int enc_sc_offset, auth_sc_offset; + u8 *sc_buf = ctx->sc; + u16 sc_id = ctx->sc_id; + u16 aad_len = 0; /* Currently not supporting AEAD algo */ + u8 first_engine; + + memzero_explicit(sc_buf, SA_CTX_MAX_SZ); + + if (ad->auth_eng.eng_id <= SA_ENG_ID_EM2 || !auth_req) + use_enc = 1; + + /* Determine the order of encryption & Authentication contexts */ + if (enc || !use_enc) { + if (auth_req) { + enc_sc_offset = SA_CTX_PHP_PE_CTX_SZ; + auth_sc_offset = enc_sc_offset + ad->enc_eng.sc_size; + } else { + enc_sc_offset = SA_CTX_PHP_PE_CTX_SZ; + } + } else { + auth_sc_offset = SA_CTX_PHP_PE_CTX_SZ; + enc_sc_offset = auth_sc_offset + ad->auth_eng.sc_size; + } + + /* SCCTL Owner info: 0=host, 1=CP_ACE */ + sc_buf[SA_CTX_SCCTL_OWNER_OFFSET] = 0; + /* SCCTL F/E control */ + if (auth_req) + sc_buf[1] = SA_SCCTL_FE_AUTH_ENC; + else + sc_buf[1] = SA_SCCTL_FE_ENC; + memcpy(&sc_buf[2], &sc_id, 2); + sc_buf[4] = 0x0; + sc_buf[5] = PRIV_ID; + sc_buf[6] = PRIV; + sc_buf[7] = 0x0; + + /* Initialize the rest of PHP context */ + memzero_explicit(sc_buf + SA_SCCTL_SZ, SA_CTX_PHP_PE_CTX_SZ - + SA_SCCTL_SZ); + + /* Prepare context for encryption engine */ + if (ad->enc_eng.sc_size) { + if (sa_set_sc_enc(ad, enc_key, enc_key_sz, aad_len, + enc, &sc_buf[enc_sc_offset])) + return -EINVAL; + } + + /* Prepare context for authentication engine */ + if (ad->auth_eng.sc_size) { + if (use_enc) { + if (sa_set_sc_enc(ad, auth_key, auth_key_sz, + aad_len, 0, &sc_buf[auth_sc_offset])) + return -EINVAL; + } else { + sa_set_sc_auth(ad, auth_key, auth_key_sz, + &sc_buf[auth_sc_offset]); + } + } + + /* Set the ownership of context to CP_ACE */ + sc_buf[SA_CTX_SCCTL_OWNER_OFFSET] = 0x80; + + /* swizzle the security context */ + sa_swiz_128(sc_buf, SA_CTX_MAX_SZ); + /* Setup SWINFO */ + if (!auth_req) + first_engine = ad->enc_eng.eng_id; + else + first_engine = enc ? ad->enc_eng.eng_id : ad->auth_eng.eng_id; + + if (auth_req) { + if (!ad->hash_size) + return -EINVAL; + /* Round up the tag size to multiple of 4 */ + ad->hash_size = roundup(ad->hash_size, 8); + } + + sa_set_swinfo(first_engine, ctx->sc_id, ctx->sc_phys, 1, 0, + SA_SW_INFO_FLAG_EVICT, ad->hash_size, swinfo); + + sa_dump_sc(sc_buf, ctx->sc_phys); + + return 0; +} + +/* Free the per direction context memory */ +static void sa_free_ctx_info(struct sa_ctx_info *ctx, + struct sa_crypto_data *data) +{ + unsigned long bn; + + bn = ctx->sc_id - data->sc_id_start; + spin_lock(&data->scid_lock); + __clear_bit(bn, data->ctx_bm); + data->sc_id--; + spin_unlock(&data->scid_lock); + + if (ctx->sc) { + dma_pool_free(data->sc_pool, ctx->sc, ctx->sc_phys); + ctx->sc = NULL; + } +} + +static int sa_init_ctx_info(struct sa_ctx_info *ctx, + struct sa_crypto_data *data) +{ + unsigned long bn; + int err; + + spin_lock(&data->scid_lock); + bn = find_first_zero_bit(data->ctx_bm, SA_MAX_NUM_CTX); + __set_bit(bn, data->ctx_bm); + data->sc_id++; + spin_unlock(&data->scid_lock); + + ctx->sc_id = (u16)(data->sc_id_start + bn); + + ctx->sc = dma_pool_alloc(data->sc_pool, GFP_KERNEL, &ctx->sc_phys); + if (!ctx->sc) { + dev_err(&data->pdev->dev, "Failed to allocate SC memory\n"); + err = -ENOMEM; + goto scid_rollback; + } + + return 0; + +scid_rollback: + spin_lock(&data->scid_lock); + __clear_bit(bn, data->ctx_bm); + data->sc_id--; + spin_unlock(&data->scid_lock); + + return err; +} + +static void sa_aes_cra_exit(struct crypto_tfm *tfm) +{ + struct crypto_alg *alg = tfm->__crt_alg; + struct sa_tfm_ctx *ctx = crypto_tfm_ctx(tfm); + struct sa_crypto_data *data = dev_get_drvdata(sa_k3_dev); + + dev_dbg(sa_k3_dev, "%s(0x%p) sc-ids(0x%x(0x%pad), 0x%x(0x%pad))\n", + __func__, tfm, ctx->enc.sc_id, &ctx->enc.sc_phys, + ctx->dec.sc_id, &ctx->dec.sc_phys); + + if ((alg->cra_flags & CRYPTO_ALG_TYPE_ABLKCIPHER) + == CRYPTO_ALG_TYPE_ABLKCIPHER) { + sa_free_ctx_info(&ctx->enc, data); + sa_free_ctx_info(&ctx->dec, data); + } +} + +static int sa_aes_cra_init(struct crypto_tfm *tfm) +{ + struct sa_tfm_ctx *ctx = crypto_tfm_ctx(tfm); + struct crypto_alg *alg = tfm->__crt_alg; + struct sa_crypto_data *data = dev_get_drvdata(sa_k3_dev); + int ret; + + if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == + CRYPTO_ALG_TYPE_ABLKCIPHER) { + memzero_explicit(ctx, sizeof(*ctx)); + ctx->dev_data = data; + + ret = sa_init_ctx_info(&ctx->enc, data); + if (ret) + return ret; + ret = sa_init_ctx_info(&ctx->dec, data); + if (ret) { + sa_free_ctx_info(&ctx->enc, data); + return ret; + } + } + + dev_dbg(sa_k3_dev, "%s(0x%p) sc-ids(0x%x(0x%pad), 0x%x(0x%pad))\n", + __func__, tfm, ctx->enc.sc_id, &ctx->enc.sc_phys, + ctx->dec.sc_id, &ctx->dec.sc_phys); + return 0; +} + +static int sa_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, + unsigned int keylen, struct algo_data *ad) +{ + struct sa_tfm_ctx *ctx = crypto_ablkcipher_ctx(tfm); + + const char *cra_name; + int cmdl_len; + struct sa_cmdl_cfg cfg; + + if (keylen != AES_KEYSIZE_128 && keylen != AES_KEYSIZE_192 && + keylen != AES_KEYSIZE_256) + return -EINVAL; + + cra_name = crypto_tfm_alg_name(&tfm->base); + + memzero_explicit(&cfg, sizeof(cfg)); + cfg.enc1st = 1; + cfg.enc_eng_id = ad->enc_eng.eng_id; + cfg.iv_size = crypto_ablkcipher_ivsize(tfm); + cfg.auth_eng_id = SA_ENG_ID_NONE; + cfg.auth_subkey_len = 0; + + /* Setup Encryption Security Context & Command label template */ + if (sa_init_sc(&ctx->enc, key, keylen, + NULL, 0, ad, 1, &ctx->enc.epib[1], false)) + goto badkey; + + cmdl_len = sa_format_cmdl_gen(&cfg, + (u8 *)ctx->enc.cmdl, + &ctx->enc.cmdl_upd_info); + if (cmdl_len <= 0 || (cmdl_len > SA_MAX_CMDL_WORDS * sizeof(u32))) + goto badkey; + + ctx->enc.cmdl_size = cmdl_len; + + /* Setup Decryption Security Context & Command label template */ + if (sa_init_sc(&ctx->dec, key, keylen, + NULL, 0, ad, 0, &ctx->dec.epib[1], false)) + goto badkey; + + cfg.enc1st = 0; + cfg.enc_eng_id = ad->enc_eng.eng_id; + cfg.auth_eng_id = SA_ENG_ID_NONE; + cfg.auth_subkey_len = 0; + cmdl_len = sa_format_cmdl_gen(&cfg, (u8 *)ctx->dec.cmdl, + &ctx->dec.cmdl_upd_info); + + if (cmdl_len <= 0 || (cmdl_len > SA_MAX_CMDL_WORDS * sizeof(u32))) + goto badkey; + + ctx->dec.cmdl_size = cmdl_len; + + kfree(ad); + + return 0; + +badkey: + dev_err(sa_k3_dev, "%s: badkey\n", __func__); + return -EINVAL; +} + +static int sa_aes_cbc_setkey(struct crypto_ablkcipher *tfm, const u8 *key, + unsigned int keylen) +{ + struct algo_data *ad = kzalloc(sizeof(*ad), GFP_KERNEL); + /* Convert the key size (16/24/32) to the key size index (0/1/2) */ + int key_idx = (keylen >> 3) - 2; + + ad->enc_eng.eng_id = SA_ENG_ID_EM1; + ad->enc_eng.sc_size = SA_CTX_ENC_TYPE1_SZ; + ad->auth_eng.eng_id = SA_ENG_ID_NONE; + ad->auth_eng.sc_size = 0; + ad->mci_enc = mci_cbc_enc_array[key_idx]; + ad->mci_dec = mci_cbc_dec_array[key_idx]; + ad->inv_key = true; + ad->ealg_id = SA_EALG_ID_AES_CBC; + ad->aalg_id = SA_AALG_ID_NONE; + + return sa_aes_setkey(tfm, key, keylen, ad); +} + +static void sa_aes_dma_in_callback(void *data) +{ + struct sa_rx_data *rxd = (struct sa_rx_data *)data; + struct ablkcipher_request *req = (struct ablkcipher_request *)rxd->req; + + int sglen = sg_nents_for_len(req->dst, req->nbytes); + + kfree(rxd); + + dma_unmap_sg(sa_k3_dev, req->src, sglen, DMA_TO_DEVICE); + if (req->src != req->dst) + dma_unmap_sg(rxd->ddev, req->dst, sglen, DMA_FROM_DEVICE); + + ablkcipher_request_complete(req, 0); +} + +static void +sa_prepare_tx_desc(u32 *mdptr, u32 pslen, u32 *psdata, u32 epiblen, u32 *epib) +{ + u32 *out, *in; + int i; + + for (out = mdptr, in = epib, i = 0; i < epiblen / sizeof(u32); i++) + *out++ = *in++; + + mdptr[4] = (0xFFFF << 16); + for (out = &mdptr[5], in = psdata, i = 0; + i < pslen / sizeof(u32); i++) + *out++ = *in++; +} + +static int sa_aes_run(struct ablkcipher_request *req, u8 *iv, int enc) +{ + struct sa_tfm_ctx *ctx = + crypto_ablkcipher_ctx(crypto_ablkcipher_reqtfm(req)); + struct sa_ctx_info *sa_ctx = enc ? &ctx->enc : &ctx->dec; + struct sa_crypto_data *pdata = dev_get_drvdata(sa_k3_dev); + struct sa_dma_req_ctx req_ctx; + struct dma_async_tx_descriptor *tx_in, *tx_out; + struct sa_rx_data *rxd; + u8 enc_offset; + int sg_nents, dst_nents; + int psdata_offset; + u8 auth_offset = 0; + u8 *auth_iv = NULL; + u8 *aad = NULL; + u8 aad_len = 0; + u16 enc_len; + u16 auth_len = 0; + u32 req_type; + u32 *mdptr; + size_t pl, ml; + + struct device *ddev; + struct dma_chan *dma_rx; + gfp_t flags; + + flags = req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP ? + GFP_KERNEL : GFP_ATOMIC; + + enc_offset = 0x0; + enc_len = req->nbytes; + + if (enc_len >= 256) + dma_rx = pdata->dma_rx2; + else + dma_rx = pdata->dma_rx1; + + /* Allocate descriptor & submit packet */ + sg_nents = sg_nents_for_len(req->src, enc_len); + dst_nents = sg_nents_for_len(req->dst, enc_len); + + memcpy(req_ctx.cmdl, sa_ctx->cmdl, sa_ctx->cmdl_size); + + /* Update Command Label */ + sa_update_cmdl(sa_k3_dev, enc_offset, enc_len, + iv, auth_offset, auth_len, + auth_iv, aad_len, aad, + &sa_ctx->cmdl_upd_info, req_ctx.cmdl); + + /* + * Last 2 words in PSDATA will have the crypto alg type & + * crypto request pointer + */ + req_type = CRYPTO_ALG_TYPE_ABLKCIPHER; + if (enc) + req_type |= (SA_REQ_SUBTYPE_ENC << SA_REQ_SUBTYPE_SHIFT); + else + req_type |= (SA_REQ_SUBTYPE_DEC << SA_REQ_SUBTYPE_SHIFT); + + psdata_offset = sa_ctx->cmdl_size / sizeof(u32); + req_ctx.cmdl[psdata_offset++] = req_type; + + ddev = dma_rx->device->dev; + /* map the packet */ + req_ctx.src = req->src; + req_ctx.src_nents = dma_map_sg(sa_k3_dev, req->src, sg_nents, + DMA_TO_DEVICE); + if (req->src != req->dst) + dst_nents = dma_map_sg(ddev, req->dst, sg_nents, + DMA_FROM_DEVICE); + else + dst_nents = req_ctx.src_nents; + + if (unlikely(req_ctx.src_nents != sg_nents)) { + dev_warn_ratelimited(sa_k3_dev, "failed to map tx pkt\n"); + return -EIO; + } + + req_ctx.dev_data = pdata; + req_ctx.pkt = true; + + dma_sync_sg_for_device(pdata->dev, req->src, req_ctx.src_nents, + DMA_TO_DEVICE); + + tx_in = dmaengine_prep_slave_sg(dma_rx, req->dst, dst_nents, + DMA_DEV_TO_MEM, + DMA_PREP_INTERRUPT | DMA_CTRL_ACK); + if (!tx_in) { + dev_err(pdata->dev, "IN prep_slave_sg() failed\n"); + return -EINVAL; + } + + rxd = kzalloc(sizeof(*rxd), GFP_KERNEL); + rxd->req = (void *)req; + rxd->ddev = ddev; + + /* IN */ + tx_in->callback = sa_aes_dma_in_callback; + tx_in->callback_param = rxd; + + tx_out = dmaengine_prep_slave_sg(pdata->dma_tx, req->src, + req_ctx.src_nents, DMA_MEM_TO_DEV, + DMA_PREP_INTERRUPT | DMA_CTRL_ACK); + if (!tx_out) { + dev_err(pdata->dev, "OUT prep_slave_sg() failed\n"); + return -EINVAL; + } + + mdptr = (u32 *)dmaengine_desc_get_metadata_ptr(tx_out, &pl, &ml); + + sa_prepare_tx_desc(mdptr, (sa_ctx->cmdl_size + (SA_PSDATA_CTX_WORDS * + sizeof(u32))), req_ctx.cmdl, + sizeof(sa_ctx->epib), sa_ctx->epib); + + ml = sa_ctx->cmdl_size + (SA_PSDATA_CTX_WORDS * sizeof(u32)); + dmaengine_desc_set_metadata_len(tx_out, 44); + + dmaengine_submit(tx_out); + dmaengine_submit(tx_in); + + dma_async_issue_pending(dma_rx); + dma_async_issue_pending(pdata->dma_tx); + + return -EINPROGRESS; +} + +static int sa_aes_cbc_encrypt(struct ablkcipher_request *req) +{ + return sa_aes_run(req, req->info, 1); +} + +static int sa_aes_cbc_decrypt(struct ablkcipher_request *req) +{ + return sa_aes_run(req, req->info, 0); +} + +static struct sa_alg_tmpl sa_algs[] = { + {.type = CRYPTO_ALG_TYPE_ABLKCIPHER, + .alg.crypto = { + .cra_name = "cbc(aes)", + .cra_driver_name = "cbc-aes-sa2ul", + .cra_priority = 30000, + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ASYNC | + CRYPTO_ALG_NEED_FALLBACK, + .cra_blocksize = AES_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct sa_tfm_ctx), + .cra_alignmask = 0, + .cra_type = &crypto_ablkcipher_type, + .cra_module = THIS_MODULE, + .cra_init = sa_aes_cra_init, + .cra_exit = sa_aes_cra_exit, + .cra_u.ablkcipher = { + .min_keysize = AES_MIN_KEY_SIZE, + .max_keysize = AES_MAX_KEY_SIZE, + .ivsize = AES_BLOCK_SIZE, + .setkey = sa_aes_cbc_setkey, + .encrypt = sa_aes_cbc_encrypt, + .decrypt = sa_aes_cbc_decrypt, + } + } + }, +}; + +/* Register the algorithms in crypto framework */ +void sa_register_algos(const struct device *dev) +{ + char *alg_name; + u32 type; + int i, err, num_algs = ARRAY_SIZE(sa_algs); + + for (i = 0; i < num_algs; i++) { + type = sa_algs[i].type; + if (type == CRYPTO_ALG_TYPE_AEAD) { + alg_name = sa_algs[i].alg.aead.base.cra_name; + err = crypto_register_aead(&sa_algs[i].alg.aead); + } else if (type == CRYPTO_ALG_TYPE_ABLKCIPHER) { + alg_name = sa_algs[i].alg.crypto.cra_name; + err = crypto_register_alg(&sa_algs[i].alg.crypto); + } else { + dev_err(dev, + "un-supported crypto algorithm (%d)", + sa_algs[i].type); + continue; + } + + if (err) + dev_err(dev, "Failed to register '%s'\n", alg_name); + else + sa_algs[i].registered = 1; + } +} + +/* Unregister the algorithms in crypto framework */ +void sa_unregister_algos(const struct device *dev) +{ + char *alg_name; + u32 type; + int i, err = 0, num_algs = ARRAY_SIZE(sa_algs); + + for (i = 0; i < num_algs; i++) { + type = sa_algs[i].type; + if (type == CRYPTO_ALG_TYPE_AEAD) { + alg_name = sa_algs[i].alg.aead.base.cra_name; + crypto_unregister_aead(&sa_algs[i].alg.aead); + } else { + alg_name = sa_algs[i].alg.crypto.cra_name; + err = crypto_unregister_alg(&sa_algs[i].alg.crypto); + } + + sa_algs[i].registered = 0; + } +} + +static int sa_init_mem(struct sa_crypto_data *dev_data) +{ + struct device *dev = &dev_data->pdev->dev; + /* Setup dma pool for security context buffers */ + dev_data->sc_pool = dma_pool_create("keystone-sc", dev, + SA_CTX_MAX_SZ, 64, 0); + if (!dev_data->sc_pool) { + dev_err(dev, "Failed to create dma pool"); + return -ENOMEM; + } + + return 0; +} + +static int sa_dma_init(struct sa_crypto_data *dd) +{ + int ret; + struct dma_slave_config cfg; + + dd->dma_rx1 = NULL; + dd->dma_tx = NULL; + dd->dma_rx2 = NULL; + + ret = dma_coerce_mask_and_coherent(dd->dev, DMA_BIT_MASK(48)); + if (ret) + return ret; + + dd->dma_rx1 = dma_request_chan(dd->dev, "rx1"); + if (IS_ERR(dd->dma_rx1)) { + if (PTR_ERR(dd->dma_rx1) != -EPROBE_DEFER) + dev_err(dd->dev, "Unable to request rx1 DMA channel\n"); + return PTR_ERR(dd->dma_rx1); + } + + dd->dma_rx2 = dma_request_chan(dd->dev, "rx2"); + if (IS_ERR(dd->dma_rx2)) { + dma_release_channel(dd->dma_rx1); + if (PTR_ERR(dd->dma_rx1) != -EPROBE_DEFER) + dev_err(dd->dev, "Unable to request rx2 DMA channel\n"); + return PTR_ERR(dd->dma_rx2); + } + + dd->dma_tx = dma_request_chan(dd->dev, "tx"); + if (IS_ERR(dd->dma_tx)) { + if (PTR_ERR(dd->dma_rx1) != -EPROBE_DEFER) + dev_err(dd->dev, "Unable to request tx DMA channel\n"); + ret = PTR_ERR(dd->dma_tx); + goto err_dma_tx; + } + + memzero_explicit(&cfg, sizeof(cfg)); + + cfg.src_addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES; + cfg.dst_addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES; + cfg.src_maxburst = 4; + cfg.dst_maxburst = 4; + + ret = dmaengine_slave_config(dd->dma_rx1, &cfg); + if (ret) { + dev_err(dd->dev, "can't configure IN dmaengine slave: %d\n", + ret); + return ret; + } + + ret = dmaengine_slave_config(dd->dma_rx2, &cfg); + if (ret) { + dev_err(dd->dev, "can't configure IN dmaengine slave: %d\n", + ret); + return ret; + } + + ret = dmaengine_slave_config(dd->dma_tx, &cfg); + if (ret) { + dev_err(dd->dev, "can't configure OUT dmaengine slave: %d\n", + ret); + return ret; + } + + return 0; + +err_dma_tx: + dma_release_channel(dd->dma_rx1); + dma_release_channel(dd->dma_rx2); + + return ret; +} + +static int sa_ul_probe(struct platform_device *pdev) +{ + struct device *dev = &pdev->dev; + struct resource *res; + static void __iomem *saul_base; + struct sa_crypto_data *dev_data; + u32 val; + int ret; + + dev_data = devm_kzalloc(dev, sizeof(*dev_data), GFP_KERNEL); + if (!dev_data) + return -ENOMEM; + + sa_k3_dev = dev; + dev_data->dev = dev; + dev_data->pdev = pdev; + platform_set_drvdata(pdev, dev_data); + dev_set_drvdata(sa_k3_dev, dev_data); + + sa_init_mem(dev_data); + ret = sa_dma_init(dev_data); + if (ret) + return ret; + + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); + saul_base = devm_ioremap_resource(dev, res); + + val = SA_EEC_ENCSS_EN | SA_EEC_AUTHSS_EN | SA_EEC_CTXCACH_EN | + SA_EEC_CPPI_PORT_IN_EN | SA_EEC_CPPI_PORT_OUT_EN | SA_EEC_TRNG_EN; + + writel_relaxed(val, saul_base + SA_ENGINE_ENABLE_CONTROL); + + sa_register_algos(dev); + + return 0; +} + +static int sa_ul_remove(struct platform_device *pdev) +{ + struct sa_crypto_data *dev_data = platform_get_drvdata(pdev); + + sa_unregister_algos(&pdev->dev); + + dma_release_channel(dev_data->dma_rx2); + dma_release_channel(dev_data->dma_rx1); + dma_release_channel(dev_data->dma_tx); + + dma_pool_destroy(dev_data->sc_pool); + + platform_set_drvdata(pdev, NULL); + + return 0; +} + +static const struct of_device_id of_match[] = { + {.compatible = "ti,sa2ul-crypto",}, + {}, +}; +MODULE_DEVICE_TABLE(of, of_match); + +static struct platform_driver sa_ul_driver = { + .probe = sa_ul_probe, + .remove = sa_ul_remove, + .driver = { + .name = "saul-crypto", + .of_match_table = of_match, + }, +}; +module_platform_driver(sa_ul_driver); +MODULE_LICENSE("GPL v2"); diff --git a/drivers/crypto/sa2ul.h b/drivers/crypto/sa2ul.h new file mode 100644 index 000000000000..caf3c88dcf2b --- /dev/null +++ b/drivers/crypto/sa2ul.h @@ -0,0 +1,384 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * AM6 SA2UL crypto accelerator driver + * + * Copyright (C) 2018 Texas Instruments Incorporated - http://www.ti.com + * + * Authors: Keerthy + * Vitaly Andrianov + */ + +#ifndef _K3_SA2UL_ +#define _K3_SA2UL_ + +#include +#include +#include +#include + +#define SA_ENGINE_ENABLE_CONTROL 0x1000 + +struct sa_tfm_ctx; +/* + * SA_ENGINE_ENABLE_CONTROL register bits + */ +#define SA_EEC_ENCSS_EN 0x00000001 +#define SA_EEC_AUTHSS_EN 0x00000002 +#define SA_EEC_TRNG_EN 0x00000008 +#define SA_EEC_PKA_EN 0x00000010 +#define SA_EEC_CTXCACH_EN 0x00000080 +#define SA_EEC_CPPI_PORT_IN_EN 0x00000200 +#define SA_EEC_CPPI_PORT_OUT_EN 0x00000800 + +/* + * Encoding used to identify the typo of crypto operation + * performed on the packet when the packet is returned + * by SA + */ +#define SA_REQ_SUBTYPE_ENC 0x0001 +#define SA_REQ_SUBTYPE_DEC 0x0002 +#define SA_REQ_SUBTYPE_SHIFT 16 +#define SA_REQ_SUBTYPE_MASK 0xffff + +/* Number of 32 bit words in EPIB */ +#define SA_DMA_NUM_EPIB_WORDS 4 + +/* Number of 32 bit words in PS data */ +#define SA_DMA_NUM_PS_WORDS 16 +#define NKEY_SZ 3 +#define MCI_SZ 27 + +/* + * Maximum number of simultaeneous security contexts + * supported by the driver + */ +#define SA_MAX_NUM_CTX 512 + +/* + * Assumption: CTX size is multiple of 32 + */ +#define SA_CTX_SIZE_TO_DMA_SIZE(ctx_sz) \ + ((ctx_sz) ? ((ctx_sz) / 32 - 1) : 0) + +#define SA_CTX_ENC_KEY_OFFSET 32 +#define SA_CTX_ENC_AUX1_OFFSET 64 +#define SA_CTX_ENC_AUX2_OFFSET 96 +#define SA_CTX_ENC_AUX3_OFFSET 112 +#define SA_CTX_ENC_AUX4_OFFSET 128 + +/* Next Engine Select code in CP_ACE */ +#define SA_ENG_ID_EM1 2 /* Enc/Dec engine with AES/DEC core */ +#define SA_ENG_ID_EM2 3 /* Encryption/Decryption enginefor pass 2 */ +#define SA_ENG_ID_AM1 4 /* Auth. engine with SHA1/MD5/SHA2 core */ +#define SA_ENG_ID_AM2 5 /* Authentication engine for pass 2 */ +#define SA_ENG_ID_OUTPORT2 20 /* Egress module 2 */ +#define SA_ENG_ID_NONE 0xff + +/* + * Command Label Definitions + */ +#define SA_CMDL_OFFSET_NESC 0 /* Next Engine Select Code */ +#define SA_CMDL_OFFSET_LABEL_LEN 1 /* Engine Command Label Length */ +/* 16-bit Length of Data to be processed */ +#define SA_CMDL_OFFSET_DATA_LEN 2 +#define SA_CMDL_OFFSET_DATA_OFFSET 4 /* Stat Data Offset */ +#define SA_CMDL_OFFSET_OPTION_CTRL1 5 /* Option Control Byte 1 */ +#define SA_CMDL_OFFSET_OPTION_CTRL2 6 /* Option Control Byte 2 */ +#define SA_CMDL_OFFSET_OPTION_CTRL3 7 /* Option Control Byte 3 */ +#define SA_CMDL_OFFSET_OPTION_BYTE 8 + +#define SA_CMDL_HEADER_SIZE_BYTES 8 + +#define SA_CMDL_OPTION_BYTES_MAX_SIZE 72 +#define SA_CMDL_MAX_SIZE_BYTES (SA_CMDL_HEADER_SIZE_BYTES + \ + SA_CMDL_OPTION_BYTES_MAX_SIZE) + +/* SWINFO word-0 flags */ +#define SA_SW_INFO_FLAG_EVICT 0x0001 +#define SA_SW_INFO_FLAG_TEAR 0x0002 +#define SA_SW_INFO_FLAG_NOPD 0x0004 + +/* + * This type represents the various packet types to be processed + * by the PHP engine in SA. + * It is used to identify the corresponding PHP processing function. + */ +#define SA_CTX_PE_PKT_TYPE_3GPP_AIR 0 /* 3GPP Air Cipher */ +#define SA_CTX_PE_PKT_TYPE_SRTP 1 /* SRTP */ +#define SA_CTX_PE_PKT_TYPE_IPSEC_AH 2 /* IPSec Authentication Header */ +/* IPSec Encapsulating Security Payload */ +#define SA_CTX_PE_PKT_TYPE_IPSEC_ESP 3 +/* Indicates that it is in data mode, It may not be used by PHP */ +#define SA_CTX_PE_PKT_TYPE_NONE 4 +#define SA_CTX_ENC_TYPE1_SZ 64 /* Encryption SC with Key only */ +#define SA_CTX_ENC_TYPE2_SZ 96 /* Encryption SC with Key and Aux1 */ + +#define SA_CTX_AUTH_TYPE1_SZ 64 /* Auth SC with Key only */ +#define SA_CTX_AUTH_TYPE2_SZ 96 /* Auth SC with Key and Aux1 */ +/* Size of security context for PHP engine */ +#define SA_CTX_PHP_PE_CTX_SZ 64 + +#define SA_CTX_MAX_SZ (64 + SA_CTX_ENC_TYPE2_SZ + SA_CTX_AUTH_TYPE2_SZ) + +/* + * Encoding of F/E control in SCCTL + * Bit 0-1: Fetch PHP Bytes + * Bit 2-3: Fetch Encryption/Air Ciphering Bytes + * Bit 4-5: Fetch Authentication Bytes or Encr pass 2 + * Bit 6-7: Evict PHP Bytes + * + * where 00 = 0 bytes + * 01 = 64 bytes + * 10 = 96 bytes + * 11 = 128 bytes + */ +#define SA_CTX_DMA_SIZE_0 0 +#define SA_CTX_DMA_SIZE_64 1 +#define SA_CTX_DMA_SIZE_96 2 +#define SA_CTX_DMA_SIZE_128 3 + +/* + * Byte offset of the owner word in SCCTL + * in the security context + */ +#define SA_CTX_SCCTL_OWNER_OFFSET 0 + +#define SA_CTX_ENC_KEY_OFFSET 32 +#define SA_CTX_ENC_AUX1_OFFSET 64 +#define SA_CTX_ENC_AUX2_OFFSET 96 +#define SA_CTX_ENC_AUX3_OFFSET 112 +#define SA_CTX_ENC_AUX4_OFFSET 128 + +#define SA_SCCTL_FE_AUTH_ENC 0x65 +#define SA_SCCTL_FE_ENC 0x8D + +#define SA_ALIGN_MASK (sizeof(u32) - 1) +#define SA_ALIGNED __aligned(32) + +/** + * struct sa_crypto_data - Crypto driver instance data + * @pdev: Platform device pointer + * @sc_pool: security context pool + * @dev: Device pointer + * @scid_lock: secure context ID lock + * @sc_id_start: starting index for SC ID + * @sc_id_end: Ending index for SC ID + * @sc_id: Security Context ID + * @ctx_bm: Bitmap to keep track of Security context ID's + * @ctx: SA tfm context pointer + * @dma_rx1: Pointer to DMA rx channel for sizes < 256 Bytes + * @dma_rx2: Pointer to DMA rx channel for sizes > 256 Bytes + * @dma_tx: Pointer to DMA TX channel + */ +struct sa_crypto_data { + struct platform_device *pdev; + struct dma_pool *sc_pool; + struct device *dev; + spinlock_t scid_lock; /* lock for SC-ID allocation */ + /* Security context data */ + u16 sc_id_start; + u16 sc_id_end; + u16 sc_id; + unsigned long ctx_bm[DIV_ROUND_UP(SA_MAX_NUM_CTX, + BITS_PER_LONG)]; + struct sa_tfm_ctx *ctx; + struct dma_chan *dma_rx1; + struct dma_chan *dma_rx2; + struct dma_chan *dma_tx; +}; + +/** + * struct sa_cmdl_param_info: Command label parameters info + * @index: Index of the parameter in the command label format + * @offset: the offset of the parameter + * @size: Size of the parameter + */ +struct sa_cmdl_param_info { + u16 index; + u16 offset; + u16 size; +}; + +/* Maximum length of Auxiliary data in 32bit words */ +#define SA_MAX_AUX_DATA_WORDS 8 + +/** + * struct sa_cmdl_upd_info: Command label updation info + * @flags: flags in command label + * @submode: Encryption submodes + * @enc_size: Size of first pass encryption size + * @enc_size2: Size of second pass encryption size + * @enc_offset: Encryption payload offset in the packet + * @enc_iv: Encryption initialization vector for pass2 + * @enc_iv2: Encryption initialization vector for pass2 + * @aad: Associated data + * @payload: Payload info + * @auth_size: Authentication size for pass 1 + * @auth_size2: Authentication size for pass 2 + * @auth_offset: Authentication payload offset + * @auth_iv: Authentication initialization vector + * @aux_key_info: Authentication aux key information + * @aux_key: Aux key for authentication + */ +struct sa_cmdl_upd_info { + u16 flags; + u16 submode; + struct sa_cmdl_param_info enc_size; + struct sa_cmdl_param_info enc_size2; + struct sa_cmdl_param_info enc_offset; + struct sa_cmdl_param_info enc_iv; + struct sa_cmdl_param_info enc_iv2; + struct sa_cmdl_param_info aad; + struct sa_cmdl_param_info payload; + struct sa_cmdl_param_info auth_size; + struct sa_cmdl_param_info auth_size2; + struct sa_cmdl_param_info auth_offset; + struct sa_cmdl_param_info auth_iv; + struct sa_cmdl_param_info aux_key_info; + u32 aux_key[SA_MAX_AUX_DATA_WORDS]; +}; + +/* + * Number of 32bit words appended after the command label + * in PSDATA to identify the crypto request context. + * word-0: Request type + * word-1: pointer to request + */ +#define SA_PSDATA_CTX_WORDS 4 + +/* Maximum size of Command label in 32 words */ +#define SA_MAX_CMDL_WORDS (SA_DMA_NUM_PS_WORDS - SA_PSDATA_CTX_WORDS) + +/** + * struct sa_ctx_info: SA context information + * @sc: Pointer to security context + * @sc_phys: Security context physical address that is passed on to SA2UL + * @cmdl_size: Command label size + * @cmdl: Command label for a particular iteration + * @cmdl_upd_info: structure holding command label updation info + * @epib: Extended protocol information block words + */ +struct sa_ctx_info { + u8 *sc; + dma_addr_t sc_phys; + u16 sc_id; + u16 cmdl_size; + u32 cmdl[SA_MAX_CMDL_WORDS]; + struct sa_cmdl_upd_info cmdl_upd_info; + /* Store Auxiliary data such as K2/K3 subkeys in AES-XCBC */ + u32 epib[SA_DMA_NUM_EPIB_WORDS]; +}; + +struct sa_sham_hmac_ctx { + struct crypto_shash *shash; + u8 ipad[SHA512_BLOCK_SIZE] SA_ALIGNED; + u8 opad[SHA512_BLOCK_SIZE] SA_ALIGNED; +}; + +/** + * struct sa_tfm_ctx: TFM context structure + * @dev_data: struct sa_crypto_data pointer + * @enc: struct sa_ctx_info for encryption + * @dec: struct sa_ctx_info for decryption + * @auth: struct sa_ctx_info for authentication + * @keylen: encrption/decryption keylength + * @key: encryption key + * @shash: software hash crypto_hash + * @authkey: authentication key + */ +struct sa_tfm_ctx { + struct sa_crypto_data *dev_data; + struct sa_ctx_info enc; + struct sa_ctx_info dec; + struct sa_ctx_info auth; + int keylen; + u32 key[AES_KEYSIZE_256 / sizeof(u32)]; + struct sa_sham_hmac_ctx base[0]; + struct crypto_shash *shash; + u8 authkey[SHA512_BLOCK_SIZE]; +}; + +/** + * struct sa_dma_req_ctx: Structure used for tx dma request + * @dev_data: struct sa_crypto_data pointer + * @cmdl: Complete command label with psdata and epib included + * @src: source payload scatterlist pointer + * @src_nents: Number of nodes in source scatterlist + * @pkt: packet dma + */ +struct sa_dma_req_ctx { + struct sa_crypto_data *dev_data; + u32 cmdl[SA_MAX_CMDL_WORDS + SA_PSDATA_CTX_WORDS]; + struct scatterlist *src; + unsigned int src_nents; + bool pkt; +}; + +enum sa_submode { + SA_MODE_GEN = 0, + SA_MODE_CCM, + SA_MODE_GCM, + SA_MODE_GMAC +}; + +/* Encryption algorithms */ +enum sa_ealg_id { + SA_EALG_ID_NONE = 0, /* No encryption */ + SA_EALG_ID_NULL, /* NULL encryption */ + SA_EALG_ID_AES_CTR, /* AES Counter mode */ + SA_EALG_ID_AES_F8, /* AES F8 mode */ + SA_EALG_ID_AES_CBC, /* AES CBC mode */ + SA_EALG_ID_DES_CBC, /* DES CBC mode */ + SA_EALG_ID_3DES_CBC, /* 3DES CBC mode */ + SA_EALG_ID_CCM, /* Counter with CBC-MAC mode */ + SA_EALG_ID_GCM, /* Galois Counter mode */ + SA_EALG_ID_AES_ECB, + SA_EALG_ID_LAST +}; + +/* Authentication algorithms */ +enum sa_aalg_id { + SA_AALG_ID_NONE = 0, /* No Authentication */ + SA_AALG_ID_NULL = SA_EALG_ID_LAST, /* NULL Authentication */ + SA_AALG_ID_MD5, /* MD5 mode */ + SA_AALG_ID_SHA1, /* SHA1 mode */ + SA_AALG_ID_SHA2_224, /* 224-bit SHA2 mode */ + SA_AALG_ID_SHA2_256, /* 256-bit SHA2 mode */ + SA_AALG_ID_HMAC_MD5, /* HMAC with MD5 mode */ + SA_AALG_ID_HMAC_SHA1, /* HMAC with SHA1 mode */ + SA_AALG_ID_HMAC_SHA2_224, /* HMAC with 224-bit SHA2 mode */ + SA_AALG_ID_HMAC_SHA2_256, /* HMAC with 256-bit SHA2 mode */ + SA_AALG_ID_GMAC, /* Galois Message Auth. Code mode */ + SA_AALG_ID_CMAC, /* Cipher-based Mes. Auth. Code mode */ + SA_AALG_ID_CBC_MAC, /* Cipher Block Chaining */ + SA_AALG_ID_AES_XCBC /* AES Extended Cipher Block Chaining */ +}; + +/* + * Mode control engine algorithms used to index the + * mode control instruction tables + */ +enum sa_eng_algo_id { + SA_ENG_ALGO_ECB = 0, + SA_ENG_ALGO_CBC, + SA_ENG_ALGO_CFB, + SA_ENG_ALGO_OFB, + SA_ENG_ALGO_CTR, + SA_ENG_ALGO_F8, + SA_ENG_ALGO_F8F9, + SA_ENG_ALGO_GCM, + SA_ENG_ALGO_GMAC, + SA_ENG_ALGO_CCM, + SA_ENG_ALGO_CMAC, + SA_ENG_ALGO_CBCMAC, + SA_NUM_ENG_ALGOS +}; + +struct sa_eng_info { + u8 eng_id; + u16 sc_size; +}; + +extern struct device *sa_ks2_dev; + +#endif /* _K3_SA2UL_ */ From patchwork Tue Jun 18 12:08:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001487 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B6F0A924 for ; Tue, 18 Jun 2019 12:10:19 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A4CC828A61 for ; Tue, 18 Jun 2019 12:10:19 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9934328A63; Tue, 18 Jun 2019 12:10:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 1F65D28A68 for ; Tue, 18 Jun 2019 12:10:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=PlJQP/D4lBoGJdr2E6VAQzex61miTopmBHMiO2bVsCA=; b=rPdv2p/rMNqcl9 alj7/+kg5rGMAZs1PCHgx7GUlzPSWo1qUkt9pxN+aXcA19h52maIYSt5ZCyvut8GqCGIBmZBraYkJ HA8Twyq5/ByhekcENzk1FMxOeLicNFaqW+iqS8murkR7nKo3LHa0ivd+BLcFzrUBIGkvrgpO/n299 CdFtzt9dnxKXyQkUXuQh9e0W/Mc+DYckKpntxKut7OFj64dnDFHgDjZOlltrcTPKP9STt6NHESG5y /PpR8dxRa368OVuLu1V8WPFrvtDM2+pB6nM2ciZBSe91k7Ca0BpUXnzq30/zQ9M1Yp5Q134ArrvRN 7aLGzXV+lf8bhLXxpFoA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCwF-0003rD-P8; Tue, 18 Jun 2019 12:10:11 +0000 Received: from fllv0016.ext.ti.com ([198.47.19.142]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCul-0002tK-NR for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:08:44 +0000 Received: from lelv0266.itg.ti.com ([10.180.67.225]) by fllv0016.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8Liq113658; Tue, 18 Jun 2019 07:08:21 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859701; bh=LRrIRoI605SGe2Kd9jqNqCwySQtTN507at5OWZZ7EhQ=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=C3fhHXu0nAxcsjDZskUqYz9lCCd4cdSn3XxCIoZahIkc0Il9VSA/18e6Uxa50Km9X oH4Ntxd68d8xPdbuPMX7MkNAuDSejMcFkL7p1bhpgTSsRW+aBR6xlsIv0wF56h/IxO sYbm0TiaY4bPmpGrwnVszlGvdLQT84WZUDV32gHk= Received: from DFLE105.ent.ti.com (dfle105.ent.ti.com [10.64.6.26]) by lelv0266.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8LWQ044525 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:21 -0500 Received: from DFLE100.ent.ti.com (10.64.6.21) by DFLE105.ent.ti.com (10.64.6.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:21 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DFLE100.ent.ti.com (10.64.6.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:21 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89Gb080327; Tue, 18 Jun 2019 07:08:18 -0500 From: Keerthy To: , , Subject: [PATCH 03/10] crypto: sa2ul: Add AES ECB Mode support Date: Tue, 18 Jun 2019 17:38:36 +0530 Message-ID: <20190618120843.18777-4-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050839_994416_1EE508C5 X-CRM114-Status: GOOD ( 12.55 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Add support for AES algorithm in ECB Mode. Data encryption modes are supported via MCE engine (programmable mode control engine). ECB (Electronic code book) is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value and vice versa. In other words, the same plaintext value will always result in the same ciphertext value. Signed-off-by: Keerthy --- drivers/crypto/sa2ul.c | 76 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c index 64bdf6b2b879..a17c1f66c5c1 100644 --- a/drivers/crypto/sa2ul.c +++ b/drivers/crypto/sa2ul.c @@ -178,6 +178,38 @@ static u8 mci_cbc_dec_array[3][MODE_CONTROL_BYTES] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, }; +/* + * Mode Control Instructions for various Key lengths 128, 192, 256 + * For ECB (Electronic Code Book) mode for encryption + */ +static u8 mci_ecb_enc_array[3][27] = { + { 0x21, 0x00, 0x00, 0x80, 0x8a, 0x04, 0xb7, 0x90, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x21, 0x00, 0x00, 0x84, 0x8a, 0x04, 0xb7, 0x90, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x21, 0x00, 0x00, 0x88, 0x8a, 0x04, 0xb7, 0x90, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, +}; + +/* + * Mode Control Instructions for various Key lengths 128, 192, 256 + * For ECB (Electronic Code Book) mode for decryption + */ +static u8 mci_ecb_dec_array[3][27] = { + { 0x31, 0x00, 0x00, 0x80, 0x8a, 0x04, 0xb7, 0x90, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x31, 0x00, 0x00, 0x84, 0x8a, 0x04, 0xb7, 0x90, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x31, 0x00, 0x00, 0x88, 0x8a, 0x04, 0xb7, 0x90, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, +}; + /* * Perform 16 byte or 128 bit swizzling * The SA2UL Expects the security context to @@ -746,6 +778,26 @@ static int sa_aes_cbc_setkey(struct crypto_ablkcipher *tfm, const u8 *key, return sa_aes_setkey(tfm, key, keylen, ad); } +static int sa_aes_ecb_setkey(struct crypto_ablkcipher *tfm, const u8 *key, + unsigned int keylen) +{ + struct algo_data *ad = kzalloc(sizeof(*ad), GFP_KERNEL); + /* Convert the key size (16/24/32) to the key size index (0/1/2) */ + int key_idx = (keylen >> 3) - 2; + + ad->enc_eng.eng_id = SA_ENG_ID_EM1; + ad->enc_eng.sc_size = SA_CTX_ENC_TYPE1_SZ; + ad->auth_eng.eng_id = SA_ENG_ID_NONE; + ad->auth_eng.sc_size = 0; + ad->mci_enc = mci_ecb_enc_array[key_idx]; + ad->mci_dec = mci_ecb_dec_array[key_idx]; + ad->inv_key = true; + ad->ealg_id = SA_EALG_ID_AES_ECB; + ad->aalg_id = SA_AALG_ID_NONE; + + return sa_aes_setkey(tfm, key, keylen, ad); +} + static void sa_aes_dma_in_callback(void *data) { struct sa_rx_data *rxd = (struct sa_rx_data *)data; @@ -940,6 +992,30 @@ static struct sa_alg_tmpl sa_algs[] = { } } }, + { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, + .alg.crypto = { + .cra_name = "ecb(aes)", + .cra_driver_name = "ecb-aes-sa2ul", + .cra_priority = 30000, + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK, + .cra_blocksize = AES_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct sa_tfm_ctx), + .cra_alignmask = 0, + .cra_type = &crypto_ablkcipher_type, + .cra_module = THIS_MODULE, + .cra_init = sa_aes_cra_init, + .cra_exit = sa_aes_cra_exit, + .cra_u.ablkcipher = { + .min_keysize = AES_MIN_KEY_SIZE, + .max_keysize = AES_MAX_KEY_SIZE, + .setkey = sa_aes_ecb_setkey, + .encrypt = sa_aes_cbc_encrypt, + .decrypt = sa_aes_cbc_decrypt, + } + } + }, }; /* Register the algorithms in crypto framework */ From patchwork Tue Jun 18 12:08:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001489 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7E08676 for ; Tue, 18 Jun 2019 12:10:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6A07228856 for ; Tue, 18 Jun 2019 12:10:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5E36A287C5; Tue, 18 Jun 2019 12:10:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 74F1E28825 for ; Tue, 18 Jun 2019 12:10:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ITzEpTYb9B8c4/Lw5ymellfBJaIjme1i1SnwxIEft7k=; b=i/vbjBPAMc/D3k FgxJHM3pS48/QGmPS9dXXPvGdiQOCGiRct1Kwk6UUu/zW9S2J3gIfP/2kDdEqTc5d+49RqblJobZy 1Q/wmIICupLVmMzRQ31uaV+ta2unqJi3rupwSsL34IgjeD3LX/GCjdyIDZD1j5lJmqUhfCbcCOTfx vUw/Nses+4NCu7PE/c6o3nEo/roPH+pC6lsY2TTQkL4584SwLGaX8wQOse+3cSRGCgdnehyEhGKE0 4Ho9vCu6RMcpdCU9Nk21GOSBEaksOx741LjHye7zajcacqNszYQHDzIzJqfGGvGjeEQ8gsbIkrIWY EdXEAeJ2Y+ynkXO2pQRQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCwV-0005HS-8j; Tue, 18 Jun 2019 12:10:27 +0000 Received: from lelv0142.ext.ti.com ([198.47.23.249]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCuk-0002sw-Jn for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:08:44 +0000 Received: from lelv0265.itg.ti.com ([10.180.67.224]) by lelv0142.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8O25077651; Tue, 18 Jun 2019 07:08:24 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859704; bh=VsC3s4gKhKDhApUEmZP2ekNks9zqWKfU7WoBNB5XCpE=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=Skl8UHUvI2TFmEIxikpuMDDHnBEjVEMF/phQ/+sB/AGLcfNcYw3ZC6AUF/XKuWyyG fIOBt92yV7u4sSbJCTmqvqQQ1K6koQed/VI2XlYGHtL/2annsm0t2IPW+O5dmsLitk /+fvV5UaYRMKNwQO//lG0ep9WNRjmLkJduXil5nA= Received: from DLEE105.ent.ti.com (dlee105.ent.ti.com [157.170.170.35]) by lelv0265.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8OFF118529 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:24 -0500 Received: from DLEE101.ent.ti.com (157.170.170.31) by DLEE105.ent.ti.com (157.170.170.35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:24 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DLEE101.ent.ti.com (157.170.170.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:23 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89Gc080327; Tue, 18 Jun 2019 07:08:21 -0500 From: Keerthy To: , , Subject: [PATCH 04/10] crypto: sa2ul: Add aead support for hmac(sha1)cbc(aes) algorithm Date: Tue, 18 Jun 2019 17:38:37 +0530 Message-ID: <20190618120843.18777-5-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050838_847837_DF5728A5 X-CRM114-Status: GOOD ( 18.35 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Add aead support for hmac(sha1)cbc(aes) algorithm. Authenticated encryption (AE) and authenticated encryption with associated data (AEAD) is a form of encryption which simultaneously provides confidentiality, integrity, and authenticity assurances on the data. hmac(sha1) has a digest size of 20 bytes is used for authetication and AES in CBC mode is used in conjunction for encryption/decryption. Signed-off-by: Keerthy --- drivers/crypto/sa2ul.c | 402 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 402 insertions(+) diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c index a17c1f66c5c1..1a1bd882e0d2 100644 --- a/drivers/crypto/sa2ul.c +++ b/drivers/crypto/sa2ul.c @@ -228,6 +228,49 @@ static void sa_swiz_128(u8 *in, u16 len) } } +/* Prepare the ipad and opad from key as per SHA algorithm step 1*/ +static void prepare_kiopad(u8 *k_ipad, u8 *k_opad, const u8 *key, u16 key_sz) +{ + int i; + + for (i = 0; i < key_sz; i++) { + k_ipad[i] = key[i] ^ 0x36; + k_opad[i] = key[i] ^ 0x5c; + } + + /* Instead of XOR with 0 */ + for (; i < SHA_MESSAGE_BYTES; i++) { + k_ipad[i] = 0x36; + k_opad[i] = 0x5c; + } +} + +/* Generate HMAC-SHA1 intermediate Hash */ +static +void sa_hmac_sha1_get_pad(const u8 *key, u16 key_sz, u32 *ipad, u32 *opad) +{ + u32 ws[SHA_WORKSPACE_WORDS]; + u8 k_ipad[SHA_MESSAGE_BYTES]; + u8 k_opad[SHA_MESSAGE_BYTES]; + int i; + + prepare_kiopad(k_ipad, k_opad, key, key_sz); + + /* SHA-1 on k_ipad */ + sha_init(ipad); + sha_transform(ipad, k_ipad, ws); + + for (i = 0; i < SHA_DIGEST_WORDS; i++) + ipad[i] = cpu_to_be32(ipad[i]); + + /* SHA-1 on k_opad */ + sha_init(opad); + sha_transform(opad, k_opad, ws); + + for (i = 0; i < SHA_DIGEST_WORDS; i++) + opad[i] = cpu_to_be32(opad[i]); +} + /* Derive the inverse key used in AES-CBC decryption operation */ static inline int sa_aes_inv_key(u8 *inv_key, const u8 *key, u16 key_sz) { @@ -814,6 +857,45 @@ static void sa_aes_dma_in_callback(void *data) ablkcipher_request_complete(req, 0); } +static void sa_aead_dma_in_callback(void *data) +{ + struct sa_rx_data *rxd = (struct sa_rx_data *)data; + struct aead_request *req = (struct aead_request *)rxd->req; + struct crypto_aead *tfm = crypto_aead_reqtfm(req); + u32 *mdptr; + unsigned int start = req->assoclen + req->cryptlen; + unsigned int authsize = crypto_aead_authsize(tfm); + u8 auth_tag[SA_MAX_AUTH_TAG_SZ]; + int i, sglen, err = 0; + size_t pl, ml; + + mdptr = (u32 *)dmaengine_desc_get_metadata_ptr(rxd->tx_in, &pl, &ml); + for (i = 0; i < (authsize / 4); i++) + mdptr[i + 4] = htonl(mdptr[i + 4]); + + if (rxd->enc) { + scatterwalk_map_and_copy((void *)&mdptr[4], req->dst, + start, crypto_aead_authsize(tfm), 1); + } else { + start -= authsize; + scatterwalk_map_and_copy(auth_tag, req->src, + start, crypto_aead_authsize(tfm), 0); + + err = memcmp((void *)&mdptr[4], + auth_tag, authsize) ? -EBADMSG : 0; + } + + sglen = sg_nents_for_len(req->dst, req->cryptlen + authsize); + dma_unmap_sg(rxd->ddev, req->dst, sglen, DMA_FROM_DEVICE); + + sglen = sg_nents_for_len(req->src, req->assoclen + req->cryptlen); + dma_unmap_sg(rxd->ddev, req->src, sglen, DMA_TO_DEVICE); + + aead_request_complete(req, err); + + kfree(rxd); +} + static void sa_prepare_tx_desc(u32 *mdptr, u32 pslen, u32 *psdata, u32 epiblen, u32 *epib) { @@ -965,6 +1047,300 @@ static int sa_aes_cbc_decrypt(struct ablkcipher_request *req) return sa_aes_run(req, req->info, 0); } +static int sa_init_tfm(struct crypto_tfm *tfm) +{ + struct crypto_alg *alg = tfm->__crt_alg; + struct sa_tfm_ctx *ctx = crypto_tfm_ctx(tfm); + struct sa_crypto_data *data = dev_get_drvdata(sa_k3_dev); + int ret; + + if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_AEAD) { + memset(ctx, 0, sizeof(*ctx)); + ctx->dev_data = data; + + ret = sa_init_ctx_info(&ctx->enc, data); + if (ret) + return ret; + ret = sa_init_ctx_info(&ctx->dec, data); + if (ret) { + sa_free_ctx_info(&ctx->enc, data); + return ret; + } + } + + dev_dbg(sa_k3_dev, "%s(0x%p) sc-ids(0x%x(0x%pad), 0x%x(0x%pad))\n", + __func__, tfm, ctx->enc.sc_id, &ctx->enc.sc_phys, + ctx->dec.sc_id, &ctx->dec.sc_phys); + return 0; +} + +/* Algorithm init */ +static int sa_cra_init_aead(struct crypto_aead *tfm) +{ + return sa_init_tfm(crypto_aead_tfm(tfm)); +} + +/* Algorithm context teardown */ +static void sa_exit_tfm(struct crypto_tfm *tfm) +{ + struct crypto_alg *alg = tfm->__crt_alg; + struct sa_tfm_ctx *ctx = crypto_tfm_ctx(tfm); + struct sa_crypto_data *data = dev_get_drvdata(sa_k3_dev); + + dev_dbg(sa_k3_dev, "%s(0x%p) sc-ids(0x%x(0x%pad), 0x%x(0x%pad))\n", + __func__, tfm, ctx->enc.sc_id, &ctx->enc.sc_phys, + ctx->dec.sc_id, &ctx->dec.sc_phys); + + if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) + == CRYPTO_ALG_TYPE_AEAD) { + sa_free_ctx_info(&ctx->enc, data); + sa_free_ctx_info(&ctx->dec, data); + } +} + +static void sa_exit_tfm_aead(struct crypto_aead *tfm) +{ + return sa_exit_tfm(crypto_aead_tfm(tfm)); +} + +/* AEAD algorithm configuration interface function */ +static int sa_aead_setkey(struct crypto_aead *authenc, + const u8 *key, unsigned int keylen, + struct algo_data *ad) +{ + struct sa_tfm_ctx *ctx = crypto_aead_ctx(authenc); + struct crypto_authenc_keys keys; + + const char *cra_name; + int cmdl_len; + struct sa_cmdl_cfg cfg; + + if (crypto_authenc_extractkeys(&keys, key, keylen) != 0) + goto badkey; + + cra_name = crypto_tfm_alg_name(crypto_aead_tfm(authenc)); + + memset(&cfg, 0, sizeof(cfg)); + cfg.enc1st = 1; + cfg.aalg = ad->aalg_id; + cfg.enc_eng_id = ad->enc_eng.eng_id; + cfg.auth_eng_id = ad->auth_eng.eng_id; + cfg.iv_size = crypto_aead_ivsize(authenc); + cfg.akey = keys.authkey; + cfg.akey_len = keys.authkeylen; + + /* Setup Encryption Security Context & Command label template */ + if (sa_init_sc(&ctx->enc, keys.enckey, keys.enckeylen, + keys.authkey, keys.authkeylen, + ad, 1, &ctx->enc.epib[1], true)) + goto badkey; + + cmdl_len = sa_format_cmdl_gen(&cfg, + (u8 *)ctx->enc.cmdl, + &ctx->enc.cmdl_upd_info); + if (cmdl_len <= 0 || (cmdl_len > SA_MAX_CMDL_WORDS * sizeof(u32))) + goto badkey; + + ctx->enc.cmdl_size = cmdl_len; + + /* Setup Decryption Security Context & Command label template */ + if (sa_init_sc(&ctx->dec, keys.enckey, keys.enckeylen, + keys.authkey, keys.authkeylen, + ad, 0, &ctx->dec.epib[1], true)) + goto badkey; + + cfg.enc1st = 0; + cfg.enc_eng_id = ad->enc_eng.eng_id; + cmdl_len = sa_format_cmdl_gen(&cfg, (u8 *)ctx->dec.cmdl, + &ctx->dec.cmdl_upd_info); + + if (cmdl_len <= 0 || (cmdl_len > SA_MAX_CMDL_WORDS * sizeof(u32))) + goto badkey; + + ctx->dec.cmdl_size = cmdl_len; + + kfree(ad); + + return 0; + +badkey: + dev_err(sa_k3_dev, "%s: badkey\n", __func__); + return -EINVAL; +} + +static int sa_aead_cbc_sha1_setkey(struct crypto_aead *authenc, + const u8 *key, unsigned int keylen) +{ + struct algo_data *ad = kzalloc(sizeof(*ad), GFP_KERNEL); + struct crypto_authenc_keys keys; + int ret = 0, key_idx; + + ret = crypto_authenc_extractkeys(&keys, key, keylen); + if (ret) + return ret; + + /* Convert the key size (16/24/32) to the key size index (0/1/2) */ + key_idx = (keys.enckeylen >> 3) - 2; + ad->enc_eng.eng_id = SA_ENG_ID_EM1; + ad->enc_eng.sc_size = SA_CTX_ENC_TYPE1_SZ; + ad->auth_eng.eng_id = SA_ENG_ID_AM1; + ad->auth_eng.sc_size = SA_CTX_AUTH_TYPE2_SZ; + ad->mci_enc = mci_cbc_enc_array[key_idx]; + ad->mci_dec = mci_cbc_dec_array[key_idx]; + ad->inv_key = true; + ad->keyed_mac = true; + ad->ealg_id = SA_EALG_ID_AES_CBC; + ad->aalg_id = SA_AALG_ID_HMAC_SHA1; + ad->hash_size = SHA1_DIGEST_SIZE; + ad->auth_ctrl = 0x2; + ad->prep_iopad = sa_hmac_sha1_get_pad; + + return sa_aead_setkey(authenc, key, keylen, ad); +} + +static int sa_aead_run(struct aead_request *req, u8 *iv, int enc) +{ + struct crypto_aead *tfm = crypto_aead_reqtfm(req); + struct sa_tfm_ctx *ctx = crypto_aead_ctx(tfm); + struct sa_ctx_info *sa_ctx = enc ? &ctx->enc : &ctx->dec; + struct sa_rx_data *rxd; + struct dma_async_tx_descriptor *tx_in, *tx_out; + struct sa_crypto_data *pdata = dev_get_drvdata(sa_k3_dev); + struct sa_dma_req_ctx req_ctx; + u8 enc_offset; + int sg_nents, dst_nents; + int psdata_offset; + u8 auth_offset = 0; + u8 *auth_iv = NULL; + u8 *aad = NULL; + u8 aad_len = 0; + u16 enc_len; + u16 auth_len = 0; + u32 *mdptr; + u32 req_type; + struct dma_chan *dma_rx; + gfp_t flags; + size_t pl, ml; + struct device *ddev; + + flags = req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP ? + GFP_KERNEL : GFP_ATOMIC; + + if (enc) { + iv = (u8 *)(req->iv); + enc_offset = req->assoclen; + enc_len = req->cryptlen; + auth_len = req->assoclen + req->cryptlen; + } else { + enc_offset = req->assoclen; + enc_len = req->cryptlen - crypto_aead_authsize(tfm); + auth_len = req->assoclen + req->cryptlen - + crypto_aead_authsize(tfm); + } + + if (enc_len >= 256) + dma_rx = pdata->dma_rx2; + else + dma_rx = pdata->dma_rx1; + + ddev = dma_rx->device->dev; + /* Allocate descriptor & submit packet */ + sg_nents = sg_nents_for_len(req->src, enc_len + req->assoclen); + dst_nents = sg_nents_for_len(req->dst, enc_len + + crypto_aead_authsize(tfm)); + + memcpy(req_ctx.cmdl, sa_ctx->cmdl, sa_ctx->cmdl_size); + /* Update Command Label */ + sa_update_cmdl(sa_k3_dev, enc_offset, enc_len, + iv, auth_offset, auth_len, + auth_iv, aad_len, aad, + &sa_ctx->cmdl_upd_info, req_ctx.cmdl); + + /* + * Last 2 words in PSDATA will have the crypto alg type & + * crypto request pointer + */ + req_type = CRYPTO_ALG_TYPE_AEAD; + if (enc) + req_type |= (SA_REQ_SUBTYPE_ENC << SA_REQ_SUBTYPE_SHIFT); + else + req_type |= (SA_REQ_SUBTYPE_DEC << SA_REQ_SUBTYPE_SHIFT); + + psdata_offset = sa_ctx->cmdl_size / sizeof(u32); + + /* map the packet */ + req_ctx.src = req->src; + req_ctx.src_nents = dma_map_sg(ddev, req->src, + sg_nents, DMA_TO_DEVICE); + dst_nents = dma_map_sg(ddev, req->dst, + dst_nents, DMA_FROM_DEVICE); + + if (unlikely(req_ctx.src_nents != sg_nents)) { + dev_warn_ratelimited(sa_k3_dev, "failed to map tx pkt\n"); + return -EIO; + } + + req_ctx.dev_data = pdata; + req_ctx.pkt = true; + + dma_sync_sg_for_device(pdata->dev, req->src, req_ctx.src_nents, + DMA_TO_DEVICE); + + tx_in = dmaengine_prep_slave_sg(dma_rx, req->dst, dst_nents, + DMA_DEV_TO_MEM, + DMA_PREP_INTERRUPT | DMA_CTRL_ACK); + if (!tx_in) { + dev_err(pdata->dev, "IN prep_slave_sg() failed\n"); + return -EINVAL; + } + + rxd = kzalloc(sizeof(*rxd), GFP_KERNEL); + rxd->req = (void *)req; + rxd->enc = enc; + rxd->tx_in = tx_in; + rxd->ddev = ddev; + + /* IN */ + tx_in->callback = sa_aead_dma_in_callback; + tx_in->callback_param = rxd; + + tx_out = dmaengine_prep_slave_sg(pdata->dma_tx, req->src, + req_ctx.src_nents, DMA_MEM_TO_DEV, + DMA_PREP_INTERRUPT | DMA_CTRL_ACK); + if (!tx_out) { + dev_err(pdata->dev, "OUT prep_slave_sg() failed\n"); + return -EINVAL; + } + + mdptr = (u32 *)dmaengine_desc_get_metadata_ptr(tx_out, &pl, &ml); + + sa_prepare_tx_desc(mdptr, (sa_ctx->cmdl_size + (SA_PSDATA_CTX_WORDS * + sizeof(u32))), req_ctx.cmdl, + sizeof(sa_ctx->epib), sa_ctx->epib); + + ml = sa_ctx->cmdl_size + (SA_PSDATA_CTX_WORDS * sizeof(u32)); + dmaengine_desc_set_metadata_len(tx_out, 52); + + dmaengine_submit(tx_out); + dmaengine_submit(tx_in); + + dma_async_issue_pending(dma_rx); + dma_async_issue_pending(pdata->dma_tx); + return -EINPROGRESS; +} + +/* AEAD algorithm encrypt interface function */ +static int sa_aead_encrypt(struct aead_request *req) +{ + return sa_aead_run(req, req->iv, 1); +} + +/* AEAD algorithm decrypt interface function */ +static int sa_aead_decrypt(struct aead_request *req) +{ + return sa_aead_run(req, req->iv, 0); +} + static struct sa_alg_tmpl sa_algs[] = { {.type = CRYPTO_ALG_TYPE_ABLKCIPHER, .alg.crypto = { @@ -1016,6 +1392,32 @@ static struct sa_alg_tmpl sa_algs[] = { } } }, + /* AEAD algorithms */ + {.type = CRYPTO_ALG_TYPE_AEAD, + .alg.aead = { + .base = { + .cra_name = "authenc(hmac(sha1),cbc(aes))", + .cra_driver_name = + "authenc(hmac(sha1),cbc(aes))-keystone-sa", + .cra_blocksize = AES_BLOCK_SIZE, + .cra_flags = CRYPTO_ALG_TYPE_AEAD | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ASYNC, + .cra_ctxsize = sizeof(struct sa_tfm_ctx), + .cra_module = THIS_MODULE, + .cra_alignmask = 0, + .cra_priority = 3000, + }, + .ivsize = AES_BLOCK_SIZE, + .maxauthsize = SHA1_DIGEST_SIZE, + + .init = sa_cra_init_aead, + .exit = sa_exit_tfm_aead, + .setkey = sa_aead_cbc_sha1_setkey, + .encrypt = sa_aead_encrypt, + .decrypt = sa_aead_decrypt, + } + }, }; /* Register the algorithms in crypto framework */ From patchwork Tue Jun 18 12:08:38 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001493 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AC7F576 for ; Tue, 18 Jun 2019 12:11:11 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9C69628A62 for ; Tue, 18 Jun 2019 12:11:11 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 90E3928A6B; Tue, 18 Jun 2019 12:11:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 1FCE028A62 for ; Tue, 18 Jun 2019 12:11:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=gZEDa4jqm68eV+VAVmzKaNgJhkqh6oQSPViL/DqLLQw=; b=HzSKS+JMcHcyO5 EWfqDVfltiBVoVoXdsPLhlMvtfPPZyLwrPWZXz/YWMNMeYfXBmiVdmfO26kfiDus6IsFwu1vDMFx/ m81ExFt4lr0XFf7k5FpBHFDQih4rmOG8rN42oX93e6tJHOuclvkzEHnjCrz5VSC++lPh8U8v4cJ74 nJzyf+sm1zlNazTepwxEFu7Rle4ijhnnHERmaCZZkQMkS5FVNDvWj7Vo7IlxLA+f1ZeyKhbqMzjBR cT0yCeQf3f8Ze82S3YmmAWQ+j3AvC6Tk7TnaV+yEgUWa7UYf1QcoepzsS+zgdY0S/6NwRFO8bnkLa 7c2sUyebMGi09vtBn2EQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCxC-0005r4-7F; Tue, 18 Jun 2019 12:11:10 +0000 Received: from lelv0142.ext.ti.com ([198.47.23.249]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCum-0002uH-LD for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:08:46 +0000 Received: from lelv0266.itg.ti.com ([10.180.67.225]) by lelv0142.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8R1g077675; Tue, 18 Jun 2019 07:08:27 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859707; bh=+JcQY1LG9gNG3F7q1r1Itpd36WhWjpw9sV8+qyxk/l4=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=gtQ81my6PjsMMsQ1oL3pz2VY56VKMS6CaTsQjV6qgXXuvxxokS8ZYqKKGhbszV65e f/62OQXxXkUo7igM9TS95ojNbAZeXzMrnD0ifexTNuExUUjyA+mS3w0PuXDEA9vBn6 QoBY/1Y7Xk/rK2a895/mIegiP6habZAgPeAQfITg= Received: from DFLE103.ent.ti.com (dfle103.ent.ti.com [10.64.6.24]) by lelv0266.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8Rnu044677 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:27 -0500 Received: from DFLE106.ent.ti.com (10.64.6.27) by DFLE103.ent.ti.com (10.64.6.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:26 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DFLE106.ent.ti.com (10.64.6.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:26 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89Gd080327; Tue, 18 Jun 2019 07:08:24 -0500 From: Keerthy To: , , Subject: [PATCH 05/10] crypto: sha256_generic: Export the Transform function Date: Tue, 18 Jun 2019 17:38:38 +0530 Message-ID: <20190618120843.18777-6-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050840_998360_590E0592 X-CRM114-Status: GOOD ( 13.03 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP The transform function can be used as is by other crypto drivers that need to transform the 256 bit key using cpu. Hence export it. Signed-off-by: Keerthy --- crypto/sha256_generic.c | 3 ++- include/crypto/sha.h | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/sha256_generic.c b/crypto/sha256_generic.c index b7502a96a0d4..583a3c3b93e0 100644 --- a/crypto/sha256_generic.c +++ b/crypto/sha256_generic.c @@ -63,7 +63,7 @@ static inline void BLEND_OP(int I, u32 *W) W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; } -static void sha256_transform(u32 *state, const u8 *input) +void sha256_transform(u32 *state, const u8 *input) { u32 a, b, c, d, e, f, g, h, t1, t2; u32 W[64]; @@ -225,6 +225,7 @@ static void sha256_transform(u32 *state, const u8 *input) a = b = c = d = e = f = g = h = t1 = t2 = 0; memzero_explicit(W, 64 * sizeof(u32)); } +EXPORT_SYMBOL(sha256_transform); static void sha256_generic_block_fn(struct sha256_state *sst, u8 const *src, int blocks) diff --git a/include/crypto/sha.h b/include/crypto/sha.h index 8a46202b1857..6e04f412b0c2 100644 --- a/include/crypto/sha.h +++ b/include/crypto/sha.h @@ -95,6 +95,7 @@ struct sha512_state { struct shash_desc; +extern void sha256_transform(u32 *state, const u8 *input); extern int crypto_sha1_update(struct shash_desc *desc, const u8 *data, unsigned int len); From patchwork Tue Jun 18 12:08:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001491 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C6F3C76 for ; Tue, 18 Jun 2019 12:10:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B560F2899D for ; Tue, 18 Jun 2019 12:10:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A95F028A6D; Tue, 18 Jun 2019 12:10:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3C74D2899D for ; Tue, 18 Jun 2019 12:10:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=zmZOwzvrfZXItpTVEk2vd2P2xfuNooUjPBNZ3jiepVA=; b=bDH0s4iQZ9te/v pBraPiWN8UWwhTW81LomSRVQVuaxtw2794AAocfeEm10kbpyDumw2OjXpLYXkMmSEm2DOKGGjl13Q VyCBa0x6UHa/LRcY575xwoPwNuxJy8BV5BHK96CIRVP1MeWP8/GFlnUS9itTRSQmfxTdBzJzp21ai uR1ZS4WJGu1BlzQl96aqIk9lJnHfHtkE4fubYz4heGajRnKEbATV9X6p5AKEZ6ZcXZ8XzshKFnHT9 i4n8T/sW6tdRJm4kcn1usoWUUpqiudqXASrI2aCXIW8tF5Bpo+AsRGWg3IwDOjZEl68XKQJa6Jt8b gnK4EUppYwvloyhQoWKQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCwz-0005cR-7B; Tue, 18 Jun 2019 12:10:57 +0000 Received: from fllv0016.ext.ti.com ([198.47.19.142]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCum-0002uX-Bq for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:08:44 +0000 Received: from lelv0265.itg.ti.com ([10.180.67.224]) by fllv0016.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8UnA113879; Tue, 18 Jun 2019 07:08:30 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859710; bh=ZR7ExBieDCbC/Ll+RuC+Fd2NF0nFKFip1MVtigD4OPs=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=gKs5jP2etSElyYRibkzhSxdarZIKbirp9SGIhEfdoiU8JLsfMMdoWzkifuZpo+JyP HkWHYYiNIrp/ZhJ16Bxak3R3wJhrW1N3u2h0IW33PNZWxj1ReAZwvwfLUBXOEqQo2I e5xvBbU6TaKk4a4lkvH/jxtHLGCcg+ZEL2H6X9uE= Received: from DLEE106.ent.ti.com (dlee106.ent.ti.com [157.170.170.36]) by lelv0265.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8ULM118681 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:30 -0500 Received: from DLEE106.ent.ti.com (157.170.170.36) by DLEE106.ent.ti.com (157.170.170.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:29 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DLEE106.ent.ti.com (157.170.170.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:29 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89Ge080327; Tue, 18 Jun 2019 07:08:27 -0500 From: Keerthy To: , , Subject: [PATCH 06/10] crypto: sa2ul: Add hmac(sha256)cbc(aes) AEAD Algo support Date: Tue, 18 Jun 2019 17:38:39 +0530 Message-ID: <20190618120843.18777-7-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050840_560793_4AC6631F X-CRM114-Status: GOOD ( 14.10 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Add aead support for hmac(sha256)cbc(aes) algorithm. Authenticated encryption (AE) and authenticated encryption with associated data (AEAD) is a form of encryption which simultaneously provides confidentiality, integrity, and authenticity assurances on the data. hmac(sha256) has a digest size of 32 bytes is used for authetication and AES in CBC mode is used in conjunction for encryption/decryption. Signed-off-by: Keerthy --- drivers/crypto/sa2ul.c | 92 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c index 1a1bd882e0d2..9c9008e21867 100644 --- a/drivers/crypto/sa2ul.c +++ b/drivers/crypto/sa2ul.c @@ -271,6 +271,42 @@ void sa_hmac_sha1_get_pad(const u8 *key, u16 key_sz, u32 *ipad, u32 *opad) opad[i] = cpu_to_be32(opad[i]); } +void sha256_init(u32 *buf) +{ + buf[0] = SHA256_H0; + buf[1] = SHA256_H1; + buf[2] = SHA256_H2; + buf[3] = SHA256_H3; + buf[4] = SHA256_H4; + buf[5] = SHA256_H5; + buf[6] = SHA256_H6; + buf[7] = SHA256_H7; +} + +static void sa_hmac_sha256_get_pad(const u8 *key, u16 key_sz, u32 *ipad, + u32 *opad) +{ + u8 k_ipad[SHA_MESSAGE_BYTES]; + u8 k_opad[SHA_MESSAGE_BYTES]; + int i; + + prepare_kiopad(k_ipad, k_opad, key, key_sz); + + /* SHA-256 on k_ipad */ + sha256_init(ipad); + sha256_transform(ipad, k_ipad); + + for (i = 0; i < SHA256_DIGEST_WORDS; i++) + ipad[i] = cpu_to_be32(ipad[i]); + + /* SHA-256 on k_opad */ + sha256_init(opad); + sha256_transform(opad, k_opad); + + for (i = 0; i < SHA256_DIGEST_WORDS; i++) + opad[i] = cpu_to_be32(opad[i]); +} + /* Derive the inverse key used in AES-CBC decryption operation */ static inline int sa_aes_inv_key(u8 *inv_key, const u8 *key, u16 key_sz) { @@ -1198,6 +1234,37 @@ static int sa_aead_cbc_sha1_setkey(struct crypto_aead *authenc, return sa_aead_setkey(authenc, key, keylen, ad); } +static int sa_aead_cbc_sha256_setkey(struct crypto_aead *authenc, + const u8 *key, unsigned int keylen) +{ + struct algo_data *ad = kzalloc(sizeof(*ad), GFP_KERNEL); + struct crypto_authenc_keys keys; + int ret = 0, key_idx; + + ret = crypto_authenc_extractkeys(&keys, key, keylen); + if (ret) + return ret; + + /* Convert the key size (16/24/32) to the key size index (0/1/2) */ + key_idx = (keys.enckeylen >> 3) - 2; + + ad->enc_eng.eng_id = SA_ENG_ID_EM1; + ad->enc_eng.sc_size = SA_CTX_ENC_TYPE1_SZ; + ad->auth_eng.eng_id = SA_ENG_ID_AM1; + ad->auth_eng.sc_size = SA_CTX_AUTH_TYPE2_SZ; + ad->mci_enc = mci_cbc_enc_array[key_idx]; + ad->mci_dec = mci_cbc_dec_array[key_idx]; + ad->inv_key = true; + ad->keyed_mac = true; + ad->ealg_id = SA_EALG_ID_AES_CBC; + ad->aalg_id = SA_AALG_ID_HMAC_SHA2_256; + ad->hash_size = SHA256_DIGEST_SIZE; + ad->auth_ctrl = 0x4; + ad->prep_iopad = sa_hmac_sha256_get_pad; + + return sa_aead_setkey(authenc, key, keylen, ad); +} + static int sa_aead_run(struct aead_request *req, u8 *iv, int enc) { struct crypto_aead *tfm = crypto_aead_reqtfm(req); @@ -1418,6 +1485,31 @@ static struct sa_alg_tmpl sa_algs[] = { .decrypt = sa_aead_decrypt, } }, + {.type = CRYPTO_ALG_TYPE_AEAD, + .alg.aead = { + .base = { + .cra_name = "authenc(hmac(sha256),cbc(aes))", + .cra_driver_name = + "authenc(hmac(sha256),cbc(aes))-keystone-sa", + .cra_blocksize = AES_BLOCK_SIZE, + .cra_flags = CRYPTO_ALG_TYPE_AEAD | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ASYNC, + .cra_ctxsize = sizeof(struct sa_tfm_ctx), + .cra_module = THIS_MODULE, + .cra_alignmask = 0, + .cra_priority = 3000, + }, + .ivsize = AES_BLOCK_SIZE, + .maxauthsize = SHA256_DIGEST_SIZE, + + .init = sa_cra_init_aead, + .exit = sa_exit_tfm_aead, + .setkey = sa_aead_cbc_sha256_setkey, + .encrypt = sa_aead_encrypt, + .decrypt = sa_aead_decrypt, + } + }, }; /* Register the algorithms in crypto framework */ From patchwork Tue Jun 18 12:08:40 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001497 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 36275924 for ; Tue, 18 Jun 2019 12:11:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 242A028A68 for ; Tue, 18 Jun 2019 12:11:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1100428A6E; Tue, 18 Jun 2019 12:11:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3D71728A6C for ; Tue, 18 Jun 2019 12:11:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=2NKcTTsyvlJ1ZwoKeGCYOO75JErrMcgoKfZd3aOiIkM=; b=r5hqagYCfCtCB8 J/XHSA0QwcLVdaiiYpmIQKGFJRJERoaRaOnIA/LBpoyCYgb4L2q7uRaLTnMKZBYiMo4m+G7xWrsug VoGJYYXx354/Y8rhiJyfz66MDxvm+7oq2+5jO6UGNxojiF/drJjmAHetbzNQQarxyBTZTLbCMqxVc TP5QZzLJZoY4YwN/wnKRjuyfbpYk92Wj4l1/OOW97rDyXboP5EVPB/xpTOObHJAfIWILwlTwRYS88 5J04h+1ieHZct9fRJPTtO0E7+Vrt6vKf9pQjfVEP3TZ+OZkfmwvaudGva72VOLsRdCXugfCaNEpwI fszVFszBt0Sg/sDzxwww==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCxv-0006aF-AY; Tue, 18 Jun 2019 12:11:55 +0000 Received: from fllv0015.ext.ti.com ([198.47.19.141]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCut-0002zN-MH for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:08:50 +0000 Received: from lelv0265.itg.ti.com ([10.180.67.224]) by fllv0015.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8X3D030702; Tue, 18 Jun 2019 07:08:33 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859713; bh=DSA/ZAIZgUYuQAI7wUCealzIjACaDYkjfETlnAsTImY=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=sd172sM+q7w/isCTNzrhnXC1zsvy9G6lPCLU7aYUhCIcz4bC+cbo3MzyufxVUihWx amh68nDDvrAJ3Jineb+LxYI8BIVh49169omzy2afr/j0OWRAdz4xPWt03kktbMDXp6 bYeriqkssvuyni+QVKrzdNlOHdUtNXNwOffXZgDA= Received: from DLEE104.ent.ti.com (dlee104.ent.ti.com [157.170.170.34]) by lelv0265.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8X4r118720 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:33 -0500 Received: from DLEE107.ent.ti.com (157.170.170.37) by DLEE104.ent.ti.com (157.170.170.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:32 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DLEE107.ent.ti.com (157.170.170.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:32 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89Gf080327; Tue, 18 Jun 2019 07:08:30 -0500 From: Keerthy To: , , Subject: [PATCH 07/10] crypto: sa2ul: Add hmac(sha1) HMAC algorithm support Date: Tue, 18 Jun 2019 17:38:40 +0530 Message-ID: <20190618120843.18777-8-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050847_920740_0C6A8D30 X-CRM114-Status: GOOD ( 17.92 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP HMAC hash-based message authentication code) is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key. It may be used to simultaneously verify both the data integrity and the authentication of a message, as with any MAC. Add hmac(sha1) HMAC algorithm support and the message digest size is 20 bytes. Signed-off-by: Keerthy --- drivers/crypto/sa2ul.c | 347 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 347 insertions(+) diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c index 9c9008e21867..e3a1321f0666 100644 --- a/drivers/crypto/sa2ul.c +++ b/drivers/crypto/sa2ul.c @@ -1408,6 +1408,307 @@ static int sa_aead_decrypt(struct aead_request *req) return sa_aead_run(req, req->iv, 0); } +static int sa_sham_cra_init_alg(struct crypto_tfm *tfm, const char *alg_base) +{ + struct sa_tfm_ctx *ctx = crypto_tfm_ctx(tfm); + struct crypto_alg *alg = tfm->__crt_alg; + struct sa_crypto_data *data = dev_get_drvdata(sa_k3_dev); + int ret; + + if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == + CRYPTO_ALG_TYPE_AHASH) { + memset(ctx, 0, sizeof(*ctx)); + ctx->dev_data = data; + ret = sa_init_ctx_info(&ctx->enc, data); + if (ret) + return ret; + } + + if (alg_base) { + ctx->shash = crypto_alloc_shash(alg_base, 0, + CRYPTO_ALG_NEED_FALLBACK); + if (IS_ERR(ctx->shash)) { + pr_err("base driver %s couldn't be loaded\n", alg_base); + return PTR_ERR(ctx->shash); + } + } + + dev_dbg(sa_k3_dev, "%s(0x%p) sc-ids(0x%x(0x%pad), 0x%x(0x%pad))\n", + __func__, tfm, ctx->enc.sc_id, &ctx->enc.sc_phys, + ctx->dec.sc_id, &ctx->dec.sc_phys); + + crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm), + sizeof(struct sa_dma_req_ctx) + + SHA512_BLOCK_SIZE); + + return 0; +} + +static void sa_sham_dma_in_callback(void *data) +{ + struct sa_rx_data *rxd = (struct sa_rx_data *)data; + struct ahash_request *req = (struct ahash_request *)rxd->req; + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); + unsigned int authsize = crypto_ahash_digestsize(tfm); + int i, sg_nents; + size_t ml, pl; + u32 *mdptr, *result; + + mdptr = (u32 *)dmaengine_desc_get_metadata_ptr(rxd->tx_in, &pl, &ml); + result = (u32 *)req->result; + + kfree(rxd); + + for (i = 0; i < (authsize / 4); i++) + result[i] = htonl(mdptr[i + 4]); + + sg_nents = sg_nents_for_len(req->src, req->nbytes); + dma_unmap_sg(rxd->ddev, req->src, sg_nents, DMA_FROM_DEVICE); + + ahash_request_complete(req, 0); + + kfree(rxd); +} + +static int sa_sham_digest(struct ahash_request *req) +{ + struct sa_tfm_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req)); + struct sa_ctx_info *sa_ctx = &ctx->enc; + struct dma_async_tx_descriptor *tx_in, *tx_out; + struct sa_crypto_data *pdata = dev_get_drvdata(sa_k3_dev); + struct sa_dma_req_ctx req_ctx; + struct sa_rx_data *rxd; + u8 enc_offset; + int sg_nents; + int psdata_offset; + u8 auth_offset = 0; + u8 *auth_iv = NULL; + u8 *aad = NULL; + u8 aad_len = 0; + u16 enc_len; + u16 auth_len = 0; + u32 req_type; + u32 *mdptr; + struct dma_chan *dma_rx; + gfp_t flags; + size_t pl, ml; + struct device *ddev; + + flags = req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP ? + GFP_KERNEL : GFP_ATOMIC; + enc_len = 0; + auth_len = req->nbytes; + enc_offset = 0; + + if (enc_len > 256) + dma_rx = pdata->dma_rx2; + else + dma_rx = pdata->dma_rx1; + + ddev = dma_rx->device->dev; + /* Allocate descriptor & submit packet */ + sg_nents = sg_nents_for_len(req->src, req->nbytes); + + memcpy(req_ctx.cmdl, sa_ctx->cmdl, sa_ctx->cmdl_size); + /* Update Command Label */ + sa_update_cmdl(sa_k3_dev, enc_offset, enc_len, + NULL, auth_offset, auth_len, + auth_iv, aad_len, aad, + &sa_ctx->cmdl_upd_info, req_ctx.cmdl); + + /* + * Last 2 words in PSDATA will have the crypto alg type & + * crypto request pointer + */ + req_type = CRYPTO_ALG_TYPE_AHASH; + + psdata_offset = sa_ctx->cmdl_size / sizeof(u32); + req_ctx.cmdl[psdata_offset++] = req_type; + + /* map the packet */ + req_ctx.src = req->src; + req_ctx.src_nents = dma_map_sg(ddev, req->src, sg_nents, DMA_TO_DEVICE); + + if (unlikely(req_ctx.src_nents != sg_nents)) { + dev_warn_ratelimited(sa_k3_dev, "failed to map tx pkt\n"); + return -EIO; + } + + req_ctx.dev_data = pdata; + req_ctx.pkt = true; + + dma_sync_sg_for_device(pdata->dev, req->src, req_ctx.src_nents, + DMA_TO_DEVICE); + + tx_in = dmaengine_prep_slave_sg(dma_rx, req->src, req_ctx.src_nents, + DMA_DEV_TO_MEM, + DMA_PREP_INTERRUPT | DMA_CTRL_ACK); + if (!tx_in) { + dev_err(pdata->dev, "IN prep_slave_sg() failed\n"); + return -EINVAL; + } + + rxd = kzalloc(sizeof(*rxd), GFP_KERNEL); + rxd->req = (void *)req; + rxd->tx_in = tx_in; + rxd->ddev = ddev; + tx_in->callback = sa_sham_dma_in_callback; + tx_in->callback_param = rxd; + + tx_out = dmaengine_prep_slave_sg(pdata->dma_tx, req->src, + req_ctx.src_nents, DMA_MEM_TO_DEV, + DMA_PREP_INTERRUPT | DMA_CTRL_ACK); + if (!tx_out) { + dev_err(pdata->dev, "OUT prep_slave_sg() failed\n"); + return -EINVAL; + } + + mdptr = (u32 *)dmaengine_desc_get_metadata_ptr(tx_out, &pl, &ml); + sa_prepare_tx_desc(mdptr, (sa_ctx->cmdl_size + (SA_PSDATA_CTX_WORDS * + sizeof(u32))), req_ctx.cmdl, + sizeof(sa_ctx->epib), sa_ctx->epib); + + dmaengine_desc_set_metadata_len(tx_out, 28); + + dmaengine_submit(tx_out); + dmaengine_submit(tx_in); + + dma_async_issue_pending(dma_rx); + dma_async_issue_pending(pdata->dma_tx); + + return -EINPROGRESS; +} + +static int sa_sham_init(struct ahash_request *req) +{ + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); + + dev_dbg(sa_k3_dev, "init: digest size: %d\n", + crypto_ahash_digestsize(tfm)); + + return 0; +} + +static int sa_sham_shash_digest(struct crypto_shash *tfm, u32 flags, + const u8 *data, unsigned int len, u8 *out) +{ + SHASH_DESC_ON_STACK(shash, tfm); + + shash->tfm = tfm; + + return crypto_shash_digest(shash, data, len, out); +} + +static int sa_sham_setkey(struct crypto_ahash *tfm, const u8 *key, + unsigned int keylen, struct algo_data *ad) +{ + struct sa_tfm_ctx *ctx = crypto_ahash_ctx(tfm); + int bs = crypto_shash_blocksize(ctx->shash); + int ds = crypto_shash_digestsize(ctx->shash); + int cmdl_len; + struct sa_cmdl_cfg cfg; + int err; + + if (keylen > bs) { + err = sa_sham_shash_digest(ctx->shash, + crypto_shash_get_flags(ctx->shash), + key, keylen, ctx->authkey); + if (err) + return err; + keylen = ds; + } else { + memcpy(ctx->authkey, key, keylen); + } + + memset(ctx->authkey + keylen, 0, bs - keylen); + memset(&cfg, 0, sizeof(cfg)); + cfg.enc1st = 0; + cfg.aalg = ad->aalg_id; + cfg.enc_eng_id = ad->enc_eng.eng_id; + cfg.auth_eng_id = ad->auth_eng.eng_id; + cfg.iv_size = 0; + cfg.akey = ctx->authkey; + cfg.akey_len = keylen; + + /* Setup Encryption Security Context & Command label template */ + if (sa_init_sc(&ctx->enc, NULL, 0, ctx->authkey, keylen, ad, 0, + &ctx->enc.epib[1], true)) + goto badkey; + + cmdl_len = sa_format_cmdl_gen(&cfg, + (u8 *)ctx->enc.cmdl, + &ctx->enc.cmdl_upd_info); + if (cmdl_len <= 0 || (cmdl_len > SA_MAX_CMDL_WORDS * sizeof(u32))) + goto badkey; + + ctx->enc.cmdl_size = cmdl_len; + + kfree(ad); + + return 0; +badkey: + dev_err(sa_k3_dev, "%s: badkey\n", __func__); + return -EINVAL; +} + +static int sa_sham_sha1_setkey(struct crypto_ahash *tfm, const u8 *key, + unsigned int keylen) +{ + struct algo_data *ad = kzalloc(sizeof(*ad), GFP_KERNEL); + + ad->enc_eng.eng_id = SA_ENG_ID_NONE; + ad->enc_eng.sc_size = SA_CTX_ENC_TYPE1_SZ; + ad->auth_eng.eng_id = SA_ENG_ID_AM1; + ad->auth_eng.sc_size = SA_CTX_AUTH_TYPE2_SZ; + ad->mci_enc = NULL; + ad->mci_dec = NULL; + ad->inv_key = false; + ad->keyed_mac = true; + ad->ealg_id = SA_EALG_ID_NONE; + ad->aalg_id = SA_AALG_ID_HMAC_SHA1; + ad->hash_size = SHA1_DIGEST_SIZE; + ad->auth_ctrl = 0x2; + ad->prep_iopad = sa_hmac_sha1_get_pad; + + return sa_sham_setkey(tfm, key, keylen, ad); +} + +static int sa_sham_cra_sha1_init(struct crypto_tfm *tfm) +{ + return sa_sham_cra_init_alg(tfm, "sha1"); +} + +static void sa_sham_cra_exit(struct crypto_tfm *tfm) +{ + struct crypto_alg *alg = tfm->__crt_alg; + struct sa_tfm_ctx *ctx = crypto_tfm_ctx(tfm); + struct sa_crypto_data *data = dev_get_drvdata(sa_k3_dev); + + dev_dbg(sa_k3_dev, "%s(0x%p) sc-ids(0x%x(0x%pad), 0x%x(0x%pad))\n", + __func__, tfm, ctx->enc.sc_id, &ctx->enc.sc_phys, + ctx->dec.sc_id, &ctx->dec.sc_phys); + + if ((alg->cra_flags & CRYPTO_ALG_TYPE_AHASH) + == CRYPTO_ALG_TYPE_AHASH) { + sa_free_ctx_info(&ctx->enc, data); + } +} + +static int sa_sham_update(struct ahash_request *req) +{ + return -ENOTSUPP; +} + +static int sa_sham_final(struct ahash_request *req) +{ + return sa_sham_digest(req); +} + +static int sa_sham_finup(struct ahash_request *req) +{ + return sa_sham_digest(req); +} + static struct sa_alg_tmpl sa_algs[] = { {.type = CRYPTO_ALG_TYPE_ABLKCIPHER, .alg.crypto = { @@ -1512,6 +1813,34 @@ static struct sa_alg_tmpl sa_algs[] = { }, }; +static struct ahash_alg algs_sha[] = { +{ + .init = sa_sham_init, + .update = sa_sham_update, + .final = sa_sham_final, + .finup = sa_sham_finup, + .digest = sa_sham_digest, + .setkey = sa_sham_sha1_setkey, + .halg.digestsize = SHA1_DIGEST_SIZE, + .halg.statesize = 128, + .halg.base = { + .cra_name = "hmac(sha1)", + .cra_driver_name = "sa-hmac-sha1", + .cra_priority = 400, + .cra_flags = CRYPTO_ALG_TYPE_AHASH | + CRYPTO_ALG_ASYNC | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_NEED_FALLBACK, + .cra_blocksize = SHA1_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct sa_tfm_ctx), + .cra_alignmask = SA_ALIGN_MASK, + .cra_module = THIS_MODULE, + .cra_init = sa_sham_cra_sha1_init, + .cra_exit = sa_sham_cra_exit, + } +}, +}; + /* Register the algorithms in crypto framework */ void sa_register_algos(const struct device *dev) { @@ -1539,6 +1868,15 @@ void sa_register_algos(const struct device *dev) else sa_algs[i].registered = 1; } + + num_algs = ARRAY_SIZE(algs_sha); + for (i = 0; i < num_algs; i++) { + alg_name = algs_sha[i].halg.base.cra_name; + err = crypto_register_ahash(&algs_sha[i]); + if (err) + dev_err(dev, "Failed to register '%s'\n", + alg_name); + } } /* Unregister the algorithms in crypto framework */ @@ -1560,6 +1898,15 @@ void sa_unregister_algos(const struct device *dev) sa_algs[i].registered = 0; } + + num_algs = ARRAY_SIZE(algs_sha); + for (i = 0; i < num_algs; i++) { + alg_name = algs_sha[i].halg.base.cra_name; + err = crypto_unregister_ahash(&algs_sha[i]); + if (err) + dev_err(dev, "Failed to register '%s'\n", + alg_name); + } } static int sa_init_mem(struct sa_crypto_data *dev_data) From patchwork Tue Jun 18 12:08:41 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001495 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2650E924 for ; Tue, 18 Jun 2019 12:11:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1665B286F7 for ; Tue, 18 Jun 2019 12:11:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 0A61A28A68; Tue, 18 Jun 2019 12:11:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 96A6728A69 for ; Tue, 18 Jun 2019 12:11:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=/LTuKw5MdxRGQa+mjeOnh+D22c5DU25tk22LXfzwuGA=; b=lqkKMWoNT4EEv9 vtCo37AdVPmWFXDj1wtiyxSao4TpWoHXGG9VRv+Ltlz85b9FBGFPpzNW/uJ3TgpuV3FFS4QCGmeRG yT1FzMId+FBygZtBVZbuB3Ii1xk1ImXar4Dg73FYBaTrO3zOsXfsGItafQd1XmbO3a+K6Md+G9vot 4QmaFnVcSs87L9Kn5Mg0udUcvS8hHsSc+Q6D9uMts96lpf835NM0TptkKyYgSamFES5DnqctY5bEG 4pvU1Harf7lCtreHf6qW2fVjw0VcnMu129wlYPCxQ/Ag9byPmW4MaCJu1vu+wv3eHj/BqXdzjOVN6 Y+yel/5IvetIRCywdfGg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCxf-00069l-6K; Tue, 18 Jun 2019 12:11:39 +0000 Received: from lelv0142.ext.ti.com ([198.47.23.249]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCut-0002zQ-CS for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:08:49 +0000 Received: from lelv0265.itg.ti.com ([10.180.67.224]) by lelv0142.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8a9h077759; Tue, 18 Jun 2019 07:08:36 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859716; bh=/ijk8DpdTXuEeYYGPNYsSxzYzytlXm+I5jpGlL0+qTk=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=LDzajFXWXfu3zToEFf0AD9ILaK44jvMl0hVz6HGEZ7eGjIAd9DOLMLuvGRTqH4aGg ntvw+ifK3Du+HTkcxH0fzZi4O/SR2ocb9mlFZ5LXJl7RIj0OH4qeUvSwJc4/T1cOAS jwLWbrTU9Zid6Dmhd244cmiazREK8VhqHPgHHLHQ= Received: from DFLE103.ent.ti.com (dfle103.ent.ti.com [10.64.6.24]) by lelv0265.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8a6E118769 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:36 -0500 Received: from DFLE102.ent.ti.com (10.64.6.23) by DFLE103.ent.ti.com (10.64.6.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:35 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DFLE102.ent.ti.com (10.64.6.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:35 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89Gg080327; Tue, 18 Jun 2019 07:08:33 -0500 From: Keerthy To: , , Subject: [PATCH 08/10] crypto: sa2ul: Add hmac(sha256) HMAC algorithm support Date: Tue, 18 Jun 2019 17:38:41 +0530 Message-ID: <20190618120843.18777-9-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050847_527772_AC73F5EC X-CRM114-Status: GOOD ( 13.68 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP HMAC hash-based message authentication code) is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key. It may be used to simultaneously verify both the data integrity and the authentication of a message, as with any MAC. Add hmac(sha256) HMAC algorithm support and the message digest size is 32 bytes. Signed-off-by: Keerthy --- drivers/crypto/sa2ul.c | 52 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c index e3a1321f0666..74211cd21c62 100644 --- a/drivers/crypto/sa2ul.c +++ b/drivers/crypto/sa2ul.c @@ -1673,11 +1673,38 @@ static int sa_sham_sha1_setkey(struct crypto_ahash *tfm, const u8 *key, return sa_sham_setkey(tfm, key, keylen, ad); } +static int sa_sham_sha256_setkey(struct crypto_ahash *tfm, const u8 *key, + unsigned int keylen) +{ + struct algo_data *ad = kzalloc(sizeof(*ad), GFP_KERNEL); + + ad->enc_eng.eng_id = SA_ENG_ID_NONE; + ad->enc_eng.sc_size = SA_CTX_ENC_TYPE1_SZ; + ad->auth_eng.eng_id = SA_ENG_ID_AM1; + ad->auth_eng.sc_size = SA_CTX_AUTH_TYPE2_SZ; + ad->mci_enc = NULL; + ad->mci_dec = NULL; + ad->inv_key = false; + ad->keyed_mac = true; + ad->ealg_id = SA_EALG_ID_NONE; + ad->aalg_id = SA_AALG_ID_HMAC_SHA2_256; + ad->hash_size = SHA256_DIGEST_SIZE; + ad->auth_ctrl = 0x4; + ad->prep_iopad = sa_hmac_sha256_get_pad; + + return sa_sham_setkey(tfm, key, keylen, ad); +} + static int sa_sham_cra_sha1_init(struct crypto_tfm *tfm) { return sa_sham_cra_init_alg(tfm, "sha1"); } +static int sa_sham_cra_sha256_init(struct crypto_tfm *tfm) +{ + return sa_sham_cra_init_alg(tfm, "sha256"); +} + static void sa_sham_cra_exit(struct crypto_tfm *tfm) { struct crypto_alg *alg = tfm->__crt_alg; @@ -1839,6 +1866,31 @@ static struct ahash_alg algs_sha[] = { .cra_exit = sa_sham_cra_exit, } }, +{ + .init = sa_sham_init, + .update = sa_sham_update, + .final = sa_sham_final, + .finup = sa_sham_finup, + .digest = sa_sham_digest, + .setkey = sa_sham_sha256_setkey, + .halg.digestsize = SHA256_DIGEST_SIZE, + .halg.statesize = 128, + .halg.base = { + .cra_name = "hmac(sha256)", + .cra_driver_name = "sa-hmac-sha256", + .cra_priority = 400, + .cra_flags = CRYPTO_ALG_TYPE_AHASH | + CRYPTO_ALG_ASYNC | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_NEED_FALLBACK, + .cra_blocksize = SHA256_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct sa_tfm_ctx), + .cra_alignmask = SA_ALIGN_MASK, + .cra_module = THIS_MODULE, + .cra_init = sa_sham_cra_sha256_init, + .cra_exit = sa_sham_cra_exit, + } +}, }; /* Register the algorithms in crypto framework */ From patchwork Tue Jun 18 12:08:42 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001499 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 723A776 for ; Tue, 18 Jun 2019 12:12:24 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5EB0028755 for ; Tue, 18 Jun 2019 12:12:24 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 51EE228A69; Tue, 18 Jun 2019 12:12:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id C486428755 for ; Tue, 18 Jun 2019 12:12:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=DxZ5Rx90ROrj9DFR4ghW58832fiiVxnW9jV0dmca+iU=; b=FOaYmi5qZQlGwh xg+aGaDsD8lLzoXqiAdThBbmDxPSdSemxTVO9fGSjFdp6V/Tw/4RuVg9oknjq4dTGyxUy3tiSPah4 w5s8UTb5LPhr0D4gpSXXswYgmRzaT2ukv2RYeWSQhY8g/PUhTxiF2FSuVFIu3Y4caDGj/ZenKXiz5 grc+WYCKcqOnxjRlHjORtIUfeuyWE09ekoJ9n11hnA8bWQ5p6mSYVMhB6CXvEULuMN6BIHzO9ZCvc lXwLGcd3voiv7OOP/7qtl1ko4OwVaNveWU31YPmxpKE7qiRnu8eWwTI0pvG28zqKOzoCma8ZrA5DK aFaqsLo9DWewmdSkG19Q==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCyE-0006on-D1; Tue, 18 Jun 2019 12:12:14 +0000 Received: from fllv0016.ext.ti.com ([198.47.19.142]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCuy-00032K-3L for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:08:53 +0000 Received: from lelv0266.itg.ti.com ([10.180.67.225]) by fllv0016.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8d0f113933; Tue, 18 Jun 2019 07:08:39 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859719; bh=0zvb4oMtQmrHpjjM5stcwnynpmyBJnr20M+fOpeBneo=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=OCJu9kbhQSQ1dpYRGmJpw6cCKtJPT/B+ajMbj54MXVg0IYCXbG5GdytaDmZNQmaAB eitykPeQqa9FSnuD9z0/Ax8AGBLoZULXRrY1+1tZu00u8QGGMe5cHcPRxurnqpIBSQ J5qimvMiRm/UB775XFF1S9lTDlSdufTlEjhOXg5M= Received: from DLEE107.ent.ti.com (dlee107.ent.ti.com [157.170.170.37]) by lelv0266.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8dqk044879 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:39 -0500 Received: from DLEE114.ent.ti.com (157.170.170.25) by DLEE107.ent.ti.com (157.170.170.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:38 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DLEE114.ent.ti.com (157.170.170.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:38 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89Gh080327; Tue, 18 Jun 2019 07:08:36 -0500 From: Keerthy To: , , Subject: [PATCH 09/10] sa2ul: Add 3DES ECB & CBC Mode support Date: Tue, 18 Jun 2019 17:38:42 +0530 Message-ID: <20190618120843.18777-10-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050852_235210_8D11D111 X-CRM114-Status: GOOD ( 12.38 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Triple DES (3DES), officially the Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block Add 3DES ECB(Electronic code book) & CBC(Cipher Block Chaining) Mode support. Signed-off-by: Keerthy --- drivers/crypto/sa2ul.c | 112 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+) diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c index 74211cd21c62..8d535fc9867f 100644 --- a/drivers/crypto/sa2ul.c +++ b/drivers/crypto/sa2ul.c @@ -210,6 +210,35 @@ static u8 mci_ecb_dec_array[3][27] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, }; +/* + * Mode Control Instructions for DES algorithm + * For CBC (Cipher Block Chaining) mode and ECB mode + * encryption and for decryption respectively + */ +static u8 mci_cbc_3des_enc_array[MODE_CONTROL_BYTES] = { + 0x20, 0x00, 0x00, 0x18, 0x88, 0x52, 0xaa, 0x4b, 0x7e, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, +}; + +static u8 mci_cbc_3des_dec_array[MODE_CONTROL_BYTES] = { + 0x30, 0x00, 0x00, 0x85, 0x0a, 0xca, 0x98, 0xf4, 0x40, 0xc0, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, +}; + +static u8 mci_ecb_3des_enc_array[MODE_CONTROL_BYTES] = { + 0x20, 0x00, 0x00, 0x85, 0x0a, 0x04, 0xb7, 0x90, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, +}; + +static u8 mci_ecb_3des_dec_array[MODE_CONTROL_BYTES] = { + 0x30, 0x00, 0x00, 0x85, 0x0a, 0x04, 0xb7, 0x90, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, +}; + /* * Perform 16 byte or 128 bit swizzling * The SA2UL Expects the security context to @@ -877,6 +906,39 @@ static int sa_aes_ecb_setkey(struct crypto_ablkcipher *tfm, const u8 *key, return sa_aes_setkey(tfm, key, keylen, ad); } +static int sa_3des_cbc_setkey(struct crypto_ablkcipher *tfm, const u8 *key, + unsigned int keylen) +{ + struct algo_data *ad = kzalloc(sizeof(*ad), GFP_KERNEL); + + ad->enc_eng.eng_id = SA_ENG_ID_EM1; + ad->enc_eng.sc_size = SA_CTX_ENC_TYPE1_SZ; + ad->auth_eng.eng_id = SA_ENG_ID_NONE; + ad->auth_eng.sc_size = 0; + ad->mci_enc = mci_cbc_3des_enc_array; + ad->mci_dec = mci_cbc_3des_dec_array; + ad->ealg_id = SA_EALG_ID_3DES_CBC; + ad->aalg_id = SA_AALG_ID_NONE; + + return sa_aes_setkey(tfm, key, keylen, ad); +} + +static int sa_3des_ecb_setkey(struct crypto_ablkcipher *tfm, const u8 *key, + unsigned int keylen) +{ + struct algo_data *ad = kzalloc(sizeof(*ad), GFP_KERNEL); + + ad->enc_eng.eng_id = SA_ENG_ID_EM1; + ad->enc_eng.sc_size = SA_CTX_ENC_TYPE1_SZ; + ad->auth_eng.eng_id = SA_ENG_ID_NONE; + ad->auth_eng.sc_size = 0; + ad->mci_enc = mci_ecb_3des_enc_array; + ad->mci_dec = mci_ecb_3des_dec_array; + ad->aalg_id = SA_AALG_ID_NONE; + + return sa_aes_setkey(tfm, key, keylen, ad); +} + static void sa_aes_dma_in_callback(void *data) { struct sa_rx_data *rxd = (struct sa_rx_data *)data; @@ -1787,6 +1849,56 @@ static struct sa_alg_tmpl sa_algs[] = { } } }, + { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, + .alg.crypto = { + .cra_name = "cbc(des3_ede)", + .cra_driver_name = "cbc-des3-sa2ul", + .cra_priority = 30000, + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK, + .cra_blocksize = DES_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct sa_tfm_ctx), + .cra_alignmask = 0, + .cra_type = &crypto_ablkcipher_type, + .cra_module = THIS_MODULE, + .cra_init = sa_aes_cra_init, + .cra_exit = sa_aes_cra_exit, + .cra_u.ablkcipher = { + .min_keysize = 3 * DES_KEY_SIZE, + .max_keysize = 3 * DES_KEY_SIZE, + .ivsize = DES_BLOCK_SIZE, + .setkey = sa_3des_cbc_setkey, + .encrypt = sa_aes_cbc_encrypt, + .decrypt = sa_aes_cbc_decrypt, + } + } + }, + { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, + .alg.crypto = { + .cra_name = "ecb(des3_ede)", + .cra_driver_name = "ecb-des3-sa2ul", + .cra_priority = 30000, + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK, + .cra_blocksize = DES_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct sa_tfm_ctx), + .cra_alignmask = 0, + .cra_type = &crypto_ablkcipher_type, + .cra_module = THIS_MODULE, + .cra_init = sa_aes_cra_init, + .cra_exit = sa_aes_cra_exit, + .cra_u.ablkcipher = { + .min_keysize = 3 * DES_KEY_SIZE, + .max_keysize = 3 * DES_KEY_SIZE, + .ivsize = DES_BLOCK_SIZE, + .setkey = sa_3des_ecb_setkey, + .encrypt = sa_aes_cbc_encrypt, + .decrypt = sa_aes_cbc_decrypt, + } + } + }, /* AEAD algorithms */ {.type = CRYPTO_ALG_TYPE_AEAD, .alg.aead = { From patchwork Tue Jun 18 12:08:43 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J, KEERTHY" X-Patchwork-Id: 11001501 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 94B29924 for ; Tue, 18 Jun 2019 12:12:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 84C5928A62 for ; Tue, 18 Jun 2019 12:12:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7258D28A77; Tue, 18 Jun 2019 12:12:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 0D58028A6C for ; Tue, 18 Jun 2019 12:12:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=+A4kau+S4oefvf0Qnwuq1QUUE3Kug8VhEdo+iVt2V4k=; b=A8oozY5gvScjxM kLw07qtkZqY6UBedMbxWICUdxKd3EEFmsIn0Rj6wQBvQnCoGKvjHvSAQqZuYqLak2pA3xWcp9P0Lh PuFXYTzAFvpg1qBlcALxzhcNrN23uQb0D0n3BWi8rTxyjA7G2OPy2XyOFuapmnkBsLKmA+rDWlmwC T1yc5UlPtBwO+qyDhxF+Ef8H2Z/mYC2O8bK+3LPxNxaJhXKQNzP/dz5K8YAogRHVia6nj0Jrhs6g1 iX18dTmwmjaZIWkMgq7lRoxxD6HH92gTo+6LuoZt0EBWrLeS0+1QVbOXgAi08rdi5pHGLqF5RMV0k VRuAUVrqYKXlzZYoTKTw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hdCyr-0007N2-9e; Tue, 18 Jun 2019 12:12:53 +0000 Received: from lelv0142.ext.ti.com ([198.47.23.249]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hdCvG-0003Fy-7M for linux-arm-kernel@lists.infradead.org; Tue, 18 Jun 2019 12:09:12 +0000 Received: from lelv0266.itg.ti.com ([10.180.67.225]) by lelv0142.ext.ti.com (8.15.2/8.15.2) with ESMTP id x5IC8gKT077794; Tue, 18 Jun 2019 07:08:42 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1560859722; bh=y47Dmxqdu2axu8XFuL5chdma5kAOZBKLQnnNccav38w=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=IQhdQ+2Z3U5v56HD2juwKT/dltQ32THHc0U2z3pBTiYv41L1M35iaFwsK/eMQ7XMj hyVMrOUvZLfQiacARHH18TKSnon1IQipeOJOEI8hrf0g8/ZYj8ux+OX+xiqDWw98Iy 35JvtEXGFC2nXekNoApPJ5uvyAjy6Ie9jkyPt5HI= Received: from DLEE104.ent.ti.com (dlee104.ent.ti.com [157.170.170.34]) by lelv0266.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x5IC8fAB044902 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Jun 2019 07:08:42 -0500 Received: from DLEE107.ent.ti.com (157.170.170.37) by DLEE104.ent.ti.com (157.170.170.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 18 Jun 2019 07:08:41 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DLEE107.ent.ti.com (157.170.170.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5 via Frontend Transport; Tue, 18 Jun 2019 07:08:41 -0500 Received: from a0393675ula.india.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id x5IC89Gi080327; Tue, 18 Jun 2019 07:08:39 -0500 From: Keerthy To: , , Subject: [PATCH 10/10] arm64: dts: k3-am6: Add crypto accelarator node Date: Tue, 18 Jun 2019 17:38:43 +0530 Message-ID: <20190618120843.18777-11-j-keerthy@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190618120843.18777-1-j-keerthy@ti.com> References: <20190618120843.18777-1-j-keerthy@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190618_050910_579553_318C26F6 X-CRM114-Status: GOOD ( 11.92 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nm@ti.com, devicetree@vger.kernel.org, j-keerthy@ti.com, linux-kernel@vger.kernel.org, t-kristo@ti.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Add crypto accelarator node. Define the psil specific config node as well. This can be used in Packet Mode alone. Signed-off-by: Keerthy --- arch/arm64/boot/dts/ti/k3-am65-main.dtsi | 33 ++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/arch/arm64/boot/dts/ti/k3-am65-main.dtsi b/arch/arm64/boot/dts/ti/k3-am65-main.dtsi index 91ca5bfeefc2..5e4f9ec39f01 100644 --- a/arch/arm64/boot/dts/ti/k3-am65-main.dtsi +++ b/arch/arm64/boot/dts/ti/k3-am65-main.dtsi @@ -91,6 +91,39 @@ power-domains = <&k3_pds 148>; }; + crypto: crypto@4E00000 { + compatible = "ti,sa2ul-crypto"; + label = "crypto-aes-gbe"; + reg = <0x0 0x4E00000 0x0 0x1200>; + + status = "okay"; + ti,psil-base = <0x4000>; + + /* tx: crypto_pnp-1, rx: crypto_pnp-1 */ + dmas = <&main_udmap &crypto 0 UDMA_DIR_TX>, + <&main_udmap &crypto 0 UDMA_DIR_RX>, + <&main_udmap &crypto 1 UDMA_DIR_RX>; + dma-names = "tx", "rx1", "rx2"; + + ti,psil-config0 { + linux,udma-mode = ; + ti,needs-epib; + ti,psd-size = <64>; + }; + + ti,psil-config1 { + linux,udma-mode = ; + ti,needs-epib; + ti,psd-size = <64>; + }; + + ti,psil-config2 { + linux,udma-mode = ; + ti,needs-epib; + ti,psd-size = <64>; + }; + }; + main_pmx0: pinmux@11c000 { compatible = "pinctrl-single"; reg = <0x0 0x11c000 0x0 0x2e4>;